From 2429ea8fdd3fad8c43ed29fa95a08fbdb92012e8 Mon Sep 17 00:00:00 2001 From: glyph Date: Thu, 25 Nov 2021 15:00:19 +0200 Subject: [PATCH 1/3] replace rand with nanorand and bump version --- Cargo.lock | 10 ++++++++-- peach-lib/Cargo.toml | 16 ++++++++-------- peach-lib/src/password_utils.rs | 15 +++++---------- 3 files changed, 21 insertions(+), 20 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d7c1a12..6d39d43 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2127,6 +2127,12 @@ dependencies = [ "version_check 0.9.3", ] +[[package]] +name = "nanorand" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "729eb334247daa1803e0a094d0a5c55711b85571179f5ec6e53eccfdf7008958" + [[package]] name = "native-tls" version = "0.2.8" @@ -2571,7 +2577,7 @@ dependencies = [ [[package]] name = "peach-lib" -version = "1.3.0" +version = "1.3.1" dependencies = [ "chrono", "env_logger 0.6.2", @@ -2580,7 +2586,7 @@ dependencies = [ "jsonrpc-client-http", "jsonrpc-core 8.0.1", "log 0.4.14", - "rand 0.8.4", + "nanorand", "regex", "rust-crypto", "serde 1.0.130", diff --git a/peach-lib/Cargo.toml b/peach-lib/Cargo.toml index af5aa51..31f8960 100644 --- a/peach-lib/Cargo.toml +++ b/peach-lib/Cargo.toml @@ -1,20 +1,20 @@ [package] name = "peach-lib" -version = "1.3.0" +version = "1.3.1" authors = ["Andrew Reid "] edition = "2018" [dependencies] -log = "0.4" +chrono = "0.4.19" +env_logger = "0.6" +fslock="0.1.6" jsonrpc-client-core = "0.5" jsonrpc-client-http = "0.5" jsonrpc-core = "8.0.1" -serde = { version = "1.0", features = ["derive"] } +log = "0.4" +nanorand = "0.6.1" +regex = "1" rust-crypto = "0.2.36" +serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" serde_yaml = "0.8" -env_logger = "0.6" -regex = "1" -chrono = "0.4.19" -rand="0.8.4" -fslock="0.1.6" diff --git a/peach-lib/src/password_utils.rs b/peach-lib/src/password_utils.rs index 4223ff2..02a9b5c 100644 --- a/peach-lib/src/password_utils.rs +++ b/peach-lib/src/password_utils.rs @@ -1,7 +1,5 @@ -use std::iter; - use crypto::{digest::Digest, sha3::Sha3}; -use rand::{distributions::Alphanumeric, thread_rng, Rng}; +use nanorand::{Rng, WyRand}; use crate::{config_manager, error::PeachError, sbot_client}; @@ -68,13 +66,10 @@ pub fn verify_temporary_password(password: &str) -> Result<(), PeachError> { /// Generates a temporary password and sends it via ssb dm /// to the ssb id configured to be the admin of the peachcloud device pub fn send_password_reset() -> Result<(), PeachError> { - // first generate a new random password of ascii characters - let mut rng = thread_rng(); - let temporary_password: String = iter::repeat(()) - .map(|()| rng.sample(Alphanumeric)) - .map(char::from) - .take(10) - .collect(); + // initialise random number generator + let mut rng = WyRand::new(); + // generate a new password of random numbers + let temporary_password = rng.generate::().to_string(); // save this string as a new temporary password set_new_temporary_password(&temporary_password)?; let domain = config_manager::get_peachcloud_domain()?; -- 2.49.0 From 9a1faee3a7e869e11b9790f378d0358b7ed5813a Mon Sep 17 00:00:00 2001 From: glyph Date: Tue, 7 Dec 2021 10:15:55 +0200 Subject: [PATCH 2/3] remove unnecessary dependency --- Cargo.lock | 1 - peach-lib/Cargo.toml | 1 - 2 files changed, 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 6d39d43..a010883 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2580,7 +2580,6 @@ name = "peach-lib" version = "1.3.1" dependencies = [ "chrono", - "env_logger 0.6.2", "fslock", "jsonrpc-client-core", "jsonrpc-client-http", diff --git a/peach-lib/Cargo.toml b/peach-lib/Cargo.toml index 31f8960..8085f69 100644 --- a/peach-lib/Cargo.toml +++ b/peach-lib/Cargo.toml @@ -6,7 +6,6 @@ edition = "2018" [dependencies] chrono = "0.4.19" -env_logger = "0.6" fslock="0.1.6" jsonrpc-client-core = "0.5" jsonrpc-client-http = "0.5" -- 2.49.0 From 91602178a877c2e6e9bb20580439abd94123fd26 Mon Sep 17 00:00:00 2001 From: glyph Date: Tue, 7 Dec 2021 14:09:38 +0200 Subject: [PATCH 3/3] update version badge --- peach-lib/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/peach-lib/README.md b/peach-lib/README.md index 7c05a99..2ee3032 100644 --- a/peach-lib/README.md +++ b/peach-lib/README.md @@ -1,6 +1,6 @@ # peach-lib -![Generic badge](https://img.shields.io/badge/version-1.2.9-.svg) +![Generic badge](https://img.shields.io/badge/version-1.3.1-.svg) JSON-RPC client library for the PeachCloud ecosystem. -- 2.49.0