mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 06:37:08 +00:00
- Fix Bad Randomness in Seed, reported by X41 D-Sec.
This commit is contained in:
parent
981fedea0e
commit
da4d6ffee3
@ -250,8 +250,6 @@ daemon_init(void)
|
||||
/* init timezone info while we are not chrooted yet */
|
||||
tzset();
|
||||
#endif
|
||||
/* open /dev/urandom if needed */
|
||||
ub_systemseed((unsigned)time(NULL)^(unsigned)getpid()^0xe67);
|
||||
daemon->need_to_exit = 0;
|
||||
modstack_init(&daemon->mods);
|
||||
if(!(daemon->env = (struct module_env*)calloc(1,
|
||||
|
@ -37,6 +37,7 @@
|
||||
- Fix Enum Name not Used, reported by X41 D-Sec.
|
||||
- Fix NULL Pointer Dereference via Control Port,
|
||||
reported by X41 D-Sec.
|
||||
- Fix Bad Randomness in Seed, reported by X41 D-Sec.
|
||||
|
||||
19 November 2019: Wouter
|
||||
- Fix CVE-2019-18934, shell execution in ipsecmod.
|
||||
|
@ -79,12 +79,6 @@
|
||||
#define MAX_VALUE 0x7fffffff
|
||||
|
||||
#if defined(HAVE_SSL)
|
||||
void
|
||||
ub_systemseed(unsigned int ATTR_UNUSED(seed))
|
||||
{
|
||||
/* arc4random_uniform does not need seeds, it gets kernel entropy */
|
||||
}
|
||||
|
||||
struct ub_randstate*
|
||||
ub_initstate(struct ub_randstate* ATTR_UNUSED(from))
|
||||
{
|
||||
@ -118,10 +112,6 @@ struct ub_randstate {
|
||||
int ready;
|
||||
};
|
||||
|
||||
void ub_systemseed(unsigned int ATTR_UNUSED(seed))
|
||||
{
|
||||
}
|
||||
|
||||
struct ub_randstate* ub_initstate(struct ub_randstate* ATTR_UNUSED(from))
|
||||
{
|
||||
struct ub_randstate* s = (struct ub_randstate*)calloc(1, sizeof(*s));
|
||||
@ -157,15 +147,6 @@ struct ub_randstate {
|
||||
int seeded;
|
||||
};
|
||||
|
||||
void ub_systemseed(unsigned int ATTR_UNUSED(seed))
|
||||
{
|
||||
/**
|
||||
* We seed on init and not here, as we need the ctx to re-seed.
|
||||
* This also means that re-seeding is not supported.
|
||||
*/
|
||||
log_err("Re-seeding not supported, generator untouched");
|
||||
}
|
||||
|
||||
struct ub_randstate* ub_initstate(struct ub_randstate* ATTR_UNUSED(from))
|
||||
{
|
||||
struct ub_randstate* s = (struct ub_randstate*)calloc(1, sizeof(*s));
|
||||
|
@ -47,14 +47,6 @@
|
||||
*/
|
||||
struct ub_randstate;
|
||||
|
||||
/**
|
||||
* Initialize the system randomness. Obtains entropy from the system
|
||||
* before a chroot or privilege makes it unavailable.
|
||||
* You do not have to call this, otherwise ub_initstate does so.
|
||||
* @param seed: seed value to create state (if no good entropy is found).
|
||||
*/
|
||||
void ub_systemseed(unsigned int seed);
|
||||
|
||||
/**
|
||||
* Initialize a random generator state for use
|
||||
* @param from: if not NULL, the seed is taken from this random structure.
|
||||
|
Loading…
Reference in New Issue
Block a user