projects / serene-ircd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 789a723) | patch
CLEANUP: Replace weak RNGs with arc4random, make NOSPOOF unconditional
authorRemco Rijnders <remmy@serenity-irc.net>
Sat, 7 Mar 2026 17:17:36 +0000 (12:17 -0500)
committerRemco Rijnders <remmy@serenity-irc.net>
Sat, 7 Mar 2026 17:17:36 +0000 (12:17 -0500)
commit074ba1612036ed1e94450542f10c3e1ff505f456
treee1488e2e8e6ca8b6c77931a14d4b4ba8193eb144tree | snapshot
parent789a72358da9c168e2476a2b9a3bc17eeec2a016commit | diff
CLEANUP: Replace weak RNGs with arc4random, make NOSPOOF unconditional

Replace srand/rand (NOSPOOF seeds) and srand48/lrand48 (DNS query IDs)
with arc4random(), which is cryptographically strong and needs no seeding.

Simplify NOSPOOF anti-spoof challenge: replace the MD5-based construction
(which depended on predictable seeds) with a direct arc4random() call.
Remove NOSPOOF_SEED01/NOSPOOF_SEED02 globals and MD5 dependency.

Make NOSPOOF unconditional — every modern IRC client handles PING-on-connect.
Remove all #ifdef NOSPOOF conditionals across the codebase.

Fix operator precedence bug in res.c where & 0xffff only applied to the
lrand48() result instead of the whole expression.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
include/config.h diff | blob | history
include/h.h diff | blob | history
include/struct.h diff | blob | history
src/ircd.c diff | blob | history
src/parse.c diff | blob | history
src/res.c diff | blob | history
src/s_debug.c diff | blob | history
src/s_user.c diff | blob | history
Serene IRCD server project.