Repository: james-project Updated Branches: refs/heads/master 7189bd054 -> 439e74720
JAMES-2245 Use cryptographically strong RNG Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/4f0b8ccc Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/4f0b8ccc Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/4f0b8ccc Branch: refs/heads/master Commit: 4f0b8cccb568ef0db31f773ef437df4634e2c160 Parents: 4135794 Author: Thibaut Sautereau <[email protected]> Authored: Thu Nov 30 16:58:46 2017 +0700 Committer: Thibaut Sautereau <[email protected]> Committed: Thu Nov 30 16:58:46 2017 +0700 ---------------------------------------------------------------------- .../org/apache/james/mailbox/maildir/MaildirMessageName.java | 4 ++-- .../james/mailbox/store/RandomMailboxSessionIdGenerator.java | 6 +++--- .../org/apache/james/mailbox/store/StoreMailboxManager.java | 4 ++-- .../apache/james/queue/activemq/FileSystemBlobStrategy.java | 4 +++- .../main/java/org/apache/james/queue/file/FileMailQueue.java | 5 +++-- 5 files changed, 13 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/4f0b8ccc/mailbox/maildir/src/main/java/org/apache/james/mailbox/maildir/MaildirMessageName.java ---------------------------------------------------------------------- diff --git a/mailbox/maildir/src/main/java/org/apache/james/mailbox/maildir/MaildirMessageName.java b/mailbox/maildir/src/main/java/org/apache/james/mailbox/maildir/MaildirMessageName.java index 6446dba..eef1d85 100644 --- a/mailbox/maildir/src/main/java/org/apache/james/mailbox/maildir/MaildirMessageName.java +++ b/mailbox/maildir/src/main/java/org/apache/james/mailbox/maildir/MaildirMessageName.java @@ -24,8 +24,8 @@ import java.io.FilenameFilter; import java.lang.management.ManagementFactory; import java.net.InetAddress; import java.net.UnknownHostException; +import java.security.SecureRandom; import java.util.Date; -import java.util.Random; import java.util.concurrent.atomic.AtomicInteger; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -66,7 +66,7 @@ public class MaildirMessageName { /** * A random generator for the random part in the unique message names */ - private static final Random random = new Random(); + private static final SecureRandom random = new SecureRandom(); /** * The process id of the server process http://git-wip-us.apache.org/repos/asf/james-project/blob/4f0b8ccc/mailbox/store/src/main/java/org/apache/james/mailbox/store/RandomMailboxSessionIdGenerator.java ---------------------------------------------------------------------- diff --git a/mailbox/store/src/main/java/org/apache/james/mailbox/store/RandomMailboxSessionIdGenerator.java b/mailbox/store/src/main/java/org/apache/james/mailbox/store/RandomMailboxSessionIdGenerator.java index 8f51230..ab0bcf4 100644 --- a/mailbox/store/src/main/java/org/apache/james/mailbox/store/RandomMailboxSessionIdGenerator.java +++ b/mailbox/store/src/main/java/org/apache/james/mailbox/store/RandomMailboxSessionIdGenerator.java @@ -19,18 +19,18 @@ package org.apache.james.mailbox.store; -import java.util.Random; +import java.security.SecureRandom; import org.apache.james.mailbox.MailboxSessionIdGenerator; /** - * {@link MailboxSessionIdGenerator} which use a {@link Random} to generate the next Id to use + * {@link MailboxSessionIdGenerator} which use a {@link SecureRandom} to generate the next Id to use * * */ public class RandomMailboxSessionIdGenerator extends AbstractMailboxSessionIdGenerator { - private final static Random RANDOM = new Random(); + private final static SecureRandom RANDOM = new SecureRandom(); @Override protected long generateNextId() { http://git-wip-us.apache.org/repos/asf/james-project/blob/4f0b8ccc/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java ---------------------------------------------------------------------- diff --git a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java index c813fb8..954186c 100644 --- a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java +++ b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java @@ -19,11 +19,11 @@ package org.apache.james.mailbox.store; +import java.security.SecureRandom; import java.util.ArrayList; import java.util.EnumSet; import java.util.List; import java.util.Optional; -import java.util.Random; import java.util.Set; import java.util.stream.Stream; @@ -112,7 +112,7 @@ public class StoreMailboxManager implements MailboxManager { private final StoreRightManager storeRightManager; - private final static Random RANDOM = new Random(); + private final static SecureRandom RANDOM = new SecureRandom(); private MessageBatcher copyBatcher; http://git-wip-us.apache.org/repos/asf/james-project/blob/4f0b8ccc/server/queue/queue-activemq/src/main/java/org/apache/james/queue/activemq/FileSystemBlobStrategy.java ---------------------------------------------------------------------- diff --git a/server/queue/queue-activemq/src/main/java/org/apache/james/queue/activemq/FileSystemBlobStrategy.java b/server/queue/queue-activemq/src/main/java/org/apache/james/queue/activemq/FileSystemBlobStrategy.java index 9542a09..13b65b0 100644 --- a/server/queue/queue-activemq/src/main/java/org/apache/james/queue/activemq/FileSystemBlobStrategy.java +++ b/server/queue/queue-activemq/src/main/java/org/apache/james/queue/activemq/FileSystemBlobStrategy.java @@ -25,6 +25,7 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.net.URL; +import java.security.SecureRandom; import javax.jms.JMSException; @@ -47,6 +48,7 @@ public class FileSystemBlobStrategy implements BlobUploadStrategy, BlobDownloadS private final BlobTransferPolicy policy; private final int splitCount; private final Object lock = new Object(); + private final static SecureRandom RANDOM = new SecureRandom(); public FileSystemBlobStrategy(BlobTransferPolicy policy, FileSystem fileSystem, int splitCount) { this.fileSystem = fileSystem; @@ -126,7 +128,7 @@ public class FileSystemBlobStrategy implements BlobUploadStrategy, BlobDownloadS // we use the JMS Message ID as filename so we are safe in the case // we try to stream from and to the same mail String filename = message.getJMSMessageID().replaceAll("[:\\\\/*?|<>]", "_"); - int i = (int) (Math.random() * splitCount + 1); + int i = RANDOM.nextInt(splitCount) + 1; String queueUrl = policy.getUploadUrl() + "/" + i; http://git-wip-us.apache.org/repos/asf/james-project/blob/4f0b8ccc/server/queue/queue-file/src/main/java/org/apache/james/queue/file/FileMailQueue.java ---------------------------------------------------------------------- diff --git a/server/queue/queue-file/src/main/java/org/apache/james/queue/file/FileMailQueue.java b/server/queue/queue-file/src/main/java/org/apache/james/queue/file/FileMailQueue.java index 076d96e..0857c41 100644 --- a/server/queue/queue-file/src/main/java/org/apache/james/queue/file/FileMailQueue.java +++ b/server/queue/queue-file/src/main/java/org/apache/james/queue/file/FileMailQueue.java @@ -25,6 +25,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; +import java.security.SecureRandom; import java.util.Iterator; import java.util.Map.Entry; import java.util.NoSuchElementException; @@ -73,6 +74,7 @@ public class FileMailQueue implements ManageableMailQueue { private final static String OBJECT_EXTENSION = ".obj"; private final static String NEXT_DELIVERY = "FileQueueNextDelivery"; private final static int SPLITCOUNT = 10; + private final static SecureRandom RANDOM = new SecureRandom(); public FileMailQueue(MailQueueItemDecoratorFactory mailQueueItemDecoratorFactory, File parentDir, String queuename, boolean sync) throws IOException { this.mailQueueItemDecoratorFactory = mailQueueItemDecoratorFactory; @@ -154,8 +156,7 @@ public class FileMailQueue implements ManageableMailQueue { FileOutputStream foout = null; ObjectOutputStream oout = null; try { - int i = (int) (Math.random() * SPLITCOUNT + 1); - + int i = RANDOM.nextInt(SPLITCOUNT) + 1; String name = queueDirName + "/" + i + "/" + key; --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
