From: tedu Date: Fri, 18 Apr 2014 21:29:20 +0000 (+0000) Subject: round up some enemy sympathizers found calling RAND_seed(). X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=9c6815e7b222c13bf7f7e27c6d3443a0156992a9;p=openbsd round up some enemy sympathizers found calling RAND_seed(). ok beck reyk --- diff --git a/sbin/iked/proc.c b/sbin/iked/proc.c index 69404434b5f..57b619e7c12 100644 --- a/sbin/iked/proc.c +++ b/sbin/iked/proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.c,v 1.12 2014/04/14 07:18:05 blambert Exp $ */ +/* $OpenBSD: proc.c,v 1.13 2014/04/18 21:29:20 tedu Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -194,7 +194,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p, pid_t pid; struct passwd *pw; const char *root; - u_int32_t seed[256]; switch (pid = fork()) { case -1: @@ -260,10 +259,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p, proc_config(ps, procs, nproc); - arc4random_buf(seed, sizeof(seed)); - RAND_seed(seed, sizeof(seed)); - explicit_bzero(seed, sizeof(seed)); - if (p->p_id == PROC_CONTROL) { TAILQ_INIT(&ctl_conns); if (control_listen(&ps->ps_csock) == -1) diff --git a/usr.sbin/ikectl/ikeca.c b/usr.sbin/ikectl/ikeca.c index b7707705186..de4a9032e6a 100644 --- a/usr.sbin/ikectl/ikeca.c +++ b/usr.sbin/ikectl/ikeca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikeca.c,v 1.25 2013/01/08 10:38:19 reyk Exp $ */ +/* $OpenBSD: ikeca.c,v 1.26 2014/04/18 21:29:20 tedu Exp $ */ /* * Copyright (c) 2010 Jonathan Gray @@ -806,7 +806,6 @@ ca_setup(char *caname, int create, int quiet, char *pass) struct stat st; struct ca *ca; char path[PATH_MAX]; - u_int32_t rnd[256]; if (stat(PATH_OPENSSL, &st) == -1) err(1, "openssl binary not available"); @@ -846,8 +845,5 @@ ca_setup(char *caname, int create, int quiet, char *pass) if (create && stat(ca->passfile, &st) == -1 && errno == ENOENT) ca_newpass(ca->passfile, pass); - arc4random_buf(rnd, sizeof(rnd)); - RAND_seed(rnd, sizeof(rnd)); - return (ca); } diff --git a/usr.sbin/relayd/proc.c b/usr.sbin/relayd/proc.c index 77ab3ec9142..b8959ce211d 100644 --- a/usr.sbin/relayd/proc.c +++ b/usr.sbin/relayd/proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.c,v 1.9 2014/04/18 12:02:37 reyk Exp $ */ +/* $OpenBSD: proc.c,v 1.10 2014/04/18 21:29:20 tedu Exp $ */ /* * Copyright (c) 2010 - 2014 Reyk Floeter @@ -308,7 +308,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p, pid_t pid; struct passwd *pw; const char *root; - u_int32_t seed[256]; u_int n; if (ps->ps_noaction) @@ -393,10 +392,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p, proc_config(ps, procs, nproc); - arc4random_buf(seed, sizeof(seed)); - RAND_seed(seed, sizeof(seed)); - explicit_bzero(seed, sizeof(seed)); - if (p->p_id == PROC_CONTROL && ps->ps_instance == 0) { TAILQ_INIT(&ctl_conns); if (control_listen(&ps->ps_csock) == -1) diff --git a/usr.sbin/snmpd/proc.c b/usr.sbin/snmpd/proc.c index 5f0cd4cf96e..8acf2caf416 100644 --- a/usr.sbin/snmpd/proc.c +++ b/usr.sbin/snmpd/proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.c,v 1.4 2014/04/14 07:18:05 blambert Exp $ */ +/* $OpenBSD: proc.c,v 1.5 2014/04/18 21:29:20 tedu Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -209,7 +209,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p, pid_t pid; struct passwd *pw; const char *root; - u_int32_t seed[256]; struct control_sock *rcs; switch (pid = fork()) { @@ -279,10 +278,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p, proc_config(ps, procs, nproc); - arc4random_buf(seed, sizeof(seed)); - RAND_seed(seed, sizeof(seed)); - explicit_bzero(seed, sizeof(seed)); - if (p->p_id == PROC_CONTROL) { TAILQ_INIT(&ctl_conns); if (control_listen(&ps->ps_csock) == -1)