From 10fdef0cdd6a2920c53906bb197cd535aa8a70d9 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Thu, 28 Nov 2019 00:50:31 -0800 Subject: [PATCH] client: fix GUI RPC password generation bug on Win Apparently when Win runs in a VM, the random number generation functions (e.g. CryptGenRandom()) don't work. We weren't checking for this, resulting in a garbage (and guessable) password. Also change function names to indicate that string is not just random, but also hard to guess. --- client/gui_rpc_server.cpp | 12 +----------- client/gui_rpc_server_ops.cpp | 2 +- client/hostinfo_network.cpp | 15 +++++++++++++++ client/main.cpp | 2 +- lib/hostinfo.h | 29 ++++++++++++++++++++++------- lib/md5_file.cpp | 10 ++++------ lib/md5_file.h | 2 +- 7 files changed, 45 insertions(+), 27 deletions(-) diff --git a/client/gui_rpc_server.cpp b/client/gui_rpc_server.cpp index a232712a5a..e330693b8d 100644 --- a/client/gui_rpc_server.cpp +++ b/client/gui_rpc_server.cpp @@ -142,17 +142,7 @@ void GUI_RPC_CONN_SET::get_password() { // if no password file, make a random password // - retval = make_random_string(password); - if (retval) { - if (cc_config.os_random_only) { - msg_printf( - NULL, MSG_INTERNAL_ERROR, - "OS random string generation failed, exiting" - ); - exit(1); - } - gstate.host_info.make_random_string("guirpc", password); - } + make_secure_random_string(password); // try to write it to the file. // if fail, just return diff --git a/client/gui_rpc_server_ops.cpp b/client/gui_rpc_server_ops.cpp index f0065c84f6..c26668a28a 100644 --- a/client/gui_rpc_server_ops.cpp +++ b/client/gui_rpc_server_ops.cpp @@ -1377,7 +1377,7 @@ void handle_get_auth_id(MIOFILE& fout) { AUTH_INFO ai; ai.id = id++; ai.seqno = 0; - make_random_string(ai.salt); + make_secure_random_string(ai.salt); auth_infos.push_back(ai); fout.printf("%d\n%s\n", ai.id, ai.salt); } diff --git a/client/hostinfo_network.cpp b/client/hostinfo_network.cpp index f2209b4186..2be8544ba0 100644 --- a/client/hostinfo_network.cpp +++ b/client/hostinfo_network.cpp @@ -53,6 +53,7 @@ #include "util.h" #include "client_msgs.h" +#include "client_state.h" #include "hostinfo.h" @@ -119,6 +120,20 @@ void HOST_INFO::make_random_string(const char* salt, char* out) { md5_block((const unsigned char*) buf, (int)strlen(buf), out); } +void make_secure_random_string(char* out) { + int retval = make_secure_random_string_os(out); + if (retval) { + if (cc_config.os_random_only) { + msg_printf( + NULL, MSG_INTERNAL_ERROR, + "OS random string generation failed, exiting" + ); + exit(1); + } + gstate.host_info.make_random_string("guirpc", out); + } +} + // make a host cross-project ID. // Should be unique across hosts with very high probability // diff --git a/client/main.cpp b/client/main.cpp index 9e65a8c317..bf0af56685 100644 --- a/client/main.cpp +++ b/client/main.cpp @@ -192,8 +192,8 @@ static void init_core_client(int argc, char** argv) { #ifdef _WIN32 if (!cc_config.allow_multiple_clients && !gstate.cmdline_dir) { chdir_to_data_dir(); -#endif } +#endif #ifndef _WIN32 if (g_use_sandbox) diff --git a/lib/hostinfo.h b/lib/hostinfo.h index ec9e6c61ab..0d917af43d 100644 --- a/lib/hostinfo.h +++ b/lib/hostinfo.h @@ -104,7 +104,10 @@ public: bool host_is_running_on_batteries(); #ifdef __APPLE__ - bool users_idle(bool check_all_logins, double idle_time_to_run, double *actual_idle_time=NULL); + bool users_idle( + bool check_all_logins, double idle_time_to_run, + double *actual_idle_time=NULL + ); #else bool users_idle(bool check_all_logins, double idle_time_to_run); #endif @@ -120,14 +123,26 @@ public: void clear_host_info(); void make_random_string(const char* salt, char* out); void generate_host_cpid(); - static bool parse_linux_os_info(FILE* file, const LINUX_OS_INFO_PARSER parser, - char* os_name, const int os_name_size, char* os_version, const int os_version_size); - static bool parse_linux_os_info(const std::string& line, const LINUX_OS_INFO_PARSER parser, - char* os_name, const int os_name_size, char* os_version, const int os_version_size); - static bool parse_linux_os_info(const std::vector& lines, const LINUX_OS_INFO_PARSER parser, - char* os_name, const int os_name_size, char* os_version, const int os_version_size); + static bool parse_linux_os_info( + FILE* file, const LINUX_OS_INFO_PARSER parser, + char* os_name, const int os_name_size, char* os_version, + const int os_version_size + ); + static bool parse_linux_os_info( + const std::string& line, const LINUX_OS_INFO_PARSER parser, + char* os_name, const int os_name_size, char* os_version, + const int os_version_size + ); + static bool parse_linux_os_info( + const std::vector& lines, + const LINUX_OS_INFO_PARSER parser, + char* os_name, const int os_name_size, char* os_version, + const int os_version_size + ); }; +extern void make_secure_random_string(char*); + #ifdef _WIN64 int get_wsl_information(bool& wsl_available, WSLS& wsls); #endif diff --git a/lib/md5_file.cpp b/lib/md5_file.cpp index a7b8c75ba5..0e4005955b 100644 --- a/lib/md5_file.cpp +++ b/lib/md5_file.cpp @@ -125,10 +125,10 @@ std::string md5_string(const unsigned char* data, int nbytes) { return std::string(output); } -// make a random 32-char string -// (the MD5 of some quasi-random bits) +// make a secure (i.e. hard to guess) +// 32-char string using OS-supplied random bits // -int make_random_string(char* out) { +int make_secure_random_string_os(char* out) { char buf[256]; #ifdef _WIN32 HCRYPTPROV hCryptProv; @@ -144,9 +144,7 @@ int make_random_string(char* out) { CryptReleaseContext(hCryptProv, 0); #elif defined ANDROID - // /dev/random not available on Android, using stdlib function instead - int i = rand(); - snprintf(buf, sizeof(buf), "%d", i); + return -1; #else #ifndef _USING_FCGI_ FILE* f = fopen("/dev/random", "r"); diff --git a/lib/md5_file.h b/lib/md5_file.h index 1c1eeb216a..b261af70bc 100644 --- a/lib/md5_file.h +++ b/lib/md5_file.h @@ -41,5 +41,5 @@ inline std::string md5_string(std::string const& data) { return md5_string((const unsigned char*) data.c_str(), (int)data.size()); } -extern int make_random_string(char*); +extern int make_secure_random_string_os(char*); #endif