system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-23 03:06:48 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

libradius: Rip out dubious use of srandomdev(3)+random(3)

Browse source 
These functions appear to intend to produce unpredictable results.  Just use
arc4random.

While here, use an explicit_bzero instead of memset where the intent is clearly
to zero out a secret (clear_passphrase).
This commit is contained in:
Conrad Meyer 2019-12-13 04:55:17 +00:00
parent cd5650407e
commit d449578f86
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=355695
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/libradius/radlib.c
View file

@ -79,7 +79,7 @@ static void
clear_password(struct rad_handle *h)
{
if (h->pass_len != 0) {
memset(h->pass, 0, h->pass_len);
explicit_bzero(h->pass, h->pass_len);
h->pass_len = 0;
}
h->pass_pos = 0;
@ -852,8 +852,8 @@ rad_create_request(struct rad_handle *h, int code)
if (code == RAD_ACCESS_REQUEST) {
/* Create a random authenticator */
for (i = 0; i < LEN_AUTH; i += 2) {
long r;
r = random();
uint32_t r;
r = arc4random();
h->out[POS_AUTH+i] = (u_char)r;
h->out[POS_AUTH+i+1] = (u_char)(r >> 8);
}
@ -1051,10 +1051,9 @@ rad_auth_open(void)
h = (struct rad_handle *)malloc(sizeof(struct rad_handle));
if (h != NULL) {
srandomdev();
h->fd = -1;
h->num_servers = 0;
h->ident = random();
h->ident = arc4random();
h->errmsg[0] = '\0';
memset(h->pass, 0, sizeof h->pass);
h->pass_len = 0;