On 3/14/19 4:39 PM, Daniel P. Berrangé wrote: > On Wed, Mar 13, 2019 at 09:55:19PM -0700, Richard Henderson wrote: >> Use a better interface for random numbers than rand, >> plus some useless floating point arithmetic. >> >> Cc: Gerd Hoffmann <kra...@redhat.com> >> Signed-off-by: Richard Henderson <richard.hender...@linaro.org> >> --- >> v2: Use qcrypto_random_bytes, not qemu_getrandom, as there is >> no need for deterministic results for this interface. >> --- >> ui/vnc.c | 8 ++------ >> 1 file changed, 2 insertions(+), 6 deletions(-) >> >> diff --git a/ui/vnc.c b/ui/vnc.c >> index 1871422e1d..9fa586dfa0 100644 >> --- a/ui/vnc.c >> +++ b/ui/vnc.c >> @@ -43,6 +43,7 @@ >> #include "crypto/hash.h" >> #include "crypto/tlscredsanon.h" >> #include "crypto/tlscredsx509.h" >> +#include "crypto/random.h" >> #include "qom/object_interfaces.h" >> #include "qemu/cutils.h" >> #include "io/dns-resolver.h" >> @@ -2537,12 +2538,7 @@ void start_client_init(VncState *vs) >> >> static void make_challenge(VncState *vs) >> { >> - int i; >> - >> - srand(time(NULL)+getpid()+getpid()*987654+rand()); >> - >> - for (i = 0 ; i < sizeof(vs->challenge) ; i++) >> - vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); >> + qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), >> &error_fatal); >> } > > Old code would not fail, but the new code can. So make_challenge needs > to return an error to the caller, which must then drop the client conn.
Is the old code equivalent to using a NULL errp? qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), NULL); > > Regards, > Daniel >