Date: Fri, 13 Dec 2019 05:42:57 +0000 (UTC) From: Conrad Meyer <cem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r355699 - head/contrib/telnet/libtelnet Message-ID: <201912130542.xBD5gvj7071226@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cem Date: Fri Dec 13 05:42:57 2019 New Revision: 355699 URL: https://svnweb.freebsd.org/changeset/base/355699 Log: libtelnet: Replace bogus use of srandomdev + random to generate "public key pair" I'm pretty skeptical that any crypto in telnet is worth using, but if we're ostensibly generating keys, arc4random is strictly better than the previous construct. Modified: head/contrib/telnet/libtelnet/pk.c Modified: head/contrib/telnet/libtelnet/pk.c ============================================================================== --- head/contrib/telnet/libtelnet/pk.c Fri Dec 13 05:29:26 2019 (r355698) +++ head/contrib/telnet/libtelnet/pk.c Fri Dec 13 05:42:57 2019 (r355699) @@ -142,12 +142,7 @@ common_key(char *xsecret, char *xpublic, IdeaData *ide static void getseed(char *seed, int seedsize) { - int i; - - srandomdev(); - for (i = 0; i < seedsize; i++) { - seed[i] = random() & 0xff; - } + arc4random_buf(seed, seedsize); } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912130542.xBD5gvj7071226>