summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--games/fortune/fortune/fortune.c16
-rw-r--r--games/random/random.c10
-rw-r--r--lib/libc/stdlib/malloc.c4
-rw-r--r--libexec/ftpd/ftpd.c6
-rw-r--r--libexec/identd/parse.c6
-rw-r--r--libexec/tftp-proxy/tftp-proxy.c6
-rw-r--r--regress/lib/libc/malloc/malloc0test/malloc0test.c4
-rw-r--r--regress/sys/kern/signal-stress/signal-stress.c8
-rw-r--r--regress/sys/sys/tree/rb/rb-test.c4
-rw-r--r--regress/sys/sys/tree/splay/splay-test.c4
-rw-r--r--sbin/routed/main.c8
-rw-r--r--usr.bin/awk/run.c4
-rw-r--r--usr.bin/calendar/day.c6
-rw-r--r--usr.bin/mg/theo.c4
-rw-r--r--usr.bin/ssh/dh.c4
-rw-r--r--usr.bin/ssh/sshd.c30
-rw-r--r--usr.sbin/ftp-proxy/ftp-proxy.c6
-rw-r--r--usr.sbin/httpd/src/modules/standard/mod_rewrite.c10
-rw-r--r--usr.sbin/ntpd/ntp.c6
-rw-r--r--usr.sbin/ripd/message.c6
-rw-r--r--usr.sbin/rtadvd/rtadvd.c6
-rw-r--r--usr.sbin/rtsold/rtsold.c5
22 files changed, 70 insertions, 93 deletions
diff --git a/games/fortune/fortune/fortune.c b/games/fortune/fortune/fortune.c
index 18366533250..798137ca547 100644
--- a/games/fortune/fortune/fortune.c
+++ b/games/fortune/fortune/fortune.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: fortune.c,v 1.26 2008/03/17 09:17:56 sobrado Exp $ */
+/* $OpenBSD: fortune.c,v 1.27 2008/04/13 00:22:16 djm Exp $ */
/* $NetBSD: fortune.c,v 1.8 1995/03/23 08:28:40 cgd Exp $ */
/*-
@@ -43,7 +43,7 @@ static char copyright[] =
#if 0
static char sccsid[] = "@(#)fortune.c 8.1 (Berkeley) 5/31/93";
#else
-static char rcsid[] = "$OpenBSD: fortune.c,v 1.26 2008/03/17 09:17:56 sobrado Exp $";
+static char rcsid[] = "$OpenBSD: fortune.c,v 1.27 2008/04/13 00:22:16 djm Exp $";
#endif
#endif /* not lint */
@@ -909,7 +909,7 @@ get_fort(void)
if (File_list->next == NULL || File_list->percent == NO_PROB)
fp = File_list;
else {
- choice = arc4random() % 100;
+ choice = arc4random_uniform(100);
DPRINTF(1, (stderr, "choice = %d\n", choice));
for (fp = File_list; fp->percent != NO_PROB; fp = fp->next)
if (choice < fp->percent)
@@ -929,7 +929,7 @@ get_fort(void)
else {
if (fp->next != NULL) {
sum_noprobs(fp);
- choice = arc4random() % Noprob_tbl.str_numstr;
+ choice = arc4random_uniform(Noprob_tbl.str_numstr);
DPRINTF(1, (stderr, "choice = %d (of %d) \n", choice,
Noprob_tbl.str_numstr));
while (choice >= fp->tbl.str_numstr) {
@@ -971,7 +971,7 @@ pick_child(FILEDESC *parent)
int choice;
if (Equal_probs) {
- choice = arc4random() % parent->num_children;
+ choice = arc4random_uniform(parent->num_children);
DPRINTF(1, (stderr, " choice = %d (of %d)\n",
choice, parent->num_children));
for (fp = parent->child; choice--; fp = fp->next)
@@ -981,7 +981,7 @@ pick_child(FILEDESC *parent)
}
else {
get_tbl(parent);
- choice = arc4random() % parent->tbl.str_numstr;
+ choice = arc4random_uniform(parent->tbl.str_numstr);
DPRINTF(1, (stderr, " choice = %d (of %d)\n",
choice, parent->tbl.str_numstr));
for (fp = parent->child; choice >= fp->tbl.str_numstr;
@@ -1065,7 +1065,7 @@ get_pos(FILEDESC *fp)
#ifdef OK_TO_WRITE_DISK
if ((fd = open(fp->posfile, 0)) < 0 ||
read(fd, &fp->pos, sizeof fp->pos) != sizeof fp->pos)
- fp->pos = arc4random() % fp->tbl.str_numstr;
+ fp->pos = arc4random_uniform(fp->tbl.str_numstr);
else if (ntohl(fp->pos) >= fp->tbl.str_numstr)
fp->pos %= fp->tbl.str_numstr;
else
@@ -1073,7 +1073,7 @@ get_pos(FILEDESC *fp)
if (fd >= 0)
(void) close(fd);
#else
- fp->pos = arc4random() % fp->tbl.str_numstr;
+ fp->pos = arc4random_uniform(fp->tbl.str_numstr);
#endif /* OK_TO_WRITE_DISK */
}
if (++(fp->pos) >= fp->tbl.str_numstr)
diff --git a/games/random/random.c b/games/random/random.c
index e534b46e7cb..cb8ee26af4f 100644
--- a/games/random/random.c
+++ b/games/random/random.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: random.c,v 1.10 2004/07/10 07:26:24 deraadt Exp $ */
+/* $OpenBSD: random.c,v 1.11 2008/04/13 00:22:16 djm Exp $ */
/* $NetBSD: random.c,v 1.3 1995/04/22 07:44:05 cgd Exp $ */
/*
@@ -43,7 +43,7 @@ static char copyright[] =
#if 0
static char sccsid[] = "@(#)random.c 8.5 (Berkeley) 4/5/94";
#else
-static char rcsid[] = "$OpenBSD: random.c,v 1.10 2004/07/10 07:26:24 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: random.c,v 1.11 2008/04/13 00:22:16 djm Exp $";
#endif
#endif /* not lint */
@@ -105,7 +105,7 @@ main(int argc, char *argv[])
/* Compute a random exit status between 0 and denom - 1. */
if (random_exit)
- return (arc4random() % (u_int32_t)denom);
+ return (arc4random_uniform(denom));
/*
* Act as a filter, randomly choosing lines of the standard input
@@ -120,7 +120,7 @@ main(int argc, char *argv[])
* 0 (which has a 1 / denom chance of being true), we select the
* line.
*/
- selected = (int)(arc4random() % (u_int32_t)denom) == 0;
+ selected = arc4random_uniform(denom) == 0;
while ((ch = getchar()) != EOF) {
if (selected)
(void)putchar(ch);
@@ -130,7 +130,7 @@ main(int argc, char *argv[])
err(2, "stdout");
/* Now see if the next line is to be printed. */
- selected = (int)(arc4random() % (u_int32_t)denom) == 0;
+ selected = arc4random_uniform(denom) == 0;
}
}
if (ferror(stdin))
diff --git a/lib/libc/stdlib/malloc.c b/lib/libc/stdlib/malloc.c
index 8348b7ede18..c4869527adb 100644
--- a/lib/libc/stdlib/malloc.c
+++ b/lib/libc/stdlib/malloc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: malloc.c,v 1.88 2008/02/20 18:31:34 otto Exp $ */
+/* $OpenBSD: malloc.c,v 1.89 2008/04/13 00:22:16 djm Exp $ */
/*
* ----------------------------------------------------------------------------
@@ -1140,7 +1140,7 @@ malloc_bytes(size_t size)
if (malloc_guard) {
/* Walk to a random position. */
- i = arc4random() % bp->free;
+ i = arc4random_uniform(bp->free);
while (i > 0) {
u += u;
k++;
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index 21579c44ab1..3a7c224010f 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ftpd.c,v 1.181 2007/09/02 15:19:20 deraadt Exp $ */
+/* $OpenBSD: ftpd.c,v 1.182 2008/04/13 00:22:16 djm Exp $ */
/* $NetBSD: ftpd.c,v 1.15 1995/06/03 22:46:47 mycroft Exp $ */
/*
@@ -70,7 +70,7 @@ static const char copyright[] =
static const char sccsid[] = "@(#)ftpd.c 8.4 (Berkeley) 4/16/94";
#else
static const char rcsid[] =
- "$OpenBSD: ftpd.c,v 1.181 2007/09/02 15:19:20 deraadt Exp $";
+ "$OpenBSD: ftpd.c,v 1.182 2008/04/13 00:22:16 djm Exp $";
#endif
#endif /* not lint */
@@ -920,7 +920,7 @@ pass(char *passwd)
useconds_t us;
/* Sleep between 1 and 3 seconds to emulate a crypt. */
- us = arc4random() % 3000000;
+ us = arc4random_uniform(3000000);
usleep(us);
if (as != NULL) {
auth_close(as);
diff --git a/libexec/identd/parse.c b/libexec/identd/parse.c
index dd4c3e11a8a..768b2ec9f3b 100644
--- a/libexec/identd/parse.c
+++ b/libexec/identd/parse.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.c,v 1.45 2007/09/26 02:50:36 ray Exp $ */
+/* $OpenBSD: parse.c,v 1.46 2008/04/13 00:22:17 djm Exp $ */
/*
* This program is in the public domain and may be used freely by anyone
@@ -105,9 +105,9 @@ gentoken(char *buf, int len)
return;
for (p = buf; len > 1; p++, len--) {
if (p == buf)
- *p = token0cnv[arc4random() % (sizeof token0cnv-1)];
+ *p = token0cnv[arc4random_uniform(sizeof(token0cnv)-1)];
else
- *p = tokencnv[arc4random() % (sizeof tokencnv-1)];
+ *p = tokencnv[arc4random_uniform(sizeof(tokencnv)-1)];
}
*p = '\0';
}
diff --git a/libexec/tftp-proxy/tftp-proxy.c b/libexec/tftp-proxy/tftp-proxy.c
index 52db0d683c7..d2d2875717a 100644
--- a/libexec/tftp-proxy/tftp-proxy.c
+++ b/libexec/tftp-proxy/tftp-proxy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tftp-proxy.c,v 1.5 2008/03/24 16:11:00 deraadt Exp $
+/* $OpenBSD: tftp-proxy.c,v 1.6 2008/04/13 00:22:17 djm Exp $
*
* Copyright (c) 2005 DLS Internet Services
* Copyright (c) 2004, 2005 Camiel Dobbelaar, <cd@sentia.nl>
@@ -383,8 +383,8 @@ sock_ntop(struct sockaddr *sa)
u_int16_t
pick_proxy_port(void)
{
- return (IPPORT_HIFIRSTAUTO + (arc4random() %
- (IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO)));
+ return (IPPORT_HIFIRSTAUTO +
+ arc4random_uniform(IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO));
}
static void
diff --git a/regress/lib/libc/malloc/malloc0test/malloc0test.c b/regress/lib/libc/malloc/malloc0test/malloc0test.c
index eb00954f928..06ff0996eef 100644
--- a/regress/lib/libc/malloc/malloc0test/malloc0test.c
+++ b/regress/lib/libc/malloc/malloc0test/malloc0test.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: malloc0test.c,v 1.4 2004/08/04 12:02:57 otto Exp $ */
+/* $OpenBSD: malloc0test.c,v 1.5 2008/04/13 00:22:17 djm Exp $ */
/*
* Public domain. 2001, Theo de Raadt
*/
@@ -92,7 +92,7 @@ usage:
limit = LONG_MAX;
for (count = 0; count < limit; count++) {
- size = arc4random() % SIZE;
+ size = arc4random_uniform(SIZE);
blob = malloc(size);
if (blob == NULL) {
fprintf(stderr, "success: out of memory\n");
diff --git a/regress/sys/kern/signal-stress/signal-stress.c b/regress/sys/kern/signal-stress/signal-stress.c
index 9f40e0bb680..61aa23bcd66 100644
--- a/regress/sys/kern/signal-stress/signal-stress.c
+++ b/regress/sys/kern/signal-stress/signal-stress.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: signal-stress.c,v 1.2 2004/08/05 15:06:59 art Exp $ */
+/* $OpenBSD: signal-stress.c,v 1.3 2008/04/13 00:22:17 djm Exp $ */
/*
* Written by Artur Grabowski <art@openbsd.org> 2004 Public Domain.
*/
@@ -140,14 +140,14 @@ main()
* Now all children are ready for action.
* Send the first signals and wait until they all exit.
*/
- kill(pids[arc4random() % nprocs], SIGUSR1);
- kill(pids[arc4random() % nprocs], SIGUSR2);
+ kill(pids[arc4random_uniform(nprocs)], SIGUSR1);
+ kill(pids[arc4random_uniform(nprocs)], SIGUSR2);
/*
* The signal game is running, now insert noise in the process.
*/
for (i = 0; i < nprocs; i++) {
- pid_t pid = pids[arc4random() % nprocs];
+ pid_t pid = pids[arc4random_uniform(nprocs)];
kill(pid, SIGSTOP);
wait_stopped(pid);
kill(pid, SIGCONT);
diff --git a/regress/sys/sys/tree/rb/rb-test.c b/regress/sys/sys/tree/rb/rb-test.c
index f3be4cc0b68..409cc22393a 100644
--- a/regress/sys/sys/tree/rb/rb-test.c
+++ b/regress/sys/sys/tree/rb/rb-test.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rb-test.c,v 1.3 2003/07/31 21:48:10 deraadt Exp $ */
+/* $OpenBSD: rb-test.c,v 1.4 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
@@ -67,7 +67,7 @@ main(int argc, char **argv)
tmp = malloc(sizeof(struct node));
if (tmp == NULL) err(1, "malloc");
do {
- tmp->key = arc4random() % (MAX-MIN);
+ tmp->key = arc4random_uniform(MAX-MIN);
tmp->key += MIN;
} while (RB_FIND(tree, &root, tmp) != NULL);
if (i == 0)
diff --git a/regress/sys/sys/tree/splay/splay-test.c b/regress/sys/sys/tree/splay/splay-test.c
index 29718302b49..56084a0c71e 100644
--- a/regress/sys/sys/tree/splay/splay-test.c
+++ b/regress/sys/sys/tree/splay/splay-test.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: splay-test.c,v 1.3 2003/07/31 21:48:10 deraadt Exp $ */
+/* $OpenBSD: splay-test.c,v 1.4 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
@@ -67,7 +67,7 @@ main(int argc, char **argv)
tmp = malloc(sizeof(struct node));
if (tmp == NULL) err(1, "malloc");
do {
- tmp->key = arc4random() % (MAX-MIN);
+ tmp->key = arc4random_uniform(MAX-MIN);
tmp->key += MIN;
} while (SPLAY_FIND(tree, &root, tmp) != NULL);
if (i == 0)
diff --git a/sbin/routed/main.c b/sbin/routed/main.c
index e57c8960ec4..e5b002c3ece 100644
--- a/sbin/routed/main.c
+++ b/sbin/routed/main.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: main.c,v 1.19 2005/03/23 18:06:07 jmc Exp $ */
+/* $OpenBSD: main.c,v 1.20 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 1983, 1988, 1993
@@ -35,7 +35,7 @@ char copyright[] =
#if !defined(lint)
static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/5/93";
#else
-static char rcsid[] = "$OpenBSD: main.c,v 1.19 2005/03/23 18:06:07 jmc Exp $";
+static char rcsid[] = "$OpenBSD: main.c,v 1.20 2008/04/13 00:22:17 djm Exp $";
#endif
#include "defs.h"
@@ -766,8 +766,8 @@ intvl_random(struct timeval *tp, /* put value here */
{
tp->tv_sec = (time_t)(hi == lo
? lo
- : (lo + arc4random() % ((1 + hi - lo))));
- tp->tv_usec = arc4random() % 1000000;
+ : (lo + arc4random_uniform(1 + hi - lo)));
+ tp->tv_usec = arc4random_uniform(1000000);
}
diff --git a/usr.bin/awk/run.c b/usr.bin/awk/run.c
index cdce6a398e3..3dccfff73a1 100644
--- a/usr.bin/awk/run.c
+++ b/usr.bin/awk/run.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: run.c,v 1.27 2008/02/27 17:19:34 deraadt Exp $ */
+/* $OpenBSD: run.c,v 1.28 2008/04/13 00:22:17 djm Exp $ */
/****************************************************************
Copyright (C) Lucent Technologies 1997
All Rights Reserved
@@ -1515,7 +1515,7 @@ Cell *bltin(Node **a, int n) /* builtin functions. a[0] is type, a[1] is arg lis
break;
case FRAND:
if (use_arc4)
- u = (Awkfloat) (arc4random() % RAND_MAX) / RAND_MAX;
+ u = (Awkfloat)arc4random() / 0xffffffff;
else
u = (Awkfloat) (random() % RAND_MAX) / RAND_MAX;
break;
diff --git a/usr.bin/calendar/day.c b/usr.bin/calendar/day.c
index dc97bfb8bc1..1a0f5953c3b 100644
--- a/usr.bin/calendar/day.c
+++ b/usr.bin/calendar/day.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: day.c,v 1.20 2005/11/16 16:45:11 deraadt Exp $ */
+/* $OpenBSD: day.c,v 1.21 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 1989, 1993, 1994
@@ -39,7 +39,7 @@ static const char copyright[] =
#if 0
static const char sccsid[] = "@(#)calendar.c 8.3 (Berkeley) 3/25/94";
#else
-static const char rcsid[] = "$OpenBSD: day.c,v 1.20 2005/11/16 16:45:11 deraadt Exp $";
+static const char rcsid[] = "$OpenBSD: day.c,v 1.21 2008/04/13 00:22:17 djm Exp $";
#endif
#endif /* not lint */
@@ -301,7 +301,7 @@ isnow(char *endp, int bodun)
/* adjust bodun rate */
if (bodun && !bodun_always)
- bodun = !(arc4random() % 3);
+ bodun = !arc4random_uniform(3);
/* Easter or Easter depending days */
if (flags & F_SPECIAL)
diff --git a/usr.bin/mg/theo.c b/usr.bin/mg/theo.c
index 0d452ee1999..85e5357f3d1 100644
--- a/usr.bin/mg/theo.c
+++ b/usr.bin/mg/theo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: theo.c,v 1.101 2007/08/28 17:57:16 jasper Exp $ */
+/* $OpenBSD: theo.c,v 1.102 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 2002 Artur Grabowski <art@openbsd.org>
* All rights reserved.
@@ -158,7 +158,7 @@ theo_analyze(int f, int n)
const char *str;
int len;
- str = talk[arc4random() % ntalk];
+ str = talk[arc4random_uniform(ntalk)];
len = strlen(str);
newline(FFRAND, 2);
diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c
index c658f745ef0..db8f0166df2 100644
--- a/usr.bin/ssh/dh.c
+++ b/usr.bin/ssh/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.45 2007/09/27 00:15:57 ray Exp $ */
+/* $OpenBSD: dh.c,v 1.46 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
*
@@ -150,7 +150,7 @@ choose_dh(int min, int wantbits, int max)
}
linenum = 0;
- which = arc4random() % bestcount;
+ which = arc4random_uniform(bestcount);
while (fgets(line, sizeof(line), f)) {
if (!parse_prime(linenum, line, &dhg))
continue;
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 1a032d8a65a..2e52fff7c9d 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.355 2008/02/14 13:10:31 mbalmer Exp $ */
+/* $OpenBSD: sshd.c,v 1.356 2008/04/13 00:22:17 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -348,9 +348,6 @@ grace_alarm_handler(int sig)
static void
generate_ephemeral_server_key(void)
{
- u_int32_t rnd = 0;
- int i;
-
verbose("Generating %s%d bit RSA key.",
sensitive_data.server_key ? "new " : "", options.server_key_bits);
if (sensitive_data.server_key != NULL)
@@ -359,12 +356,7 @@ generate_ephemeral_server_key(void)
options.server_key_bits);
verbose("RSA key generation complete.");
- for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
- if (i % 4 == 0)
- rnd = arc4random();
- sensitive_data.ssh1_cookie[i] = rnd & 0xff;
- rnd >>= 8;
- }
+ arc4random_buf(sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH);
arc4random_stir();
}
@@ -566,14 +558,12 @@ privsep_preauth_child(void)
u_int32_t rnd[256];
gid_t gidset[1];
struct passwd *pw;
- u_int i;
/* Enable challenge-response authentication for privilege separation */
privsep_challenge_enable();
arc4random_stir();
- for (i = 0; i < 256; i++)
- rnd[i] = arc4random();
+ arc4random_buf(rnd, sizeof(rnd));
RAND_seed(rnd, sizeof(rnd));
/* Demote the private keys to public keys. */
@@ -653,7 +643,6 @@ static void
privsep_postauth(Authctxt *authctxt)
{
u_int32_t rnd[256];
- u_int i;
if (authctxt->pw->pw_uid == 0 || options.use_login) {
/* File descriptor passing is broken or root login */
@@ -683,8 +672,7 @@ privsep_postauth(Authctxt *authctxt)
demote_sensitive_data();
arc4random_stir();
- for (i = 0; i < 256; i++)
- rnd[i] = arc4random();
+ arc4random_buf(rnd, sizeof(rnd));
RAND_seed(rnd, sizeof(rnd));
/* Drop privileges */
@@ -786,7 +774,7 @@ drop_connection(int startups)
p *= startups - options.max_startups_begin;
p /= options.max_startups - options.max_startups_begin;
p += options.max_startups_rate;
- r = arc4random() % 100;
+ r = arc4random_uniform(100);
debug("drop_connection: p %d, r %d", p, r);
return (r < p) ? 1 : 0;
@@ -1808,7 +1796,6 @@ do_ssh1_kex(void)
u_char session_key[SSH_SESSION_KEY_LENGTH];
u_char cookie[8];
u_int cipher_type, auth_mask, protocol_flags;
- u_int32_t rnd = 0;
/*
* Generate check bytes that the client must send back in the user
@@ -1819,12 +1806,7 @@ do_ssh1_kex(void)
* cookie. This only affects rhosts authentication, and this is one
* of the reasons why it is inherently insecure.
*/
- for (i = 0; i < 8; i++) {
- if (i % 4 == 0)
- rnd = arc4random();
- cookie[i] = rnd & 0xff;
- rnd >>= 8;
- }
+ arc4random_buf(cookie, sizeof(cookie));
/*
* Send our public key. We include in the packet 64 bits of random
diff --git a/usr.sbin/ftp-proxy/ftp-proxy.c b/usr.sbin/ftp-proxy/ftp-proxy.c
index 1a3bdf55fbd..cf697b56614 100644
--- a/usr.sbin/ftp-proxy/ftp-proxy.c
+++ b/usr.sbin/ftp-proxy/ftp-proxy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ftp-proxy.c,v 1.16 2008/02/26 18:52:53 henning Exp $ */
+/* $OpenBSD: ftp-proxy.c,v 1.17 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 2004, 2005 Camiel Dobbelaar, <cd@sentia.nl>
@@ -834,8 +834,8 @@ u_int16_t
pick_proxy_port(void)
{
/* Random should be good enough for avoiding port collisions. */
- return (IPPORT_HIFIRSTAUTO + (arc4random() %
- (IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO)));
+ return (IPPORT_HIFIRSTAUTO +
+ arc4random_uniform(IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO));
}
void
diff --git a/usr.sbin/httpd/src/modules/standard/mod_rewrite.c b/usr.sbin/httpd/src/modules/standard/mod_rewrite.c
index a7cdffea2ce..2609cc03729 100644
--- a/usr.sbin/httpd/src/modules/standard/mod_rewrite.c
+++ b/usr.sbin/httpd/src/modules/standard/mod_rewrite.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mod_rewrite.c,v 1.25 2006/07/28 13:52:30 henning Exp $ */
+/* $OpenBSD: mod_rewrite.c,v 1.26 2008/04/13 00:22:17 djm Exp $ */
/* ====================================================================
* The Apache Software License, Version 1.1
@@ -3171,13 +3171,7 @@ static char *rewrite_mapfunc_unescape(request_rec *r, char *key)
static int rewrite_rand(int l, int h)
{
- /* Get [0,1) and then scale to the appropriate range. Note that using
- * a floating point value ensures that we use all bits of the arc4random()
- * result. Doing an integer modulus would yield a non-uniformly distibuted
- * result, because MAX_UINT may not be divisble by the size of the
- * interval.
- */
- return (int)(arc4random() / ((double)0xffffffffU + 1) * (h - l + 1) + l);
+ return arc4random_uniform(1 + h - l) + l;
}
static char *select_random_value_part(request_rec *r, char *value)
diff --git a/usr.sbin/ntpd/ntp.c b/usr.sbin/ntpd/ntp.c
index 28234875813..7026a9ba548 100644
--- a/usr.sbin/ntpd/ntp.c
+++ b/usr.sbin/ntpd/ntp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ntp.c,v 1.103 2008/01/28 11:45:59 mpf Exp $ */
+/* $OpenBSD: ntp.c,v 1.104 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -659,7 +659,7 @@ scale_interval(time_t requested)
time_t interval, r;
interval = requested * conf->scale;
- r = arc4random() % MAX(5, interval / 10);
+ r = arc4random_uniform(MAX(5, interval / 10));
return (interval + r);
}
@@ -669,7 +669,7 @@ error_interval(void)
time_t interval, r;
interval = INTERVAL_QUERY_PATHETIC * QSCALE_OFF_MAX / QSCALE_OFF_MIN;
- r = arc4random() % (interval / 10);
+ r = arc4random_uniform(interval / 10);
return (interval + r);
}
diff --git a/usr.sbin/ripd/message.c b/usr.sbin/ripd/message.c
index 091d162d640..02060cf3105 100644
--- a/usr.sbin/ripd/message.c
+++ b/usr.sbin/ripd/message.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: message.c,v 1.9 2007/10/24 20:52:50 claudio Exp $ */
+/* $OpenBSD: message.c,v 1.10 2008/04/13 00:22:17 djm Exp $ */
/*
* Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -47,7 +47,7 @@ report_timer(int fd, short event, void *arg)
/* restart report timer */
timerclear(&tv);
- tv.tv_sec = KEEPALIVE + arc4random() % OFFSET;
+ tv.tv_sec = KEEPALIVE + arc4random_uniform(OFFSET);
evtimer_add(&oeconf->report_timer, &tv);
}
@@ -57,7 +57,7 @@ start_report_timer(void)
struct timeval tv;
timerclear(&tv);
- tv.tv_sec = KEEPALIVE + arc4random() % OFFSET;
+ tv.tv_sec = KEEPALIVE + arc4random_uniform(OFFSET);
return (evtimer_add(&oeconf->report_timer, &tv));
}
diff --git a/usr.sbin/rtadvd/rtadvd.c b/usr.sbin/rtadvd/rtadvd.c
index fa597f56df4..b258ca92fad 100644
--- a/usr.sbin/rtadvd/rtadvd.c
+++ b/usr.sbin/rtadvd/rtadvd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rtadvd.c,v 1.30 2008/03/24 16:11:05 deraadt Exp $ */
+/* $OpenBSD: rtadvd.c,v 1.31 2008/04/13 00:22:17 djm Exp $ */
/* $KAME: rtadvd.c,v 1.66 2002/05/29 14:18:36 itojun Exp $ */
/*
@@ -802,7 +802,7 @@ rs_input(int len, struct nd_router_solicit *rs,
* delay and send the advertisement at the
* already-scheduled time. RFC-2461 6.2.6
*/
- delay = arc4random() % MAX_RA_DELAY_TIME;
+ delay = arc4random_uniform(MAX_RA_DELAY_TIME);
interval.tv_sec = 0;
interval.tv_usec = delay;
rest = rtadvd_timer_rest(ra->timer);
@@ -1568,7 +1568,7 @@ ra_timer_update(void *data, struct timeval *tm)
* MaxRtrAdvInterval (RFC2461 6.2.4).
*/
interval = rai->mininterval;
- interval += arc4random() % (rai->maxinterval - rai->mininterval);
+ interval += arc4random_uniform(rai->maxinterval - rai->mininterval);
/*
* For the first few advertisements (up to
diff --git a/usr.sbin/rtsold/rtsold.c b/usr.sbin/rtsold/rtsold.c
index 4db48bfcdb6..a711cd27741 100644
--- a/usr.sbin/rtsold/rtsold.c
+++ b/usr.sbin/rtsold/rtsold.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rtsold.c,v 1.40 2008/01/05 17:03:09 chl Exp $ */
+/* $OpenBSD: rtsold.c,v 1.41 2008/04/13 00:22:17 djm Exp $ */
/* $KAME: rtsold.c,v 1.75 2004/01/03 00:00:07 itojun Exp $ */
/*
@@ -577,7 +577,8 @@ rtsol_timer_update(struct ifinfo *ifinfo)
ifinfo->timer = tm_max; /* stop timer(valid?) */
break;
case IFS_DELAY:
- interval = arc4random() % (MAX_RTR_SOLICITATION_DELAY * MILLION);
+ interval = arc4random_uniform(MAX_RTR_SOLICITATION_DELAY *
+ MILLION);
ifinfo->timer.tv_sec = interval / MILLION;
ifinfo->timer.tv_usec = interval % MILLION;
break;