|
 |
f974d29 |
diff -up openssh-5.3p1/ssh-add.c.randclean openssh-5.3p1/ssh-add.c
|
|
|
f974d29 |
--- openssh-5.3p1/ssh-add.c.randclean 2010-01-20 19:13:28.000000000 +0100
|
|
|
f974d29 |
+++ openssh-5.3p1/ssh-add.c 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
@@ -41,6 +41,7 @@
|
|
|
f974d29 |
#include <sys/stat.h>
|
|
|
f974d29 |
#include <sys/param.h>
|
|
|
f974d29 |
|
|
|
f974d29 |
+#include <openssl/rand.h>
|
|
|
f974d29 |
#include <openssl/evp.h>
|
|
|
f974d29 |
#include <openssl/fips.h>
|
|
|
f974d29 |
#include "openbsd-compat/openssl-compat.h"
|
|
|
f974d29 |
@@ -471,6 +472,9 @@ main(int argc, char **argv)
|
|
|
f974d29 |
int use_nss = 0;
|
|
|
f974d29 |
#endif
|
|
|
f974d29 |
|
|
|
f974d29 |
+ /* clean the PRNG status when exiting the program */
|
|
|
f974d29 |
+ atexit(RAND_cleanup);
|
|
|
f974d29 |
+
|
|
|
f974d29 |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
|
f974d29 |
sanitise_stdfd();
|
|
|
f974d29 |
|
|
|
f974d29 |
diff -up openssh-5.3p1/ssh.c.randclean openssh-5.3p1/ssh.c
|
|
|
f974d29 |
--- openssh-5.3p1/ssh.c.randclean 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
+++ openssh-5.3p1/ssh.c 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
@@ -70,6 +70,7 @@
|
|
|
f974d29 |
#include <netinet/in.h>
|
|
|
f974d29 |
#include <arpa/inet.h>
|
|
|
f974d29 |
|
|
|
f974d29 |
+#include <openssl/rand.h>
|
|
|
f974d29 |
#include <openssl/evp.h>
|
|
|
f974d29 |
#include <openssl/err.h>
|
|
|
f974d29 |
#include <openssl/fips.h>
|
|
|
f974d29 |
@@ -220,6 +221,9 @@ main(int ac, char **av)
|
|
|
f974d29 |
struct servent *sp;
|
|
|
f974d29 |
Forward fwd;
|
|
|
f974d29 |
|
|
|
f974d29 |
+ /* clean the PRNG status when exiting the program */
|
|
|
f974d29 |
+ atexit(RAND_cleanup);
|
|
|
f974d29 |
+
|
|
|
f974d29 |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
|
f974d29 |
sanitise_stdfd();
|
|
|
f974d29 |
|
|
|
f974d29 |
diff -up openssh-5.3p1/sshd.c.randclean openssh-5.3p1/sshd.c
|
|
|
f974d29 |
--- openssh-5.3p1/sshd.c.randclean 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
+++ openssh-5.3p1/sshd.c 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
@@ -1263,6 +1263,9 @@ main(int ac, char **av)
|
|
|
f974d29 |
Key *key;
|
|
|
f974d29 |
Authctxt *authctxt;
|
|
|
f974d29 |
|
|
|
f974d29 |
+ /* clean the PRNG status when exiting the program */
|
|
|
f974d29 |
+ atexit(RAND_cleanup);
|
|
|
f974d29 |
+
|
|
|
f974d29 |
#ifdef HAVE_SECUREWARE
|
|
|
f974d29 |
(void)set_auth_parameters(ac, av);
|
|
|
f974d29 |
#endif
|
|
|
f974d29 |
diff -up openssh-5.3p1/ssh-keygen.c.randclean openssh-5.3p1/ssh-keygen.c
|
|
|
f974d29 |
--- openssh-5.3p1/ssh-keygen.c.randclean 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
+++ openssh-5.3p1/ssh-keygen.c 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
@@ -19,6 +19,7 @@
|
|
|
f974d29 |
#include <sys/stat.h>
|
|
|
f974d29 |
#include <sys/param.h>
|
|
|
f974d29 |
|
|
|
f974d29 |
+#include <openssl/rand.h>
|
|
|
f974d29 |
#include <openssl/evp.h>
|
|
|
f974d29 |
#include <openssl/pem.h>
|
|
|
f974d29 |
#include <openssl/fips.h>
|
|
|
f974d29 |
@@ -1120,6 +1121,9 @@ main(int argc, char **argv)
|
|
|
f974d29 |
extern int optind;
|
|
|
f974d29 |
extern char *optarg;
|
|
|
f974d29 |
|
|
|
f974d29 |
+ /* clean the PRNG status when exiting the program */
|
|
|
f974d29 |
+ atexit(RAND_cleanup);
|
|
|
f974d29 |
+
|
|
|
f974d29 |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
|
f974d29 |
sanitise_stdfd();
|
|
|
f974d29 |
|
|
|
f974d29 |
diff -up openssh-5.3p1/ssh-keyscan.c.randclean openssh-5.3p1/ssh-keyscan.c
|
|
|
f974d29 |
--- openssh-5.3p1/ssh-keyscan.c.randclean 2009-01-28 06:31:23.000000000 +0100
|
|
|
f974d29 |
+++ openssh-5.3p1/ssh-keyscan.c 2010-01-20 19:21:16.000000000 +0100
|
|
|
f974d29 |
@@ -18,6 +18,7 @@
|
|
|
f974d29 |
#include <netinet/in.h>
|
|
|
f974d29 |
#include <arpa/inet.h>
|
|
|
f974d29 |
|
|
|
f974d29 |
+#include <openssl/rand.h>
|
|
|
f974d29 |
#include <openssl/bn.h>
|
|
|
f974d29 |
|
|
|
f974d29 |
#include <netdb.h>
|
|
|
f974d29 |
@@ -730,6 +731,9 @@ main(int argc, char **argv)
|
|
|
f974d29 |
extern int optind;
|
|
|
f974d29 |
extern char *optarg;
|
|
|
f974d29 |
|
|
|
f974d29 |
+ /* clean the PRNG status when exiting the program */
|
|
|
f974d29 |
+ atexit(RAND_cleanup);
|
|
|
f974d29 |
+
|
|
|
f974d29 |
__progname = ssh_get_progname(argv[0]);
|
|
|
f974d29 |
init_rng();
|
|
|
f974d29 |
seed_rng();
|
|
|
f974d29 |
diff -up openssh-5.3p1/ssh-keysign.c.randclean openssh-5.3p1/ssh-keysign.c
|
|
|
f974d29 |
--- openssh-5.3p1/ssh-keysign.c.randclean 2006-09-01 07:38:37.000000000 +0200
|
|
|
f974d29 |
+++ openssh-5.3p1/ssh-keysign.c 2010-01-20 19:13:29.000000000 +0100
|
|
|
f974d29 |
@@ -158,6 +158,9 @@ main(int argc, char **argv)
|
|
|
f974d29 |
u_int slen, dlen;
|
|
|
f974d29 |
u_int32_t rnd[256];
|
|
|
f974d29 |
|
|
|
f974d29 |
+ /* clean the PRNG status when exiting the program */
|
|
|
f974d29 |
+ atexit(RAND_cleanup);
|
|
|
f974d29 |
+
|
|
|
f974d29 |
/* Ensure that stdin and stdout are connected */
|
|
|
f974d29 |
if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
|
|
|
f974d29 |
exit(1);
|