Loading src/common/crypto.c +15 −0 Original line number Diff line number Diff line Loading @@ -2336,6 +2336,21 @@ crypto_rand_int_range(unsigned int min, unsigned int max) return min + crypto_rand_int(max - min); } /** As crypto_rand_int_range, but supports uint64_t. */ uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max) { tor_assert(min < max); return min + crypto_rand_uint64(max - min); } /** As crypto_rand_int_range, but supports time_t. */ time_t crypto_rand_time_range(time_t min, time_t max) { return (time_t) crypto_rand_uint64_range(min, max); } /** Return a pseudorandom 64-bit integer, chosen uniformly from the values * between 0 and <b>max</b>-1. */ uint64_t Loading src/common/crypto.h +2 −0 Original line number Diff line number Diff line Loading @@ -255,6 +255,8 @@ MOCK_DECL(int,crypto_rand,(char *to, size_t n)); int crypto_strongest_rand(uint8_t *out, size_t out_len); int crypto_rand_int(unsigned int max); int crypto_rand_int_range(unsigned int min, unsigned int max); uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max); time_t crypto_rand_time_range(time_t min, time_t max); uint64_t crypto_rand_uint64(uint64_t max); double crypto_rand_double(void); struct tor_weak_rng_t; Loading src/common/tortls.c +1 −1 Original line number Diff line number Diff line Loading @@ -660,7 +660,7 @@ tor_tls_create_certificate(crypto_pk_t *rsa, * then we might pick a time where we're about to expire. Lastly, be * sure to start on a day boundary. */ time_t now = time(NULL); start_time = crypto_rand_int_range(now - cert_lifetime, now) + 2*24*3600; start_time = crypto_rand_time_range(now - cert_lifetime, now) + 2*24*3600; start_time -= start_time % (24*3600); tor_assert(rsa); Loading src/or/entrynodes.c +2 −2 Original line number Diff line number Diff line Loading @@ -441,7 +441,7 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend, * precise timestamp in the state file about when we first picked * this guard. For details, see the Jan 2010 or-dev thread. */ time_t now = time(NULL); entry->chosen_on_date = crypto_rand_int_range(now - 3600*24*30, now); entry->chosen_on_date = crypto_rand_time_range(now - 3600*24*30, now); entry->chosen_by_version = tor_strdup(VERSION); /* Are we picking this guard because all of our current guards are Loading Loading @@ -1441,7 +1441,7 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg) } else { if (state_version) { time_t now = time(NULL); e->chosen_on_date = crypto_rand_int_range(now - 3600*24*30, now); e->chosen_on_date = crypto_rand_time_range(now - 3600*24*30, now); e->chosen_by_version = tor_strdup(state_version); } } Loading src/or/main.c +1 −1 Original line number Diff line number Diff line Loading @@ -1623,7 +1623,7 @@ run_scheduled_events(time_t now) time_to.check_for_correct_dns < now && ! router_my_exit_policy_is_reject_star()) { if (!time_to.check_for_correct_dns) { time_to.check_for_correct_dns = crypto_rand_int_range(now, now + 120) + 60; time_to.check_for_correct_dns = crypto_rand_time_range(now, now + 120) + 60; } else { dns_launch_correctness_checks(); time_to.check_for_correct_dns = now + 12*3600 + Loading Loading
src/common/crypto.c +15 −0 Original line number Diff line number Diff line Loading @@ -2336,6 +2336,21 @@ crypto_rand_int_range(unsigned int min, unsigned int max) return min + crypto_rand_int(max - min); } /** As crypto_rand_int_range, but supports uint64_t. */ uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max) { tor_assert(min < max); return min + crypto_rand_uint64(max - min); } /** As crypto_rand_int_range, but supports time_t. */ time_t crypto_rand_time_range(time_t min, time_t max) { return (time_t) crypto_rand_uint64_range(min, max); } /** Return a pseudorandom 64-bit integer, chosen uniformly from the values * between 0 and <b>max</b>-1. */ uint64_t Loading
src/common/crypto.h +2 −0 Original line number Diff line number Diff line Loading @@ -255,6 +255,8 @@ MOCK_DECL(int,crypto_rand,(char *to, size_t n)); int crypto_strongest_rand(uint8_t *out, size_t out_len); int crypto_rand_int(unsigned int max); int crypto_rand_int_range(unsigned int min, unsigned int max); uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max); time_t crypto_rand_time_range(time_t min, time_t max); uint64_t crypto_rand_uint64(uint64_t max); double crypto_rand_double(void); struct tor_weak_rng_t; Loading
src/common/tortls.c +1 −1 Original line number Diff line number Diff line Loading @@ -660,7 +660,7 @@ tor_tls_create_certificate(crypto_pk_t *rsa, * then we might pick a time where we're about to expire. Lastly, be * sure to start on a day boundary. */ time_t now = time(NULL); start_time = crypto_rand_int_range(now - cert_lifetime, now) + 2*24*3600; start_time = crypto_rand_time_range(now - cert_lifetime, now) + 2*24*3600; start_time -= start_time % (24*3600); tor_assert(rsa); Loading
src/or/entrynodes.c +2 −2 Original line number Diff line number Diff line Loading @@ -441,7 +441,7 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend, * precise timestamp in the state file about when we first picked * this guard. For details, see the Jan 2010 or-dev thread. */ time_t now = time(NULL); entry->chosen_on_date = crypto_rand_int_range(now - 3600*24*30, now); entry->chosen_on_date = crypto_rand_time_range(now - 3600*24*30, now); entry->chosen_by_version = tor_strdup(VERSION); /* Are we picking this guard because all of our current guards are Loading Loading @@ -1441,7 +1441,7 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg) } else { if (state_version) { time_t now = time(NULL); e->chosen_on_date = crypto_rand_int_range(now - 3600*24*30, now); e->chosen_on_date = crypto_rand_time_range(now - 3600*24*30, now); e->chosen_by_version = tor_strdup(state_version); } } Loading
src/or/main.c +1 −1 Original line number Diff line number Diff line Loading @@ -1623,7 +1623,7 @@ run_scheduled_events(time_t now) time_to.check_for_correct_dns < now && ! router_my_exit_policy_is_reject_star()) { if (!time_to.check_for_correct_dns) { time_to.check_for_correct_dns = crypto_rand_int_range(now, now + 120) + 60; time_to.check_for_correct_dns = crypto_rand_time_range(now, now + 120) + 60; } else { dns_launch_correctness_checks(); time_to.check_for_correct_dns = now + 12*3600 + Loading
