Merge branch 'ps/reftable-get-random-fix' · freshlybakedca.ke/git@cb441e1

Git fork

Merge branch 'ps/reftable-get-random-fix'

The code to compute "unique" name used git_rand() which can fail or
get stuck; the callsite does not require cryptographic security.
Introduce the "insecure" mode and use it appropriately.

* ps/reftable-get-random-fix:
reftable/stack: accept insecure random bytes
wrapper: allow generating insecure random bytes

Junio C Hamano 1 year ago cb441e1e 57ebdd5a

+33 -21

6 changed files

expand all

unified split

builtin

gc.c

reftable

stack.c

helper

test-csprng.c

unit-tests

t-reftable-readwrite.c

wrapper.c

wrapper.h

+1 -1

builtin/gc.c

··· 1909 1909 if (getenv("GIT_TEST_MAINT_SCHEDULER")) 1910 1910 return 13; 1911 1911 1912 - return git_rand() % 60; 1912 + return git_rand(0) % 60; 1913 1913 } 1914 1914 1915 1915 static int is_launchctl_available(void)

+2 -2

reftable/stack.c

··· 493 493 close(fd); 494 494 fd = -1; 495 495 496 - delay = delay + (delay * rand()) / RAND_MAX + 1; 496 + delay = delay + (delay * git_rand(CSPRNG_BYTES_INSECURE)) / UINT32_MAX + 1; 497 497 sleep_millisec(delay); 498 498 } 499 499 ··· 659 659 static int format_name(struct reftable_buf *dest, uint64_t min, uint64_t max) 660 660 { 661 661 char buf[100]; 662 - uint32_t rnd = (uint32_t)git_rand(); 662 + uint32_t rnd = git_rand(CSPRNG_BYTES_INSECURE); 663 663 snprintf(buf, sizeof(buf), "0x%012" PRIx64 "-0x%012" PRIx64 "-%08x", 664 664 min, max, rnd); 665 665 reftable_buf_reset(dest);

+1 -1

t/helper/test-csprng.c

··· 15 15 16 16 while (count) { 17 17 unsigned long chunk = count < sizeof(buf) ? count : sizeof(buf); 18 - if (csprng_bytes(buf, chunk) < 0) { 18 + if (csprng_bytes(buf, chunk, 0) < 0) { 19 19 perror("failed to read"); 20 20 return 5; 21 21 }

+3 -3

t/unit-tests/t-reftable-readwrite.c

··· 108 108 hash, to ensure that the compressed part is larger than the original. 109 109 */ 110 110 for (i = 0; i < REFTABLE_HASH_SIZE_SHA1; i++) { 111 - log.value.update.old_hash[i] = (uint8_t)(git_rand() % 256); 112 - log.value.update.new_hash[i] = (uint8_t)(git_rand() % 256); 111 + log.value.update.old_hash[i] = (uint8_t)(git_rand(0) % 256); 112 + log.value.update.new_hash[i] = (uint8_t)(git_rand(0) % 256); 113 113 } 114 114 reftable_writer_set_limits(w, update_index, update_index); 115 115 err = reftable_writer_add_log(w, &log); ··· 325 325 }; 326 326 327 327 for (i = 0; i < sizeof(message) - 1; i++) 328 - message[i] = (uint8_t)(git_rand() % 64 + ' '); 328 + message[i] = (uint8_t)(git_rand(0) % 64 + ' '); 329 329 330 330 reftable_writer_set_limits(w, 1, 1); 331 331

+14 -10

wrapper.c

··· 479 479 for (count = 0; count < TMP_MAX; ++count) { 480 480 int i; 481 481 uint64_t v; 482 - if (csprng_bytes(&v, sizeof(v)) < 0) 482 + if (csprng_bytes(&v, sizeof(v), 0) < 0) 483 483 return error_errno("unable to get random bytes for temporary file"); 484 484 485 485 /* Fill in the random bits. */ ··· 750 750 #endif 751 751 } 752 752 753 - int csprng_bytes(void *buf, size_t len) 753 + int csprng_bytes(void *buf, size_t len, MAYBE_UNUSED unsigned flags) 754 754 { 755 755 #if defined(HAVE_ARC4RANDOM) || defined(HAVE_ARC4RANDOM_LIBBSD) 756 756 /* This function never returns an error. */ ··· 785 785 return -1; 786 786 return 0; 787 787 #elif defined(HAVE_OPENSSL_CSPRNG) 788 - int res = RAND_bytes(buf, len); 789 - if (res == 1) 788 + switch (RAND_pseudo_bytes(buf, len)) { 789 + case 1: 790 790 return 0; 791 - if (res == -1) 792 - errno = ENOTSUP; 793 - else 791 + case 0: 792 + if (flags & CSPRNG_BYTES_INSECURE) 793 + return 0; 794 794 errno = EIO; 795 - return -1; 795 + return -1; 796 + default: 797 + errno = ENOTSUP; 798 + return -1; 799 + } 796 800 #else 797 801 ssize_t res; 798 802 char *p = buf; ··· 816 820 #endif 817 821 } 818 822 819 - uint32_t git_rand(void) 823 + uint32_t git_rand(unsigned flags) 820 824 { 821 825 uint32_t result; 822 826 823 - if (csprng_bytes(&result, sizeof(result)) < 0) 827 + if (csprng_bytes(&result, sizeof(result), flags) < 0) 824 828 die(_("unable to get random bytes")); 825 829 826 830 return result;

+12 -4

wrapper.h

··· 127 127 128 128 void sleep_millisec(int millisec); 129 129 130 + enum { 131 + /* 132 + * Accept insecure bytes, which some CSPRNG implementations may return 133 + * in case the entropy pool has been exhausted. 134 + */ 135 + CSPRNG_BYTES_INSECURE = (1 << 0), 136 + }; 137 + 130 138 /* 131 139 * Generate len bytes from the system cryptographically secure PRNG. 132 140 * Returns 0 on success and -1 on error, setting errno. The inability to 133 - * satisfy the full request is an error. 141 + * satisfy the full request is an error. Accepts CSPRNG flags. 134 142 */ 135 - int csprng_bytes(void *buf, size_t len); 143 + int csprng_bytes(void *buf, size_t len, unsigned flags); 136 144 137 145 /* 138 146 * Returns a random uint32_t, uniformly distributed across all possible 139 - * values. 147 + * values. Accepts CSPRNG flags. 140 148 */ 141 - uint32_t git_rand(void); 149 + uint32_t git_rand(unsigned flags); 142 150 143 151 /* Provide log2 of the given `size_t`. */ 144 152 static inline unsigned log2u(uintmax_t sz)