Fixed a problem in salt generator

1 files changed, 11 insertions, 4 deletions

diff --git a/modules/pam_unix/md5.c b/modules/pam_unix/md5.c
index 94d3dd4..6732b06 100644
--- a/modules/pam_unix/md5.c
+++ b/modules/pam_unix/md5.c
@@ -16,6 +16,9 @@
  */
 
 #include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -394,14 +397,18 @@ static void to64(char *s, long v, int n) {
 
 /* Salt suitable for traditional DES and MD5 */
 void makesalt(char salt[SALTSIZE]) {
-	        int i;
+	        int i,fd;
+		unsigned char tmp;
 		/* These are not really random numbers, they are just
 		 * numbers that change to thwart construction of a
 		 * dictionary. This is exposed to the public.
 		 */
-		
-		for (i = 0; i < SALTSIZE; i += 4)
-			to64(&salt[i], random(), 4);
+		fd = open("/dev/urandom", O_RDONLY);
+		for (i = 0; i < SALTSIZE; i += 1) {
+			read (fd, &tmp, sizeof(char) );
+			to64(&salt[i], tmp, 1);
+		}
+		close(fd);
 
 		salt[SALTSIZE] = '\0';
 }