Author: cem
Date: Fri Dec 13 05:42:57 2019
New Revision: 355699
URL: https://svnweb.freebsd.org/changeset/base/355699
Log:
libtelnet: Replace bogus use of srandomdev + random to generate "public key
pair"
I'm pretty skeptical that any crypto in telnet is worth using, but if we're
ostensibly generating keys, arc4random is strictly better than the previous
construct.
Modified:
head/contrib/telnet/libtelnet/pk.c
Modified: head/contrib/telnet/libtelnet/pk.c
==============================================================================
--- head/contrib/telnet/libtelnet/pk.c Fri Dec 13 05:29:26 2019
(r355698)
+++ head/contrib/telnet/libtelnet/pk.c Fri Dec 13 05:42:57 2019
(r355699)
@@ -142,12 +142,7 @@ common_key(char *xsecret, char *xpublic, IdeaData *ide
static void
getseed(char *seed, int seedsize)
{
- int i;
-
- srandomdev();
- for (i = 0; i < seedsize; i++) {
- seed[i] = random() & 0xff;
- }
+ arc4random_buf(seed, seedsize);
}
/*
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
