diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index 055f67673a81..150c71c7b016 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pw_user.c,v 1.1.1.3 1996/12/10 23:59:02 joerg Exp $ + * $Id: pw_user.c,v 1.2 1996/12/11 15:10:47 joerg Exp $ */ #include @@ -33,6 +33,10 @@ #include #include #include +#include +#include +#include +#include #include "pw.h" #include "bitmap.h" #include "pwupd.h" @@ -730,7 +734,7 @@ pw_pwcrypt(char *password) /* * Calculate a salt value */ - srandom((unsigned) (time(NULL) | getpid())); + srandom((unsigned) (time(NULL) ^ getpid())); for (i = 0; i < 8; i++) salt[i] = chars[random() % 63]; salt[i] = '\0'; @@ -738,19 +742,61 @@ pw_pwcrypt(char *password) return strcpy(buf, crypt(password, salt)); } +u_char * +pw_genmd5rand (u_char *d) /* cryptographically secure rng */ +{ + MD5_CTX md5_ctx; + struct timeval tv, tvo; + struct rusage ru; + int n=0; + int t; + MD5Init (&md5_ctx); + t=getpid(); + MD5Update (&md5_ctx, (u_char*)&t, sizeof t); + t=getppid(); + MD5Update (&md5_ctx, (u_char*)&t, sizeof t); + gettimeofday (&tvo, NULL); + do { + getrusage (RUSAGE_SELF, &ru); + MD5Update (&md5_ctx, (u_char*)&ru, sizeof ru); + gettimeofday (&tv, NULL); + MD5Update (&md5_ctx, (u_char*)&tv, sizeof tv); + } while (n++<20 || tv.tv_usec-tvo.tv_usec<100*1000); + MD5Final (d, &md5_ctx); + return d; +} + +static u_char * +pw_getrand(u_char *buf, int len) +{ + int fd; + fd = open("/dev/urandom", O_RDONLY); + if (!fd || read(fd, buf, len)!=len) { + int n; + for (n=0;ndefault_password) { case -1: /* Random password */ - srandom((unsigned) (time(NULL) | getpid())); + srandom((unsigned) (time(NULL) ^ getpid())); l = (random() % 8 + 8); /* 8 - 16 chars */ + pw_getrand(rndbuf, l); for (i = 0; i < l; i++) - pwbuf[i] = chars[random() % sizeof(chars)]; + pwbuf[i] = chars[rndbuf[i] % sizeof(chars)]; pwbuf[i] = '\0'; /*