Two more loops that can be converted to arc4random_buf(). Ok?

natano


Index: channels.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/channels.c,v
retrieving revision 1.352
diff -u -p -r1.352 channels.c
--- channels.c  12 Sep 2016 01:22:38 -0000      1.352
+++ channels.c  18 Sep 2016 19:04:30 -0000
@@ -4148,7 +4148,6 @@ x11_request_forwarding_with_spoofing(int
        char *new_data;
        int screen_number;
        const char *cp;
-       u_int32_t rnd = 0;
 
        if (x11_saved_display == NULL)
                x11_saved_display = xstrdup(disp);
@@ -4175,15 +4174,12 @@ x11_request_forwarding_with_spoofing(int
                 */
                x11_saved_data = xmalloc(data_len);
                x11_fake_data = xmalloc(data_len);
+               arc4random_buf(x11_fake_data, data_len);
                for (i = 0; i < data_len; i++) {
                        if (sscanf(data + 2 * i, "%2x", &value) != 1)
                                fatal("x11_request_forwarding: bad "
                                    "authentication data: %.100s", data);
-                       if (i % 4 == 0)
-                               rnd = arc4random();
                        x11_saved_data[i] = value;
-                       x11_fake_data[i] = rnd & 0xff;
-                       rnd >>= 8;
                }
                x11_saved_data_len = data_len;
                x11_fake_data_len = data_len;
Index: sshconnect1.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/sshconnect1.c,v
retrieving revision 1.78
diff -u -p -r1.78 sshconnect1.c
--- sshconnect1.c       15 Nov 2015 22:26:49 -0000      1.78
+++ sshconnect1.c       18 Sep 2016 19:04:30 -0000
@@ -504,7 +504,6 @@ ssh_kex(char *host, struct sockaddr *hos
        u_char cookie[8];
        u_int supported_ciphers;
        u_int server_flags, client_flags;
-       u_int32_t rnd = 0;
 
        debug("Waiting for server public key.");
 
@@ -563,12 +562,7 @@ ssh_kex(char *host, struct sockaddr *hos
         * random number, interpreted as a 32-byte key, with the least
         * significant 8 bits being the first byte of the key.
         */
-       for (i = 0; i < 32; i++) {
-               if (i % 4 == 0)
-                       rnd = arc4random();
-               session_key[i] = rnd & 0xff;
-               rnd >>= 8;
-       }
+       arc4random_buf(session_key, SSH_SESSION_KEY_LENGTH);
 
        /*
         * According to the protocol spec, the first byte of the session key

Reply via email to