From 3a816398b326bc47fd8c405c491c0f6d82153fa0 Mon Sep 17 00:00:00 2001 From: anonimal Date: Fri, 6 Sep 2019 22:48:16 +0000 Subject: epee: connection_basic: resolve CID 203920 (UNINIT_CTOR) --- contrib/epee/src/connection_basic.cpp | 1 + 1 file changed, 1 insertion(+) (limited to 'contrib') diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp index 7526dde26..2ff757f30 100644 --- a/contrib/epee/src/connection_basic.cpp +++ b/contrib/epee/src/connection_basic.cpp @@ -136,6 +136,7 @@ connection_basic::connection_basic(boost::asio::ip::tcp::socket&& sock, std::sha socket_(GET_IO_SERVICE(sock), get_context(m_state.get())), m_want_close_connection(false), m_was_shutdown(false), + m_is_multithreaded(false), m_ssl_support(ssl_support) { // add nullptr checks if removed -- cgit v1.2.3 From 2825f07d95ae32110486905232b7a64609cfa6ea Mon Sep 17 00:00:00 2001 From: anonimal Date: Fri, 6 Sep 2019 23:18:00 +0000 Subject: epee: connection_basic: resolve CID 203916 (UNINIT_CTOR) --- contrib/epee/src/connection_basic.cpp | 1 + 1 file changed, 1 insertion(+) (limited to 'contrib') diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp index 2ff757f30..3ce7a1057 100644 --- a/contrib/epee/src/connection_basic.cpp +++ b/contrib/epee/src/connection_basic.cpp @@ -161,6 +161,7 @@ connection_basic::connection_basic(boost::asio::io_service &io_service, std::sha socket_(io_service, get_context(m_state.get())), m_want_close_connection(false), m_was_shutdown(false), + m_is_multithreaded(false), m_ssl_support(ssl_support) { // add nullptr checks if removed -- cgit v1.2.3 From cd57a10c90134bbe67d35cbe71037d9ca42427ad Mon Sep 17 00:00:00 2001 From: anonimal Date: Sat, 7 Sep 2019 01:35:47 +0000 Subject: epee: abstract_tcp_server2: resolve CID 203919 (DC.WEAK_CRYPTO) The problem actually exists in two parts: 1. When sending chunks over a connection, if the queue size is greater than N, the seed is predictable across every monero node. >"If rand() is used before any calls to srand(), rand() behaves as if it was seeded with srand(1). Each time rand() is seeded with the same seed, it must produce the same sequence of values." 2. The CID speaks for itself: "'rand' should not be used for security-related applications, because linear congruential algorithms are too easy to break." *But* this is an area of contention. One could argue that a CSPRNG is warranted in order to fully mitigate any potential timing attacks based on crafting chunk responses. Others could argue that the existing LCG, or even an MTG, would suffice (if properly seeded). As a compromise, I've used an MTG with a full bit space. This should give a healthy balance of security and speed without relying on the existing crypto library (which I'm told might break on some systems since epee is not (shouldn't be) dependent upon the existing crypto library). --- contrib/epee/include/net/abstract_tcp_server2.inl | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'contrib') diff --git a/contrib/epee/include/net/abstract_tcp_server2.inl b/contrib/epee/include/net/abstract_tcp_server2.inl index 12a87071a..bc1898e0e 100644 --- a/contrib/epee/include/net/abstract_tcp_server2.inl +++ b/contrib/epee/include/net/abstract_tcp_server2.inl @@ -50,6 +50,8 @@ #include #include #include +#include +#include #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "net" @@ -628,7 +630,17 @@ PRAGMA_WARNING_DISABLE_VS(4355) return false; // aborted }*/ - long int ms = 250 + (rand()%50); + using engine = std::mt19937; + + engine rng; + std::random_device dev; + std::seed_seq::result_type rand[engine::state_size]{}; // Use complete bit space + + std::generate_n(rand, engine::state_size, std::ref(dev)); + std::seed_seq seed(rand, rand + engine::state_size); + rng.seed(seed); + + long int ms = 250 + (rng() % 50); MDEBUG("Sleeping because QUEUE is FULL, in " << __FUNCTION__ << " for " << ms << " ms before packet_size="<