c/ooni-probe-cli
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: improve and reference existing bug in the code (#356)

Browse Source
This commit is contained in:
Simone Basso 2021-06-04 12:50:23 +02:00 committed by GitHub
parent 4764d7f378
commit 944d3c53fa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
internal/engine/probeservices/register.go
View File

@ -25,6 +25,8 @@ func (c Client) MaybeRegister(ctx context.Context, metadata Metadata) error {
return nil // we're already good return nil // we're already good
} }
c.RegisterCalls.Add(1) c.RegisterCalls.Add(1)
// TODO(bassosimone): here we should use a CSRNG
// (https://github.com/ooni/probe/issues/1502)
pwd := randx.Letters(64) pwd := randx.Letters(64)
req := &registerRequest{ req := &registerRequest{
Metadata: metadata, Metadata: metadata,

10
internal/platform/platform.go
View File

@ -1,5 +1,5 @@
// Package platform returns the platform name. The name returned here // Package platform allows you to obtain the platform name. We use this
// is compatible with the names returned by Measurement Kit. // information to annotate measurements.
package platform package platform
import "runtime" import "runtime"
@ -18,11 +18,7 @@ import "runtime"
// //
// 5. "unknown" // 5. "unknown"
// //
// The android, ios, linux, macos, windows, and unknown strings are // You should use this name to annotate measurements.
// also returned by Measurement Kit. As a known bug, the detection of
// darwin-based systems relies on the architecture, when CGO support
// has been disabled. In such case, the code will return "ios" when
// using arm{,64} and "macos" when using x86{,_64}.
func Name() string { func Name() string {
return name(runtime.GOOS) return name(runtime.GOOS)
} }

15
internal/randx/randx.go
View File

@ -1,4 +1,6 @@
// Package randx contains math/rand extensions. // Package randx contains math/rand extensions. The functions
// exported by this package do not use a CSRNG so you SHOULD NOT
// use these strings for, e.g., generating passwords.
package randx package randx
import ( import (
@ -25,18 +27,23 @@ func lettersWithString(n int, letterBytes string) string {
return string(b) return string(b)
} }
// Letters return a string composed of random letters. // Letters return a string composed of random letters. Note that
// this function uses a non-cryptographically-secure generator.
func Letters(n int) string { func Letters(n int) string {
return lettersWithString(n, letters) return lettersWithString(n, letters)
} }
// LettersUppercase return a string composed of random uppercase letters. // LettersUppercase return a string composed of random uppercase
// letters. Note that this function uses a non-cryptographically-secure
// generator. So, we SHOULD NOT use it for generating passwords.
func LettersUppercase(n int) string { func LettersUppercase(n int) string {
return lettersWithString(n, uppercase) return lettersWithString(n, uppercase)
} }
// ChangeCapitalization returns a new string where the capitalization // ChangeCapitalization returns a new string where the capitalization
// of each character is changed at random. // of each character is changed at random. Note that this function
// uses a non-cryptographically-secure generator. So, we SHOULD NOT use
// it for generating passwords.
func ChangeCapitalization(source string) (dest string) { func ChangeCapitalization(source string) (dest string) {
rnd := rand.New(rand.NewSource(time.Now().UnixNano())) rnd := rand.New(rand.NewSource(time.Now().UnixNano()))
for _, chr := range source { for _, chr := range source {