mbedtls: add --function-sections and --data-sections to CFLAGS

[openwrt/openwrt.git] / package / utils / px5g-standalone / src / library / x509write.c

diff --git a/package/utils/px5g-standalone/src/library/x509write.c b/package/utils/px5g-standalone/src/library/x509write.c
index fabee20ea65a7f5eb16fdf86201b350cb6ed574d..2b0eb715630cf13e9d8e349451d1d1335f3dbd88 100644 (file)
--- a/package/utils/px5g-standalone/src/library/x509write.c
+++ b/package/utils/px5g-standalone/src/library/x509write.c
@@ -570,7 +570,7 @@ static int x509write_file(x509_node *node, char *path, int format,
             break;
 
         case X509_OUTPUT_PEM:
-            if (fprintf(ofstream,pem_prolog)<0) {
+            if (fprintf(ofstream, "%s", pem_prolog)<0) {
                 is_err = -1;
                 break;
             }
@@ -589,7 +589,7 @@ static int x509write_file(x509_node *node, char *path, int format,
                 fprintf(ofstream,"%.64s\n",&base_buf[i]);
             }
 
-            if (fprintf(ofstream, pem_epilog)<0) {
+            if (fprintf(ofstream, "%s", pem_epilog)<0) {
                 is_err = -1;
                 break;
             }
@@ -999,6 +999,26 @@ static int x509write_make_sign(x509_raw *chain, rsa_context *privkey)
                   (unsigned char*)"", 0);
 }
 
+/*
+ * Create a random serial
+ */
+static int get_random_serial(void)
+{
+    int random = 0;
+    FILE *fd;
+
+    fd = fopen("/dev/urandom", "r");
+
+    if (fd) {
+       if (fread(&random, 1, sizeof(random), fd) != sizeof(random))
+            random = 0;
+
+        fclose(fd);
+    }
+
+    return random;
+}
+
 /*
  * Create a self signed certificate
  */
@@ -1020,8 +1040,11 @@ int x509write_create_sign(x509_raw *chain, rsa_context *privkey)
     /*
      *  CertificateSerialNumber  ::=  INTEGER
      */
-    srand((unsigned int) time(NULL));
-    serial = rand();
+    serial = get_random_serial();
+
+    if (serial == 0)
+        return 1;
+
     if ((ret = asn1_add_int(serial, &chain->serial)) != 0)
         return ret;