Add crypto_rand_int_range() and use it

Incidently, this fixes a bug where the maximum value was never used when only using crypto_rand_int(). For instance this example below in rendservice.c never gets to INTRO_POINT_LIFETIME_MAX_SECONDS. int intro_point_lifetime_seconds = INTRO_POINT_LIFETIME_MIN_SECONDS + crypto_rand_int(INTRO_POINT_LIFETIME_MAX_SECONDS - INTRO_POINT_LIFETIME_MIN_SECONDS); Signed-off-by: David Goulet <dgoulet@ev0ke.net>
author: David Goulet <dgoulet@ev0ke.net> 2015-04-21 10:17:12 -0400
committer: David Goulet <dgoulet@ev0ke.net> 2015-04-21 11:06:12 -0400
commit: 3f413184728c1d7b441b8e54585c43220665218c (patch)
tree: 4098cf1f1c596e98a3be1a5c78f3d07aa3d353e8 /src/or/router.c
parent: 6f6881c4324f35d44b997591939de7e847cca7a3 (diff)
download: tor-3f413184728c1d7b441b8e54585c43220665218c.tar.gz
tor-3f413184728c1d7b441b8e54585c43220665218c.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/or/router.c b/src/or/router.c
index b8bfd3cf6f..afe533ff9a 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -683,7 +683,9 @@ router_initialize_tls_context(void)
   if (!lifetime) { /* we should guess a good ssl cert lifetime */
 
     /* choose between 5 and 365 days, and round to the day */
-    lifetime = 5*24*3600 + crypto_rand_int(361*24*3600);
+    unsigned int five_days = 5*24*3600;
+    unsigned int one_year = 365*24*3600;
+    lifetime = crypto_rand_int_range(five_days, one_year);
     lifetime -= lifetime % (24*3600);
 
     if (crypto_rand_int(2)) {
author	David Goulet <dgoulet@ev0ke.net>	2015-04-21 10:17:12 -0400
committer	David Goulet <dgoulet@ev0ke.net>	2015-04-21 11:06:12 -0400
commit	3f413184728c1d7b441b8e54585c43220665218c (patch)
tree	4098cf1f1c596e98a3be1a5c78f3d07aa3d353e8 /src/or/router.c
parent	6f6881c4324f35d44b997591939de7e847cca7a3 (diff)
download	tor-3f413184728c1d7b441b8e54585c43220665218c.tar.gz tor-3f413184728c1d7b441b8e54585c43220665218c.zip