Replaced random() with arc4random().

This commit is contained in:
default 2023-04-16 20:19:25 +02:00
parent 8205159f8c
commit f658f345ca
3 changed files with 8 additions and 9 deletions

View file

@ -21,10 +21,10 @@ static xs_str *random_str(void)
fclose(f); fclose(f);
} }
else { else {
data[0] = random() % 0xffffffff; data[0] = arc4random();
data[1] = random() % 0xffffffff; data[1] = arc4random();
data[2] = random() % 0xffffffff; data[2] = arc4random();
data[3] = random() % 0xffffffff; data[3] = arc4random();
} }
return xs_hex_enc((char *)data, sizeof(data)); return xs_hex_enc((char *)data, sizeof(data));

2
snac.c
View file

@ -123,7 +123,7 @@ d_char *hash_password(const char *uid, const char *passwd, const char *nonce)
xs *hash; xs *hash;
if (nonce == NULL) { if (nonce == NULL) {
d_nonce = xs_fmt("%08x", random()); d_nonce = xs_fmt("%08x", arc4random());
nonce = d_nonce; nonce = d_nonce;
} }

View file

@ -198,10 +198,9 @@ void new_password(const char *uid, d_char **clear_pwd, d_char **hashed_pwd)
{ {
int rndbuf[3]; int rndbuf[3];
srandom(time(NULL) ^ getpid()); rndbuf[0] = arc4random();
rndbuf[0] = random() & 0xffffffff; rndbuf[1] = arc4random();
rndbuf[1] = random() & 0xffffffff; rndbuf[2] = arc4random();
rndbuf[2] = random() & 0xffffffff;
*clear_pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf)); *clear_pwd = xs_base64_enc((char *)rndbuf, sizeof(rndbuf));
*hashed_pwd = hash_password(uid, *clear_pwd, NULL); *hashed_pwd = hash_password(uid, *clear_pwd, NULL);