From ba38594769bc6d4bf3dbb6ab8a666a165a77b8b4 Mon Sep 17 00:00:00 2001
From: Stefan
Date: Tue, 13 Apr 2010 11:49:00 +0200
Subject: Improve random number generator seeding with extra juice from
 /dev/urandom

---
 execute.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'execute.c')

diff --git a/execute.c b/execute.c
index f5d4270..95e9ccc 100644
--- a/execute.c
+++ b/execute.c
@@ -1315,6 +1315,7 @@ static void suhosin_gen_entropy(php_uint32 *seedbuf TSRMLS_DC)
     unsigned long stack_value = (unsigned long)&code_value;
     unsigned long heap_value  = (unsigned long)SUHOSIN_G(r_state);
     suhosin_SHA256_CTX   context;
+    int fd;
     
     code_value ^= code_value >> 32;
     stack_value ^= stack_value >> 32;
@@ -1330,9 +1331,18 @@ static void suhosin_gen_entropy(php_uint32 *seedbuf TSRMLS_DC)
     seedbuf[4] = getpid();
 #endif
     seedbuf[5] = (php_uint32) 0x7fffffff * php_combined_lcg(TSRMLS_C);
-    
+
+#ifndef PHP_WIN32
+    fd = VCWD_OPEN("/dev/urandom", O_RDONLY);
+    if (fd >= 0) {
+        /* ignore error case - if urandom doesn't give us any/enough random bytes */
+        read(fd, &seedbuf[6], 2 * sizeof(php_uint32));
+        close(fd);
+    }
+#endif
+
     suhosin_SHA256Init(&context);
-	suhosin_SHA256Update(&context, (void *) seedbuf, sizeof(php_uint32) * 6);
+	suhosin_SHA256Update(&context, (void *) seedbuf, sizeof(php_uint32) * 8);
 	suhosin_SHA256Final(seedbuf, &context);
 }
 /* }}} */
-- 
cgit v1.3