9 лет назад · 241e6b0937
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2336,6 +2336,21 @@ crypto_rand_int_range(unsigned int min, unsigned int max)
 
				   return min + crypto_rand_int(max - min);
			
 
				 }
			
 
				 
			
 
				+/** As crypto_rand_int_range, but supports uint64_t. */
			
 
				+uint64_t
			
 
				+crypto_rand_uint64_range(uint64_t min, uint64_t max)
			
 
				+{
			
 
				+  tor_assert(min < max);
			
 
				+  return min + crypto_rand_uint64(max - min);
			
 
				+}
			
 
				+
			
 
				+/** As crypto_rand_int_range, but supports time_t. */
			
 
				+time_t
			
 
				+crypto_rand_time_range(time_t min, time_t max)
			
 
				+{
			
 
				+  return (time_t) crypto_rand_uint64_range(min, max);
			
 
				+}
			
 
				+
			
 
				 /** Return a pseudorandom 64-bit integer, chosen uniformly from the values
			
 
				  * between 0 and <b>max</b>-1. */
			
 
				 uint64_t
			
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -255,6 +255,8 @@ MOCK_DECL(int,crypto_rand,(char *to, size_t n));
 
				 int crypto_strongest_rand(uint8_t *out, size_t out_len);
			
 
				 int crypto_rand_int(unsigned int max);
			
 
				 int crypto_rand_int_range(unsigned int min, unsigned int max);
			
 
				+uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max);
			
 
				+time_t crypto_rand_time_range(time_t min, time_t max);
			
 
				 uint64_t crypto_rand_uint64(uint64_t max);
			
 
				 double crypto_rand_double(void);
			
 
				 struct tor_weak_rng_t;
			
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -660,7 +660,7 @@ tor_tls_create_certificate(crypto_pk_t *rsa,
 
				    * then we might pick a time where we're about to expire. Lastly, be
			
 
				    * sure to start on a day boundary. */
			
 
				   time_t now = time(NULL);
			
 
				-  start_time = crypto_rand_int_range(now - cert_lifetime, now) + 2*24*3600;
			
 
				+  start_time = crypto_rand_time_range(now - cert_lifetime, now) + 2*24*3600;
			
 
				   start_time -= start_time % (24*3600);
			
 
				 
			
 
				   tor_assert(rsa);
			
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -441,7 +441,7 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend,
 
				    * precise timestamp in the state file about when we first picked
			
 
				    * this guard. For details, see the Jan 2010 or-dev thread. */
			
 
				   time_t now = time(NULL);
			
 
				-  entry->chosen_on_date = crypto_rand_int_range(now - 3600*24*30, now);
			
 
				+  entry->chosen_on_date = crypto_rand_time_range(now - 3600*24*30, now);
			
 
				   entry->chosen_by_version = tor_strdup(VERSION);
			
 
				 
			
 
				   /* Are we picking this guard because all of our current guards are
			
@@ -1441,7 +1441,7 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg)
 
				      } else {
			
 
				        if (state_version) {
			
 
				          time_t now = time(NULL);
			
 
				-         e->chosen_on_date = crypto_rand_int_range(now - 3600*24*30, now);
			
 
				+         e->chosen_on_date = crypto_rand_time_range(now - 3600*24*30, now);
			
 
				          e->chosen_by_version = tor_strdup(state_version);
			
 
				        }
			
 
				      }
			
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1623,7 +1623,7 @@ run_scheduled_events(time_t now)
 
				       time_to.check_for_correct_dns < now &&
			
 
				       ! router_my_exit_policy_is_reject_star()) {
			
 
				     if (!time_to.check_for_correct_dns) {
			
 
				-      time_to.check_for_correct_dns = crypto_rand_int_range(now, now + 120) + 60;
			
 
				+      time_to.check_for_correct_dns = crypto_rand_time_range(now, now + 120) + 60;
			
 
				     } else {
			
 
				       dns_launch_correctness_checks();
			
 
				       time_to.check_for_correct_dns = now + 12*3600 +