summaryrefslogtreecommitdiff
path: root/lib/vauth
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2016-11-11 14:53:36 +0100
committerDaniel Stenberg <daniel@haxx.se>2016-11-14 08:23:52 +0100
commitf682156a4fc6c43fb38db4abda49b9a1bc1ed368 (patch)
tree32b49aeaefc66c54426f8e7e5e9c2d9aced6147d /lib/vauth
parent050aa803096f6d745a173d5810c65dd829f2f8b2 (diff)
downloadcurl-f682156a4fc6c43fb38db4abda49b9a1bc1ed368.tar.gz
Curl_rand: fixed and moved to rand.c
Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
Diffstat (limited to 'lib/vauth')
-rw-r--r--lib/vauth/digest.c15
-rw-r--r--lib/vauth/ntlm.c12
2 files changed, 16 insertions, 11 deletions
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 0a11a308d..ca1d0c24a 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -40,6 +40,7 @@
#include "strcase.h"
#include "non-ascii.h" /* included for Curl_convert_... prototypes */
#include "curl_printf.h"
+#include "rand.h"
/* The last #include files should be: */
#include "curl_memory.h"
@@ -387,10 +388,9 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
return CURLE_BAD_CONTENT_ENCODING;
/* Generate 16 bytes of random data */
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
- entropy[2] = Curl_rand(data);
- entropy[3] = Curl_rand(data);
+ result = Curl_rand(data, &entropy[0], 4);
+ if(result)
+ return result;
/* Convert the random data into a 32 byte hex string */
snprintf(cnonce, sizeof(cnonce), "%08x%08x%08x%08x",
@@ -684,9 +684,12 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
digest->nc = 1;
if(!digest->cnonce) {
+ unsigned int rnd[4];
+ result = Curl_rand(data, &rnd[0], 4);
+ if(result)
+ return result;
snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x",
- Curl_rand(data), Curl_rand(data),
- Curl_rand(data), Curl_rand(data));
+ rnd[0], rnd[1], rnd[2], rnd[3]);
result = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf),
&cnonce, &cnonce_sz);
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index b484a011a..b4d345d63 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -41,7 +41,7 @@
#include "curl_gethostname.h"
#include "curl_multibyte.h"
#include "warnless.h"
-
+#include "rand.h"
#include "vtls/vtls.h"
#ifdef USE_NSS
@@ -558,8 +558,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
unsigned int entropy[2];
unsigned char ntlmv2hash[0x18];
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
+ result = Curl_rand(data, &entropy[0], 2);
+ if(result)
+ return result;
result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer);
if(result)
@@ -598,8 +599,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
unsigned int entropy[2];
/* Need to create 8 bytes random data */
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
+ result = Curl_rand(data, &entropy[0], 2);
+ if(result)
+ return result;
/* 8 bytes random data as challenge in lmresp */
memcpy(lmresp, entropy, 8);