--- wpa_supplicant-0.6.4/src/utils/os_unix.c.bak	2008-08-10 20:33:12.000000000 +0300
+++ wpa_supplicant-0.6.4/src/utils/os_unix.c	2008-10-06 21:23:28.388802551 +0300
@@ -108,17 +108,19 @@ void os_daemonize_terminate(const char *
 
 int os_get_random(unsigned char *buf, size_t len)
 {
-	FILE *f;
+	static FILE *f = NULL;
 	size_t rc;
 
-	f = fopen("/dev/urandom", "rb");
 	if (f == NULL) {
-		printf("Could not open /dev/urandom.\n");
-		return -1;
+		f = fopen("/dev/urandom", "rb");
+		if (f == NULL) {
+			printf("Could not open /dev/urandom.\n");
+			fflush(stdout);
+			return -1;
+		}
 	}
 
 	rc = fread(buf, 1, len, f);
-	fclose(f);
 
 	return rc != len ? -1 : 0;
 }
@@ -126,7 +128,11 @@ int os_get_random(unsigned char *buf, si
 
 unsigned long os_random(void)
 {
-	return random();
+	unsigned long tmprnd;
+
+	if (os_get_random(&tmprnd, sizeof(tmprnd)) == -1)
+		return random(); /* Predictable since srandom not called */
+	return tmprnd;
 }
 
 
--- wpa_supplicant-0.6.4/src/utils/os_internal.c.bak	2008-08-10 20:33:12.000000000 +0300
+++ wpa_supplicant-0.6.4/src/utils/os_internal.c	2008-10-06 21:23:07.412804564 +0300
@@ -98,25 +98,31 @@ void os_daemonize_terminate(const char *
 
 int os_get_random(unsigned char *buf, size_t len)
 {
-	FILE *f;
+	FILE *f = NULL;
 	size_t rc;
 
-	f = fopen("/dev/urandom", "rb");
 	if (f == NULL) {
-		printf("Could not open /dev/urandom.\n");
-		return -1;
+		f = fopen("/dev/urandom", "rb");
+		if (f == NULL) {
+			printf("Could not open /dev/urandom.\n");
+			fflush(stdout);
+			return -1;
+		}
 	}
 
-	rc = fread(buf, 1, len, f);
-	fclose(f);
+        rc = fread(buf, 1, len, f);
 
-	return rc != len ? -1 : 0;
+        return rc != len ? -1 : 0;
 }
 
 
 unsigned long os_random(void)
 {
-	return random();
+	unsigned long tmprnd;
+
+	if (os_get_random(&tmprnd, sizeof(tmprnd)) == -1)
+		return random(); /* Predictable since srandom not called */
+        return tmprnd;
 }
 
 
--- wpa_supplicant-0.6.4/src/drivers/driver_ndis.c.bak	2008-08-10 20:33:12.000000000 +0300
+++ wpa_supplicant-0.6.4/src/drivers/driver_ndis.c	2008-10-06 21:27:12.403804017 +0300
@@ -674,7 +674,7 @@ static int wpa_driver_ndis_disconnect(st
 	char ssid[32];
 	int i;
 	for (i = 0; i < 32; i++)
-		ssid[i] = rand() & 0xff;
+		ssid[i] = os_random() & 0xff;
 	return wpa_driver_ndis_set_ssid(drv, ssid, 32);
 }
 
--- wpa_supplicant-0.6.4/src/eap_server/eap.c.bak	2008-08-10 20:33:12.000000000 +0300
+++ wpa_supplicant-0.6.4/src/eap_server/eap.c	2008-10-06 21:27:54.115802856 +0300
@@ -910,7 +910,7 @@ static int eap_sm_nextId(struct eap_sm *
 	if (id < 0) {
 		/* RFC 3748 Ch 4.1: recommended to initialize Identifier with a
 		 * random number */
-		id = rand() & 0xff;
+		id = os_random() & 0xff;
 		if (id != sm->lastId)
 			return id;
 	}