aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/Makefile.inc4
-rw-r--r--lib/curl_darwinssl.h6
-rw-r--r--lib/curl_rand.c61
-rw-r--r--lib/curl_rand.h29
-rw-r--r--lib/curl_sasl.c4
-rw-r--r--lib/easy.c5
-rw-r--r--lib/formdata.c35
-rw-r--r--lib/gtls.h6
-rw-r--r--lib/nssg.h6
-rw-r--r--lib/sslgen.c79
-rw-r--r--lib/sslgen.h9
-rw-r--r--lib/ssluse.h6
12 files changed, 115 insertions, 135 deletions
diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 4228bf6b8..f3845a0fb 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -13,7 +13,7 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
netrc.c getinfo.c transfer.c strequal.c easy.c security.c krb4.c \
curl_fnmatch.c fileinfo.c ftplistparser.c wildcard.c krb5.c \
memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c multi.c \
- content_encoding.c share.c http_digest.c md4.c md5.c curl_rand.c \
+ content_encoding.c share.c http_digest.c md4.c md5.c \
http_negotiate.c inet_pton.c strtoofft.c strerror.c amigaos.c \
hostasyn.c hostip4.c hostip6.c hostsyn.c inet_ntop.c parsedate.c \
select.c gtls.c sslgen.c tftp.c splay.c strdup.c socks.c ssh.c nss.c \
@@ -30,7 +30,7 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \
progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h \
if2ip.h speedcheck.h urldata.h curl_ldap.h ssluse.h escape.h telnet.h \
- getinfo.h strequal.h krb4.h memdebug.h http_chunks.h curl_rand.h \
+ getinfo.h strequal.h krb4.h memdebug.h http_chunks.h \
curl_fnmatch.h wildcard.h fileinfo.h ftplistparser.h strtok.h \
connect.h llist.h hash.h content_encoding.h share.h curl_md4.h \
curl_md5.h http_digest.h http_negotiate.h inet_pton.h amigaos.h \
diff --git a/lib/curl_darwinssl.h b/lib/curl_darwinssl.h
index 4c0e53ff1..432d3d7ce 100644
--- a/lib/curl_darwinssl.h
+++ b/lib/curl_darwinssl.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012, Nick Zitzmann, <nickzman@gmail.com>.
+ * Copyright (C) 2012 - 2013, Nick Zitzmann, <nickzman@gmail.com>.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -52,6 +52,10 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
unsigned char *md5sum, /* output */
size_t md5len);
+/* this backend provides these functions: */
+#define have_curlssl_random 1
+#define have_curlssl_md5sum 1
+
/* API setup for SecureTransport */
#define curlssl_init() (1)
#define curlssl_cleanup() Curl_nop_stmt
diff --git a/lib/curl_rand.c b/lib/curl_rand.c
deleted file mode 100644
index dc49289a1..000000000
--- a/lib/curl_rand.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include "curl_setup.h"
-
-#include <curl/curl.h>
-
-#include "curl_rand.h"
-
-#define _MPRINTF_REPLACE /* use our functions only */
-#include <curl/mprintf.h>
-
-#include "curl_memory.h"
-/* The last #include file should be: */
-#include "memdebug.h"
-
-/* Private pseudo-random number seed. Unsigned integer >= 32bit. Threads
- mutual exclusion is not implemented to acess it since we do not require
- high quality random numbers (only used in form boudary generation). */
-
-static unsigned int randseed;
-
-/* Pseudo-random number support. */
-
-unsigned int Curl_rand(void)
-{
- unsigned int r;
- /* Return an unsigned 32-bit pseudo-random number. */
- r = randseed = randseed * 1103515245 + 12345;
- return (r << 16) | ((r >> 16) & 0xFFFF);
-}
-
-void Curl_srand(void)
-{
- /* Randomize pseudo-random number sequence. */
-
- randseed = (unsigned int) time(NULL);
- Curl_rand();
- Curl_rand();
- Curl_rand();
-}
-
diff --git a/lib/curl_rand.h b/lib/curl_rand.h
deleted file mode 100644
index 26cfb7f03..000000000
--- a/lib/curl_rand.h
+++ /dev/null
@@ -1,29 +0,0 @@
-#ifndef HEADER_CURL_RAND_H
-#define HEADER_CURL_RAND_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-void Curl_srand(void);
-
-unsigned int Curl_rand(void);
-
-#endif /* HEADER_CURL_RAND_H */
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 39d451a37..fcb001948 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -32,7 +32,7 @@
#include "curl_base64.h"
#include "curl_md5.h"
-#include "curl_rand.h"
+#include "sslgen.h"
#include "curl_hmac.h"
#include "curl_ntlm_msgs.h"
#include "curl_sasl.h"
@@ -314,7 +314,7 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
/* Generate 64 bits of random data */
for(i = 0; i < 8; i++)
- cnonce[i] = table16[Curl_rand()%16];
+ cnonce[i] = table16[Curl_rand(data)%16];
/* So far so good, now calculate A1 and H(A1) according to RFC 2831 */
ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
diff --git a/lib/easy.c b/lib/easy.c
index 51da1c254..9d4e01176 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -74,7 +74,6 @@
#include "connect.h" /* for Curl_getconnectinfo */
#include "slist.h"
#include "amigaos.h"
-#include "curl_rand.h"
#include "non-ascii.h"
#include "warnless.h"
#include "conncache.h"
@@ -330,10 +329,6 @@ CURLcode curl_global_init(long flags)
init_flags = flags;
- /* Preset pseudo-random number sequence. */
-
- Curl_srand();
-
return CURLE_OK;
}
diff --git a/lib/formdata.c b/lib/formdata.c
index 49c5d2943..decb84d9f 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -24,9 +24,6 @@
#include <curl/curl.h>
-/* Length of the random boundary string. */
-#define BOUNDARY_LENGTH 40
-
#if !defined(CURL_DISABLE_HTTP) || defined(USE_SSLEAY)
#if defined(HAVE_LIBGEN_H) && defined(HAVE_BASENAME)
@@ -35,7 +32,7 @@
#include "urldata.h" /* for struct SessionHandle */
#include "formdata.h"
-#include "curl_rand.h"
+#include "sslgen.h"
#include "strequal.h"
#include "curl_memory.h"
#include "sendf.h"
@@ -56,7 +53,7 @@ static char *Curl_basename(char *path);
#endif
static size_t readfromfile(struct Form *form, char *buffer, size_t size);
-static char *formboundary(void);
+static char *formboundary(struct SessionHandle *data);
/* What kind of Content-Type to use on un-specified files with unrecognized
extensions. */
@@ -1101,7 +1098,7 @@ CURLcode Curl_getformdata(struct SessionHandle *data,
if(!post)
return result; /* no input => no output! */
- boundary = formboundary();
+ boundary = formboundary(data);
if(!boundary)
return CURLE_OUT_OF_MEMORY;
@@ -1157,7 +1154,7 @@ CURLcode Curl_getformdata(struct SessionHandle *data,
the magic to include several files with the same field name */
Curl_safefree(fileboundary);
- fileboundary = formboundary();
+ fileboundary = formboundary(data);
if(!fileboundary) {
result = CURLE_OUT_OF_MEMORY;
break;
@@ -1464,28 +1461,12 @@ char *Curl_formpostheader(void *formp, size_t *len)
* formboundary() creates a suitable boundary string and returns an allocated
* one.
*/
-static char *formboundary(void)
+static char *formboundary(struct SessionHandle *data)
{
- char *retstring;
- size_t i;
-
- static const char table16[]="0123456789abcdef";
-
- retstring = malloc(BOUNDARY_LENGTH+1);
-
- if(!retstring)
- return NULL; /* failed */
-
- strcpy(retstring, "----------------------------");
-
- for(i=strlen(retstring); i<BOUNDARY_LENGTH; i++)
- retstring[i] = table16[Curl_rand()%16];
-
- /* 28 dashes and 12 hexadecimal digits makes 12^16 (184884258895036416)
+ /* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615)
combinations */
- retstring[BOUNDARY_LENGTH]=0; /* zero terminate */
-
- return retstring;
+ return aprintf("------------------------%08x%08x",
+ Curl_rand(data), Curl_rand(data));
}
#else /* CURL_DISABLE_HTTP */
diff --git a/lib/gtls.h b/lib/gtls.h
index 84e1396b5..453542e1e 100644
--- a/lib/gtls.h
+++ b/lib/gtls.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -55,6 +55,10 @@ void Curl_gtls_md5sum(unsigned char *tmp, /* input */
unsigned char *md5sum, /* output */
size_t md5len);
+/* this backend provides these functions: */
+#define have_curlssl_random 1
+#define have_curlssl_md5sum 1
+
/* API setup for GnuTLS */
#define curlssl_init Curl_gtls_init
#define curlssl_cleanup Curl_gtls_cleanup
diff --git a/lib/nssg.h b/lib/nssg.h
index a881a9ad2..cd32706a7 100644
--- a/lib/nssg.h
+++ b/lib/nssg.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -60,6 +60,10 @@ void Curl_nss_md5sum(unsigned char *tmp, /* input */
unsigned char *md5sum, /* output */
size_t md5len);
+/* this backend provides these functions: */
+#define have_curlssl_random 1
+#define have_curlssl_md5sum 1
+
/* API setup for NSS */
#define curlssl_init Curl_nss_init
#define curlssl_cleanup Curl_nss_cleanup
diff --git a/lib/sslgen.c b/lib/sslgen.c
index 48758742a..ba995cb5d 100644
--- a/lib/sslgen.c
+++ b/lib/sslgen.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -45,6 +45,16 @@
#include "curl_setup.h"
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
#include "urldata.h"
#define SSLGEN_C
#include "sslgen.h" /* generic SSL protos etc */
@@ -63,6 +73,7 @@
#include "curl_memory.h"
#include "progress.h"
#include "share.h"
+#include "timeval.h"
/* The last #include file should be: */
#include "memdebug.h"
@@ -159,6 +170,63 @@ void Curl_free_ssl_config(struct ssl_config_data* sslc)
Curl_safefree(sslc->random_file);
}
+
+/*
+ * Curl_rand() returns a random unsigned integer, 32bit.
+ *
+ * This non-SSL function is put here only because this file is the only one
+ * with knowledge of what the underlying SSL libraries provide in terms of
+ * randomizers.
+ *
+ * NOTE: 'data' may be passed in as NULL when coming from external API without
+ * easy handle!
+ *
+ */
+
+unsigned int Curl_rand(struct SessionHandle *data)
+{
+ unsigned int r;
+ static unsigned int randseed;
+ static bool seeded;
+
+#ifdef have_curlssl_random
+ if(!data) {
+#endif
+
+ if(!seeded) {
+
+#ifdef RANDOM_FILE
+ /* if there's a random file to read a seed from, use it */
+ int fd = open(RANDOM_FILE, O_RDONLY);
+ seeded = TRUE;
+ if(fd > -1) {
+ /* read random data into the randseed variable */
+ read(fd, &randseed, sizeof(randseed));
+ close(fd);
+ }
+ else
+#endif /* RANDOM_FILE */
+ {
+ struct timeval now = curlx_tvnow();
+ randseed += (unsigned int) now.tv_usec + (unsigned int)now.tv_sec;
+ Curl_rand(data);
+ Curl_rand(data);
+ Curl_rand(data);
+ }
+ }
+ /* Return an unsigned 32-bit pseudo-random number. */
+ r = randseed = randseed * 1103515245 + 12345;
+ return (r << 16) | ((r >> 16) & 0xFFFF);
+
+#ifdef have_curlssl_random
+ }
+ else {
+ Curl_ssl_random(data, (unsigned char *)&r, sizeof(r));
+ return r;
+ }
+#endif
+}
+
#ifdef USE_SSL
/* "global" init done? */
@@ -518,17 +586,18 @@ void Curl_ssl_free_certinfo(struct SessionHandle *data)
}
}
-#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_NSS) || \
- defined(USE_DARWINSSL)
-/* these functions are only used by some SSL backends */
+/* these functions are only provided by some SSL backends */
+#ifdef have_curlssl_random
void Curl_ssl_random(struct SessionHandle *data,
unsigned char *entropy,
size_t length)
{
curlssl_random(data, entropy, length);
}
+#endif
+#ifdef have_curlssl_md5sum
void Curl_ssl_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *md5sum, /* output */
@@ -536,6 +605,6 @@ void Curl_ssl_md5sum(unsigned char *tmp, /* input */
{
curlssl_md5sum(tmp, tmplen, md5sum, md5len);
}
-#endif /* USE_SSLEAY || USE_GNUTLS || USE_NSS || USE_DARWINSSL */
+#endif
#endif /* USE_SSL */
diff --git a/lib/sslgen.h b/lib/sslgen.h
index 17ad8e343..182dd8f24 100644
--- a/lib/sslgen.h
+++ b/lib/sslgen.h
@@ -33,6 +33,8 @@ bool Curl_clone_ssl_config(struct ssl_config_data* source,
struct ssl_config_data* dest);
void Curl_free_ssl_config(struct ssl_config_data* sslc);
+unsigned int Curl_rand(struct SessionHandle *);
+
#ifdef USE_SSL
int Curl_ssl_init(void);
void Curl_ssl_cleanup(void);
@@ -83,6 +85,13 @@ void Curl_ssl_md5sum(unsigned char *tmp, /* input */
#define SSL_SHUTDOWN_TIMEOUT 10000 /* ms */
+#ifdef have_curlssl_random
+#define HAVE_CURL_SSL_RANDOM
+#endif
+#ifdef have_curlssl_md5sum
+#define HAVE_CURL_SSL_MD5SUM
+#endif
+
#else
/* When SSL support is not present, just define away these function calls */
#define Curl_ssl_init() 1
diff --git a/lib/ssluse.h b/lib/ssluse.h
index bdec2b513..d6efcb271 100644
--- a/lib/ssluse.h
+++ b/lib/ssluse.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -73,6 +73,10 @@ void Curl_ossl_md5sum(unsigned char *tmp, /* input */
unsigned char *md5sum /* output */,
size_t unused);
+/* this backend provides these functions: */
+#define have_curlssl_random 1
+#define have_curlssl_md5sum 1
+
/* API setup for OpenSSL */
#define curlssl_init Curl_ossl_init
#define curlssl_cleanup Curl_ossl_cleanup