The KAME IPSEC implementation at one point used its own pseudo-random

number generator, which was re-seeded via a timeout. Now centralized randomness/entropy is used, we can garbage collect the timeout and re-seeding code (which was largely a no-op). Discussed with: itojun, suz, JINMEI Tatuya < jinmei at isl dot rdc dot toshiba dot co dot jp >
2004-09-02 20:14:03 +00:00 · 2004-09-02 20:14:03 +00:00 · 71182fbeb6
commit 71182fbeb6
parent 23370e2835
1 changed files with 0 additions and 22 deletions
--- a/sys/netkey/key.c
+++ b/sys/netkey/key.c
@ -131,14 +131,12 @@ u_int32_t key_debug_level = 0;
 static u_int key_spi_trycnt = 1000;
 static u_int32_t key_spi_minval = 0x100;
 static u_int32_t key_spi_maxval = 0x0fffffff;	/* XXX */
-static u_int key_int_random = 60;	/*interval to initialize randseed,1(m)*/
 static u_int key_larval_lifetime = 30;	/* interval to expire acquiring, 30(s)*/
 static int key_blockacq_count = 10;	/* counter for blocking SADB_ACQUIRE.*/
 static int key_blockacq_lifetime = 20;	/* lifetime for blocking SADB_ACQUIRE.*/
 static int key_preferred_oldsa = 1;	/* preferred old sa rather than new sa.*/

 static u_int32_t acq_seq = 0;
-static int key_tick_init_random = 0;

 struct _satailq satailq;		/* list of all SAD entry */
 struct _sptailq sptailq;		/* SPD table + pcb */
@ -242,10 +240,6 @@ SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE,	spi_minval,	CTLFLAG_RW, \
 SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE,	spi_maxval,	CTLFLAG_RW, \
 	&key_spi_maxval,	0,	"");

-/* interval to initialize randseed */
-SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT,	int_random,	CTLFLAG_RW, \
-	&key_int_random,	0,	"");
-
 /* lifetime for larval SA */
 SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME,	larval_lifetime, CTLFLAG_RW, \
 	&key_larval_lifetime,	0,	"");
@ -435,7 +429,6 @@ static int key_cmpsaidx(struct secasindex *, struct secasindex *, int);

 static int key_sockaddrcmp(struct sockaddr *, struct sockaddr *, int);
 static int key_bbcmp(caddr_t, caddr_t, u_int);
-static void key_srandom(void);
 static u_long key_random(void);
 static u_int16_t key_satype2proto(u_int8_t);
 static u_int8_t key_proto2satype(u_int16_t);
@ -4534,12 +4527,6 @@ key_timehandler(arg)
 	}
    }

-	/* initialize random seed */
-	if (key_tick_init_random++ > key_int_random) {
-		key_tick_init_random = 0;
-		key_srandom();
-	}
-
 	/*
 	 * should set timeout based on the most closest timer expiration.
 	 * we don't bother to do that yet.
@ -4550,15 +4537,6 @@ key_timehandler(arg)
 	return;
 }

-/*
- * to initialize a seed for random()
- */
-static void
-key_srandom()
-{
-	return;
-}
-
 static u_long
 key_random()
 {