From: konrad Date: Sun, 24 Oct 2010 17:38:19 +0000 (+0000) Subject: add some docu to random generator X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=d84c44bfd1a49de78df6adcdb525b7a28e57f3a5;p=web%2Fkonrad%2Fsmoke.git add some docu to random generator parallelize some parts of the login sequence git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@610 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/src/iface/msinterface.cpp b/src/iface/msinterface.cpp index 344b166..d6625ff 100644 --- a/src/iface/msinterface.cpp +++ b/src/iface/msinterface.cpp @@ -71,8 +71,10 @@ bool MSInterface::login(QString username,QString passwd) msecs-=120000;//do it 2 min before session runs out if(msecs>100000)//but only if it does not become annoying... QTimer::singleShot(msecs,this,SLOT(relogin())); - //get rights - MTGetMyRights mrt=MTGetMyRights::query(); + //get rights and roles + MTGetMyRights mrt=MTGetMyRights::asyncQuery(); + MTGetMyRoles mrl=MTGetMyRoles::asyncQuery(); + WTransaction::WaitForAll()<&errs) diff --git a/www/inc/classes/random.php b/www/inc/classes/random.php index 32b9eac..7a10c15 100644 --- a/www/inc/classes/random.php +++ b/www/inc/classes/random.php @@ -15,10 +15,13 @@ //try to use /dev/*random function randseedfile($fn,$sz) { + //open /dev/(u)random $fd=fopen($fn,"r"); + //don't block - we do not have much time stream_set_blocking($fd,0); + //add entropy global $RANDSEED; - $RANDSEED.=sha1(fread($fd,$sz)); + $RANDSEED.=bin2hex(fread($fd,$sz)); fclose($fd); } @@ -35,7 +38,7 @@ function randseedinit() //attempt to use OpenSSL if (function_exists('openssl_random_pseudo_bytes')) { $RANDSEED .= openssl_random_pseudo_bytes(64, $strong); - // if it was strong, be happy and leave + // if it was strong, be happy and leave (it probably already used /dev/random) if($strong === true) { return; } @@ -50,7 +53,7 @@ function randseedinit() /**return $bits bits of random data as hex string*/ function getRandom($bits) { - //number of digits... + //number of hex digits... $bits/=4; //init global $RANDSEED,$RANDCTR; @@ -86,14 +89,19 @@ define("RND_OTHER2",0x18); /**return a new Code-39 capable ID; length is the amount of characters*/ function getCode39ID($length,$range=RND_ANYRANGE) { + //we use a subset of the Code-39 characters that is moderately un-ambiguous $c39="123456789ABCDEFGHJKLMNPQRSTUVWXYZ"; + //get plenty of random bits (2 hex chars for each Code-39 char) $rnd=getRandom($length*8); + //construct the code $ret=""; for($i=0;$i<$length;$i++){ //cut random $r="0x".substr($rnd,$i*2,2); $r=($r+0)&31; - //if this is the first char, further manipulate it + //if this is the first char, further manipulate it; + //this is relied upon by the ticket/voucher/item code to minimize + //search for existing keys if($i==0 && $range!=RND_ANYRANGE){ $r=($r&RND_MASK)|$range; }