On Wed, Dec 10, 2014 at 21:51, Max Fillinger wrote: > Here's a version without malloc'ing the key.
Looks like it still does? > + if (sip_key == NULL) { > + sip_key = malloc(SIPHASH_KEY_LENGTH); > + arc4random_buf(sip_key, > SIPHASH_KEY_LENGTH); > @@ -515,8 +516,8 @@ struct rsession { > struct ctl_relay_event se_in; > struct ctl_relay_event se_out; > void *se_priv; > - u_int32_t se_hashkey; > - int se_hashkeyset; > + SIPHASH_CTX se_hashctx; > + int se_hashctxset; This isn't really how the hash ctx is supposed to be used. relayd is doing something a little different here. I'll look at it eventually, but this isn't as straightforward as a mechanical conversion.