cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openbsd-ports/net/putty/patches/patch-unix_uxnoise_c
sthen 78c8ee7d89 security update to PuTTY 0.73 
"This is a SECURITY UPDATE, fixing minor vulnerabilities affecting port
forwarding on Windows; bracketed paste mode in the terminal; and any
use of SSH-1. We recommend that anyone using those features should
update."
2019-09-30 08:45:39 +00:00

111 lines
2.9 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-unix_uxnoise_c,v 1.6 2019/09/30 08:45:39 sthen Exp $
Index: unix/uxnoise.c
--- unix/uxnoise.c.orig
+++ unix/uxnoise.c
@@ -18,25 +18,7 @@
static bool read_dev_urandom(char *buf, int len)
{
- int fd;
- int ngot, ret;
-
- fd = open("/dev/urandom", O_RDONLY);
- if (fd < 0)
- return false;
-
- ngot = 0;
- while (ngot < len) {
- ret = read(fd, buf+ngot, len-ngot);
- if (ret < 0) {
- close(fd);
- return false;
- }
- ngot += ret;
- }
-
- close(fd);
-
+ arc4random_buf(buf, len);
return true;
}
@@ -49,38 +31,11 @@ static bool read_dev_urandom(char *buf, int len)
void noise_get_heavy(void (*func) (void *, int))
{
- char buf[512];
- FILE *fp;
- int ret;
- bool got_dev_urandom = false;
+ char buf[32];
- if (read_dev_urandom(buf, 32)) {
- got_dev_urandom = true;
- func(buf, 32);
- }
+ if (read_dev_urandom(buf, sizeof(buf)))
+ func(buf, sizeof(buf));
- fp = popen("ps -axu 2>/dev/null", "r");
- if (fp) {
- while ( (ret = fread(buf, 1, sizeof(buf), fp)) > 0)
- func(buf, ret);
- pclose(fp);
- } else if (!got_dev_urandom) {
- fprintf(stderr, "popen: %s\n"
- "Unable to access fallback entropy source\n", strerror(errno));
- exit(1);
- }
-
- fp = popen("ls -al /tmp 2>/dev/null", "r");
- if (fp) {
- while ( (ret = fread(buf, 1, sizeof(buf), fp)) > 0)
- func(buf, ret);
- pclose(fp);
- } else if (!got_dev_urandom) {
- fprintf(stderr, "popen: %s\n"
- "Unable to access fallback entropy source\n", strerror(errno));
- exit(1);
- }
-
read_random_seed(func);
}
@@ -90,21 +45,12 @@ void noise_get_heavy(void (*func) (void *, int))
*/
void noise_regular(void)
{
- int fd;
- int ret;
- char buf[512];
+ u_int32_t buf[8];
struct rusage rusage;
- if ((fd = open("/proc/meminfo", O_RDONLY)) >= 0) {
- while ( (ret = read(fd, buf, sizeof(buf))) > 0)
- random_add_noise(NOISE_SOURCE_MEMINFO, buf, ret);
- close(fd);
- }
- if ((fd = open("/proc/stat", O_RDONLY)) >= 0) {
- while ( (ret = read(fd, buf, sizeof(buf))) > 0)
- random_add_noise(NOISE_SOURCE_STAT, buf, ret);
- close(fd);
- }
+ arc4random_buf(buf, 8);
+ random_add_noise(NOISE_SOURCE_ARC4RANDOM, buf, sizeof(buf));
+
getrusage(RUSAGE_SELF, &rusage);
random_add_noise(NOISE_SOURCE_RUSAGE, &rusage, sizeof(rusage));
}
@@ -117,6 +63,9 @@ void noise_regular(void)
void noise_ultralight(NoiseSourceId id, unsigned long data)
{
struct timeval tv;
+ u_int32_t r;
+ r = arc4random();
+ random_add_noise(NOISE_SOURCE_ARC4RANDOM, &r, sizeof(r));
gettimeofday(&tv, NULL);
random_add_noise(NOISE_SOURCE_TIME, &tv, sizeof(tv));
random_add_noise(id, &data, sizeof(data));
Reference in New Issue View Git Blame Copy Permalink