From 0fb7bf7edd33bcbb26ead986309e6544ab325d68 Mon Sep 17 00:00:00 2001
From: kpfleming <kpfleming@614ede4d-c843-0410-af14-a771ab80d22e>
Date: Thu, 21 Feb 2008 14:33:51 +0000
Subject: [PATCH] reduce the likelihood that HTTP Manager session ids will consist of primarily '1' bits
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@104015 614ede4d-c843-0410-af14-a771ab80d22e
---
main/manager.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/main/manager.c b/main/manager.c
index 8e33096..3edbc3e 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -2660,7 +2660,7 @@ static char *generic_http_callback(int format, struct sockaddr_in *requestor, co
ast_mutex_init(&s->__lock);
ast_mutex_lock(&s->__lock);
s->inuse = 1;
- s->managerid = rand() | (unsigned long)s;
+ s->managerid = rand() ^ (unsigned long) s;
AST_LIST_LOCK(&sessions);
AST_LIST_INSERT_HEAD(&sessions, s, list);
/* Hook into the last spot in the event queue */
--
1.5.4.3
From 7403fb6e261f26b0e01bd538e61ded65c8321ba6 Mon Sep 17 00:00:00 2001
From: tilghman <tilghman@614ede4d-c843-0410-af14-a771ab80d22e>
Date: Wed, 27 Feb 2008 18:15:10 +0000
Subject: [PATCH] Ensure the session ID can't be 0.
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@104704 614ede4d-c843-0410-af14-a771ab80d22e
---
main/manager.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/main/manager.c b/main/manager.c
index 3edbc3e..b78ecf5 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -2660,7 +2660,12 @@ static char *generic_http_callback(int format, struct sockaddr_in *requestor, co
ast_mutex_init(&s->__lock);
ast_mutex_lock(&s->__lock);
s->inuse = 1;
- s->managerid = rand() ^ (unsigned long) s;
+ /*!\note There is approximately a 1 in 1.8E19 chance that the following
+ * calculation will produce 0, which is an invalid ID, but due to the
+ * properties of the rand() function (and the constantcy of s), that
+ * won't happen twice in a row.
+ */
+ while ((s->managerid = rand() ^ (unsigned long) s) == 0);
AST_LIST_LOCK(&sessions);
AST_LIST_INSERT_HEAD(&sessions, s, list);
/* Hook into the last spot in the event queue */
--
1.5.4.3