Bug 369428 - nsExternalAppHandler::SetUpTempFile uses a poor source of randomness, resulting in predictable filenames. r=kaie, sr=rrelyea, a=blocking1.9

netwerk/base/public/Makefile.in

@@ -126,6 +126,7 @@ XPIDLSRCS	= \
 		nsINetUtil.idl \
 		nsIProxiedChannel.idl \
 		nsIScriptableIO.idl \
+		nsIRandomGenerator.idl \
 		$(NULL)
 
 EXPORTS		= \

netwerk/base/public/nsIRandomGenerator.idl

@@ -0,0 +1,52 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 2007
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Shawn Wilsher <me@shawnwilsher.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "nsISupports.idl"
+
+[scriptable, uuid(2362d97a-747a-4576-8863-697667309209)]
+interface nsIRandomGenerator : nsISupports {
+  /**
+   * Generates the specified amount of random bytes.
+   *
+   * @param aLength
+   *        The length of the data to generate.
+   * @param aBuffer
+   *        A buffer that contains random bytes of size aLength.
+   */
+  void generateRandomBytes(in unsigned long aLength,
+                           [retval, array, size_is(aLength)] out octet aBuffer);
+};

security/manager/ssl/src/Makefile.in

@@ -100,6 +100,7 @@ CPPSRCS = 				\
   nsKeyModule.cpp \
   nsIdentityChecking.cpp \
   nsDataSignatureVerifier.cpp \
+  nsRandomGenerator.cpp \
   $(NULL)
 
 ifdef MOZ_XUL

security/manager/ssl/src/nsNSSModule.cpp

@@ -73,6 +73,7 @@
 #include "nsKeyModule.h"
 #include "nsDataSignatureVerifier.h"
 #include "nsCertOverrideService.h"
+#include "nsRandomGenerator.h"
 
 // We must ensure that the nsNSSComponent has been loaded before
 // creating any other components.
@@ -194,6 +195,7 @@ NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsKeyObject)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsKeyObjectFactory)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsDataSignatureVerifier)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_INIT(PR_FALSE, nsCertOverrideService, Init)
+NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsRandomGenerator)
 
 static NS_METHOD RegisterPSMContentListeners(
                       nsIComponentManager *aCompMgr,
@@ -463,6 +465,13 @@ static const nsModuleComponentInfo components[] =
     NS_CERTOVERRIDE_CID,
     NS_CERTOVERRIDE_CONTRACTID,
     nsCertOverrideServiceConstructor
+  },
+
+  {
+    "Random Generator",
+    NS_RANDOMGENERATOR_CID,
+    NS_RANDOMGENERATOR_CONTRACTID,
+    nsRandomGeneratorConstructor
   }
 };
 

security/manager/ssl/src/nsRandomGenerator.cpp

@@ -0,0 +1,70 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 2007
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Shawn Wilsher <me@shawnwilsher.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "nsRandomGenerator.h"
+#include "pk11pub.h"
+
+////////////////////////////////////////////////////////////////////////////////
+//// nsRandomGenerator
+
+NS_IMPL_ISUPPORTS1(nsRandomGenerator, nsIRandomGenerator)
+
+////////////////////////////////////////////////////////////////////////////////
+//// nsIRandomGenerator
+
+/* void generateRandomBytes(in unsigned long aLength,
+                            [retval, array, size_is(aLength)] out octet aBuffer) */
+NS_IMETHODIMP
+nsRandomGenerator::GenerateRandomBytes(PRUint32 aLength,
+                                       PRUint8 **aBuffer)
+{
+  NS_ENSURE_ARG_POINTER(aBuffer);
+
+  PRUint8 *buf = reinterpret_cast<PRUint8 *>(NS_Alloc(aLength));
+  if (!buf)
+    return NS_ERROR_OUT_OF_MEMORY;
+
+  SECStatus srv = PK11_GenerateRandom(buf, aLength);
+  if (SECSuccess != srv) {
+    NS_Free(buf);
+    return NS_ERROR_FAILURE;
+  }
+
+  *aBuffer = buf;
+
+  return NS_OK;
+}

security/manager/ssl/src/nsRandomGenerator.h

@@ -0,0 +1,56 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is
+ * Mozilla Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 2007
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Shawn Wilsher <me@shawnwilsher.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#ifndef _NSRANDOMGENERATOR_H_
+#define _NSRANDOMGENERATOR_H_
+
+#include "nsIRandomGenerator.h"
+
+#define NS_RANDOMGENERATOR_CID \
+  {0xbe65e2b7, 0xfe46, 0x4e0f, {0x88, 0xe0, 0x4b, 0x38, 0x5d, 0xb4, 0xd6, 0x8a}}
+
+#define NS_RANDOMGENERATOR_CONTRACTID \
+  "@mozilla.org/security/random-generator;1"
+
+class nsRandomGenerator : public nsIRandomGenerator
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIRANDOMGENERATOR
+};
+
+#endif // _NSRANDOMGENERATOR_H_