From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Tue, 3 Dec 2019 15:42:14 +0000 (+0100)
Subject: - Fix Client NONCE Generation used for Server NONCE,
X-Git-Tag: release-1.9.6rc1~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=68027ab14541a5e43e9f8747f953ecb9069ea0c6;p=thirdparty%2Funbound.git

- Fix Client NONCE Generation used for Server NONCE,
  reported by X41 D-Sec.
---

diff --git a/dnscrypt/dnscrypt.c b/dnscrypt/dnscrypt.c
index 173d26c95..6d187a748 100644
--- a/dnscrypt/dnscrypt.c
+++ b/dnscrypt/dnscrypt.c
@@ -442,20 +442,7 @@ dnscrypt_hrtime(void)
 static void
 add_server_nonce(uint8_t *nonce)
 {
-    uint64_t ts;
-    uint64_t tsn;
-    uint32_t suffix;
-    ts = dnscrypt_hrtime();
-    // TODO? dnscrypt-wrapper does some logic with context->nonce_ts_last
-    // unclear if we really need it, so skipping it for now.
-    tsn = (ts << 10) | (randombytes_random() & 0x3ff);
-#if (BYTE_ORDER == LITTLE_ENDIAN)
-    tsn =
-        (((uint64_t)htonl((uint32_t)tsn)) << 32) | htonl((uint32_t)(tsn >> 32));
-#endif
-    memcpy(nonce + crypto_box_HALF_NONCEBYTES, &tsn, 8);
-    suffix = randombytes_random();
-    memcpy(nonce + crypto_box_HALF_NONCEBYTES + 8, &suffix, 4);
+    randombytes_buf(nonce + crypto_box_HALF_NONCEBYTES, 8/*tsn*/+4/*suffix*/);
 }
 
 /**
diff --git a/doc/Changelog b/doc/Changelog
index 574c469c9..099db0484 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -26,6 +26,8 @@
 	  reported by X41 D-Sec.
 	- Fix Bad Indentation, in dnscrypt.c,
 	  reported by X41 D-Sec.
+	- Fix Client NONCE Generation used for Server NONCE,
+	  reported by X41 D-Sec.
 
 2 December 2019: Wouter
 	- Merge pull request #122 from he32: In tcp_callback_writer(),