apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf S. Engelschall" <...@engelschall.com>
Subject Re: APR-util UUID generator broken
Date Fri, 14 Apr 2006 11:11:28 GMT
On Fri, Apr 14, 2006, Max Bowsher wrote:

> [...]
> > ...I've reviewed the UUID generator in APR-util. It unfortunately is
> > totally broken and generates neither valid (format) nor useful (content)
> > RFC4122 UUIDs.
>
> REMOVING CC to dev@subversion, as this is entirely an APR issue.

Please keep in mind that Subversion ships with a _copy_ of APR (and seem
to not very often upgrade their copy) and hence they have to fix it in
their copy (or upgrade once your released a fixed APR version ;-), too.

> [...]
> Thankyou for taking the time to hunt down bugs, but you could have saved
> yourself a lot of time by just checking trunk. Both of the above are
> already fixed.
>
> I did not propose a backport at the time I fixed the bugs, but I take it
> from your considerable action on this topic that you would like one. I
> guess that's fine - the change does not have compatibility issues that I
> am aware of.

Yes, please backport those fixes to your APR 1.2 branch as you yesterday
even released APR 1.2.7 (from that branch, yes, I know) which still
contains the same buggy UUID generator. As long as those fixes are not
part of an official APR release the generated bogus UUIDs are still
spreading around...

> > 3. OPTIMIZATION: for generating random content the local
> >    get_system_time() function (which is based on apr_time_now()) is used
> >    which time-adjusts for the UUID vs Unix Epoch time. For generating
> >    random bytes it is fully sufficient to just use plain apr_time_now().
>
> > Index: apr-util-1.2.6/crypto/getuuid.c
> > --- apr-util-1.2.6/crypto/getuuid.c.orig	2005-02-04 21:45:35 +0100
> > +++ apr-util-1.2.6/crypto/getuuid.c	2006-04-04 19:49:37 +0200
> > @@ -131,7 +131,7 @@
> >
> >      /* crap. this isn't crypto quality, but it will be Good Enough */
> >
> > -    get_system_time(&time_now);
> > +    time_now = apr_time_now();
> >      srand((unsigned int)(((time_now >> 32) ^ time_now) & 0xffffffff));
> >
> >      return rand() & 0x0FFFF;
>
> This seems sensible to me.
>
> Could someone give a second opinion that this is fine, and isn't going
> to impact the randomness quality?

The difference between your get_system_time() and apr_time_now() is
nothing more than the time offset between Unix epoch and the one used
by UUIDs. Adding a value doesn't change the randomness _quality_ of an
integer at all (it still is as bad or good as it was before)...

                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com


Mime
View raw message