basic_radius_auth_LDADD= \
$(top_builddir)/lib/libmiscencoding.la \
+ $(top_builddir)/src/base/libbase.la \
$(COMPAT_LIB) \
$(NETTLELIB) \
$(SSLLIB) \
#include "squid.h"
#include "auth/basic/RADIUS/radius-util.h"
#include "auth/basic/RADIUS/radius.h"
+#include "base/Random.h"
#include "helper/protocol_defines.h"
#include "md5.h"
#include <cerrno>
#include <cstring>
#include <ctime>
-#include <random>
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
static void
random_vector(char *aVector)
{
- static std::mt19937 mt(time(nullptr));
+ static std::mt19937 mt(RandomSeed32());
static xuniform_int_distribution<uint8_t> dist;
for (int i = 0; i < AUTH_VECTOR_LEN; ++i)
#include "auth/State.h"
#include "auth/toUtf.h"
#include "base/LookupTable.h"
+#include "base/Random.h"
#include "cache_cf.h"
#include "event.h"
#include "helper.h"
*/
#include "mem/Pool.h"
-#include <random>
-
static AUTHSSTATS authenticateDigestStats;
helper *digestauthenticators = nullptr;
* - the timestamp also guarantees local uniqueness in the input to
* the hash function.
*/
- // NP: this will likely produce the same randomness sequences for each worker
- // since they should all start within the 1-second resolution of seed value.
- static std::mt19937 mt(static_cast<uint32_t>(getCurrentTime() & 0xFFFFFFFF));
+ static std::mt19937 mt(RandomSeed32());
static xuniform_int_distribution<uint32_t> newRandomData;
/* create a new nonce */
Optional.h \
Packable.h \
PackableStream.h \
+ Random.cc \
+ Random.h \
RandomUuid.cc \
RandomUuid.h \
Range.h \
--- /dev/null
+/*
+ * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
+#include "base/Random.h"
+
+std::mt19937::result_type
+RandomSeed32()
+{
+ // We promise entropy collection without waiting, but there is no standard
+ // way to get that in all environments. We considered these device names:
+ //
+ // * none: The default constructor in some specialized STL implementation or
+ // build might select a device that requires Squid to wait for entropy.
+ //
+ // * "default": Leads to clang (and other STLs) exceptions in some builds
+ // (e.g., when clang is built to use getentropy(3) or rand_s()).
+ //
+ // * "/dev/urandom": Blocks GCC from picking the best entropy source (e.g.,
+ // arc4random(3)) and leads to GCC/clang exceptions in some environments.
+ //
+ // If a special supported environment needs a non-default device name, we
+ // will add a random_device_name configuration directive. We cannot detect
+ // such needs in general code and choose to write simpler code until then.
+ static std::random_device dev;
+ return dev();
+}
+
+std::mt19937_64::result_type
+RandomSeed64()
+{
+ std::mt19937_64::result_type left = RandomSeed32();
+ return (left << 32) | RandomSeed32();
+}
+
--- /dev/null
+/*
+ * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
+#ifndef SQUID_SRC_BASE_RANDOM_H
+#define SQUID_SRC_BASE_RANDOM_H
+
+#include <random>
+
+/// A 32-bit random value suitable for seeding a 32-bit random number generator.
+/// Computing this value may require blocking device I/O but does not require
+/// waiting to accumulate entropy. Thus, this function:
+/// * may be called at runtime (e.g., the first time a given r.n.g. is needed)
+/// * should not be called frequently (e.g., once per transaction is too often)
+/// * should not be used as a source of randomness (use a r.n.g. instead)
+std::mt19937::result_type RandomSeed32();
+
+/// a 64-bit version of RandomSeed32()
+std::mt19937_64::result_type RandomSeed64();
+
+#endif /* SQUID_SRC_BASE_RANDOM_H */
+
#include "squid.h"
#include "base/IoManip.h"
+#include "base/Random.h"
#include "base/RandomUuid.h"
#include "base/TextException.h"
#include "defines.h"
#include <iostream>
-#include <random>
static_assert(sizeof(RandomUuid) == 128/8, "RandomUuid has RFC 4122-prescribed 128-bit size");
RandomUuid::RandomUuid()
{
// Generate random bits for populating our UUID.
- // STL implementation bugs notwithstanding (e.g., MinGW bug #338), this is
- // our best chance of getting a non-deterministic seed value for the r.n.g.
- static std::mt19937_64 rng(std::random_device {}()); // produces 64-bit sized values
+ static std::mt19937_64 rng(RandomSeed64()); // produces 64-bit sized values
const auto rnd1 = rng();
const auto rnd2 = rng();
#include "squid.h"
#include "base/CodeContext.h"
#include "base/InstanceId.h"
+#include "base/Random.h"
#include "base/RunnersRegistry.h"
#include "comm.h"
#include "comm/Connection.h"
#include <arpa/nameser.h>
#endif
#include <cerrno>
-#include <random>
#if HAVE_RESOLV_H
#include <resolv.h>
#endif
idnsQueryID()
{
// NP: apparently ranlux are faster, but not quite as "proven"
- static std::mt19937 mt(static_cast<uint32_t>(getCurrentTime() & 0xFFFFFFFF));
+ static std::mt19937 mt(RandomSeed32());
unsigned short id = mt() & 0xFFFF;
unsigned short first_id = id;
/* DEBUG: section 41 Event Processing */
#include "squid.h"
+#include "base/Random.h"
#include "event.h"
#include "mgr/Registration.h"
#include "Store.h"
#include "tools.h"
#include <cmath>
-#include <random>
/* The list of event processes */
eventAddIsh(const char *name, EVH * func, void *arg, double delta_ish, int weight)
{
if (delta_ish >= 3.0) {
- // Default seed is fine. We just need values random enough
- // relative to each other to prevent waves of synchronised activity.
- static std::mt19937 rng;
+ static std::mt19937 rng(RandomSeed32());
auto third = (delta_ish/3.0);
xuniform_real_distribution<> thirdIsh(delta_ish - third, delta_ish + third);
delta_ish = thirdIsh(rng);
#define CLEAN_BUF_SZ 16384
#include "squid.h"
+#include "base/Random.h"
#include "cache_cf.h"
#include "ConfigOption.h"
#include "DiskIO/DiskIOModule.h"
#include <cerrno>
#include <cmath>
-#include <random>
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
* value. j equals the total number of UFS level 2
* swap directories
*/
- std::mt19937 mt(static_cast<uint32_t>(getCurrentTime() & 0xFFFFFFFF));
+ static std::mt19937 mt(RandomSeed32());
xuniform_int_distribution<> dist(0, j);
swap_index = dist(mt);
}
#include "squid.h"
#include "base/CharacterSet.h"
+#include "base/Random.h"
#include "tests/SBufFindTest.h"
#include <cppunit/extensions/HelperMacros.h>
#include <cppunit/Message.h>
#include <limits>
-#include <random>
/* TODO: The whole SBufFindTest class is currently implemented as a single
CppUnit test case (because we do not want to register and report every one
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklomnpqrstuvwxyz";
- static std::mt19937 mt(time(nullptr));
+ static std::mt19937 mt(RandomSeed32());
// sizeof() counts the terminating zero at the end of characters
// and the distribution is an 'inclusive' value range, so -2
projects / thirdparty / squid.git / commitdiff
