From fef78d728fb4c0c6edf7f57bdb43c7f44553d3ed Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Wed, 15 Jan 2025 16:05:28 -0600 Subject: [PATCH 1/7] Add support for UUID versioning and generation of UUIDv7. This update introduces support for generating UUIDs with specific versions, including the newly implemented UUIDv7. The `create_uuid` API has been updated to accept optional version parameters. Additionally, a new utility function `switch_getentropy` was added to ensure secure random number generation. --- src/include/switch_apr.h | 7 +- src/include/switch_utils.h | 6 +- .../applications/mod_commands/mod_commands.c | 9 +- src/switch_apr.c | 17 +++- src/switch_utils.c | 98 ++++++++++++++++++- 5 files changed, 130 insertions(+), 7 deletions(-) diff --git a/src/include/switch_apr.h b/src/include/switch_apr.h index 36f1531beff..c04b481780c 100644 --- a/src/include/switch_apr.h +++ b/src/include/switch_apr.h @@ -560,7 +560,12 @@ SWITCH_DECLARE(void) switch_uuid_format(char *buffer, const switch_uuid_t *uuid) * Generate and return a (new) UUID * @param uuid The resulting UUID */ -SWITCH_DECLARE(void) switch_uuid_get(switch_uuid_t *uuid); +#ifndef DEFAULT_UUID_VERSION +#define DEFAULT_UUID_VERSION 4 +#endif +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v4(switch_uuid_t *uuid); +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_version(switch_uuid_t *uuid, int version); +#define switch_uuid_get(uuid) switch_uuid_generate_version(uuid, DEFAULT_UUID_VERSION); /** * Parse a standard-format string into a UUID diff --git a/src/include/switch_utils.h b/src/include/switch_utils.h index a0c91e6384f..f0cd0010f8e 100644 --- a/src/include/switch_utils.h +++ b/src/include/switch_utils.h @@ -1421,7 +1421,8 @@ SWITCH_DECLARE(void *) switch_calloc(size_t nmemb, size_t size); SWITCH_DECLARE(const char *) switch_inet_ntop(int af, void const *src, char *dst, size_t size); #endif -SWITCH_DECLARE(char *) switch_uuid_str(char *buf, switch_size_t len); +#define switch_uuid_str(buf, len) switch_uuid_str_version(buf, len, DEFAULT_UUID_VERSION); +SWITCH_DECLARE(char *) switch_uuid_str_version(char *buf, switch_size_t len, int version); SWITCH_DECLARE(char *) switch_format_number(const char *num); SWITCH_DECLARE(unsigned int) switch_atoui(const char *nptr); @@ -1518,6 +1519,9 @@ SWITCH_DECLARE(const char *) switch_memory_usage_stream(switch_stream_handle_t * / Compliant random number generator. Returns the value between 0 and 0x7fff (RAND_MAX). **/ SWITCH_DECLARE(int) switch_rand(void); +SWITCH_DECLARE(int) switch_getentropy(void *buffer, switch_size_t length); +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v7(switch_uuid_t *uuid); +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v7(switch_uuid_t *uuid); SWITCH_END_EXTERN_C #endif diff --git a/src/mod/applications/mod_commands/mod_commands.c b/src/mod/applications/mod_commands/mod_commands.c index 5b9620a7812..8541473fbf8 100644 --- a/src/mod/applications/mod_commands/mod_commands.c +++ b/src/mod/applications/mod_commands/mod_commands.c @@ -3162,11 +3162,16 @@ SWITCH_STANDARD_API(tone_detect_session_function) return SWITCH_STATUS_SUCCESS; } +#define UUID_GENERATE_SYNTAX " [4|7]" SWITCH_STANDARD_API(uuid_function) { char uuid_str[SWITCH_UUID_FORMATTED_LENGTH + 1]; + int version = DEFAULT_UUID_VERSION; + if (!zstr(cmd)) { + version = atoi(cmd); + } - switch_uuid_str(uuid_str, sizeof(uuid_str)); + switch_uuid_str_version(uuid_str, sizeof(uuid_str), version); stream->write_function(stream, "%s", uuid_str); return SWITCH_STATUS_SUCCESS; @@ -7598,7 +7603,7 @@ SWITCH_MODULE_LOAD_FUNCTION(mod_commands_load) SWITCH_ADD_API(commands_api_interface, "cond", "Evaluate a conditional", cond_function, " ? : "); SWITCH_ADD_API(commands_api_interface, "console_complete", "", console_complete_function, ""); SWITCH_ADD_API(commands_api_interface, "console_complete_xml", "", console_complete_xml_function, ""); - SWITCH_ADD_API(commands_api_interface, "create_uuid", "Create a uuid", uuid_function, UUID_SYNTAX); + SWITCH_ADD_API(commands_api_interface, "create_uuid", "Create a uuid", uuid_function, UUID_GENERATE_SYNTAX); SWITCH_ADD_API(commands_api_interface, "db_cache", "Manage db cache", db_cache_function, "status"); SWITCH_ADD_API(commands_api_interface, "domain_data", "Find domain data", domain_data_function, " [var|param|attr] "); SWITCH_ADD_API(commands_api_interface, "domain_exists", "Check if a domain exists", domain_exists_function, ""); diff --git a/src/switch_apr.c b/src/switch_apr.c index bd6cfdec560..703f20903fe 100644 --- a/src/switch_apr.c +++ b/src/switch_apr.c @@ -1149,7 +1149,7 @@ SWITCH_DECLARE(void) switch_uuid_format(char *buffer, const switch_uuid_t *uuid) #endif } -SWITCH_DECLARE(void) switch_uuid_get(switch_uuid_t *uuid) +SWITCH_DECLARE(void) switch_uuid_generate_v4(switch_uuid_t *uuid) { switch_mutex_lock(runtime.uuid_mutex); #ifndef WIN32 @@ -1160,6 +1160,21 @@ SWITCH_DECLARE(void) switch_uuid_get(switch_uuid_t *uuid) switch_mutex_unlock(runtime.uuid_mutex); } +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_version(switch_uuid_t *uuid, int version) +{ + switch(version) { + case 4: + switch_uuid_generate_v4(uuid); + break; + case 7: + switch_uuid_generate_v7(uuid); + break; + default: + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "ERROR: Unsupported UUID version %d\n", version); + return SWITCH_STATUS_FALSE; + } +} + SWITCH_DECLARE(switch_status_t) switch_uuid_parse(switch_uuid_t *uuid, const char *uuid_str) { #ifndef WIN32 diff --git a/src/switch_utils.c b/src/switch_utils.c index 1293ca3fbdc..1d91bbe7b43 100644 --- a/src/switch_utils.c +++ b/src/switch_utils.c @@ -4110,14 +4110,14 @@ SWITCH_DECLARE(int) switch_split_user_domain(char *in, char **user, char **domai } -SWITCH_DECLARE(char *) switch_uuid_str(char *buf, switch_size_t len) +SWITCH_DECLARE(char *) switch_uuid_str_version(char *buf, switch_size_t len, int version) { switch_uuid_t uuid; if (len < (SWITCH_UUID_FORMATTED_LENGTH + 1)) { switch_snprintf(buf, len, "INVALID"); } else { - switch_uuid_get(&uuid); + switch_uuid_generate_version(&uuid, version); switch_uuid_format(buf, &uuid); } @@ -4872,6 +4872,100 @@ SWITCH_DECLARE(int) switch_rand(void) #endif } + +SWITCH_DECLARE(int) switch_getentropy(void *buffer, switch_size_t length) +{ + if (!buffer || length > 256) { // Enforce same limit as `getentropy` + errno = EIO; // Input/Output error + return -1; + } + +#ifdef WIN32 + BCRYPT_ALG_HANDLE hAlgorithm = NULL; + NTSTATUS status = BCryptOpenAlgorithmProvider(&hAlgorithm, BCRYPT_RNG_ALGORITHM, NULL, 0); + + if (!BCRYPT_SUCCESS(status)) { + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "BCryptOpenAlgorithmProvider failed with status %d\n", status); + errno = EIO; // Input/Output error + return -1; + } + + status = BCryptGenRandom(hAlgorithm, (PUCHAR)buffer, (ULONG)length, 0); + if (!BCRYPT_SUCCESS(status)) { + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "BCryptGenRandom failed with status %d\n", status); + BCryptCloseAlgorithmProvider(hAlgorithm, 0); + errno = EIO; // Input/Output error + return -1; + } + + BCryptCloseAlgorithmProvider(hAlgorithm, 0); + return 0; + +#elif defined(__unix__) || defined(__APPLE__) + int random_fd = open("/dev/urandom", O_RDONLY); + switch_ssize_t result; + char error_msg[100]; + + if (random_fd == -1) { + strncpy(error_msg, strerror(errno), sizeof(error_msg) - 1); + error_msg[sizeof(error_msg) - 1] = '\0'; + + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "open failed: %s\n", error_msg); + errno = EIO; // Input/Output error + return -1; + } + + result = read(random_fd, buffer, length); + if (result < 0 || (switch_size_t)result != length) { + strncpy(error_msg, strerror(errno), sizeof(error_msg) - 1); + error_msg[sizeof(error_msg) - 1] = '\0'; + + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "read failed: %s\n", error_msg); + close(random_fd); + errno = EIO; // Input/Output error + return -1; + } + + close(random_fd); + return 0; + +#else + // Fallback: Use rand() for platforms that do not support secure randomness + unsigned char *buf = (unsigned char *)buffer; + for (switch_size_t i = 0; i < length; i++) { + buf[i] = (unsigned char)(rand() & 0xFF); // Generate byte-wise randomness + } + return 0; +#endif +} + + +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v7(switch_uuid_t *uuid) { + /* random bytes */ + unsigned char *value = uuid->data; + + if (switch_getentropy(value, 16) != 0) { + return -1; + } + + /* current timestamp in ms */ + switch_time_t timestamp = switch_time_now() / 1000; + + // timestamp + value[0] = (timestamp >> 40) & 0xFF; + value[1] = (timestamp >> 32) & 0xFF; + value[2] = (timestamp >> 24) & 0xFF; + value[3] = (timestamp >> 16) & 0xFF; + value[4] = (timestamp >> 8) & 0xFF; + value[5] = timestamp & 0xFF; + + // version and variant + value[6] = (value[6] & 0x0F) | 0x70; + value[8] = (value[8] & 0x3F) | 0x80; + + return SWITCH_STATUS_SUCCESS; +} + /* For Emacs: * Local Variables: * mode:c From 338186ee5ed350fc60cb2ca04bd693b268a7da57 Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Wed, 15 Jan 2025 16:19:14 -0600 Subject: [PATCH 2/7] fixes --- src/switch_apr.c | 2 +- src/switch_utils.c | 23 ++++++++++++++--------- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/src/switch_apr.c b/src/switch_apr.c index 703f20903fe..6ddb79f4e89 100644 --- a/src/switch_apr.c +++ b/src/switch_apr.c @@ -1149,7 +1149,7 @@ SWITCH_DECLARE(void) switch_uuid_format(char *buffer, const switch_uuid_t *uuid) #endif } -SWITCH_DECLARE(void) switch_uuid_generate_v4(switch_uuid_t *uuid) +SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v4(switch_uuid_t *uuid) { switch_mutex_lock(runtime.uuid_mutex); #ifndef WIN32 diff --git a/src/switch_utils.c b/src/switch_utils.c index 1d91bbe7b43..e55ec00bd12 100644 --- a/src/switch_utils.c +++ b/src/switch_utils.c @@ -4873,13 +4873,8 @@ SWITCH_DECLARE(int) switch_rand(void) } -SWITCH_DECLARE(int) switch_getentropy(void *buffer, switch_size_t length) +static SWITCH_DECLARE(int) _switch_getentropy(void *buffer, switch_size_t length) { - if (!buffer || length > 256) { // Enforce same limit as `getentropy` - errno = EIO; // Input/Output error - return -1; - } - #ifdef WIN32 BCRYPT_ALG_HANDLE hAlgorithm = NULL; NTSTATUS status = BCryptOpenAlgorithmProvider(&hAlgorithm, BCRYPT_RNG_ALGORITHM, NULL, 0); @@ -4940,17 +4935,27 @@ SWITCH_DECLARE(int) switch_getentropy(void *buffer, switch_size_t length) } +SWITCH_DECLARE(int) switch_getentropy(void *buffer, switch_size_t length) +{ + if (!buffer || length > 256) { // Enforce same limit as `getentropy` + errno = EIO; // Input/Output error + return -1; + } + return _switch_getentropy(buffer, length); +} + + SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v7(switch_uuid_t *uuid) { /* random bytes */ unsigned char *value = uuid->data; + /* current timestamp in ms */ + switch_time_t timestamp = switch_time_now() / 1000; + if (switch_getentropy(value, 16) != 0) { return -1; } - /* current timestamp in ms */ - switch_time_t timestamp = switch_time_now() / 1000; - // timestamp value[0] = (timestamp >> 40) & 0xFF; value[1] = (timestamp >> 32) & 0xFF; From 7c16b80e457e586b6a950692e67cf7c9379e894b Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Wed, 15 Jan 2025 16:19:49 -0600 Subject: [PATCH 3/7] fixes 2 --- src/switch_apr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/switch_apr.c b/src/switch_apr.c index 6ddb79f4e89..3224d2aca47 100644 --- a/src/switch_apr.c +++ b/src/switch_apr.c @@ -1164,10 +1164,10 @@ SWITCH_DECLARE(switch_status_t) switch_uuid_generate_version(switch_uuid_t *uuid { switch(version) { case 4: - switch_uuid_generate_v4(uuid); + return switch_uuid_generate_v4(uuid); break; case 7: - switch_uuid_generate_v7(uuid); + return switch_uuid_generate_v7(uuid); break; default: switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "ERROR: Unsupported UUID version %d\n", version); From d6b17a0f15a29f6258527e0b10b8648c2c3e524f Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Wed, 15 Jan 2025 16:21:28 -0600 Subject: [PATCH 4/7] fixes 3 --- src/switch_apr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/switch_apr.c b/src/switch_apr.c index 3224d2aca47..62824ec7061 100644 --- a/src/switch_apr.c +++ b/src/switch_apr.c @@ -1158,6 +1158,8 @@ SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v4(switch_uuid_t *uuid) UuidCreate((UUID *) uuid); #endif switch_mutex_unlock(runtime.uuid_mutex); + + return SWITCH_STATUS_SUCCESS; } SWITCH_DECLARE(switch_status_t) switch_uuid_generate_version(switch_uuid_t *uuid, int version) From 323e9070117d7c89eba2680cbdd59550c00f42ce Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Wed, 15 Jan 2025 16:24:18 -0600 Subject: [PATCH 5/7] fixes 4 --- src/switch_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/switch_utils.c b/src/switch_utils.c index e55ec00bd12..f6f3ac4f60b 100644 --- a/src/switch_utils.c +++ b/src/switch_utils.c @@ -4873,7 +4873,7 @@ SWITCH_DECLARE(int) switch_rand(void) } -static SWITCH_DECLARE(int) _switch_getentropy(void *buffer, switch_size_t length) +static int _switch_getentropy(void *buffer, switch_size_t length) { #ifdef WIN32 BCRYPT_ALG_HANDLE hAlgorithm = NULL; From 575e9bfcff421bb50d369d15122fd03700533aa7 Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Wed, 15 Jan 2025 16:51:28 -0600 Subject: [PATCH 6/7] Fix UUID generation error handling in switch_utils.c Ensure that invalid UUID generation scenarios are correctly handled by checking the return status of `switch_uuid_generate_version`. This prevents potential incorrect formatting or uninitialized usage. --- src/switch_utils.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/switch_utils.c b/src/switch_utils.c index f6f3ac4f60b..4c48e0b0ed9 100644 --- a/src/switch_utils.c +++ b/src/switch_utils.c @@ -4116,8 +4116,9 @@ SWITCH_DECLARE(char *) switch_uuid_str_version(char *buf, switch_size_t len, int if (len < (SWITCH_UUID_FORMATTED_LENGTH + 1)) { switch_snprintf(buf, len, "INVALID"); + } else if (switch_uuid_generate_version(&uuid, version) != SWITCH_STATUS_SUCCESS) { + switch_snprintf(buf, len, "INVALID"); } else { - switch_uuid_generate_version(&uuid, version); switch_uuid_format(buf, &uuid); } From 23e89a55969b70ae692e45e8a3291f5de9b3f819 Mon Sep 17 00:00:00 2001 From: Aron Podrigal Date: Thu, 16 Jan 2025 08:51:02 -0600 Subject: [PATCH 7/7] Remove duplicate declaration of switch_uuid_generate_v7 --- src/include/switch_utils.h | 1 - 1 file changed, 1 deletion(-) diff --git a/src/include/switch_utils.h b/src/include/switch_utils.h index f0cd0010f8e..cf335dbb618 100644 --- a/src/include/switch_utils.h +++ b/src/include/switch_utils.h @@ -1521,7 +1521,6 @@ SWITCH_DECLARE(const char *) switch_memory_usage_stream(switch_stream_handle_t * SWITCH_DECLARE(int) switch_rand(void); SWITCH_DECLARE(int) switch_getentropy(void *buffer, switch_size_t length); SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v7(switch_uuid_t *uuid); -SWITCH_DECLARE(switch_status_t) switch_uuid_generate_v7(switch_uuid_t *uuid); SWITCH_END_EXTERN_C #endif