diff options
author | Conrad Meyer <cem@FreeBSD.org> | 2019-12-13 04:55:17 +0000 |
---|---|---|
committer | Conrad Meyer <cem@FreeBSD.org> | 2019-12-13 04:55:17 +0000 |
commit | d449578f86ece07f8f6071bb5a706db44966b585 (patch) | |
tree | ab31735e2293e5396b6cda56309fa2c9079c485b /lib/libradius | |
parent | cd5650407e16fa484050560765078c5d755d4bef (diff) | |
download | src-test-d449578f86ece07f8f6071bb5a706db44966b585.tar.gz src-test-d449578f86ece07f8f6071bb5a706db44966b585.zip |
libradius: Rip out dubious use of srandomdev(3)+random(3)
These functions appear to intend to produce unpredictable results. Just use
arc4random.
While here, use an explicit_bzero instead of memset where the intent is clearly
to zero out a secret (clear_passphrase).
Notes
Notes:
svn path=/head/; revision=355695
Diffstat (limited to 'lib/libradius')
-rw-r--r-- | lib/libradius/radlib.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 3b6460e26f0d0..e01c486a1ba63 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -79,7 +79,7 @@ static void clear_password(struct rad_handle *h) { if (h->pass_len != 0) { - memset(h->pass, 0, h->pass_len); + explicit_bzero(h->pass, h->pass_len); h->pass_len = 0; } h->pass_pos = 0; @@ -852,8 +852,8 @@ rad_create_request(struct rad_handle *h, int code) if (code == RAD_ACCESS_REQUEST) { /* Create a random authenticator */ for (i = 0; i < LEN_AUTH; i += 2) { - long r; - r = random(); + uint32_t r; + r = arc4random(); h->out[POS_AUTH+i] = (u_char)r; h->out[POS_AUTH+i+1] = (u_char)(r >> 8); } @@ -1051,10 +1051,9 @@ rad_auth_open(void) h = (struct rad_handle *)malloc(sizeof(struct rad_handle)); if (h != NULL) { - srandomdev(); h->fd = -1; h->num_servers = 0; - h->ident = random(); + h->ident = arc4random(); h->errmsg[0] = '\0'; memset(h->pass, 0, sizeof h->pass); h->pass_len = 0; |