> I've never suggested that I was going to send them diffs. The only > thing that is needed, imho, is to point them at their limitations so > that one day the OpenBSD ports tree and third-party projects don't have > to suffer from those.
Look at the log: ---------------------------- revision 1.10 date: 2003/11/26 21:40:08; author: djm; state: Exp; lines: +10 -1; Discard first 256 bytes of keystream, as per recommendation in "Weaknesses in the Key Scheduling Algorithm of RC4", Fluhrer, Mantin and Shamir. ok itojun@ ---------------------------- revision 1.9 date: 2003/08/16 19:07:40; author: tedu; state: Exp; lines: +10 -23; just use sysctl for stirring. thread safe and can't fail. ok deraadt and co. ---------------------------- revision 1.8 date: 2003/06/11 21:03:10; author: deraadt; state: Exp; lines: +9 -18; ansification; checked by pval ---------------------------- revision 1.7 date: 2003/02/14 17:12:54; author: deraadt; state: Exp; lines: +5 -3; re-stir if pid changes; markus & me ---------------------------- If they lack 1.7, then they also lack 1.10 If they "fixed" 1.10, without picking up 1.7, .... they are clueless.
