diff --git a/.cargo/config.toml b/.cargo/config.toml index 10762f94c..9232b527f 100644 --- a/.cargo/config.toml +++ b/.cargo/config.toml @@ -1,2 +1,3 @@ [target.wasm32-unknown-unknown] runner = "wasm-bindgen-test-runner" +rustflags = ["--cfg", 'getrandom_backend="wasm_js"'] diff --git a/Cargo.toml b/Cargo.toml index 5370dbbb2..a020722c5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -24,14 +24,14 @@ clap = { version = "4", features = ["derive"] } crc = "3" directories-next = "2" futures-io = "0.3.19" -getrandom = { version = "0.2", default-features = false } +getrandom = { version = "0.3", default-features = false } hdrhistogram = { version = "7.2", default-features = false } hex-literal = "0.4" lazy_static = "1" log = "0.4" once_cell = "1.19" pin-project-lite = "0.2" -rand = "0.8" +rand = "0.9" rcgen = "0.13" ring = "0.17" rustc-hash = "2" diff --git a/quinn-proto/Cargo.toml b/quinn-proto/Cargo.toml index e28a4004c..7dd7c4052 100644 --- a/quinn-proto/Cargo.toml +++ b/quinn-proto/Cargo.toml @@ -50,7 +50,7 @@ tracing = { workspace = true } # wasm-bindgen is assumed for a wasm*-*-unknown target [target.'cfg(all(target_family = "wasm", target_os = "unknown"))'.dependencies] ring = { workspace = true, features = ["wasm32_unknown_unknown_js"] } -getrandom = { workspace = true, features = ["js"] } +getrandom = { workspace = true, features = ["wasm_js"] } rustls-pki-types = { workspace = true, features = ["web"] } # only added as dependency to enforce the `web` feature for this target web-time = { workspace = true } diff --git a/quinn-proto/src/cid_generator.rs b/quinn-proto/src/cid_generator.rs index fc737eae7..c73d8737a 100644 --- a/quinn-proto/src/cid_generator.rs +++ b/quinn-proto/src/cid_generator.rs @@ -77,7 +77,7 @@ impl RandomConnectionIdGenerator { impl ConnectionIdGenerator for RandomConnectionIdGenerator { fn generate_cid(&mut self) -> ConnectionId { let mut bytes_arr = [0; MAX_CID_SIZE]; - rand::thread_rng().fill_bytes(&mut bytes_arr[..self.cid_len]); + rand::rng().fill_bytes(&mut bytes_arr[..self.cid_len]); ConnectionId::new(&bytes_arr[..self.cid_len]) } @@ -105,7 +105,7 @@ pub struct HashedConnectionIdGenerator { impl HashedConnectionIdGenerator { /// Create a generator with a random key pub fn new() -> Self { - Self::from_key(rand::thread_rng().gen()) + Self::from_key(rand::rng().random()) } /// Create a generator with a specific key @@ -135,7 +135,7 @@ impl Default for HashedConnectionIdGenerator { impl ConnectionIdGenerator for HashedConnectionIdGenerator { fn generate_cid(&mut self) -> ConnectionId { let mut bytes_arr = [0; NONCE_LEN + SIGNATURE_LEN]; - rand::thread_rng().fill_bytes(&mut bytes_arr[..NONCE_LEN]); + rand::rng().fill_bytes(&mut bytes_arr[..NONCE_LEN]); let mut hasher = rustc_hash::FxHasher::default(); hasher.write_u64(self.key); hasher.write(&bytes_arr[..NONCE_LEN]); diff --git a/quinn-proto/src/config/mod.rs b/quinn-proto/src/config/mod.rs index ef7d62312..22e4e11ed 100644 --- a/quinn-proto/src/config/mod.rs +++ b/quinn-proto/src/config/mod.rs @@ -178,7 +178,7 @@ impl Default for EndpointConfig { use ring::hmac; let mut reset_key = [0; 64]; - rand::thread_rng().fill_bytes(&mut reset_key); + rand::rng().fill_bytes(&mut reset_key); Self::new(Arc::new(hmac::Key::new(hmac::HMAC_SHA256, &reset_key))) } @@ -390,7 +390,7 @@ impl ServerConfig { #[cfg(feature = "ring")] use ring::hkdf; - let rng = &mut rand::thread_rng(); + let rng = &mut rand::rng(); let mut master_key = [0u8; 64]; rng.fill_bytes(&mut master_key); let master_key = hkdf::Salt::new(hkdf::HKDF_SHA256, &[]).extract(&master_key); diff --git a/quinn-proto/src/congestion/bbr/mod.rs b/quinn-proto/src/congestion/bbr/mod.rs index 13f613cd0..6b6aa95f3 100644 --- a/quinn-proto/src/congestion/bbr/mod.rs +++ b/quinn-proto/src/congestion/bbr/mod.rs @@ -96,7 +96,7 @@ impl Bbr { bw_at_last_round: 0, round_wo_bw_gain: 0, ack_aggregation: AckAggregationState::default(), - random_number_generator: rand::rngs::StdRng::from_entropy(), + random_number_generator: rand::rngs::StdRng::from_os_rng(), } } @@ -115,7 +115,7 @@ impl Bbr { // follow each other. let mut rand_index = self .random_number_generator - .gen_range(0..K_PACING_GAIN.len() as u8 - 1); + .random_range(0..K_PACING_GAIN.len() as u8 - 1); if rand_index >= 1 { rand_index += 1; } diff --git a/quinn-proto/src/connection/mod.rs b/quinn-proto/src/connection/mod.rs index b8495b477..3dff87a17 100644 --- a/quinn-proto/src/connection/mod.rs +++ b/quinn-proto/src/connection/mod.rs @@ -292,7 +292,7 @@ impl Connection { // simultaneous key update by both is just like a regular key update with a really fast // response. Inspired by quic-go's similar behavior of performing the first key update // at the 100th short-header packet. - key_phase_size: rng.gen_range(10..1000), + key_phase_size: rng.random_range(10..1000), peer_params: TransportParameters::default(), orig_rem_cid: rem_cid, initial_dst_cid: init_cid, @@ -300,7 +300,7 @@ impl Connection { lost_packets: 0, events: VecDeque::new(), endpoint_events: VecDeque::new(), - spin_enabled: config.allow_spin && rng.gen_ratio(7, 8), + spin_enabled: config.allow_spin && rng.random_ratio(7, 8), spin: false, spaces: [initial_space, PacketSpace::new(now), PacketSpace::new(now)], highest_space: SpaceId::Initial, @@ -2976,14 +2976,14 @@ impl Connection { &self.config, ) }; - new_path.challenge = Some(self.rng.gen()); + new_path.challenge = Some(self.rng.random()); new_path.challenge_pending = true; let prev_pto = self.pto(SpaceId::Data); let mut prev = mem::replace(&mut self.path, new_path); // Don't clobber the original path if the previous one hasn't been validated yet if prev.challenge.is_none() { - prev.challenge = Some(self.rng.gen()); + prev.challenge = Some(self.rng.random()); prev.challenge_pending = true; // We haven't updated the remote CID yet, this captures the remote CID we were using on // the previous path. diff --git a/quinn-proto/src/connection/packet_builder.rs b/quinn-proto/src/connection/packet_builder.rs index bf56be822..ad9d6a9fc 100644 --- a/quinn-proto/src/connection/packet_builder.rs +++ b/quinn-proto/src/connection/packet_builder.rs @@ -93,7 +93,7 @@ impl PacketBuilder { spin: if conn.spin_enabled { conn.spin } else { - conn.rng.gen() + conn.rng.random() }, key_phase: conn.key_phase, }, @@ -123,7 +123,7 @@ impl PacketBuilder { }), }; let partial_encode = header.encode(buffer); - if conn.peer_params.grease_quic_bit && conn.rng.gen() { + if conn.peer_params.grease_quic_bit && conn.rng.random() { buffer[partial_encode.start] ^= FIXED_BIT; } diff --git a/quinn-proto/src/connection/spaces.rs b/quinn-proto/src/connection/spaces.rs index 53e4692e8..34663adde 100644 --- a/quinn-proto/src/connection/spaces.rs +++ b/quinn-proto/src/connection/spaces.rs @@ -820,7 +820,7 @@ impl PacketNumberFilter { // First skipped PN is in 0..64 let exponent = 6; Self { - next_skipped_packet_number: rng.gen_range(0..2u64.saturating_pow(exponent)), + next_skipped_packet_number: rng.random_range(0..2u64.saturating_pow(exponent)), prev_skipped_packet_number: None, exponent, } @@ -857,8 +857,8 @@ impl PacketNumberFilter { // Skip this packet number, and choose the next one to skip self.prev_skipped_packet_number = Some(self.next_skipped_packet_number); let next_exponent = self.exponent.saturating_add(1); - self.next_skipped_packet_number = - rng.gen_range(2u64.saturating_pow(self.exponent)..2u64.saturating_pow(next_exponent)); + self.next_skipped_packet_number = rng + .random_range(2u64.saturating_pow(self.exponent)..2u64.saturating_pow(next_exponent)); self.exponent = next_exponent; space.get_tx_number() diff --git a/quinn-proto/src/endpoint.rs b/quinn-proto/src/endpoint.rs index 88266ef5f..b09932b43 100644 --- a/quinn-proto/src/endpoint.rs +++ b/quinn-proto/src/endpoint.rs @@ -74,7 +74,7 @@ impl Endpoint { ) -> Self { let rng_seed = rng_seed.or(config.rng_seed); Self { - rng: rng_seed.map_or(StdRng::from_entropy(), StdRng::from_seed), + rng: rng_seed.map_or(StdRng::from_os_rng(), StdRng::from_seed), index: ConnectionIndex::default(), connections: Slab::new(), local_cid_generator: (config.connection_id_generator_factory.as_ref())(), @@ -173,7 +173,7 @@ impl Endpoint { trace!("sending version negotiation"); // Negotiate versions Header::VersionNegotiate { - random: self.rng.gen::() | 0x40, + random: self.rng.random::() | 0x40, src_cid: dst_cid, dst_cid: src_cid, } @@ -297,7 +297,8 @@ impl Endpoint { let padding_len = if max_padding_len <= IDEAL_MIN_PADDING_LEN { max_padding_len } else { - self.rng.gen_range(IDEAL_MIN_PADDING_LEN..max_padding_len) + self.rng + .random_range(IDEAL_MIN_PADDING_LEN..max_padding_len) }; buf.reserve(padding_len + RESET_TOKEN_SIZE); buf.resize(padding_len, 0); diff --git a/quinn-proto/src/tests/mod.rs b/quinn-proto/src/tests/mod.rs index 2fc41db8f..7edcf2962 100644 --- a/quinn-proto/src/tests/mod.rs +++ b/quinn-proto/src/tests/mod.rs @@ -188,7 +188,7 @@ fn draft_version_compat() { fn server_stateless_reset() { let _guard = subscribe(); let mut key_material = vec![0; 64]; - let mut rng = rand::thread_rng(); + let mut rng = rand::rng(); rng.fill_bytes(&mut key_material); let reset_key = hmac::Key::new(hmac::HMAC_SHA256, &key_material); rng.fill_bytes(&mut key_material); @@ -218,7 +218,7 @@ fn server_stateless_reset() { fn client_stateless_reset() { let _guard = subscribe(); let mut key_material = vec![0; 64]; - let mut rng = rand::thread_rng(); + let mut rng = rand::rng(); rng.fill_bytes(&mut key_material); let reset_key = hmac::Key::new(hmac::HMAC_SHA256, &key_material); rng.fill_bytes(&mut key_material); diff --git a/quinn-proto/src/token.rs b/quinn-proto/src/token.rs index cb4525739..0a9c0cd20 100644 --- a/quinn-proto/src/token.rs +++ b/quinn-proto/src/token.rs @@ -207,7 +207,7 @@ impl Token { /// Construct with newly sampled randomness pub(crate) fn new(payload: TokenPayload, rng: &mut impl Rng) -> Self { Self { - nonce: rng.gen(), + nonce: rng.random(), payload, } } @@ -417,7 +417,7 @@ mod test { use ring::hkdf; fn token_round_trip(payload: TokenPayload) -> TokenPayload { - let rng = &mut rand::thread_rng(); + let rng = &mut rand::rng(); let token = Token::new(payload, rng); let mut master_key = [0; 64]; rng.fill_bytes(&mut master_key); @@ -488,7 +488,7 @@ mod test { use super::*; use rand::RngCore; - let rng = &mut rand::thread_rng(); + let rng = &mut rand::rng(); let mut master_key = [0; 64]; rng.fill_bytes(&mut master_key); @@ -498,7 +498,7 @@ mod test { let mut invalid_token = Vec::new(); let mut random_data = [0; 32]; - rand::thread_rng().fill_bytes(&mut random_data); + rand::rng().fill_bytes(&mut random_data); invalid_token.put_slice(&random_data); // Assert: garbage sealed data returns err diff --git a/quinn-proto/src/transport_parameters.rs b/quinn-proto/src/transport_parameters.rs index ccf378d4a..fde380654 100644 --- a/quinn-proto/src/transport_parameters.rs +++ b/quinn-proto/src/transport_parameters.rs @@ -561,7 +561,7 @@ impl ReservedTransportParameter { fn random(rng: &mut impl RngCore) -> Self { let id = Self::generate_reserved_id(rng); - let payload_len = rng.gen_range(0..Self::MAX_PAYLOAD_LEN); + let payload_len = rng.random_range(0..Self::MAX_PAYLOAD_LEN); let payload = { let mut slice = [0u8; Self::MAX_PAYLOAD_LEN]; @@ -588,7 +588,7 @@ impl ReservedTransportParameter { /// See: and fn generate_reserved_id(rng: &mut impl RngCore) -> VarInt { let id = { - let rand = rng.gen_range(0u64..(1 << 62) - 27); + let rand = rng.random_range(0u64..(1 << 62) - 27); let n = rand / 31; 31 * n + 27 }; @@ -787,7 +787,7 @@ mod test { #[test] fn reserved_transport_parameter_ignored_when_read() { let mut buf = Vec::new(); - let reserved_parameter = ReservedTransportParameter::random(&mut rand::thread_rng()); + let reserved_parameter = ReservedTransportParameter::random(&mut rand::rng()); assert!(reserved_parameter.payload_len < ReservedTransportParameter::MAX_PAYLOAD_LEN); assert!(reserved_parameter.id.0 % 31 == 27); diff --git a/quinn/tests/many_connections.rs b/quinn/tests/many_connections.rs index 77f58a666..84019da81 100644 --- a/quinn/tests/many_connections.rs +++ b/quinn/tests/many_connections.rs @@ -184,6 +184,6 @@ fn hash_correct(data: &[u8], crc: &Crc) -> bool { fn random_vec(size: usize) -> Vec { let mut ret = vec![0; size]; - rand::thread_rng().fill_bytes(&mut ret[..]); + rand::rng().fill_bytes(&mut ret[..]); ret }