diff options
author | Simo Sorce <simo@redhat.com> | 2015-03-10 12:15:50 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-03-10 12:15:50 -0400 |
commit | a99661f55741add441ea13c2779045d5e1ba8102 (patch) | |
tree | 829a6a1c31118e6fb6f1f6b3f45b5ec441ddb293 | |
parent | d11c2c952df6b232b17a26f8433d4919589649ad (diff) | |
download | mod_auth_gssapi-basic_auth.tar.gz mod_auth_gssapi-basic_auth.tar.xz mod_auth_gssapi-basic_auth.zip |
Use apr function for random bytesbasic_auth
The apr function is thread safe while the OpenSSL one depdns on setting
up custom locking, which is hard in a library.
-rw-r--r-- | src/crypto.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/crypto.c b/src/crypto.c index 78429c8..a902d63 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -57,13 +57,13 @@ apr_status_t SEAL_KEY_CREATE(apr_pool_t *p, struct seal_key **skey, memcpy(n->ekey, keys->value, keylen); memcpy(n->hkey, keys->value + keylen, keylen); } else { - ret = RAND_bytes(n->ekey, keylen); + ret = apr_generate_random_bytes(n->ekey, keylen); if (ret == 0) { ret = EFAULT; goto done; } - ret = RAND_bytes(n->hkey, keylen); + ret = apr_generate_random_bytes(n->hkey, keylen); if (ret == 0) { ret = EFAULT; goto done; @@ -98,7 +98,7 @@ apr_status_t SEAL_BUFFER(apr_pool_t *p, struct seal_key *skey, /* confounder to avoid exposing random numbers directly to clients * as IVs */ - ret = RAND_bytes(rbuf, sizeof(rbuf)); + ret = apr_generate_random_bytes(rbuf, sizeof(rbuf)); if (ret == 0) goto done; if (cipher->length == 0) { |