mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-14 17:45:04 +00:00
Replaced usage of random() with xs_rnd_buf().
This commit is contained in:
parent
e788a5bf8f
commit
fafdbbf815
6 changed files with 102 additions and 23 deletions
11
Makefile
11
Makefile
|
@ -37,19 +37,20 @@ activitypub.o: activitypub.c xs.h xs_json.h xs_curl.h xs_mime.h \
|
|||
xs_openssl.h xs_regex.h xs_time.h xs_set.h snac.h
|
||||
data.o: data.c xs.h xs_io.h xs_json.h xs_openssl.h xs_glob.h xs_set.h \
|
||||
xs_time.h snac.h
|
||||
format.o: format.c xs.h xs_regex.h snac.h
|
||||
format.o: format.c xs.h xs_regex.h xs_mime.h snac.h
|
||||
html.o: html.c xs.h xs_io.h xs_json.h xs_regex.h xs_set.h xs_openssl.h \
|
||||
xs_time.h xs_mime.h snac.h
|
||||
http.o: http.c xs.h xs_io.h xs_openssl.h xs_curl.h xs_time.h xs_json.h \
|
||||
snac.h
|
||||
httpd.o: httpd.c xs.h xs_io.h xs_json.h xs_socket.h xs_httpd.h xs_mime.h \
|
||||
xs_time.h snac.h
|
||||
xs_time.h xs_openssl.h snac.h
|
||||
main.o: main.c xs.h xs_io.h xs_json.h snac.h
|
||||
mastoapi.o: mastoapi.c xs.h xs_openssl.h xs_json.h xs_io.h xs_time.h \
|
||||
xs_glob.h xs_set.h snac.h
|
||||
xs_glob.h xs_set.h xs_random.h snac.h
|
||||
snac.o: snac.c xs.h xs_io.h xs_unicode.h xs_json.h xs_curl.h xs_openssl.h \
|
||||
xs_socket.h xs_httpd.h xs_mime.h xs_regex.h xs_set.h xs_time.h xs_glob.h \
|
||||
snac.h
|
||||
xs_random.h snac.h
|
||||
upgrade.o: upgrade.c xs.h xs_io.h xs_json.h xs_glob.h snac.h
|
||||
utils.o: utils.c xs.h xs_io.h xs_json.h xs_time.h xs_openssl.h snac.h
|
||||
utils.o: utils.c xs.h xs_io.h xs_json.h xs_time.h xs_openssl.h \
|
||||
xs_random.h snac.h
|
||||
webfinger.o: webfinger.c xs.h xs_json.h xs_curl.h snac.h
|
||||
|
|
14
mastoapi.c
14
mastoapi.c
|
@ -10,6 +10,7 @@
|
|||
#include "xs_time.h"
|
||||
#include "xs_glob.h"
|
||||
#include "xs_set.h"
|
||||
#include "xs_random.h"
|
||||
|
||||
#include "snac.h"
|
||||
|
||||
|
@ -17,19 +18,8 @@ static xs_str *random_str(void)
|
|||
/* just what is says in the tin */
|
||||
{
|
||||
unsigned int data[4] = {0};
|
||||
FILE *f;
|
||||
|
||||
if ((f = fopen("/dev/random", "r")) != NULL) {
|
||||
fread(data, sizeof(data), 1, f);
|
||||
fclose(f);
|
||||
}
|
||||
else {
|
||||
data[0] = random() % 0xffffffff;
|
||||
data[1] = random() % 0xffffffff;
|
||||
data[2] = random() % 0xffffffff;
|
||||
data[3] = random() % 0xffffffff;
|
||||
}
|
||||
|
||||
xs_rnd_buf(data, sizeof(data));
|
||||
return xs_hex_enc((char *)data, sizeof(data));
|
||||
}
|
||||
|
||||
|
|
5
snac.c
5
snac.c
|
@ -16,6 +16,7 @@
|
|||
#include "xs_set.h"
|
||||
#include "xs_time.h"
|
||||
#include "xs_glob.h"
|
||||
#include "xs_random.h"
|
||||
|
||||
#include "snac.h"
|
||||
|
||||
|
@ -122,7 +123,9 @@ xs_str *hash_password(const char *uid, const char *passwd, const char *nonce)
|
|||
xs *hash;
|
||||
|
||||
if (nonce == NULL) {
|
||||
d_nonce = xs_fmt("%08x", random());
|
||||
unsigned int r;
|
||||
xs_rnd_buf(&r, sizeof(r));
|
||||
d_nonce = xs_fmt("%08x", r);
|
||||
nonce = d_nonce;
|
||||
}
|
||||
|
||||
|
|
6
utils.c
6
utils.c
|
@ -6,6 +6,7 @@
|
|||
#include "xs_json.h"
|
||||
#include "xs_time.h"
|
||||
#include "xs_openssl.h"
|
||||
#include "xs_random.h"
|
||||
|
||||
#include "snac.h"
|
||||
|
||||
|
@ -204,10 +205,7 @@ void new_password(const char *uid, d_char **clear_pwd, d_char **hashed_pwd)
|
|||
{
|
||||
int rndbuf[3];
|
||||
|
||||
srandom(time(NULL) ^ getpid());
|
||||
rndbuf[0] = random() & 0xffffffff;
|
||||
rndbuf[1] = random() & 0xffffffff;
|
||||
rndbuf[2] = random() & 0xffffffff;
|
||||
xs_rnd_buf(rndbuf, sizeof(rndbuf));
|
||||
|
||||
*clear_pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf));
|
||||
*hashed_pwd = hash_password(uid, *clear_pwd, NULL);
|
||||
|
|
87
xs_random.h
Normal file
87
xs_random.h
Normal file
|
@ -0,0 +1,87 @@
|
|||
/* copyright (c) 2022 - 2023 grunfink / MIT license */
|
||||
|
||||
#ifndef _XS_RANDOM_H
|
||||
|
||||
#define _XS_RANDOM_H
|
||||
|
||||
unsigned int xs_rnd_int32_d(unsigned int *seed);
|
||||
void *xs_rnd_buf(void *buf, int size);
|
||||
|
||||
#ifdef XS_IMPLEMENTATION
|
||||
|
||||
#include <stdio.h>
|
||||
#include <sys/time.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
unsigned int xs_rnd_int32_d(unsigned int *seed)
|
||||
/* returns a deterministic random integer. If seed is NULL, uses a static one */
|
||||
{
|
||||
static unsigned int s = 0;
|
||||
|
||||
if (seed == NULL)
|
||||
seed = &s;
|
||||
|
||||
if (*seed == 0) {
|
||||
struct timeval tv;
|
||||
|
||||
gettimeofday(&tv, NULL);
|
||||
*seed = tv.tv_sec ^ tv.tv_usec ^ getpid();
|
||||
}
|
||||
|
||||
/* Linear congruential generator by Numerical Recipes */
|
||||
*seed = (*seed * 1664525) + 1013904223;
|
||||
|
||||
return *seed;
|
||||
}
|
||||
|
||||
|
||||
void *xs_rnd_buf(void *buf, int size)
|
||||
/* fills buf with random data */
|
||||
{
|
||||
#ifdef __OpenBSD__
|
||||
|
||||
/* available since OpenBSD 2.2 */
|
||||
arc4random_buf(buf, size);
|
||||
|
||||
#else
|
||||
|
||||
FILE *f;
|
||||
int done = 0;
|
||||
|
||||
if ((f = fopen("/dev/urandom", "r")) != NULL) {
|
||||
/* fill with great random data from the system */
|
||||
if (fread(buf, size, 1, f) == 1)
|
||||
done = 1;
|
||||
|
||||
fclose(f);
|
||||
}
|
||||
|
||||
if (!done) {
|
||||
/* fill the buffer with poor quality, deterministic data */
|
||||
unsigned int s = 0;
|
||||
unsigned char *p = (unsigned char *)buf;
|
||||
int n = size / sizeof(s);
|
||||
|
||||
/* fill with full integers */
|
||||
while (n--) {
|
||||
xs_rnd_int32_d(&s);
|
||||
p = memcpy(p, &s, sizeof(s)) + sizeof(s);
|
||||
}
|
||||
|
||||
if ((n = size % sizeof(s))) {
|
||||
/* fill the remaining */
|
||||
xs_rnd_int32_d(&s);
|
||||
memcpy(p, &s, n);
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* __OpenBSD__ */
|
||||
|
||||
return buf;
|
||||
}
|
||||
|
||||
|
||||
#endif /* XS_IMPLEMENTATION */
|
||||
|
||||
#endif /* XS_RANDOM_H */
|
|
@ -1 +1 @@
|
|||
/* 3588cbb7859917f1c5965254f8a53c3349c773ea */
|
||||
/* 5c255b45c8cd5d6c01c983b03e635936db12da03 */
|
||||
|
|
Loading…
Reference in a new issue