From 8977d12a4f6d647958b50003c11e396fadffde51 Mon Sep 17 00:00:00 2001
From: Vernon Mauery <vernon.mauery@linux.intel.com>
Date: Wed, 24 Oct 2018 14:02:16 -0700
Subject: netipmid: use libcrypto prng instead of insecure std::rand

std::rand is insecure. Add a simple openssl-crypto wrapper for a similar
interface that can replace it.

Tested-by: Run ipmitool six times in parallel to see that five
           independent sessions are created and the sixth one causes the
           BMC to dump the session list on the console. Note that the
           session numbers are still random.

Change-Id: I0b387f1343abefc45be0d62cf9af45fbd5563047
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
---
 sessions_manager.cpp | 2 --
 1 file changed, 2 deletions(-)

(limited to 'sessions_manager.cpp')

diff --git a/sessions_manager.cpp b/sessions_manager.cpp
index bf7ff34..52d749b 100644
--- a/sessions_manager.cpp
+++ b/sessions_manager.cpp
@@ -20,8 +20,6 @@ Manager::Manager()
      * through the lifetime of the Session Manager.
      */
     sessionsMap.emplace(0, std::make_shared<Session>());
-    // Seeding the pseudo-random generator
-    std::srand(std::time(0));
 }
 
 std::shared_ptr<Session>
-- 
cgit v1.2.1