From ff6cffa3feaaee11b1a9d27a7eada02fbd9890da Mon Sep 17 00:00:00 2001
From: xingwei<xingwei14@h-partners.com>
Date: Fri, 27 Aug 2021 17:27:24 +0800
Subject: [PATCH] replace random with RAND_priv_bytes

---
 src/yppasswd.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/yppasswd.c b/src/yppasswd.c
index aa7c8a1..ae356ad 100644
--- a/src/yppasswd.c
+++ b/src/yppasswd.c
@@ -44,6 +44,7 @@
 #include <rpcsvc/yp_prot.h>
 #include <rpcsvc/ypclnt.h>
 #include <rpcsvc/yppasswd.h>
+#include <openssl/rand.h>
 
 #ifndef _
 #define _(String) gettext (String)
@@ -517,10 +518,11 @@ create_random_salt (char *salt, int num_chars)
 {
   int fd;
   unsigned char c;
+  unsigned char buf;
   int i;
   int res;
 
-  fd = open ("/dev/urandom", O_RDONLY);
+  fd = open ("/dev/random", O_RDONLY);
 
   for (i = 0; i < num_chars; i++)
     {
@@ -529,7 +531,18 @@ create_random_salt (char *salt, int num_chars)
         res = read (fd, &c, 1);
 
       if (res != 1)
-        c = random ();
+        {
+             while (!RAND_status ())
+               {
+                   RAND_seed (&buf, sizeof (buf));   
+               }
+             if (RAND_priv_bytes (&buf, sizeof (buf)) != 1)
+               {
+                   printf ( _("Failed to generate a random number.\n"));
+                   break;
+               }
+             c = buf;
+        }
 
       salt[i] = bin_to_ascii (c & 0x3f);
     }
@@ -571,7 +584,7 @@ main (int argc, char **argv)
 {
   char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL;
   int f_flag = 0, l_flag = 0, p_flag = 0, error, status;
-  int hash_id = DES;
+  int hash_id = SHA_512;
   char rounds[11] = "\0"; /* max length is '999999999$' */
   struct yppasswd yppwd;
   struct passwd *pwd;
-- 
2.27.0