From 1036356324fecc13099ac6e986b549f6219327d7 Mon Sep 17 00:00:00 2001 From: "tedu@openbsd.org" Date: Sat, 17 Sep 2016 18:00:27 +0000 Subject: upstream commit replace two arc4random loops with arc4random_buf ok deraadt natano Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48 --- clientloop.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'clientloop.c') diff --git a/clientloop.c b/clientloop.c index 47098f3a..58e71224 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.287 2016/09/12 01:22:38 deraadt Exp $ */ +/* $OpenBSD: clientloop.c,v 1.288 2016/09/17 18:00:27 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -311,7 +311,7 @@ client_x11_get_proto(const char *display, const char *xauth_path, char xauthfile[PATH_MAX], xauthdir[PATH_MAX]; static char proto[512], data[512]; FILE *f; - int got_data = 0, generated = 0, do_unlink = 0, i, r; + int got_data = 0, generated = 0, do_unlink = 0, r; struct stat st; u_int now, x11_timeout_real; @@ -438,17 +438,16 @@ client_x11_get_proto(const char *display, const char *xauth_path, * for the local connection. */ if (!got_data) { - u_int32_t rnd = 0; + u_int8_t rnd[16]; + u_int i; logit("Warning: No xauth data; " "using fake authentication data for X11 forwarding."); strlcpy(proto, SSH_X11_PROTO, sizeof proto); - for (i = 0; i < 16; i++) { - if (i % 4 == 0) - rnd = arc4random(); + arc4random_buf(rnd, sizeof(rnd)); + for (i = 0; i < sizeof(rnd); i++) { snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", - rnd & 0xff); - rnd >>= 8; + rnd[i]); } } -- cgit v1.2.3