From 1cafede9f2b4a838dfc80423415e60704b3346f9 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Mon, 8 May 2017 23:23:28 +0200 Subject: rand: treat fake entropy the same regardless of endianness When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann --- lib/rand.h | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'lib/rand.h') diff --git a/lib/rand.h b/lib/rand.h index 0f8986120..c6fae3553 100644 --- a/lib/rand.h +++ b/lib/rand.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2017, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -23,7 +23,7 @@ ***************************************************************************/ /* - * Curl_rand() stores 'num' number of random unsigned integers in the buffer + * Curl_rand() stores 'num' number of random unsigned characters in the buffer * 'rnd' points to. * * If libcurl is built without TLS support or with a TLS backend that lacks a @@ -37,7 +37,11 @@ * easy handle! * */ -CURLcode Curl_rand(struct Curl_easy *data, unsigned int *rnd, - unsigned int num); +CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num); + +/* Same as above but outputs only random lowercase hex characters. + Does NOT terminate.*/ +CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, + size_t num); #endif /* HEADER_CURL_RAND_H */ -- cgit v1.2.3