diff -upr apache-couchdb-2.0.0.orig/src/b64url/test/benchmark.escript apache-couchdb-2.0.0/src/b64url/test/benchmark.escript --- apache-couchdb-2.0.0.orig/src/b64url/test/benchmark.escript 2016-01-22 11:59:40.000000000 +0200 +++ apache-couchdb-2.0.0/src/b64url/test/benchmark.escript 2017-06-10 12:34:15.420957491 +0300 @@ -117,7 +117,7 @@ run_worker(St, Started) -> do_round_trip(St) -> Size = St#st.minsize + random:uniform(St#st.maxsize - St#st.minsize), - Data = crypto:rand_bytes(Size), + Data = crypto:strong_rand_bytes(Size), Encoded = (St#st.module):encode(Data), Data = (St#st.module):decode(Encoded), St#st{total_bytes=St#st.total_bytes+Size}. diff -upr apache-couchdb-2.0.0.orig/src/chttpd/src/chttpd.erl apache-couchdb-2.0.0/src/chttpd/src/chttpd.erl --- apache-couchdb-2.0.0.orig/src/chttpd/src/chttpd.erl 2016-09-10 21:12:34.000000000 +0300 +++ apache-couchdb-2.0.0/src/chttpd/src/chttpd.erl 2017-06-10 12:34:15.434291195 +0300 @@ -202,7 +202,7 @@ handle_request_int(MochiReq) -> Other -> Other end, - Nonce = couch_util:to_hex(crypto:rand_bytes(5)), + Nonce = couch_util:to_hex(crypto:strong_rand_bytes(5)), HttpReq0 = #httpd{ mochi_req = MochiReq, diff -upr apache-couchdb-2.0.0.orig/src/couch/src/couch_uuids.erl apache-couchdb-2.0.0/src/couch/src/couch_uuids.erl --- apache-couchdb-2.0.0.orig/src/couch/src/couch_uuids.erl 2016-09-12 12:28:51.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch/src/couch_uuids.erl 2017-06-10 12:34:15.424290917 +0300 @@ -37,10 +37,10 @@ new() -> gen_server:call(?MODULE, create). random() -> - list_to_binary(couch_util:to_hex(crypto:rand_bytes(16))). + list_to_binary(couch_util:to_hex(crypto:strong_rand_bytes(16))). utc_random() -> - utc_suffix(couch_util:to_hex(crypto:rand_bytes(9))). + utc_suffix(couch_util:to_hex(crypto:strong_rand_bytes(9))). utc_suffix(Suffix) -> Now = {_, _, Micro} = erlang:now(), % uniqueness is used. @@ -100,7 +100,7 @@ handle_config_terminate(_Server, _Reason erlang:send_after(?RELISTEN_DELAY, whereis(?MODULE), restart_config_listener). new_prefix() -> - couch_util:to_hex((crypto:rand_bytes(13))). + couch_util:to_hex((crypto:strong_rand_bytes(13))). inc() -> crypto:rand_uniform(1, 16#ffe). diff -upr apache-couchdb-2.0.0.orig/src/couch/test/couchdb_views_tests.erl apache-couchdb-2.0.0/src/couch/test/couchdb_views_tests.erl --- apache-couchdb-2.0.0.orig/src/couch/test/couchdb_views_tests.erl 2016-09-12 12:28:51.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch/test/couchdb_views_tests.erl 2017-06-10 12:34:15.427624343 +0300 @@ -441,7 +441,7 @@ populate_db(Db, BatchSize, N) when N > 0 fun(_) -> couch_doc:from_json_obj({[ {<<"_id">>, couch_uuids:new()}, - {<<"value">>, base64:encode(crypto:rand_bytes(1000))} + {<<"value">>, base64:encode(crypto:strong_rand_bytes(1000))} ]}) end, lists:seq(1, BatchSize)), diff -upr apache-couchdb-2.0.0.orig/src/couch/test/couch_work_queue_tests.erl apache-couchdb-2.0.0/src/couch/test/couch_work_queue_tests.erl --- apache-couchdb-2.0.0.orig/src/couch/test/couch_work_queue_tests.erl 2016-09-12 12:28:51.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch/test/couch_work_queue_tests.erl 2017-06-10 12:34:15.424290917 +0300 @@ -335,7 +335,7 @@ producer_loop(Parent, Q) -> Parent ! {pong, Ref}, producer_loop(Parent, Q); {produce, Ref, Size} -> - Item = crypto:rand_bytes(Size), + Item = crypto:strong_rand_bytes(Size), Parent ! {item, Ref, Item}, ok = couch_work_queue:queue(Q, Item), producer_loop(Parent, Q) diff -upr apache-couchdb-2.0.0.orig/src/couch_epi/src/couch_epi_util.erl apache-couchdb-2.0.0/src/couch_epi/src/couch_epi_util.erl --- apache-couchdb-2.0.0.orig/src/couch_epi/src/couch_epi_util.erl 2016-07-14 17:56:42.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch_epi/src/couch_epi_util.erl 2017-06-10 12:33:45.793464926 +0300 @@ -26,6 +26,7 @@ hash(Term) -> lists:flatten(io_lib:format("\"~.36B\"",[SigInt])). md5(Data) -> + {module, crypto} = code:ensure_loaded(crypto), case erlang:function_exported(crypto, hash, 2) of true -> crypto:hash(md5, Data); diff -upr apache-couchdb-2.0.0.orig/src/couch_replicator/test/couch_replicator_large_atts_tests.erl apache-couchdb-2.0.0/src/couch_replicator/test/couch_replicator_large_atts_tests.erl --- apache-couchdb-2.0.0.orig/src/couch_replicator/test/couch_replicator_large_atts_tests.erl 2016-09-01 21:59:13.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch_replicator/test/couch_replicator_large_atts_tests.erl 2017-06-10 12:34:15.424290917 +0300 @@ -120,5 +120,5 @@ att(Name, Size, Type) -> {name, Name}, {type, Type}, {att_len, Size}, - {data, fun(Count) -> crypto:rand_bytes(Count) end} + {data, fun(Count) -> crypto:strong_rand_bytes(Count) end} ]). diff -upr apache-couchdb-2.0.0.orig/src/couch_replicator/test/couch_replicator_many_leaves_tests.erl apache-couchdb-2.0.0/src/couch_replicator/test/couch_replicator_many_leaves_tests.erl --- apache-couchdb-2.0.0.orig/src/couch_replicator/test/couch_replicator_many_leaves_tests.erl 2016-09-01 21:59:13.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch_replicator/test/couch_replicator_many_leaves_tests.erl 2017-06-10 12:34:15.424290917 +0300 @@ -181,7 +181,7 @@ add_attachments(SourceDb, NumAtts, [{Do NewDocs = lists:foldl( fun(#doc{atts = Atts, revs = {Pos, [Rev | _]}} = Doc, Acc) -> NewAtts = lists:foldl(fun(I, AttAcc) -> - AttData = crypto:rand_bytes(100), + AttData = crypto:strong_rand_bytes(100), NewAtt = couch_att:new([ {name, ?io2b(["att_", ?i2l(I), "_", couch_doc:rev_to_str({Pos, Rev})])}, diff -upr apache-couchdb-2.0.0.orig/src/couch_replicator/test/couch_replicator_missing_stubs_tests.erl apache-couchdb-2.0.0/src/couch_replicator/test/couch_replicator_missing_stubs_tests.erl --- apache-couchdb-2.0.0.orig/src/couch_replicator/test/couch_replicator_missing_stubs_tests.erl 2016-09-01 21:59:13.000000000 +0300 +++ apache-couchdb-2.0.0/src/couch_replicator/test/couch_replicator_missing_stubs_tests.erl 2017-06-10 12:34:15.424290917 +0300 @@ -114,7 +114,7 @@ should_update_source_docs(Source, Times) populate_db(DbName) -> {ok, Db} = couch_db:open_int(DbName, []), - AttData = crypto:rand_bytes(6000), + AttData = crypto:strong_rand_bytes(6000), Doc = #doc{ id = <<"doc1">>, atts = [ @@ -146,7 +146,7 @@ db_fold_fun(FullDocInfo, {DbName, Times} {ok, Db2} = couch_db:reopen(Db), NewDocVersion = Doc#doc{ revs = {Pos, [RevId]}, - body = {[{<<"value">>, base64:encode(crypto:rand_bytes(100))}]} + body = {[{<<"value">>, base64:encode(crypto:strong_rand_bytes(100))}]} }, {ok, NewRev} = couch_db:update_doc(Db2, NewDocVersion, []), NewRev diff -upr apache-couchdb-2.0.0.orig/src/ddoc_cache/src/ddoc_cache_util.erl apache-couchdb-2.0.0/src/ddoc_cache/src/ddoc_cache_util.erl --- apache-couchdb-2.0.0.orig/src/ddoc_cache/src/ddoc_cache_util.erl 2015-08-23 13:29:24.000000000 +0300 +++ apache-couchdb-2.0.0/src/ddoc_cache/src/ddoc_cache_util.erl 2017-06-10 12:34:15.424290917 +0300 @@ -19,7 +19,7 @@ new_uuid() -> - to_hex(crypto:rand_bytes(16), []). + to_hex(crypto:strong_rand_bytes(16), []). to_hex(<<>>, Acc) -> diff -upr apache-couchdb-2.0.0.orig/src/mochiweb/src/mochiweb_multipart.erl apache-couchdb-2.0.0/src/mochiweb/src/mochiweb_multipart.erl --- apache-couchdb-2.0.0.orig/src/mochiweb/src/mochiweb_multipart.erl 2015-09-09 07:24:59.000000000 +0300 +++ apache-couchdb-2.0.0/src/mochiweb/src/mochiweb_multipart.erl 2017-06-10 12:34:15.434291195 +0300 @@ -56,7 +56,7 @@ parts_to_body([{Start, End, Body}], Cont {HeaderList, Body}; parts_to_body(BodyList, ContentType, Size) when is_list(BodyList) -> parts_to_multipart_body(BodyList, ContentType, Size, - mochihex:to_hex(crypto:rand_bytes(8))). + mochihex:to_hex(crypto:strong_rand_bytes(8))). %% @spec parts_to_multipart_body([bodypart()], ContentType::string(), %% Size::integer(), Boundary::string()) -> diff -upr apache-couchdb-2.0.0.orig/src/mochiweb/src/mochiweb_session.erl apache-couchdb-2.0.0/src/mochiweb/src/mochiweb_session.erl --- apache-couchdb-2.0.0.orig/src/mochiweb/src/mochiweb_session.erl 2015-09-09 07:24:59.000000000 +0300 +++ apache-couchdb-2.0.0/src/mochiweb/src/mochiweb_session.erl 2017-06-10 12:34:15.424290917 +0300 @@ -122,7 +122,7 @@ ensure_binary(L) when is_list(L) -> -ifdef(crypto_compatibility). -spec encrypt_data(binary(), binary()) -> binary(). encrypt_data(Data, Key) -> - IV = crypto:rand_bytes(16), + IV = crypto:strong_rand_bytes(16), Crypt = crypto:aes_cfb_128_encrypt(Key, IV, Data), <>. @@ -141,7 +141,7 @@ gen_hmac(ExpirationTime, Data, SessionKe -else. -spec encrypt_data(binary(), binary()) -> binary(). encrypt_data(Data, Key) -> - IV = crypto:rand_bytes(16), + IV = crypto:strong_rand_bytes(16), Crypt = crypto:block_encrypt(aes_cfb128, Key, IV, Data), <>. diff -upr apache-couchdb-2.0.0.orig/src/mochiweb/test/mochiweb_tests.erl apache-couchdb-2.0.0/src/mochiweb/test/mochiweb_tests.erl --- apache-couchdb-2.0.0.orig/src/mochiweb/test/mochiweb_tests.erl 2015-09-09 07:24:59.000000000 +0300 +++ apache-couchdb-2.0.0/src/mochiweb/test/mochiweb_tests.erl 2017-06-10 12:34:15.424290917 +0300 @@ -155,7 +155,7 @@ do_POST(Transport, Size, Times) -> end, TestReqs = [begin Path = "/stuff/" ++ integer_to_list(N), - Body = crypto:rand_bytes(Size), + Body = crypto:strong_rand_bytes(Size), #treq{path=Path, body=Body, xreply=Body} end || N <- lists:seq(1, Times)], ClientFun = new_client_fun('POST', TestReqs), diff -upr apache-couchdb-2.0.0.orig/src/oauth/src/oauth.erl apache-couchdb-2.0.0/src/oauth/src/oauth.erl --- apache-couchdb-2.0.0.orig/src/oauth/src/oauth.erl 2015-09-23 21:36:52.000000000 +0300 +++ apache-couchdb-2.0.0/src/oauth/src/oauth.erl 2017-06-10 12:34:15.427624343 +0300 @@ -77,7 +77,7 @@ signature_params(Consumer, Params, Token signature_params(Consumer, Params) -> Timestamp = unix_timestamp(), - Nonce = base64:encode_to_string(crypto:rand_bytes(32)), % cf. ruby-oauth + Nonce = base64:encode_to_string(crypto:strong_rand_bytes(32)), % cf. ruby-oauth [ {"oauth_version", "1.0"} , {"oauth_nonce", Nonce} , {"oauth_timestamp", integer_to_list(Timestamp)} diff -upr apache-couchdb-2.0.0.orig/src/snappy/README.md apache-couchdb-2.0.0/src/snappy/README.md --- apache-couchdb-2.0.0.orig/src/snappy/README.md 2016-07-14 18:02:11.000000000 +0300 +++ apache-couchdb-2.0.0/src/snappy/README.md 2017-06-10 12:34:15.424290917 +0300 @@ -79,7 +79,7 @@ true 17> 17> crypto:start(). ok -18> Large = base64:encode(crypto:rand_bytes(100 * 1024)). +18> Large = base64:encode(crypto:strong_rand_bytes(100 * 1024)). <<"72GMvPLuWJLJeYSlNm9oNkYkbjTeSBDgTrqamQ/zgj7hcUge1co6LvldJyitKPZkMPQGnrN98EyqSyWto3k7ShNgiNc05Gt4zdXSbTVSDzeID661DnJX"...>> 19> 19> timer:tc(snappy, compress, [Large]).