no change, but makes the code a little shorter.
Index: clientloop.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v
retrieving revision 1.287
diff -u -p -r1.287 clientloop.c
--- clientloop.c 12 Sep 2016 01:22:38 -0000 1.287
+++ clientloop.c 17 Sep 2016 01:16:46 -0000
@@ -303,7 +303,7 @@ client_x11_get_proto(const char *display
char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
static char proto[512], data[512];
FILE *f;
- int got_data = 0, generated = 0, do_unlink = 0, i, r;
+ int got_data = 0, generated = 0, do_unlink = 0, r;
struct stat st;
u_int now, x11_timeout_real;
@@ -430,17 +430,16 @@ client_x11_get_proto(const char *display
* for the local connection.
*/
if (!got_data) {
- u_int32_t rnd = 0;
+ u_int8_t rnd[16];
+ u_int i;
logit("Warning: No xauth data; "
"using fake authentication data for X11 forwarding.");
strlcpy(proto, SSH_X11_PROTO, sizeof proto);
- for (i = 0; i < 16; i++) {
- if (i % 4 == 0)
- rnd = arc4random();
+ arc4random_buf(rnd, sizeof(rnd));
+ for (i = 0; i < sizeof(rnd); i++) {
snprintf(data + 2 * i, sizeof data - 2 * i, "%02x",
- rnd & 0xff);
- rnd >>= 8;
+ rnd[i]);
}
}
