diff options
author | rwatson <rwatson@FreeBSD.org> | 2004-09-02 20:14:03 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2004-09-02 20:14:03 +0000 |
commit | a8577595a7fe75f9b4713f2b233d396b775fc64c (patch) | |
tree | 3976fa04612bdeff4306d4de95304d3c6f2550a9 /sys/netkey/key.c | |
parent | fd7620677ff325bc33133aaf3b18a180d7763e9b (diff) | |
download | FreeBSD-src-a8577595a7fe75f9b4713f2b233d396b775fc64c.zip FreeBSD-src-a8577595a7fe75f9b4713f2b233d396b775fc64c.tar.gz |
The KAME IPSEC implementation at one point used its own pseudo-random
number generator, which was re-seeded via a timeout. Now centralized
randomness/entropy is used, we can garbage collect the timeout and
re-seeding code (which was largely a no-op).
Discussed with: itojun, suz, JINMEI Tatuya < jinmei at isl dot rdc dot toshiba dot co dot jp >
Diffstat (limited to 'sys/netkey/key.c')
-rw-r--r-- | sys/netkey/key.c | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/sys/netkey/key.c b/sys/netkey/key.c index 58eafc2..c60772d 100644 --- a/sys/netkey/key.c +++ b/sys/netkey/key.c @@ -131,14 +131,12 @@ u_int32_t key_debug_level = 0; static u_int key_spi_trycnt = 1000; static u_int32_t key_spi_minval = 0x100; static u_int32_t key_spi_maxval = 0x0fffffff; /* XXX */ -static u_int key_int_random = 60; /*interval to initialize randseed,1(m)*/ static u_int key_larval_lifetime = 30; /* interval to expire acquiring, 30(s)*/ static int key_blockacq_count = 10; /* counter for blocking SADB_ACQUIRE.*/ static int key_blockacq_lifetime = 20; /* lifetime for blocking SADB_ACQUIRE.*/ static int key_preferred_oldsa = 1; /* preferred old sa rather than new sa.*/ static u_int32_t acq_seq = 0; -static int key_tick_init_random = 0; struct _satailq satailq; /* list of all SAD entry */ struct _sptailq sptailq; /* SPD table + pcb */ @@ -242,10 +240,6 @@ SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval, CTLFLAG_RW, \ SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval, CTLFLAG_RW, \ &key_spi_maxval, 0, ""); -/* interval to initialize randseed */ -SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random, CTLFLAG_RW, \ - &key_int_random, 0, ""); - /* lifetime for larval SA */ SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime, CTLFLAG_RW, \ &key_larval_lifetime, 0, ""); @@ -435,7 +429,6 @@ static int key_cmpsaidx(struct secasindex *, struct secasindex *, int); static int key_sockaddrcmp(struct sockaddr *, struct sockaddr *, int); static int key_bbcmp(caddr_t, caddr_t, u_int); -static void key_srandom(void); static u_long key_random(void); static u_int16_t key_satype2proto(u_int8_t); static u_int8_t key_proto2satype(u_int16_t); @@ -4534,12 +4527,6 @@ key_timehandler(arg) } } - /* initialize random seed */ - if (key_tick_init_random++ > key_int_random) { - key_tick_init_random = 0; - key_srandom(); - } - /* * should set timeout based on the most closest timer expiration. * we don't bother to do that yet. @@ -4550,15 +4537,6 @@ key_timehandler(arg) return; } -/* - * to initialize a seed for random() - */ -static void -key_srandom() -{ - return; -} - static u_long key_random() { |