List:Commits« Previous MessageNext Message »
From:Nirbhay Choubey Date:February 13 2012 12:04pm
Subject:bzr push into mysql-trunk branch (nirbhay.choubey:3746 to 3747) WL#5605
View as plain text  
 3747 Nirbhay Choubey	2012-02-13
      WL#5605 : Assert that MySQL uses an approved random
                number generator
      
      Reverted the changes done in pre-4.1 authentication
      methods as the old auth algorithm rely on seeded
      random number generator.

    modified:
      sql/password.c
 3746 Nirbhay Choubey	2012-02-10
      WL#5605 : Assert that MySQL uses an approved random
                number generator
      
      Added support for OpenSSL/yaSSL supplied PRNG to
      create_random_string method, which generates a
      random string to be used in MySQL authentication
      protocol.

    added:
      include/my_rnd.h
      sql/my_rnd.cc
    modified:
      libmysql/CMakeLists.txt
      sql/CMakeLists.txt
      sql/password.c
=== modified file 'sql/password.c'
--- a/sql/password.c	2012-02-10 08:20:50 +0000
+++ b/sql/password.c	2012-02-13 12:01:46 +0000
@@ -198,8 +198,8 @@ void scramble_323(char *to, const char *
     randominit(&rand_st,hash_pass[0] ^ hash_message[0],
                hash_pass[1] ^ hash_message[1]);
     for (; message < message_end; message++)
-      *to++= (char) (floor(my_rnd_ssl(&rand_st) * 31) + 64);
-    extra=(char) (floor(my_rnd_ssl(&rand_st) * 31));
+      *to++= (char) (floor(my_rnd(&rand_st)*31)+64);
+    extra=(char) (floor(my_rnd(&rand_st)*31));
     while (to_start != to)
       *(to_start++)^=extra;
   }
@@ -241,10 +241,10 @@ check_scramble_323(const unsigned char *
   to=buff;
   DBUG_ASSERT(sizeof(buff) > SCRAMBLE_LENGTH_323);
   for (pos=scrambled ; *pos && to < buff+sizeof(buff) ; pos++)
-    *to++=(char) (floor(my_rnd_ssl(&rand_st) * 31) + 64);
+    *to++=(char) (floor(my_rnd(&rand_st)*31)+64);
   if (pos-scrambled != SCRAMBLE_LENGTH_323)
     return 1;
-  extra=(char) (floor(my_rnd_ssl(&rand_st) * 31));
+  extra=(char) (floor(my_rnd(&rand_st)*31));
   to=buff;
   while (*scrambled)
   {

No bundle (reason: useless for push emails).
Thread
bzr push into mysql-trunk branch (nirbhay.choubey:3746 to 3747) WL#5605Nirbhay Choubey14 Feb