Mercurial > urweb

changeset 1486:7f8ddcf12b20

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change Basis.rand to use cryptographically secure generation
author Adam Chlipala <adam@chlipala.net>
date Sun, 03 Jul 2011 16:50:17 -0400
parents 4300592e6803
children 290de2dcecf6
files src/c/urweb.c
diffstat 1 files changed, 8 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/c/urweb.c	Sun Jul 03 16:21:04 2011 -0400
+++ b/src/c/urweb.c	Sun Jul 03 16:50:17 2011 -0400
@@ -14,6 +14,7 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <openssl/des.h>
+#include <openssl/rand.h>
 #include <time.h>
 
 #include <pthread.h>
@@ -3777,8 +3778,13 @@
 }
 
 uw_Basis_int uw_Basis_rand(uw_context ctx) {
-  uw_Basis_int n = abs(rand());
-  return n;
+  uw_Basis_int ret;
+  int r = RAND_bytes((unsigned char *)&ret, sizeof ret);
+  
+  if (r)
+    return abs(ret);
+  else
+    uw_error(ctx, FATAL, "Random number generation failed");
 }
 
 void uw_noPostBody(uw_context ctx) {