From c2f187436e5ec3a9888207bb406999a95349e663 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 08:44:37 +0200 Subject: [PATCH 01/21] remove useless RAND_poll() --- plugins/janus_nosip.c | 5 ----- plugins/janus_sip.c | 5 ----- 2 files changed, 10 deletions(-) diff --git a/plugins/janus_nosip.c b/plugins/janus_nosip.c index b8330d3e19..8198670059 100644 --- a/plugins/janus_nosip.c +++ b/plugins/janus_nosip.c @@ -786,11 +786,6 @@ int janus_nosip_init(janus_callbacks *callback, const char *config_path) { } JANUS_LOG(LOG_VERB, "Local IP set to %s\n", local_ip); -#ifdef HAVE_SRTP_2 - /* Init randomizer (for randum numbers in SRTP) */ - RAND_poll(); -#endif - sessions = g_hash_table_new_full(NULL, NULL, NULL, (GDestroyNotify)janus_nosip_session_destroy); messages = g_async_queue_new_full((GDestroyNotify) janus_nosip_message_free); /* This is the callback we'll need to invoke to contact the Janus core */ diff --git a/plugins/janus_sip.c b/plugins/janus_sip.c index ca1c4758b0..18c2075d68 100644 --- a/plugins/janus_sip.c +++ b/plugins/janus_sip.c @@ -1924,11 +1924,6 @@ int janus_sip_init(janus_callbacks *callback, const char *config_path) { } JANUS_LOG(LOG_VERB, "Local IP set to %s\n", local_ip); -#ifdef HAVE_SRTP_2 - /* Init randomizer (for randum numbers in SRTP) */ - RAND_poll(); -#endif - /* Setup sofia */ su_init(); if(notify_events && callback->events_is_enabled()) { From 2bb9602331d6b9e909821f9da1a079074054a5f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 08:55:46 +0200 Subject: [PATCH 02/21] introduce janus_random_uint64_javacript_safe() --- utils.c | 9 +++++---- utils.h | 9 +++++++++ 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/utils.c b/utils.c index 99b861e7e2..515bf79a76 100644 --- a/utils.c +++ b/utils.c @@ -81,11 +81,12 @@ guint64 janus_random_uint64(void) { * a good idea, as we don't want to make it harder to cross compile Janus * * TODO Look into what libssl and/or libcrypto provide in that respect - * - * PS: JavaScript only supports integer up to 2^53, so we need to - * make sure the number is below 9007199254740992 for safety */ - guint64 num = g_random_int() & 0x1FFFFF; + return g_random_int(); +} + +guint64 janus_random_uint64_javacript_safe(void) { + guint64 num = janus_random_uint64() & 0x1FFFFF; num = (num << 32) | g_random_int(); return num; } diff --git a/utils.h b/utils.h index 127433e793..45b5af18f0 100644 --- a/utils.h +++ b/utils.h @@ -69,6 +69,15 @@ guint32 janus_random_uint32(void); * @returns A random 64-bit unsigned integer */ guint64 janus_random_uint64(void); +/*! \brief Helper to generate random 64-bit unsigned integers which are safe to use in Javascript + * @note Javascript does not have real integers, its builtin "number" type is a float64. + * Thus, only integer values up to Number.MAX_SAFE_INTEGER == 2^53 - 1 == 9007199254740991 + * can be safely represented in Javascript. This method returns such numbers. + * Use this method instead of janus_random_uint64() whenever you generate numbers which + * might end up in Javascript (via JSON API). + * @returns A random 64-bit unsigned integer */ +guint64 janus_random_uint64_javacript_safe(void); + /*! \brief Helper to generate random UUIDs (needed by some plugins) * @returns A random UUID string, which must be deallocated with \c g_free */ char *janus_random_uuid(void); From 4f099dcc5b5ac8e246d55f7d3a7e38b4e7dff5d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 08:59:59 +0200 Subject: [PATCH 03/21] use janus_random_uint64_javacript_safe() --- ice.c | 2 +- janus.c | 2 +- plugins/janus_audiobridge.c | 6 +++--- plugins/janus_recordplay.c | 2 +- plugins/janus_streaming.c | 2 +- plugins/janus_textroom.c | 2 +- plugins/janus_videoroom.c | 4 ++-- plugins/janus_voicemail.c | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/ice.c b/ice.c index 8e8a68e147..ed1a1879e0 100644 --- a/ice.c +++ b/ice.c @@ -1233,7 +1233,7 @@ janus_ice_handle *janus_ice_handle_create(void *core_session, const char *opaque janus_ice_handle *handle = NULL; guint64 handle_id = 0; while(handle_id == 0) { - handle_id = janus_random_uint64(); + handle_id = janus_random_uint64_javacript_safe(); handle = janus_session_handles_find(session, handle_id); if(handle != NULL) { /* Handle ID already taken, try another one */ diff --git a/janus.c b/janus.c index 13907957d7..53a2d24c5b 100644 --- a/janus.c +++ b/janus.c @@ -733,7 +733,7 @@ janus_session *janus_session_create(guint64 session_id) { janus_session *session = NULL; if(session_id == 0) { while(session_id == 0) { - session_id = janus_random_uint64(); + session_id = janus_random_uint64_javacript_safe(); session = janus_session_find(session_id); if(session != NULL) { /* Session ID already taken, try another one */ diff --git a/plugins/janus_audiobridge.c b/plugins/janus_audiobridge.c index 851ed53ab4..bc9af0d239 100644 --- a/plugins/janus_audiobridge.c +++ b/plugins/janus_audiobridge.c @@ -2821,7 +2821,7 @@ static json_t *janus_audiobridge_process_synchronous_request(janus_audiobridge_s gboolean room_id_allocated = FALSE; if(!string_ids && room_id == 0) { while(room_id == 0) { - room_id = janus_random_uint64(); + room_id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(rooms, &room_id) != NULL) { /* Room ID already taken, try another one */ room_id = 0; @@ -5673,7 +5673,7 @@ static void *janus_audiobridge_handler(void *data) { if(user_id == 0) { /* Generate a random ID */ while(user_id == 0) { - user_id = janus_random_uint64(); + user_id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(audiobridge->participants, &user_id) != NULL) { /* User ID already taken, try another one */ user_id = 0; @@ -6394,7 +6394,7 @@ static void *janus_audiobridge_handler(void *data) { if(user_id == 0) { /* Generate a random ID */ while(user_id == 0) { - user_id = janus_random_uint64(); + user_id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(audiobridge->participants, &user_id) != NULL) { /* User ID already taken, try another one */ user_id = 0; diff --git a/plugins/janus_recordplay.c b/plugins/janus_recordplay.c index 7055e4be40..f3fc3596d9 100644 --- a/plugins/janus_recordplay.c +++ b/plugins/janus_recordplay.c @@ -1618,7 +1618,7 @@ static void *janus_recordplay_handler(void *data) { } if(id == 0) { while(id == 0) { - id = janus_random_uint64(); + id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(recordings, &id) != NULL) { /* Recording ID already taken, try another one */ id = 0; diff --git a/plugins/janus_streaming.c b/plugins/janus_streaming.c index 8e8c03999f..4db21f60b6 100644 --- a/plugins/janus_streaming.c +++ b/plugins/janus_streaming.c @@ -2728,7 +2728,7 @@ static json_t *janus_streaming_process_synchronous_request(janus_streaming_sessi /* Generate a unique numeric ID */ JANUS_LOG(LOG_VERB, "Missing numeric id, will generate a random one...\n"); while(mpid == 0) { - mpid = janus_random_uint64(); + mpid = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(mountpoints, &mpid) != NULL || g_hash_table_lookup(mountpoints_temp, &mpid) != NULL) { /* ID already in use, try another one */ diff --git a/plugins/janus_textroom.c b/plugins/janus_textroom.c index 9c797e8cac..0a2f136df5 100644 --- a/plugins/janus_textroom.c +++ b/plugins/janus_textroom.c @@ -2440,7 +2440,7 @@ janus_plugin_result *janus_textroom_handle_incoming_request(janus_plugin_session gboolean room_id_allocated = FALSE; if(!string_ids && room_id == 0) { while(room_id == 0) { - room_id = janus_random_uint64(); + room_id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(rooms, &room_id) != NULL) { /* Room ID already taken, try another one */ room_id = 0; diff --git a/plugins/janus_videoroom.c b/plugins/janus_videoroom.c index 9bc532958b..7ec29eed23 100644 --- a/plugins/janus_videoroom.c +++ b/plugins/janus_videoroom.c @@ -3152,7 +3152,7 @@ static json_t *janus_videoroom_process_synchronous_request(janus_videoroom_sessi gboolean room_id_allocated = FALSE; if(!string_ids && room_id == 0) { while(room_id == 0) { - room_id = janus_random_uint64(); + room_id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(rooms, &room_id) != NULL) { /* Room ID already taken, try another one */ room_id = 0; @@ -6093,7 +6093,7 @@ static void *janus_videoroom_handler(void *data) { if(user_id == 0) { /* Generate a random ID */ while(user_id == 0) { - user_id = janus_random_uint64(); + user_id = janus_random_uint64_javacript_safe(); if(g_hash_table_lookup(videoroom->participants, &user_id) != NULL) { /* User ID already taken, try another one */ user_id = 0; diff --git a/plugins/janus_voicemail.c b/plugins/janus_voicemail.c index 5c5eb03c2f..22eea41608 100644 --- a/plugins/janus_voicemail.c +++ b/plugins/janus_voicemail.c @@ -439,7 +439,7 @@ void janus_voicemail_create_session(janus_plugin_session *handle, int *error) { } janus_voicemail_session *session = g_malloc0(sizeof(janus_voicemail_session)); session->handle = handle; - session->recording_id = janus_random_uint64(); + session->recording_id = janus_random_uint64_javacript_safe(); session->start_time = 0; session->stream = NULL; char f[255]; From f5375e3aef3f71c0b6926b381e0bd3a652817df9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 09:10:06 +0200 Subject: [PATCH 04/21] check OpenSSL random state on startup --- janus.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/janus.c b/janus.c index 53a2d24c5b..86dcc919a2 100644 --- a/janus.c +++ b/janus.c @@ -4996,6 +4996,11 @@ gint main(int argc, char *argv[]) SSL_library_init(); SSL_load_error_strings(); OpenSSL_add_all_algorithms(); + /* check if random pool looks ok (this does not give any guarantees for later, though) */ + if(RAND_status() != 1) { + JANUS_LOG(LOG_FATAL, "\tOpenSSL PRNG is not properly seeded, cannot generate random numbers\n"); + exit(1); + } /* ... and DTLS-SRTP in particular */ const char *dtls_ciphers = NULL; item = janus_config_get(config, config_certs, janus_config_type_item, "dtls_ciphers"); From 117c9fc19268633dbb658a00fbeab344329ddea4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 09:13:19 +0200 Subject: [PATCH 05/21] fix janus_random_uint64*(), whoopsie --- utils.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/utils.c b/utils.c index 515bf79a76..b277ef85fc 100644 --- a/utils.c +++ b/utils.c @@ -82,11 +82,13 @@ guint64 janus_random_uint64(void) { * * TODO Look into what libssl and/or libcrypto provide in that respect */ - return g_random_int(); + guint64 num = g_random_int(); + num = (num << 32) | g_random_int(); + return num; } guint64 janus_random_uint64_javacript_safe(void) { - guint64 num = janus_random_uint64() & 0x1FFFFF; + guint64 num = g_random_int() & 0x1FFFFF; num = (num << 32) | g_random_int(); return num; } From 9d048f36d446970063221aff26bb4cd2addd3914 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 09:16:33 +0200 Subject: [PATCH 06/21] use janus_random_uint64() in janus_random_uint64_javacript_safe() --- utils.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/utils.c b/utils.c index b277ef85fc..434b4989c4 100644 --- a/utils.c +++ b/utils.c @@ -88,9 +88,7 @@ guint64 janus_random_uint64(void) { } guint64 janus_random_uint64_javacript_safe(void) { - guint64 num = g_random_int() & 0x1FFFFF; - num = (num << 32) | g_random_int(); - return num; + return janus_random_uint64() & 0x1FFFFFFFFFFFFF; } char *janus_random_uuid(void) { From f2b84a940ea74eece32d5d890da1f46a129acdd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 15 Jul 2021 09:23:08 +0200 Subject: [PATCH 07/21] use openssl rand_bytes() --- utils.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/utils.c b/utils.c index 434b4989c4..b75afa953c 100644 --- a/utils.c +++ b/utils.c @@ -21,6 +21,7 @@ #include #include +#include #include "utils.h" #include "debug.h" @@ -71,20 +72,21 @@ gboolean janus_strcmp_const_time(const void *str1, const void *str2) { } guint32 janus_random_uint32(void) { - return g_random_int(); + guint32 ret = 0; + if (RAND_bytes((void *)&ret, sizeof(ret)) != 1) { + JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); + exit(1); + } + return ret; } guint64 janus_random_uint64(void) { - /* - * FIXME This needs to be improved, and use something that generates - * more strongly random stuff... using /dev/urandom is probably not - * a good idea, as we don't want to make it harder to cross compile Janus - * - * TODO Look into what libssl and/or libcrypto provide in that respect - */ - guint64 num = g_random_int(); - num = (num << 32) | g_random_int(); - return num; + guint64 ret = 0; + if (RAND_bytes((void *)&ret, sizeof(ret)) != 1) { + JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); + exit(1); + } + return ret; } guint64 janus_random_uint64_javacript_safe(void) { From ebdb9b202cc05803c1abdf912eb908532a275ffc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 09:07:01 +0200 Subject: [PATCH 08/21] try to fix the build --- Makefile.am | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Makefile.am b/Makefile.am index 50879e6f81..2a749428a4 100644 --- a/Makefile.am +++ b/Makefile.am @@ -637,10 +637,12 @@ mjr2pcap_SOURCES = \ mjr2pcap_CFLAGS = \ $(AM_CFLAGS) \ $(POST_PROCESSING_CFLAGS) \ + $(BORINGSSL_CFLAGS) \ $(NULL) mjr2pcap_LDADD = \ $(POST_PROCESSING_LIBS) \ + $(BORINGSSL_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(NULL) @@ -658,11 +660,13 @@ pcap2mjr_CFLAGS = \ $(AM_CFLAGS) \ -I$(top_builddir)/postprocessing \ $(POST_PROCESSING_CFLAGS) \ + $(BORINGSSL_CFLAGS) \ $(PCAP_CFLAGS) \ $(NULL) pcap2mjr_LDADD = \ $(POST_PROCESSING_LIBS) \ + $(BORINGSSL_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(PCAP_LIBS) \ $(NULL) From b4f4072f91d5312d1355ad66c8befd3be3db4931 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 09:11:09 +0200 Subject: [PATCH 09/21] change linking order --- Makefile.am | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index 2a749428a4..c58162e798 100644 --- a/Makefile.am +++ b/Makefile.am @@ -641,8 +641,8 @@ mjr2pcap_CFLAGS = \ $(NULL) mjr2pcap_LDADD = \ - $(POST_PROCESSING_LIBS) \ $(BORINGSSL_LIBS) \ + $(POST_PROCESSING_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(NULL) @@ -665,8 +665,8 @@ pcap2mjr_CFLAGS = \ $(NULL) pcap2mjr_LDADD = \ - $(POST_PROCESSING_LIBS) \ $(BORINGSSL_LIBS) \ + $(POST_PROCESSING_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(PCAP_LIBS) \ $(NULL) From 009125599d2107c519071bcc35549f0a8c6aaffb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 15:38:56 +0200 Subject: [PATCH 10/21] janus_random_uint64() -> janus_random_uint64_full() --- utils.c | 8 ++++---- utils.h | 6 ++++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/utils.c b/utils.c index b75afa953c..ffbc0e42a8 100644 --- a/utils.c +++ b/utils.c @@ -80,7 +80,7 @@ guint32 janus_random_uint32(void) { return ret; } -guint64 janus_random_uint64(void) { +guint64 janus_random_uint64_full(void) { guint64 ret = 0; if (RAND_bytes((void *)&ret, sizeof(ret)) != 1) { JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); @@ -90,7 +90,7 @@ guint64 janus_random_uint64(void) { } guint64 janus_random_uint64_javacript_safe(void) { - return janus_random_uint64() & 0x1FFFFFFFFFFFFF; + return janus_random_uint64_full() & 0x1FFFFFFFFFFFFF; } char *janus_random_uuid(void) { @@ -103,8 +103,8 @@ char *janus_random_uuid(void) { const char *template = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx"; const char *samples = "0123456789abcdef"; union { unsigned char b[16]; uint64_t word[2]; } rnd; - rnd.word[0] = janus_random_uint64(); - rnd.word[1] = janus_random_uint64(); + rnd.word[0] = janus_random_uint64_full(); + rnd.word[1] = janus_random_uint64_full(); /* Generate the string */ char uuid[37], *dst = uuid; const char *p = template; diff --git a/utils.h b/utils.h index 45b5af18f0..e31489a91f 100644 --- a/utils.h +++ b/utils.h @@ -65,9 +65,11 @@ gboolean janus_strcmp_const_time(const void *str1, const void *str2); * @returns A random 32-bit unsigned integer */ guint32 janus_random_uint32(void); -/*! \brief Helper to generate random 64-bit unsigned integers (useful for Janus IDs) +/*! \brief Helper to generate random 64-bit unsigned integers + * @note Unlike janus_random_uint64(), which actually only generates 52 bits, this + * generates the full 64 bits. See the janus_random_uint64() docstring for details. * @returns A random 64-bit unsigned integer */ -guint64 janus_random_uint64(void); +guint64 janus_random_uint64_full(void); /*! \brief Helper to generate random 64-bit unsigned integers which are safe to use in Javascript * @note Javascript does not have real integers, its builtin "number" type is a float64. From e0e6d0e00a4347f661c62e5f4098352a442ad444 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 15:39:34 +0200 Subject: [PATCH 11/21] janus_random_uint64_javacript_safe() -> janus_random_uint64 --- ice.c | 2 +- janus.c | 2 +- plugins/janus_audiobridge.c | 6 +++--- plugins/janus_recordplay.c | 2 +- plugins/janus_streaming.c | 2 +- plugins/janus_textroom.c | 2 +- plugins/janus_videoroom.c | 4 ++-- plugins/janus_voicemail.c | 2 +- utils.c | 2 +- utils.h | 2 +- 10 files changed, 13 insertions(+), 13 deletions(-) diff --git a/ice.c b/ice.c index ed1a1879e0..8e8a68e147 100644 --- a/ice.c +++ b/ice.c @@ -1233,7 +1233,7 @@ janus_ice_handle *janus_ice_handle_create(void *core_session, const char *opaque janus_ice_handle *handle = NULL; guint64 handle_id = 0; while(handle_id == 0) { - handle_id = janus_random_uint64_javacript_safe(); + handle_id = janus_random_uint64(); handle = janus_session_handles_find(session, handle_id); if(handle != NULL) { /* Handle ID already taken, try another one */ diff --git a/janus.c b/janus.c index 86dcc919a2..d161692a93 100644 --- a/janus.c +++ b/janus.c @@ -733,7 +733,7 @@ janus_session *janus_session_create(guint64 session_id) { janus_session *session = NULL; if(session_id == 0) { while(session_id == 0) { - session_id = janus_random_uint64_javacript_safe(); + session_id = janus_random_uint64(); session = janus_session_find(session_id); if(session != NULL) { /* Session ID already taken, try another one */ diff --git a/plugins/janus_audiobridge.c b/plugins/janus_audiobridge.c index bc9af0d239..851ed53ab4 100644 --- a/plugins/janus_audiobridge.c +++ b/plugins/janus_audiobridge.c @@ -2821,7 +2821,7 @@ static json_t *janus_audiobridge_process_synchronous_request(janus_audiobridge_s gboolean room_id_allocated = FALSE; if(!string_ids && room_id == 0) { while(room_id == 0) { - room_id = janus_random_uint64_javacript_safe(); + room_id = janus_random_uint64(); if(g_hash_table_lookup(rooms, &room_id) != NULL) { /* Room ID already taken, try another one */ room_id = 0; @@ -5673,7 +5673,7 @@ static void *janus_audiobridge_handler(void *data) { if(user_id == 0) { /* Generate a random ID */ while(user_id == 0) { - user_id = janus_random_uint64_javacript_safe(); + user_id = janus_random_uint64(); if(g_hash_table_lookup(audiobridge->participants, &user_id) != NULL) { /* User ID already taken, try another one */ user_id = 0; @@ -6394,7 +6394,7 @@ static void *janus_audiobridge_handler(void *data) { if(user_id == 0) { /* Generate a random ID */ while(user_id == 0) { - user_id = janus_random_uint64_javacript_safe(); + user_id = janus_random_uint64(); if(g_hash_table_lookup(audiobridge->participants, &user_id) != NULL) { /* User ID already taken, try another one */ user_id = 0; diff --git a/plugins/janus_recordplay.c b/plugins/janus_recordplay.c index f3fc3596d9..7055e4be40 100644 --- a/plugins/janus_recordplay.c +++ b/plugins/janus_recordplay.c @@ -1618,7 +1618,7 @@ static void *janus_recordplay_handler(void *data) { } if(id == 0) { while(id == 0) { - id = janus_random_uint64_javacript_safe(); + id = janus_random_uint64(); if(g_hash_table_lookup(recordings, &id) != NULL) { /* Recording ID already taken, try another one */ id = 0; diff --git a/plugins/janus_streaming.c b/plugins/janus_streaming.c index 4db21f60b6..8e8c03999f 100644 --- a/plugins/janus_streaming.c +++ b/plugins/janus_streaming.c @@ -2728,7 +2728,7 @@ static json_t *janus_streaming_process_synchronous_request(janus_streaming_sessi /* Generate a unique numeric ID */ JANUS_LOG(LOG_VERB, "Missing numeric id, will generate a random one...\n"); while(mpid == 0) { - mpid = janus_random_uint64_javacript_safe(); + mpid = janus_random_uint64(); if(g_hash_table_lookup(mountpoints, &mpid) != NULL || g_hash_table_lookup(mountpoints_temp, &mpid) != NULL) { /* ID already in use, try another one */ diff --git a/plugins/janus_textroom.c b/plugins/janus_textroom.c index 0a2f136df5..9c797e8cac 100644 --- a/plugins/janus_textroom.c +++ b/plugins/janus_textroom.c @@ -2440,7 +2440,7 @@ janus_plugin_result *janus_textroom_handle_incoming_request(janus_plugin_session gboolean room_id_allocated = FALSE; if(!string_ids && room_id == 0) { while(room_id == 0) { - room_id = janus_random_uint64_javacript_safe(); + room_id = janus_random_uint64(); if(g_hash_table_lookup(rooms, &room_id) != NULL) { /* Room ID already taken, try another one */ room_id = 0; diff --git a/plugins/janus_videoroom.c b/plugins/janus_videoroom.c index 7ec29eed23..9bc532958b 100644 --- a/plugins/janus_videoroom.c +++ b/plugins/janus_videoroom.c @@ -3152,7 +3152,7 @@ static json_t *janus_videoroom_process_synchronous_request(janus_videoroom_sessi gboolean room_id_allocated = FALSE; if(!string_ids && room_id == 0) { while(room_id == 0) { - room_id = janus_random_uint64_javacript_safe(); + room_id = janus_random_uint64(); if(g_hash_table_lookup(rooms, &room_id) != NULL) { /* Room ID already taken, try another one */ room_id = 0; @@ -6093,7 +6093,7 @@ static void *janus_videoroom_handler(void *data) { if(user_id == 0) { /* Generate a random ID */ while(user_id == 0) { - user_id = janus_random_uint64_javacript_safe(); + user_id = janus_random_uint64(); if(g_hash_table_lookup(videoroom->participants, &user_id) != NULL) { /* User ID already taken, try another one */ user_id = 0; diff --git a/plugins/janus_voicemail.c b/plugins/janus_voicemail.c index 22eea41608..5c5eb03c2f 100644 --- a/plugins/janus_voicemail.c +++ b/plugins/janus_voicemail.c @@ -439,7 +439,7 @@ void janus_voicemail_create_session(janus_plugin_session *handle, int *error) { } janus_voicemail_session *session = g_malloc0(sizeof(janus_voicemail_session)); session->handle = handle; - session->recording_id = janus_random_uint64_javacript_safe(); + session->recording_id = janus_random_uint64(); session->start_time = 0; session->stream = NULL; char f[255]; diff --git a/utils.c b/utils.c index ffbc0e42a8..da85725832 100644 --- a/utils.c +++ b/utils.c @@ -89,7 +89,7 @@ guint64 janus_random_uint64_full(void) { return ret; } -guint64 janus_random_uint64_javacript_safe(void) { +guint64 janus_random_uint64(void) { return janus_random_uint64_full() & 0x1FFFFFFFFFFFFF; } diff --git a/utils.h b/utils.h index e31489a91f..f7950bd7cb 100644 --- a/utils.h +++ b/utils.h @@ -78,7 +78,7 @@ guint64 janus_random_uint64_full(void); * Use this method instead of janus_random_uint64() whenever you generate numbers which * might end up in Javascript (via JSON API). * @returns A random 64-bit unsigned integer */ -guint64 janus_random_uint64_javacript_safe(void); +guint64 janus_random_uint64(void); /*! \brief Helper to generate random UUIDs (needed by some plugins) * @returns A random UUID string, which must be deallocated with \c g_free */ From 069891e8dfaa98281dfe11b62c5a52c4281f21a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 15:43:16 +0200 Subject: [PATCH 12/21] docs --- utils.h | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/utils.h b/utils.h index f7950bd7cb..472b40ed2a 100644 --- a/utils.h +++ b/utils.h @@ -62,7 +62,7 @@ gboolean janus_strcmp_const_time(const void *str1, const void *str2); /*! \brief Helper to generate random 32-bit unsigned integers (useful for SSRCs, etc.) * @note Currently just wraps g_random_int() - * @returns A random 32-bit unsigned integer */ + * @returns A (crypto-safe) random 32-bit unsigned integer */ guint32 janus_random_uint32(void); /*! \brief Helper to generate random 64-bit unsigned integers @@ -71,17 +71,20 @@ guint32 janus_random_uint32(void); * @returns A random 64-bit unsigned integer */ guint64 janus_random_uint64_full(void); -/*! \brief Helper to generate random 64-bit unsigned integers which are safe to use in Javascript - * @note Javascript does not have real integers, its builtin "number" type is a float64. - * Thus, only integer values up to Number.MAX_SAFE_INTEGER == 2^53 - 1 == 9007199254740991 +/*! \brief Helper to generate random 52 bit unsigned integers + * @note The reason for 52 instead of 64 bits: Javascript does not have real integers, + * its builtin "number" type is a float64. Thus, only integer values up to + * Number.MAX_SAFE_INTEGER == 2^53 - 1 == 9007199254740991 * can be safely represented in Javascript. This method returns such numbers. - * Use this method instead of janus_random_uint64() whenever you generate numbers which + * Use this method instead of janus_random_uint64_full() whenever you generate numbers which * might end up in Javascript (via JSON API). - * @returns A random 64-bit unsigned integer */ + * This method is called janus_random_uint64() instead of janus_random_uint52() (or similar) + * for backwards compatibility. + * @returns A (crypto-safe) random 64-bit unsigned integer */ guint64 janus_random_uint64(void); /*! \brief Helper to generate random UUIDs (needed by some plugins) - * @returns A random UUID string, which must be deallocated with \c g_free */ + * @returns A (crypto-safe) random UUID string, which must be deallocated with \c g_free */ char *janus_random_uuid(void); /*! \brief Helper to generate an allocated copy of a guint64 number From 334e68e6fd98b625daaeef1f285aaab93cb804c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 15:43:33 +0200 Subject: [PATCH 13/21] revert makefile --- Makefile.am | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Makefile.am b/Makefile.am index c58162e798..50879e6f81 100644 --- a/Makefile.am +++ b/Makefile.am @@ -637,11 +637,9 @@ mjr2pcap_SOURCES = \ mjr2pcap_CFLAGS = \ $(AM_CFLAGS) \ $(POST_PROCESSING_CFLAGS) \ - $(BORINGSSL_CFLAGS) \ $(NULL) mjr2pcap_LDADD = \ - $(BORINGSSL_LIBS) \ $(POST_PROCESSING_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(NULL) @@ -660,12 +658,10 @@ pcap2mjr_CFLAGS = \ $(AM_CFLAGS) \ -I$(top_builddir)/postprocessing \ $(POST_PROCESSING_CFLAGS) \ - $(BORINGSSL_CFLAGS) \ $(PCAP_CFLAGS) \ $(NULL) pcap2mjr_LDADD = \ - $(BORINGSSL_LIBS) \ $(POST_PROCESSING_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(PCAP_LIBS) \ From 4006a42fd86fbd6617678e3b2cd08e93e5aa5a81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 16:02:51 +0200 Subject: [PATCH 14/21] check for libssl for post processing tools --- configure.ac | 1 + 1 file changed, 1 insertion(+) diff --git a/configure.ac b/configure.ac index 8ff2197183..b5ff68a352 100644 --- a/configure.ac +++ b/configure.ac @@ -954,6 +954,7 @@ AS_IF([test "x$enable_post_processing" = "xyes"], [ glib-2.0 >= $glib_version jansson >= $jansson_version + libssl >= $ssl_version libavutil libavcodec libavformat From 7fbfde1a87e31f2f7a16f2a2757a216c9f2bf4fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 17:50:31 +0200 Subject: [PATCH 15/21] fix post processing build (@atoppi) --- configure.ac | 1 + 1 file changed, 1 insertion(+) diff --git a/configure.ac b/configure.ac index b5ff68a352..80816f2205 100644 --- a/configure.ac +++ b/configure.ac @@ -955,6 +955,7 @@ AS_IF([test "x$enable_post_processing" = "xyes"], glib-2.0 >= $glib_version jansson >= $jansson_version libssl >= $ssl_version + libcrypto libavutil libavcodec libavformat From e5f245bf8628a4405d120743ff15b75716f4001b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 22 Jul 2021 17:51:04 +0200 Subject: [PATCH 16/21] fake RAND_bytes() for fuzzer (@atoppi) --- fuzzers/rtcp_fuzzer.c | 5 +++++ fuzzers/sdp_fuzzer.c | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/fuzzers/rtcp_fuzzer.c b/fuzzers/rtcp_fuzzer.c index 7fe297084d..0497e6f82f 100644 --- a/fuzzers/rtcp_fuzzer.c +++ b/fuzzers/rtcp_fuzzer.c @@ -13,6 +13,11 @@ gboolean janus_log_colors = FALSE; char *janus_log_global_prefix = NULL; int lock_debug = 0; +/* This is to avoid linking with openSSL */ +int RAND_bytes(uint8_t *key, int len) { + return 0; +} + int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { /* Sanity Checks */ /* Max UDP payload with MTU=1500 */ diff --git a/fuzzers/sdp_fuzzer.c b/fuzzers/sdp_fuzzer.c index f4c3bdacae..b3ce705b39 100644 --- a/fuzzers/sdp_fuzzer.c +++ b/fuzzers/sdp_fuzzer.c @@ -14,6 +14,11 @@ char *janus_log_global_prefix = NULL; int lock_debug = 0; int refcount_debug = 0; +/* This is to avoid linking with openSSL */ +int RAND_bytes(uint8_t *key, int len) { + return 0; +} + int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { /* Since we're fuzzing SDP, and that in our case SDP always comes * from a Jansson call, this will need to be a valid string */ From ba5072ec826391683d2b395f3604be09d4ff7886 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Tue, 27 Jul 2021 10:23:27 +0200 Subject: [PATCH 17/21] PR comments: style and small stuff --- janus.c | 4 ++-- utils.c | 4 ++-- utils.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/janus.c b/janus.c index d161692a93..5b887bd872 100644 --- a/janus.c +++ b/janus.c @@ -4996,9 +4996,9 @@ gint main(int argc, char *argv[]) SSL_library_init(); SSL_load_error_strings(); OpenSSL_add_all_algorithms(); - /* check if random pool looks ok (this does not give any guarantees for later, though) */ + /* Check if random pool looks ok (this does not give any guarantees for later, though) */ if(RAND_status() != 1) { - JANUS_LOG(LOG_FATAL, "\tOpenSSL PRNG is not properly seeded, cannot generate random numbers\n"); + JANUS_LOG(LOG_FATAL, "Random pool is not properly seeded, cannot generate random numbers\n"); exit(1); } /* ... and DTLS-SRTP in particular */ diff --git a/utils.c b/utils.c index da85725832..836da00bd8 100644 --- a/utils.c +++ b/utils.c @@ -73,7 +73,7 @@ gboolean janus_strcmp_const_time(const void *str1, const void *str2) { guint32 janus_random_uint32(void) { guint32 ret = 0; - if (RAND_bytes((void *)&ret, sizeof(ret)) != 1) { + if(RAND_bytes((void *)&ret, sizeof(ret)) != 1) { JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); exit(1); } @@ -82,7 +82,7 @@ guint32 janus_random_uint32(void) { guint64 janus_random_uint64_full(void) { guint64 ret = 0; - if (RAND_bytes((void *)&ret, sizeof(ret)) != 1) { + if(RAND_bytes((void *)&ret, sizeof(ret)) != 1) { JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); exit(1); } diff --git a/utils.h b/utils.h index 472b40ed2a..7258474941 100644 --- a/utils.h +++ b/utils.h @@ -74,7 +74,7 @@ guint64 janus_random_uint64_full(void); /*! \brief Helper to generate random 52 bit unsigned integers * @note The reason for 52 instead of 64 bits: Javascript does not have real integers, * its builtin "number" type is a float64. Thus, only integer values up to - * Number.MAX_SAFE_INTEGER == 2^53 - 1 == 9007199254740991 + * Number.MAX_SAFE_INTEGER == 2^53 - 1 == 9007199254740991 * can be safely represented in Javascript. This method returns such numbers. * Use this method instead of janus_random_uint64_full() whenever you generate numbers which * might end up in Javascript (via JSON API). From b5e2d22c2c9711c96b8f71df2abddda53603232f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Tue, 27 Jul 2021 10:27:08 +0200 Subject: [PATCH 18/21] fall back to g_random_int --- utils.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utils.c b/utils.c index 836da00bd8..45ef9b94b4 100644 --- a/utils.c +++ b/utils.c @@ -74,8 +74,8 @@ gboolean janus_strcmp_const_time(const void *str1, const void *str2) { guint32 janus_random_uint32(void) { guint32 ret = 0; if(RAND_bytes((void *)&ret, sizeof(ret)) != 1) { - JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); - exit(1); + JANUS_LOG(LOG_ERR, "Safe RAND_bytes() failed, falling back to unsafe PRNG\n"); + return g_random_int(); } return ret; } @@ -83,8 +83,8 @@ guint32 janus_random_uint32(void) { guint64 janus_random_uint64_full(void) { guint64 ret = 0; if(RAND_bytes((void *)&ret, sizeof(ret)) != 1) { - JANUS_LOG(LOG_FATAL, "\tOpenSSL RAND_bytes() failed\n"); - exit(1); + JANUS_LOG(LOG_ERR, "Safe RAND_bytes() failed, falling back to unsafe PRNG\n"); + return (g_random_int() << 32) | g_random_int(); } return ret; } From cf4033667e4702293bc643d55c887deb8f3f16d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Tue, 27 Jul 2021 10:31:36 +0200 Subject: [PATCH 19/21] add BORINGSSL_{LIBS, CFLAGS} --- Makefile.am | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Makefile.am b/Makefile.am index 50879e6f81..9cef085d51 100644 --- a/Makefile.am +++ b/Makefile.am @@ -610,9 +610,11 @@ janus_pp_rec_CFLAGS = \ -I$(top_builddir)/postprocessing \ $(LIBCURL_CFLAGS) \ $(POST_PROCESSING_CFLAGS) \ + $(BORINGSSL_CFLAGS) \ $(NULL) janus_pp_rec_LDADD = \ + $(BORINGSSL_LIBS) \ $(POST_PROCESSING_LIBS) \ $(LIBCURL_LDFLAGS) $(LIBCURL_LIBS) \ $(NULL) @@ -637,9 +639,11 @@ mjr2pcap_SOURCES = \ mjr2pcap_CFLAGS = \ $(AM_CFLAGS) \ $(POST_PROCESSING_CFLAGS) \ + $(BORINGSSL_CFLAGS) \ $(NULL) mjr2pcap_LDADD = \ + $(BORINGSSL_LIBS) \ $(POST_PROCESSING_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(NULL) @@ -659,9 +663,11 @@ pcap2mjr_CFLAGS = \ -I$(top_builddir)/postprocessing \ $(POST_PROCESSING_CFLAGS) \ $(PCAP_CFLAGS) \ + $(BORINGSSL_CFLAGS) \ $(NULL) pcap2mjr_LDADD = \ + $(BORINGSSL_LIBS) \ $(POST_PROCESSING_LIBS) \ $(POST_PROCESSING_MANUAL_LIBS) \ $(PCAP_LIBS) \ From 84006177830b14227a27312c4b5b1c1574d087a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 29 Jul 2021 17:40:21 +0200 Subject: [PATCH 20/21] LOG_WARN --- utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils.c b/utils.c index 45ef9b94b4..80b0fa0b12 100644 --- a/utils.c +++ b/utils.c @@ -74,7 +74,7 @@ gboolean janus_strcmp_const_time(const void *str1, const void *str2) { guint32 janus_random_uint32(void) { guint32 ret = 0; if(RAND_bytes((void *)&ret, sizeof(ret)) != 1) { - JANUS_LOG(LOG_ERR, "Safe RAND_bytes() failed, falling back to unsafe PRNG\n"); + JANUS_LOG(LOG_WARN, "Safe RAND_bytes() failed, falling back to unsafe PRNG\n"); return g_random_int(); } return ret; @@ -83,7 +83,7 @@ guint32 janus_random_uint32(void) { guint64 janus_random_uint64_full(void) { guint64 ret = 0; if(RAND_bytes((void *)&ret, sizeof(ret)) != 1) { - JANUS_LOG(LOG_ERR, "Safe RAND_bytes() failed, falling back to unsafe PRNG\n"); + JANUS_LOG(LOG_WARN, "Safe RAND_bytes() failed, falling back to unsafe PRNG\n"); return (g_random_int() << 32) | g_random_int(); } return ret; From 0f45705a3969547ba8110501ca242fd901b9074b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20M=C3=BCller?= Date: Thu, 29 Jul 2021 17:45:11 +0200 Subject: [PATCH 21/21] comment on fallback behaviour --- utils.h | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/utils.h b/utils.h index 7258474941..22eb3f041e 100644 --- a/utils.h +++ b/utils.h @@ -61,14 +61,17 @@ gboolean janus_is_true(const char *value); gboolean janus_strcmp_const_time(const void *str1, const void *str2); /*! \brief Helper to generate random 32-bit unsigned integers (useful for SSRCs, etc.) - * @note Currently just wraps g_random_int() - * @returns A (crypto-safe) random 32-bit unsigned integer */ + * @note Warning: this will fall back to a non-cryptographically safe PRNG in case + * the crypto library RAND_bytes() call fails. + * @returns A (mostly crypto-safe) random 32-bit unsigned integer */ guint32 janus_random_uint32(void); /*! \brief Helper to generate random 64-bit unsigned integers * @note Unlike janus_random_uint64(), which actually only generates 52 bits, this * generates the full 64 bits. See the janus_random_uint64() docstring for details. - * @returns A random 64-bit unsigned integer */ + * Warning: this will fall back to a non-cryptographically safe PRNG in case + * the crypto library RAND_bytes() call fails. + * @returns A (mostly crypto-safe) random 52-bit unsigned integer */ guint64 janus_random_uint64_full(void); /*! \brief Helper to generate random 52 bit unsigned integers @@ -80,11 +83,15 @@ guint64 janus_random_uint64_full(void); * might end up in Javascript (via JSON API). * This method is called janus_random_uint64() instead of janus_random_uint52() (or similar) * for backwards compatibility. - * @returns A (crypto-safe) random 64-bit unsigned integer */ + * Warning: this will fall back to a non-cryptographically safe PRNG in case + * the crypto library RAND_bytes() call fails. + * @returns A (mostly crypto-safe) random 64-bit unsigned integer */ guint64 janus_random_uint64(void); /*! \brief Helper to generate random UUIDs (needed by some plugins) - * @returns A (crypto-safe) random UUID string, which must be deallocated with \c g_free */ + * Warning: this will fall back to a non-cryptographically safe PRNG in case + * the crypto library RAND_bytes() call fails. + * @returns A (mostly crypto-safe) random UUID string, which must be deallocated with \c g_free */ char *janus_random_uuid(void); /*! \brief Helper to generate an allocated copy of a guint64 number