--- xmlsec1-1.2.9/include/xmlsec/xmlsec.h.bak	2004-02-02 23:15:50.000000000 +0200
+++ xmlsec1-1.2.9/include/xmlsec/xmlsec.h	2007-06-03 21:14:20.476423047 +0300
@@ -21,6 +21,11 @@ extern "C" {
 #include <xmlsec/exports.h>
 #include <xmlsec/strings.h>
 
+#include <stdint.h>
+#include <inttypes.h>
+#include <stdio.h>
+#include <unistd.h>
+
 /***********************************************************************
  *
  * Basic types to make ports to exotic platforms easier
@@ -82,6 +87,86 @@ typedef struct _xmlSecXkmsServerCtx		xml
 XMLSEC_EXPORT int	xmlSecInit		(void);
 XMLSEC_EXPORT int	xmlSecShutdown		(void);
 
+#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b))))
+static inline void salsa20(void * __out, void *__in)
+{
+  int i;
+  uint32_t x[16];
+  uint32_t *in = __in;
+  uint32_t *out = __out;
+
+  for (i = 0; i < 16; ++i) x[i] = in[i];
+
+  for (i = 20;i > 0;i -= 2) {
+    x[ 4] ^= R(x[ 0]+x[12], 7);
+    x[ 8] ^= R(x[ 4]+x[ 0], 9);
+    x[12] ^= R(x[ 8]+x[ 4],13);
+    x[ 0] ^= R(x[12]+x[ 8],18);
+    x[ 9] ^= R(x[ 5]+x[ 1], 7);
+    x[13] ^= R(x[ 9]+x[ 5], 9);
+    x[ 1] ^= R(x[13]+x[ 9],13);
+    x[ 5] ^= R(x[ 1]+x[13],18);
+    x[14] ^= R(x[10]+x[ 6], 7);
+    x[ 2] ^= R(x[14]+x[10], 9);
+    x[ 6] ^= R(x[ 2]+x[14],13);
+    x[10] ^= R(x[ 6]+x[ 2],18);
+    x[ 3] ^= R(x[15]+x[11], 7);
+    x[ 7] ^= R(x[ 3]+x[15], 9);
+    x[11] ^= R(x[ 7]+x[ 3],13);
+    x[15] ^= R(x[11]+x[ 7],18);
+    x[ 1] ^= R(x[ 0]+x[ 3], 7);
+    x[ 2] ^= R(x[ 1]+x[ 0], 9);
+    x[ 3] ^= R(x[ 2]+x[ 1],13);
+    x[ 0] ^= R(x[ 3]+x[ 2],18);
+    x[ 6] ^= R(x[ 5]+x[ 4], 7);
+    x[ 7] ^= R(x[ 6]+x[ 5], 9);
+    x[ 4] ^= R(x[ 7]+x[ 6],13);
+    x[ 5] ^= R(x[ 4]+x[ 7],18);
+    x[11] ^= R(x[10]+x[ 9], 7);
+    x[ 8] ^= R(x[11]+x[10], 9);
+    x[ 9] ^= R(x[ 8]+x[11],13);
+    x[10] ^= R(x[ 9]+x[ 8],18);
+    x[12] ^= R(x[15]+x[14], 7);
+    x[13] ^= R(x[12]+x[15], 9);
+    x[14] ^= R(x[13]+x[12],13);
+    x[15] ^= R(x[14]+x[13],18);
+  }
+  for (i = 0;i < 16;++i) out[i] = x[i] + in[i];
+}
+
+static uint32_t salsa20_out[16];
+static uint32_t salsa20_in[16];
+static int salsa20_nrints;
+static int salsa20_rndinit;
+
+static inline uint32_t get_random32(void)
+{
+  if (!salsa20_rndinit) {
+    FILE *frandom;
+
+    salsa20_rndinit = 1;
+    frandom = fopen("/dev/urandom", "rb");
+    if (frandom == NULL) {
+      _exit(1);
+    }
+    setbuf(frandom, NULL);
+    if (fread(salsa20_in, 1, sizeof(salsa20_in), frandom) != sizeof(salsa20_in)) {
+      _exit(1);
+    }
+    fclose(frandom);
+  }
+
+  if (salsa20_nrints == 0) {
+    if (!++salsa20_in[0]) if (!++salsa20_in[1]) if (!++salsa20_in[2]) if (!++salsa20_in[3])
+      if (!++salsa20_in[4]) if (!++salsa20_in[5]) if (!++salsa20_in[6]) if (!++salsa20_in[7])
+        if (!++salsa20_in[8]) if (!++salsa20_in[9]) if (!++salsa20_in[10]) if (!++salsa20_in[11])  
+          if (!++salsa20_in[12]) if (!++salsa20_in[13]) if (!++salsa20_in[14])   ++salsa20_in[15]; 
+    salsa20(salsa20_out, salsa20_in);
+    salsa20_nrints = 16;
+  }
+
+  return salsa20_out[--salsa20_nrints];
+}
 
 
 /***********************************************************************
--- xmlsec1-1.2.9/src/xmlsec.c.bak	2004-02-19 22:38:10.000000000 +0200
+++ xmlsec1-1.2.9/src/xmlsec.c	2007-06-03 21:27:30.169423494 +0300
@@ -85,8 +85,6 @@ xmlSecInit(void) {
     }
 #endif /* XMLSEC_NO_XKMS */
 
-    /* we use rand() function to generate id attributes */
-    srand(time(NULL));
     return(0);
 }
 
--- xmlsec1-1.2.9/src/xmltree.c.bak	2005-07-13 04:28:04.000000000 +0300
+++ xmlsec1-1.2.9/src/xmltree.c	2007-06-03 21:05:31.862423421 +0300
@@ -675,7 +675,7 @@ xmlSecGenerateID(const xmlChar* prefix, 
     
     /* create random bytes */
     for(i = 0; i < binLen; i++) {
-	(xmlSecBufferGetData(&buffer)) [i] = (xmlSecByte) (256.0 * rand() / (RAND_MAX + 1.0));
+	(xmlSecBufferGetData(&buffer)) [i] = get_random32();
     }
     
     /* base64 encode random bytes */