2 files changed, 14 insertions, 6 deletions

diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c
index c22b0ce..424e8dd 100644
--- a/modules/pam_securetty/pam_securetty.c
+++ b/modules/pam_securetty/pam_securetty.c
@@ -42,7 +42,8 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags,
 		return (PAM_SUCCESS);
 	}
 
-	if ( (pam_err = pam_get_item(pamh, PAM_TTY,(void *) &tty) ) != PAM_SUCCESS ) { 
+	if ( (pam_err = pam_get_item(pamh, PAM_TTY,(void *) &tty) ) != PAM_SUCCESS ) {
+		PAM_ERROR("Could not determine user's tty");
 		return (pam_err);
 	}	
 
@@ -55,7 +56,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags,
 	if ( stat(SECURETTY, &ttyfileinfo) ) { 
 		PAM_ERROR("Could not open SECURETTY file :%s", SECURETTY);
 		/* From LinuxPAM, they say that for compatibility issues, 
-		 * this needs to succeed. Who am I to judge... */
+		 * this needs to succeed. */
 		return (PAM_SUCCESS);
 	}
 
diff --git a/modules/pam_unix/md5.c b/modules/pam_unix/md5.c
index 94d3dd4..6732b06 100644
--- a/modules/pam_unix/md5.c
+++ b/modules/pam_unix/md5.c
@@ -16,6 +16,9 @@
  */
 
 #include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -394,14 +397,18 @@ static void to64(char *s, long v, int n) {
 
 /* Salt suitable for traditional DES and MD5 */
 void makesalt(char salt[SALTSIZE]) {
-	        int i;
+	        int i,fd;
+		unsigned char tmp;
 		/* These are not really random numbers, they are just
 		 * numbers that change to thwart construction of a
 		 * dictionary. This is exposed to the public.
 		 */
-		
-		for (i = 0; i < SALTSIZE; i += 4)
-			to64(&salt[i], random(), 4);
+		fd = open("/dev/urandom", O_RDONLY);
+		for (i = 0; i < SALTSIZE; i += 1) {
+			read (fd, &tmp, sizeof(char) );
+			to64(&salt[i], tmp, 1);
+		}
+		close(fd);
 
 		salt[SALTSIZE] = '\0';
 }