aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils/px5g-standalone
diff options
context:
space:
mode:
authorJo-Philipp Wich <jow@openwrt.org>2014-10-27 11:07:38 +0000
committerJo-Philipp Wich <jow@openwrt.org>2014-10-27 11:07:38 +0000
commit8036afcbcb8404666adf7900067f2fd2f486cedc (patch)
tree3fbb49dbc088cdd3e4cd8bdd078c2e12a7033b11 /package/utils/px5g-standalone
parent9337856e365511b8b49e5724f82699b5ff1d11fe (diff)
downloadupstream-8036afcbcb8404666adf7900067f2fd2f486cedc.tar.gz
upstream-8036afcbcb8404666adf7900067f2fd2f486cedc.tar.bz2
upstream-8036afcbcb8404666adf7900067f2fd2f486cedc.zip
px5g-standalone: use /dev/urandom to initialize serial (#18232)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43080 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/utils/px5g-standalone')
-rw-r--r--package/utils/px5g-standalone/Makefile4
-rw-r--r--package/utils/px5g-standalone/src/library/x509write.c27
2 files changed, 27 insertions, 4 deletions
diff --git a/package/utils/px5g-standalone/Makefile b/package/utils/px5g-standalone/Makefile
index fc5f391bf7..d6843b0137 100644
--- a/package/utils/px5g-standalone/Makefile
+++ b/package/utils/px5g-standalone/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
+# Copyright (C) 2010-2014 Jo-Philipp Wich <xm@subsignal.org>
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=px5g
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
PKG_CHECK_FORMAT_SECURITY:=0
diff --git a/package/utils/px5g-standalone/src/library/x509write.c b/package/utils/px5g-standalone/src/library/x509write.c
index fabee20ea6..1091568745 100644
--- a/package/utils/px5g-standalone/src/library/x509write.c
+++ b/package/utils/px5g-standalone/src/library/x509write.c
@@ -1000,6 +1000,26 @@ static int x509write_make_sign(x509_raw *chain, rsa_context *privkey)
}
/*
+ * Create a random serial
+ */
+static int get_random_serial(void)
+{
+ int random = 0;
+ FILE *fd;
+
+ fd = fopen("/dev/urandom", "r");
+
+ if (fd) {
+ if (fread(&random, 1, sizeof(random), fd) != sizeof(random))
+ random = 0;
+
+ fclose(fd);
+ }
+
+ return random;
+}
+
+/*
* Create a self signed certificate
*/
int x509write_create_sign(x509_raw *chain, rsa_context *privkey)
@@ -1020,8 +1040,11 @@ int x509write_create_sign(x509_raw *chain, rsa_context *privkey)
/*
* CertificateSerialNumber ::= INTEGER
*/
- srand((unsigned int) time(NULL));
- serial = rand();
+ serial = get_random_serial();
+
+ if (serial == 0)
+ return 1;
+
if ((ret = asn1_add_int(serial, &chain->serial)) != 0)
return ret;