diff options
| author | Martin Natano <natano@cvs.openbsd.org> | 2016-09-19 07:52:43 +0000 |
|---|---|---|
| committer | Martin Natano <natano@cvs.openbsd.org> | 2016-09-19 07:52:43 +0000 |
| commit | bb57261ecba4371a5f1b3b8d51ff92394b6cecea (patch) | |
| tree | e0524d2a952ddb29307342d8f10709eba0064dfd /usr.bin/ssh | |
| parent | 719cc22868240e4e0d1f5237736afc845bce894e (diff) | |
Replace two more arc4random() loops with arc4random_buf().
tweaks and ok dtucker
ok deraadt
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/channels.c | 18 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect1.c | 10 |
2 files changed, 9 insertions, 19 deletions
diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index 00e7e18a13c..d27fea9c233 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.352 2016/09/12 01:22:38 deraadt Exp $ */ +/* $OpenBSD: channels.c,v 1.353 2016/09/19 07:52:42 natano Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -4148,7 +4148,6 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp, char *new_data; int screen_number; const char *cp; - u_int32_t rnd = 0; if (x11_saved_display == NULL) x11_saved_display = xstrdup(disp); @@ -4169,23 +4168,20 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp, if (x11_saved_proto == NULL) { /* Save protocol name. */ x11_saved_proto = xstrdup(proto); - /* - * Extract real authentication data and generate fake data - * of the same length. - */ + + /* Extract real authentication data. */ x11_saved_data = xmalloc(data_len); - x11_fake_data = xmalloc(data_len); for (i = 0; i < data_len; i++) { if (sscanf(data + 2 * i, "%2x", &value) != 1) fatal("x11_request_forwarding: bad " "authentication data: %.100s", data); - if (i % 4 == 0) - rnd = arc4random(); x11_saved_data[i] = value; - x11_fake_data[i] = rnd & 0xff; - rnd >>= 8; } x11_saved_data_len = data_len; + + /* Generate fake data of the same length. */ + x11_fake_data = xmalloc(data_len); + arc4random_buf(x11_fake_data, data_len); x11_fake_data_len = data_len; } diff --git a/usr.bin/ssh/sshconnect1.c b/usr.bin/ssh/sshconnect1.c index 9a5a722a9e7..cbb6e384212 100644 --- a/usr.bin/ssh/sshconnect1.c +++ b/usr.bin/ssh/sshconnect1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect1.c,v 1.78 2015/11/15 22:26:49 jcs Exp $ */ +/* $OpenBSD: sshconnect1.c,v 1.79 2016/09/19 07:52:42 natano Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -504,7 +504,6 @@ ssh_kex(char *host, struct sockaddr *hostaddr) u_char cookie[8]; u_int supported_ciphers; u_int server_flags, client_flags; - u_int32_t rnd = 0; debug("Waiting for server public key."); @@ -563,12 +562,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) * random number, interpreted as a 32-byte key, with the least * significant 8 bits being the first byte of the key. */ - for (i = 0; i < 32; i++) { - if (i % 4 == 0) - rnd = arc4random(); - session_key[i] = rnd & 0xff; - rnd >>= 8; - } + arc4random_buf(session_key, sizeof(session_key)); /* * According to the protocol spec, the first byte of the session key |