Labels Milestones

New Issue

randomPassword() sometimes generates short passwords #114

Closed

opened 1 year ago by duke · 3 comments

duke commented 1 year ago

Owner

When SD generates a new config, it sometimes generates a short password instead of it being 10 chars:

# Autogenerated by Hush SilentDragonX 1.3.1 https://dragonx.is
server=1
rpcpassword=OU
rpcuser=dragonx
rpcport=21769
...

The bug seems to be in connection.cpp on the line :

s[i] = alphanum[randombytes_uniform(sizeof(alphanum))];

because s is a char * (8 bit) but randombytes_uniform returns a uint32_t value according to https://doc.libsodium.org/generating_random_data

This happens on OSX, it's not clear if it happens on other OS's as well.

When SD generates a new config, it sometimes generates a short password instead of it being 10 chars: ``` # Autogenerated by Hush SilentDragonX 1.3.1 https://dragonx.is server=1 rpcpassword=OU rpcuser=dragonx rpcport=21769 ... ``` The bug seems to be in connection.cpp on the line : ``` s[i] = alphanum[randombytes_uniform(sizeof(alphanum))]; ``` because `s` is a `char *` (8 bit) but `randombytes_uniform` returns a `uint32_t` value according to https://doc.libsodium.org/generating_random_data This happens on OSX, it's not clear if it happens on other OS's as well.

duke commented 1 year ago

Poster

Owner

Attempt at a fix on the dragonx branch : a557e25b61

needs testing

Attempt at a fix on the `dragonx` branch : https://git.hush.is/hush/SilentDragon/commit/a557e25b6136b3123543aa0a3c1ef94980400e14 needs testing

fekt commented 1 year ago

Collaborator

Seems to work as expected on OSX and Windows. Created 32 char password 10/10 times when deleting config and letting SD generate a new config.

Seems to work as expected on OSX and Windows. Created 32 char password 10/10 times when deleting config and letting SD generate a new config.

duke commented 1 year ago

Poster

Owner

This is fixed on the dev branch, closing

This is fixed on the `dev` branch, closing

duke closed this issue 1 year ago

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

chat

custom_themes

danger

dev

duke

importviewkey

master

no_mining_until_synced

old_duke

onryo

recurring

0.4.0

0.4.1

0.4.2

0.4.3

0.5.0

0.5.1

0.5.10

0.5.11

0.5.3

0.5.4

0.5.5

0.6.0

0.6.1

0.6.10

0.6.11

0.6.2

0.6.3

0.6.4

0.6.5

0.6.6

0.6.7

0.6.8

0.6.9

0.7.0

0.7.1

0.7.2

0.7.3

0.7.4

0.7.5

0.7.6

0.7.7

0.7.9

1.4.2

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.2.8

v0.2.9

v0.3.0

v0.3.1

v0.3.2

v0.5.2

v0.5.6

v0.5.7

v0.5.8

v0.5.9

v0.7.5

v0.7.6

v0.7.7

v0.7.8

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.9.0

v0.9.1

v0.9.2

v1.0.0

v1.1.0

v1.2.0

v1.3.0

v1.3.1

v1.4.0

v1.4.1

v1.4.2

Labels

Apply labels

Clear labels

0-500 bounty
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it tor
related to tor translation
translation update windows
related to windows wontfix
this won't be fixed

No Label 0-500 bounty 2001-5000 bounty 501-2000 bounty arm beginners bug build documentation feature high priority i2p low priority medium priority question release tor translation windows wontfix

Milestone

Set milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Assign users

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview

Loading…

Cancel

Save

There is no content yet.