Module: kamailio Branch: master Commit: a07b845cffe0a6a5fb6410d735aee6c510f8ff8e URL: https://github.com/kamailio/kamailio/commit/a07b845cffe0a6a5fb6410d735aee6c510f8ff8e
Author: Daniel-Constantin Mierla <mico...@gmail.com> Committer: Daniel-Constantin Mierla <mico...@gmail.com> Date: 2025-07-16T12:02:57+02:00 crypto: init call-id rand seeding with the first usage - randomization per process --- Modified: src/modules/crypto/crypto_mod.c Modified: src/modules/crypto/crypto_uuid.c Modified: src/modules/crypto/crypto_uuid.h --- Diff: https://github.com/kamailio/kamailio/commit/a07b845cffe0a6a5fb6410d735aee6c510f8ff8e.diff Patch: https://github.com/kamailio/kamailio/commit/a07b845cffe0a6a5fb6410d735aee6c510f8ff8e.patch --- diff --git a/src/modules/crypto/crypto_mod.c b/src/modules/crypto/crypto_mod.c index 84f70813602..a079987a9ff 100644 --- a/src/modules/crypto/crypto_mod.c +++ b/src/modules/crypto/crypto_mod.c @@ -139,10 +139,6 @@ static int mod_init(void) } if(_crypto_register_callid != 0) { - if(crypto_init_callid() < 0) { - LM_ERR("failed to init callid callback\n"); - return -1; - } if(crypto_register_callid_func() < 0) { LM_ERR("unable to register callid callback\n"); return -1; @@ -166,11 +162,6 @@ static int mod_init(void) */ static int child_init(int rank) { - if(_crypto_register_callid != 0 && crypto_child_init_callid(rank) < 0) { - LM_ERR("failed to register callid callback\n"); - return -1; - } - return 0; } diff --git a/src/modules/crypto/crypto_uuid.c b/src/modules/crypto/crypto_uuid.c index 660d1fe7ccb..6be44b184da 100644 --- a/src/modules/crypto/crypto_uuid.c +++ b/src/modules/crypto/crypto_uuid.c @@ -82,11 +82,20 @@ static inline int crypto_bytes2hex( /** * \brief Initialize the Call-ID generator + * - process initialization, permute seed with pid * \return 0 on success, -1 on error */ -int crypto_init_callid(void) +static int _crypto_init_callid_done = 0; +static int crypto_init_callid(void) { static char crypto_callid_seed_str[2 * SEED_LEN] = {0}; + unsigned int pid = my_pid(); + + if(_crypto_init_callid_done == pid) { + return 0; + } + _crypto_init_callid_done = pid; + if(!(RAND_bytes(crypto_callid_seed, sizeof(crypto_callid_seed)))) { LOG(L_ERR, "ERROR: Unable to get random bytes for Call-ID seed\n"); return -1; @@ -95,29 +104,13 @@ int crypto_init_callid(void) crypto_callid_seed, sizeof(crypto_callid_seed)); DBG("Call-ID initialization: '0x%.*s'\n", 2 * SEED_LEN, crypto_callid_seed_str); - return 0; -} - - -/** - * \brief Child initialization, permute seed with pid - * \param rank not used - * \return 0 on success, -1 on error - */ -int crypto_child_init_callid(int rank) -{ - static char crypto_callid_seed_str[2 * SEED_LEN] = {0}; - unsigned int pid = my_pid(); - if(SEED_LEN < 2) { - LOG(L_CRIT, "BUG: Call-ID seed is too short\n"); - return -1; - } crypto_callid_seed[0] ^= (pid >> 0) % 0xff; crypto_callid_seed[1] ^= (pid >> 8) % 0xff; crypto_bytes2hex(crypto_callid_seed_str, sizeof(crypto_callid_seed_str), crypto_callid_seed, sizeof(crypto_callid_seed)); - DBG("Call-ID initialization: '0x%.*s'\n", 2 * SEED_LEN, + DBG("Call-ID process initialization: '0x%.*s'\n", 2 * SEED_LEN, crypto_callid_seed_str); + return 0; } @@ -188,6 +181,13 @@ void crypto_generate_callid(str *callid) static char crypto_sbuf[UUID_LEN] = {0}; crypto_inc_counter(crypto_callid_counter, CTR_LEN); + if(crypto_init_callid() < 0) { + LM_ERR("cannot initialize the seed\n"); + callid->s = NULL; + callid->len = 0; + return; + } + #if OPENSSL_VERSION_NUMBER > 0x030000000L if((crypto_ctx = EVP_MD_CTX_new()) == NULL) { LM_ERR("can't get new context\n"); diff --git a/src/modules/crypto/crypto_uuid.h b/src/modules/crypto/crypto_uuid.h index 53a81ccda88..5373f9783b1 100644 --- a/src/modules/crypto/crypto_uuid.h +++ b/src/modules/crypto/crypto_uuid.h @@ -35,21 +35,6 @@ #include "../../core/str.h" -/** - * \brief Initialize the Call-ID generator - * \return 0 on success, -1 on error - */ -int crypto_init_callid(void); - - -/** - * \brief Child initialization - * \param rank not used - * \return 0 on success, -1 on error - */ -int crypto_child_init_callid(int rank); - - /** * \brief TM API export */ _______________________________________________ Kamailio - Development Mailing List -- sr-dev@lists.kamailio.org To unsubscribe send an email to sr-dev-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender!
