From 04ad4ecc7b4b5db1bbe10372a6820ed88e2799e8 Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Fri, 31 Jul 2020 23:35:12 -0400
Subject: Use RAND_bytes instead of arc4random_buf

This adds an actual dependency on libcrypto, but removes a dependency on
BSD (or LibreSSL libcrypto specifically).
---
 bounce.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'bounce.c')

diff --git a/bounce.c b/bounce.c
index 8ed4234..c9b27b0 100644
--- a/bounce.c
+++ b/bounce.c
@@ -31,6 +31,7 @@
 #include <fcntl.h>
 #include <getopt.h>
 #include <limits.h>
+#include <openssl/rand.h>
 #include <poll.h>
 #include <pwd.h>
 #include <signal.h>
@@ -56,11 +57,14 @@
 bool verbose;
 
 static void hashPass(void) {
-	char *pass = getpass("Password: ");
 	byte rand[12];
-	arc4random_buf(rand, sizeof(rand));
+	int n = RAND_bytes(rand, sizeof(rand));
+	if (n < 1) errx(EX_OSERR, "RAND_bytes failure");
+
 	char salt[3 + BASE64_SIZE(sizeof(rand))] = "$6$";
 	base64(&salt[3], rand, sizeof(rand));
+
+	char *pass = getpass("Password: ");
 	printf("%s\n", crypt(pass, salt));
 }
 
-- 
cgit 1.4.1