Move create_temp_file() out of #ifdef ENABLE_CRYPTO
By using get_random() instead of prng_bytes(), we no longer have to place
create_temp_file() inside #ifdef ENABLE_CRYPTO.
The resulting filename now has 62 bits of entropy (2 * [0-INT_MAX])
instead of the previous 128 bits, but that should be plenty. Assuming an
int is 32 bits, we would need about 2**31 (2147483648) files to have a
(roughly) 0.5 chance of failing in one of the 6 attempts we do.
(This is preparing to move the function out of misc.c, where I'd prefer to
not have to add a #include "crypto.h".)
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20170725210234.5673-1-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15146.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
Steffan Karger authored on 2017/07/26 06:02:34Showing 1 changed files
| ... | ... |
@@ -808,8 +808,6 @@ test_file(const char *filename) |
| 808 | 808 |
return ret; |
| 809 | 809 |
} |
| 810 | 810 |
|
| 811 |
-#ifdef ENABLE_CRYPTO |
|
| 812 |
- |
|
| 813 | 811 |
/* create a temporary filename in directory */ |
| 814 | 812 |
const char * |
| 815 | 813 |
create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) |
| ... | ... |
@@ -822,15 +820,11 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) |
| 822 | 822 |
|
| 823 | 823 |
do |
| 824 | 824 |
{
|
| 825 |
- uint8_t rndbytes[16]; |
|
| 826 |
- const char *rndstr; |
|
| 827 |
- |
|
| 828 | 825 |
++attempts; |
| 829 | 826 |
++counter; |
| 830 | 827 |
|
| 831 |
- prng_bytes(rndbytes, sizeof rndbytes); |
|
| 832 |
- rndstr = format_hex_ex(rndbytes, sizeof rndbytes, 40, 0, NULL, gc); |
|
| 833 |
- buf_printf(&fname, PACKAGE "_%s_%s.tmp", prefix, rndstr); |
|
| 828 |
+ buf_printf(&fname, PACKAGE "_%s_%08lx%08lx.tmp", prefix, |
|
| 829 |
+ (unsigned long) get_random(), (unsigned long) get_random()); |
|
| 834 | 830 |
|
| 835 | 831 |
retfname = gen_path(directory, BSTR(&fname), gc); |
| 836 | 832 |
if (!retfname) |
| ... | ... |
@@ -861,6 +855,8 @@ create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) |
| 861 | 861 |
return NULL; |
| 862 | 862 |
} |
| 863 | 863 |
|
| 864 |
+#ifdef ENABLE_CRYPTO |
|
| 865 |
+ |
|
| 864 | 866 |
/* |
| 865 | 867 |
* Prepend a random string to hostname to prevent DNS caching. |
| 866 | 868 |
* For example, foo.bar.gov would be modified to <random-chars>.foo.bar.gov. |