1 files changed, 17 insertions, 5 deletions

diff --git a/contrib/ntp/ntpd/ntp_crypto.c b/contrib/ntp/ntpd/ntp_crypto.c
index cce95a8e1ea3..37427f4ee6c5 100644
--- a/contrib/ntp/ntpd/ntp_crypto.c
+++ b/contrib/ntp/ntpd/ntp_crypto.c
@@ -864,12 +864,24 @@ crypto_recv(
 			 * errors.
 			 */
 			if (vallen == (u_int) EVP_PKEY_size(host_pkey)) {
-				RSA_private_decrypt(vallen,
+				u_int32 *cookiebuf = malloc(
+					RSA_size(host_pkey->pkey.rsa));
+				if (cookiebuf == NULL) {
+					rval = XEVNT_CKY;
+					break;
+				}
+				if (RSA_private_decrypt(vallen,
 				    (u_char *)ep->pkt,
-				    (u_char *)&temp32,
+				    (u_char *)cookiebuf,
 				    host_pkey->pkey.rsa,
-				    RSA_PKCS1_OAEP_PADDING);
-				cookie = ntohl(temp32);
+				    RSA_PKCS1_OAEP_PADDING) != 4) {
+					rval = XEVNT_CKY;
+					free(cookiebuf);
+					break;
+				} else {
+					cookie = ntohl(*cookiebuf);
+					free(cookiebuf);
+				}
 			} else {
 				rval = XEVNT_CKY;
 				break;
@@ -3914,7 +3926,7 @@ crypto_setup(void)
 		    rand_file);
 		exit (-1);
 	}
-	get_systime(&seed);
+	arc4random_buf(&seed, sizeof(l_fp));
 	RAND_seed(&seed, sizeof(l_fp));
 	RAND_write_file(rand_file);
 	OpenSSL_add_all_algorithms();