From e4a0f14081928fb6bc98fbfaa25b9beb4f906b3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?John=20T=C3=B6rnblom?= Date: Wed, 2 Feb 2011 19:11:37 +0100 Subject: [PATCH] Use OpenSSL to generate a random number, it is probobly better at it. --- src/access.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/access.c b/src/access.c index 6307196c..080d6d84 100644 --- a/src/access.c +++ b/src/access.c @@ -30,6 +30,7 @@ #include #include +#include #include "tvheadend.h" #include "access.h" @@ -90,23 +91,13 @@ access_ticket_create(const char *resource) { uint8_t buf[20]; char id[41]; - unsigned int i, rnd; + unsigned int i; access_ticket_t *at; - SHA_CTX shactx; - static const char hex_string[16] = "0123456789ABCDEF"; - at = calloc(1, sizeof(access_ticket_t)); - rnd = time(NULL); - - //Generate a pseudo-random ticket id - SHA_Init(&shactx); - for(i=0; i<5; i++) { - SHA_Update(&shactx, (const uint8_t *)&rnd, sizeof(int)); - rnd = rand_r(&rnd); - } - SHA_Final(buf, &shactx); + + RAND_bytes(buf, 20); //convert to hexstring for(i=0; i