On 3/15/19 4:26 AM, Richard Henderson wrote:
> Use a better interface for random numbers than rand().
> Fail gracefully if for some reason we cannot use the crypto system.
>
> Cc: Gerd Hoffmann <kra...@redhat.com>
> Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com>
> ---
> v2: Use qcrypto_random_bytes, not qemu_getrandom, as there is
> no need for deterministic results for this interface.
> v3: Fail gracefully in the event qcrypto_random_bytes fails.
> ---
> ui/vnc.c | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/ui/vnc.c b/ui/vnc.c
> index 785edf3af1..d83f4a6ff9 100644
> --- a/ui/vnc.c
> +++ b/ui/vnc.c
> @@ -43,6 +43,7 @@
> #include "crypto/hash.h"
> #include "crypto/tlscredsanon.h"
> #include "crypto/tlscredsx509.h"
> +#include "crypto/random.h"
> #include "qom/object_interfaces.h"
> #include "qemu/cutils.h"
> #include "io/dns-resolver.h"
> @@ -2547,16 +2548,6 @@ static void authentication_failed(VncState *vs)
> vnc_client_error(vs);
> }
>
> -static void make_challenge(VncState *vs)
> -{
> - int i;
> -
> - srand(time(NULL)+getpid()+getpid()*987654+rand());
> -
> - for (i = 0 ; i < sizeof(vs->challenge) ; i++)
> - vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
> -}
> -
> static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
> {
> unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
> @@ -2628,7 +2619,16 @@ reject:
>
> void start_auth_vnc(VncState *vs)
> {
> - make_challenge(vs);
> + Error *err = NULL;
> +
> + if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) {
> + trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes",
> + error_get_pretty(err));
> + error_free(err);
> + authentication_failed(vs);
> + return;
> + }
> +
> /* Send client a 'random' challenge */
> vnc_write(vs, vs->challenge, sizeof(vs->challenge));
> vnc_flush(vs);
>
