From 0a4d2bbd9c07bdaa5979941b5483cebb7419f7a0 Mon Sep 17 00:00:00 2001
From: "Mike A. Owens" <mike@meter.md>
Date: Mon, 23 Sep 2019 19:24:09 -0400
Subject: Seed SipHash with 128-bit key

SipHash expects a 128-bit key, and we were indeed generating 128-bits,
but restricting them to hex characters 0-9a-f, effectively giving us
only 4 bits-per-byte of key material, and 64 bits overall.

Now, we skip the hex conversion and supply 128 bits of unfiltered
random data.
---
 src/server.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/server.c b/src/server.c
index 7882b0d99..fc9809b1c 100644
--- a/src/server.c
+++ b/src/server.c
@@ -4787,9 +4787,9 @@ int main(int argc, char **argv) {
     srand(time(NULL)^getpid());
     gettimeofday(&tv,NULL);
 
-    char hashseed[16];
-    getRandomHexChars(hashseed,sizeof(hashseed));
-    dictSetHashFunctionSeed((uint8_t*)hashseed);
+    uint8_t hashseed[16];
+    getRandomBytes(hashseed,sizeof(hashseed));
+    dictSetHashFunctionSeed(hashseed);
     server.sentinel_mode = checkForSentinelMode(argc,argv);
     initServerConfig();
     ACLInit(); /* The ACL subsystem must be initialized ASAP because the
-- 
cgit v1.2.1