kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #15107 from LK4D4/unsafe_random

Browse source 
Use non-crypto version of random to generate ids.
This commit is contained in:
Tibor Vass 2015-07-29 11:47:38 -04:00
commit 9d3ad6d892
13 changed files with 84 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

2
api/client/ps/custom_test.go
View file

@ -11,7 +11,7 @@ import (
) )
func TestContainerContextID(t *testing.T) { func TestContainerContextID(t *testing.T) {
containerId := stringid.GenerateRandomID() containerId := stringid.GenerateNonCryptoID()
unix := time.Now().Unix() unix := time.Now().Unix()
var ctx containerContext var ctx containerContext

2
daemon/create_unix.go
View file

@ -24,7 +24,7 @@ func createContainerPlatformSpecificSettings(container *Container, config *runco
case 2: case 2:
name, destination = parts[0], filepath.Clean(parts[1]) name, destination = parts[0], filepath.Clean(parts[1])
default: default:
name = stringid.GenerateRandomID() name = stringid.GenerateNonCryptoID()
destination = filepath.Clean(parts[0]) destination = filepath.Clean(parts[0])
} }
// Skip volumes for which we already have something mounted on that // Skip volumes for which we already have something mounted on that

2
daemon/daemon.go
View file

@ -350,7 +350,7 @@ func (daemon *Daemon) mergeAndVerifyConfig(config *runconfig.Config, img *image.
func (daemon *Daemon) generateIdAndName(name string) (string, string, error) { func (daemon *Daemon) generateIdAndName(name string) (string, string, error) {
var ( var (
err error err error
id = stringid.GenerateRandomID() id = stringid.GenerateNonCryptoID()
) )
if name == "" { if name == "" {

4
daemon/daemon_test.go
View file

@ -135,7 +135,7 @@ func TestLoadWithVolume(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
hostVolumeId := stringid.GenerateRandomID() hostVolumeId := stringid.GenerateNonCryptoID()
vfsPath := filepath.Join(tmp, "vfs", "dir", hostVolumeId) vfsPath := filepath.Join(tmp, "vfs", "dir", hostVolumeId)
volumePath := filepath.Join(tmp, "volumes", hostVolumeId) volumePath := filepath.Join(tmp, "volumes", hostVolumeId)
@ -419,7 +419,7 @@ func TestRemoveLocalVolumesFollowingSymlinks(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
hostVolumeId := stringid.GenerateRandomID() hostVolumeId := stringid.GenerateNonCryptoID()
vfsPath := filepath.Join(tmp, "vfs", "dir", hostVolumeId) vfsPath := filepath.Join(tmp, "vfs", "dir", hostVolumeId)
volumePath := filepath.Join(tmp, "volumes", hostVolumeId) volumePath := filepath.Join(tmp, "volumes", hostVolumeId)

2
daemon/exec.go
View file

@ -155,7 +155,7 @@ func (d *Daemon) ContainerExecCreate(config *runconfig.ExecConfig) (string, erro
} }
execConfig := &execConfig{ execConfig := &execConfig{
ID: stringid.GenerateRandomID(), ID: stringid.GenerateNonCryptoID(),
OpenStdin: config.AttachStdin, OpenStdin: config.AttachStdin,
OpenStdout: config.AttachStdout, OpenStdout: config.AttachStdout,
OpenStderr: config.AttachStderr, OpenStderr: config.AttachStderr,

2
daemon/execdriver/windows/exec.go
View file

@ -19,7 +19,7 @@ func (d *driver) Exec(c *execdriver.Command, processConfig *execdriver.ProcessCo
inListen, outListen, errListen *npipe.PipeListener inListen, outListen, errListen *npipe.PipeListener
term execdriver.Terminal term execdriver.Terminal
err error err error
randomID string = stringid.GenerateRandomID() randomID string = stringid.GenerateNonCryptoID()
serverPipeFormat, clientPipeFormat string serverPipeFormat, clientPipeFormat string
pid uint32 pid uint32
exitCode int32 exitCode int32

2
graph/graph.go
View file

@ -314,7 +314,7 @@ func (graph *Graph) TempLayerArchive(id string, sf *streamformatter.StreamFormat
// mktemp creates a temporary sub-directory inside the graph's filesystem. // mktemp creates a temporary sub-directory inside the graph's filesystem.
func (graph *Graph) mktemp(id string) (string, error) { func (graph *Graph) mktemp(id string) (string, error) {
dir := filepath.Join(graph.root, "_tmp", stringid.GenerateRandomID()) dir := filepath.Join(graph.root, "_tmp", stringid.GenerateNonCryptoID())
if err := system.MkdirAll(dir, 0700); err != nil { if err := system.MkdirAll(dir, 0700); err != nil {
return "", err return "", err
} }

10
graph/graph_test.go
View file

@ -68,7 +68,7 @@ func TestInterruptedRegister(t *testing.T) {
defer nukeGraph(graph) defer nukeGraph(graph)
badArchive, w := io.Pipe() // Use a pipe reader as a fake archive which never yields data badArchive, w := io.Pipe() // Use a pipe reader as a fake archive which never yields data
image := &image.Image{ image := &image.Image{
ID: stringid.GenerateRandomID(), ID: stringid.GenerateNonCryptoID(),
Comment: "testing", Comment: "testing",
Created: time.Now(), Created: time.Now(),
} }
@ -126,7 +126,7 @@ func TestRegister(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
image := &image.Image{ image := &image.Image{
ID: stringid.GenerateRandomID(), ID: stringid.GenerateNonCryptoID(),
Comment: "testing", Comment: "testing",
Created: time.Now(), Created: time.Now(),
} }
@ -229,19 +229,19 @@ func TestByParent(t *testing.T) {
graph, _ := tempGraph(t) graph, _ := tempGraph(t)
defer nukeGraph(graph) defer nukeGraph(graph)
parentImage := &image.Image{ parentImage := &image.Image{
ID: stringid.GenerateRandomID(), ID: stringid.GenerateNonCryptoID(),
Comment: "parent", Comment: "parent",
Created: time.Now(), Created: time.Now(),
Parent: "", Parent: "",
} }
childImage1 := &image.Image{ childImage1 := &image.Image{
ID: stringid.GenerateRandomID(), ID: stringid.GenerateNonCryptoID(),
Comment: "child1", Comment: "child1",
Created: time.Now(), Created: time.Now(),
Parent: parentImage.ID, Parent: parentImage.ID,
} }
childImage2 := &image.Image{ childImage2 := &image.Image{
ID: stringid.GenerateRandomID(), ID: stringid.GenerateNonCryptoID(),
Comment: "child2", Comment: "child2",
Created: time.Now(), Created: time.Now(),
Parent: parentImage.ID, Parent: parentImage.ID,

6
integration-cli/docker_cli_rename_test.go
View file

@ -14,7 +14,7 @@ func (s *DockerSuite) TestRenameStoppedContainer(c *check.C) {
dockerCmd(c, "wait", cleanedContainerID) dockerCmd(c, "wait", cleanedContainerID)
name, err := inspectField(cleanedContainerID, "Name") name, err := inspectField(cleanedContainerID, "Name")
newName := "new_name" + stringid.GenerateRandomID() newName := "new_name" + stringid.GenerateNonCryptoID()
dockerCmd(c, "rename", "first_name", newName) dockerCmd(c, "rename", "first_name", newName)
name, err = inspectField(cleanedContainerID, "Name") name, err = inspectField(cleanedContainerID, "Name")
@ -30,7 +30,7 @@ func (s *DockerSuite) TestRenameStoppedContainer(c *check.C) {
func (s *DockerSuite) TestRenameRunningContainer(c *check.C) { func (s *DockerSuite) TestRenameRunningContainer(c *check.C) {
out, _ := dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh") out, _ := dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh")
newName := "new_name" + stringid.GenerateRandomID() newName := "new_name" + stringid.GenerateNonCryptoID()
cleanedContainerID := strings.TrimSpace(out) cleanedContainerID := strings.TrimSpace(out)
dockerCmd(c, "rename", "first_name", newName) dockerCmd(c, "rename", "first_name", newName)
@ -46,7 +46,7 @@ func (s *DockerSuite) TestRenameRunningContainer(c *check.C) {
func (s *DockerSuite) TestRenameCheckNames(c *check.C) { func (s *DockerSuite) TestRenameCheckNames(c *check.C) {
dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh") dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh")
newName := "new_name" + stringid.GenerateRandomID() newName := "new_name" + stringid.GenerateNonCryptoID()
dockerCmd(c, "rename", "first_name", newName) dockerCmd(c, "rename", "first_name", newName)
name, err := inspectField(newName, "Name") name, err := inspectField(newName, "Name")

27
pkg/random/random.go
View file

@ -1,11 +1,19 @@
package random package random
import ( import (
"io"
"math/rand" "math/rand"
"sync" "sync"
"time" "time"
) )
// Rand is a global *rand.Rand instance, which initilized with NewSource() source.
var Rand = rand.New(NewSource())
// Reader is a global, shared instance of a pseudorandom bytes generator.
// It doesn't consume entropy.
var Reader io.Reader = &reader{rnd: Rand}
// copypaste from standard math/rand // copypaste from standard math/rand
type lockedSource struct { type lockedSource struct {
lk sync.Mutex lk sync.Mutex
@ -32,3 +40,22 @@ func NewSource() rand.Source {
src: rand.NewSource(time.Now().UnixNano()), src: rand.NewSource(time.Now().UnixNano()),
} }
} }
type reader struct {
rnd *rand.Rand
}
func (r *reader) Read(b []byte) (int, error) {
i := 0
for {
val := r.rnd.Int63()
for val > 0 {
b[i] = byte(val)
i++
if i == len(b) {
return i, nil
}
val >>= 8
}
}
}

32
pkg/stringid/stringid.go
View file

@ -7,6 +7,8 @@ import (
"io" "io"
"regexp" "regexp"
"strconv" "strconv"
"github.com/docker/docker/pkg/random"
) )
const shortLen = 12 const shortLen = 12
@ -30,20 +32,36 @@ func TruncateID(id string) string {
return id[:trimTo] return id[:trimTo]
} }
// GenerateRandomID returns an unique id. func generateID(crypto bool) string {
func GenerateRandomID() string { b := make([]byte, 32)
var r io.Reader = random.Reader
if crypto {
r = rand.Reader
}
for { for {
id := make([]byte, 32) if _, err := io.ReadFull(r, b); err != nil {
if _, err := io.ReadFull(rand.Reader, id); err != nil {
panic(err) // This shouldn't happen panic(err) // This shouldn't happen
} }
value := hex.EncodeToString(id) id := hex.EncodeToString(b)
// if we try to parse the truncated for as an int and we don't have // if we try to parse the truncated for as an int and we don't have
// an error then the value is all numberic and causes issues when // an error then the value is all numberic and causes issues when
// used as a hostname. ref #3869 // used as a hostname. ref #3869
if _, err := strconv.ParseInt(TruncateID(value), 10, 64); err == nil { if _, err := strconv.ParseInt(TruncateID(id), 10, 64); err == nil {
continue continue
} }
return value return id
} }
} }
// GenerateRandomID returns an unique id.
func GenerateRandomID() string {
return generateID(true)
}
// GenerateNonCryptoID generates unique id without using cryptographically
// secure sources of random.
// It helps you to save entropy.
func GenerateNonCryptoID() string {
return generateID(false)
}

30
pkg/truncindex/truncindex_test.go
View file

@ -134,7 +134,7 @@ func assertIndexGet(t *testing.T, index *TruncIndex, input, expectedResult strin
func BenchmarkTruncIndexAdd100(b *testing.B) { func BenchmarkTruncIndexAdd100(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -150,7 +150,7 @@ func BenchmarkTruncIndexAdd100(b *testing.B) {
func BenchmarkTruncIndexAdd250(b *testing.B) { func BenchmarkTruncIndexAdd250(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 250; i++ { for i := 0; i < 250; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -166,7 +166,7 @@ func BenchmarkTruncIndexAdd250(b *testing.B) {
func BenchmarkTruncIndexAdd500(b *testing.B) { func BenchmarkTruncIndexAdd500(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -183,7 +183,7 @@ func BenchmarkTruncIndexGet100(b *testing.B) {
var testSet []string var testSet []string
var testKeys []string var testKeys []string
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
index := NewTruncIndex([]string{}) index := NewTruncIndex([]string{})
for _, id := range testSet { for _, id := range testSet {
@ -207,7 +207,7 @@ func BenchmarkTruncIndexGet250(b *testing.B) {
var testSet []string var testSet []string
var testKeys []string var testKeys []string
for i := 0; i < 250; i++ { for i := 0; i < 250; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
index := NewTruncIndex([]string{}) index := NewTruncIndex([]string{})
for _, id := range testSet { for _, id := range testSet {
@ -231,7 +231,7 @@ func BenchmarkTruncIndexGet500(b *testing.B) {
var testSet []string var testSet []string
var testKeys []string var testKeys []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
index := NewTruncIndex([]string{}) index := NewTruncIndex([]string{})
for _, id := range testSet { for _, id := range testSet {
@ -254,7 +254,7 @@ func BenchmarkTruncIndexGet500(b *testing.B) {
func BenchmarkTruncIndexDelete100(b *testing.B) { func BenchmarkTruncIndexDelete100(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -277,7 +277,7 @@ func BenchmarkTruncIndexDelete100(b *testing.B) {
func BenchmarkTruncIndexDelete250(b *testing.B) { func BenchmarkTruncIndexDelete250(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 250; i++ { for i := 0; i < 250; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -300,7 +300,7 @@ func BenchmarkTruncIndexDelete250(b *testing.B) {
func BenchmarkTruncIndexDelete500(b *testing.B) { func BenchmarkTruncIndexDelete500(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -323,7 +323,7 @@ func BenchmarkTruncIndexDelete500(b *testing.B) {
func BenchmarkTruncIndexNew100(b *testing.B) { func BenchmarkTruncIndexNew100(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -334,7 +334,7 @@ func BenchmarkTruncIndexNew100(b *testing.B) {
func BenchmarkTruncIndexNew250(b *testing.B) { func BenchmarkTruncIndexNew250(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 250; i++ { for i := 0; i < 250; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -345,7 +345,7 @@ func BenchmarkTruncIndexNew250(b *testing.B) {
func BenchmarkTruncIndexNew500(b *testing.B) { func BenchmarkTruncIndexNew500(b *testing.B) {
var testSet []string var testSet []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
testSet = append(testSet, stringid.GenerateRandomID()) testSet = append(testSet, stringid.GenerateNonCryptoID())
} }
b.ResetTimer() b.ResetTimer()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
@ -357,7 +357,7 @@ func BenchmarkTruncIndexAddGet100(b *testing.B) {
var testSet []string var testSet []string
var testKeys []string var testKeys []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
id := stringid.GenerateRandomID() id := stringid.GenerateNonCryptoID()
testSet = append(testSet, id) testSet = append(testSet, id)
l := rand.Intn(12) + 12 l := rand.Intn(12) + 12
testKeys = append(testKeys, id[:l]) testKeys = append(testKeys, id[:l])
@ -382,7 +382,7 @@ func BenchmarkTruncIndexAddGet250(b *testing.B) {
var testSet []string var testSet []string
var testKeys []string var testKeys []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
id := stringid.GenerateRandomID() id := stringid.GenerateNonCryptoID()
testSet = append(testSet, id) testSet = append(testSet, id)
l := rand.Intn(12) + 12 l := rand.Intn(12) + 12
testKeys = append(testKeys, id[:l]) testKeys = append(testKeys, id[:l])
@ -407,7 +407,7 @@ func BenchmarkTruncIndexAddGet500(b *testing.B) {
var testSet []string var testSet []string
var testKeys []string var testKeys []string
for i := 0; i < 500; i++ { for i := 0; i < 500; i++ {
id := stringid.GenerateRandomID() id := stringid.GenerateNonCryptoID()
testSet = append(testSet, id) testSet = append(testSet, id)
l := rand.Intn(12) + 12 l := rand.Intn(12) + 12
testKeys = append(testKeys, id[:l]) testKeys = append(testKeys, id[:l])

2
utils/utils.go
View file

@ -127,7 +127,7 @@ var globalTestID string
// new directory. // new directory.
func TestDirectory(templateDir string) (dir string, err error) { func TestDirectory(templateDir string) (dir string, err error) {
if globalTestID == "" { if globalTestID == "" {
globalTestID = stringid.GenerateRandomID()[:4] globalTestID = stringid.GenerateNonCryptoID()[:4]
} }
prefix := fmt.Sprintf("docker-test%s-%s-", globalTestID, GetCallerName(2)) prefix := fmt.Sprintf("docker-test%s-%s-", globalTestID, GetCallerName(2))
if prefix == "" { if prefix == "" {