summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/common/crypto.c17
-rw-r--r--src/common/crypto.h5
-rw-r--r--src/or/connection_edge.c7
-rw-r--r--src/or/onion.c11
4 files changed, 21 insertions, 19 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 8da2916dcb..afec91d22d 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -999,10 +999,23 @@ int crypto_rand(unsigned int n, unsigned char *to)
return (RAND_bytes(to, n) != 1);
}
-int crypto_pseudo_rand(unsigned int n, unsigned char *to)
+void crypto_pseudo_rand(unsigned int n, unsigned char *to)
{
assert(to);
- return (RAND_pseudo_bytes(to, n) == -1);
+ if (RAND_pseudo_bytes(to, n) == -1) {
+ log_fn(LOG_ERR, "RAND_pseudo_bytes failed unexpectedly.");
+ exit(1);
+ }
+}
+
+int crypto_pseudo_rand_int(int max) {
+ unsigned int val;
+ crypto_pseudo_rand(sizeof(val), (unsigned char*) &val);
+ /* Bug: Low values are _slightly_ favored over high values because
+ * ((unsigned)-1)%max != max-1 . This shouldn't matter if max is
+ * significantly smaller than ((unsigned)-1).
+ **/
+ return val % max;
}
/* errors */
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 31e995d3bd..ab5422d8cd 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -100,9 +100,8 @@ int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest);
/* random numbers */
int crypto_seed_rng();
int crypto_rand(unsigned int n, unsigned char *to);
-int crypto_pseudo_rand(unsigned int n, unsigned char *to);
-
-#define CRYPTO_PSEUDO_RAND_INT(v) crypto_pseudo_rand(sizeof(v),(char*)&(v))
+void crypto_pseudo_rand(unsigned int n, unsigned char *to);
+int crypto_pseudo_rand_int(int max);
/* errors */
char *crypto_perror();
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 4f468b2487..2bfe76ffa3 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -608,11 +608,8 @@ static int connection_ap_handshake_send_begin(connection_t *ap_conn, circuit_t *
assert(ap_conn->socks_request);
assert(ap_conn->socks_request->addr);
- if(crypto_pseudo_rand(STREAM_ID_SIZE, ap_conn->stream_id) < 0) {
- /* XXX can we just make this call abort if it fails? then this func could be a void. */
- /* FIXME check for collisions */
- return -1;
- }
+ crypto_pseudo_rand(STREAM_ID_SIZE, ap_conn->stream_id);
+ /* FIXME check for collisions */
memcpy(payload, ap_conn->stream_id, STREAM_ID_SIZE);
payload_len = STREAM_ID_SIZE + 1 +
diff --git a/src/or/onion.c b/src/or/onion.c
index 25e4190961..be11d2d339 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -160,17 +160,13 @@ int onionskin_answer(circuit_t *circ, unsigned char *payload, unsigned char *key
/* uses a weighted coin with weight cw to choose a route length */
static int chooselen(double cw) {
int len = 2;
- uint8_t coin;
if ((cw < 0) || (cw >= 1)) /* invalid parameter */
return -1;
while(1)
{
- if (CRYPTO_PSEUDO_RAND_INT(coin))
- return -1;
-
- if (coin > cw*255) /* don't extend */
+ if (crypto_pseudo_rand_int(255) > cw*255) /* don't extend */
break;
else
len++;
@@ -279,10 +275,7 @@ int onion_extend_cpath(crypt_path_t **head_ptr, int path_len, routerinfo_t **rou
log_fn(LOG_DEBUG, "Path is %d long; we want %d", cur_len, path_len);
again:
- if (CRYPTO_PSEUDO_RAND_INT(choice)) {
- return -1;
- }
- choice %= rarray_len;
+ choice = crypto_pseudo_rand_int(rarray_len);
log_fn(LOG_DEBUG,"Contemplating router %s for hop %d",
rarray[choice]->nickname, cur_len);
for (i = 0, cpath = *head_ptr; i < cur_len; ++i, cpath=cpath->next) {