2 files changed, 8 insertions, 8 deletions

diff --git a/src/c/openssl.c b/src/c/openssl.c
index 6a998e29..1d820a34 100644
--- a/src/c/openssl.c
+++ b/src/c/openssl.c
@@ -9,6 +9,7 @@
 #include <string.h>
 
 #include <openssl/sha.h>
+#include <openssl/rand.h>
 
 #define PASSSIZE 4
 
@@ -19,10 +20,11 @@ static int password[PASSSIZE];
 char *uw_sig_file = NULL;
 
 static void random_password() {
-  int i;
-
-  for (i = 0; i < PASSSIZE; ++i)
-    password[i] = rand();
+  if (!RAND_bytes((unsigned char *)password, sizeof password)) {
+    fprintf(stderr, "Error generating random password\n");
+    perror("RAND_bytes");
+    exit(1);
+  }
 }
 
 void uw_init_crypto() {
diff --git a/src/c/urweb.c b/src/c/urweb.c
index 4a00755b..7ad58e1d 100644
--- a/src/c/urweb.c
+++ b/src/c/urweb.c
@@ -171,11 +171,11 @@ static pthread_mutex_t rand_mutex = PTHREAD_MUTEX_INITIALIZER;
 
 static uw_Basis_int my_rand() {
   pthread_mutex_lock(&rand_mutex);
-  int r = RAND_bytes((unsigned char *)&ret, sizeof ret);
+  int ret, r = RAND_bytes((unsigned char *)&ret, sizeof ret);
   pthread_mutex_unlock(&rand_mutex);
 
   if (r)
-    return abs(r);
+    return abs(ret);
   else
     return -1;
 }
@@ -362,8 +362,6 @@ extern void uw_global_custom();
 extern void uw_init_crypto();
 
 void uw_global_init() {
-  srand(time(NULL) ^ getpid());
-
   clients = malloc(0);
 
   uw_global_custom();