By using get_random() instead of prng_bytes(), we no longer have to place
create_temp_file() inside #ifdef ENABLE_CRYPTO.
The resulting filename now has 62 bits of entropy (2 * [0-INT_MAX])
instead of the previous 128 bits, but that should be plenty. Assuming an
int is 32 bits, we would need about 2**31 (2147483648) files to have a
(roughly) 0.5 chance of failing in one of the 6 attempts we do.
(This is preparing to move the function out of misc.c, where I'd prefer to
not have to add a #include "crypto.h".)
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20170725210234.5673-1-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15146.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
... | ... |
@@ -808,8 +808,6 @@ test_file(const char *filename) |
808 | 808 |
return ret; |
809 | 809 |
} |
810 | 810 |
|
811 |
-#ifdef ENABLE_CRYPTO |
|
812 |
- |
|
813 | 811 |
/* create a temporary filename in directory */ |
814 | 812 |
const char * |
815 | 813 |
create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) |
... | ... |
@@ -822,15 +820,11 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) |
822 | 822 |
|
823 | 823 |
do |
824 | 824 |
{ |
825 |
- uint8_t rndbytes[16]; |
|
826 |
- const char *rndstr; |
|
827 |
- |
|
828 | 825 |
++attempts; |
829 | 826 |
++counter; |
830 | 827 |
|
831 |
- prng_bytes(rndbytes, sizeof rndbytes); |
|
832 |
- rndstr = format_hex_ex(rndbytes, sizeof rndbytes, 40, 0, NULL, gc); |
|
833 |
- buf_printf(&fname, PACKAGE "_%s_%s.tmp", prefix, rndstr); |
|
828 |
+ buf_printf(&fname, PACKAGE "_%s_%08lx%08lx.tmp", prefix, |
|
829 |
+ (unsigned long) get_random(), (unsigned long) get_random()); |
|
834 | 830 |
|
835 | 831 |
retfname = gen_path(directory, BSTR(&fname), gc); |
836 | 832 |
if (!retfname) |
... | ... |
@@ -861,6 +855,8 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) |
861 | 861 |
return NULL; |
862 | 862 |
} |
863 | 863 |
|
864 |
+#ifdef ENABLE_CRYPTO |
|
865 |
+ |
|
864 | 866 |
/* |
865 | 867 |
* Prepend a random string to hostname to prevent DNS caching. |
866 | 868 |
* For example, foo.bar.gov would be modified to <random-chars>.foo.bar.gov. |