From: Joe Orton <jorton@apache.org>
Date: Thu, 8 Aug 2019 12:03:14 +0000 (+0000)
Subject: * modules/proxy/proxy_util.c (ap_proxy_share_balancer): Create the
X-Git-Tag: 2.5.0-alpha2-ci-test-only~1950
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9fb03866537e0b823f9fe23db3e162e475e21e83;p=thirdparty%2Fapache%2Fhttpd.git

* modules/proxy/proxy_util.c (ap_proxy_share_balancer): Create the
  nonce as a pseudo-UUID using the PRNG.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1864693 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index 4c5d4c89f07..b4e26672dc8 100644
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -1247,10 +1247,11 @@ PROXY_DECLARE(apr_status_t) ap_proxy_share_balancer(proxy_balancer *balancer,
     if (*balancer->s->nonce == PROXY_UNSET_NONCE) {
         char nonce[APR_UUID_FORMATTED_LENGTH + 1];
         apr_uuid_t uuid;
-        /* Retrieve a UUID and store the nonce for the lifetime of
-         * the process.
-         */
-        apr_uuid_get(&uuid);
+
+        /* Generate a pseudo-UUID from the PRNG to use as a nonce for
+         * the lifetime of the process. uuid.data is a char array so
+         * this is an adequate substitute for apr_uuid_get(). */
+        ap_random_insecure_bytes(uuid.data, sizeof uuid.data);
         apr_uuid_format(nonce, &uuid);
         rv = PROXY_STRNCPY(balancer->s->nonce, nonce);
     }