src - OpenBSD base system

diff options


context:
space:
mode:

author	Theo de Raadt <deraadt@cvs.openbsd.org>	2000-01-08 04:49:23 +0000
committer	Theo de Raadt <deraadt@cvs.openbsd.org>	2000-01-08 04:49:23 +0000
commit	2016a99ce5ca99a6be308b191605c6f6535b5d74 (patch)
tree	38b1c77bf214620037183c0579713c192e267baf
parent	a651700ddcde2cae5be144af6f6bf2c71b2caf85 (diff)

use arc4random() instead of random for two reasons.

1) on some architectures, random() should only be used by the scheduler (ie. statintr() because it is uniformly distributed 2) arc4random() is actually strong, random() is not at all

Diffstat

-rw-r--r--

sys/netinet6/frag6.c

-rw-r--r--

sys/netinet6/ip6_input.c

-rw-r--r--

sys/netinet6/mld6_var.h

-rw-r--r--

sys/netinet6/nd6.h

-rw-r--r--

sys/netinet6/nd6_nbr.c

5 files changed, 11 insertions, 25 deletions

diff --git a/sys/netinet6/frag6.c b/sys/netinet6/frag6.c
index d107932d352..3e78c8d8eb3 100644
--- a/sys/netinet6/frag6.c
+++ b/sys/netinet6/frag6.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: frag6.c,v 1.2 1999/12/10 10:04:27 angelos Exp $ */

+/* $OpenBSD: frag6.c,v 1.3 2000/01/08 04:49:22 deraadt Exp $ */

@@ -75,15 +75,8 @@ struct ip6q ip6q; /* ip6 reassemble queue */

void

frag6_init()

{

- struct timeval tv;

- /*

- * in many cases, random() here does NOT return random number

- * as initialization during bootstrap time occur in fixed order.

- */

- microtime(&tv);

ip6q.ip6q_next = ip6q.ip6q_prev = &ip6q;

- ip6_id = random() ^ tv.tv_usec;

+ ip6_id = arc4random();

}

diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c
index be52f650ed8..3626d80c472 100644
--- a/sys/netinet6/ip6_input.c
+++ b/sys/netinet6/ip6_input.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip6_input.c,v 1.6 2000/01/06 02:52:51 itojun Exp $ */

+/* $OpenBSD: ip6_input.c,v 1.7 2000/01/08 04:49:22 deraadt Exp $ */

@@ -156,7 +156,6 @@ ip6_init()

{

- struct timeval tv;

pr = (struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW);

if (pr == 0)

@@ -174,13 +173,7 @@ ip6_init()

#ifdef IPV6FIREWALL

ip6_fw_init();

#endif

- /*

- * in many cases, random() here does NOT return random number

- * as initialization during bootstrap time occur in fixed order.

- */

- microtime(&tv);

- ip6_flow_seq = random() ^ tv.tv_usec;

+ ip6_flow_seq = arc4random();

ip6_init2((void *)0);

}

diff --git a/sys/netinet6/mld6_var.h b/sys/netinet6/mld6_var.h
index a43cd5d1e45..b77b6927fd4 100644
--- a/sys/netinet6/mld6_var.h
+++ b/sys/netinet6/mld6_var.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: mld6_var.h,v 1.1 1999/12/08 06:50:23 itojun Exp $ */

+/* $OpenBSD: mld6_var.h,v 1.2 2000/01/08 04:49:22 deraadt Exp $ */

@@ -34,7 +34,7 @@

#ifdef _KERNEL

-#define MLD6_RANDOM_DELAY(X) (random() % (X) + 1)

+#define MLD6_RANDOM_DELAY(X) (arc4random() % (X) + 1)

* States for MLD stop-listening processing

diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h
index d61d9c8af6b..fcc70b0054d 100644
--- a/sys/netinet6/nd6.h
+++ b/sys/netinet6/nd6.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: nd6.h,v 1.1 1999/12/08 06:50:23 itojun Exp $ */

+/* $OpenBSD: nd6.h,v 1.2 2000/01/08 04:49:22 deraadt Exp $ */

@@ -121,7 +121,7 @@ struct in6_ndireq {

#define MIN_RANDOM_FACTOR 512 /* 1024 * 0.5 */

#define MAX_RANDOM_FACTOR 1536 /* 1024 * 1.5 */

#define ND_COMPUTE_RTIME(x) \

- (((MIN_RANDOM_FACTOR * (x >> 10)) + (random() & \

+ (((MIN_RANDOM_FACTOR * (x >> 10)) + (arc4random() & \

((MAX_RANDOM_FACTOR - MIN_RANDOM_FACTOR) * (x >> 10)))) /1000)

struct nd_defrouter {

diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c
index d525fb37702..444548e60fd 100644
--- a/sys/netinet6/nd6_nbr.c
+++ b/sys/netinet6/nd6_nbr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: nd6_nbr.c,v 1.5 1999/12/15 07:08:00 itojun Exp $ */

+/* $OpenBSD: nd6_nbr.c,v 1.6 2000/01/08 04:49:22 deraadt Exp $ */

@@ -937,9 +937,9 @@ nd6_dad_start(ifa, tick)

int ntick;

if (*tick == 0)

- ntick = random() % (MAX_RTR_SOLICITATION_DELAY * hz);

+ ntick = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);

else

- ntick = *tick + random() % (hz / 2);

+ ntick = *tick + arc4random() % (hz / 2);

*tick = ntick;

timeout((void (*) __P((void *)))nd6_dad_timer, (void *)ifa,

ntick);