66 lines
1.8 KiB
Diff
66 lines
1.8 KiB
Diff
From ff6cffa3feaaee11b1a9d27a7eada02fbd9890da Mon Sep 17 00:00:00 2001
|
|
From: xingwei<xingwei14@h-partners.com>
|
|
Date: Fri, 27 Aug 2021 17:27:24 +0800
|
|
Subject: [PATCH] replace random with RAND_priv_bytes
|
|
|
|
---
|
|
src/yppasswd.c | 19 ++++++++++++++++---
|
|
1 file changed, 16 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/yppasswd.c b/src/yppasswd.c
|
|
index aa7c8a1..ae356ad 100644
|
|
--- a/src/yppasswd.c
|
|
+++ b/src/yppasswd.c
|
|
@@ -44,6 +44,7 @@
|
|
#include <rpcsvc/yp_prot.h>
|
|
#include <rpcsvc/ypclnt.h>
|
|
#include <rpcsvc/yppasswd.h>
|
|
+#include <openssl/rand.h>
|
|
|
|
#ifndef _
|
|
#define _(String) gettext (String)
|
|
@@ -517,10 +518,11 @@ create_random_salt (char *salt, int num_chars)
|
|
{
|
|
int fd;
|
|
unsigned char c;
|
|
+ unsigned char buf;
|
|
int i;
|
|
int res;
|
|
|
|
- fd = open ("/dev/urandom", O_RDONLY);
|
|
+ fd = open ("/dev/random", O_RDONLY);
|
|
|
|
for (i = 0; i < num_chars; i++)
|
|
{
|
|
@@ -529,7 +531,18 @@ create_random_salt (char *salt, int num_chars)
|
|
res = read (fd, &c, 1);
|
|
|
|
if (res != 1)
|
|
- c = random ();
|
|
+ {
|
|
+ while (!RAND_status ())
|
|
+ {
|
|
+ RAND_seed (&buf, sizeof (buf));
|
|
+ }
|
|
+ if (RAND_priv_bytes (&buf, sizeof (buf)) != 1)
|
|
+ {
|
|
+ printf ( _("Failed to generate a random number.\n"));
|
|
+ break;
|
|
+ }
|
|
+ c = buf;
|
|
+ }
|
|
|
|
salt[i] = bin_to_ascii (c & 0x3f);
|
|
}
|
|
@@ -571,7 +584,7 @@ main (int argc, char **argv)
|
|
{
|
|
char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL;
|
|
int f_flag = 0, l_flag = 0, p_flag = 0, error, status;
|
|
- int hash_id = DES;
|
|
+ int hash_id = SHA_512;
|
|
char rounds[11] = "\0"; /* max length is '999999999$' */
|
|
struct yppasswd yppwd;
|
|
struct passwd *pwd;
|
|
--
|
|
2.27.0
|