commit 76e95daad1f38e0ba8e7bf0554cadd6e3aaf5235
author Damien Miller <djm@mindrot.org> Fri Mar 07 18:31:24 2008 +1100
committer Damien Miller <djm@mindrot.org> Fri Mar 07 18:31:24 2008 +1100
tree d578b6faed195267a3b5d6dd036a1862c3ca79a3
parent 757a38a43b0820c3fb13dfbd0ab7d8e1f5a6eee1

   - djm@cvs.openbsd.org 2008/02/13 22:38:17
     [servconf.h session.c sshd.c]
     rekey arc4random and OpenSSL RNG in postauth child
     closefrom fds > 2 before shell/command execution
     ok markus@

sshd.c

diff --git a/sshd.c b/sshd.c
index 345ee43..2920b26 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.353 2007/12/31 15:27:04 dtucker Exp $ */
+/* $OpenBSD: sshd.c,v 1.354 2008/02/13 22:38:17 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -585,11 +585,12 @@
 {
 	u_int32_t rnd[256];
 	gid_t gidset[1];
-	int i;
+	u_int i;
 
 	/* Enable challenge-response authentication for privilege separation */
 	privsep_challenge_enable();
 
+	arc4random_stir();
 	for (i = 0; i < 256; i++)
 		rnd[i] = arc4random();
 	RAND_seed(rnd, sizeof(rnd));
@@ -664,6 +665,9 @@
 static void
 privsep_postauth(Authctxt *authctxt)
 {
+	u_int32_t rnd[256];
+	u_int i;
+
 #ifdef DISABLE_FD_PASSING
 	if (1) {
 #else
@@ -695,6 +699,11 @@
 	/* Demote the private keys to public keys. */
 	demote_sensitive_data();
 
+	arc4random_stir();
+	for (i = 0; i < 256; i++)
+		rnd[i] = arc4random();
+	RAND_seed(rnd, sizeof(rnd));
+
 	/* Drop privileges */
 	do_setusercontext(authctxt->pw);