From b88d201ed687735fdb3d8ec8b8c8d0d950d1c2fa Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Mon, 25 May 2026 18:23:30 +0200 Subject: [PATCH] MEDIUM: h1: use ha_random64_pair_hashed() for the WebSocket key Instead of using two consecutive calls to ha_random64(), let's use the cleaner and safer ha_random64_pair_hashed(). This way the internal PRNG state will not leak into the emitted headers. --- src/h1.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/h1.c b/src/h1.c index 4ea759191..e9a801390 100644 --- a/src/h1.c +++ b/src/h1.c @@ -1248,9 +1248,10 @@ int h1_headers_to_hdr_list(char *start, const char *stop, void h1_generate_random_ws_input_key(char key_out[25]) { /* generate a random websocket key */ - const uint64_t rand1 = ha_random64(), rand2 = ha_random64(); + uint64_t rand1, rand2; char key[16]; + ha_random64_pair_hashed(&rand1, &rand2); memcpy(key, &rand1, 8); memcpy(&key[8], &rand2, 8); a2base64(key, 16, key_out, 25);