changeset 1497:35020a2ed115

Do not use srand()/rand() if better alternatives exist (mirabilos) arc4random(3) is a self-seeding PRNG available on a lot of OSes (all BSDs, Darwin / Mac OSX, Interix / Microsoft® Services for Unix, Windows® 2003SR1, Windows® Vista, Debian with the new libbsd package installed, ???) and much better than srand(3)/rand(3). Thanks to GNU autoconf, this can be made portable. http://www.mirbsd.org/man/arc4random.3 //mirabilos
author Mikael Berthe <mikael@lilotux.net>
date Mon, 30 Jun 2008 23:13:50 +0200
parents b9f8c1fddb23
children 2eaa52d314e3
files mcabber/configure.ac mcabber/src/jabglue.c mcabber/src/main.c
diffstat 3 files changed, 10 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mcabber/configure.ac	Fri Jun 27 21:56:19 2008 +0200
+++ b/mcabber/configure.ac	Mon Jun 30 23:13:50 2008 +0200
@@ -55,8 +55,8 @@
 AC_TYPE_SIGNAL
 AC_FUNC_STRFTIME
 AC_FUNC_VPRINTF
-AC_CHECK_FUNCS([alarm bzero gethostbyname gethostname inet_ntoa isascii \
-                memmove memset modf select setlocale socket strcasecmp \
+AC_CHECK_FUNCS([alarm arc4random bzero gethostbyname gethostname inet_ntoa \
+                isascii memmove memset modf select setlocale socket strcasecmp \
                 strchr strdup strncasecmp strrchr strstr strcasestr vsnprintf])
 
 
--- a/mcabber/src/jabglue.c	Fri Jun 27 21:56:19 2008 +0200
+++ b/mcabber/src/jabglue.c	Mon Jun 30 23:13:50 2008 +0200
@@ -567,9 +567,13 @@
   static guint msg_idn;
   time_t now;
   time(&now);
+#if HAVE_ARC4RANDOM
+  msg_idn += 1U + (unsigned int) (9.0 * (arc4random() / 4294967296.0));
+#else
   if (!msg_idn)
     srand(now);
   msg_idn += 1U + (unsigned int) (9.0 * (rand() / (RAND_MAX + 1.0)));
+#endif
   return g_strdup_printf("%u%d", msg_idn, (int)(now%10L));
 }
 
--- a/mcabber/src/main.c	Fri Jun 27 21:56:19 2008 +0200
+++ b/mcabber/src/main.c	Mon Jun 30 23:13:50 2008 +0200
@@ -140,12 +140,16 @@
   // in cw_set_ssl_options().
 
   if (!resource) {
+#if HAVE_ARC4RANDOM
+    dynresource = g_strdup_printf("%s.%08x", PACKAGE_NAME, arc4random());
+#else
     unsigned int tab[2];
     srand(time(NULL));
     tab[0] = (unsigned int) (0xffff * (rand() / (RAND_MAX + 1.0)));
     tab[1] = (unsigned int) (0xffff * (rand() / (RAND_MAX + 1.0)));
     dynresource = g_strdup_printf("%s.%04x%04x", PACKAGE_NAME,
                                   tab[0], tab[1]);
+#endif
     resource = dynresource;
   }