diff --git a/ChangeLog b/ChangeLog index b40555e1..8d529883 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ 2020-04-06 Jay Berkenbilt + * Source-level incompatibility: remove QUtil::srandom. There was + no reason to ever call this, and it didn't do anything unless + insecure random number generation was compiled in, which it is not + by default. If you were calling this, just remove the call because + it wasn't doing anything anyway. + * Add openssl crypto provider, contributed by Dean Scarff. This provider is implemented using OpenSSL and also works with BoringSSL. diff --git a/include/qpdf/QUtil.hh b/include/qpdf/QUtil.hh index 2066cfef..912ebb32 100644 --- a/include/qpdf/QUtil.hh +++ b/include/qpdf/QUtil.hh @@ -271,13 +271,6 @@ namespace QUtil QPDF_DLL long random(); - // Wrapper around srandom from stdlib. Seeds the standard library - // weak random number generator, which is not used if secure - // random number generation is being used. You never need to call - // this method as it is called automatically if needed. - QPDF_DLL - void srandom(unsigned int seed); - // Initialize a buffer with random bytes. By default, qpdf tries // to use a secure random number source. It can be configured at // compile time to use an insecure random number source (from diff --git a/libqpdf/InsecureRandomDataProvider.cc b/libqpdf/InsecureRandomDataProvider.cc index 18b21baa..e246ff97 100644 --- a/libqpdf/InsecureRandomDataProvider.cc +++ b/libqpdf/InsecureRandomDataProvider.cc @@ -30,8 +30,13 @@ InsecureRandomDataProvider::random() // Seed the random number generator with something simple, but // just to be interesting, don't use the unmodified current // time. It would be better if this were a more secure seed. - QUtil::srandom(static_cast( - QUtil::get_current_time() ^ 0xcccc)); + unsigned int seed = static_cast( + QUtil::get_current_time() ^ 0xcccc); +#ifdef HAVE_RANDOM + ::srandom(seed); +#else + srand(seed); +#endif this->seeded_random = true; } diff --git a/libqpdf/QUtil.cc b/libqpdf/QUtil.cc index 8717e148..177b49e1 100644 --- a/libqpdf/QUtil.cc +++ b/libqpdf/QUtil.cc @@ -878,16 +878,6 @@ QUtil::toUTF16(unsigned long uval) // Random data support -long -QUtil::random() -{ - long result = 0L; - initializeWithRandomBytes( - reinterpret_cast(&result), - sizeof(result)); - return result; -} - static RandomDataProvider* random_data_provider = 0; #ifdef USE_INSECURE_RANDOM @@ -941,14 +931,14 @@ QUtil::initializeWithRandomBytes(unsigned char* data, size_t len) random_data_provider->provideRandomData(data, len); } -void -QUtil::srandom(unsigned int seed) +long +QUtil::random() { -#ifdef HAVE_RANDOM - ::srandom(seed); -#else - srand(seed); -#endif + long result = 0L; + initializeWithRandomBytes( + reinterpret_cast(&result), + sizeof(result)); + return result; } bool diff --git a/manual/qpdf-manual.xml b/manual/qpdf-manual.xml index 9720ad03..e6eb55eb 100644 --- a/manual/qpdf-manual.xml +++ b/manual/qpdf-manual.xml @@ -4798,6 +4798,22 @@ print "\n"; + + + Incompatible API (source-level) Changes (minor) + + + + + The QUtil::srandom method was removed. + It didn't do anything unless insecure random numbers were + compiled in, and they have been off by default for a long + time. If you were calling it, just remove the call since it + wasn't doing anything anyway. + + + + Build/Packaging Changes