diff --git a/cmd/mochi/config.go b/cmd/mochi/config.go index d51ebaf..aac39bd 100644 --- a/cmd/mochi/config.go +++ b/cmd/mochi/config.go @@ -11,9 +11,6 @@ import ( fu "github.com/sot-tech/mochi/frontend/udp" "github.com/sot-tech/mochi/pkg/conf" - // Seed math random - _ "github.com/sot-tech/mochi/pkg/randseed" - // Imports to register middleware hooks. _ "github.com/sot-tech/mochi/middleware/clientapproval" _ "github.com/sot-tech/mochi/middleware/jwt" diff --git a/frontend/udp/connection_id.go b/frontend/udp/connection_id.go index 6892477..672fc1d 100644 --- a/frontend/udp/connection_id.go +++ b/frontend/udp/connection_id.go @@ -2,9 +2,9 @@ package udp import ( "crypto/hmac" + cr "crypto/rand" "encoding/binary" "hash" - "math/rand" "net/netip" "time" @@ -70,18 +70,25 @@ func NewConnectionIDGenerator(key []byte, maxClockSkew time.Duration) *Connectio buff: make([]byte, buffLen), scratch: make([]byte, scratchLen), maxClockSkew: int64(maxClockSkew), - s: rand.Uint64(), } } // reset resets the generator. // This is called by other methods of the generator, it's not necessary to call // it after getting a generator from a pool. -func (g *ConnectionIDGenerator) reset() { +func (g *ConnectionIDGenerator) reset(init bool) { g.mac.Reset() g.connID = g.connID[:connIDLen] g.buff = g.buff[:buffLen] g.scratch = g.scratch[:0] + if init { + r := make([]byte, 8) + if _, err := cr.Read(r); err == nil { + g.s = binary.BigEndian.Uint64(r) + } else { + g.s = uint64(time.Now().UnixNano()) + } + } } // Generate generates an 8-byte connection ID as described in BEP 15 for the @@ -102,7 +109,7 @@ func (g *ConnectionIDGenerator) reset() { // will be reused, so it must not be referenced after returning the generator // to a pool and will be overwritten be subsequent calls to Generate! func (g *ConnectionIDGenerator) Generate(ip netip.Addr, now time.Time) (out []byte) { - g.reset() + g.reset(true) var r uint64 r, g.s = xorshift.XorShift64S(g.s) g.buff[0] = byte(r) @@ -123,7 +130,7 @@ func (g *ConnectionIDGenerator) Generate(ip netip.Addr, now time.Time) (out []by // Validate validates the given connection ID for an IP and the current time. func (g *ConnectionIDGenerator) Validate(connectionID []byte, ip netip.Addr, now time.Time) bool { - g.reset() + g.reset(false) nowTS := now.Unix() g.buff[0] = connectionID[0] // connectionID contains only 2 bytes of timestamp, so we clean little 16 bits to place it and rehash. diff --git a/frontend/udp/connection_id_test.go b/frontend/udp/connection_id_test.go index 8b38b05..dae1ef9 100644 --- a/frontend/udp/connection_id_test.go +++ b/frontend/udp/connection_id_test.go @@ -13,7 +13,6 @@ import ( "github.com/cespare/xxhash/v2" "github.com/sot-tech/mochi/pkg/log" - _ "github.com/sot-tech/mochi/pkg/randseed" "github.com/stretchr/testify/require" ) diff --git a/frontend/udp/frontend_test.go b/frontend/udp/frontend_test.go index 0313e9b..dda2955 100644 --- a/frontend/udp/frontend_test.go +++ b/frontend/udp/frontend_test.go @@ -7,7 +7,6 @@ import ( "github.com/sot-tech/mochi/middleware" "github.com/sot-tech/mochi/pkg/conf" "github.com/sot-tech/mochi/pkg/log" - _ "github.com/sot-tech/mochi/pkg/randseed" "github.com/sot-tech/mochi/storage" _ "github.com/sot-tech/mochi/storage/memory" ) diff --git a/middleware/jwt/jwt_test.go b/middleware/jwt/jwt_test.go index f54a94d..35ce4ee 100644 --- a/middleware/jwt/jwt_test.go +++ b/middleware/jwt/jwt_test.go @@ -22,7 +22,6 @@ import ( "github.com/sot-tech/mochi/bittorrent" "github.com/sot-tech/mochi/pkg/conf" "github.com/sot-tech/mochi/pkg/log" - _ "github.com/sot-tech/mochi/pkg/randseed" ) const ( diff --git a/middleware/varinterval/varinterval_test.go b/middleware/varinterval/varinterval_test.go index c792485..f8c298e 100644 --- a/middleware/varinterval/varinterval_test.go +++ b/middleware/varinterval/varinterval_test.go @@ -9,8 +9,6 @@ import ( "github.com/sot-tech/mochi/bittorrent" "github.com/sot-tech/mochi/pkg/conf" - - _ "github.com/sot-tech/mochi/pkg/randseed" ) var configTests = []struct { diff --git a/pkg/randseed/rand_seed.go b/pkg/randseed/rand_seed.go deleted file mode 100644 index 8807832..0000000 --- a/pkg/randseed/rand_seed.go +++ /dev/null @@ -1,27 +0,0 @@ -// Package randseed just seeds (math) rand.Rand -package randseed - -import ( - cr "crypto/rand" - "math/rand" - "time" -) - -func init() { - // Seeding global math random - //nolint:staticcheck - rand.Seed(GenSeed()) -} - -// GenSeed returns 64bit seed from crypto/rand source or -// from current time, if crypto random read error occurred -func GenSeed() (seed int64) { - r := make([]byte, 8) - if _, err := cr.Read(r); err == nil { - seed = int64(r[0])<<56 | int64(r[1])<<48 | int64(r[2])<<40 | int64(r[3])<<32 | - int64(r[4])<<24 | int64(r[5])<<16 | int64(r[6])<<8 | int64(r[7]) - } else { - seed = time.Now().UnixNano() - } - return -} diff --git a/storage/test/storage_bench.go b/storage/test/storage_bench.go index b86c6f7..edded0e 100644 --- a/storage/test/storage_bench.go +++ b/storage/test/storage_bench.go @@ -13,8 +13,6 @@ import ( "testing" "github.com/sot-tech/mochi/bittorrent" - // used for seeding global math.Rand - _ "github.com/sot-tech/mochi/pkg/randseed" "github.com/sot-tech/mochi/storage" )