-
Notifications
You must be signed in to change notification settings - Fork 155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix random generators #210
Conversation
dfefbea
to
70b0d25
Compare
util.go
Outdated
@@ -12,6 +14,18 @@ import ( | |||
"github.com/pion/transport/vnet" | |||
) | |||
|
|||
func init() { // nolint:gochecknoinits |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To call this in the first use of random, any other call of randSeq
and generateRandString
should wait until calling Seed()
, otherwise these parallel calls may return random generated by the default seed.
It makes code complex and may cause future bug, so I believe initializing in init()
is the best solution.
util.go
Outdated
// crypto/rand is unavailable. Fallback to seed by time. | ||
seed = time.Now().UnixNano() | ||
} | ||
rand.Seed(seed) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To avoid touching math/rand
global generator, we need to declare package global random generator in this package. But in this case, we need to be careful that all code using random must use this generator. If math/rand
global generator is used, it will be seeded by default value all time. (might be potentially dangerous)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we just not use crypto/rand
instead? Not a big fan of init
Codecov Report
@@ Coverage Diff @@
## master #210 +/- ##
==========================================
+ Coverage 79.37% 79.88% +0.50%
==========================================
Files 26 27 +1
Lines 2027 2048 +21
==========================================
+ Hits 1609 1636 +27
+ Misses 293 289 -4
+ Partials 125 123 -2
Continue to review full report at Codecov.
|
Would it be worth banning |
I don't think so. In this code of unique ID generation, |
Wait, |
For mDNS hostname, https://tools.ietf.org/id/draft-ietf-rtcweb-mdns-ice-candidates-02.html#gathering
It must be UUIDv4 that is crypto grade 122bit random and contain UUID variant and version bits. |
We currently use UUID like random value for it, but it is defined as
Random part must be 1 to 32 characters of ALPHA, DIGIT, ICE candidate ID is used in plain text in SDP. It doesn't need crypto grade random. |
Looking through your list the only thing I see in the hot path is the VP8 code. If a user is really blocked on generation they can choose to use a weaker version. I am worried that we will audit these now, but in the future this will get broken. I am not careful enough and with
Works for me! As long as it doesn't drag in a bunch of dependencies/is stable I agree! I would almost consider this 1st party, things on |
https://developer.mozilla.org/en-US/docs/Web/API/RTCIceCandidate
https://developer.mozilla.org/en-US/docs/Web/API/RTCIceCandidate/usernameFragment
|
Seeding random generator each time limits number of generated sequence to 31-bits, and caused collision. Use global random generator seeded by crypto grade random. Use crypto/rand for cryptographic values, and math/rand for unique identifier. - Use UUIDv4 for mDNS name - Use crypto/rand for ICE pwd and user fragment - Use properly seeded math/rand for UDP port, tie breaker and candidate ID
70b0d25
to
8e1986a
Compare
Hmm, at the point I studied information science, random generators should be properly selected for each usage to keep both security and performance. For now, how about adding a rule to add comment to every |
@at-wat Yea I like that! I think that is the perfect mix of helping us not make mistakes, but giving the flexibility to do what we need |
Seeding random generator each time limits number of generated sequence
to 31-bits, and causes collision on low time accuracy environments.
Use global random generator seeded by crypto grade random.
Reference issue
ref: #203