From bbb1462169ee11d2744adf33f272601d6129b527 Mon Sep 17 00:00:00 2001
From: clowwindy <clowwindy42@gmail.com>
Date: Sun, 30 Jun 2013 11:09:24 +0800
Subject: [PATCH] use OpenSSL's RAND_bytes() instead of glibc's rand()

---
 src/encrypt.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/encrypt.c b/src/encrypt.c
index a33a93d4..d4ce3d61 100644
--- a/src/encrypt.c
+++ b/src/encrypt.c
@@ -4,6 +4,7 @@
 
 #include <stdint.h>
 #include <openssl/md5.h>
+#include <openssl/rand.h>
 
 #include "encrypt.h"
 #include "utils.h"
@@ -160,9 +161,7 @@ char* ss_encrypt(char *plaintext, ssize_t *len, struct enc_ctx *ctx) {
             int i;
             uint8_t iv[EVP_MAX_IV_LENGTH];
             iv_len = enc_iv_len;
-            for (i = 0; i < iv_len; i++) {
-                iv[i] = rand() % 256;
-            }
+            RAND_bytes(iv, iv_len);
             EVP_CipherInit_ex(&ctx->evp, NULL, NULL, enc_key, iv, 1);
             memcpy(ciphertext, iv, iv_len);
             ctx->init = 1;