Commit 6cd89d5e authored by Witold Krecicki's avatar Witold Krecicki
Browse files

Use non-cryptographically-secure PRNG to generate a nonce for cookies.

Rationale: the nonce here is only used to make sure there is a low
probability of duplication, according to section B.2 of RFC7873.
It is only 32-bit, and even if an attacker knows the algorithm used
to generate nonces it won't, in any way, give him any platform to
attack the server as long as server secret used to sign the
(nonce, time) pair with HMAC-SHA1 is secure.

On the other hand, currently, each packet sent requires (unnecessarily)
a CS pseudo-random number which is ineffective.
parent 9ecb0a91
Pipeline #5810 passed with stages
in 8 minutes and 25 seconds
5062. [func] Use non-crypto-secure PRNG to generate nonces for
cookies [GL !887]
5061. [protocol] Add support for EID and NIMLOC. [GL #626]
5060. [bug] GID, UID and UINFO could not be loaded using unknown
......@@ -1656,7 +1656,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message,
isc_buffer_init(&buf, cookie, sizeof(cookie));
isc_nonce_buf(&nonce, sizeof(nonce));
isc_random_buf(&nonce, sizeof(nonce));
compute_cookie(client, now, nonce, client->sctx->secret, &buf);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment