summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan2010-03-28 19:55:45 +0200
committerStefan2010-03-28 19:55:45 +0200
commit7d69d6801392232abec655163c2a2af2bb626410 (patch)
tree04a277b8824c96c84d7e2318a3281a07a7eddc07
parent6fb13adf24c1d4a78e9060c0b3e3ee1459e5dd20 (diff)
Increase session identifier entropy by using /dev/urandom if available
Diffstat
-rw-r--r--Changelog1
-rw-r--r--session.c14
2 files changed, 15 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index 17fbc8f..618360b 100644
--- a/Changelog
+++ b/Changelog
@@ -1,6 +1,7 @@
12010-xx-xx - 0.9.31-dev 12010-xx-xx - 0.9.31-dev
2 2
3 - Fix ZTS build of session.c 3 - Fix ZTS build of session.c
4 - Increased session identifier entropy by using /dev/urandom if available
4 5
52010-03-25 - 0.9.30 62010-03-25 - 0.9.30
6 7
diff --git a/session.c b/session.c
index 6b26b11..2e5b092 100644
--- a/session.c
+++ b/session.c
@@ -34,6 +34,8 @@
34#include "ext/standard/php_var.h" 34#include "ext/standard/php_var.h"
35#include "sha256.h" 35#include "sha256.h"
36 36
37#include <fcntl.h>
38
37#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) 39#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH)
38# include "ext/hash/php_hash.h" 40# include "ext/hash/php_hash.h"
39#endif 41#endif
@@ -864,6 +866,18 @@ void suhosin_hook_session(TSRMLS_D)
864 serializer->encode = suhosin_session_encode; 866 serializer->encode = suhosin_session_encode;
865 } 867 }
866#endif 868#endif
869
870 /* increase session identifier entropy */
871 if (SESSION_G(entropy_length) == 0 || SESSION_G(entropy_file) == NULL) {
872
873 /* ensure that /dev/urandom exists */
874 int fd = VCWD_OPEN("/dev/urandom", O_RDONLY);
875 if (fd >= 0) {
876 close(fd);
877 SESSION_G(entropy_length) = 16;
878 SESSION_G(entropy_file) = pestrdup("/dev/urandom", 1);
879 }
880 }
867} 881}
868 882
869void suhosin_unhook_session(TSRMLS_D) 883void suhosin_unhook_session(TSRMLS_D)