From f72ba4d36fd6760c227a1d6df6fa00c0ec5f2019 Mon Sep 17 00:00:00 2001
From: brenosilva <brenosilva@9017d574-64ec-4062-9424-5e00b32a252b>
Date: Fri, 15 Jun 2012 13:15:51 +0000
Subject: [PATCH] Improve random number generator

---
 apache2/msc_crypt.c | 54 ++++++++++++++++++++++++++++++++++++++++++++-
 apache2/msc_crypt.h |  5 +++++
 2 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/apache2/msc_crypt.c b/apache2/msc_crypt.c
index 89a8ed5c..46b5d591 100644
--- a/apache2/msc_crypt.c
+++ b/apache2/msc_crypt.c
@@ -116,6 +116,58 @@ char *normalize_path(modsec_rec *msr, char *input) {
     return apr_pstrdup(msr->mp, input);
 }
 
+/**
+ * \brief Create a random number
+ *
+ * \retval seed random seed
+ */
+unsigned long prng()   {
+    short num_matrix1[10]; num_matrix2[10];
+    unsigned long  num, num1, num2;
+    short n, *p;
+    unsigned short seed_num;
+    unsigned long seed;
+
+    seed_num = seed & 16BITS_MASK;
+    num = seed & 31BITS_MASK;
+
+    p = num_matrix1;
+
+    for(n = 18; n-- ; ) {
+        num = 30903*seed_num + (num>>16);
+        *p++ = seed_num = num & 16BITS_MASK;
+        if (n == 9)
+            p = num_matrix2;
+    }
+
+    num_matrix1[0] &= 15BITS_MASK;
+    num_matrix2[0] &= 15BITS_MASK;
+    memcpy((char*)num_matrix1+2,(char*)num_matrix1+1,8*sizeof(short));
+    memcpy((char*)num_matrix2+2,(char*)num_matrix2+1,8*sizeof(short));
+
+    num1 = num_matrix1[0];
+    num2 = num_matrix2[0];
+
+    num1 += 1941 * num_matrix1[2] + 1860 * num_matrix1[3] +
+        1812 * num_matrix1[4] + 1776 * num_matrix1[5] +
+        1492 * num_matrix1[6] + 1215 * num_matrix1[7] +
+        1066 * num_matrix1[8] + 12013 * num_matrix1[9];
+
+    num2 += 1111 * num_matrix2[2] + 2222 * num_matrix2[3] +
+        3333 * num_matrix2[4] + 4444 * num_matrix2[5] +
+        5555 * num_matrix2[6] + 6666 * num_matrix2[7] +
+        7777 * num_matrix2[8] + 9272 * num_matrix2[9];
+
+    num_matrix1[0] = num1/16BITS_MASK;
+    num_matrix2[0] = num2/16BITS_MASK;
+    num_matrix1[1] = 16BITS_MASK&num1;
+    num_matrix2[1] = 16BITS_MASK&num2;
+
+    seed = (((long)num_matrix1[1])<<16)+(long)num_matrix2[1];
+
+    return seed;
+}
+
 /**
  * \brief Create a random password
  *
@@ -139,7 +191,7 @@ unsigned char *getkey(apr_pool_t *mp) {
         seed += data.add;
         data.seed = seed % data.mod;
         output[length] = (rand() % 94 + 33);
-        srand(data.seed + rand() + time(0));
+        srand(data.seed + prng());
     }
 
     key = apr_psprintf(mp,"%s",output);
diff --git a/apache2/msc_crypt.h b/apache2/msc_crypt.h
index 3286fa8f..70192ecc 100644
--- a/apache2/msc_crypt.h
+++ b/apache2/msc_crypt.h
@@ -34,6 +34,11 @@ struct glinear {
   uint32_t add;
 };
 
+#define 16BITS_MASK 65536L
+#define 16BITS_MASK 0xFFFF
+#define 15BITS_MASK 0x7FFF
+#define 31BITS_MASK 0x7FFFFFFF
+
 char DSOLOCAL *hmac(modsec_rec *msr,const unsigned char *key, int key_len,
                      char *msg, int msglen);
 unsigned char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link,