diff options
| author |   tedu <tedu@openbsd.org> | 2016-09-17 18:00:27 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2016-09-17 18:00:27 +0000 |
| commit | d1dc7b8a404eb3953321de98df474752ba85616b (patch) | |
| tree | a0a91520c3f05d1fed7492b3a28a858c4f05edce | |
| parent | rename ddb/db_ctf.h to sys/ctf.h which is the expected location for the public (diff) | |
| download | wireguard-openbsd-d1dc7b8a404eb3953321de98df474752ba85616b.tar.xz wireguard-openbsd-d1dc7b8a404eb3953321de98df474752ba85616b.zip | |
replace two arc4random loops with arc4random_buf
ok deraadt natano
| -rw-r--r-- | usr.bin/ssh/clientloop.c | 15 | ||||
| -rw-r--r-- | usr.bin/ssh/hostfile.c | 7 |
2 files changed, 10 insertions, 12 deletions
diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index be1919258da..1aaa21c376c 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.287 2016/09/12 01:22:38 deraadt Exp $ */ +/* $OpenBSD: clientloop.c,v 1.288 2016/09/17 18:00:27 tedu Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -303,7 +303,7 @@ client_x11_get_proto(const char *display, const char *xauth_path, char xauthfile[PATH_MAX], xauthdir[PATH_MAX]; static char proto[512], data[512]; FILE *f; - int got_data = 0, generated = 0, do_unlink = 0, i, r; + int got_data = 0, generated = 0, do_unlink = 0, r; struct stat st; u_int now, x11_timeout_real; @@ -430,17 +430,16 @@ client_x11_get_proto(const char *display, const char *xauth_path, * for the local connection. */ if (!got_data) { - u_int32_t rnd = 0; + u_int8_t rnd[16]; + u_int i; logit("Warning: No xauth data; " "using fake authentication data for X11 forwarding."); strlcpy(proto, SSH_X11_PROTO, sizeof proto); - for (i = 0; i < 16; i++) { - if (i % 4 == 0) - rnd = arc4random(); + arc4random_buf(rnd, sizeof(rnd)); + for (i = 0; i < sizeof(rnd); i++) { snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", - rnd & 0xff); - rnd >>= 8; + rnd[i]); } } diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c index 1f225cad63e..79f43734d14 100644 --- a/usr.bin/ssh/hostfile.c +++ b/usr.bin/ssh/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.66 2015/05/04 06:10:48 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.67 2016/09/17 18:00:27 tedu Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -120,14 +120,13 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) u_char salt[256], result[256]; char uu_salt[512], uu_result[512]; static char encoded[1024]; - u_int i, len; + u_int len; len = ssh_digest_bytes(SSH_DIGEST_SHA1); if (name_from_hostfile == NULL) { /* Create new salt */ - for (i = 0; i < len; i++) - salt[i] = arc4random(); + arc4random_buf(salt, len); } else { /* Extract salt from known host entry */ if (extract_salt(name_from_hostfile, src_len, salt, |