From: Willy Tarreau <w@1wt.eu>
Date: Mon, 25 May 2026 16:23:30 +0000 (+0200)
Subject: MEDIUM: h1: use ha_random64_pair_hashed() for the WebSocket key
X-Git-Tag: v3.4-dev14~22
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=7ac4d7d69f3abbbbbbd43efe8cc68962aae3252e;p=thirdparty%2Fhaproxy.git

MEDIUM: h1: use ha_random64_pair_hashed() for the WebSocket key

Instead of using two consecutive calls to ha_random64(), let's use the
cleaner and safer ha_random64_pair_hashed(). This way the internal
PRNG state will not leak into the emitted headers.
---

diff --git a/src/h1.c b/src/h1.c
index 8edc816f5..98bb492b2 100644
--- a/src/h1.c
+++ b/src/h1.c
@@ -1272,9 +1272,10 @@ int h1_headers_to_hdr_list(char *start, const char *stop,
 void h1_generate_random_ws_input_key(char key_out[25])
 {
 	/* generate a random websocket key */
-	const uint64_t rand1 = ha_random64(), rand2 = ha_random64();
+	uint64_t rand1, rand2;
 	char key[16];
 
+	ha_random64_pair_hashed(&rand1, &rand2);
 	memcpy(key, &rand1, 8);
 	memcpy(&key[8], &rand2, 8);
 	a2base64(key, 16, key_out, 25);