Mirror/mochi
1
0
Fork 0
mirror of https://github.com/sot-tech/mochi.git synced 2026-05-14 04:58:36 -07:00
Code Issues Packages Projects Releases Wiki Activity

change math/rand to crypto/rand in non-test code

Browse Source
This commit is contained in:
Lawrence, Rendall
2024-03-05 11:01:18 +03:00
parent 772ac47e9c
commit 95b7f5530f
8 changed files with 42 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.golangci.yaml
View File

@@ -14,7 +14,6 @@ linters-settings:
- "all" - "all"
gosec: gosec:
excludes: excludes:
- "G404" # Allow the usage of math/rand
- "G505" # Allow SHA1 usage - "G505" # Allow SHA1 usage
linters: linters:
enable: enable:

15
cmd/mochi/server_test.go
View File

@@ -67,6 +67,7 @@ func buildUDPConnReq() []byte {
copy(req, udpConnectHeader) copy(req, udpConnectHeader)
// TxID // TxID
// nolint:gosec
binary.BigEndian.PutUint32(req[12:16], rand.Uint32()) binary.BigEndian.PutUint32(req[12:16], rand.Uint32())
return req return req
} }
@@ -127,12 +128,15 @@ func buildAnnounceUDPReq(txID, connID []byte) []byte {
copy(req[12:16], txID) copy(req[12:16], txID)
// InfoHash // InfoHash
// nolint:gosec
copy(req[16:36], hashes[rand.Intn(len(hashes))]) copy(req[16:36], hashes[rand.Intn(len(hashes))])
// PeerID // PeerID
// nolint:gosec
copy(req[36:56], peers[rand.Intn(len(peers))]) copy(req[36:56], peers[rand.Intn(len(peers))])
var down, left uint64 var down, left uint64
// nolint:gosec
if rand.Intn(2) == 0 { if rand.Intn(2) == 0 {
down, left = 1, 0 down, left = 1, 0
} else { } else {
@@ -150,6 +154,7 @@ func buildAnnounceUDPReq(txID, connID []byte) []byte {
req[92], req[95] = byte(announceNumWant>>24), byte(announceNumWant>>16) req[92], req[95] = byte(announceNumWant>>24), byte(announceNumWant>>16)
// Port // Port
// nolint:gosec
p := rand.Intn(math.MaxInt16) + 1 p := rand.Intn(math.MaxInt16) + 1
req[96], req[97] = byte(p>>8), byte(p) req[96], req[97] = byte(p>>8), byte(p)
return req return req
@@ -251,6 +256,7 @@ func BenchmarkServerHTTPAnnounce(b *testing.B) {
addr := "127.0.0.1" + frontend.DefaultListenAddress addr := "127.0.0.1" + frontend.DefaultListenAddress
for i := range reqs { for i := range reqs {
var down, left string var down, left string
// nolint:gosec
if rand.Intn(2) == 0 { if rand.Intn(2) == 0 {
down, left = "1", "0" down, left = "1", "0"
} else { } else {
@@ -267,9 +273,12 @@ func BenchmarkServerHTTPAnnounce(b *testing.B) {
"downloaded": []string{down}, "downloaded": []string{down},
"uploaded": []string{"0"}, "uploaded": []string{"0"},
"numwant": []string{"1"}, "numwant": []string{"1"},
"port": []string{strconv.FormatInt(int64(rand.Intn(math.MaxInt16)+1), 10)}, // nolint:gosec
"info_hash": []string{str2bytes.BytesToString(hashes[rand.Intn(len(hashes))])}, "port": []string{strconv.FormatInt(int64(rand.Intn(math.MaxInt16)+1), 10)},
"peer_id": []string{str2bytes.BytesToString(peers[rand.Intn(len(peers))])}, // nolint:gosec
"info_hash": []string{str2bytes.BytesToString(hashes[rand.Intn(len(hashes))])},
// nolint:gosec
"peer_id": []string{str2bytes.BytesToString(peers[rand.Intn(len(peers))])},
}.Encode(), }.Encode(),
} }
reqs[i] = u.String() reqs[i] = u.String()

8
frontend/http/frontend_test.go
View File

@@ -18,6 +18,7 @@ import (
) )
var ( var (
// nolint:gosec
addr = fmt.Sprintf("127.0.0.1:%d", rand.Int63n(10000)+16384) addr = fmt.Sprintf("127.0.0.1:%d", rand.Int63n(10000)+16384)
hashes = make([]string, 10) hashes = make([]string, 10)
peers = make([]string, 10) peers = make([]string, 10)
@@ -27,6 +28,7 @@ func init() {
_ = log.ConfigureLogger("", "error", false, false) _ = log.ConfigureLogger("", "error", false, false)
for i := range hashes { for i := range hashes {
var bb []byte var bb []byte
// nolint:gosec
if rand.Int()%2 == 0 { if rand.Int()%2 == 0 {
bb = make([]byte, bittorrent.InfoHashV1Len) bb = make([]byte, bittorrent.InfoHashV1Len)
} else { } else {
@@ -106,8 +108,10 @@ func BenchmarkAnnounce(b *testing.B) {
"uploaded": []string{"0"}, "uploaded": []string{"0"},
"numwant": []string{"1"}, "numwant": []string{"1"},
"port": []string{"12345"}, "port": []string{"12345"},
"info_hash": []string{hashes[rand.Intn(len(hashes))]}, // nolint:gosec
"peer_id": []string{peers[rand.Intn(len(peers))]}, "info_hash": []string{hashes[rand.Intn(len(hashes))]},
// nolint:gosec
"peer_id": []string{peers[rand.Intn(len(peers))]},
}.Encode(), }.Encode(),
} }
if err := runGet(u.String(), true); err != nil { if err := runGet(u.String(), true); err != nil {

1
frontend/udp/connection_id_test.go
View File

@@ -50,6 +50,7 @@ func simpleNewConnectionID(ip netip.Addr, now time.Time, key []byte) []byte {
mac := hmac.New(func() hash.Hash { mac := hmac.New(func() hash.Hash {
return xxhash.New() return xxhash.New()
}, key) }, key)
// nolint:gosec
buffer[0] = byte(rand.Int()) buffer[0] = byte(rand.Int())
binary.BigEndian.PutUint64(buffer[1:], uint64(now.Unix())) binary.BigEndian.PutUint64(buffer[1:], uint64(now.Unix()))
mac.Write(buffer) mac.Write(buffer)

22
frontend/udp/frontend.go
View File

@@ -5,10 +5,10 @@ package udp
import ( import (
"bytes" "bytes"
"context" "context"
"crypto/rand"
"encoding/binary" "encoding/binary"
"errors" "errors"
"io" "io"
"math/rand"
"net" "net"
"net/netip" "net/netip"
"sync" "sync"
@@ -26,17 +26,15 @@ import (
const ( const (
// Name - registered name of the frontend // Name - registered name of the frontend
Name = "udp" Name = "udp"
defaultKeyLen = 32 defaultKeyLen = 32
maxAllowedClockSkew = 30 * time.Second maxAllowedClockSkew = 30 * time.Second
defaultMaxClockSkew = 10 * time.Second defaultMaxClockSkew = 10 * time.Second
)
var (
logger = log.NewLogger("frontend/udp")
allowedGeneratedPrivateKeyRunes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890" allowedGeneratedPrivateKeyRunes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
) )
var logger = log.NewLogger("frontend/udp")
func init() { func init() {
frontend.RegisterBuilder(Name, NewFrontend) frontend.RegisterBuilder(Name, NewFrontend)
} }
@@ -67,8 +65,12 @@ func (cfg Config) Validate() (validCfg Config) {
// Generate a private key if one isn't provided by the user. // Generate a private key if one isn't provided by the user.
if cfg.PrivateKey == "" { if cfg.PrivateKey == "" {
pkeyRunes := make([]byte, defaultKeyLen) pkeyRunes := make([]byte, defaultKeyLen)
if _, err := rand.Read(pkeyRunes); err != nil {
panic(err)
}
l := len(allowedGeneratedPrivateKeyRunes)
for i := range pkeyRunes { for i := range pkeyRunes {
pkeyRunes[i] = allowedGeneratedPrivateKeyRunes[rand.Intn(len(allowedGeneratedPrivateKeyRunes))] pkeyRunes[i] = allowedGeneratedPrivateKeyRunes[int(pkeyRunes[i])%l]
} }
validCfg.PrivateKey = string(pkeyRunes) validCfg.PrivateKey = string(pkeyRunes)

10
middleware/jwt/jwt_test.go
View File

@@ -102,7 +102,8 @@ func TestHook_HandleAnnounceValid(t *testing.T) {
Audience: []string{"test"}, Audience: []string{"test"},
ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(time.Hour)}, ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(time.Hour)},
NotBefore: &jwt.NumericDate{Time: time.Now().Add(-time.Hour)}, NotBefore: &jwt.NumericDate{Time: time.Now().Add(-time.Hour)},
ID: strconv.FormatInt(rand.Int63(), 16), // nolint:gosec
ID: strconv.FormatInt(rand.Int63(), 16),
}, },
InfoHash: infoHash.String(), InfoHash: infoHash.String(),
}) })
@@ -145,7 +146,8 @@ func TestHook_HandleAnnounceInvalid(t *testing.T) {
Audience: []string{"test"}, Audience: []string{"test"},
ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(time.Hour)}, ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(time.Hour)},
NotBefore: &jwt.NumericDate{Time: time.Now().Add(-time.Hour)}, NotBefore: &jwt.NumericDate{Time: time.Now().Add(-time.Hour)},
ID: strconv.FormatInt(rand.Int63(), 16), // nolint:gosec
ID: strconv.FormatInt(rand.Int63(), 16),
}, },
InfoHash: infoHash.String(), InfoHash: infoHash.String(),
}) })
@@ -184,6 +186,7 @@ func TestHook_HandleScrapeValid(t *testing.T) {
})) }))
defer s.Close() defer s.Close()
// nolint:gosec
ihs := make(bittorrent.InfoHashes, rand.Intn(10)+1) ihs := make(bittorrent.InfoHashes, rand.Intn(10)+1)
ihss := make([]string, len(ihs)) ihss := make([]string, len(ihs))
for i := range ihs { for i := range ihs {
@@ -200,7 +203,8 @@ func TestHook_HandleScrapeValid(t *testing.T) {
Audience: []string{"test"}, Audience: []string{"test"},
ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(time.Hour)}, ExpiresAt: &jwt.NumericDate{Time: time.Now().Add(time.Hour)},
NotBefore: &jwt.NumericDate{Time: time.Now().Add(-time.Hour)}, NotBefore: &jwt.NumericDate{Time: time.Now().Add(-time.Hour)},
ID: strconv.FormatInt(rand.Int63(), 16), // nolint:gosec
ID: strconv.FormatInt(rand.Int63(), 16),
}, },
InfoHashes: ihss, InfoHashes: ihss,
}) })

3
pkg/xorshift/prng_test.go
View File

@@ -8,12 +8,14 @@ import (
func BenchmarkRand(b *testing.B) { func BenchmarkRand(b *testing.B) {
var cnt uint64 var cnt uint64
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
// nolint:gosec
cnt = rand.Uint64() cnt = rand.Uint64()
} }
_ = cnt _ = cnt
} }
func BenchmarkXoRoShiRo128SS(b *testing.B) { func BenchmarkXoRoShiRo128SS(b *testing.B) {
// nolint:gosec
v, s0, s1 := uint64(0), rand.Uint64(), rand.Uint64() v, s0, s1 := uint64(0), rand.Uint64(), rand.Uint64()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
v, s0, s1 = XoRoShiRo128SS(s0, s1) v, s0, s1 = XoRoShiRo128SS(s0, s1)
@@ -22,6 +24,7 @@ func BenchmarkXoRoShiRo128SS(b *testing.B) {
} }
func BenchmarkXorShift64Star(b *testing.B) { func BenchmarkXorShift64Star(b *testing.B) {
// nolint:gosec
v, s := uint64(0), rand.Uint64() v, s := uint64(0), rand.Uint64()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
v, s = XorShift64S(s) v, s = XorShift64S(s)

1
storage/test/storage_bench.go
View File

@@ -48,6 +48,7 @@ func generatePeers() (a [peersCount]bittorrent.Peer) {
if !ok { if !ok {
panic("unable to create ip from random bytes") panic("unable to create ip from random bytes")
} }
// nolint:gosec
port := uint16(rand.Int63()) port := uint16(rand.Int63())
a[i] = bittorrent.Peer{ a[i] = bittorrent.Peer{
ID: randPeerID(), ID: randPeerID(),