Skip to content

C
caddy
Commit 8d1da68b authored by Matthew Holt's avatar Matthew Holt
Browse files
Options

D'oh, commit all changes to file

parent 7a7e3d16
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 18 deletions
caddyhttp/httpserver/context.go
View file @ 8d1da68b
...@@ -5,6 +5,7 @@ import ( ...@@ -5,6 +5,7 @@ import (
"crypto/rand" "crypto/rand"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
mathrand "math/rand"
"net" "net"
"net/http" "net/http"
"net/url" "net/url"
...@@ -356,35 +357,40 @@ func (c Context) IsMITM() bool { ...@@ -356,35 +357,40 @@ func (c Context) IsMITM() bool {
} }
// RandomString generates a random string of random length given // RandomString generates a random string of random length given
// length bounds. Thanks to http://stackoverflow.com/a/31832326/1048862 // length bounds. Thanks to http://stackoverflow.com/a/35615565/1048862
// for the clever technique that is fast and maintains proper // for the clever technique that is fairly fast, secure, and maintains
// distributions over the dictionary. // proper distributions over the dictionary.
func (c Context) RandomString(minLen, maxLen int) string { func (c Context) RandomString(minLen, maxLen int) string {
const ( const (
letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
letterIdxBits = 6 // 6 bits to represent a letter index letterIdxBits = 6 // 6 bits to represent 64 possibilities (indexes)
letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits letterIdxMask = 1<<letterIdxBits - 1 // all 1-bits, as many as letterIdxBits
letterIdxMax = 63 / letterIdxBits // # of letter indices fitting in 63 bits
) )
if minLen < 0 || maxLen < 0 || maxLen < minLen { if minLen < 0 || maxLen < 0 || maxLen < minLen {
return "" return ""
} }
src := rand.NewSource(time.Now().UnixNano()) n := mathrand.Intn(maxLen-minLen+1) + minLen // choose actual length
n := rand.Intn(maxLen-minLen+1) + minLen // choose actual length
b := make([]byte, n) // secureRandomBytes returns a number of bytes using crypto/rand.
for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; { secureRandomBytes := func(numBytes int) []byte {
if remain == 0 { randomBytes := make([]byte, numBytes)
cache, remain = src.Int63(), letterIdxMax rand.Read(randomBytes)
return randomBytes
}
result := make([]byte, n)
bufferSize := int(float64(n) * 1.3)
for i, j, randomBytes := 0, 0, []byte{}; i < n; j++ {
if j%bufferSize == 0 {
randomBytes = secureRandomBytes(bufferSize)
} }
if idx := int(cache & letterIdxMask); idx < len(letterBytes) { if idx := int(randomBytes[j%n] & letterIdxMask); idx < len(letterBytes) {
b[i] = letterBytes[idx] result[i] = letterBytes[idx]
i-- i++
} }
cache >>= letterIdxBits
remain--
} }
return string(b) return string(result)
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7