From e435032d6e17b0f4ad34b88d1f82804dc9af13e0 Mon Sep 17 00:00:00 2001
From: Sebastian Wilhelmi <wilhelmi@ira.uka.de>
Date: Thu, 19 Aug 1999 08:32:03 +0000
Subject: [PATCH] Use /dev/urandom, as it doesn't block, which /dev/random
 might do. Do not

1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>

	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
	which /dev/random might do. Do not XOR the time, when getting the
	seed form /dev/urandom, as this is good itself. Prevent the
	initial seed from being zero, which causes the PRNG to produce
	only zeros. Hints from Colin Plumb <colin@pgp.com>.
---
 ChangeLog          |  8 ++++++++
 ChangeLog.pre-2-0  |  8 ++++++++
 ChangeLog.pre-2-10 |  8 ++++++++
 ChangeLog.pre-2-12 |  8 ++++++++
 ChangeLog.pre-2-2  |  8 ++++++++
 ChangeLog.pre-2-4  |  8 ++++++++
 ChangeLog.pre-2-6  |  8 ++++++++
 ChangeLog.pre-2-8  |  8 ++++++++
 glib/grand.c       | 34 ++++++++++++++++++----------------
 grand.c            | 34 ++++++++++++++++++----------------
 10 files changed, 100 insertions(+), 32 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index a5660c2e4..b865bde81 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-0 b/ChangeLog.pre-2-0
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-0
+++ b/ChangeLog.pre-2-0
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-10 b/ChangeLog.pre-2-10
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-10
+++ b/ChangeLog.pre-2-10
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-12 b/ChangeLog.pre-2-12
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-12
+++ b/ChangeLog.pre-2-12
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-2 b/ChangeLog.pre-2-2
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-2
+++ b/ChangeLog.pre-2-2
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-4 b/ChangeLog.pre-2-4
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-4
+++ b/ChangeLog.pre-2-4
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-6 b/ChangeLog.pre-2-6
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-6
+++ b/ChangeLog.pre-2-6
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/ChangeLog.pre-2-8 b/ChangeLog.pre-2-8
index a5660c2e4..b865bde81 100644
--- a/ChangeLog.pre-2-8
+++ b/ChangeLog.pre-2-8
@@ -1,3 +1,11 @@
+1999-07-23  Sebastian Wilhelmi  <wilhelmi@ira.uka.de>
+
+	* grand.c (g_rand_new): Use /dev/urandom, as it doesn't block,
+	which /dev/random might do. Do not XOR the time, when getting the
+	seed form /dev/urandom, as this is good itself. Prevent the
+	initial seed from being zero, which causes the PRNG to produce
+	only zeros. Hints from Colin Plumb <colin@pgp.com>.
+
 1999-08-17  Tor Lillqvist  <tml@iki.fi>
 
 	* glib.h (g_trash_stack_push): Add a cast.
diff --git a/glib/grand.c b/glib/grand.c
index 83b1bc34e..47b9700b3 100644
--- a/glib/grand.c
+++ b/glib/grand.c
@@ -75,31 +75,29 @@ g_rand_new_with_seed (guint32 seed)
 GRand* 
 g_rand_new (void)
 {
-  guint32 seed = 0;
+  guint32 seed;
   GTimeVal now;
-  static gboolean dev_random_exists = TRUE;
+  static gboolean dev_urandom_exists = TRUE;
   
-  if (dev_random_exists)
+  if (dev_urandom_exists)
     {
-      FILE* dev_random = fopen("/dev/random", "rb");
-      if (dev_random)
+      FILE* dev_urandom = fopen("/dev/urandom", "rb");
+      if (dev_urandom)
 	{
-	  if (fread (&seed, sizeof (seed), 1, dev_random) != 1)
+	  if (fread (&seed, sizeof (seed), 1, dev_urandom) != 1)
 	    seed = 0;
 	  else
-	    dev_random_exists = FALSE;
-	  fclose (dev_random);
+	    dev_urandom_exists = FALSE;
+	  fclose (dev_urandom);
 	}	
       else
-	dev_random_exists = FALSE;
+	dev_urandom_exists = FALSE;
+    }
+  if (!dev_urandom_exists)
+    {  
+      g_get_current_time (&now);
+      seed = now.tv_sec ^ now.tv_usec;
     }
-
-  /* Using /dev/random alone makes the seed computable for the
-     outside. This might pose security problems somewhere. This should
-     yield better values */
-
-  g_get_current_time (&now);
-  seed ^= now.tv_sec ^ now.tv_usec;
 
   return g_rand_new_with_seed (seed);
 }
@@ -121,6 +119,10 @@ g_rand_set_seed (GRand* rand, guint32 seed)
   /* the generator Line 25 of Table 1 in          */
   /* [KNUTH 1981, The Art of Computer Programming */
   /*    Vol. 2 (2nd Ed.), pp102]                  */
+  
+  if (seed == 0) /* This would make the PRNG procude only zeros */
+    seed = 0x6b842128; /* Just set it to another number */
+
   rand->mt[0]= seed & 0xffffffff;
   for (rand->mti=1; rand->mti<N; rand->mti++)
     rand->mt[rand->mti] = (69069 * rand->mt[rand->mti-1]) & 0xffffffff;
diff --git a/grand.c b/grand.c
index 83b1bc34e..47b9700b3 100644
--- a/grand.c
+++ b/grand.c
@@ -75,31 +75,29 @@ g_rand_new_with_seed (guint32 seed)
 GRand* 
 g_rand_new (void)
 {
-  guint32 seed = 0;
+  guint32 seed;
   GTimeVal now;
-  static gboolean dev_random_exists = TRUE;
+  static gboolean dev_urandom_exists = TRUE;
   
-  if (dev_random_exists)
+  if (dev_urandom_exists)
     {
-      FILE* dev_random = fopen("/dev/random", "rb");
-      if (dev_random)
+      FILE* dev_urandom = fopen("/dev/urandom", "rb");
+      if (dev_urandom)
 	{
-	  if (fread (&seed, sizeof (seed), 1, dev_random) != 1)
+	  if (fread (&seed, sizeof (seed), 1, dev_urandom) != 1)
 	    seed = 0;
 	  else
-	    dev_random_exists = FALSE;
-	  fclose (dev_random);
+	    dev_urandom_exists = FALSE;
+	  fclose (dev_urandom);
 	}	
       else
-	dev_random_exists = FALSE;
+	dev_urandom_exists = FALSE;
+    }
+  if (!dev_urandom_exists)
+    {  
+      g_get_current_time (&now);
+      seed = now.tv_sec ^ now.tv_usec;
     }
-
-  /* Using /dev/random alone makes the seed computable for the
-     outside. This might pose security problems somewhere. This should
-     yield better values */
-
-  g_get_current_time (&now);
-  seed ^= now.tv_sec ^ now.tv_usec;
 
   return g_rand_new_with_seed (seed);
 }
@@ -121,6 +119,10 @@ g_rand_set_seed (GRand* rand, guint32 seed)
   /* the generator Line 25 of Table 1 in          */
   /* [KNUTH 1981, The Art of Computer Programming */
   /*    Vol. 2 (2nd Ed.), pp102]                  */
+  
+  if (seed == 0) /* This would make the PRNG procude only zeros */
+    seed = 0x6b842128; /* Just set it to another number */
+
   rand->mt[0]= seed & 0xffffffff;
   for (rand->mti=1; rand->mti<N; rand->mti++)
     rand->mt[rand->mti] = (69069 * rand->mt[rand->mti-1]) & 0xffffffff;