https://bugzilla.novell.com/show_bug.cgi?id=852224
https://bugzilla.novell.com/show_bug.cgi?id=852224#c6
--- Comment #6 from Marcus Meissner
Is suppose this is part of the fix.
+void +xb_crypt_init_iv() +{ + uint seed = time(NULL); + srandom(seed); +}
That's at-best a 32-bit nonce, but would only repeat of srandom() had collisions. Presumably more than 1 backup a second is rare? Just reading data from /dev/urandom would be more robust. On a side note, a constant IV isn't fatal so long as a unique key is used every time. Is the key random, password derived or constant? Regards, Michael -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.