diff options
| author |   tedu <tedu@openbsd.org> | 2014-04-19 14:53:48 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2014-04-19 14:53:48 +0000 |
| commit | 0ceae45e5de5b80105a62918bacf6cd88694bee4 (patch) | |
| tree | 691f2aa27888a4177b0c1c2419a3fbedfb9f9968 /usr.bin/ssh | |
| parent | sigh, another driver fiddling with altq outside #ifdef ALTQ (diff) | |
| download | wireguard-openbsd-0ceae45e5de5b80105a62918bacf6cd88694bee4.tar.xz wireguard-openbsd-0ceae45e5de5b80105a62918bacf6cd88694bee4.zip | |
Delete futile calls to RAND_seed. ok djm
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/ssh-keysign.c | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.c | 22 |
2 files changed, 2 insertions, 26 deletions
diff --git a/usr.bin/ssh/ssh-keysign.c b/usr.bin/ssh/ssh-keysign.c index 9bba7410f7b..96de058f85e 100644 --- a/usr.bin/ssh/ssh-keysign.c +++ b/usr.bin/ssh/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.40 2014/04/01 02:05:27 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.41 2014/04/19 14:53:48 tedu Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -26,7 +26,6 @@ #include <sys/types.h> #include <openssl/evp.h> -#include <openssl/rand.h> #include <openssl/rsa.h> #include <fcntl.h> @@ -152,7 +151,6 @@ main(int argc, char **argv) u_char *signature, *data; char *host, *fp; u_int slen, dlen; - u_int32_t rnd[256]; /* Ensure that stdin and stdout are connected */ if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) @@ -194,8 +192,6 @@ main(int argc, char **argv) fatal("could not open any host key"); OpenSSL_add_all_algorithms(); - arc4random_buf(rnd, sizeof(rnd)); - RAND_seed(rnd, sizeof(rnd)); found = 0; for (i = 0; i < NUM_KEYTYPES; i++) { diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index cf013ee5af7..0e1c1d37bab 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.424 2014/04/18 23:52:25 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.425 2014/04/19 14:53:48 tedu Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -64,7 +64,6 @@ #include <openssl/dh.h> #include <openssl/bn.h> -#include <openssl/rand.h> #include "xmalloc.h" #include "ssh.h" @@ -584,7 +583,6 @@ demote_sensitive_data(void) static void privsep_preauth_child(void) { - u_int32_t rnd[256]; gid_t gidset[1]; struct passwd *pw; @@ -597,10 +595,6 @@ privsep_preauth_child(void) ssh_gssapi_prepare_supported_oids(); #endif - arc4random_buf(rnd, sizeof(rnd)); - RAND_seed(rnd, sizeof(rnd)); - explicit_bzero(rnd, sizeof(rnd)); - /* Demote the private keys to public keys. */ demote_sensitive_data(); @@ -702,7 +696,6 @@ privsep_preauth(Authctxt *authctxt) static void privsep_postauth(Authctxt *authctxt) { - u_int32_t rnd[256]; if (authctxt->pw->pw_uid == 0 || options.use_login) { /* File descriptor passing is broken or root login */ @@ -733,10 +726,6 @@ privsep_postauth(Authctxt *authctxt) /* Demote the private keys to public keys. */ demote_sensitive_data(); - arc4random_buf(rnd, sizeof(rnd)); - RAND_seed(rnd, sizeof(rnd)); - explicit_bzero(rnd, sizeof(rnd)); - /* Drop privileges */ do_setusercontext(authctxt->pw); @@ -1117,7 +1106,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) struct sockaddr_storage from; socklen_t fromlen; pid_t pid; - u_char rnd[256]; /* setup fd set for accept */ fdset = NULL; @@ -1309,14 +1297,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) } close(*newsock); - - /* - * Ensure that our random state differs - * from that of the child - */ - arc4random_buf(rnd, sizeof(rnd)); - RAND_seed(rnd, sizeof(rnd)); - explicit_bzero(rnd, sizeof(rnd)); } /* child process check (or debug mode) */ |