From 492710894acfcc2f173d14d1d45bd2e688df605d Mon Sep 17 00:00:00 2001
From: "natano@openbsd.org" <natano@openbsd.org>
Date: Mon, 19 Sep 2016 07:52:42 +0000
Subject: [PATCH] upstream commit

Replace two more arc4random() loops with
arc4random_buf().

tweaks and ok dtucker
ok deraadt

Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
---
 channels.c    | 18 +++++++-----------
 sshconnect1.c | 10 ++--------
 2 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/channels.c b/channels.c
index 241aa3cdc..5d8c2a0c0 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.352 2016/09/12 01:22:38 deraadt Exp $ */
+/* $OpenBSD: channels.c,v 1.353 2016/09/19 07:52:42 natano Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -4215,7 +4215,6 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
 	char *new_data;
 	int screen_number;
 	const char *cp;
-	u_int32_t rnd = 0;
 
 	if (x11_saved_display == NULL)
 		x11_saved_display = xstrdup(disp);
@@ -4236,23 +4235,20 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
 	if (x11_saved_proto == NULL) {
 		/* Save protocol name. */
 		x11_saved_proto = xstrdup(proto);
-		/*
-		 * Extract real authentication data and generate fake data
-		 * of the same length.
-		 */
+
+		/* Extract real authentication data. */
 		x11_saved_data = xmalloc(data_len);
-		x11_fake_data = xmalloc(data_len);
 		for (i = 0; i < data_len; i++) {
 			if (sscanf(data + 2 * i, "%2x", &value) != 1)
 				fatal("x11_request_forwarding: bad "
 				    "authentication data: %.100s", data);
-			if (i % 4 == 0)
-				rnd = arc4random();
 			x11_saved_data[i] = value;
-			x11_fake_data[i] = rnd & 0xff;
-			rnd >>= 8;
 		}
 		x11_saved_data_len = data_len;
+
+		/* Generate fake data of the same length. */
+		x11_fake_data = xmalloc(data_len);
+		arc4random_buf(x11_fake_data, data_len);
 		x11_fake_data_len = data_len;
 	}
 
diff --git a/sshconnect1.c b/sshconnect1.c
index bfc523bde..a04536184 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect1.c,v 1.78 2015/11/15 22:26:49 jcs Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.79 2016/09/19 07:52:42 natano Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -509,7 +509,6 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	u_char cookie[8];
 	u_int supported_ciphers;
 	u_int server_flags, client_flags;
-	u_int32_t rnd = 0;
 
 	debug("Waiting for server public key.");
 
@@ -568,12 +567,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	 * random number, interpreted as a 32-byte key, with the least
 	 * significant 8 bits being the first byte of the key.
 	 */
-	for (i = 0; i < 32; i++) {
-		if (i % 4 == 0)
-			rnd = arc4random();
-		session_key[i] = rnd & 0xff;
-		rnd >>= 8;
-	}
+	arc4random_buf(session_key, sizeof(session_key));
 
 	/*
 	 * According to the protocol spec, the first byte of the session key