Site Navigation

Date:      Fri, 13 Dec 2019 05:42:57 +0000 (UTC)
From:      Conrad Meyer <cem@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r355699 - head/contrib/telnet/libtelnet
Message-ID:  <201912130542.xBD5gvj7071226@repo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

Author: cem
Date: Fri Dec 13 05:42:57 2019
New Revision: 355699
URL: https://svnweb.freebsd.org/changeset/base/355699

Log:
  libtelnet: Replace bogus use of srandomdev + random to generate "public key pair"
  
  I'm pretty skeptical that any crypto in telnet is worth using, but if we're
  ostensibly generating keys, arc4random is strictly better than the previous
  construct.

Modified:
  head/contrib/telnet/libtelnet/pk.c

Modified: head/contrib/telnet/libtelnet/pk.c
==============================================================================
--- head/contrib/telnet/libtelnet/pk.c	Fri Dec 13 05:29:26 2019	(r355698)
+++ head/contrib/telnet/libtelnet/pk.c	Fri Dec 13 05:42:57 2019	(r355699)
@@ -142,12 +142,7 @@ common_key(char *xsecret, char *xpublic, IdeaData *ide
 static void
 getseed(char *seed, int seedsize)
 {
-	int i;
-
-	srandomdev();
-	for (i = 0; i < seedsize; i++) {
-		seed[i] = random() & 0xff;
-	}
+	arc4random_buf(seed, seedsize);
 }
 
 /*

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912130542.xBD5gvj7071226>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact