Index: ObjXMPP.xcodeproj/project.pbxproj ================================================================== --- ObjXMPP.xcodeproj/project.pbxproj +++ ObjXMPP.xcodeproj/project.pbxproj @@ -9,11 +9,10 @@ /* Begin PBXBuildFile section */ 4B1295EF1337BD5F00154B25 /* test.m in Sources */ = {isa = PBXBuildFile; fileRef = 4B1295EE1337BD5F00154B25 /* test.m */; }; 4B1295F11337C37E00154B25 /* ObjXMPP.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4BC559911337A65400E345C7 /* ObjXMPP.framework */; }; 4B1295F21337C3CF00154B25 /* ObjFW.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4BC559D61337ABD300E345C7 /* ObjFW.framework */; }; 4BC559D71337ABD300E345C7 /* ObjFW.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4BC559D61337ABD300E345C7 /* ObjFW.framework */; }; - 4BC559EB1337AC0900E345C7 /* arc4random_uniform.m in Sources */ = {isa = PBXBuildFile; fileRef = 4BC559D91337AC0900E345C7 /* arc4random_uniform.m */; }; 4BC559EC1337AC0900E345C7 /* XMPPAuthenticator.h in Headers */ = {isa = PBXBuildFile; fileRef = 4BC559DA1337AC0900E345C7 /* XMPPAuthenticator.h */; settings = {ATTRIBUTES = (Public, ); }; }; 4BC559ED1337AC0900E345C7 /* XMPPAuthenticator.m in Sources */ = {isa = PBXBuildFile; fileRef = 4BC559DB1337AC0900E345C7 /* XMPPAuthenticator.m */; }; 4BC559EE1337AC0900E345C7 /* XMPPConnection.h in Headers */ = {isa = PBXBuildFile; fileRef = 4BC559DC1337AC0900E345C7 /* XMPPConnection.h */; settings = {ATTRIBUTES = (Public, ); }; }; 4BC559EF1337AC0900E345C7 /* XMPPConnection.m in Sources */ = {isa = PBXBuildFile; fileRef = 4BC559DD1337AC0900E345C7 /* XMPPConnection.m */; }; 4BC559F01337AC0900E345C7 /* XMPPExceptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 4BC559DE1337AC0900E345C7 /* XMPPExceptions.h */; settings = {ATTRIBUTES = (Public, ); }; }; @@ -54,11 +53,10 @@ /* Begin PBXFileReference section */ 4B1295E01337BD2D00154B25 /* ObjXMPPTests */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = ObjXMPPTests; sourceTree = BUILT_PRODUCTS_DIR; }; 4B1295EE1337BD5F00154B25 /* test.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = test.m; path = tests/test.m; sourceTree = SOURCE_ROOT; }; 4BC559911337A65400E345C7 /* ObjXMPP.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = ObjXMPP.framework; sourceTree = BUILT_PRODUCTS_DIR; }; 4BC559D61337ABD300E345C7 /* ObjFW.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = ObjFW.framework; path = ../../../../Library/Frameworks/ObjFW.framework; sourceTree = ""; }; - 4BC559D91337AC0900E345C7 /* arc4random_uniform.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = arc4random_uniform.m; path = src/arc4random_uniform.m; sourceTree = SOURCE_ROOT; }; 4BC559DA1337AC0900E345C7 /* XMPPAuthenticator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = XMPPAuthenticator.h; path = src/XMPPAuthenticator.h; sourceTree = SOURCE_ROOT; }; 4BC559DB1337AC0900E345C7 /* XMPPAuthenticator.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = XMPPAuthenticator.m; path = src/XMPPAuthenticator.m; sourceTree = SOURCE_ROOT; }; 4BC559DC1337AC0900E345C7 /* XMPPConnection.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = XMPPConnection.h; path = src/XMPPConnection.h; sourceTree = SOURCE_ROOT; }; 4BC559DD1337AC0900E345C7 /* XMPPConnection.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = XMPPConnection.m; path = src/XMPPConnection.m; sourceTree = SOURCE_ROOT; }; 4BC559DE1337AC0900E345C7 /* XMPPExceptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = XMPPExceptions.h; path = src/XMPPExceptions.h; sourceTree = SOURCE_ROOT; }; @@ -169,11 +167,10 @@ 4BD9BF58134003F700DAB43A /* XMPPRosterItem.m */, 4BC559EA1337AC0900E345C7 /* XMPPSCRAMAuth.h */, 4BC559FD1337AC1800E345C7 /* XMPPSCRAMAuth.m */, 4BC559FE1337AC1800E345C7 /* XMPPStanza.h */, 4BC559FF1337AC1800E345C7 /* XMPPStanza.m */, - 4BC559D91337AC0900E345C7 /* arc4random_uniform.m */, ); path = ObjXMPP; sourceTree = ""; }; 4BC5599B1337A65400E345C7 /* Supporting Files */ = { @@ -288,11 +285,10 @@ }; 4BC5598C1337A65400E345C7 /* Sources */ = { isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( - 4BC559EB1337AC0900E345C7 /* arc4random_uniform.m in Sources */, 4BC559ED1337AC0900E345C7 /* XMPPAuthenticator.m in Sources */, 4BC559EF1337AC0900E345C7 /* XMPPConnection.m in Sources */, 4BC559F11337AC0900E345C7 /* XMPPExceptions.m in Sources */, 4BC559F31337AC0900E345C7 /* XMPPIQ.m in Sources */, 4BC559F51337AC0900E345C7 /* XMPPJID.m in Sources */, @@ -394,10 +390,15 @@ GCC_DYNAMIC_NO_PIC = NO; GCC_ENABLE_OBJC_EXCEPTIONS = YES; GCC_PRECOMPILE_PREFIX_HEADER = YES; GCC_VERSION = 4.2; INFOPLIST_FILE = Info.plist; + OTHER_LDFLAGS = ( + "-lcrypto", + "-L/opt/local/lib", + "-lidn", + ); PRODUCT_NAME = "$(TARGET_NAME)"; WRAPPER_EXTENSION = framework; }; name = Debug; }; @@ -412,10 +413,15 @@ FRAMEWORK_VERSION = A; GCC_ENABLE_OBJC_EXCEPTIONS = YES; GCC_PRECOMPILE_PREFIX_HEADER = YES; GCC_VERSION = 4.2; INFOPLIST_FILE = Info.plist; + OTHER_LDFLAGS = ( + "-lcrypto", + "-L/opt/local/lib", + "-lidn", + ); PRODUCT_NAME = "$(TARGET_NAME)"; WRAPPER_EXTENSION = framework; }; name = Release; }; Index: configure.ac ================================================================== --- configure.ac +++ configure.ac @@ -32,11 +32,11 @@ AC_PROG_RANLIB AC_SUBST(OBJXMPP_STATIC_LIB, "libobjxmpp.a") ]) AC_CHECK_LIB(objopenssl, main, [ - LIBS="$LIBS -lobjopenssl" + LIBS="$LIBS -lobjopenssl -lcrypto" ], [ AC_MSG_ERROR(You need ObjOpenSSL installed!) ]) PKG_CHECK_MODULES(libidn, [libidn >= 0.25], [ Index: src/Makefile ================================================================== --- src/Makefile +++ src/Makefile @@ -16,12 +16,10 @@ XMPPRoster.m \ XMPPRosterItem.m \ XMPPSCRAMAuth.m \ XMPPStanza.m -INCLUDES := ${SRCS:.m=.h} - -SRCS += arc4random_uniform.m +INCLUDES = ${SRCS:.m=.h} include ../buildsys.mk LD = ${OBJC} Index: src/XMPPSCRAMAuth.m ================================================================== --- src/XMPPSCRAMAuth.m +++ src/XMPPSCRAMAuth.m @@ -21,20 +21,20 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include +#include + +#include + #import "XMPPSCRAMAuth.h" #import "XMPPExceptions.h" #define HMAC_IPAD 0x36 #define HMAC_OPAD 0x5c -#ifndef HAVE_ARC4RANDOM_UNIFORM -extern uint32_t arc4random_uniform(uint32_t); -#endif - @implementation XMPPSCRAMAuth + SCRAMAuthWithAuthcid: (OFString*)authcid password: (OFString*)password hash: (Class)hash; { @@ -346,19 +346,26 @@ [pool release]; } - (OFString*)XMPP_genNonce { - OFMutableString *nonce = [OFMutableString string]; - uint32_t res, i; + uint8_t buf[64]; + size_t i; + + assert(RAND_pseudo_bytes(buf, 64) >= 0); for (i = 0; i < 64; i++) { - while ((res = arc4random_uniform('~' - '!' + 1) + '!') == ','); - [nonce appendFormat: @"%c", res]; + uint8_t tmp = (buf[i] % ('~' - '!')) + '!'; + + while (tmp == ',') + tmp = ((buf[i] >> 1) % ('~' - '!')) + '!'; + + buf[i] = tmp; } - return nonce; + return [OFString stringWithCString: (char*)buf + length: 64]; } - (uint8_t*)XMPP_HMACWithKey: (OFDataArray*)key data: (OFDataArray*)data { DELETED src/arc4random_uniform.m Index: src/arc4random_uniform.m ================================================================== --- src/arc4random_uniform.m +++ src/arc4random_uniform.m @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Arc4 random number generator for OpenBSD. - * - * This code is derived from section 17.1 of Applied Cryptography, - * second edition, which describes a stream cipher allegedly - * compatible with RSA Labs "RC4" cipher (the actual description of - * which is a trade secret). The same algorithm is used as a stream - * cipher called "arcfour" in Tatu Ylonen's ssh package. - * - * RC4 is a registered trademark of RSA Laboratories. - */ - -#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || \ - defined(__APPLE__) -# include -#else -# include -#endif -#include - -/* - * Calculate a uniformly distributed random number less than upper_bound - * avoiding "modulo bias". - * - * Uniformity is achieved by generating new random numbers until the one - * returned is outside the range [0, 2**32 % upper_bound). This - * guarantees the selected random number will be inside - * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound) - * after reduction modulo upper_bound. - */ -uint32_t -arc4random_uniform(uint32_t upper_bound) -{ - uint32_t r, min; - - if (upper_bound < 2) - return 0; - -#if (ULONG_MAX > 0xffffffffUL) - min = 0x100000000UL % upper_bound; -#else - /* Calculate (2**32 % upper_bound) avoiding 64-bit math */ - if (upper_bound > 0x80000000) - min = 1 + ~upper_bound; /* 2**32 - upper_bound */ - else { - /* (2**32 - (x * 2)) % x == 2**32 % x when x <= 2**31 */ - min = ((0xffffffff - (upper_bound * 2)) + 1) % upper_bound; - } -#endif - - /* - * This could theoretically loop forever but each retry has - * p > 0.5 (worst case, usually far better) of selecting a - * number inside the range we need, so it should rarely need - * to re-roll. - */ - for (;;) { - r = arc4random(); - if (r >= min) - break; - } - - return r % upper_bound; -}