@henningw commented on this pull request.
> @@ -236,7 +236,7 @@ int diameter_peer_start(int blocking)
int seed;
peer *p;
- seed = random();
+ seed = kam_rand();
It looks like this seed is later used to seed the glibc random number generator
for (sub-) processes? If yes, then you probably want to use cryptorand() for
it. This is an internal kamailio function that returns a cryptographically
secure random number. The kam_rand() is just a define for rand() from the
glibc, which is quite weak security wise.
This applies also to the other places below.
Please also have a look if you are not seeding the main process again, as this
is already done in main.c and core/pt.c
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/4030#pullrequestreview-2445522777
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/4030/review/2445522...@github.com>_______________________________________________
Kamailio - Development Mailing List -- sr-dev@lists.kamailio.org
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the
sender!
