New upstream release (7.1p2).

author: Colin Watson <cjwatson@debian.org> 2016-01-14 15:07:15 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-01-14 15:27:10 +0000
commit: 4810a3bdc4fe716b6ea91518e920785e4af83a26 (patch)
tree: 37a1d7f0ab88c9b3160d1dc35642c4f050f00662 /sshd.c
parent: 384abfcda5999e864f1de256f90e4479ccbeabd5 (diff)
parent: 003a875a474100d250b6643270ef3874da6591d8 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/sshd.c b/sshd.c
index 19ee92b27..366ae92a2 100644
--- a/sshd.c
+++ b/sshd.c
@@ -640,6 +640,8 @@ privsep_preauth_child(void)
        arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
        RAND_seed(rnd, sizeof(rnd));
+        if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+                fatal("%s: RAND_bytes failed", __func__);
 #endif
        explicit_bzero(rnd, sizeof(rnd));
@@ -783,6 +785,8 @@ privsep_postauth(Authctxt *authctxt)
        arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
        RAND_seed(rnd, sizeof(rnd));
+        if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+                fatal("%s: RAND_bytes failed", __func__);
 #endif
        explicit_bzero(rnd, sizeof(rnd));
@@ -1452,6 +1456,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                        arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
                        RAND_seed(rnd, sizeof(rnd));
+                        if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+                                fatal("%s: RAND_bytes failed", __func__);
 #endif
                        explicit_bzero(rnd, sizeof(rnd));
                }
author	Colin Watson <cjwatson@debian.org>	2016-01-14 15:07:15 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-01-14 15:27:10 +0000
commit	4810a3bdc4fe716b6ea91518e920785e4af83a26 (patch)
tree	37a1d7f0ab88c9b3160d1dc35642c4f050f00662 /sshd.c
parent	384abfcda5999e864f1de256f90e4479ccbeabd5 (diff)
parent	003a875a474100d250b6643270ef3874da6591d8 (diff)