diff options
| -rw-r--r-- | usr.sbin/npppd/common/slist.c | 3 | ||||
| -rw-r--r-- | usr.sbin/npppd/common/slist.h | 1 | ||||
| -rw-r--r-- | usr.sbin/npppd/l2tp/l2tpd.c | 6 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/chap.c | 33 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/lcp.c | 6 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/npppd.c | 30 | ||||
| -rw-r--r-- | usr.sbin/npppd/pppoe/pppoed.c | 8 | ||||
| -rw-r--r-- | usr.sbin/npppd/pptp/pptp_ctrl.c | 6 | ||||
| -rw-r--r-- | usr.sbin/npppd/pptp/pptpd.c | 8 |
9 files changed, 25 insertions, 76 deletions
diff --git a/usr.sbin/npppd/common/slist.c b/usr.sbin/npppd/common/slist.c index 0db46d63022..82583f8b237 100644 --- a/usr.sbin/npppd/common/slist.c +++ b/usr.sbin/npppd/common/slist.c @@ -427,7 +427,6 @@ slist_remove(slist *list, int idx) /** * Shuffle items. - * slist_shuffle() uses random(3). Call srandom(3) before use it. */ void slist_shuffle(slist *list) @@ -436,7 +435,7 @@ slist_shuffle(slist *list) len = slist_length(list); for (i = len; i > 1; i--) - slist_swap0(list, i - 1, (int)(random() % i)); + slist_swap0(list, i - 1, (int)(arc4random() % i)); } /** Init an iterator. Only one iterator exists. */ diff --git a/usr.sbin/npppd/common/slist.h b/usr.sbin/npppd/common/slist.h index 1c8a7c93723..756959f16ea 100644 --- a/usr.sbin/npppd/common/slist.h +++ b/usr.sbin/npppd/common/slist.h @@ -53,7 +53,6 @@ void *slist_remove_first (slist *); void *slist_remove_last (slist *); void slist_swap (slist *, int, int); void *slist_remove (slist *, int); -/* slist_shuffle() uses random(3), so call srandom(3) before use. */ void slist_shuffle (slist *); void slist_itr_first (slist *); int slist_itr_has_next (slist *); diff --git a/usr.sbin/npppd/l2tp/l2tpd.c b/usr.sbin/npppd/l2tp/l2tpd.c index 7f752226154..2fe1a279aa4 100644 --- a/usr.sbin/npppd/l2tp/l2tpd.c +++ b/usr.sbin/npppd/l2tp/l2tpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: l2tpd.c,v 1.12 2013/04/20 07:00:19 yasuoka Exp $ */ +/* $OpenBSD: l2tpd.c,v 1.13 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -26,7 +26,7 @@ * SUCH DAMAGE. */ /**@file L2TP(Layer Two Tunneling Protocol "L2TP") / RFC2661 */ -/* $Id: l2tpd.c,v 1.12 2013/04/20 07:00:19 yasuoka Exp $ */ +/* $Id: l2tpd.c,v 1.13 2013/04/20 23:32:32 yasuoka Exp $ */ #include <sys/types.h> #include <sys/socket.h> #include <sys/time.h> @@ -113,7 +113,7 @@ l2tpd_init(l2tpd *_this) __func__); return 1; } - off = random() % L2TP_SESSION_ID_MASK; + off = arc4random() % L2TP_SESSION_ID_MASK; for (i = 0; i < L2TP_NCALL; i++) { id = (i + off) % L2TP_SESSION_ID_MASK; if (id == 0) diff --git a/usr.sbin/npppd/npppd/chap.c b/usr.sbin/npppd/npppd/chap.c index 9265a3559b4..73aaf3e64e3 100644 --- a/usr.sbin/npppd/npppd/chap.c +++ b/usr.sbin/npppd/npppd/chap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chap.c,v 1.8 2012/09/18 13:14:08 yasuoka Exp $ */ +/* $OpenBSD: chap.c,v 1.9 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -36,7 +36,7 @@ * </ul></p> */ /* RFC 1994, 2433 */ -/* $Id: chap.c,v 1.8 2012/09/18 13:14:08 yasuoka Exp $ */ +/* $Id: chap.c,v 1.9 2013/04/20 23:32:32 yasuoka Exp $ */ #include <sys/types.h> #include <sys/param.h> #include <sys/socket.h> @@ -465,36 +465,11 @@ chap_response(chap *_this, int authok, u_char *pktp, int lpktp) static void chap_create_challenge(chap *_this) { - int i, lchal; - -#if 0 - lchal = (unsigned)(random() * - (MAX_CHALLENGE_LENGTH - MIN_CHALLENGE_LENGTH)) - + MIN_CHALLENGE_LENGTH; -#endif CHAP_ASSERT(_this->ppp->peer_auth == PPP_AUTH_CHAP_MS_V2 || _this->ppp->peer_auth == PPP_AUTH_CHAP_MD5); - lchal = 16; - -#ifdef HAVE_ARC4RANDOM - { - uint32_t r; - - r = 0; /* avoid gcc 3.3.3's -Wuninitialized warning */ - for (i = 0; i < lchal; i++) { - if (i % 4 == 0) - r = arc4random(); - _this->chall[i] = r & 0xff; - r >>= 8; - } - } -#else - for (i = 0; i < lchal; i++) - _this->chall[i] = random() & 0xff; -#endif - - _this->lchall = lchal; + _this->lchall = 16; + arc4random_buf(_this->chall, _this->lchall); } /*********************************************************************** diff --git a/usr.sbin/npppd/npppd/lcp.c b/usr.sbin/npppd/npppd/lcp.c index 12bdd0220b5..e52f481bc67 100644 --- a/usr.sbin/npppd/npppd/lcp.c +++ b/usr.sbin/npppd/npppd/lcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lcp.c,v 1.8 2012/09/18 13:14:08 yasuoka Exp $ */ +/* $OpenBSD: lcp.c,v 1.9 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: lcp.c,v 1.8 2012/09/18 13:14:08 yasuoka Exp $ */ +/* $Id: lcp.c,v 1.9 2013/04/20 23:32:32 yasuoka Exp $ */ /**@file * This file provides LCP related functions. *<pre> @@ -127,7 +127,7 @@ lcp_init(lcp *_this, npppd_ppp *ppp) _this->recv_ress = 0; _this->recv_reqs = 0; - _this->magic_number = ((0xffff & random()) << 16) | (0xffff & random()); + _this->magic_number = arc4random(); conf = ppp_get_tunnconf(ppp); PPP_FSM_CONFIG(&_this->fsm, timeouttime, conf->lcp_timeout); diff --git a/usr.sbin/npppd/npppd/npppd.c b/usr.sbin/npppd/npppd/npppd.c index a3ab6c71c03..d8d494159c6 100644 --- a/usr.sbin/npppd/npppd/npppd.c +++ b/usr.sbin/npppd/npppd/npppd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: npppd.c,v 1.29 2013/04/20 07:00:19 yasuoka Exp $ */ +/* $OpenBSD: npppd.c,v 1.30 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2005-2008,2009 Internet Initiative Japan Inc. @@ -29,7 +29,7 @@ * Next pppd(nppd). This file provides a npppd daemon process and operations * for npppd instance. * @author Yasuoka Masahiko - * $Id: npppd.c,v 1.29 2013/04/20 07:00:19 yasuoka Exp $ + * $Id: npppd.c,v 1.30 2013/04/20 23:32:32 yasuoka Exp $ */ #include "version.h" #include <sys/types.h> @@ -111,7 +111,6 @@ static void npppd_timer(int, short, void *); static void npppd_auth_finalizer_periodic(npppd *); static int rd2slist_walk (struct radish *, void *); static int rd2slist (struct radish_head *, slist *); -static inline void seed_random(long *); #ifndef NO_ROUTE_FOR_POOLED_ADDRESS static struct in_addr loop; /* initialize at npppd_init() */ @@ -280,11 +279,7 @@ npppd_init(npppd *_this, const char *config_file) /* we assume 4.4 compatible realpath(). See realpath(3) on BSD. */ NPPPD_ASSERT(_this->config_file[0] == '/'); - /* initialize random seeds */ - seed_random(&seed); - srandom(seed); - - _this->boot_id = (uint32_t)random(); + _this->boot_id = arc4random(); #ifdef USE_NPPPD_L2TP if (l2tpd_init(&_this->l2tpd) != 0) @@ -2261,25 +2256,6 @@ npppd_ppp_get_username_for_auth(npppd *_this, npppd_ppp *ppp, username_buffer); } -static inline void -seed_random(long *seed) -{ - struct timeval t; -#ifdef KERN_URND - size_t seedsiz; - int mib[] = { CTL_KERN, KERN_URND }; - - seedsiz = sizeof(*seed); - if (sysctl(mib, countof(mib), seed, &seedsiz, NULL, 0) == 0) { - NPPPD_ASSERT(seedsiz == sizeof(long)); - return; - } - log_printf(LOG_WARNING, "Could not set random seed from the system: %m"); -#endif - gettimeofday(&t, NULL); - *seed = gethostid() ^ t.tv_sec ^ t.tv_usec ^ getpid(); -} - const char * npppd_tunnel_protocol_name(int tunn_protocol) { diff --git a/usr.sbin/npppd/pppoe/pppoed.c b/usr.sbin/npppd/pppoe/pppoed.c index 08fc717df5f..d06b6947051 100644 --- a/usr.sbin/npppd/pppoe/pppoed.c +++ b/usr.sbin/npppd/pppoe/pppoed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pppoed.c,v 1.12 2013/04/16 07:27:36 yasuoka Exp $ */ +/* $OpenBSD: pppoed.c,v 1.13 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -28,7 +28,7 @@ /**@file * This file provides the PPPoE(RFC2516) server(access concentrator) * implementaion. - * $Id: pppoed.c,v 1.12 2013/04/16 07:27:36 yasuoka Exp $ + * $Id: pppoed.c,v 1.13 2013/04/20 23:32:32 yasuoka Exp $ */ #include <sys/types.h> #include <sys/param.h> @@ -140,12 +140,12 @@ pppoed_init(pppoed *_this) "ac-cookie hash create failed.", __func__); _this->acookie_hash = NULL; } - _this->acookie_next = random(); + _this->acookie_next = arc4random(); #if PPPOE_NSESSION > 0xffff #error PPPOE_NSESSION must be less than 65536 #endif - off = random() % 0xffff; + off = arc4random() % 0xffff; for (i = 0; i < PPPOE_NSESSION; i++) { id = (i + off) % 0xffff; if (id == 0) diff --git a/usr.sbin/npppd/pptp/pptp_ctrl.c b/usr.sbin/npppd/pptp/pptp_ctrl.c index a983b5051a1..a42e8635166 100644 --- a/usr.sbin/npppd/pptp/pptp_ctrl.c +++ b/usr.sbin/npppd/pptp/pptp_ctrl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pptp_ctrl.c,v 1.7 2012/09/18 13:14:08 yasuoka Exp $ */ +/* $OpenBSD: pptp_ctrl.c,v 1.8 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -29,7 +29,7 @@ * PPTP(RFC 2637) control connection implementation. * currently it only support PAC part */ -/* $Id: pptp_ctrl.c,v 1.7 2012/09/18 13:14:08 yasuoka Exp $ */ +/* $Id: pptp_ctrl.c,v 1.8 2013/04/20 23:32:32 yasuoka Exp $ */ #include <sys/types.h> #include <sys/param.h> #include <sys/socket.h> @@ -130,7 +130,7 @@ pptp_ctrl_init(pptp_ctrl *_this) } _this->last_rcv_ctrl = curr_time; _this->last_snd_ctrl = curr_time; - _this->echo_seq = (random() << 16 )| (random() & 0xffff); + _this->echo_seq = arc4random(); _this->echo_interval = PPTP_CTRL_DEFAULT_ECHO_INTERVAL; _this->echo_timeout = PPTP_CTRL_DEFAULT_ECHO_TIMEOUT; slist_init(&_this->call_list); diff --git a/usr.sbin/npppd/pptp/pptpd.c b/usr.sbin/npppd/pptp/pptpd.c index c4fceaedb0b..37969802d97 100644 --- a/usr.sbin/npppd/pptp/pptpd.c +++ b/usr.sbin/npppd/pptp/pptpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pptpd.c,v 1.17 2013/04/20 07:00:19 yasuoka Exp $ */ +/* $OpenBSD: pptpd.c,v 1.18 2013/04/20 23:32:32 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -25,12 +25,12 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: pptpd.c,v 1.17 2013/04/20 07:00:19 yasuoka Exp $ */ +/* $Id: pptpd.c,v 1.18 2013/04/20 23:32:32 yasuoka Exp $ */ /**@file * This file provides a implementation of PPTP daemon. Currently it * provides functions for PAC (PPTP Access Concentrator) only. - * $Id: pptpd.c,v 1.17 2013/04/20 07:00:19 yasuoka Exp $ + * $Id: pptpd.c,v 1.18 2013/04/20 23:32:32 yasuoka Exp $ */ #include <sys/types.h> #include <sys/param.h> @@ -122,7 +122,7 @@ pptpd_init(pptpd *_this) for (i = 0; i < countof(call) ; i++) call[i] = i + 1; for (i = countof(call); i > 1; i--) { - m = random() % i; + m = arc4random() % i; call0 = call[m]; call[m] = call[i - 1]; call[i - 1] = call0; |