CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2014/10/22 07:02:04
Modified files:
lib/libssl/src/crypto/asn1: asn_mime.c p5_pbe.c p5_pbev2.c
lib/libssl/src/crypto/bio: bf_nbio.c
lib/libssl/src/crypto/bn: bn.h bn_rand.c
lib/libssl/src/crypto/cms: cms_enc.c cms_ess.c cms_pwri.c
lib/libssl/src/crypto/des: enc_writ.c rand_key.c
lib/libssl/src/crypto/dsa: dsa_gen.c
lib/libssl/src/crypto/engine: eng_lib.c
lib/libssl/src/crypto/evp: e_aes.c evp_enc.c p_seal.c
lib/libssl/src/crypto/ocsp: ocsp_ext.c
lib/libssl/src/crypto/pem: pem_lib.c pvkfmt.c
lib/libssl/src/crypto/pkcs12: p12_mutl.c
lib/libssl/src/crypto/pkcs7: pk7_doit.c
lib/libssl/src/crypto/rand: rand_lib.c randfile.c
lib/libssl/src/crypto/rsa: rsa_oaep.c rsa_pk1.c rsa_pss.c
rsa_ssl.c
Log message:
Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().
arc4random_buf() is guaranteed to always succeed - it is worth noting
that a number of the replaced function calls were already missing return
value checks.
ok deraadt@
