205 lines
7.1 KiB
Diff
205 lines
7.1 KiB
Diff
$Id: 085_sessreg_implement_hostname_hashing.diff 689 2005-10-19 22:11:30Z dnusinow $
|
|
|
|
The sessreg program assumes that hostnames in utmp entries are unique in
|
|
the last four characters. When two entries are "test:0" and "fist:0", for
|
|
example, this assumption fails.
|
|
|
|
Rectify this problem by hashing the entire hostname field from the utmp
|
|
entry, so that we can tell unlike hostnames apart with much greater
|
|
reliability. There is still a possiblility of one hash collision in 2^32.
|
|
|
|
This patch by Maximiliano Curia and Damián Viano, using a public-domain
|
|
hash algorithm by Bob Jenkins.
|
|
|
|
Not submitted to XFree86.
|
|
|
|
Index: sessreg/sessreg.c
|
|
===================================================================
|
|
--- sessreg/sessreg.c.orig 2005-10-18 19:45:25.000000000 -0400
|
|
+++ sessreg/sessreg.c 2005-10-18 21:36:02.000000000 -0400
|
|
@@ -182,6 +182,18 @@
|
|
const char *host, Time_t date, int addp);
|
|
#endif
|
|
|
|
+#ifdef SYSV
|
|
+/* used for hashing ut_id */
|
|
+typedef unsigned long int ub4; /* unsigned 4-byte quantities */
|
|
+typedef unsigned char ub1; /* unsigned 1-byte quantities */
|
|
+
|
|
+#define hashsize(n) ((ub4)1<<(n))
|
|
+#define hashmask(n) (hashsize(n)-1)
|
|
+
|
|
+ub4 hash(register ub1 *k, register ub4 length, register ub4 initval);
|
|
+
|
|
+#endif
|
|
+
|
|
int wflag, uflag, lflag;
|
|
char *wtmp_file, *utmp_file, *line;
|
|
#ifdef USE_UTMPX
|
|
@@ -469,21 +481,23 @@
|
|
bzero (u->ut_name, sizeof (u->ut_name));
|
|
#ifdef SYSV
|
|
if (line) {
|
|
- int i;
|
|
/*
|
|
- * this is a bit crufty, but
|
|
- * follows the apparent conventions in
|
|
- * the ttys file. ut_id is only 4 bytes
|
|
- * long, and the last 4 bytes of the line
|
|
- * name are written into it, left justified.
|
|
+ * The ut_id is 4 bytes long. We make a hash of the line
|
|
+ * received, preceding it by ":" to prevent clashing with
|
|
+ * other ut_ids.
|
|
*/
|
|
- i = strlen (line);
|
|
- if (i >= sizeof (u->ut_id))
|
|
- i -= sizeof (u->ut_id);
|
|
- else
|
|
- i = 0;
|
|
- (void) strncpy (u->ut_id, line + i, sizeof (u->ut_id));
|
|
+ ub4 h;
|
|
+ u->ut_id[0]=':';
|
|
+ h = hash(line, strlen(line),0x9e3779b9);
|
|
+ h = (h & hashmask((sizeof(u->ut_id)-sizeof(char))*8));
|
|
+ (void) strncpy (u->ut_id + 1,(char *) &h, sizeof (u->ut_id)-sizeof(char));
|
|
} else
|
|
+ /*
|
|
+ * From utmp(5):
|
|
+ * Clearing ut_id may result in race conditions leading to corrupted
|
|
+ * utmp entries and and potential security holes.
|
|
+ */
|
|
+ /* TODO: CHECK this */
|
|
bzero (u->ut_id, sizeof (u->ut_id));
|
|
if (addp) {
|
|
u->ut_pid = getppid ();
|
|
@@ -722,3 +736,129 @@
|
|
return freeslot;
|
|
}
|
|
#endif
|
|
+
|
|
+#ifdef SYSV
|
|
+/*
|
|
+--------------------------------------------------------------------
|
|
+mix -- mix 3 32-bit values reversibly.
|
|
+For every delta with one or two bits set, and the deltas of all three
|
|
+ high bits or all three low bits, whether the original value of a,b,c
|
|
+ is almost all zero or is uniformly distributed,
|
|
+* If mix() is run forward or backward, at least 32 bits in a,b,c
|
|
+ have at least 1/4 probability of changing.
|
|
+* If mix() is run forward, every bit of c will change between 1/3 and
|
|
+ 2/3 of the time. (Well, 22/100 and 78/100 for some 2-bit deltas.)
|
|
+mix() was built out of 36 single-cycle latency instructions in a
|
|
+ structure that could supported 2x parallelism, like so:
|
|
+ a -= b;
|
|
+ a -= c; x = (c>>13);
|
|
+ b -= c; a ^= x;
|
|
+ b -= a; x = (a<<8);
|
|
+ c -= a; b ^= x;
|
|
+ c -= b; x = (b>>13);
|
|
+ ...
|
|
+ Unfortunately, superscalar Pentiums and Sparcs can't take advantage
|
|
+ of that parallelism. They've also turned some of those single-cycle
|
|
+ latency instructions into multi-cycle latency instructions. Still,
|
|
+ this is the fastest good hash I could find. There were about 2^^68
|
|
+ to choose from. I only looked at a billion or so.
|
|
+--------------------------------------------------------------------
|
|
+*/
|
|
+#define mix(a,b,c) \
|
|
+{ \
|
|
+ a -= b; a -= c; a ^= (c>>13); \
|
|
+ b -= c; b -= a; b ^= (a<<8); \
|
|
+ c -= a; c -= b; c ^= (b>>13); \
|
|
+ a -= b; a -= c; a ^= (c>>12); \
|
|
+ b -= c; b -= a; b ^= (a<<16); \
|
|
+ c -= a; c -= b; c ^= (b>>5); \
|
|
+ a -= b; a -= c; a ^= (c>>3); \
|
|
+ b -= c; b -= a; b ^= (a<<10); \
|
|
+ c -= a; c -= b; c ^= (b>>15); \
|
|
+}
|
|
+
|
|
+/*
|
|
+--------------------------------------------------------------------
|
|
+hash() -- hash a variable-length key into a 32-bit value
|
|
+ k : the key (the unaligned variable-length array of bytes)
|
|
+ len : the length of the key, counting by bytes
|
|
+ initval : can be any 4-byte value
|
|
+Returns a 32-bit value. Every bit of the key affects every bit of
|
|
+the return value. Every 1-bit and 2-bit delta achieves avalanche.
|
|
+About 6*len+35 instructions.
|
|
+
|
|
+The best hash table sizes are powers of 2. There is no need to do
|
|
+mod a prime (mod is sooo slow!). If you need less than 32 bits,
|
|
+use a bitmask. For example, if you need only 10 bits, do
|
|
+ h = (h & hashmask(10));
|
|
+In which case, the hash table should have hashsize(10) elements.
|
|
+
|
|
+If you are hashing n strings (ub1 **)k, do it like this:
|
|
+ for (i=0, h=0; i<n; ++i) h = hash( k[i], len[i], h);
|
|
+
|
|
+By Bob Jenkins, 1996. bob_jenkins@burtleburtle.net. You may use this
|
|
+code any way you wish, private, educational, or commercial. It's free.
|
|
+
|
|
+[On 27 May 2004, Bob Jenkins further clarified the above statement.
|
|
+
|
|
+ From: Bob Jenkins <bob_jenkins@burtleburtle.net>
|
|
+ Date: Thu, 27 May 2004 22:33:06 -0700
|
|
+ To: Margarita Manterola <marga@marga.com.ar>
|
|
+ Subject: Re: Hash function
|
|
+
|
|
+ The algorithm is public domain. I ask that I be referenced as the
|
|
+ source of the algorithm, but I can't enforce that, since being public
|
|
+ domain means I've reserved no rights at all.
|
|
+
|
|
+-- Branden Robinson, 2004-06-06]
|
|
+
|
|
+See http://burtleburtle.net/bob/hash/evahash.html
|
|
+Use for hash table lookup, or anything where one collision in 2^^32 is
|
|
+acceptable. Do NOT use for cryptographic purposes.
|
|
+--------------------------------------------------------------------
|
|
+*/
|
|
+
|
|
+ub4
|
|
+hash(register ub1 *k, register ub4 length, register ub4 initval)
|
|
+{
|
|
+ register ub4 a,b,c,len;
|
|
+
|
|
+ /* Set up the internal state */
|
|
+ len = length;
|
|
+ a = b = 0x9e3779b9; /* the golden ratio; an arbitrary value */
|
|
+ c = initval; /* the previous hash value */
|
|
+
|
|
+ /*---------------------------------------- handle most of the key */
|
|
+ while (len >= 12)
|
|
+ {
|
|
+ a += (k[0] +((ub4)k[1]<<8) +((ub4)k[2]<<16) +((ub4)k[3]<<24));
|
|
+ b += (k[4] +((ub4)k[5]<<8) +((ub4)k[6]<<16) +((ub4)k[7]<<24));
|
|
+ c += (k[8] +((ub4)k[9]<<8) +((ub4)k[10]<<16)+((ub4)k[11]<<24));
|
|
+ mix(a,b,c);
|
|
+ k += 12; len -= 12;
|
|
+ }
|
|
+
|
|
+ /*------------------------------------- handle the last 11 bytes */
|
|
+ c += length;
|
|
+ switch(len) /* all the case statements fall through */
|
|
+ {
|
|
+ case 11: c+=((ub4)k[10]<<24);
|
|
+ case 10: c+=((ub4)k[9]<<16);
|
|
+ case 9 : c+=((ub4)k[8]<<8);
|
|
+ /* the first byte of c is reserved for the length */
|
|
+ case 8 : b+=((ub4)k[7]<<24);
|
|
+ case 7 : b+=((ub4)k[6]<<16);
|
|
+ case 6 : b+=((ub4)k[5]<<8);
|
|
+ case 5 : b+=k[4];
|
|
+ case 4 : a+=((ub4)k[3]<<24);
|
|
+ case 3 : a+=((ub4)k[2]<<16);
|
|
+ case 2 : a+=((ub4)k[1]<<8);
|
|
+ case 1 : a+=k[0];
|
|
+ /* case 0: nothing left to add */
|
|
+ }
|
|
+ mix(a,b,c);
|
|
+ /*-------------------------------------------- report the result */
|
|
+ return c;
|
|
+}
|
|
+
|
|
+#endif
|