d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libtelnet: Replace bogus use of srandomdev + random to generate "public key pair"

Browse Source 
I'm pretty skeptical that any crypto in telnet is worth using, but if we're
ostensibly generating keys, arc4random is strictly better than the previous
construct.
This commit is contained in:
Conrad Meyer 2019-12-13 05:42:57 +00:00
parent 44d780e32b
commit 23c30549af
1 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
contrib/telnet/libtelnet/pk.c
View File

@ -142,12 +142,7 @@ common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey)
static void
getseed(char *seed, int seedsize)
{
int i;
srandomdev();
for (i = 0; i < seedsize; i++) {
seed[i] = random() & 0xff;
}
arc4random_buf(seed, seedsize);
}
/*