Author: cem
Date: Fri Dec 13 04:55:17 2019
New Revision: 355695
URL: https://svnweb.freebsd.org/changeset/base/355695
Log:
libradius: Rip out dubious use of srandomdev(3)+random(3)
These functions appear to intend to produce unpredictable results. Just use
arc4random.
While here, use an explicit_bzero instead of memset where the intent is
clearly
to zero out a secret (clear_passphrase).
Modified:
head/lib/libradius/radlib.c
Modified: head/lib/libradius/radlib.c
==============================================================================
--- head/lib/libradius/radlib.c Fri Dec 13 04:48:20 2019 (r355694)
+++ head/lib/libradius/radlib.c Fri Dec 13 04:55:17 2019 (r355695)
@@ -79,7 +79,7 @@ static void
clear_password(struct rad_handle *h)
{
if (h->pass_len != 0) {
- memset(h->pass, 0, h->pass_len);
+ explicit_bzero(h->pass, h->pass_len);
h->pass_len = 0;
}
h->pass_pos = 0;
@@ -852,8 +852,8 @@ rad_create_request(struct rad_handle *h, int code)
if (code == RAD_ACCESS_REQUEST) {
/* Create a random authenticator */
for (i = 0; i < LEN_AUTH; i += 2) {
- long r;
- r = random();
+ uint32_t r;
+ r = arc4random();
h->out[POS_AUTH+i] = (u_char)r;
h->out[POS_AUTH+i+1] = (u_char)(r >> 8);
}
@@ -1051,10 +1051,9 @@ rad_auth_open(void)
h = (struct rad_handle *)malloc(sizeof(struct rad_handle));
if (h != NULL) {
- srandomdev();
h->fd = -1;
h->num_servers = 0;
- h->ident = random();
+ h->ident = arc4random();
h->errmsg[0] = '\0';
memset(h->pass, 0, sizeof h->pass);
h->pass_len = 0;
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
