Use thread_prng from the rand crate instead of calling /dev/urandom

This commit is contained in:
Xavier Moffett 2024-08-28 16:12:00 -04:00
parent 556ece1256
commit 2c190b83c0
Signed by: Sapphirus
GPG Key ID: A6C061B2CEA1A7AC
3 changed files with 97 additions and 13 deletions

84
Cargo.lock generated
View File

@ -66,6 +66,12 @@ dependencies = [
"generic-array",
]
[[package]]
name = "byteorder"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
[[package]]
name = "cc"
version = "1.0.99"
@ -259,6 +265,17 @@ dependencies = [
"version_check",
]
[[package]]
name = "getrandom"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
dependencies = [
"cfg-if",
"libc",
"wasi",
]
[[package]]
name = "hashbrown"
version = "0.14.5"
@ -451,6 +468,7 @@ dependencies = [
"nix 0.22.3",
"os_pipe",
"pacwrap-core",
"rand",
"regex",
"sha2",
"signal-hook",
@ -515,6 +533,15 @@ version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391"
[[package]]
name = "ppv-lite86"
version = "0.2.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04"
dependencies = [
"zerocopy",
]
[[package]]
name = "proc-macro2"
version = "1.0.85"
@ -533,6 +560,36 @@ dependencies = [
"proc-macro2",
]
[[package]]
name = "rand"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
dependencies = [
"libc",
"rand_chacha",
"rand_core",
]
[[package]]
name = "rand_chacha"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
dependencies = [
"ppv-lite86",
"rand_core",
]
[[package]]
name = "rand_core"
version = "0.6.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
dependencies = [
"getrandom",
]
[[package]]
name = "rayon"
version = "1.10.0"
@ -851,6 +908,12 @@ dependencies = [
"winapi-util",
]
[[package]]
name = "wasi"
version = "0.11.0+wasi-snapshot-preview1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "winapi-util"
version = "0.1.8"
@ -944,6 +1007,27 @@ dependencies = [
"rustix",
]
[[package]]
name = "zerocopy"
version = "0.7.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0"
dependencies = [
"byteorder",
"zerocopy-derive",
]
[[package]]
name = "zerocopy-derive"
version = "0.7.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "zeroize"
version = "1.8.1"

View File

@ -32,6 +32,7 @@ alpm = { version = "3.0.5", features = ["checkver"] }
# Miscellaneous
sha2 = "0.10.8"
regex = "1.10.3"
rand = "0.8.5"
[build-dependencies]
pacwrap-core = { path = "../pacwrap-core/", version = "0.8.4" }

View File

@ -20,7 +20,7 @@
use std::{
fmt::{Display, Formatter},
fs::{copy, remove_file, File},
io::{copy as copy_io, Read, Result as IOResult},
io::copy as copy_io,
process::Command,
};
@ -32,6 +32,7 @@ use pacwrap_core::{
ErrorGeneric,
Result,
};
use rand::Rng;
use sha2::{Digest, Sha256};
#[derive(Clone, Copy)]
@ -98,7 +99,7 @@ pub fn edit(args: &mut Arguments, edit: bool) -> Result<()> {
let (file, temp, lock, edit) = &match file {
Some(file) => {
let edit = file.can_edit(edit);
let prs = pseudorandom_string(10).prepend_io(|| "/dev/urandom".into())?;
let prs = pseudorandom_string(10);
let temp = format!("/tmp/tmp.{}", prs);
let lock = if let (FileType::ContainerConfig(_), true) = (file, edit) {
Some(Lock::new().lock()?)
@ -146,21 +147,19 @@ fn hash_file(file_path: &str) -> Result<Vec<u8>> {
Ok(hasher.finalize().to_vec())
}
fn pseudorandom_string(len: usize) -> IOResult<String> {
let mut urand = File::open("/dev/urandom")?;
let mut vec: Vec<u8> = Vec::new();
fn pseudorandom_string(len: usize) -> String {
let mut rand = rand::thread_rng();
let mut chars: Vec<u8> = Vec::new();
vec.reserve_exact(len);
chars.reserve_exact(len);
while vec.len() < len {
let mut buffer = [0; 1];
while chars.len() < len {
let rand: u8 = rand.gen();
urand.read_exact(&mut buffer)?;
if buffer[0] > 64 && buffer[0] < 91 || buffer[0] > 96 && buffer[0] < 122 || buffer[0] > 48 && buffer[0] < 58 {
vec.push(buffer[0]);
if rand > 64 && rand < 91 || rand > 96 && rand < 122 || rand > 48 && rand < 58 {
chars.push(rand);
}
}
Ok(String::from_utf8_lossy(&vec).to_string())
String::from_utf8(chars).expect("Valid UTF-8").to_string()
}