nghttpx: Use secure random to create websocket nonce

This commit is contained in:
Tatsuhiro Tsujikawa 2021-09-10 22:43:03 +09:00
parent 39b1a51ff4
commit cc5f752f2d
1 changed files with 3 additions and 2 deletions

View File

@ -543,8 +543,9 @@ int HttpDownstreamConnection::push_request_headers() {
if (req.connect_proto == ConnectProto::WEBSOCKET) { if (req.connect_proto == ConnectProto::WEBSOCKET) {
if (req.http_major == 2) { if (req.http_major == 2) {
std::array<uint8_t, 16> nonce; std::array<uint8_t, 16> nonce;
util::random_bytes(std::begin(nonce), std::end(nonce), if (RAND_bytes(nonce.data(), nonce.size()) != 1) {
worker_->get_randgen()); return -1;
}
auto iov = make_byte_ref(balloc, base64::encode_length(nonce.size()) + 1); auto iov = make_byte_ref(balloc, base64::encode_length(nonce.size()) + 1);
auto p = base64::encode(std::begin(nonce), std::end(nonce), iov.base); auto p = base64::encode(std::begin(nonce), std::end(nonce), iov.base);
*p = '\0'; *p = '\0';