Message ID | 20220722162715.30625-1-crrodriguez@opensuse.org |
---|---|
State | New |
Headers | show |
Series | resolv: use arc4random_uniform in the generation of random ids | expand |
* Cristian Rodríguez via Libc-alpha: > diff --git a/resolv/res_randomid.c b/resolv/res_randomid.c > index fb1fa17539..f5f5afd0cd 100644 > --- a/resolv/res_randomid.c > +++ b/resolv/res_randomid.c > @@ -84,10 +84,10 @@ > > #include <resolv.h> > #include <unistd.h> > -#include <random-bits.h> > +#include <stdlib.h> > > unsigned int > res_randomid (void) { > - return 0xffff & random_bits (); > + return arc4random_uniform (UINT16_MAX); > } 1 << 16 or UINT16_MAX + 1. 8-/ Thanks, Florian
On Fri, Jul 22, 2022 at 3:36 PM Florian Weimer <fweimer@redhat.com> wrote: > > * Cristian Rodríguez via Libc-alpha: > > > diff --git a/resolv/res_randomid.c b/resolv/res_randomid.c > > index fb1fa17539..f5f5afd0cd 100644 > > --- a/resolv/res_randomid.c > > +++ b/resolv/res_randomid.c > > @@ -84,10 +84,10 @@ > > > > #include <resolv.h> > > #include <unistd.h> > > -#include <random-bits.h> > > +#include <stdlib.h> > > > > unsigned int > > res_randomid (void) { > > - return 0xffff & random_bits (); > > + return arc4random_uniform (UINT16_MAX); > > } > > 1 << 16 or UINT16_MAX + 1. 8-/ Yeah, it says LESS than limit.. so I am missing one possible value. thanks.
diff --git a/resolv/res_mkquery.c b/resolv/res_mkquery.c index 5bc5b41531..ee161a8d95 100644 --- a/resolv/res_mkquery.c +++ b/resolv/res_mkquery.c @@ -91,9 +91,9 @@ #include <resolv/resolv-internal.h> #include <resolv/resolv_context.h> #include <string.h> +#include <stdlib.h> #include <sys/time.h> #include <shlib-compat.h> -#include <random-bits.h> int __res_context_mkquery (struct resolv_context *ctx, int op, const char *dname, @@ -116,7 +116,7 @@ __res_context_mkquery (struct resolv_context *ctx, int op, const char *dname, /* We randomize the IDs every time. The old code just incremented by one after the initial randomization which still predictable if the application does multiple requests. */ - hp->id = random_bits (); + hp->id = res_randomid (); hp->opcode = op; if (ctx->resp->options & RES_TRUSTAD) hp->ad = 1; diff --git a/resolv/res_randomid.c b/resolv/res_randomid.c index fb1fa17539..f5f5afd0cd 100644 --- a/resolv/res_randomid.c +++ b/resolv/res_randomid.c @@ -84,10 +84,10 @@ #include <resolv.h> #include <unistd.h> -#include <random-bits.h> +#include <stdlib.h> unsigned int res_randomid (void) { - return 0xffff & random_bits (); + return arc4random_uniform (UINT16_MAX); } libc_hidden_def (__res_randomid)
In the context of DNS it is important to have highest possible quality ids. Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org> --- resolv/res_mkquery.c | 4 ++-- resolv/res_randomid.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-)