[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v3 08/23] ui/vnc: Use gcrypto_random_bytes for start
From: |
Richard Henderson |
Subject: |
[Qemu-devel] [PATCH v3 08/23] ui/vnc: Use gcrypto_random_bytes for start_auth_vnc |
Date: |
Thu, 14 Mar 2019 20:26:14 -0700 |
Use a better interface for random numbers than rand().
Fail gracefully if for some reason we cannot use the crypto system.
Cc: Gerd Hoffmann <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
---
v2: Use qcrypto_random_bytes, not qemu_getrandom, as there is
no need for deterministic results for this interface.
v3: Fail gracefully in the event qcrypto_random_bytes fails.
---
ui/vnc.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 785edf3af1..d83f4a6ff9 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -43,6 +43,7 @@
#include "crypto/hash.h"
#include "crypto/tlscredsanon.h"
#include "crypto/tlscredsx509.h"
+#include "crypto/random.h"
#include "qom/object_interfaces.h"
#include "qemu/cutils.h"
#include "io/dns-resolver.h"
@@ -2547,16 +2548,6 @@ static void authentication_failed(VncState *vs)
vnc_client_error(vs);
}
-static void make_challenge(VncState *vs)
-{
- int i;
-
- srand(time(NULL)+getpid()+getpid()*987654+rand());
-
- for (i = 0 ; i < sizeof(vs->challenge) ; i++)
- vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
-}
-
static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
{
unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
@@ -2628,7 +2619,16 @@ reject:
void start_auth_vnc(VncState *vs)
{
- make_challenge(vs);
+ Error *err = NULL;
+
+ if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) {
+ trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes",
+ error_get_pretty(err));
+ error_free(err);
+ authentication_failed(vs);
+ return;
+ }
+
/* Send client a 'random' challenge */
vnc_write(vs, vs->challenge, sizeof(vs->challenge));
vnc_flush(vs);
--
2.17.2
- [Qemu-devel] [PATCH v3 00/23] Add qemu_getrandom and ARMv8.5-RNG etc, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 22/23] target/ppc: Use qemu_guest_getrandom for DARN, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 23/23] target/i386: Implement CPUID_EXT_RDRAND, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 19/23] hw/misc/exynos4210_rng: Use qemu_guest_getrandom, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 21/23] target/arm: Implement ARMv8.5-RNG, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 18/23] hw/misc/bcm2835_rng: Use qemu_guest_getrandom_nofail, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 13/23] linux-user: Use qemu_guest_getrandom_nofail for AT_RANDOM, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 20/23] target/arm: Put all PAC keys into a structure, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 08/23] ui/vnc: Use gcrypto_random_bytes for start_auth_vnc,
Richard Henderson <=
- [Qemu-devel] [PATCH v3 04/23] crypto: Use O_CLOEXEC in qcrypto_random_init, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 02/23] crypto: Reverse code blocks in random-platform.c, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 16/23] aspeed/scu: Use qemu_guest_getrandom_nofail, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 14/23] linux-user/aarch64: Use qemu_guest_getrandom for PAUTH keys, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 11/23] linux-user: Initialize pseudo-random seeds for all guest cpus, Richard Henderson, 2019/03/14
- [Qemu-devel] [PATCH v3 07/23] ui/vnc: Split out authentication_failure, Richard Henderson, 2019/03/14