RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

Replace two more arc4random() loops with
arc4random_buf().

tweaks and ok dtucker
ok deraadt

Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
This commit is contained in:
natano@openbsd.org 2016-09-19 07:52:42 +00:00 committed by Damien Miller
parent 1036356324
commit 492710894a
2 changed files with 9 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
channels.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: channels.c,v 1.352 2016/09/12 01:22:38 deraadt Exp $ */ /* $OpenBSD: channels.c,v 1.353 2016/09/19 07:52:42 natano Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -4215,7 +4215,6 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
char *new_data; char *new_data;
int screen_number; int screen_number;
const char *cp; const char *cp;
u_int32_t rnd = 0;
if (x11_saved_display == NULL) if (x11_saved_display == NULL)
x11_saved_display = xstrdup(disp); x11_saved_display = xstrdup(disp);
@ -4236,23 +4235,20 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
if (x11_saved_proto == NULL) { if (x11_saved_proto == NULL) {
/* Save protocol name. */ /* Save protocol name. */
x11_saved_proto = xstrdup(proto); x11_saved_proto = xstrdup(proto);
/*
* Extract real authentication data and generate fake data /* Extract real authentication data. */
* of the same length.
*/
x11_saved_data = xmalloc(data_len); x11_saved_data = xmalloc(data_len);
x11_fake_data = xmalloc(data_len);
for (i = 0; i < data_len; i++) { for (i = 0; i < data_len; i++) {
if (sscanf(data + 2 * i, "%2x", &value) != 1) if (sscanf(data + 2 * i, "%2x", &value) != 1)
fatal("x11_request_forwarding: bad " fatal("x11_request_forwarding: bad "
"authentication data: %.100s", data); "authentication data: %.100s", data);
if (i % 4 == 0)
rnd = arc4random();
x11_saved_data[i] = value; x11_saved_data[i] = value;
x11_fake_data[i] = rnd & 0xff;
rnd >>= 8;
} }
x11_saved_data_len = data_len; x11_saved_data_len = data_len;
/* Generate fake data of the same length. */
x11_fake_data = xmalloc(data_len);
arc4random_buf(x11_fake_data, data_len);
x11_fake_data_len = data_len; x11_fake_data_len = data_len;
} }

10
sshconnect1.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect1.c,v 1.78 2015/11/15 22:26:49 jcs Exp $ */ /* $OpenBSD: sshconnect1.c,v 1.79 2016/09/19 07:52:42 natano Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -509,7 +509,6 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
u_char cookie[8]; u_char cookie[8];
u_int supported_ciphers; u_int supported_ciphers;
u_int server_flags, client_flags; u_int server_flags, client_flags;
u_int32_t rnd = 0;
debug("Waiting for server public key."); debug("Waiting for server public key.");
@ -568,12 +567,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
* random number, interpreted as a 32-byte key, with the least * random number, interpreted as a 32-byte key, with the least
* significant 8 bits being the first byte of the key. * significant 8 bits being the first byte of the key.
*/ */
for (i = 0; i < 32; i++) { arc4random_buf(session_key, sizeof(session_key));
if (i % 4 == 0)
rnd = arc4random();
session_key[i] = rnd & 0xff;
rnd >>= 8;
}
/* /*
* According to the protocol spec, the first byte of the session key * According to the protocol spec, the first byte of the session key