From a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 22 Oct 2014 13:02:04 +0000
Subject: Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().

arc4random_buf() is guaranteed to always succeed - it is worth noting
that a number of the replaced function calls were already missing return
value checks.

ok deraadt@
---
 src/lib/libcrypto/rand/randfile.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src/lib/libcrypto/rand/randfile.c')

diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index dca49b10aa..e54a009420 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: randfile.c,v 1.39 2014/07/14 00:01:39 deraadt Exp $ */
+/* $OpenBSD: randfile.c,v 1.40 2014/10/22 13:02:04 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -118,8 +118,7 @@ RAND_write_file(const char *file)
 	for (;;) {
 		i = (n > BUFSIZE) ? BUFSIZE : n;
 		n -= BUFSIZE;
-		if (RAND_bytes(buf, i) <= 0)
-			rand_err = 1;
+		arc4random_buf(buf, i);
 		i = fwrite(buf, 1, i, out);
 		if (i <= 0) {
 			ret = 0;
-- 
cgit v1.2.3-55-g6feb