Re: [linux-minidisc] compiling libnetmd and netmdcli on windows

[Thomas Arp <manner.moe@gmx.de>]

Am 13/09/2011 23:53, schrieb Michael Karcher:

4. libnetmd/secure.c and netmdcli/netmdcli.c :  ramdo) is not defined
and implemented
I fixed this as a "bloody hack" in utils.h using
#ifdef WIN32 
#include <stdlib.h>
#include <time.h>
static int random(){srand(time(NULL));return rand();};
#endif

Reseding every time is a real bad idea(tm). It is quite likely that
time(NULL) returns the same value on two successive calls (it changes
once per second). As we don't care about sniffing, just using rand() in
the library should be fine, if the caller didn't srand so be it.

In netmdcli.c, add "srand(time(NULL));" to the beginning of main. Then
replace random by rand.

Regards,
  Michael Karcher

In netmd.cli the random number is used for creating a nonce in this way:

unsigned char hostnonce[8] = { 0 };
unsigned char *buf;
uint64_t rand;
.
.
rand = (uint64_t)random();
buf = hostnonce;
netmd_copy_quadword_to_buffer(&buf, rand);
.
.

As far as i know random() and rand() are 32bit only.
What about using "gcry_create_nonce(unsigned char *buffer, size_t length)" from libgcrypt instead?

unsigned char hostnonce[8] = { 0 };
.
.
gcry_create_nonce(hostnonce, sizeof(hostnonce));

Regards
Thomas