diff options
author | natano@openbsd.org <natano@openbsd.org> | 2016-09-19 07:52:42 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-09-21 11:03:55 +1000 |
commit | 492710894acfcc2f173d14d1d45bd2e688df605d (patch) | |
tree | fd3f5579b3447829ded98734777aa5729dc3c149 /sshconnect1.c | |
parent | 1036356324fecc13099ac6e986b549f6219327d7 (diff) |
upstream commit
Replace two more arc4random() loops with
arc4random_buf().
tweaks and ok dtucker
ok deraadt
Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
Diffstat (limited to 'sshconnect1.c')
-rw-r--r-- | sshconnect1.c | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/sshconnect1.c b/sshconnect1.c index bfc523bde..a04536184 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect1.c,v 1.78 2015/11/15 22:26:49 jcs Exp $ */ | 1 | /* $OpenBSD: sshconnect1.c,v 1.79 2016/09/19 07:52:42 natano Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -509,7 +509,6 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
509 | u_char cookie[8]; | 509 | u_char cookie[8]; |
510 | u_int supported_ciphers; | 510 | u_int supported_ciphers; |
511 | u_int server_flags, client_flags; | 511 | u_int server_flags, client_flags; |
512 | u_int32_t rnd = 0; | ||
513 | 512 | ||
514 | debug("Waiting for server public key."); | 513 | debug("Waiting for server public key."); |
515 | 514 | ||
@@ -568,12 +567,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
568 | * random number, interpreted as a 32-byte key, with the least | 567 | * random number, interpreted as a 32-byte key, with the least |
569 | * significant 8 bits being the first byte of the key. | 568 | * significant 8 bits being the first byte of the key. |
570 | */ | 569 | */ |
571 | for (i = 0; i < 32; i++) { | 570 | arc4random_buf(session_key, sizeof(session_key)); |
572 | if (i % 4 == 0) | ||
573 | rnd = arc4random(); | ||
574 | session_key[i] = rnd & 0xff; | ||
575 | rnd >>= 8; | ||
576 | } | ||
577 | 571 | ||
578 | /* | 572 | /* |
579 | * According to the protocol spec, the first byte of the session key | 573 | * According to the protocol spec, the first byte of the session key |