- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/04/13 00:22:17 [dh.c sshd.c] Use arc4random_buf() when requesting more than a single word of output Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
This commit is contained in:
parent
a4be7c23fd
commit
354c48c641
|
@ -14,6 +14,13 @@
|
||||||
- (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
|
- (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
|
||||||
[configure.ac] Implement arc4random_buf(), import implementation of
|
[configure.ac] Implement arc4random_buf(), import implementation of
|
||||||
arc4random_uniform() from OpenBSD
|
arc4random_uniform() from OpenBSD
|
||||||
|
- (djm) OpenBSD CVS Sync
|
||||||
|
- djm@cvs.openbsd.org 2008/04/13 00:22:17
|
||||||
|
[dh.c sshd.c]
|
||||||
|
Use arc4random_buf() when requesting more than a single word of output
|
||||||
|
Use arc4random_uniform() when the desired random number upper bound
|
||||||
|
is not a power of two
|
||||||
|
ok deraadt@ millert@
|
||||||
|
|
||||||
20080403
|
20080403
|
||||||
- (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
|
- (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
|
||||||
|
@ -3874,4 +3881,4 @@
|
||||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.4909 2008/05/19 04:47:37 djm Exp $
|
$Id: ChangeLog,v 1.4910 2008/05/19 04:50:00 djm Exp $
|
||||||
|
|
4
dh.c
4
dh.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: dh.c,v 1.45 2007/09/27 00:15:57 ray Exp $ */
|
/* $OpenBSD: dh.c,v 1.46 2008/04/13 00:22:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Niels Provos. All rights reserved.
|
* Copyright (c) 2000 Niels Provos. All rights reserved.
|
||||||
*
|
*
|
||||||
|
@ -153,7 +153,7 @@ choose_dh(int min, int wantbits, int max)
|
||||||
}
|
}
|
||||||
|
|
||||||
linenum = 0;
|
linenum = 0;
|
||||||
which = arc4random() % bestcount;
|
which = arc4random_uniform(bestcount);
|
||||||
while (fgets(line, sizeof(line), f)) {
|
while (fgets(line, sizeof(line), f)) {
|
||||||
if (!parse_prime(linenum, line, &dhg))
|
if (!parse_prime(linenum, line, &dhg))
|
||||||
continue;
|
continue;
|
||||||
|
|
32
sshd.c
32
sshd.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshd.c,v 1.355 2008/02/14 13:10:31 mbalmer Exp $ */
|
/* $OpenBSD: sshd.c,v 1.356 2008/04/13 00:22:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -368,9 +368,6 @@ grace_alarm_handler(int sig)
|
||||||
static void
|
static void
|
||||||
generate_ephemeral_server_key(void)
|
generate_ephemeral_server_key(void)
|
||||||
{
|
{
|
||||||
u_int32_t rnd = 0;
|
|
||||||
int i;
|
|
||||||
|
|
||||||
verbose("Generating %s%d bit RSA key.",
|
verbose("Generating %s%d bit RSA key.",
|
||||||
sensitive_data.server_key ? "new " : "", options.server_key_bits);
|
sensitive_data.server_key ? "new " : "", options.server_key_bits);
|
||||||
if (sensitive_data.server_key != NULL)
|
if (sensitive_data.server_key != NULL)
|
||||||
|
@ -379,12 +376,7 @@ generate_ephemeral_server_key(void)
|
||||||
options.server_key_bits);
|
options.server_key_bits);
|
||||||
verbose("RSA key generation complete.");
|
verbose("RSA key generation complete.");
|
||||||
|
|
||||||
for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
|
arc4random_buf(sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH);
|
||||||
if (i % 4 == 0)
|
|
||||||
rnd = arc4random();
|
|
||||||
sensitive_data.ssh1_cookie[i] = rnd & 0xff;
|
|
||||||
rnd >>= 8;
|
|
||||||
}
|
|
||||||
arc4random_stir();
|
arc4random_stir();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -583,16 +575,14 @@ demote_sensitive_data(void)
|
||||||
static void
|
static void
|
||||||
privsep_preauth_child(void)
|
privsep_preauth_child(void)
|
||||||
{
|
{
|
||||||
u_int32_t rnd[256];
|
u_int32_t rnd[256];
|
||||||
gid_t gidset[1];
|
gid_t gidset[1];
|
||||||
u_int i;
|
|
||||||
|
|
||||||
/* Enable challenge-response authentication for privilege separation */
|
/* Enable challenge-response authentication for privilege separation */
|
||||||
privsep_challenge_enable();
|
privsep_challenge_enable();
|
||||||
|
|
||||||
arc4random_stir();
|
arc4random_stir();
|
||||||
for (i = 0; i < 256; i++)
|
arc4random_buf(rnd, sizeof(rnd));
|
||||||
rnd[i] = arc4random();
|
|
||||||
RAND_seed(rnd, sizeof(rnd));
|
RAND_seed(rnd, sizeof(rnd));
|
||||||
|
|
||||||
/* Demote the private keys to public keys. */
|
/* Demote the private keys to public keys. */
|
||||||
|
@ -666,7 +656,6 @@ static void
|
||||||
privsep_postauth(Authctxt *authctxt)
|
privsep_postauth(Authctxt *authctxt)
|
||||||
{
|
{
|
||||||
u_int32_t rnd[256];
|
u_int32_t rnd[256];
|
||||||
u_int i;
|
|
||||||
|
|
||||||
#ifdef DISABLE_FD_PASSING
|
#ifdef DISABLE_FD_PASSING
|
||||||
if (1) {
|
if (1) {
|
||||||
|
@ -700,8 +689,7 @@ privsep_postauth(Authctxt *authctxt)
|
||||||
demote_sensitive_data();
|
demote_sensitive_data();
|
||||||
|
|
||||||
arc4random_stir();
|
arc4random_stir();
|
||||||
for (i = 0; i < 256; i++)
|
arc4random_buf(rnd, sizeof(rnd));
|
||||||
rnd[i] = arc4random();
|
|
||||||
RAND_seed(rnd, sizeof(rnd));
|
RAND_seed(rnd, sizeof(rnd));
|
||||||
|
|
||||||
/* Drop privileges */
|
/* Drop privileges */
|
||||||
|
@ -803,7 +791,7 @@ drop_connection(int startups)
|
||||||
p *= startups - options.max_startups_begin;
|
p *= startups - options.max_startups_begin;
|
||||||
p /= options.max_startups - options.max_startups_begin;
|
p /= options.max_startups - options.max_startups_begin;
|
||||||
p += options.max_startups_rate;
|
p += options.max_startups_rate;
|
||||||
r = arc4random() % 100;
|
r = arc4random_uniform(100);
|
||||||
|
|
||||||
debug("drop_connection: p %d, r %d", p, r);
|
debug("drop_connection: p %d, r %d", p, r);
|
||||||
return (r < p) ? 1 : 0;
|
return (r < p) ? 1 : 0;
|
||||||
|
@ -1956,7 +1944,6 @@ do_ssh1_kex(void)
|
||||||
u_char session_key[SSH_SESSION_KEY_LENGTH];
|
u_char session_key[SSH_SESSION_KEY_LENGTH];
|
||||||
u_char cookie[8];
|
u_char cookie[8];
|
||||||
u_int cipher_type, auth_mask, protocol_flags;
|
u_int cipher_type, auth_mask, protocol_flags;
|
||||||
u_int32_t rnd = 0;
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generate check bytes that the client must send back in the user
|
* Generate check bytes that the client must send back in the user
|
||||||
|
@ -1967,12 +1954,7 @@ do_ssh1_kex(void)
|
||||||
* cookie. This only affects rhosts authentication, and this is one
|
* cookie. This only affects rhosts authentication, and this is one
|
||||||
* of the reasons why it is inherently insecure.
|
* of the reasons why it is inherently insecure.
|
||||||
*/
|
*/
|
||||||
for (i = 0; i < 8; i++) {
|
arc4random_buf(cookie, sizeof(cookie));
|
||||||
if (i % 4 == 0)
|
|
||||||
rnd = arc4random();
|
|
||||||
cookie[i] = rnd & 0xff;
|
|
||||||
rnd >>= 8;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Send our public key. We include in the packet 64 bits of random
|
* Send our public key. We include in the packet 64 bits of random
|
||||||
|
|
Loading…
Reference in New Issue