* Final bit of patching for the IPGM exploit. Random number generator is

[citadel.git] / citadel / citserver.c

diff --git a/citadel/citserver.c b/citadel/citserver.c
index b07a0d637404c65ace2b454d55ae924acc99166e..b2c3641982f407d49d746dbbf6127ba9a9e9c06e 100644 (file)
--- a/citadel/citserver.c
+++ b/citadel/citserver.c
@@ -74,6 +74,8 @@ time_t server_startup_time;
  */
 void master_startup(void) {
        struct timeval tv;
+       unsigned int seed;
+       FILE *urandom;
        struct ctdlroom qrbuf;
        
        lprintf(9, "master_startup() started\n");
@@ -100,15 +102,27 @@ void master_startup(void) {
                 lputroom(&qrbuf);
         }
 
-
        lprintf(7, "Seeding the pseudo-random number generator...\n");
-       gettimeofday(&tv, NULL);
-       srand(tv.tv_usec);
+       urandom = fopen("/dev/urandom", "r");
+       if (urandom != NULL) {
+               fread(&seed, sizeof seed, 1, urandom);
+               fclose(urandom);
+       }
+       else {
+               gettimeofday(&tv, NULL);
+               seed = tv.tv_usec;
+       }
+       srandom(seed);
+
+       lprintf(7, "Initializing ipgm secret\n");
+       get_config();
+       config.c_ipgm_secret = rand();
+       put_config();
+
        lprintf(9, "master_startup() finished\n");
 }
 
 
-
 /*
  * Cleanup routine to be called when the server is shutting down.
  * WARNING: It's no longer safe to call this function to force a shutdown.
@@ -774,7 +788,7 @@ void cmd_ipgm(char *argbuf)
                CC->internal_pgm = 1;
                strcpy(CC->curr_user, "<internal program>");
                CC->cs_flags = CC->cs_flags|CS_STEALTH;
-               cprintf("%d Authenticated as an internal program.\n",CIT_OK);
+               cprintf("%d Authenticated as an internal program.\n", CIT_OK);
        }
        else {
                sleep(5);