void
test_main (void)
{
int fd_a, fd_b;
size_t ofs_a = 0, ofs_b = 0;
random_init (0);
random_bytes (buf_a, sizeof buf_a);
random_bytes (buf_b, sizeof buf_b);
CHECK (create ("a", 0), "create \"a\"");
CHECK (create ("b", 0), "create \"b\"");
CHECK ((fd_a = open ("a")) > 1, "open \"a\"");
CHECK ((fd_b = open ("b")) > 1, "open \"b\"");
msg ("write \"a\" and \"b\" alternately");
while (ofs_a < FILE_SIZE || ofs_b < FILE_SIZE)
{
write_some_bytes ("a", fd_a, buf_a, &ofs_a);
write_some_bytes ("b", fd_b, buf_b, &ofs_b);
}
msg ("close \"a\"");
close (fd_a);
msg ("close \"b\"");
close (fd_b);
check_file ("a", buf_a, FILE_SIZE);
check_file ("b", buf_b, FILE_SIZE);
}
void init_key() {
unsigned char binkey[64];
random_bytes((unsigned char *)&secret_key_len, sizeof(secret_key_len));
secret_key_len &= 0x7fffffff;
secret_key_len = (16 + secret_key_len % 16);
random_bytes(binkey, secret_key_len);
// secret_key is null terminated
hexencode(binkey, secret_key_len, secret_key);
// printf("key_len: %d\n", secret_key_len);
//printf("%s\n", secret_key);
}
int arc_encode(char *clear, int clear_len, unsigned char **crypt, char *password, int pad_to)
{
struct arc_state *st;
unsigned char *key;
char *padded = NULL;
int key_len, i, padded_len;
key_len = strlen(password) + ARC_IV_LEN;
if (clear_len <= 0) {
clear_len = strlen(clear);
}
/* Pad the string to the closest multiple of pad_to. This makes it
impossible to see the exact length of the password. */
if (pad_to > 0 && (clear_len % pad_to) > 0) {
padded_len = clear_len + pad_to - (clear_len % pad_to);
padded = g_malloc(padded_len);
memcpy(padded, clear, clear_len);
/* First a \0 and then random data, so we don't have to do
anything special when decrypting. */
padded[clear_len] = 0;
random_bytes((unsigned char *) padded + clear_len + 1, padded_len - clear_len - 1);
clear = padded;
clear_len = padded_len;
}
/* Prepare buffers and the key + IV */
*crypt = g_malloc(clear_len + ARC_IV_LEN);
key = g_malloc(key_len);
strcpy((char *) key, password);
/* Add the salt. Save it for later (when decrypting) and, of course,
add it to the encryption key. */
random_bytes(crypt[0], ARC_IV_LEN);
memcpy(key + key_len - ARC_IV_LEN, crypt[0], ARC_IV_LEN);
/* Generate the initial S[] from the IVed key. */
st = arc_keymaker(key, key_len, ARC_CYCLES);
g_free(key);
for (i = 0; i < clear_len; i++) {
crypt[0][i + ARC_IV_LEN] = clear[i] ^ arc_getbyte(st);
}
g_free(st);
g_free(padded);
return clear_len + ARC_IV_LEN;
}
/**
* Test implementation.
*/
void G_COLD
tea_test(void)
{
tea_key_t key;
tea_block_t value;
tea_block_t encrypted;
tea_block_t decrypted;
int i;
char in[80];
char out[80];
char recovered[80];
STATIC_ASSERT(sizeof(key.v) == TEA_KEY_SIZE);
STATIC_ASSERT(sizeof(value.v) == TEA_BLOCK_SIZE);
for (i = 0; i < 10; i++) {
int j;
bool randomized = FALSE;
for (j = 0; j < 10; j++) {
random_bytes(key.v, TEA_KEY_SIZE);
random_bytes(value.v, TEA_BLOCK_SIZE);
t_encrypt(&encrypted, &key, &value);
if (0 != memcmp(value.v, encrypted.v, TEA_BLOCK_SIZE)) {
randomized = TRUE;
break;
}
}
if (!randomized)
g_error("no luck with random numbers in tea_test()");
t_decrypt(&decrypted, &key, &encrypted);
if (0 != memcmp(value.v, decrypted.v, TEA_BLOCK_SIZE)) {
g_error("TEA implementation tests FAILED");
return;
}
}
STATIC_ASSERT(sizeof in == sizeof out);
STATIC_ASSERT(sizeof in == sizeof recovered);
random_bytes(key.v, TEA_KEY_SIZE);
random_bytes(in, sizeof in);
tea_encrypt(&key, out, in, sizeof in);
tea_decrypt(&key, recovered, out, sizeof out);
if (0 != memcmp(in, recovered, sizeof in))
g_error("TEA implementation tests FAILED");
}
int main(int argc, char *argv[]) {
int i, wait1, wait2, seed, start;
unsigned int value;
signal(SIGINT, SIGINT_handler);
if(argc < 2) {
random_bytes((unsigned char *)&wait1, sizeof(wait1));
wait1 &= 0x7fffffff;
wait1 = wait1 % 960 + 40;
random_bytes((unsigned char *)&wait2, sizeof(wait2));
wait2 &= 0x7fffffff;
wait2 = wait2 % 960 + 40;
printf("about to spend %d seconds running bad crypto code, OK?\n", wait1 + wait2);
if(sleep(wait1)) {
printf("sleep was interrupted\n");
}
seed = time(NULL);
FILE *fp = fopen("seed", "w");
fprintf(fp, "%d", seed);
fclose(fp);
MT_initialize_generator(seed);
sleep(wait2);
printf("secret: %u\n", MT_extract_number());
} else {
sscanf(argv[1], "%u", &value);
if(argc > 2)
sscanf(argv[2], "%d", &start);
else
start = time(NULL);
printf("brute force search for seed generating %u, starting at %d\n", value, start);
do {
MT_initialize_generator(start--);
} while(MT_extract_number() != value);
start++;
printf("generator seeded with: %d\n", start);
}
return 0;
}
void
seq_test (const char *file_name, void *buf, size_t size, size_t initial_size,
size_t (*block_size_func) (void),
void (*check_func) (int fd, long ofs))
{
size_t ofs;
int fd;
random_bytes (buf, size);
CHECK (create (file_name, initial_size), "create \"%s\"", file_name);
CHECK ((fd = open (file_name)) > 1, "open \"%s\"", file_name);
ofs = 0;
msg ("writing \"%s\"", file_name);
while (ofs < size)
{
size_t block_size = block_size_func ();
if (block_size > size - ofs)
block_size = size - ofs;
if (write (fd, buf + ofs, block_size) != (int) block_size)
fail ("write %zu bytes at offset %zu in \"%s\" failed",
block_size, ofs, file_name);
ofs += block_size;
if (check_func != NULL)
check_func (fd, ofs);
}
msg ("close \"%s\"", file_name);
close (fd);
check_file (file_name, buf, size);
}
static void test_acquire_data_fd_one(unsigned flags) {
char wbuffer[196*1024 - 7];
char rbuffer[sizeof(wbuffer)];
int fd;
fd = acquire_data_fd("foo", 3, flags);
assert_se(fd >= 0);
zero(rbuffer);
assert_se(read(fd, rbuffer, sizeof(rbuffer)) == 3);
assert_se(streq(rbuffer, "foo"));
fd = safe_close(fd);
fd = acquire_data_fd("", 0, flags);
assert_se(fd >= 0);
zero(rbuffer);
assert_se(read(fd, rbuffer, sizeof(rbuffer)) == 0);
assert_se(streq(rbuffer, ""));
fd = safe_close(fd);
random_bytes(wbuffer, sizeof(wbuffer));
fd = acquire_data_fd(wbuffer, sizeof(wbuffer), flags);
assert_se(fd >= 0);
zero(rbuffer);
assert_se(read(fd, rbuffer, sizeof(rbuffer)) == sizeof(rbuffer));
assert_se(memcmp(rbuffer, wbuffer, sizeof(rbuffer)) == 0);
fd = safe_close(fd);
}
int
main (int argc, const char *argv[])
{
int child_idx;
int fd;
size_t i;
quiet = true;
CHECK (argc == 2, "argc must be 2, actually %d", argc);
child_idx = atoi (argv[1]);
random_init (0);
random_bytes (buf, sizeof buf);
CHECK ((fd = open (file_name)) > 1, "open \"%s\"", file_name);
for (i = 0; i < sizeof buf; i++)
{
char c;
CHECK (read (fd, &c, 1) > 0, "read \"%s\"", file_name);
compare_bytes (&c, buf + i, 1, i, file_name);
}
close (fd);
return child_idx;
}
int
main (int argc, const char *argv[])
{
int child_idx;
int fd;
size_t ofs;
quiet = true;
CHECK (argc == 2, "argc must be 2, actually %d", argc);
child_idx = atoi (argv[1]);
random_init (0);
random_bytes (buf1, sizeof buf1);
CHECK ( (fd = open (file_name)) > 1, "open \"%s\"", file_name);
ofs = 0;
while (ofs < sizeof buf2)
{
int bytes_read = read (fd, buf2 + ofs, sizeof buf2 - ofs);
CHECK (bytes_read >= -1 && bytes_read <= (int) (sizeof buf2 - ofs),
"%zu-byte read on \"%s\" returned invalid value of %d",
sizeof buf2 - ofs, file_name, bytes_read);
if (bytes_read > 0)
{
compare_bytes (buf2 + ofs, buf1 + ofs, bytes_read, ofs, file_name);
ofs += bytes_read;
}
}
close (fd);
return child_idx;
}
END_TEST
START_TEST(random_bytes_returns_random_bytes) {
random_t random;
random_create(random);
uint8_t a[16] = {};
uint8_t b[16] = {};
random_bytes(random, a, 16);
random_bytes(random, b, 16);
fail_unless(memcmp(a, b, 16) != 0);
random_free(random);
}
static
void write_offer(struct master_config* config, struct endpoint* endpoint, struct udpaddress* remote) {
char* key;
char token[1500];
char obuf[1500];
ssize_t tlength, olength, r;
struct proto proto;
struct session* session;
struct cipher_context* rkey = config->key0;
key = alloca(config->cipher_keysize);
random_bytes(key, config->cipher_keysize);
session = session_find_by_address(config, &endpoint->local, remote);
if (session) {
if (session->rkey) {
rkey = session->rkey;
}
}
tlength = encrypt_challenge(config, remote, &endpoint->local, session ? session->key1 : 0, key, token);
memset(&proto, 0, sizeof(proto));
proto.type = PROTO_OFFER;
proto.id.value = token;
proto.id.length = tlength;
proto.key.value = key;
proto.key.length = config->cipher_keysize;
olength = proto_encode(&proto, obuf, sizeof(obuf));
encrypt_and_write(config, endpoint->socket, remote, rkey, obuf, olength);
}
/* Returns a pseudo-random unsigned long.
Use random_ulong() % n to obtain a random number in the range
0...n (exclusive). */
unsigned long
random_ulong (void)
{
unsigned long ul;
random_bytes (&ul, sizeof ul);
return ul;
}
bool test_encode_base64 (Test *test)
{
char *base64;
char bytes[1024 * 16];
size_t i;
TITLE ();
CATCH (encode_base64 (NULL, 0));
CATCH (error_at (0).error != ErrorInvalidArgument);
CATCH (error_at (0).code != 1);
CATCH (encode_base64 ("", 0));
CATCH (error_at (0).error != ErrorInvalidArgument);
CATCH (error_at (0).code != 2);
memory_commit_limit (0);
CATCH (encode_base64 ("abc", 3));
CATCH (error_at (0).error != ErrorFunctionCall);
memory_commit_limit (ULLONG_MAX);
for (i = 0; i < 1000; i++) {
CATCH (!(base64 = encode_base64 ("any carnal pleasure.", 20)));
CATCH (!string_equals (base64, "YW55IGNhcm5hbCBwbGVhc3VyZS4="));
string_destroy (base64);
}
CATCH (!random_open ());
for (i = 0; i < 1000; i++) {
CATCH (!random_bytes ((unsigned char *)&bytes, 1024 * 16));
CATCH (!(base64 = encode_base64 (bytes, 1024 * 16)));
CATCH (string_length (base64) < 21848);
string_destroy (base64);
}
random_close ();
PASS ();
}
static void random_key(secp256k1_context *ctx,
struct seckey *seckey, secp256k1_pubkey *pkey)
{
do {
random_bytes(seckey->u.u8, sizeof(seckey->u));
} while (!secp256k1_ec_pubkey_create(ctx, pkey, seckey->u.u8));
}
/*
* Return a new random number.
*/
u32_t magic() {
u32_t new_rand;
random_bytes((unsigned char *)&new_rand, sizeof(new_rand));
return new_rand;
}
/**
* Generate new token for given version string.
*/
static char *
tok_generate(time_t now, const char *version)
{
char token[TOKEN_BASE64_SIZE + 1];
char digest[TOKEN_VERSION_SIZE];
char lvldigest[LEVEL_SIZE];
char lvlbase64[LEVEL_BASE64_SIZE + 1];
const struct tokkey *tk;
uint32 crc32;
uint idx;
const char *key;
SHA1Context ctx;
struct sha1 sha1;
int lvlsize;
int i;
/*
* Compute token.
*/
key = random_key(now, &idx, &tk);
now = clock_loc2gmt(now); /* As close to GMT as possible */
poke_be32(&digest[0], now);
random_bytes(&digest[4], 3);
digest[6] &= 0xe0U; /* Upper 3 bits only */
digest[6] |= idx & 0xffU; /* Has 5 bits for the index */
SHA1Reset(&ctx);
SHA1Input(&ctx, key, strlen(key));
SHA1Input(&ctx, digest, 7);
SHA1Input(&ctx, version, strlen(version));
SHA1Result(&ctx, &sha1);
memcpy(&digest[7], sha1.data, SHA1_RAW_SIZE);
/*
* Compute level.
*/
lvlsize = G_N_ELEMENTS(token_keys) - (tk - token_keys);
crc32 = crc32_update(0, digest, TOKEN_VERSION_SIZE);
for (i = 0; i < lvlsize; i++) {
poke_be16(&lvldigest[i*2], tok_crc(crc32, tk));
tk++;
}
/*
* Encode into base64.
*/
base64_encode_into(digest, TOKEN_VERSION_SIZE, token, TOKEN_BASE64_SIZE);
token[TOKEN_BASE64_SIZE] = '\0';
ZERO(&lvlbase64);
base64_encode_into(lvldigest, 2 * lvlsize, lvlbase64, LEVEL_BASE64_SIZE);
return g_strconcat(token, "; ", lvlbase64, (void *) 0);
}
static void chap_md5_generate_challenge(unsigned char *cp) {
int clen;
clen = (int)(drand48() * (MD5_MAX_CHALLENGE - MD5_MIN_CHALLENGE))
+ MD5_MIN_CHALLENGE;
*cp++ = clen;
random_bytes(cp, clen);
}
static void chapms2_generate_challenge(unsigned char *challenge) {
*challenge++ = 16;
#ifdef DEBUGMPPEKEY
if (mschap_challenge && strlen(mschap_challenge) == 16)
memcpy(challenge, mschap_challenge, 16);
else
#endif
random_bytes(challenge, 16);
}
static int crypt_main( int argc, char *argv[] )
{
int pass_len;
unsigned char *pass_cr, *pass_cl;
if( argc < 4 || ( strcmp( argv[2], "hash" ) != 0 &&
strcmp( argv[2], "unhash" ) != 0 && argc < 5 ) )
{
printf( "Supported:\n"
" %s -x enc <key> <cleartext password>\n"
" %s -x dec <key> <encrypted password>\n"
" %s -x hash <cleartext password>\n"
" %s -x unhash <hashed password>\n"
" %s -x chkhash <hashed password> <cleartext password>\n",
argv[0], argv[0], argv[0], argv[0], argv[0] );
}
else if( strcmp( argv[2], "enc" ) == 0 )
{
pass_len = arc_encode( argv[4], strlen( argv[4] ), (unsigned char**) &pass_cr, argv[3], 12 );
printf( "%s\n", base64_encode( pass_cr, pass_len ) );
}
else if( strcmp( argv[2], "dec" ) == 0 )
{
pass_len = base64_decode( argv[4], (unsigned char**) &pass_cr );
arc_decode( pass_cr, pass_len, (char**) &pass_cl, argv[3] );
printf( "%s\n", pass_cl );
}
else if( strcmp( argv[2], "hash" ) == 0 )
{
md5_byte_t pass_md5[21];
md5_state_t md5_state;
random_bytes( pass_md5 + 16, 5 );
md5_init( &md5_state );
md5_append( &md5_state, (md5_byte_t*) argv[3], strlen( argv[3] ) );
md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
md5_finish( &md5_state, pass_md5 );
printf( "%s\n", base64_encode( pass_md5, 21 ) );
}
else if( strcmp( argv[2], "unhash" ) == 0 )
{
printf( "Hash %s submitted to a massive Beowulf cluster of\n"
"overclocked 486s. Expect your answer next year somewhere around this time. :-)\n", argv[3] );
}
else if( strcmp( argv[2], "chkhash" ) == 0 )
{
char *hash = strncmp( argv[3], "md5:", 4 ) == 0 ? argv[3] + 4 : argv[3];
int st = md5_verify_password( argv[4], hash );
printf( "Hash %s given password.\n", st == 0 ? "matches" : "does not match" );
return st;
}
return 0;
}
void ecc_start(void)
{
secp256k1_ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY);
assert(secp256k1_ctx != NULL);
uint8_t seed[32];
random_bytes(seed, 32, 0);
int ret = secp256k1_context_randomize(secp256k1_ctx, seed);
assert(ret);
}
gchar *
fb_util_rand_uuid(void)
{
guint8 buf[50];
sha1_state_t sha;
sha1_init(&sha);
random_bytes(buf, sizeof buf);
sha1_append(&sha, buf, sizeof buf);
return sha1_random_uuid(&sha);
}
bool Random_Impl::random_bool()
{
if (!random_bool_bits_free)
{
random_bytes(&_random_bool, 1);
random_bool_bits_free = 8;
}
random_bool_bits_free--;
return ((_random_bool >> random_bool_bits_free) & 1);
}
JournalRateLimit *journal_rate_limit_new(void) {
JournalRateLimit *r;
r = new0(JournalRateLimit, 1);
if (!r)
return NULL;
random_bytes(r->hash_key, sizeof(r->hash_key));
return r;
}
uint16_t
random_uint16(void)
{
if (RAND_MAX >= UINT16_MAX) {
random_init();
return rand();
} else {
uint16_t x;
random_bytes(&x, sizeof x);
return x;
}
}
/**************************************************************************
* Function: generateAccountHash
* Description: returns the unique hash for the account.
* ************************************************************************/
md_hash * generateAccountHash (Account * acct) {
static md_hash ret;
unsigned char * hashable;
int data_length = 0, string_length = 0;
MemSet(ret, sizeof(md_hash), 0);
/* username, password, acct mod date,
* pw mod date, and 256 bits of randomness */
data_length =
StrLen(acct->username)+
StrLen(acct->system)+
StrLen(acct->password)+
StrLen(acct->service)+
StrLen(acct->comment)+
sizeof(acct->account_mod_date)+
sizeof(acct->password_mod_date)+
(sizeof(Int16)*16)+1;
if((hashable=MemPtrNew(data_length))) {
MemSet(hashable, data_length, 0);
StrCopy(hashable, acct->username);
string_length+=StrLen(acct->username);
StrCat(hashable, acct->system);
string_length+=StrLen(acct->system);
StrCat(hashable, acct->password);
string_length+=StrLen(acct->password);
StrCat(hashable, acct->service);
string_length+=StrLen(acct->service);
StrCat(hashable, acct->comment);
string_length+=StrLen(acct->comment);
MemMove(hashable+string_length,
&acct->account_mod_date,
sizeof(acct->account_mod_date));
string_length+=sizeof(acct->account_mod_date);
MemMove(hashable+string_length,
&acct->password_mod_date,
sizeof(acct->password_mod_date));
string_length+=sizeof(acct->password_mod_date);
/* move some randomness onto the end
* to make dictionary attacks impossible. */
random_bytes(hashable+string_length, 32);
string_length+=32;
md_block(hashable, string_length, ret);
MemPtrFree(hashable);
}
return &ret;
}
/* This generates an unfinished md5_state_t variable. Every time we generate
an ID, we finish the state by adding a sequence number and take the hash. */
static void jabber_generate_id_hash( struct jabber_data *jd )
{
md5_byte_t binbuf[4];
char *s;
md5_init( &jd->cached_id_prefix );
md5_append( &jd->cached_id_prefix, (unsigned char *) jd->username, strlen( jd->username ) );
md5_append( &jd->cached_id_prefix, (unsigned char *) jd->server, strlen( jd->server ) );
s = set_getstr( &jd->ic->acc->set, "resource" );
md5_append( &jd->cached_id_prefix, (unsigned char *) s, strlen( s ) );
random_bytes( binbuf, 4 );
md5_append( &jd->cached_id_prefix, binbuf, 4 );
}
/** Run unit tests for digest set code (implemented as a hashtable or as a
* bloom filter) */
static void
test_container_digestset(void *unused)
{
smartlist_t *included = smartlist_create();
char d[SHA256_LENGTH];
int i;
int ok = 1;
int false_positives = 0;
digestset_t *set = NULL;
for (i = 0; i < 1000; ++i) {
random_bytes((uchar *)d, SHA256_LENGTH);
smartlist_add(included, xmemdup(d, SHA256_LENGTH));
}
set = digestset_new(1000);
SMARTLIST_FOREACH(included, const char *, cp,
if (digestset_isin(set, cp))
ok = 0);
tt_assert(ok);
SMARTLIST_FOREACH(included, const char *, cp,
digestset_add(set, cp));
SMARTLIST_FOREACH(included, const char *, cp,
if (!digestset_isin(set, cp))
ok = 0);
tt_assert(ok);
for (i = 0; i < 1000; ++i) {
random_bytes((uchar *)d, SHA256_LENGTH);
if (digestset_isin(set, d))
++false_positives;
}
tt_assert(false_positives < 50); /* Should be far lower. */
end:
if (set)
digestset_free(set);
SMARTLIST_FOREACH(included, char *, cp, free(cp));
smartlist_free(included);
}
/* Initialize a flow with random fields that matter for nx_hash_fields. */
void
flow_random_hash_fields(struct flow *flow)
{
uint16_t rnd = random_uint16();
/* Initialize to all zeros. */
memset(flow, 0, sizeof *flow);
eth_addr_random(flow->dl_src);
eth_addr_random(flow->dl_dst);
flow->vlan_tci = (OVS_FORCE ovs_be16) (random_uint16() & VLAN_VID_MASK);
/* Make most of the random flows IPv4, some IPv6, and rest random. */
flow->dl_type = rnd < 0x8000 ? htons(ETH_TYPE_IP) :
rnd < 0xc000 ? htons(ETH_TYPE_IPV6) : (OVS_FORCE ovs_be16)rnd;
if (dl_type_is_ip_any(flow->dl_type)) {
if (flow->dl_type == htons(ETH_TYPE_IP)) {
flow->nw_src = (OVS_FORCE ovs_be32)random_uint32();
flow->nw_dst = (OVS_FORCE ovs_be32)random_uint32();
} else {
random_bytes(&flow->ipv6_src, sizeof flow->ipv6_src);
random_bytes(&flow->ipv6_dst, sizeof flow->ipv6_dst);
}
/* Make most of IP flows TCP, some UDP or SCTP, and rest random. */
rnd = random_uint16();
flow->nw_proto = rnd < 0x8000 ? IPPROTO_TCP :
rnd < 0xc000 ? IPPROTO_UDP :
rnd < 0xd000 ? IPPROTO_SCTP : (uint8_t)rnd;
if (flow->nw_proto == IPPROTO_TCP ||
flow->nw_proto == IPPROTO_UDP ||
flow->nw_proto == IPPROTO_SCTP) {
flow->tp_src = (OVS_FORCE ovs_be16)random_uint16();
flow->tp_dst = (OVS_FORCE ovs_be16)random_uint16();
}
}
}
static
ssize_t xencrypt(struct master_config* config, struct cipher_context* context, const char* in, size_t ilength, char* out) {
char* tmp;
ssize_t r,i;
tmp = alloca(ilength + config->cipher_size);
random_bytes(tmp, config->cipher_size);
memcpy(tmp + config->cipher_size, in, ilength);
r = cipher_encrypt(context, tmp, ilength + config->cipher_size, out);
digest_sign(config->digest, tmp, ilength + config->cipher_size, out + r);
return r + config->digest_size;
}
int dns_transaction_new(DnsTransaction **ret, DnsScope *s, DnsResourceKey *key) {
_cleanup_(dns_transaction_freep) DnsTransaction *t = NULL;
int r;
assert(ret);
assert(s);
assert(key);
r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL);
if (r < 0)
return r;
r = hashmap_ensure_allocated(&s->transactions, &dns_resource_key_hash_ops);
if (r < 0)
return r;
t = new0(DnsTransaction, 1);
if (!t)
return -ENOMEM;
t->dns_udp_fd = -1;
t->key = dns_resource_key_ref(key);
/* Find a fresh, unused transaction id */
do
random_bytes(&t->id, sizeof(t->id));
while (t->id == 0 ||
hashmap_get(s->manager->dns_transactions, UINT_TO_PTR(t->id)));
r = hashmap_put(s->manager->dns_transactions, UINT_TO_PTR(t->id), t);
if (r < 0) {
t->id = 0;
return r;
}
r = hashmap_put(s->transactions, t->key, t);
if (r < 0) {
hashmap_remove(s->manager->dns_transactions, UINT_TO_PTR(t->id));
return r;
}
t->scope = s;
if (ret)
*ret = t;
t = NULL;
return 0;
}
