Commit b8c1216a authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont
Browse files

Improve randomness of RTSP session ID.

Now it should not be possible to guess other people's ID.
parent b5d134fc
...@@ -32,6 +32,7 @@ ...@@ -32,6 +32,7 @@
#include <vlc_httpd.h> #include <vlc_httpd.h>
#include <vlc_url.h> #include <vlc_url.h>
#include <vlc_network.h> #include <vlc_network.h>
#include <vlc_rand.h>
#include <assert.h> #include <assert.h>
#include <errno.h> #include <errno.h>
#include <stdlib.h> #include <stdlib.h>
...@@ -248,7 +249,7 @@ rtsp_session_t *RtspClientNew( rtsp_stream_t *rtsp ) ...@@ -248,7 +249,7 @@ rtsp_session_t *RtspClientNew( rtsp_stream_t *rtsp )
return NULL; return NULL;
s->stream = rtsp; s->stream = rtsp;
s->id = rand(); /* FIXME: not enough entropy */ vlc_rand_bytes (&s->id, sizeof (s->id));
s->trackc = 0; s->trackc = 0;
s->trackv = NULL; s->trackv = NULL;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment