--- /dev/null 2008-03-03 12:31:35.402810776 +0200 +++ elinks-0.11.4rc0/src/util/salsarnd.c 2008-03-05 00:40:00.182809815 +0200 @@ -0,0 +1,86 @@ +#include +#include +#include +#include +#include +#include + +#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) +static void salsa20(void * __out, void *__in) +{ + int i; + uint32_t x[16]; + uint32_t *in = __in; + uint32_t *out = __out; + + for (i = 0; i < 16; ++i) x[i] = in[i]; + + for (i = 20;i > 0;i -= 2) { + x[ 4] ^= R(x[ 0]+x[12], 7); + x[ 8] ^= R(x[ 4]+x[ 0], 9); + x[12] ^= R(x[ 8]+x[ 4],13); + x[ 0] ^= R(x[12]+x[ 8],18); + x[ 9] ^= R(x[ 5]+x[ 1], 7); + x[13] ^= R(x[ 9]+x[ 5], 9); + x[ 1] ^= R(x[13]+x[ 9],13); + x[ 5] ^= R(x[ 1]+x[13],18); + x[14] ^= R(x[10]+x[ 6], 7); + x[ 2] ^= R(x[14]+x[10], 9); + x[ 6] ^= R(x[ 2]+x[14],13); + x[10] ^= R(x[ 6]+x[ 2],18); + x[ 3] ^= R(x[15]+x[11], 7); + x[ 7] ^= R(x[ 3]+x[15], 9); + x[11] ^= R(x[ 7]+x[ 3],13); + x[15] ^= R(x[11]+x[ 7],18); + x[ 1] ^= R(x[ 0]+x[ 3], 7); + x[ 2] ^= R(x[ 1]+x[ 0], 9); + x[ 3] ^= R(x[ 2]+x[ 1],13); + x[ 0] ^= R(x[ 3]+x[ 2],18); + x[ 6] ^= R(x[ 5]+x[ 4], 7); + x[ 7] ^= R(x[ 6]+x[ 5], 9); + x[ 4] ^= R(x[ 7]+x[ 6],13); + x[ 5] ^= R(x[ 4]+x[ 7],18); + x[11] ^= R(x[10]+x[ 9], 7); + x[ 8] ^= R(x[11]+x[10], 9); + x[ 9] ^= R(x[ 8]+x[11],13); + x[10] ^= R(x[ 9]+x[ 8],18); + x[12] ^= R(x[15]+x[14], 7); + x[13] ^= R(x[12]+x[15], 9); + x[14] ^= R(x[13]+x[12],13); + x[15] ^= R(x[14]+x[13],18); + } + for (i = 0;i < 16;++i) out[i] = x[i] + in[i]; +} + +uint32_t get_random32(void) +{ + static uint32_t salsa20_out[16]; + static uint32_t salsa20_in[16]; + static int nrints; + static int rndinit; + + if (!rndinit) { + int fd; + + rndinit = 1; + salsa20_in[0] = time((time_t*)0); + salsa20_in[1] = getpid(); + fd = open("/dev/urandom", O_RDONLY); + if (fd != -1) { + read(fd, salsa20_in, sizeof(salsa20_in)); + close(fd); + } + } + + if (nrints == 0) { + if (!++salsa20_in[0]) if (!++salsa20_in[1]) if (!++salsa20_in[2]) if (!++salsa20_in[3]) + if (!++salsa20_in[4]) if (!++salsa20_in[5]) if (!++salsa20_in[6]) if (!++salsa20_in[7]) + if (!++salsa20_in[8]) if (!++salsa20_in[9]) if (!++salsa20_in[10]) if (!++salsa20_in[11]) + if (!++salsa20_in[12]) if (!++salsa20_in[13]) if (!++salsa20_in[14]) ++salsa20_in[15]; + salsa20(salsa20_out, salsa20_in); + nrints = 16; + } + + return salsa20_out[--nrints]; +} + --- /dev/null 2008-03-03 12:31:35.402810776 +0200 +++ elinks-0.11.4rc0/src/util/salsarnd.h 2008-03-05 00:54:55.564810219 +0200 @@ -0,0 +1,7 @@ +#ifndef _SALSARND_H_ +#define _SALSARND_H_ + +extern uint32_t get_random32(void); + +#endif + --- elinks-0.11.4rc0/src/util/Makefile.bak 2008-02-05 01:44:16.000000000 +0200 +++ elinks-0.11.4rc0/src/util/Makefile 2008-03-05 00:38:12.701809329 +0200 @@ -24,6 +24,7 @@ OBJS = \ secsave.o \ snprintf.o \ string.o \ - time.o + time.o \ + salsarnd.o include $(top_srcdir)/Makefile.lib --- elinks-0.11.4rc0/src/protocol/bittorrent/common.c.bak 2008-02-05 01:44:16.000000000 +0200 +++ elinks-0.11.4rc0/src/protocol/bittorrent/common.c 2008-03-05 00:55:23.038810094 +0200 @@ -20,6 +20,7 @@ #include "util/sha1.h" #include "util/string.h" #include "util/snprintf.h" +#include "util/salsarnd.h" /* Debug function which returns printable peer ID. */ unsigned char * @@ -144,12 +145,10 @@ init_bittorrent_peer_id(bittorrent_id_T int dots = 0; int i = 0; - srand(time(NULL)); - peer_id[i++] = 'E'; peer_id[i++] = 'L'; - for (; *version && i < sizeof(bittorrent_id_T); version++) { + for (; *version && i < sizeof(peer_id); version++) { if (isdigit(*version)) { peer_id[i++] = *version; @@ -164,14 +163,8 @@ init_bittorrent_peer_id(bittorrent_id_T peer_id[i++] = *version; } - /* Hmm, sizeof(peer_id) don't work here. */ - while (i < sizeof(bittorrent_id_T)) { - int random = rand(); - - while (i < sizeof(bittorrent_id_T) && (random & 0xF)) { - peer_id[i++] = hx(random & 0xF); - random >>= 4; - } + while (i < sizeof(peer_id)) { + peer_id[i++] = hx(get_random32() & 0xF); } } --- elinks-0.11.4rc0/src/protocol/bittorrent/piececache.c.bak 2008-02-05 01:44:16.000000000 +0200 +++ elinks-0.11.4rc0/src/protocol/bittorrent/piececache.c 2008-03-05 00:55:55.872809870 +0200 @@ -36,6 +36,7 @@ #include "util/lists.h" #include "util/memory.h" #include "util/string.h" +#include "util/salsarnd.h" /* Used as a 'not defined' value for piece indexes. */ @@ -136,8 +137,8 @@ find_bittorrent_free_list_peer_request(s static inline int randomize(size_t scale) { - double random = (double) rand() / RAND_MAX; - int index = random * (scale - 1); + double randomdbl = (double) get_random32() / 0xFFFFFFFF; + int index = randomdbl * (scale - 1); return index; } @@ -164,8 +165,6 @@ find_random_in_bittorrent_piece_cache(st assert(peer->bitfield->bitsize == peer->bittorrent->meta.pieces); - srand(time(NULL)); - foreachback_bitfield_set (piece, peer->bitfield) { assertm(cache->entries[piece].rarity, "Piece cache out of sync"); @@ -237,8 +236,6 @@ find_rarest_in_bittorrent_piece_cache(st assert(peer->bitfield->bitsize == peer->bittorrent->meta.pieces); - srand(time(NULL)); - /* Try to randomize the piece picking using the strategy from the random * piece selection. */ foreachback_bitfield_set (piece, peer->bitfield) { --- elinks-0.11.4rc0/src/protocol/auth/digest.c.bak 2008-02-05 01:44:16.000000000 +0200 +++ elinks-0.11.4rc0/src/protocol/auth/digest.c 2008-03-05 01:01:49.285810063 +0200 @@ -15,7 +15,7 @@ #include "util/conv.h" #include "util/md5.h" #include "util/memory.h" - +#include "util/salsarnd.h" /* Hexes a binary md5 digest. Taken from RFC 2617 */ static void @@ -35,15 +35,13 @@ convert_to_md5_digest_hex_T(md5_digest_b static void init_cnonce_digest(md5_digest_hex_T cnonce) { - md5_digest_bin_T md5; - int random; - - srand(time(NULL)); - - random = rand(); - MD5((const unsigned char *) &random, sizeof(random), md5); + uint32_t rndseed[4]; - convert_to_md5_digest_hex_T(md5, cnonce); + rndseed[0] = get_random32(); + rndseed[1] = get_random32(); + rndseed[2] = get_random32(); + rndseed[3] = get_random32(); + memcpy(cnonce, rndseed, sizeof(cnonce)); } /* Initializes what RFC 2617 refers to as H(A1) by digesting and hexing the