nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 14:23:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add wrappers function for libc random()

Browse Source 
On windows, it's called something different.
This commit is contained in:
Nick Mathewson 2010-11-29 15:53:33 -05:00
parent 0eafe23ff3
commit 89e97bdf94
4 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/common/compat.c
View File

@ -1679,6 +1679,30 @@ tor_lookup_hostname(const char *name, uint32_t *addr)
return -1; return -1;
} }
/** Initialize the insecure libc RNG. */
void
tor_init_weak_random(unsigned seed)
{
#ifdef MS_WINDOWS
srand(seed);
#else
srandom(seed);
#endif
}
/** Return a randomly chosen value in the range 0..TOR_RAND_MAX. This
* entropy will not be cryptographically strong; do not rely on it
* for anything an adversary should not be able to predict. */
long
tor_weak_random(void)
{
#ifdef MS_WINDOWS
return rand();
#else
return random();
#endif
}
/** Hold the result of our call to <b>uname</b>. */ /** Hold the result of our call to <b>uname</b>. */
static char uname_result[256]; static char uname_result[256];
/** True iff uname_result is set. */ /** True iff uname_result is set. */

5
src/common/compat.h
View File

@ -480,6 +480,11 @@ typedef enum {
SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08, SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08,
} socks5_reply_status_t; } socks5_reply_status_t;
/* ===== Insecure rng */
void tor_init_weak_random(unsigned seed);
long tor_weak_random(void);
#define TOR_RAND_MAX (RAND_MAX)
/* ===== OS compatibility */ /* ===== OS compatibility */
const char *get_uname(void); const char *get_uname(void);

10
src/common/crypto.c
View File

@ -1935,6 +1935,14 @@ crypto_dh_free(crypto_dh_env_t *dh)
OPENSSL_VERSION_NUMBER <= 0x00907fffl) || \ OPENSSL_VERSION_NUMBER <= 0x00907fffl) || \
(OPENSSL_VERSION_NUMBER >= 0x0090803fl)) (OPENSSL_VERSION_NUMBER >= 0x0090803fl))
static void
seed_weak_rng(void)
{
unsigned seed;
crypto_rand((void*)&seed, sizeof(seed));
tor_init_weak_random(seed);
}
/** Seed OpenSSL's random number generator with bytes from the operating /** Seed OpenSSL's random number generator with bytes from the operating
* system. <b>startup</b> should be true iff we have just started Tor and * system. <b>startup</b> should be true iff we have just started Tor and
* have not yet allocated a bunch of fds. Return 0 on success, -1 on failure. * have not yet allocated a bunch of fds. Return 0 on success, -1 on failure.
@ -1985,6 +1993,7 @@ crypto_seed_rng(int startup)
} }
RAND_seed(buf, sizeof(buf)); RAND_seed(buf, sizeof(buf));
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));
seed_weak_rng();
return 0; return 0;
#else #else
for (i = 0; filenames[i]; ++i) { for (i = 0; filenames[i]; ++i) {
@ -2001,6 +2010,7 @@ crypto_seed_rng(int startup)
} }
RAND_seed(buf, (int)sizeof(buf)); RAND_seed(buf, (int)sizeof(buf));
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));
seed_weak_rng();
return 0; return 0;
} }

2
src/or/relay.c
View File

@ -1517,7 +1517,7 @@ circuit_resume_edge_reading_helper(edge_connection_t *first_conn,
* don't need cryptographic randomness here. */ * don't need cryptographic randomness here. */
for (conn = first_conn; conn; conn = conn->next_stream) { for (conn = first_conn; conn; conn = conn->next_stream) {
num_streams++; num_streams++;
if ((random() % num_streams)==0) if ((tor_weak_random() % num_streams)==0)
chosen_stream = conn; chosen_stream = conn;
/* Invariant: chosen_stream has been chosen uniformly at random from among /* Invariant: chosen_stream has been chosen uniformly at random from among
* the first num_streams streams on first_conn. */ * the first num_streams streams on first_conn. */