Use better randomness
This commit is contained in:
parent
e7ded9d6b5
commit
3edaad9317
2 changed files with 12 additions and 5 deletions
9
main.go
9
main.go
|
|
@ -12,7 +12,7 @@ import (
|
|||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"math/rand"
|
||||
"crypto/rand"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
|
|
@ -264,7 +264,10 @@ func (server *Server) init() error {
|
|||
}
|
||||
|
||||
admin_pass := make([]byte, 8)
|
||||
rand.Read(admin_pass)
|
||||
_, err = rand.Read(admin_pass)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
admin_pass_str := base64.RawURLEncoding.EncodeToString(admin_pass)
|
||||
admin_pass_hash := SSHAEncode([]byte(admin_pass_str))
|
||||
|
||||
|
|
@ -286,7 +289,7 @@ func (server *Server) init() error {
|
|||
}
|
||||
|
||||
server.logger.Printf(
|
||||
"It seems to be a new installation, we created a default user for you:\n\n dn: %s\n password: %s\n\nWe didn't use true random, you should replace it as soon as possible.",
|
||||
"It seems to be a new installation, we created a default user for you:\n\n dn: %s\n password: %s\n\nWe recommend replacing it as soon as possible.",
|
||||
admin_dn,
|
||||
admin_pass_str,
|
||||
)
|
||||
|
|
|
|||
8
ssha.go
8
ssha.go
|
|
@ -1,11 +1,12 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"log"
|
||||
"bytes"
|
||||
"crypto/sha1"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"crypto/rand"
|
||||
)
|
||||
|
||||
// Encode encodes the []byte of raw password
|
||||
|
|
@ -38,7 +39,10 @@ func SSHAMatches(encodedPassPhrase string, rawPassPhrase []byte) bool {
|
|||
// makeSalt make a 32 byte array containing random bytes.
|
||||
func makeSalt() []byte {
|
||||
sbytes := make([]byte, 32)
|
||||
rand.Read(sbytes)
|
||||
_, err := rand.Read(sbytes)
|
||||
if err != nil {
|
||||
log.Panicf("Could not read random bytes: %s", err)
|
||||
}
|
||||
return sbytes
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue