diff options
Diffstat (limited to 'contrib/ntp/ntpd/ntp_crypto.c')
-rw-r--r-- | contrib/ntp/ntpd/ntp_crypto.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/contrib/ntp/ntpd/ntp_crypto.c b/contrib/ntp/ntpd/ntp_crypto.c index cce95a8e1ea3..37427f4ee6c5 100644 --- a/contrib/ntp/ntpd/ntp_crypto.c +++ b/contrib/ntp/ntpd/ntp_crypto.c @@ -864,12 +864,24 @@ crypto_recv( * errors. */ if (vallen == (u_int) EVP_PKEY_size(host_pkey)) { - RSA_private_decrypt(vallen, + u_int32 *cookiebuf = malloc( + RSA_size(host_pkey->pkey.rsa)); + if (cookiebuf == NULL) { + rval = XEVNT_CKY; + break; + } + if (RSA_private_decrypt(vallen, (u_char *)ep->pkt, - (u_char *)&temp32, + (u_char *)cookiebuf, host_pkey->pkey.rsa, - RSA_PKCS1_OAEP_PADDING); - cookie = ntohl(temp32); + RSA_PKCS1_OAEP_PADDING) != 4) { + rval = XEVNT_CKY; + free(cookiebuf); + break; + } else { + cookie = ntohl(*cookiebuf); + free(cookiebuf); + } } else { rval = XEVNT_CKY; break; @@ -3914,7 +3926,7 @@ crypto_setup(void) rand_file); exit (-1); } - get_systime(&seed); + arc4random_buf(&seed, sizeof(l_fp)); RAND_seed(&seed, sizeof(l_fp)); RAND_write_file(rand_file); OpenSSL_add_all_algorithms(); |