GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

Replace common_good_random with common_random_hexstr

This commit is contained in:
Mikael Nordfeldth 2013-10-21 13:20:30 +02:00
parent 7233869298
commit 3cab5b36c1
14 changed files with 46 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classes/Consumer.php
View File

@ -38,7 +38,7 @@ class Consumer extends Managed_DataObject
static function generateNew() static function generateNew()
{ {
$cons = new Consumer(); $cons = new Consumer();
$rand = common_good_rand(16); $rand = common_random_hexstr(16);
$cons->seed = $rand; $cons->seed = $rand;
$cons->consumer_key = md5(time() + $rand); $cons->consumer_key = md5(time() + $rand);

2
classes/Login_token.php
View File

@ -66,7 +66,7 @@ class Login_token extends Managed_DataObject
$login_token = new Login_token(); $login_token = new Login_token();
$login_token->user_id = $user->id; $login_token->user_id = $user->id;
$login_token->token = common_good_rand(16); $login_token->token = common_random_hexstr(16);
$login_token->created = common_sql_now(); $login_token->created = common_sql_now();
$result = $login_token->insert(); $result = $login_token->insert();

10
lib/apignusocialoauthdatastore.php
View File

@ -264,8 +264,8 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore
$at = new Token(); $at = new Token();
$at->consumer_key = $consumer->key; $at->consumer_key = $consumer->key;
$at->tok = common_good_rand(16); $at->tok = common_random_hexstr(16);
$at->secret = common_good_rand(16); $at->secret = common_random_hexstr(16);
$at->type = 1; // access $at->type = 1; // access
$at->verifier = $verifier; $at->verifier = $verifier;
$at->verified_callback = $rt->verified_callback; // 1.0a $at->verified_callback = $rt->verified_callback; // 1.0a
@ -392,8 +392,8 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore
{ {
$t = new Token(); $t = new Token();
$t->consumer_key = $consumer->key; $t->consumer_key = $consumer->key;
$t->tok = common_good_rand(16); $t->tok = common_random_hexstr(16);
$t->secret = common_good_rand(16); $t->secret = common_random_hexstr(16);
$t->type = 0; // request $t->type = 0; // request
$t->state = 0; // unauthorized $t->state = 0; // unauthorized
$t->verified_callback = $callback; $t->verified_callback = $callback;
@ -402,7 +402,7 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore
// six digit pin // six digit pin
$t->verifier = mt_rand(0, 9999999); $t->verifier = mt_rand(0, 9999999);
} else { } else {
$t->verifier = common_good_rand(8); $t->verifier = common_random_hexstr(8);
} }
$t->created = common_sql_now(); $t->created = common_sql_now();

14
lib/util.php
View File

@ -374,7 +374,7 @@ function common_rememberme($user=null)
$rm = new Remember_me(); $rm = new Remember_me();
$rm->code = common_good_rand(16); $rm->code = common_random_hexstr(16);
$rm->user_id = $user->id; $rm->user_id = $user->id;
// Wrap the insert in some good ol' fashioned transaction code // Wrap the insert in some good ol' fashioned transaction code
@ -1549,15 +1549,7 @@ function common_root_url($ssl=false)
/** /**
* returns $bytes bytes of random data as a hexadecimal string * returns $bytes bytes of random data as a hexadecimal string
* "good" here is a goal and not a guarantee
*
* TODO: Find and replace all calls to this with common_random_hexstr
*/ */
function common_good_rand($bytes)
{
return common_random_hexstr($bytes);
}
function common_random_hexstr($bytes) function common_random_hexstr($bytes)
{ {
$str = @file_exists('/dev/urandom') $str = @file_exists('/dev/urandom')
@ -1975,7 +1967,7 @@ function common_confirmation_code($bits)
$code = ''; $code = '';
for ($i = 0; $i < $chars; $i++) { for ($i = 0; $i < $chars; $i++) {
// XXX: convert to string and back // XXX: convert to string and back
$num = hexdec(common_good_rand(1)); $num = hexdec(common_random_hexstr(1));
// XXX: randomness is too precious to throw away almost // XXX: randomness is too precious to throw away almost
// 40% of the bits we get! // 40% of the bits we get!
$code .= $codechars[$num%32]; $code .= $codechars[$num%32];
@ -2107,7 +2099,7 @@ function common_session_token()
{ {
common_ensure_session(); common_ensure_session();
if (!array_key_exists('token', $_SESSION)) { if (!array_key_exists('token', $_SESSION)) {
$_SESSION['token'] = common_good_rand(64); $_SESSION['token'] = common_random_hexstr(64);
} }
return $_SESSION['token']; return $_SESSION['token'];
} }

10
lib/uuid.php
View File

@ -93,18 +93,18 @@ class UUID
{ {
return sprintf('%s-%s-%04x-%04x-%s', return sprintf('%s-%s-%04x-%04x-%s',
// 32 bits for "time_low" // 32 bits for "time_low"
common_good_rand(4), common_random_hexstr(4),
// 16 bits for "time_mid" // 16 bits for "time_mid"
common_good_rand(2), common_random_hexstr(2),
// 16 bits for "time_hi_and_version", // 16 bits for "time_hi_and_version",
// four most significant bits holds version number 4 // four most significant bits holds version number 4
(hexdec(common_good_rand(2)) & 0x0fff) | 0x4000, (hexdec(common_random_hexstr(2)) & 0x0fff) | 0x4000,
// 16 bits, 8 bits for "clk_seq_hi_res", // 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low", // 8 bits for "clk_seq_low",
// two most significant bits holds zero and one // two most significant bits holds zero and one
// for variant DCE1.1 // for variant DCE1.1
(hexdec(common_good_rand(2)) & 0x3fff) | 0x8000, (hexdec(common_random_hexstr(2)) & 0x3fff) | 0x8000,
// 48 bits for "node" // 48 bits for "node"
common_good_rand(6)); common_random_hexstr(6));
} }
} }

2
plugins/AnonymousFave/AnonymousFavePlugin.php
View File

@ -187,7 +187,7 @@ class AnonymousFavePlugin extends Plugin
list($proxy, $ip) = common_client_ip(); list($proxy, $ip) = common_client_ip();
// IP + time + random number should help to avoid collisions // IP + time + random number should help to avoid collisions
$baseNickname = $ip . '-' . time() . '-' . common_good_rand(5); $baseNickname = $ip . '-' . time() . '-' . common_random_hexstr(5);
$profile = new Profile(); $profile = new Profile();
$profile->nickname = $baseNickname; $profile->nickname = $baseNickname;

2
plugins/CasAuthentication/actions/caslogin.php
View File

@ -34,7 +34,7 @@ class CasloginAction extends Action
phpCAS::handleLogoutRequests(); phpCAS::handleLogoutRequests();
phpCAS::forceAuthentication(); phpCAS::forceAuthentication();
global $casTempPassword; global $casTempPassword;
$casTempPassword = common_good_rand(16); $casTempPassword = common_random_hexstr(16);
$user = common_check_user(phpCAS::getUser(), $casTempPassword); $user = common_check_user(phpCAS::getUser(), $casTempPassword);
if (!$user) { if (!$user) {
// TRANS: Server error displayed when trying to log in with incorrect username or password. // TRANS: Server error displayed when trying to log in with incorrect username or password.

2
plugins/FacebookBridge/actions/facebookfinishlogin.php
View File

@ -436,7 +436,7 @@ class FacebookfinishloginAction extends Action
if ($response->isOk()) { if ($response->isOk()) {
// seems to always be jpeg, but not sure // seems to always be jpeg, but not sure
$tmpname = "facebook-avatar-tmp-" . common_good_rand(4); $tmpname = "facebook-avatar-tmp-" . common_random_hexstr(4);
$ok = file_put_contents( $ok = file_put_contents(
Avatar::path($tmpname), Avatar::path($tmpname),

2
plugins/LdapAuthentication/LdapAuthenticationPlugin.php
View File

@ -114,7 +114,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin
} }
$registration_data['nickname'] = $nickname; $registration_data['nickname'] = $nickname;
//set the database saved password to a random string. //set the database saved password to a random string.
$registration_data['password']=common_good_rand(16); $registration_data['password']=common_random_hexstr(16);
return User::register($registration_data); return User::register($registration_data);
}else{ }else{
//user isn't in ldap, so we cannot register him //user isn't in ldap, so we cannot register him

10
plugins/OMB/lib/omboauthdatastore.php
View File

@ -31,7 +31,7 @@ class OMBOAuthDataStore extends OAuthDataStore
if (!$con) { if (!$con) {
$con = new Consumer(); $con = new Consumer();
$con->consumer_key = $consumer_key; $con->consumer_key = $consumer_key;
$con->seed = common_good_rand(16); $con->seed = common_random_hexstr(16);
$con->created = common_sql_now(); $con->created = common_sql_now();
if (!$con->insert()) { if (!$con->insert()) {
return null; return null;
@ -78,8 +78,8 @@ class OMBOAuthDataStore extends OAuthDataStore
{ {
$t = new Token(); $t = new Token();
$t->consumer_key = $consumer->key; $t->consumer_key = $consumer->key;
$t->tok = common_good_rand(16); $t->tok = common_random_hexstr(16);
$t->secret = common_good_rand(16); $t->secret = common_random_hexstr(16);
$t->type = 0; // request $t->type = 0; // request
$t->state = 0; // unauthorized $t->state = 0; // unauthorized
$t->created = common_sql_now(); $t->created = common_sql_now();
@ -107,8 +107,8 @@ class OMBOAuthDataStore extends OAuthDataStore
common_debug('request token found.', __FILE__); common_debug('request token found.', __FILE__);
$at = new Token(); $at = new Token();
$at->consumer_key = $consumer->key; $at->consumer_key = $consumer->key;
$at->tok = common_good_rand(16); $at->tok = common_random_hexstr(16);
$at->secret = common_good_rand(16); $at->secret = common_random_hexstr(16);
$at->type = 1; // access $at->type = 1; // access
$at->created = common_sql_now(); $at->created = common_sql_now();
if (!$at->insert()) { if (!$at->insert()) {

4
plugins/OStatus/classes/FeedSub.php
View File

@ -251,9 +251,9 @@ class FeedSub extends Managed_DataObject
protected function doSubscribe($mode) protected function doSubscribe($mode)
{ {
$orig = clone($this); $orig = clone($this);
$this->verify_token = common_good_rand(16); $this->verify_token = common_random_hexstr(16);
if ($mode == 'subscribe') { if ($mode == 'subscribe') {
$this->secret = common_good_rand(32); $this->secret = common_random_hexstr(32);
} }
$this->sub_state = $mode; $this->sub_state = $mode;
$this->update($orig); $this->update($orig);

2
plugins/OStatus/classes/HubSub.php
View File

@ -132,7 +132,7 @@ class HubSub extends Managed_DataObject
{ {
assert($mode == 'subscribe' || $mode == 'unsubscribe'); assert($mode == 'subscribe' || $mode == 'unsubscribe');
$challenge = common_good_rand(32); $challenge = common_random_hexstr(32);
$params = array('hub.mode' => $mode, $params = array('hub.mode' => $mode,
'hub.topic' => $this->topic, 'hub.topic' => $this->topic,
'hub.challenge' => $challenge); 'hub.challenge' => $challenge);

2
plugins/Realtime/classes/Realtime_channel.php
View File

@ -121,7 +121,7 @@ class Realtime_channel extends Managed_DataObject
$channel->arg2 = $arg2; $channel->arg2 = $arg2;
$channel->audience = 1; $channel->audience = 1;
$channel->channel_key = common_good_rand(16); // 128-bit key, 32 hex chars $channel->channel_key = common_random_hexstr(16); // 128-bit key, 32 hex chars
$channel->created = common_sql_now(); $channel->created = common_sql_now();
$channel->modified = $channel->created; $channel->modified = $channel->created;

36
tests/ActivityGenerationTests.php
View File

@ -28,14 +28,14 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
{ {
parent::__construct(); parent::__construct();
$authorNick1 = 'activitygenerationtestsuser' . common_good_rand(4); $authorNick1 = 'activitygenerationtestsuser' . common_random_hexstr(4);
$authorNick2 = 'activitygenerationtestsuser' . common_good_rand(4); $authorNick2 = 'activitygenerationtestsuser' . common_random_hexstr(4);
$targetNick1 = 'activitygenerationteststarget' . common_good_rand(4); $targetNick1 = 'activitygenerationteststarget' . common_random_hexstr(4);
$targetNick2 = 'activitygenerationteststarget' . common_good_rand(4); $targetNick2 = 'activitygenerationteststarget' . common_random_hexstr(4);
$groupNick1 = 'activitygenerationtestsgroup' . common_good_rand(4); $groupNick1 = 'activitygenerationtestsgroup' . common_random_hexstr(4);
$groupNick2 = 'activitygenerationtestsgroup' . common_good_rand(4); $groupNick2 = 'activitygenerationtestsgroup' . common_random_hexstr(4);
$this->author1 = User::register(array('nickname' => $authorNick1, $this->author1 = User::register(array('nickname' => $authorNick1,
'email' => $authorNick1 . '@example.net', 'email' => $authorNick1 . '@example.net',
@ -236,7 +236,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
{ {
$orig = $this->_fakeNotice($this->targetUser1); $orig = $this->_fakeNotice($this->targetUser1);
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
@ -255,7 +255,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
{ {
$orig = $this->_fakeNotice($this->targetUser1); $orig = $this->_fakeNotice($this->targetUser1);
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
@ -271,11 +271,11 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
{ {
$orig = $this->_fakeNotice($this->targetUser1); $orig = $this->_fakeNotice($this->targetUser1);
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
$reply = Notice::saveNew($this->targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $reply = Notice::saveNew($this->targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
$text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_good_rand(4); $text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_random_hexstr(4);
$reply2 = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id)); $reply2 = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id));
@ -312,7 +312,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
public function testGroupPostAttention() public function testGroupPostAttention()
{ {
$text = "!" . $this->targetGroup1->nickname . " reply text " . common_good_rand(4); $text = "!" . $this->targetGroup1->nickname . " reply text " . common_random_hexstr(4);
$notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null)); $notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null));
@ -326,7 +326,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
public function testMultipleGroupPostAttention() public function testMultipleGroupPostAttention()
{ {
$text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_good_rand(4); $text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_random_hexstr(4);
$notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null)); $notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null));
@ -379,7 +379,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
public function testTag() public function testTag()
{ {
$tag1 = common_good_rand(4); $tag1 = common_random_hexstr(4);
$notice = $this->_fakeNotice($this->author1, '#' . $tag1); $notice = $this->_fakeNotice($this->author1, '#' . $tag1);
@ -395,8 +395,8 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
public function testMultiTag() public function testMultiTag()
{ {
$tag1 = common_good_rand(4); $tag1 = common_random_hexstr(4);
$tag2 = common_good_rand(4); $tag2 = common_random_hexstr(4);
$notice = $this->_fakeNotice($this->author1, '#' . $tag1 . ' #' . $tag2); $notice = $this->_fakeNotice($this->author1, '#' . $tag1 . ' #' . $tag2);
@ -422,7 +422,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
public function testGeotaggedActivity() public function testGeotaggedActivity()
{ {
$notice = Notice::saveNew($this->author1->id, common_good_rand(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6)); $notice = Notice::saveNew($this->author1->id, common_random_hexstr(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6));
$entry = $notice->asAtomEntry(); $entry = $notice->asAtomEntry();
@ -518,7 +518,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
{ {
$orig = $this->_fakeNotice($this->targetUser1); $orig = $this->_fakeNotice($this->targetUser1);
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
@ -565,7 +565,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
} }
if (empty($text)) { if (empty($text)) {
$text = "fake-o text-o " . common_good_rand(32); $text = "fake-o text-o " . common_random_hexstr(32);
} }
return Notice::saveNew($user->id, $text, 'test', array('uri' => null)); return Notice::saveNew($user->id, $text, 'test', array('uri' => null));