mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-27 06:59:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
767d5811b5
curl/lib/rand.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

293 lines
7.5 KiB
C
Raw Normal View History

Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
2023-01-02 20:51:48 +08:00
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
curl.se: new home Closes #6172
2020-11-04 21:02:01 +08:00
* are also available at https://curl.se/docs/copyright.html.
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
* SPDX-License-Identifier: curl
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
2022-05-17 17:16:50 +08:00
*
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
***************************************************************************/
#include "curl_setup.h"
misc: better random strings Generate alphanumerical random strings. Prior this change curl used to create random hex strings. This was mostly okay, but having alphanumerical random strings is better: The strings have more entropy in the same space. The MIME multipart boundary used to be mere 64-bits of randomness due to being 16 hex chars. With these changes the boundary is 22 alphanumerical chars, or little over 130 bits of randomness. Closes #11838
2023-09-12 18:51:21 +08:00
#include <limits.h>
rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header Closes #1285
2017-02-24 04:07:04 +08:00
#ifdef HAVE_FCNTL_H
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
#include <fcntl.h>
rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header Closes #1285
2017-02-24 04:07:04 +08:00
#endif
lib: connection filters (cfilter) addition to curl: - general construct/destroy in connectdata - default implementations of callback functions - connect: cfilters for connect and accept - socks: cfilter for socks proxying - http_proxy: cfilter for http proxy tunneling - vtls: cfilters for primary and proxy ssl - change in general handling of data/conn - Curl_cfilter_setup() sets up filter chain based on data settings, if none are installed by the protocol handler setup - Curl_cfilter_connect() boot straps filters into `connected` status, used by handlers and multi to reach further stages - Curl_cfilter_is_connected() to check if a conn is connected, e.g. all filters have done their work - Curl_cfilter_get_select_socks() gets the sockets and READ/WRITE indicators for multi select to work - Curl_cfilter_data_pending() asks filters if the have incoming data pending for recv - Curl_cfilter_recv()/Curl_cfilter_send are the general callbacks installed in conn->recv/conn->send for io handling - Curl_cfilter_attach_data()/Curl_cfilter_detach_data() inform filters and addition/removal of a `data` from their connection - adding vtl functions to prevent use of Curl_ssl globals directly in other parts of the code. Reviewed-by: Daniel Stenberg Closes #9855
2022-11-11 18:45:34 +08:00
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
#include <curl/curl.h>
trace: make tracing available in non-debug builds Add --trace-config to curl Add curl_global_trace() to libcurl Closes #11421
2023-08-03 23:32:25 +08:00
#include "urldata.h"
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
#include "vtls/vtls.h"
#include "sendf.h"
lib: connection filters (cfilter) addition to curl: - general construct/destroy in connectdata - default implementations of callback functions - connect: cfilters for connect and accept - socks: cfilter for socks proxying - http_proxy: cfilter for http proxy tunneling - vtls: cfilters for primary and proxy ssl - change in general handling of data/conn - Curl_cfilter_setup() sets up filter chain based on data settings, if none are installed by the protocol handler setup - Curl_cfilter_connect() boot straps filters into `connected` status, used by handlers and multi to reach further stages - Curl_cfilter_is_connected() to check if a conn is connected, e.g. all filters have done their work - Curl_cfilter_get_select_socks() gets the sockets and READ/WRITE indicators for multi select to work - Curl_cfilter_data_pending() asks filters if the have incoming data pending for recv - Curl_cfilter_recv()/Curl_cfilter_send are the general callbacks installed in conn->recv/conn->send for io handling - Curl_cfilter_attach_data()/Curl_cfilter_detach_data() inform filters and addition/removal of a `data` from their connection - adding vtl functions to prevent use of Curl_ssl globals directly in other parts of the code. Reviewed-by: Daniel Stenberg Closes #9855
2022-11-11 18:45:34 +08:00
#include "timeval.h"
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
#include "rand.h"
lib: provide and use Curl_hexencode Generates a lower case ASCII hex output from a binary input. Closes #11990
2023-09-30 00:06:49 +08:00
#include "escape.h"
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
#include "memdebug.h"
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. The agreement seems to be that `_WIN32` is the preferred practice here. Make the source code rely on that to detect we're building for Windows. Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for Windows detection, next to the official `_WIN32`. After this patch it only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`. There is a slight chance these break compatibility with Windows compilers that fail to define `_WIN32`. I'm not aware of any obsolete or modern compiler affected, but in case there is one, one possible solution is to define this macro manually. grepping for `WIN32` remains useful to discover Windows-specific code. Also: - extend `checksrc` to ensure we're not using `WIN32` anymore. - apply minor formatting here and there. - delete unnecessary checks for `!MSDOS` when `_WIN32` is present. Co-authored-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes #12376
2023-11-22 00:54:49 +08:00
#ifdef _WIN32
windows: improve random source - Use the Windows API to seed the fallback random generator. This ensures to always have a random seed, even when libcurl is built with a vtls backend lacking a random generator API, such as rustls (experimental), GSKit and certain mbedTLS builds, or, when libcurl is built without a TLS backend. We reuse the Windows-specific random function from the Schannel backend. - Implement support for `BCryptGenRandom()` [1] on Windows, as a replacement for the deprecated `CryptGenRandom()` [2] function. It is used as the secure random generator for Schannel, and also to provide entropy for libcurl's fallback random generator. The new function is supported on Vista and newer via its `bcrypt.dll`. It is used automatically when building for supported versions. It also works in UWP apps (the old function did not). - Clear entropy buffer before calling the Windows random generator. This avoids using arbitrary application memory as entropy (with `CryptGenRandom()`) and makes sure to return in a predictable state when an API call fails. [1] https://docs.microsoft.com/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom [2] https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom Closes #9027
2022-07-04 17:38:24 +08:00
windows: fix UWP builds, add GHA job Add new job to test building for UWP (aka `CURL_WINDOWS_APP`). Fix fallouts when building for UWP: - rand: do not use `BCryptGenRandom()`. - cmake: disable using win32 LDAP. - cmake: disable telnet. - version_win32: fix code before declaration. - schannel: disable `HAS_MANUAL_VERIFY_API`. - schannel: disable `SSLSUPP_PINNEDPUBKEY` and make `schannel_checksum()` a stub. Ref: e178fbd40a896f2098278ae61e1166c88e7b31d0 #1429 - schannel: make `cert_get_name_string()` a failing stub. - system_win32: make `Curl_win32_impersonating()` a failing stub. - system_win32: try to fix `Curl_win32_init()` (untested). - threads: fix to use `CreateThread()`. - src: disable searching `PATH` for the CA bundle. - src: disable bold text support and capability detection. - src: disable `getfiletime()`/`setfiletime()`. - tests: make `win32_load_system_library()` a failing stub. - tests/server/util: make it compile. - tests/server/sockfilt: make it compile. - tests/lib3026: fix to use `CreateThread()`. See individual commits for build error details. Some of these fixes may have better solutions, and some may not work as expected. The goal of this patch is to make curl build for UWP. Closes #13870
2024-06-04 05:06:56 +08:00
#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600 && \
!defined(CURL_WINDOWS_APP)
windows: improve random source - Use the Windows API to seed the fallback random generator. This ensures to always have a random seed, even when libcurl is built with a vtls backend lacking a random generator API, such as rustls (experimental), GSKit and certain mbedTLS builds, or, when libcurl is built without a TLS backend. We reuse the Windows-specific random function from the Schannel backend. - Implement support for `BCryptGenRandom()` [1] on Windows, as a replacement for the deprecated `CryptGenRandom()` [2] function. It is used as the secure random generator for Schannel, and also to provide entropy for libcurl's fallback random generator. The new function is supported on Vista and newer via its `bcrypt.dll`. It is used automatically when building for supported versions. It also works in UWP apps (the old function did not). - Clear entropy buffer before calling the Windows random generator. This avoids using arbitrary application memory as entropy (with `CryptGenRandom()`) and makes sure to return in a predictable state when an API call fails. [1] https://docs.microsoft.com/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom [2] https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom Closes #9027
2022-07-04 17:38:24 +08:00
# define HAVE_WIN_BCRYPTGENRANDOM
# include <bcrypt.h>
# ifdef _MSC_VER
# pragma comment(lib, "bcrypt.lib")
# endif
# ifndef BCRYPT_USE_SYSTEM_PREFERRED_RNG
# define BCRYPT_USE_SYSTEM_PREFERRED_RNG 0x00000002
# endif
# ifndef STATUS_SUCCESS
# define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
# endif
#elif defined(USE_WIN32_CRYPTO)
# include <wincrypt.h>
# ifdef _MSC_VER
# pragma comment(lib, "advapi32.lib")
# endif
#endif
CURLcode Curl_win32_random(unsigned char *entropy, size_t length)
{
memset(entropy, 0, length);
#if defined(HAVE_WIN_BCRYPTGENRANDOM)
if(BCryptGenRandom(NULL, entropy, (ULONG)length,
BCRYPT_USE_SYSTEM_PREFERRED_RNG) != STATUS_SUCCESS)
return CURLE_FAILED_INIT;
return CURLE_OK;
#elif defined(USE_WIN32_CRYPTO)
{
HCRYPTPROV hCryptProv = 0;
if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
return CURLE_FAILED_INIT;
if(!CryptGenRandom(hCryptProv, (DWORD)length, entropy)) {
CryptReleaseContext(hCryptProv, 0UL);
return CURLE_FAILED_INIT;
}
CryptReleaseContext(hCryptProv, 0UL);
}
return CURLE_OK;
#else
return CURLE_NOT_BUILT_IN;
#endif
}
#endif
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
static CURLcode randit(struct Curl_easy *data, unsigned int *rnd)
{
CURLcode result = CURLE_OK;
static unsigned int randseed;
static bool seeded = FALSE;
build: untangle `CURLDEBUG` and `DEBUGBUILD` macros `CURLDEBUG` is meant to enable memory tracking, but in a bunch of cases, it was protecting debug features that were supposed to be guarded with `DEBUGBUILD`. Replace these uses with `DEBUGBUILD`. This leaves `CURLDEBUG` uses solely for its intended purpose: to enable the memory tracking debug feature. Also: - autotools: rely on `DEBUGBUILD` to enable `checksrc`. Instead of `CURLDEBUG`, which worked in most cases because debug builds enable `CURLDEBUG` by default, but it's not accurate. - include `lib/easyif.h` instead of keeping a copy of a declaration. - add CI test jobs for the build issues discovered. Ref: https://github.com/curl/curl/pull/13694#issuecomment-2120311894 Closes #13718
2024-05-20 20:21:05 +08:00
#ifdef DEBUGBUILD
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
char *force_entropy = getenv("CURL_ENTROPY");
if(force_entropy) {
if(!seeded) {
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
unsigned int seed = 0;
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
size_t elen = strlen(force_entropy);
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
size_t clen = sizeof(seed);
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
size_t min = elen < clen ? elen : clen;
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
memcpy((char *)&seed, force_entropy, min);
randseed = ntohl(seed);
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
seeded = TRUE;
}
else
randseed++;
*rnd = randseed;
return CURLE_OK;
}
#endif
/* data may be NULL! */
randit: store the value in the buffer
2016-12-21 22:09:31 +08:00
result = Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd));
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
if(result != CURLE_NOT_BUILT_IN)
spelling fixes Closes #1356
2017-03-26 23:02:22 +08:00
/* only if there is no random function in the TLS backend do the non crypto
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
version, otherwise return result */
return result;
/* ---- non-cryptographic version following ---- */
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. The agreement seems to be that `_WIN32` is the preferred practice here. Make the source code rely on that to detect we're building for Windows. Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for Windows detection, next to the official `_WIN32`. After this patch it only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`. There is a slight chance these break compatibility with Windows compilers that fail to define `_WIN32`. I'm not aware of any obsolete or modern compiler affected, but in case there is one, one possible solution is to define this macro manually. grepping for `WIN32` remains useful to discover Windows-specific code. Also: - extend `checksrc` to ensure we're not using `WIN32` anymore. - apply minor formatting here and there. - delete unnecessary checks for `!MSDOS` when `_WIN32` is present. Co-authored-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes #12376
2023-11-22 00:54:49 +08:00
#ifdef _WIN32
windows: improve random source - Use the Windows API to seed the fallback random generator. This ensures to always have a random seed, even when libcurl is built with a vtls backend lacking a random generator API, such as rustls (experimental), GSKit and certain mbedTLS builds, or, when libcurl is built without a TLS backend. We reuse the Windows-specific random function from the Schannel backend. - Implement support for `BCryptGenRandom()` [1] on Windows, as a replacement for the deprecated `CryptGenRandom()` [2] function. It is used as the secure random generator for Schannel, and also to provide entropy for libcurl's fallback random generator. The new function is supported on Vista and newer via its `bcrypt.dll`. It is used automatically when building for supported versions. It also works in UWP apps (the old function did not). - Clear entropy buffer before calling the Windows random generator. This avoids using arbitrary application memory as entropy (with `CryptGenRandom()`) and makes sure to return in a predictable state when an API call fails. [1] https://docs.microsoft.com/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom [2] https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom Closes #9027
2022-07-04 17:38:24 +08:00
if(!seeded) {
result = Curl_win32_random((unsigned char *)rnd, sizeof(*rnd));
if(result != CURLE_NOT_BUILT_IN)
return result;
}
#endif
rand: fix build error with autotools + LibreSSL autotools unexpectedly detects `arc4random` because it is also looking into dependency libs. One dependency, LibreSSL, happens to publish an `arc4random` function (via its shared lib before v3.7, also via static lib as of v3.8.2). When trying to use this function in `lib/rand.c`, its protoype is missing. To fix that, curl included a prototype, but that used a C99 type without including `stdint.h`, causing: ``` ../../lib/rand.c:37:1: error: unknown type name 'uint32_t' 37 | uint32_t arc4random(void); | ^ 1 error generated. ``` This patch improves this by dropping the local prototype and instead limiting `arc4random` use for non-OpenSSL builds. OpenSSL builds provide their own random source anyway. The better fix would be to teach autotools to not link dependency libs while detecting `arc4random`. LibreSSL publishing a non-namespaced `arc4random` tracked here: https://github.com/libressl/portable/issues/928 Regression from 755ddbe901cd0c921fbc3ac5b3775c0dc683bc73 #10672 Reviewed-by: Daniel Stenberg Fixes #12257 Closes #12274
2023-11-06 07:27:55 +08:00
#if defined(HAVE_ARC4RANDOM) && !defined(USE_OPENSSL)
build: add more picky warnings and fix them Enable more picky compiler warnings. I've found these options in the nghttp3 project when implementing the CMake quick picky warning functionality for it [1]. `-Wunused-macros` was too noisy to keep around, but fixed a few issues it revealed while testing. - autotools: reflect the more precisely-versioned clang warnings. Follow-up to 033f8e2a08eb1d3102f08c4d8c8e85470f8b460e #12324 - autotools: sync between clang and gcc the way we set `no-multichar`. - autotools: avoid setting `-Wstrict-aliasing=3` twice. - autotools: disable `-Wmissing-noreturn` for MSYS gcc targets [2]. It triggers in libtool-generated stub code. - lib/timeval: delete a redundant `!MSDOS` guard from a `WIN32` branch. - lib/curl_setup.h: delete duplicate declaration for `fileno`. Added in initial commit ae1912cb0d494b48d514d937826c9fe83ec96c4d (1999-12-29). This suggests this may not be needed anymore, but if it does, we may restore this for those specific (non-Windows) systems. - lib: delete unused macro `FTP_BUFFER_ALLOCSIZE` since c1d6fe2aaa5a26e49a69a4f2495b3cc7a24d9394. - lib: delete unused macro `isxdigit_ascii` since f65f750742068f579f4ee6d8539ed9d5f0afcb85. - lib/mqtt: delete unused macro `MQTT_HEADER_LEN`. - lib/multi: delete unused macro `SH_READ`/`SH_WRITE`. - lib/hostip: add `noreturn` function attribute via new `CURL_NORETURN` macro. - lib/mprintf: delete duplicate declaration for `Curl_dyn_vprintf`. - lib/rand: fix `-Wunreachable-code` and related fallouts [3]. - lib/setopt: fix `-Wunreachable-code-break`. - lib/system_win32 and lib/timeval: fix double declarations for `Curl_freq` and `Curl_isVistaOrGreater` in CMake UNITY mode [4]. - lib/warnless: fix double declarations in CMake UNITY mode [5]. This was due to force-disabling the header guard of `warnless.h` to to reapply it to source code coming after `warnless.c` in UNITY builds. This reapplied declarations too, causing the warnings. Solved by adding a header guard for the lines that actually need to be reapplied. - lib/vauth/digest: fix `-Wunreachable-code-break` [6]. - lib/vssh/libssh2: fix `-Wunreachable-code-break` and delete redundant block. - lib/vtls/sectransp: fix `-Wunreachable-code-break` [7]. - lib/vtls/sectransp: suppress `-Wunreachable-code`. Detected in `else` branches of dynamic feature checks, with results known at compile-time, e.g. ```c if(SecCertificateCopySubjectSummary) /* -> true */ ``` Likely fixable as a separate micro-project, but given SecureTransport is deprecated anyway, let's just silence these locally. - src/tool_help: delete duplicate declaration for `helptext`. - src/tool_xattr: fix `-Wunreachable-code`. - tests: delete duplicate declaration for `unitfail` [8]. - tests: delete duplicate declaration for `strncasecompare`. - tests/libtest: delete duplicate declaration for `gethostname`. Originally added in 687df5c8c39c370a59999b9afc0917d808d978b7 (2010-08-02). Got complicated later: c49e9683b85ba9d12cbb6eebc4ab2c8dba68fbdc If there are still systems around with warnings, we may restore the prototype, but limited for those systems. - tests/lib2305: delete duplicate declaration for `libtest_debug_config`. - tests/h2-download: fix `-Wunreachable-code-break`. [1] https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056f8bf9f/cmake/PickyWarningsC.cmake [2] https://ci.appveyor.com/project/curlorg/curl/builds/48553586/job/3qkgjauiqla5fj45?fullLog=true#L1675 [3] https://github.com/curl/curl/actions/runs/6880886309/job/18716044703?pr=12331#step:7:72 https://github.com/curl/curl/actions/runs/6883016087/job/18722707368?pr=12331#step:7:109 [4] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrriklpf1ut#L204 [5] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrriklpf1ut#L218 [6] https://github.com/curl/curl/actions/runs/6880886309/job/18716042927?pr=12331#step:7:290 [7] https://github.com/curl/curl/actions/runs/6891484996/job/18746659406?pr=12331#step:9:1193 [8] https://github.com/curl/curl/actions/runs/6882803986/job/18722082562?pr=12331#step:33:1870 Closes #12331
2023-11-15 22:43:36 +08:00
if(!seeded) {
*rnd = (unsigned int)arc4random();
return CURLE_OK;
}
rand: use arc4random as fallback when available Normally curl uses cryptographically strong random provided by the selected SSL backend. If compiled without SSL support, a naive built-in function was used instead. Generally this was okay, but it will result in some downsides for non- SSL builds, such as predictable temporary file names. This change ensures that arc4random will be used instead, if available. Closes #10672
2023-03-04 15:02:14 +08:00
#endif
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. The agreement seems to be that `_WIN32` is the preferred practice here. Make the source code rely on that to detect we're building for Windows. Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for Windows detection, next to the official `_WIN32`. After this patch it only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`. There is a slight chance these break compatibility with Windows compilers that fail to define `_WIN32`. I'm not aware of any obsolete or modern compiler affected, but in case there is one, one possible solution is to define this macro manually. grepping for `WIN32` remains useful to discover Windows-specific code. Also: - extend `checksrc` to ensure we're not using `WIN32` anymore. - apply minor formatting here and there. - delete unnecessary checks for `!MSDOS` when `_WIN32` is present. Co-authored-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes #12376
2023-11-22 00:54:49 +08:00
#if defined(RANDOM_FILE) && !defined(_WIN32)
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
if(!seeded) {
code: language cleanup in comments Based on the standards and guidelines we use for our documentation. - expand contractions (they're => they are etc) - host name = > hostname - file name => filename - user name = username - man page => manpage - run-time => runtime - set-up => setup - back-end => backend - a HTTP => an HTTP - Two spaces after a period => one space after period Closes #14073
2024-07-01 22:47:21 +08:00
/* if there is a random file to read a seed from, use it */
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
int fd = open(RANDOM_FILE, O_RDONLY);
if(fd > -1) {
/* read random data into the randseed variable */
ssize_t nread = read(fd, &randseed, sizeof(randseed));
if(nread == sizeof(randseed))
seeded = TRUE;
close(fd);
}
}
#endif
if(!seeded) {
time: rename Curl_tvnow to Curl_now ... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
2017-10-25 17:59:43 +08:00
struct curltime now = Curl_now();
infof: consistent capitalization of warning messages Ensure that all infof calls with a warning message are capitalized in the same way. At some point we should probably set up a style- guide for infof but until then let's aim for a little consistenncy where we can. Closes: #8711 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2022-04-15 03:13:29 +08:00
infof(data, "WARNING: using weak random seed");
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec;
randseed = randseed * 1103515245 + 12345;
randseed = randseed * 1103515245 + 12345;
randseed = randseed * 1103515245 + 12345;
seeded = TRUE;
}
build: add more picky warnings and fix them Enable more picky compiler warnings. I've found these options in the nghttp3 project when implementing the CMake quick picky warning functionality for it [1]. `-Wunused-macros` was too noisy to keep around, but fixed a few issues it revealed while testing. - autotools: reflect the more precisely-versioned clang warnings. Follow-up to 033f8e2a08eb1d3102f08c4d8c8e85470f8b460e #12324 - autotools: sync between clang and gcc the way we set `no-multichar`. - autotools: avoid setting `-Wstrict-aliasing=3` twice. - autotools: disable `-Wmissing-noreturn` for MSYS gcc targets [2]. It triggers in libtool-generated stub code. - lib/timeval: delete a redundant `!MSDOS` guard from a `WIN32` branch. - lib/curl_setup.h: delete duplicate declaration for `fileno`. Added in initial commit ae1912cb0d494b48d514d937826c9fe83ec96c4d (1999-12-29). This suggests this may not be needed anymore, but if it does, we may restore this for those specific (non-Windows) systems. - lib: delete unused macro `FTP_BUFFER_ALLOCSIZE` since c1d6fe2aaa5a26e49a69a4f2495b3cc7a24d9394. - lib: delete unused macro `isxdigit_ascii` since f65f750742068f579f4ee6d8539ed9d5f0afcb85. - lib/mqtt: delete unused macro `MQTT_HEADER_LEN`. - lib/multi: delete unused macro `SH_READ`/`SH_WRITE`. - lib/hostip: add `noreturn` function attribute via new `CURL_NORETURN` macro. - lib/mprintf: delete duplicate declaration for `Curl_dyn_vprintf`. - lib/rand: fix `-Wunreachable-code` and related fallouts [3]. - lib/setopt: fix `-Wunreachable-code-break`. - lib/system_win32 and lib/timeval: fix double declarations for `Curl_freq` and `Curl_isVistaOrGreater` in CMake UNITY mode [4]. - lib/warnless: fix double declarations in CMake UNITY mode [5]. This was due to force-disabling the header guard of `warnless.h` to to reapply it to source code coming after `warnless.c` in UNITY builds. This reapplied declarations too, causing the warnings. Solved by adding a header guard for the lines that actually need to be reapplied. - lib/vauth/digest: fix `-Wunreachable-code-break` [6]. - lib/vssh/libssh2: fix `-Wunreachable-code-break` and delete redundant block. - lib/vtls/sectransp: fix `-Wunreachable-code-break` [7]. - lib/vtls/sectransp: suppress `-Wunreachable-code`. Detected in `else` branches of dynamic feature checks, with results known at compile-time, e.g. ```c if(SecCertificateCopySubjectSummary) /* -> true */ ``` Likely fixable as a separate micro-project, but given SecureTransport is deprecated anyway, let's just silence these locally. - src/tool_help: delete duplicate declaration for `helptext`. - src/tool_xattr: fix `-Wunreachable-code`. - tests: delete duplicate declaration for `unitfail` [8]. - tests: delete duplicate declaration for `strncasecompare`. - tests/libtest: delete duplicate declaration for `gethostname`. Originally added in 687df5c8c39c370a59999b9afc0917d808d978b7 (2010-08-02). Got complicated later: c49e9683b85ba9d12cbb6eebc4ab2c8dba68fbdc If there are still systems around with warnings, we may restore the prototype, but limited for those systems. - tests/lib2305: delete duplicate declaration for `libtest_debug_config`. - tests/h2-download: fix `-Wunreachable-code-break`. [1] https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056f8bf9f/cmake/PickyWarningsC.cmake [2] https://ci.appveyor.com/project/curlorg/curl/builds/48553586/job/3qkgjauiqla5fj45?fullLog=true#L1675 [3] https://github.com/curl/curl/actions/runs/6880886309/job/18716044703?pr=12331#step:7:72 https://github.com/curl/curl/actions/runs/6883016087/job/18722707368?pr=12331#step:7:109 [4] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrriklpf1ut#L204 [5] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrriklpf1ut#L218 [6] https://github.com/curl/curl/actions/runs/6880886309/job/18716042927?pr=12331#step:7:290 [7] https://github.com/curl/curl/actions/runs/6891484996/job/18746659406?pr=12331#step:9:1193 [8] https://github.com/curl/curl/actions/runs/6882803986/job/18722082562?pr=12331#step:33:1870 Closes #12331
2023-11-15 22:43:36 +08:00
{
unsigned int r;
/* Return an unsigned 32-bit pseudo-random number. */
r = randseed = randseed * 1103515245 + 12345;
*rnd = (r << 16) | ((r >> 16) & 0xFFFF);
}
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
return CURLE_OK;
}
/*
socketpair: verify with a random value ... instead of using the curl time struct, since it would use a few uninitialized bytes and the sanitizers would complain. This is a neater approach I think. Reported-by: Boris Kuschel Fixes #10993 Closes #11015
2023-04-24 20:14:11 +08:00
* Curl_rand() stores 'num' number of random unsigned characters in the buffer
* 'rnd' points to.
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
*
* If libcurl is built without TLS support or with a TLS backend that lacks a
gskit: remove We remove support for building curl with gskit. - This is a niche TLS library, only running on some IBM systems - no regular curl contributors use this backend - no CI builds use or verify this backend - gskit, or the curl adaption for it, lacks many modern TLS features making it an inferior solution - build breakages in this code take weeks or more to get detected - fixing gskit code is mostly done "flying blind" This removal has been advertized in DEPRECATED in Jan 2, 2023 and it has been mentioned on the curl-library mailing list. It could be brought back, this is not a ban. Given proper effort and will, gskit support is welcome back into the curl TLS backend family. Closes #11460
2023-08-07 19:02:32 +08:00
* proper random API (rustls or mbedTLS), this function will use "weak"
rand: stop detecting /dev/urandom in cross-builds - Prevent CMake to auto-detect /dev/urandom when cross-building. Before this patch, it would detect it in a cross-build scenario on *nix hosts with this device present. This was a problem for example with Windows builds, but it could affect any target system with this device missing. This also syncs detection behaviour with autotools, which also skips it for cross-builds. - Also, make sure to never use the file RANDOM_FILE as entropy for libcurl's fallback random number generator on Windows. Windows does not have the concept of reading a random stream from a filename, nor any guaranteed non-world-writable path on disk. With this, a manual misconfiguration or an overeager auto-detection can no longer result in a user-controllable seed source. Reviewed-by: Daniel Stenberg Closes #9038
2022-06-22 17:35:46 +08:00
* random.
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
*
* When built *with* TLS support and a backend that offers strong random, it
* will return error if it cannot provide strong random values.
*
* NOTE: 'data' may be passed in as NULL when coming from external API without
* easy handle!
*
*/
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num)
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
{
rand: Fix potentially uninitialized result warning
2016-11-21 12:57:47 +08:00
CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT Closes #12658
2024-01-08 17:34:06 +08:00
DEBUGASSERT(num);
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
while(num) {
unsigned int r;
size_t left = num < sizeof(unsigned int) ? num : sizeof(unsigned int);
result = randit(data, &r);
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
if(result)
return result;
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
while(left) {
*rnd++ = (unsigned char)(r & 0xFF);
r >>= 8;
--num;
--left;
}
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
}
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
return result;
}
/*
* Curl_rand_hex() fills the 'rnd' buffer with a given 'num' size with random
misc: null-terminate Make use of this term consistently. Closes #9527
2022-09-17 23:32:21 +08:00
* hexadecimal digits PLUS a null-terminating byte. It must be an odd number
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
* size.
*/
CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
size_t num)
{
CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
unsigned char buffer[128];
DEBUGASSERT(num > 1);
rand: add a clang-analyzer work-around scan-build would warn on a potential access of an uninitialized buffer. I deem it a false positive and had to add this somewhat ugly work-around to silence it.
2017-12-13 07:45:42 +08:00
#ifdef __clang_analyzer__
rand: fix typo
2018-05-16 14:18:50 +08:00
/* This silences a scan-build warning about accessing this buffer with
rand: add a clang-analyzer work-around scan-build would warn on a potential access of an uninitialized buffer. I deem it a false positive and had to add this somewhat ugly work-around to silence it.
2017-12-13 07:45:42 +08:00
uninitialized memory. */
memset(buffer, 0, sizeof(buffer));
#endif
lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT Closes #12658
2024-01-08 17:34:06 +08:00
if((num/2 >= sizeof(buffer)) || !(num&1)) {
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
/* make sure it fits in the local buffer and that it is an odd number! */
lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT Closes #12658
2024-01-08 17:34:06 +08:00
DEBUGF(infof(data, "invalid buffer size with Curl_rand_hex"));
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
return CURLE_BAD_FUNCTION_ARGUMENT;
lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT Closes #12658
2024-01-08 17:34:06 +08:00
}
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
misc: null-terminate Make use of this term consistently. Closes #9527
2022-09-17 23:32:21 +08:00
num--; /* save one for null-termination */
rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-09 05:23:28 +08:00
result = Curl_rand(data, buffer, num/2);
if(result)
return result;
lib: provide and use Curl_hexencode Generates a lower case ASCII hex output from a binary input. Closes #11990
2023-09-30 00:06:49 +08:00
Curl_hexencode(buffer, num/2, rnd, num + 1);
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11 21:53:36 +08:00
return result;
}
misc: better random strings Generate alphanumerical random strings. Prior this change curl used to create random hex strings. This was mostly okay, but having alphanumerical random strings is better: The strings have more entropy in the same space. The MIME multipart boundary used to be mere 64-bits of randomness due to being 16 hex chars. With these changes the boundary is 22 alphanumerical chars, or little over 130 bits of randomness. Closes #11838
2023-09-12 18:51:21 +08:00
/*
* Curl_rand_alnum() fills the 'rnd' buffer with a given 'num' size with random
* alphanumerical chars PLUS a null-terminating byte.
*/
rand: fix 'alnum': array is too small to include a terminating null character It was that small on purpose, but this change now adds the null byte to avoid the error. Follow-up to 3aa3cc9b052353b1 Reported-by: Dan Fandrich Ref: #11838 Closes #11870
2023-09-17 04:37:28 +08:00
static const char alnum[] =
misc: better random strings Generate alphanumerical random strings. Prior this change curl used to create random hex strings. This was mostly okay, but having alphanumerical random strings is better: The strings have more entropy in the same space. The MIME multipart boundary used to be mere 64-bits of randomness due to being 16 hex chars. With these changes the boundary is 22 alphanumerical chars, or little over 130 bits of randomness. Closes #11838
2023-09-12 18:51:21 +08:00
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
size_t num)
{
CURLcode result = CURLE_OK;
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
const unsigned int alnumspace = sizeof(alnum) - 1;
misc: better random strings Generate alphanumerical random strings. Prior this change curl used to create random hex strings. This was mostly okay, but having alphanumerical random strings is better: The strings have more entropy in the same space. The MIME multipart boundary used to be mere 64-bits of randomness due to being 16 hex chars. With these changes the boundary is 22 alphanumerical chars, or little over 130 bits of randomness. Closes #11838
2023-09-12 18:51:21 +08:00
unsigned int r;
DEBUGASSERT(num > 1);
num--; /* save one for null-termination */
while(num) {
do {
result = randit(data, &r);
if(result)
return result;
} while(r >= (UINT_MAX - UINT_MAX % alnumspace));
lib: tidy up types and casts Cherry-picked from #13489 Closes #13862
2024-06-03 04:30:52 +08:00
*rnd++ = (unsigned char)alnum[r % alnumspace];
misc: better random strings Generate alphanumerical random strings. Prior this change curl used to create random hex strings. This was mostly okay, but having alphanumerical random strings is better: The strings have more entropy in the same space. The MIME multipart boundary used to be mere 64-bits of randomness due to being 16 hex chars. With these changes the boundary is 22 alphanumerical chars, or little over 130 bits of randomness. Closes #11838
2023-09-12 18:51:21 +08:00
num--;
}
*rnd = 0;
return result;
}
Reference in New Issue Copy Permalink