round up some enemy sympathizers found calling RAND_seed().

ok beck reyk

diff --git a/sbin/iked/proc.c b/sbin/iked/proc.c
index 6940443..57b619e 100644 (file)
--- a/sbin/iked/proc.c
+++ b/sbin/iked/proc.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: proc.c,v 1.12 2014/04/14 07:18:05 blambert Exp $      */
+/*     $OpenBSD: proc.c,v 1.13 2014/04/18 21:29:20 tedu Exp $  */
 
 /*
  * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@@ -194,7 +194,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
        pid_t            pid;
        struct passwd   *pw;
        const char      *root;
-       u_int32_t        seed[256];
 
        switch (pid = fork()) {
        case -1:
@@ -260,10 +259,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
 
        proc_config(ps, procs, nproc);
 
-       arc4random_buf(seed, sizeof(seed));
-       RAND_seed(seed, sizeof(seed));
-       explicit_bzero(seed, sizeof(seed));
-
        if (p->p_id == PROC_CONTROL) {
                TAILQ_INIT(&ctl_conns);
                if (control_listen(&ps->ps_csock) == -1)

diff --git a/usr.sbin/ikectl/ikeca.c b/usr.sbin/ikectl/ikeca.c
index b770770..de4a903 100644 (file)
--- a/usr.sbin/ikectl/ikeca.c
+++ b/usr.sbin/ikectl/ikeca.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ikeca.c,v 1.25 2013/01/08 10:38:19 reyk Exp $ */
+/*     $OpenBSD: ikeca.c,v 1.26 2014/04/18 21:29:20 tedu Exp $ */
 
 /*
  * Copyright (c) 2010 Jonathan Gray <jsg@openbsd.org>
@@ -806,7 +806,6 @@ ca_setup(char *caname, int create, int quiet, char *pass)
        struct stat      st;
        struct ca       *ca;
        char             path[PATH_MAX];
-       u_int32_t        rnd[256];
 
        if (stat(PATH_OPENSSL, &st) == -1)
                err(1, "openssl binary not available");
@@ -846,8 +845,5 @@ ca_setup(char *caname, int create, int quiet, char *pass)
        if (create && stat(ca->passfile, &st) == -1 && errno == ENOENT)
                ca_newpass(ca->passfile, pass);
 
-       arc4random_buf(rnd, sizeof(rnd));
-       RAND_seed(rnd, sizeof(rnd));
-
        return (ca);
 }

diff --git a/usr.sbin/relayd/proc.c b/usr.sbin/relayd/proc.c
index 77ab3ec..b8959ce 100644 (file)
--- a/usr.sbin/relayd/proc.c
+++ b/usr.sbin/relayd/proc.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: proc.c,v 1.9 2014/04/18 12:02:37 reyk Exp $   */
+/*     $OpenBSD: proc.c,v 1.10 2014/04/18 21:29:20 tedu Exp $  */
 
 /*
  * Copyright (c) 2010 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -308,7 +308,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
        pid_t            pid;
        struct passwd   *pw;
        const char      *root;
-       u_int32_t        seed[256];
        u_int            n;
 
        if (ps->ps_noaction)
@@ -393,10 +392,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
 
        proc_config(ps, procs, nproc);
 
-       arc4random_buf(seed, sizeof(seed));
-       RAND_seed(seed, sizeof(seed));
-       explicit_bzero(seed, sizeof(seed));
-
        if (p->p_id == PROC_CONTROL && ps->ps_instance == 0) {
                TAILQ_INIT(&ctl_conns);
                if (control_listen(&ps->ps_csock) == -1)

diff --git a/usr.sbin/snmpd/proc.c b/usr.sbin/snmpd/proc.c
index 5f0cd4c..8acf2ca 100644 (file)
--- a/usr.sbin/snmpd/proc.c
+++ b/usr.sbin/snmpd/proc.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: proc.c,v 1.4 2014/04/14 07:18:05 blambert Exp $       */
+/*     $OpenBSD: proc.c,v 1.5 2014/04/18 21:29:20 tedu Exp $   */
 
 /*
  * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@@ -209,7 +209,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
        pid_t            pid;
        struct passwd   *pw;
        const char      *root;
-       u_int32_t        seed[256];
        struct control_sock *rcs;
 
        switch (pid = fork()) {
@@ -279,10 +278,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
 
        proc_config(ps, procs, nproc);
 
-       arc4random_buf(seed, sizeof(seed));
-       RAND_seed(seed, sizeof(seed));
-       explicit_bzero(seed, sizeof(seed));
-
        if (p->p_id == PROC_CONTROL) {
                TAILQ_INIT(&ctl_conns);
                if (control_listen(&ps->ps_csock) == -1)