diff options
| author |   deraadt <deraadt@openbsd.org> | 2014-01-21 23:54:50 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2014-01-21 23:54:50 +0000 |
| commit | 16cbb267d619e7d83852dd7fc3c314d556489e52 (patch) | |
| tree | d480c0878be78aa23e88e03c2bf92712efa77581 /usr.sbin/pppd | |
| parent | add missing arguments to debug printfs (diff) | |
| download | wireguard-openbsd-16cbb267d619e7d83852dd7fc3c314d556489e52.tar.xz wireguard-openbsd-16cbb267d619e7d83852dd7fc3c314d556489e52.zip | |
use arc4random for chap generation; ok tedu
Diffstat (limited to 'usr.sbin/pppd')
| -rw-r--r-- | usr.sbin/pppd/chap.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/usr.sbin/pppd/chap.c b/usr.sbin/pppd/chap.c index 4937dcb9f3d..649defbad06 100644 --- a/usr.sbin/pppd/chap.c +++ b/usr.sbin/pppd/chap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chap.c,v 1.15 2014/01/21 22:56:31 jsg Exp $ */ +/* $OpenBSD: chap.c,v 1.16 2014/01/21 23:54:50 deraadt Exp $ */ /* * chap.c - Challenge Handshake Authentication Protocol. @@ -763,18 +763,17 @@ ChapGenChallenge(cstate) u_char *ptr = cstate->challenge; unsigned int i; - /* pick a random challenge length between MIN_CHALLENGE_LENGTH and - MAX_CHALLENGE_LENGTH */ - chal_len = (unsigned) ((drand48() * - (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) + - MIN_CHALLENGE_LENGTH); + /* pick a random challenge length >= MIN_CHALLENGE_LENGTH and + <= MAX_CHALLENGE_LENGTH */ + chal_len = MIN_CHALLENGE_LENGTH + + arc4random_uniform(MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH + 1); + cstate->chal_len = chal_len; cstate->chal_id = ++cstate->id; cstate->chal_transmits = 0; /* generate a random string */ - for (i = 0; i < chal_len; i++ ) - *ptr++ = (char) (drand48() * 0xff); + arc4random_buf(cstate->challenge, chal_len); } /* |