Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().

arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
author: jsing <jsing@openbsd.org> 2014-10-22 13:02:03 +0000
committer: jsing <jsing@openbsd.org> 2014-10-22 13:02:03 +0000
commit: ef624301d95e1d2367e46a80103e7ba867cb892f (patch)
tree: e7fb573ba5a2197cf6381ea6fe87308de30b6b53 /lib/libcrypto/rand/rand_lib.c
parent: Introduce a special hack for carp during IPv6 source address selection: (diff)
download: wireguard-openbsd-ef624301d95e1d2367e46a80103e7ba867cb892f.tar.xz
wireguard-openbsd-ef624301d95e1d2367e46a80103e7ba867cb892f.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libcrypto/rand/rand_lib.c b/lib/libcrypto/rand/rand_lib.c
index 2b2c8277408..8342a55f05d 100644
--- a/lib/libcrypto/rand/rand_lib.c
+++ b/lib/libcrypto/rand/rand_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rand_lib.c,v 1.19 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: rand_lib.c,v 1.20 2014/10/22 13:02:04 jsing Exp $ */
 /*
  * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
  *
@@ -15,12 +15,12 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#include <stdlib.h>
+
 #include <openssl/opensslconf.h>
 
 #include <openssl/rand.h>
 
-#include <stdlib.h>
-
 /*
  * The useful functions in this file are at the bottom.
  */
author	jsing <jsing@openbsd.org>	2014-10-22 13:02:03 +0000
committer	jsing <jsing@openbsd.org>	2014-10-22 13:02:03 +0000
commit	ef624301d95e1d2367e46a80103e7ba867cb892f (patch)
tree	e7fb573ba5a2197cf6381ea6fe87308de30b6b53 /lib/libcrypto/rand/rand_lib.c
parent	Introduce a special hack for carp during IPv6 source address selection: (diff)
download	wireguard-openbsd-ef624301d95e1d2367e46a80103e7ba867cb892f.tar.xz wireguard-openbsd-ef624301d95e1d2367e46a80103e7ba867cb892f.zip