From 85b016137f0bd9cf3b15129668f9d794a71c6d34 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 22 Oct 2014 13:54:03 +0000
Subject: Use arc4random_buf() instead of RAND(_pseudo)?_bytes().

ok bcook@
---
 src/usr.bin/openssl/enc.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/usr.bin/openssl/enc.c')

diff --git a/src/usr.bin/openssl/enc.c b/src/usr.bin/openssl/enc.c
index 1a3b8f21b3..b5aaab9842 100644
--- a/src/usr.bin/openssl/enc.c
+++ b/src/usr.bin/openssl/enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: enc.c,v 1.2 2014/09/01 20:54:37 doug Exp $ */
+/* $OpenBSD: enc.c,v 1.3 2014/10/22 13:54:03 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -69,7 +69,6 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/x509.h>
 
 int set_hex(char *in, unsigned char *out, int size);
@@ -461,8 +460,9 @@ enc_main(int argc, char **argv)
 							    "invalid hex salt value\n");
 							goto end;
 						}
-					} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
-						goto end;
+					} else
+						arc4random_buf(salt,
+						    sizeof(salt));
 					/*
 					 * If -P option then don't bother
 					 * writing
-- 
cgit v1.2.3-55-g6feb