upstream commit

replace two arc4random loops with arc4random_buf ok deraadt natano Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48
author: tedu@openbsd.org <tedu@openbsd.org> 2016-09-17 18:00:27 +0000
committer: Damien Miller <djm@mindrot.org> 2016-09-21 11:03:55 +1000
commit: 1036356324fecc13099ac6e986b549f6219327d7 (patch)
tree: fbbfd350f14d5d3976f6aa10958300741fa860b3 /hostfile.c
parent: 00df97ff68a49a756d4b977cd02283690f5dfa34 (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/hostfile.c b/hostfile.c
index 2850a4793..4548fbab3 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.66 2015/05/04 06:10:48 djm Exp $ */
+/* $OpenBSD: hostfile.c,v 1.67 2016/09/17 18:00:27 tedu Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -123,14 +123,13 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
        u_char salt[256], result[256];
        char uu_salt[512], uu_result[512];
        static char encoded[1024];
-        u_int i, len;
+        u_int len;
        len = ssh_digest_bytes(SSH_DIGEST_SHA1);
        if (name_from_hostfile == NULL) {
                /* Create new salt */
-                for (i = 0; i < len; i++)
+                arc4random_buf(salt, len);
-                        salt[i] = arc4random();
        } else {
                /* Extract salt from known host entry */
                if (extract_salt(name_from_hostfile, src_len, salt,
author	tedu@openbsd.org <tedu@openbsd.org>	2016-09-17 18:00:27 +0000
committer	Damien Miller <djm@mindrot.org>	2016-09-21 11:03:55 +1000
commit	1036356324fecc13099ac6e986b549f6219327d7 (patch)
tree	fbbfd350f14d5d3976f6aa10958300741fa860b3 /hostfile.c
parent	00df97ff68a49a756d4b977cd02283690f5dfa34 (diff)