diff options
author | Ed Tanous <ed@tanous.net> | 2020-09-29 03:21:52 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2020-10-09 20:21:49 +0300 |
commit | fc76b8ac6c2d9907ffd4618d22753db95c40953d (patch) | |
tree | bcf5ce6b44c5b1f9e761b6115a2b300c6f577d86 /include | |
parent | e436008377fbcf287be02c9e9e1b59c6627d7673 (diff) | |
download | bmcweb-fc76b8ac6c2d9907ffd4618d22753db95c40953d.tar.xz |
Move Openssl Generator
This commit moves the openssl random number generator into its own file,
so it can be used in EventService, and moves it to its own file. Seeding a
random number generator with time is bad practice in general, so much so
that there's a CERT rule about it as well as a clang-tidy check.
https://clang.llvm.org/extra/clang-tidy/checks/cert-msc51-cpp.html
This doesn't matter much in this case, as we're generating a randomized
int for an ID, but it will matter in other cases, and we'd like to have
the check on to verify that.
Change-Id: I8e6aebb7962d259045ffd558eea22f07f9c23821
Signed-off-by: Ed Tanous <ed@tanous.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/random.hpp | 46 | ||||
-rw-r--r-- | include/sessions.hpp | 42 |
2 files changed, 49 insertions, 39 deletions
diff --git a/include/random.hpp b/include/random.hpp new file mode 100644 index 0000000000..d11c249e6b --- /dev/null +++ b/include/random.hpp @@ -0,0 +1,46 @@ +#pragma once + +#include <openssl/rand.h> + +namespace bmcweb +{ + +struct OpenSSLGenerator +{ + uint8_t operator()() + { + uint8_t index = 0; + int rc = RAND_bytes(&index, sizeof(index)); + if (rc != opensslSuccess) + { + std::cerr << "Cannot get random number\n"; + err = true; + } + + return index; + } + + uint8_t max() + { + return std::numeric_limits<uint8_t>::max(); + } + uint8_t min() + { + return std::numeric_limits<uint8_t>::min(); + } + + bool error() + { + return err; + } + + // all generators require this variable + using result_type = uint8_t; + + private: + // RAND_bytes() returns 1 on success, 0 otherwise. -1 if bad function + static constexpr int opensslSuccess = 1; + bool err = false; +}; + +} // namespace bmcweb diff --git a/include/sessions.hpp b/include/sessions.hpp index 418f6f8890..95459b32d0 100644 --- a/include/sessions.hpp +++ b/include/sessions.hpp @@ -3,6 +3,8 @@ #include "logging.h" #include "utility.h" +#include "random.hpp" + #include <openssl/rand.h> #include <boost/container/flat_map.hpp> @@ -168,44 +170,6 @@ struct AuthConfigMethods } }; -struct OpenSSLGenerator -{ - uint8_t operator()(void) - { - uint8_t index = 0; - int rc = RAND_bytes(&index, sizeof(index)); - if (rc != opensslSuccess) - { - std::cerr << "Cannot get random number\n"; - err = true; - } - - return index; - } - - uint8_t max() - { - return std::numeric_limits<uint8_t>::max(); - } - uint8_t min() - { - return std::numeric_limits<uint8_t>::min(); - } - - bool error() - { - return err; - } - - // all generators require this variable - using result_type = uint8_t; - - private: - // RAND_bytes() returns 1 on success, 0 otherwise. -1 if bad function - static constexpr int opensslSuccess = 1; - bool err = false; -}; - class SessionStore { public: @@ -228,7 +192,7 @@ class SessionStore sessionToken.resize(sessionTokenSize, '0'); std::uniform_int_distribution<size_t> dist(0, alphanum.size() - 1); - OpenSSLGenerator gen; + bmcweb::OpenSSLGenerator gen; for (char& sessionChar : sessionToken) { |