seed random with a real random data

src/addagent/manage_agents.c

@@ -125,16 +125,8 @@ int add_agent()
     time2 = time(0);
 
 
-    /* Source is time1+ time2 +pid + ppid */
-    #ifndef WIN32
-        #ifdef __OpenBSD__
-        srandomdev();
-        #else
-        srandom((unsigned)(time2 + time1 + getpid() + getppid()));
-        #endif
-    #else
-    srandom(time2 + time1 + getpid());
-    #endif
+
+    srandom_init();
 
     rand1 = random();
 

src/addagent/manage_keys.c

@@ -399,16 +399,8 @@ int k_bulkload(const char *cmdbulk)
         time2 = time(0);
 
 
-        /* Source is time1+ time2 +pid + ppid */
-        #ifndef WIN32
-        #ifdef __OpenBSD__
-        srandomdev();
-        #else
-        srandom((unsigned)(time2 + time1 + getpid() + getppid()));
-        #endif
-        #else
-        srandom(time2 + time1 + getpid());
-        #endif
+
+        srandom_init();
 
         rand1 = random();
 

src/addagent/validate.c

@@ -30,15 +30,7 @@ char *OS_AddNewAgent(const char *name, const char *ip, const char *id)
     char nid[9];
 
 
-    #ifndef WIN32
-        #ifdef __OpenBSD__
-        srandomdev();
-        #else
-        srandom((unsigned)(time(0) + getpid() + getppid()));
-        #endif
-    #else
-        srandom(time(0) + getpid());
-    #endif
+    srandom_init();
 
     muname = getuname();
 

src/client-agent/agentd.c

@@ -100,11 +100,7 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
 
 
     /* Initial random numbers */
-    #ifdef __OpenBSD__
-    srandomdev();
-    #else
-    srandom( time(0) + getpid()+ pid + getppid());
-    #endif
+    srandom_init();
 
     random();
 

src/headers/randombytes.h

@@ -0,0 +1,9 @@
+
+
+#ifndef __RANDOMBYTES_H
+#define __RANDOMBYTES_H
+
+void randombytes(void *ptr, unsigned int length);
+void srandom_init(void);
+
+#endif

src/headers/shared.h

@@ -220,6 +220,7 @@ extern const char *__local_name;
 #include "read-agents.h"
 #include "report_op.h"
 #include "string_op.h"
+#include "randombytes.h"
 
 #include "os_xml/os_xml.h"
 #include "os_regex/os_regex.h"

src/logcollector/main.c

@@ -63,15 +63,7 @@ int main(int argc, char **argv)
     const char *cfg = DEFAULTCPATH;
 
     /* Setuping up random */
-    #ifndef WIN32
-        #ifdef __OpenBSD__
-        srandomdev();
-        #else
-        srandom((unsigned int)time(0));
-        #endif
-    #else
-    srandom(time(0))
-    #endif
+    srandom_init();
 
     /* Setting the name */
     OS_SetName(ARGV0);

src/remoted/main.c

@@ -165,12 +165,8 @@ int main(int argc, char **argv)
     StartSIG(ARGV0);
 
 
-    /* Creating some randoness  */
-    #ifdef __OpenBSD__
-    srandomdev();
-    #else
-    srandom( time(0) + getpid()+ i);
-    #endif
+    /* Setup random */
+    srandom_init();
 
     random();
 

src/shared/randombytes.c

@@ -0,0 +1,63 @@
+#ifdef WIN32
+#include "windows.h"
+#else
+#include <sys/stat.h> 
+#include <fcntl.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "shared.h"
+
+
+void randombytes(void *ptr, unsigned int length)
+{
+
+    char failed = 0;
+
+    #ifdef WIN32
+
+    static HCRYPTPROV prov = 0;
+    if (prov == 0) {
+        if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, 0)) {
+            failed = 1;
+        }
+    }
+    if (!failed && !CryptGenRandom(prov, length, ptr)) {
+        failed = 1;
+    }
+
+    #else
+
+    int fh;
+    if ((fh = open("/dev/urandom", O_RDONLY)) >= 0 || (fh = open("/dev/random", O_RDONLY)) >= 0) {
+        if (read(fh, ptr, length) == 0) {
+            failed = 1;
+        }
+        close(fh);
+    } else {
+        failed = 1;
+    }
+
+    #endif
+
+    if (failed) {
+        ErrorExit("%s: Error in randombytes failed on all possible methods for accessing random data", __local_name);
+    }
+}
+
+
+void srandom_init(void)
+{
+
+    #ifndef WIN32
+    unsigned int seed; 
+    #ifdef __OpenBSD__
+    srandomdev();
+    #else
+    randombytes(&seed, sizeof seed);
+    srandom(seed);
+    #endif  // __OpenBSD__
+    #endif  // Win32
+
+}