Added random_bytes() function for better/more reliable randomization and

moved set_eval_ops() to a slightly more suitable place.
author: Wilmer van der Gaast <wilmer@gaast.net> 2006-06-28 16:47:05 +0200
committer: Wilmer van der Gaast <wilmer@gaast.net> 2006-06-28 16:47:05 +0200
commit: 171946457cccb7280f0918201093e79bbc9eac72 (patch)
tree: 59b41cf763f80bc8800ae183b649e414f7ac2b72 /storage_xml.c
parent: b3c467bc312114eb7cdd45e6bc36a3d87bee6064 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/storage_xml.c b/storage_xml.c
index cc3498af..5a8b51ef 100644
--- a/storage_xml.c
+++ b/storage_xml.c
@@ -370,7 +370,7 @@ static storage_status_t xml_save( irc_t *irc, int overwrite )
 	set_t *set;
 	nick_t *nick;
 	account_t *acc;
-	int fd, i;
+	int fd;
 	md5_byte_t pass_md5[21];
 	md5_state_t md5_state;
 	
@@ -395,8 +395,7 @@ static storage_status_t xml_save( irc_t *irc, int overwrite )
 	/* Generate a salted md5sum of the password. Use 5 bytes for the salt
 	   (to prevent dictionary lookups of passwords) to end up with a 21-
 	   byte password hash, more convenient for base64 encoding. */
-	for( i = 0; i < 5; i ++ )
-		pass_md5[16+i] = rand() & 0xff;
+	random_bytes( pass_md5 + 16, 5 );
 	md5_init( &md5_state );
 	md5_append( &md5_state, (md5_byte_t*) irc->password, strlen( irc->password ) );
 	md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
author	Wilmer van der Gaast <wilmer@gaast.net>	2006-06-28 16:47:05 +0200
committer	Wilmer van der Gaast <wilmer@gaast.net>	2006-06-28 16:47:05 +0200
commit	171946457cccb7280f0918201093e79bbc9eac72 (patch)
tree	59b41cf763f80bc8800ae183b649e414f7ac2b72 /storage_xml.c
parent	b3c467bc312114eb7cdd45e6bc36a3d87bee6064 (diff)