The NTP daemon and utilities
CentOS Sources
2014-12-20 c054b85192ea340529fc9a659cac7ea6b893b50e
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
diff -up ntp-4.2.6p5/ntpd/ntp_config.c.cve-2014-9293 ntp-4.2.6p5/ntpd/ntp_config.c
--- ntp-4.2.6p5/ntpd/ntp_config.c.cve-2014-9293    2014-12-19 16:24:18.297578337 +0100
+++ ntp-4.2.6p5/ntpd/ntp_config.c    2014-12-19 16:24:18.311578368 +0100
@@ -1866,13 +1866,16 @@ config_auth(
         req_hashlen = digest_len;
 #endif
     } else {
-        int    rankey;
+        unsigned char rankey[16];
+
+        if (ntp_crypto_random_buf(rankey, sizeof (rankey))) {
+            msyslog(LOG_ERR, "ntp_crypto_random_buf() failed.");
+            exit(1);
+        }
 
-        rankey = ntp_random();
         req_keytype = NID_md5;
         req_hashlen = 16;
-        MD5auth_setkey(req_keyid, req_keytype,
-            (u_char *)&rankey, sizeof(rankey));
+        MD5auth_setkey(req_keyid, req_keytype, rankey, sizeof(rankey));
         authtrust(req_keyid, 1);
     }
 
diff -up ntp-4.2.6p5/ntpd/ntpd.c.cve-2014-9293 ntp-4.2.6p5/ntpd/ntpd.c
--- ntp-4.2.6p5/ntpd/ntpd.c.cve-2014-9293    2014-12-19 16:24:02.000000000 +0100
+++ ntp-4.2.6p5/ntpd/ntpd.c    2014-12-19 16:24:18.298578339 +0100
@@ -593,6 +593,7 @@ ntpdmain(
     get_systime(&now);
 
     ntp_srandom((int)(now.l_i * now.l_uf));
+    ntp_crypto_srandom();
 
 #if !defined(VMS)
 # ifndef NODETACH