Commit de70e431 authored by Vysheng's avatar Vysheng

Merge github.com:vysheng/tg

parents 3c629b22 c68c9162
...@@ -14,7 +14,7 @@ Clone GitHub Repository ...@@ -14,7 +14,7 @@ Clone GitHub Repository
$ git clone https://github.com/vysheng/tg.git && cd tg $ git clone https://github.com/vysheng/tg.git && cd tg
or download and extrac zip or download and extract zip
$ wget https://github.com/vysheng/tg/archive/master.zip -O tg-master.zip $ wget https://github.com/vysheng/tg/archive/master.zip -O tg-master.zip
$ tar xzf tg-master.zip && cd tg-master $ tar xzf tg-master.zip && cd tg-master
......
...@@ -78,6 +78,7 @@ char *binlog_file_name; ...@@ -78,6 +78,7 @@ char *binlog_file_name;
int binlog_enabled; int binlog_enabled;
extern int log_level; extern int log_level;
int sync_from_start; int sync_from_start;
int allow_weak_random;
void set_default_username (const char *s) { void set_default_username (const char *s) {
if (default_username) { if (default_username) {
...@@ -375,6 +376,9 @@ void args_parse (int argc, char **argv) { ...@@ -375,6 +376,9 @@ void args_parse (int argc, char **argv) {
case 'E': case 'E':
disable_auto_accept = 1; disable_auto_accept = 1;
break; break;
case 'w':
allow_weak_random = 1;
break;
case 'h': case 'h':
default: default:
usage (); usage ();
......
...@@ -69,7 +69,7 @@ char new_nonce[256]; ...@@ -69,7 +69,7 @@ char new_nonce[256];
char server_nonce[256]; char server_nonce[256];
extern int binlog_enabled; extern int binlog_enabled;
extern int disable_auto_accept; extern int disable_auto_accept;
extern int allow_weak_random;
int total_packets_sent; int total_packets_sent;
long long total_data_sent; long long total_data_sent;
...@@ -98,6 +98,15 @@ double get_utime (int clock_id) { ...@@ -98,6 +98,15 @@ double get_utime (int clock_id) {
return res; return res;
} }
void secure_random (void *s, int l) {
if (RAND_bytes (s, l) < 0) {
if (allow_weak_random) {
RAND_pseudo_bytes (s, l);
} else {
assert (0 && "End of random. If you want, you can start with -w");
}
}
}
#define STATS_BUFF_SIZE (64 << 10) #define STATS_BUFF_SIZE (64 << 10)
...@@ -223,7 +232,7 @@ int rpc_send_message (struct connection *c, void *data, int len) { ...@@ -223,7 +232,7 @@ int rpc_send_message (struct connection *c, void *data, int len) {
int send_req_pq_packet (struct connection *c) { int send_req_pq_packet (struct connection *c) {
assert (c_state == st_init); assert (c_state == st_init);
assert (RAND_pseudo_bytes ((unsigned char *) nonce, 16) >= 0); secure_random (nonce, 16);
unenc_msg_header.out_msg_id = 0; unenc_msg_header.out_msg_id = 0;
clear_packet (); clear_packet ();
out_int (CODE_req_pq); out_int (CODE_req_pq);
...@@ -371,7 +380,7 @@ int process_respq_answer (struct connection *c, char *packet, int len) { ...@@ -371,7 +380,7 @@ int process_respq_answer (struct connection *c, char *packet, int len) {
//out_int (0x0501); // q=5 //out_int (0x0501); // q=5
out_ints ((int *) nonce, 4); out_ints ((int *) nonce, 4);
out_ints ((int *) server_nonce, 4); out_ints ((int *) server_nonce, 4);
assert (RAND_pseudo_bytes ((unsigned char *) new_nonce, 32) >= 0); secure_random (new_nonce, 32);
out_ints ((int *) new_nonce, 8); out_ints ((int *) new_nonce, 8);
sha1 ((unsigned char *) (packet_buffer + 5), (packet_ptr - packet_buffer - 5) * 4, (unsigned char *) packet_buffer); sha1 ((unsigned char *) (packet_buffer + 5), (packet_ptr - packet_buffer - 5) * 4, (unsigned char *) packet_buffer);
...@@ -564,7 +573,7 @@ int process_dh_answer (struct connection *c, char *packet, int len) { ...@@ -564,7 +573,7 @@ int process_dh_answer (struct connection *c, char *packet, int len) {
BN_init (&dh_g); BN_init (&dh_g);
BN_set_word (&dh_g, g); BN_set_word (&dh_g, g);
assert (RAND_pseudo_bytes ((unsigned char *)s_power, 256) >= 0); secure_random (s_power, 256);
BIGNUM *dh_power = BN_new (); BIGNUM *dh_power = BN_new ();
assert (BN_bin2bn ((unsigned char *)s_power, 256, dh_power) == dh_power); assert (BN_bin2bn ((unsigned char *)s_power, 256, dh_power) == dh_power);
...@@ -683,7 +692,7 @@ void init_enc_msg (struct session *S, int useful) { ...@@ -683,7 +692,7 @@ void init_enc_msg (struct session *S, int useful) {
// assert (DC->server_salt); // assert (DC->server_salt);
enc_msg.server_salt = DC->server_salt; enc_msg.server_salt = DC->server_salt;
if (!S->session_id) { if (!S->session_id) {
assert (RAND_pseudo_bytes ((unsigned char *) &S->session_id, 8) >= 0); secure_random (&S->session_id, 8);
} }
enc_msg.session_id = S->session_id; enc_msg.session_id = S->session_id;
//enc_msg.auth_key_id2 = auth_key_id; //enc_msg.auth_key_id2 = auth_key_id;
......
...@@ -29,4 +29,5 @@ void work_update_binlog (void); ...@@ -29,4 +29,5 @@ void work_update_binlog (void);
int check_g (unsigned char p[256], BIGNUM *g); int check_g (unsigned char p[256], BIGNUM *g);
int check_g_bn (BIGNUM *p, BIGNUM *g); int check_g_bn (BIGNUM *p, BIGNUM *g);
int check_DH_params (BIGNUM *p, int g); int check_DH_params (BIGNUM *p, int g);
void secure_random (void *s, int l);
#endif #endif
...@@ -309,10 +309,7 @@ extern struct dc *DC_working; ...@@ -309,10 +309,7 @@ extern struct dc *DC_working;
void out_random (int n) { void out_random (int n) {
assert (n <= 32); assert (n <= 32);
static char buf[32]; static char buf[32];
int i; secure_random (buf, n);
for (i = 0; i < n; i++) {
buf[i] = lrand48 () & 255;
}
out_cstring (buf, n); out_cstring (buf, n);
} }
...@@ -772,7 +769,9 @@ void encr_start (void) { ...@@ -772,7 +769,9 @@ void encr_start (void) {
void encr_finish (struct secret_chat *E) { void encr_finish (struct secret_chat *E) {
int l = packet_ptr - (encr_extra + 8); int l = packet_ptr - (encr_extra + 8);
while (((packet_ptr - encr_extra) - 3) & 3) { while (((packet_ptr - encr_extra) - 3) & 3) {
out_int (mrand48 ()); int t;
secure_random (&t, 4);
out_int (t);
} }
*encr_extra = ((packet_ptr - encr_extra) - 1) * 4 * 256 + 0xfe; *encr_extra = ((packet_ptr - encr_extra) - 1) * 4 * 256 + 0xfe;
...@@ -883,10 +882,7 @@ void do_send_encr_msg (struct message *M) { ...@@ -883,10 +882,7 @@ void do_send_encr_msg (struct message *M) {
out_int (CODE_decrypted_message); out_int (CODE_decrypted_message);
out_long (M->id); out_long (M->id);
static int buf[4]; static int buf[4];
int i; secure_random (buf, 16);
for (i = 0; i < 3; i++) {
buf[i] = mrand48 ();
}
out_cstring ((void *)buf, 16); out_cstring ((void *)buf, 16);
out_cstring ((void *)M->message, M->message_len); out_cstring ((void *)M->message, M->message_len);
out_int (CODE_decrypted_message_media_empty); out_int (CODE_decrypted_message_media_empty);
...@@ -1299,8 +1295,9 @@ void send_part (struct send_file *f) { ...@@ -1299,8 +1295,9 @@ void send_part (struct send_file *f) {
if (f->encr) { if (f->encr) {
if (x & 15) { if (x & 15) {
assert (f->offset == f->size); assert (f->offset == f->size);
while (x & 15) { if (x & 15) {
buf[x ++] = lrand48 () & 255; secure_random (buf + x, (-x) & 15);
x = (x + 15) & ~15;
} }
} }
...@@ -1505,16 +1502,11 @@ void do_send_photo (int type, peer_id_t to_id, char *file_name) { ...@@ -1505,16 +1502,11 @@ void do_send_photo (int type, peer_id_t to_id, char *file_name) {
if (get_peer_type (f->to_id) == PEER_ENCR_CHAT) { if (get_peer_type (f->to_id) == PEER_ENCR_CHAT) {
f->encr = 1; f->encr = 1;
f->iv = malloc (32); f->iv = malloc (32);
int i; secure_random (f->iv, 32);
for (i = 0; i < 8; i++) {
((int *)f->iv)[i] = mrand48 ();
}
f->init_iv = malloc (32); f->init_iv = malloc (32);
memcpy (f->init_iv, f->iv, 32); memcpy (f->init_iv, f->iv, 32);
f->key = malloc (32); f->key = malloc (32);
for (i = 0; i < 8; i++) { secure_random (f->key, 32);
((int *)f->key)[i] = mrand48 ();
}
} }
if (f->part_size > (512 << 10)) { if (f->part_size > (512 << 10)) {
close (fd); close (fd);
...@@ -2263,8 +2255,10 @@ void do_send_accept_encr_chat (struct secret_chat *E, unsigned char *random) { ...@@ -2263,8 +2255,10 @@ void do_send_accept_encr_chat (struct secret_chat *E, unsigned char *random) {
} }
} }
if (ok) { return; } // Already generated key for this chat if (ok) { return; } // Already generated key for this chat
for (i = 0; i < 64; i++) { unsigned char random_here[256];
*(((int *)random) + i) ^= mrand48 (); secure_random (random_here, 256);
for (i = 0; i < 256; i++) {
random[i] ^= random_here[i];
} }
BIGNUM *b = BN_bin2bn (random, 256, 0); BIGNUM *b = BN_bin2bn (random, 256, 0);
assert (b); assert (b);
...@@ -2360,8 +2354,10 @@ void do_create_keys_end (struct secret_chat *U) { ...@@ -2360,8 +2354,10 @@ void do_create_keys_end (struct secret_chat *U) {
void do_send_create_encr_chat (void *x, unsigned char *random) { void do_send_create_encr_chat (void *x, unsigned char *random) {
int user_id = (long)x; int user_id = (long)x;
int i; int i;
for (i = 0; i < 64; i++) { unsigned char random_here[256];
*(((int *)random) + i) ^= mrand48 (); secure_random (random_here, 256);
for (i = 0; i < 256; i++) {
random[i] ^= random_here[i];
} }
if (!ctx) { if (!ctx) {
ctx = BN_CTX_new (); ctx = BN_CTX_new ();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment