From 85b016137f0bd9cf3b15129668f9d794a71c6d34 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 22 Oct 2014 13:54:03 +0000
Subject: Use arc4random_buf() instead of RAND(_pseudo)?_bytes().

ok bcook@
---
 src/usr.bin/openssl/s_cb.c | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

(limited to 'src/usr.bin/openssl/s_cb.c')

diff --git a/src/usr.bin/openssl/s_cb.c b/src/usr.bin/openssl/s_cb.c
index 2e00abe7f1..f7d8a323a6 100644
--- a/src/usr.bin/openssl/s_cb.c
+++ b/src/usr.bin/openssl/s_cb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_cb.c,v 1.1 2014/08/26 17:47:25 jsing Exp $ */
+/* $OpenBSD: s_cb.c,v 1.2 2014/10/22 13:54:03 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -121,7 +121,6 @@
 #include "apps.h"
 
 #include <openssl/err.h>
-#include <openssl/rand.h>
 #include <openssl/ssl.h>
 #include <openssl/x509.h>
 
@@ -728,11 +727,7 @@ generate_cookie_callback(SSL * ssl, unsigned char *cookie,
 
 	/* Initialize a random secret */
 	if (!cookie_initialized) {
-		if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) {
-			BIO_printf(bio_err,
-			    "error setting random cookie secret\n");
-			return 0;
-		}
+		arc4random_buf(cookie_secret, COOKIE_SECRET_LENGTH);
 		cookie_initialized = 1;
 	}
 	/* Read peer information */
-- 
cgit v1.2.3-55-g6feb