rpms/shadow-utils
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Add a patch to obtain random bytes from /dev/urandom

Browse Source 
Signed-off-by: Björn Esser <besser82@fedoraproject.org>
This commit is contained in:
Björn Esser 2021-06-23 22:22:04 +02:00
parent 1b6e097b0e
commit bace2f8c6b
No known key found for this signature in database
GPG Key ID: F52E98007594C21D
2 changed files with 118 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
shadow-4.8.1-salt_c_use_dev_urandom.patch Normal file
View File

@ -0,0 +1,114 @@
From bc8257cf73328e450511b13cbd35e1994feccb30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Wed, 23 Jun 2021 16:06:47 +0200
Subject: [PATCH] libmisc/salt.c: Obtain random bytes from /dev/urandom.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Using the random() function to obtain pseudo-random bytes
for generating salt strings is considered to be dangerous.
See CWE-327.
We really should use a more reliable source for obtaining
pseudo-random bytes like /dev/urandom.
Fixes #376.
Signed-off-by: Björn Esser <besser82@fedoraproject.org>
---
libmisc/salt.c | 45 ++++++++++++++++++++++++---------------------
1 file changed, 24 insertions(+), 21 deletions(-)
diff --git a/libmisc/salt.c b/libmisc/salt.c
index e17093fc..af9f011f 100644
--- a/libmisc/salt.c
+++ b/libmisc/salt.c
@@ -11,11 +11,10 @@
#ident "$Id$"
-#include <sys/time.h>
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
@@ -74,7 +73,7 @@
#define GENSALT_SETTING_SIZE 100
/* local function prototypes */
-static void seedRNG (void);
+static long read_random_bytes (void);
static /*@observer@*/const char *gensalt (size_t salt_size);
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT)
static long shadow_random (long min, long max);
@@ -125,23 +124,27 @@ static /*@observer@*/char *l64a (long value)
}
#endif /* !HAVE_L64A */
-static void seedRNG (void)
+/* Read sizeof (long) random bytes from /dev/urandom. */
+static long read_random_bytes (void)
{
- struct timeval tv;
- static int seeded = 0;
+ long randval = 0;
+ FILE *f = fopen ("/dev/urandom", "r");
- if (0 == seeded) {
- (void) gettimeofday (&tv, NULL);
- srandom (tv.tv_sec ^ tv.tv_usec ^ getpid ());
- seeded = 1;
+ if (fread (&randval, sizeof (randval), 1, f) != sizeof (randval))
+ {
+ fprintf (shadow_logfd,
+ _("Unable to read from /dev/urandom.\n"));
+
+ fclose(f);
+ exit (1);
}
+
+ fclose(f);
+
+ return randval;
}
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT)
-/* It is not clear what is the maximum value of random().
- * We assume 2^31-1.*/
-#define RANDOM_MAX 0x7FFFFFFF
-
/*
* Return a random number between min and max (both included).
*
@@ -151,8 +154,9 @@ static long shadow_random (long min, long max)
{
double drand;
long ret;
- seedRNG ();
- drand = (double) (max - min + 1) * random () / RANDOM_MAX;
+
+ drand = (double) (read_random_bytes () & RAND_MAX) / (double) RAND_MAX;
+ drand *= (double) (max - min + 1);
/* On systems were this is not random() range is lower, we favor
* higher numbers of salt. */
ret = (long) (max + 1 - drand);
@@ -354,10 +358,9 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
assert (salt_size >= MIN_SALT_SIZE &&
salt_size <= MAX_SALT_SIZE);
- seedRNG ();
- strcat (salt, l64a (random()));
+ strcat (salt, l64a (read_random_bytes ()));
do {
- strcat (salt, l64a (random()));
+ strcat (salt, l64a (read_random_bytes ()));
} while (strlen (salt) < salt_size);
salt[salt_size] = '\0';

4
shadow-utils.spec
View File

@ -112,6 +112,8 @@ Patch61: shadow-4.8.1-fix_bcrypt_prefix.patch
Patch62: shadow-4.8.1-salt_c_sanitize_code.patch Patch62: shadow-4.8.1-salt_c_sanitize_code.patch
# https://github.com/shadow-maint/shadow/commit/dbf230e4cf823dd6b6a3bad6d29dfad4f0ffa8fc # https://github.com/shadow-maint/shadow/commit/dbf230e4cf823dd6b6a3bad6d29dfad4f0ffa8fc
Patch63: shadow-4.8.1-salt_c_comments.patch Patch63: shadow-4.8.1-salt_c_comments.patch
# https://github.com/shadow-maint/shadow/commit/bc8257cf73328e450511b13cbd35e1994feccb30
Patch64: shadow-4.8.1-salt_c_use_dev_urandom.patch
License: BSD and GPLv2+ License: BSD and GPLv2+
BuildRequires: make BuildRequires: make
@ -200,6 +202,7 @@ Development files for shadow-utils-subid.
%patch61 -p1 -b .bcrypt_prefix %patch61 -p1 -b .bcrypt_prefix
%patch62 -p1 -b .sanitize_code %patch62 -p1 -b .sanitize_code
%patch63 -p1 -b .comments %patch63 -p1 -b .comments
%patch64 -p1 -b .use_dev_urandom
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO cp -f doc/HOWTO.utf8 doc/HOWTO
@ -373,6 +376,7 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
- Add a patch to fix the used prefix for the bcrypt hash method - Add a patch to fix the used prefix for the bcrypt hash method
- Add a patch to cleanup the code in libmisc/salt.c - Add a patch to cleanup the code in libmisc/salt.c
- Add a patch adding some clarifying comments in libmisc/salt.c - Add a patch adding some clarifying comments in libmisc/salt.c
- Add a patch to obtain random bytes from /dev/urandom
* Mon Jun 28 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.8.1-13 * Mon Jun 28 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.8.1-13
- Covscan fixes - Covscan fixes