httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pque...@apache.org
Subject svn commit: r629164 - /httpd/httpd/trunk/support/htpasswd.c
Date Tue, 19 Feb 2008 17:05:28 GMT
Author: pquerna
Date: Tue Feb 19 09:05:26 2008
New Revision: 629164

URL: http://svn.apache.org/viewvc?rev=629164&view=rev
Log:
Improve generation of the seed to rand, by using apr_generate_random_bytes, 
rather than the current time as a seed.

PR: 31440

Modified:
    httpd/httpd/trunk/support/htpasswd.c

Modified: httpd/httpd/trunk/support/htpasswd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/htpasswd.c?rev=629164&r1=629163&r2=629164&view=diff
==============================================================================
--- httpd/httpd/trunk/support/htpasswd.c (original)
+++ httpd/httpd/trunk/support/htpasswd.c Tue Feb 19 09:05:26 2008
@@ -126,6 +126,18 @@
     }
 }
 
+static apr_status_t seed_rand()
+{
+    int seed = 0;
+    apr_status_t rv;
+    rv = apr_generate_random_bytes((unsigned char*) &seed, sizeof(seed));
+    if (rv) {
+        apr_file_printf(errfile, "Unable to generate random bytes: %pm" NL, rv);
+        return rv;
+    }
+    srand(seed);
+    return rv;
+}
 
 static void putline(apr_file_t *f, const char *l)
 {
@@ -174,7 +186,9 @@
         break;
 
     case ALG_APMD5:
-        (void) srand((int) time((time_t *) NULL));
+        if (seed_rand()) {
+            break;
+        }
         generate_salt(&salt[0], 8);
         salt[8] = '\0';
 
@@ -190,7 +204,9 @@
 #if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
     case ALG_CRYPT:
     default:
-        (void) srand((int) time((time_t *) NULL));
+        if (seed_rand()) {
+            break;
+        }
         to64(&salt[0], rand(), 8);
         salt[8] = '\0';
 



Mime
View raw message