/pidgin/main: cf93d5926aaf: Try using /dev/urandom instead of ra...
Mark Doliner
mark at kingant.net
Sun Dec 30 22:24:02 EST 2012
Changeset: cf93d5926aaffb72a45a711f24f7ef3b019b94e9
Author: Mark Doliner <mark at kingant.net>
Date: 2012-12-30 19:23 -0800
Branch: default
URL: http://hg.pidgin.im/pidgin/main/rev/cf93d5926aaf
Description:
Try using /dev/urandom instead of rand() when creating an NTLM session key.
rand() is not great at creating random numbers for cryptographic purposes.
This was pointed out by static analysis of our code by Chris Wysopal and
Veracode.
My change is written such that if /dev/urandom fails then we'll fallback to
using rand(). This isn't perfect... I'm expecting /dev/urandom not to work
on Windows. It didn't seem necessary to wrap this in an autoconf check
since we'll just fallback to using rand... but if it turns out to become a
problem then we can wrap it.
If anyone is interested, I heard there's a Windows API call called
CryptGenRandom that we could maybe use there.
diffstat:
libpurple/ntlm.c | 23 +++++++++++++++++++++--
1 files changed, 21 insertions(+), 2 deletions(-)
diffs (34 lines):
diff --git a/libpurple/ntlm.c b/libpurple/ntlm.c
--- a/libpurple/ntlm.c
+++ b/libpurple/ntlm.c
@@ -223,9 +223,28 @@ calc_resp(guint8 *keys, const guint8 *pl
static void
gensesskey(char *buffer)
{
- int i = 0;
+ int fd;
+ int i;
+ ssize_t red = 0;
- for (i = 0; i < 16; i++) {
+ fd = open("/dev/urandom", O_RDONLY);
+ if (fd >= 0) {
+ red = read(fd, buffer, 16);
+ if (red < 0) {
+ purple_debug_warning("ntlm", "Error reading from /dev/urandom: %s."
+ " Falling back to inferior method.\n", g_strerror(errno));
+ red = 0;
+ } else if (red < 16) {
+ purple_debug_warning("ntlm", "Tried reading 16 bytes from "
+ "/dev/urandom but only got %zd. Falling back to "
+ "inferior method\n", red);
+ }
+ } else {
+ purple_debug_warning("ntlm", "Error opening /dev/urandom: %s."
+ " Falling back to inferior method.\n", g_strerror(errno));
+ }
+
+ for (i = red; i < 16; i++) {
buffer[i] = (char)(rand() & 0xff);
}
}
More information about the Commits
mailing list