Use better random numbers for everything, where possible.

lib/connect.c

@@ -28,6 +28,7 @@ Contributors:
 #include "net_mosq.h"
 #include "send_mosq.h"
 #include "socks_mosq.h"
+#include "util_mosq.h"
 
 static int mosquitto__reconnect(struct mosquitto *mosq, bool blocking, const mosquitto_property *properties);
 static int mosquitto__connect_init(struct mosquitto *mosq, const char *host, int port, int keepalive, const char *bind_address);
@@ -36,6 +37,7 @@ static int mosquitto__connect_init(struct mosquitto *mosq, const char *host, int
 static int mosquitto__connect_init(struct mosquitto *mosq, const char *host, int port, int keepalive, const char *bind_address)
 {
 	int i;
+	int rc;
 
 	if(!mosq) return MOSQ_ERR_INVAL;
 	if(!host || port <= 0) return MOSQ_ERR_INVAL;
@@ -51,8 +53,11 @@ static int mosquitto__connect_init(struct mosquitto *mosq, const char *host, int
 		mosq->id[3] = 'q';
 		mosq->id[4] = '/';
 
+		rc = util__random_bytes(&mosq->id[5], 18);
+		if(rc) return rc;
+
 		for(i=5; i<23; i++){
-			mosq->id[i] = (random()%73)+48;
+			mosq->id[i] = (mosq->id[i]%73)+48;
 		}
 	}
 

lib/util_mosq.c

@@ -28,8 +28,13 @@ Contributors:
 #  include <sys/stat.h>
 #endif
 
+#ifdef __linux__
+#  include <sys/random.h>
+#endif
+
 #ifdef WITH_TLS
 #  include <openssl/bn.h>
+#  include <openssl/rand.h>
 #endif
 
 #ifdef WITH_BROKER
@@ -295,3 +300,41 @@ void util__increment_send_quota(struct mosquitto *mosq)
 		mosq->send_quota++;
 	}
 }
+
+
+int util__random_bytes(void *bytes, int count)
+{
+	int rc = MOSQ_ERR_UNKNOWN;
+
+#ifdef WITH_TLS
+	if(RAND_bytes(bytes, count) == 1){
+		rc = MOSQ_ERR_SUCCESS;
+	}
+#else
+#  ifdef __GLIBC__
+	if(getrandom(bytes, count, 0) == 0){
+		rc = MOSQ_ERR_SUCCESS;
+	}
+#  elif defined(WIN32)
+	HRYPTPROV provider;
+
+	if(!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)){
+		return MOSQ_ERR_UNKNOWN;
+	}
+
+	if(CryptGenRandom(provider, count, bytes)){
+		rc = MOSQ_ERR_SUCCESS;
+	}
+
+	CryptReleaseContext(provider, 0);
+#  else
+	int i;
+
+	for(i=0; i<count; i++){
+		((uint8_t *)bytes)[i] = (uint8_t )(random()&0xFF);
+	}
+	rc = MOSQ_ERR_SUCCESS;
+#  endif
+#endif
+	return rc;
+}

lib/util_mosq.h

@@ -38,6 +38,8 @@ int mosquitto__hex2bin_sha1(const char *hex, unsigned char **bin);
 int mosquitto__hex2bin(const char *hex, unsigned char *bin, int bin_max_len);
 #endif
 
+int util__random_bytes(void *bytes, int count);
+
 void util__increment_receive_quota(struct mosquitto *mosq);
 void util__increment_send_quota(struct mosquitto *mosq);
 #endif

src/bridge.c

@@ -450,7 +450,9 @@ void bridge__packet_cleanup(struct mosquitto *context)
 
 static int rand_between(int base, int cap)
 {
-	return (rand() % (cap - base)) + base;
+	int r;
+	util__random_bytes(&r, sizeof(int));
+	return (r % (cap - base)) + base;
 }
 
 static void bridge__backoff_step(struct mosquitto *context)

src/handle_connect.c

@@ -30,56 +30,11 @@ Contributors:
 #include "tls_mosq.h"
 #include "util_mosq.h"
 
-#ifdef WITH_TLS
-#  include <openssl/rand.h>
-#endif
-
-#ifdef __linux__
-#  include <sys/random.h>
-#endif
-
 #ifdef WITH_WEBSOCKETS
 #  include <libwebsockets.h>
 #endif
 
 
-static int random_16_bytes(uint8_t *bytes)
-{
-	int rc = MOSQ_ERR_UNKNOWN;
-
-#ifdef WITH_TLS
-	if(RAND_bytes(bytes, 16) == 1){
-		rc = MOSQ_ERR_SUCCESS;
-	}
-#else
-#  ifdef __GLIBC__
-	if(getrandom(bytes, 16, 0) == 0){
-		rc = MOSQ_ERR_SUCCESS;
-	}
-#  elif defined(WIN32)
-	HRYPTPROV provider;
-
-	if(!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)){
-		return MOSQ_ERR_UNKNOWN;
-	}
-
-	if(CryptGenRandom(provider, 16, bytes)){
-		rc = MOSQ_ERR_SUCCESS;
-	}
-
-	CryptReleaseContext(provider, 0);
-#  else
-	int i;
-
-	for(i=0; i<16; i++){
-		bytes[i] = (uint8_t )(random()&0xFF);
-	}
-	rc = MOSQ_ERR_SUCCESS;
-#  endif
-#endif
-	return rc;
-}
-
 static char nibble_to_hex(uint8_t value)
 {
 	if(value < 0x0A){
@@ -96,7 +51,7 @@ static char *client_id_gen(struct mosquitto_db *db, int *idlen, const char *auto
 	int i;
 	int pos;
 
-	if(random_16_bytes(rnd)) return NULL;
+	if(util__random_bytes(rnd, 16)) return NULL;
 
 	*idlen = 36 + auto_id_prefix_len;