netipmid: use libcrypto prng instead of insecure std::rand
std::rand is insecure. Add a simple openssl-crypto wrapper for a similar
interface that can replace it.
Tested-by: Run ipmitool six times in parallel to see that five
independent sessions are created and the sixth one causes the
BMC to dump the session list on the console. Note that the
session numbers are still random.
Change-Id: I0b387f1343abefc45be0d62cf9af45fbd5563047
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
diff --git a/prng.hpp b/prng.hpp
new file mode 100644
index 0000000..95946f7
--- /dev/null
+++ b/prng.hpp
@@ -0,0 +1,16 @@
+#include <openssl/rand.h>
+
+namespace crypto
+{
+
+struct prng
+{
+ static unsigned int rand()
+ {
+ unsigned int v;
+ RAND_bytes(reinterpret_cast<unsigned char*>(&v), sizeof(v));
+ return v;
+ }
+};
+
+} // namespace crypto
diff --git a/session.hpp b/session.hpp
index 4ba3fa6..f3dc2ae 100644
--- a/session.hpp
+++ b/session.hpp
@@ -4,6 +4,7 @@
#include "crypt_algo.hpp"
#include "endian.hpp"
#include "integrity_algo.hpp"
+#include "prng.hpp"
#include "socket_channel.hpp"
#include <chrono>
@@ -111,7 +112,7 @@
* @param[in] priv - Privilege Level requested in the Command
*/
Session(SessionID inRemoteConsoleSessID, Privilege priv) :
- curPrivLevel(priv), bmcSessionID(std::rand()),
+ curPrivLevel(priv), bmcSessionID(crypto::prng::rand()),
remoteConsoleSessionID(inRemoteConsoleSessID)
{
}
diff --git a/sessions_manager.cpp b/sessions_manager.cpp
index bf7ff34..52d749b 100644
--- a/sessions_manager.cpp
+++ b/sessions_manager.cpp
@@ -20,8 +20,6 @@
* through the lifetime of the Session Manager.
*/
sessionsMap.emplace(0, std::make_shared<Session>());
- // Seeding the pseudo-random generator
- std::srand(std::time(0));
}
std::shared_ptr<Session>