Add patch which doesn't use the time as seed

This program uses srand/rand which is a pseudo rng. For non crypto operations this may be enough and is still used. Especially initializing the srand() call with time(). But as dinghy pointed out this is a risky behaviour. The added patch replaces time() with an actual random value, but it is still the same PRNG! Still not good. Additionally it requires glibc-2.25
author: Narrat 2017-04-04 02:18:23 +0200
committer: Narrat 2017-04-04 02:24:22 +0200
commit: d238a4a42a5d995c9661a758d8146491d097ab6a (patch)
tree: ee0065328734abaade340e3099ca960b43b01d06 /PKGBUILD
parent: 2a01106a76425d2ace9eddf7096efc14434e8ef4 (diff)
download: aur-d238a4a42a5d995c9661a758d8146491d097ab6a.tar.gz
1 files changed, 12 insertions, 3 deletions
diff --git a/PKGBUILD b/PKGBUILD
index 287cce101693..2b2ef4fd48a7 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,16 +4,19 @@
 _gitname=correcthorse
 pkgname=correcthorse-git
 pkgver=1.0.r23.g2a214af
-pkgrel=1
+pkgrel=2
 pkgdesc="Passphrase generator based on https://xkcd.com/936/"
 arch=('i686' 'x86_64')
 url="https://github.com/rmartinjak/correcthorse"
 license=('WTFPL')
+depends=('glibc>=2.25')
 makedepends=('git')
 provides=('correcthorse')
 conflicts=('correcthorse')
-source=(git://github.com/rmartinjak/correcthorse.git)
-md5sums=('SKIP')
+source=(git://github.com/rmartinjak/correcthorse.git
+        seed.patch)
+md5sums=('SKIP'
+         '34c953a35b1cb563d571005d62c3d199')
 
 
 pkgver() {
@@ -22,6 +25,12 @@ pkgver() {
   git describe --long | sed 's/\([^-]*-g\)/r\1/;s/-/./g;s/v//'
 }
 
+prepare() {
+  cd "$_gitname"
+
+  patch -Np1 -i "${srcdir}/seed.patch"
+}
+
 build() {
   cd "$_gitname"
author	Narrat	2017-04-04 02:18:23 +0200
committer	Narrat	2017-04-04 02:24:22 +0200
commit	d238a4a42a5d995c9661a758d8146491d097ab6a (patch)
tree	ee0065328734abaade340e3099ca960b43b01d06 /PKGBUILD
parent	2a01106a76425d2ace9eddf7096efc14434e8ef4 (diff)
download	aur-d238a4a42a5d995c9661a758d8146491d097ab6a.tar.gz