AW: Buggy debug output from nrpe since 2.1

Gerhard Lausser Gerhard.Lausser at consol.de
Fri Feb 24 12:40:32 CET 2006

Previous message: Buggy debug output from nrpe since 2.1
Next message: Buggy debug output from nrpe since 2.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 
Hi,

> > >       seed=(int)time(NULL)*311-getpid()*359+getppid()*383;
> > 
> > gettimeofday(&tv);
> > sec = (int)(tv.tv_sec ^ tv.tv_sec >> (__WORDSIZE - 32)); usec = 
> > (int)(tv.tv_usec ^ tv.tv_usec >> (__WORDSIZE - 32)); seed = sec ^ 
> > usec;

These are two tricks i will surely keep in my notes. But the primitive
srand(time(NULL)) i proposed takes place when already two other methods of
seeding failed and even a warning was issued.
 
SSL_init
if RAND_status is not ok
  RAND_load_file(some external seedfile)
    if RAND_status is still not ok
      Warning! 
      srand(time(NULL)) or one of the more tricky srands

If someone can't live with a possibly crackable encryption he should make
precautions so he will never reach this part of the code. 
But as it's just another three lines, i vote for andreas' solution.

Gerhard



-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642

Previous message: Buggy debug output from nrpe since 2.1
Next message: Buggy debug output from nrpe since 2.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Developers mailing list