Replaced usage of random() with xs_rnd_buf().

This commit is contained in:
default 2023-06-05 18:29:25 +02:00
parent e788a5bf8f
commit fafdbbf815
6 changed files with 102 additions and 23 deletions

View file

@ -37,19 +37,20 @@ activitypub.o: activitypub.c xs.h xs_json.h xs_curl.h xs_mime.h \
xs_openssl.h xs_regex.h xs_time.h xs_set.h snac.h xs_openssl.h xs_regex.h xs_time.h xs_set.h snac.h
data.o: data.c xs.h xs_io.h xs_json.h xs_openssl.h xs_glob.h xs_set.h \ data.o: data.c xs.h xs_io.h xs_json.h xs_openssl.h xs_glob.h xs_set.h \
xs_time.h snac.h xs_time.h snac.h
format.o: format.c xs.h xs_regex.h snac.h format.o: format.c xs.h xs_regex.h xs_mime.h snac.h
html.o: html.c xs.h xs_io.h xs_json.h xs_regex.h xs_set.h xs_openssl.h \ html.o: html.c xs.h xs_io.h xs_json.h xs_regex.h xs_set.h xs_openssl.h \
xs_time.h xs_mime.h snac.h xs_time.h xs_mime.h snac.h
http.o: http.c xs.h xs_io.h xs_openssl.h xs_curl.h xs_time.h xs_json.h \ http.o: http.c xs.h xs_io.h xs_openssl.h xs_curl.h xs_time.h xs_json.h \
snac.h snac.h
httpd.o: httpd.c xs.h xs_io.h xs_json.h xs_socket.h xs_httpd.h xs_mime.h \ httpd.o: httpd.c xs.h xs_io.h xs_json.h xs_socket.h xs_httpd.h xs_mime.h \
xs_time.h snac.h xs_time.h xs_openssl.h snac.h
main.o: main.c xs.h xs_io.h xs_json.h snac.h main.o: main.c xs.h xs_io.h xs_json.h snac.h
mastoapi.o: mastoapi.c xs.h xs_openssl.h xs_json.h xs_io.h xs_time.h \ mastoapi.o: mastoapi.c xs.h xs_openssl.h xs_json.h xs_io.h xs_time.h \
xs_glob.h xs_set.h snac.h xs_glob.h xs_set.h xs_random.h snac.h
snac.o: snac.c xs.h xs_io.h xs_unicode.h xs_json.h xs_curl.h xs_openssl.h \ snac.o: snac.c xs.h xs_io.h xs_unicode.h xs_json.h xs_curl.h xs_openssl.h \
xs_socket.h xs_httpd.h xs_mime.h xs_regex.h xs_set.h xs_time.h xs_glob.h \ xs_socket.h xs_httpd.h xs_mime.h xs_regex.h xs_set.h xs_time.h xs_glob.h \
snac.h xs_random.h snac.h
upgrade.o: upgrade.c xs.h xs_io.h xs_json.h xs_glob.h snac.h upgrade.o: upgrade.c xs.h xs_io.h xs_json.h xs_glob.h snac.h
utils.o: utils.c xs.h xs_io.h xs_json.h xs_time.h xs_openssl.h snac.h utils.o: utils.c xs.h xs_io.h xs_json.h xs_time.h xs_openssl.h \
xs_random.h snac.h
webfinger.o: webfinger.c xs.h xs_json.h xs_curl.h snac.h webfinger.o: webfinger.c xs.h xs_json.h xs_curl.h snac.h

View file

@ -10,6 +10,7 @@
#include "xs_time.h" #include "xs_time.h"
#include "xs_glob.h" #include "xs_glob.h"
#include "xs_set.h" #include "xs_set.h"
#include "xs_random.h"
#include "snac.h" #include "snac.h"
@ -17,19 +18,8 @@ static xs_str *random_str(void)
/* just what is says in the tin */ /* just what is says in the tin */
{ {
unsigned int data[4] = {0}; unsigned int data[4] = {0};
FILE *f;
if ((f = fopen("/dev/random", "r")) != NULL) {
fread(data, sizeof(data), 1, f);
fclose(f);
}
else {
data[0] = random() % 0xffffffff;
data[1] = random() % 0xffffffff;
data[2] = random() % 0xffffffff;
data[3] = random() % 0xffffffff;
}
xs_rnd_buf(data, sizeof(data));
return xs_hex_enc((char *)data, sizeof(data)); return xs_hex_enc((char *)data, sizeof(data));
} }

5
snac.c
View file

@ -16,6 +16,7 @@
#include "xs_set.h" #include "xs_set.h"
#include "xs_time.h" #include "xs_time.h"
#include "xs_glob.h" #include "xs_glob.h"
#include "xs_random.h"
#include "snac.h" #include "snac.h"
@ -122,7 +123,9 @@ xs_str *hash_password(const char *uid, const char *passwd, const char *nonce)
xs *hash; xs *hash;
if (nonce == NULL) { if (nonce == NULL) {
d_nonce = xs_fmt("%08x", random()); unsigned int r;
xs_rnd_buf(&r, sizeof(r));
d_nonce = xs_fmt("%08x", r);
nonce = d_nonce; nonce = d_nonce;
} }

View file

@ -6,6 +6,7 @@
#include "xs_json.h" #include "xs_json.h"
#include "xs_time.h" #include "xs_time.h"
#include "xs_openssl.h" #include "xs_openssl.h"
#include "xs_random.h"
#include "snac.h" #include "snac.h"
@ -204,10 +205,7 @@ void new_password(const char *uid, d_char **clear_pwd, d_char **hashed_pwd)
{ {
int rndbuf[3]; int rndbuf[3];
srandom(time(NULL) ^ getpid()); xs_rnd_buf(rndbuf, sizeof(rndbuf));
rndbuf[0] = random() & 0xffffffff;
rndbuf[1] = random() & 0xffffffff;
rndbuf[2] = random() & 0xffffffff;
*clear_pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf)); *clear_pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf));
*hashed_pwd = hash_password(uid, *clear_pwd, NULL); *hashed_pwd = hash_password(uid, *clear_pwd, NULL);

87
xs_random.h Normal file
View file

@ -0,0 +1,87 @@
/* copyright (c) 2022 - 2023 grunfink / MIT license */
#ifndef _XS_RANDOM_H
#define _XS_RANDOM_H
unsigned int xs_rnd_int32_d(unsigned int *seed);
void *xs_rnd_buf(void *buf, int size);
#ifdef XS_IMPLEMENTATION
#include <stdio.h>
#include <sys/time.h>
#include <unistd.h>
#include <stdlib.h>
unsigned int xs_rnd_int32_d(unsigned int *seed)
/* returns a deterministic random integer. If seed is NULL, uses a static one */
{
static unsigned int s = 0;
if (seed == NULL)
seed = &s;
if (*seed == 0) {
struct timeval tv;
gettimeofday(&tv, NULL);
*seed = tv.tv_sec ^ tv.tv_usec ^ getpid();
}
/* Linear congruential generator by Numerical Recipes */
*seed = (*seed * 1664525) + 1013904223;
return *seed;
}
void *xs_rnd_buf(void *buf, int size)
/* fills buf with random data */
{
#ifdef __OpenBSD__
/* available since OpenBSD 2.2 */
arc4random_buf(buf, size);
#else
FILE *f;
int done = 0;
if ((f = fopen("/dev/urandom", "r")) != NULL) {
/* fill with great random data from the system */
if (fread(buf, size, 1, f) == 1)
done = 1;
fclose(f);
}
if (!done) {
/* fill the buffer with poor quality, deterministic data */
unsigned int s = 0;
unsigned char *p = (unsigned char *)buf;
int n = size / sizeof(s);
/* fill with full integers */
while (n--) {
xs_rnd_int32_d(&s);
p = memcpy(p, &s, sizeof(s)) + sizeof(s);
}
if ((n = size % sizeof(s))) {
/* fill the remaining */
xs_rnd_int32_d(&s);
memcpy(p, &s, n);
}
}
#endif /* __OpenBSD__ */
return buf;
}
#endif /* XS_IMPLEMENTATION */
#endif /* XS_RANDOM_H */

View file

@ -1 +1 @@
/* 3588cbb7859917f1c5965254f8a53c3349c773ea */ /* 5c255b45c8cd5d6c01c983b03e635936db12da03 */