[Heimdal-source-changes] [heimdal/heimdal] 44a1a2: Fix bias in ordering SRV RR results by weight.

[GitHub]

  Branch: refs/heads/master
  Home:   https://github.com/heimdal/heimdal
  Commit: 44a1a2a273d498ac8d9334930150b4480a2fbe5c
      https://github.com/heimdal/heimdal/commit/44a1a2a273d498ac8d9334930150b4480a2fbe5c
  Author: Roland C. Dowdeswell <elric at imrryr.org>
  Date:   2016-11-10 (Thu, 10 Nov 2016)

  Changed paths:
    M lib/roken/resolve.c

  Log Message:
  -----------
  Fix bias in ordering SRV RR results by weight.

In lib/roken/resolve.c, we find rk_dns_srv_order() which re-orders
the results of an SRV RR lookup by the algorithm in RFC2782.  We
fix a bias in the random weight sorting by changing the order of
operations when selecting rnd.  rnd should be a non-zero random
number less than the sum of the weights at a particular priority,
but zero was included as a legitimate output thus biasing the
selection process.  rk_random() % sum is still biased as a 32
bit int modulo a number which doesn't divide 2^32 does not have
a uniform distribution, but the bias should be small enough to
live with for our purposes here.


  Commit: eb682c1bf4a91e20f233f385c640b17e49a9fe64
      https://github.com/heimdal/heimdal/commit/eb682c1bf4a91e20f233f385c640b17e49a9fe64
  Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
  Date:   2016-11-10 (Thu, 10 Nov 2016)

  Changed paths:
    M lib/roken/resolve.c

  Log Message:
  -----------
  Fix weight zero entries when ordering SRV RR results.

In lib/roken/resolve.c, we find rk_dns_srv_order() which re-orders
the results of an SRV RR lookup by the algorithm in RFC2782.  We
note that the algorithm doesn't behave according to the RFC w.r.t.
entries of weight zero.  We solve this by scaling out the remaining
weights by the number of zeros we find at a particular priority
level and acting like the zero weights have a weight of one.


Compare: https://github.com/heimdal/heimdal/compare/13cb3b5646e1...eb682c1bf4a9