10 files changed, 18 insertions, 494 deletions
diff --git a/crypto/kerberosIV/admin/kdb_edit.c b/crypto/kerberosIV/admin/kdb_edit.c
index 1ba6aaf..1c1f95c 100644
--- a/crypto/kerberosIV/admin/kdb_edit.c
+++ b/crypto/kerberosIV/admin/kdb_edit.c
@@ -8,6 +8,7 @@
  * This routine changes the Kerberos encryption keys for principals,
  * i.e., users or services. 
  */
+/* $FreeBSD$ */
 
 /*
  * exit returns 	 0 ==> success -1 ==> error 
@@ -162,7 +163,7 @@ change_principal(void)
 			memset(new_key, 0, sizeof(des_cblock));
 			new_key[0] = 127;
 #else
-			des_new_random_key(&new_key);
+			des_random_key(new_key);
 #endif
 			memset(pw_str, 0, sizeof pw_str);
 		    }
@@ -384,9 +385,6 @@ main(int argc, char **argv)
 						    stdout)) < 0)
       return 1;
 
-    /* Initialize non shared random sequence */
-    des_init_random_number_generator(&master_key);
-
     /* lookup the default values */
     n = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST,
 			   &default_princ, 1, &more);
diff --git a/crypto/kerberosIV/admin/kdb_init.c b/crypto/kerberosIV/admin/kdb_init.c
index 0116ea2..ccec1f7 100644
--- a/crypto/kerberosIV/admin/kdb_init.c
+++ b/crypto/kerberosIV/admin/kdb_init.c
@@ -7,6 +7,7 @@
  * program to initialize the database,  reports error if database file
  * already exists. 
  */
+/* $FreeBSD$ */
 
 #include "adm_locl.h"
 
@@ -43,7 +44,7 @@ add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife)
         memset(new_key, 0, sizeof(des_cblock));
 	new_key[0] = 127;
 #else
-	des_new_random_key(&new_key);
+	des_random_key(new_key);
 #endif
 	kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule,
 			 DES_ENCRYPT);
@@ -142,9 +143,6 @@ main(int argc, char **argv)
     fprintf(stderr, "Wrote master key to %s\n", MKEYFILE);
 #endif
 
-    /* Initialize non shared random sequence */
-    des_init_random_number_generator(&master_key);
-
     /* Maximum lifetime for changepw.kerberos (kadmin) tickets, 10 minutes */
 #define ADMLIFE (1 + (CLOCK_SKEW/(5*60)))
 
diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c
index 76abda5..a0d5d83 100644
--- a/crypto/kerberosIV/kadmin/kadmin.c
+++ b/crypto/kerberosIV/kadmin/kadmin.c
@@ -18,6 +18,7 @@ this software for any purpose.  It is provided "as is" without express
 or implied warranty.
 
   */
+/* $FreeBSD$ */
 
 /*
  * Kerberos database administrator's tool.  
@@ -212,7 +213,7 @@ passwd_to_lowhigh(u_int32_t *low, u_int32_t *high, char *password, int byteswap)
 #ifdef NOENCRYPTION
 	memset(newkey, 0, sizeof(newkey));
 #else
-	des_new_random_key(&newkey);
+	des_random_key(newkey);
 #endif
     } else {
 #ifdef NOENCRYPTION
@@ -288,7 +289,6 @@ get_admin_password(void)
 	/* Initialize non shared random sequence from session key. */
 	memset(&c, 0, sizeof(c));
 	krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c);
-	des_init_random_number_generator(&c.session);
     }
     else
 	status = KDC_PR_UNKNOWN;
diff --git a/crypto/kerberosIV/kadmin/ksrvutil.c b/crypto/kerberosIV/kadmin/ksrvutil.c
index 38722a0..0770a03 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil.c
+++ b/crypto/kerberosIV/kadmin/ksrvutil.c
@@ -18,6 +18,7 @@ this software for any purpose.  It is provided "as is" without express
 or implied warranty.
 
   */
+/* $FreeBSD$ */
 
 /*
  * list and update contents of srvtab files
@@ -228,7 +229,7 @@ get_svc_new_key(des_cblock *new_key, char *sname, char *sinst,
 	memset(new_key, 0, sizeof(des_cblock));
 	(*new_key)[0] = (unsigned char) 1;
 #else /* NOENCRYPTION */
-	des_new_random_key(new_key);
+	des_random_key(*new_key);
 #endif /* NOENCRYPTION */
 	return(KADM_SUCCESS);
     }
@@ -494,17 +495,6 @@ main(int argc, char **argv)
 		    printf("Not changing this key.\n");
 		
 		if (change_this_key) {
-		    /*
-		     * This is not a good choice of seed when/if the
-		     * key has been compromised so we also use a
-		     * random sequence number!
-		     */
-		    des_init_random_number_generator(&old_key);
-		    {
-		        des_cblock seqnum;
-			des_generate_random_block(&seqnum);
-			des_set_sequence_number((unsigned char *)&seqnum);
-		    }
 		    /* 
 		     * Pick a new key and determine whether or not
 		     * it is safe to change
diff --git a/crypto/kerberosIV/kadmin/ksrvutil_get.c b/crypto/kerberosIV/kadmin/ksrvutil_get.c
index a08b10d..dc7b6c0 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil_get.c
+++ b/crypto/kerberosIV/kadmin/ksrvutil_get.c
@@ -30,6 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
+/* $FreeBSD$ */
 
 #include "kadm_locl.h"
 #include "ksrvutil.h"
@@ -82,11 +83,6 @@ get_admin_password(char *myname, char *myinst, char *myrealm)
     status = krb_get_pw_in_tkt(myname, myinst, myrealm, PWSERV_NAME, 
 			       KADM_SINST, ticket_life, admin_passwd);
     memset(admin_passwd, 0, sizeof(admin_passwd));
-    
-    /* Initialize non shared random sequence from session key. */
-    memset(&c, 0, sizeof(c));
-    krb_get_cred(PWSERV_NAME, KADM_SINST, myrealm, &c);
-    des_init_random_number_generator(&c.session);
   } else
     status = KDC_PR_UNKNOWN;
   
@@ -190,7 +186,7 @@ get_srvtab_ent(int unique_filename, int fd, char *filename,
     memset(&values, 0, sizeof(values));
     strlcpy(values.name, name, sizeof(values.name));
     strlcpy(values.instance, inst, sizeof(values.instance));
-    des_new_random_key(&newkey);
+    des_random_key(newkey);
     values.key_low = (newkey[0] << 24) | (newkey[1] << 16)
 	| (newkey[2] << 8) | (newkey[3] << 0);
     values.key_high = (newkey[4] << 24) | (newkey[5] << 16)
@@ -295,9 +291,7 @@ ksrvutil_kadm(int unique_filename, int fd, char *filename, struct srv_ent *p)
   }
   
   ret = krb_get_cred (PWSERV_NAME, KADM_SINST, u_realm, &c);
-  if (ret == KSUCCESS)
-    des_init_random_number_generator (&c.session);
-  else {
+  if (ret != KSUCCESS) {
     umask(077);
        
     /*
diff --git a/crypto/kerberosIV/kadmin/random_password.c b/crypto/kerberosIV/kadmin/random_password.c
index ec8309e..ca9855a 100644
--- a/crypto/kerberosIV/kadmin/random_password.c
+++ b/crypto/kerberosIV/kadmin/random_password.c
@@ -30,6 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
  * SUCH DAMAGE. 
  */
+/* $FreeBSD$ */
 
 #include "kadm_locl.h"
 
@@ -57,7 +58,7 @@ random_password(char *pw, size_t len, u_int32_t *low, u_int32_t *high)
 {
     des_cblock newkey;
 #ifdef OTP_STYLE
-    des_new_random_key(&newkey);
+    des_random_key(&newkey);
     otp_print_stddict (newkey, pw, len);
     strlwr(pw);
 #else
@@ -87,7 +88,7 @@ static int
 RND(des_cblock *key, int *left)
 {
     if(*left == 0){
-	des_new_random_key(key);
+	des_random_key(*key);
 	*left = 8;
     }
     (*left)--;
diff --git a/crypto/kerberosIV/server/kerberos.c b/crypto/kerberosIV/server/kerberos.c
index 9e0d9b3..f4ffbc1 100644
--- a/crypto/kerberosIV/server/kerberos.c
+++ b/crypto/kerberosIV/server/kerberos.c
@@ -334,7 +334,7 @@ kerberos(unsigned char *buf, int len,
 	life = min(life, s_name.max_life);
 	life = min(life, a_name.max_life);
     
-	des_new_random_key(&session);
+	des_random_key(session);
 	copy_to_key(&s_name.key_low, &s_name.key_high, key);
 	unseal(&key);
 	krb_create_ticket(tk, flags, a_name.name, a_name.instance, 
@@ -428,7 +428,7 @@ kerberos(unsigned char *buf, int len,
 	life = min(life, s_name.max_life);
 	copy_to_key(&s_name.key_low, &s_name.key_high, key);
 	unseal(&key);
-	des_new_random_key(&session);
+	des_random_key(session);
 	krb_create_ticket(tk, flags, ad.pname, ad.pinst, ad.prealm,
 			  client->sin_addr.s_addr, &session,
 			  life, kerb_time.tv_sec,
@@ -860,7 +860,6 @@ main(int argc, char **argv)
 
     fprintf(stdout, "\nCurrent Kerberos master key version is %d\n",
 	    master_key_version);
-    des_init_random_number_generator(&master_key);
 
     if (!rflag) {
 	/* Look up our local realm */
diff --git a/crypto/openssl/crypto/des/rnd_keys.c b/crypto/openssl/crypto/des/rnd_keys.c
deleted file mode 100644
index c2626c4..0000000
--- a/crypto/openssl/crypto/des/rnd_keys.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997, 1999 Kungliga Tekniska H�gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      H�gskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	$Id$
- * $FreeBSD$
- */
-
-#include <openssl/des.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <sys/time.h>
-#include <sys/resource.h>
-#include <fcntl.h>
-#include <signal.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-
-#ifndef RETSIGTYPE
-#define RETSIGTYPE void
-#define SIGRETURN(x) return
-#else
-#define SIGRETURN(x) return (RETSIGTYPE)(x)
-#endif
-
-/*
- * Generate "random" data by checksumming a file.
- *
- * Returns -1 if there were any problems with permissions or I/O
- * errors.
- */
-static
-int
-sumFile (const char *name, int len, void *res)
-{
-  u_int32_t sum[2];
-  u_int32_t buf[1024*2];
-  int fd, i;
-
-  fd = open (name, 0);
-  if (fd < 0)
-    return -1;
-
-  while (len > 0)
-    {
-      int n = read(fd, buf, sizeof(buf));
-      if (n < 0)
-	{
-	  close(fd);
-	  return n;
-	}
-      for (i = 0; i < (n/sizeof(buf[0])); i++)
-	{
-	  sum[0] += buf[i];
-	  i++;
-	  sum[1] += buf[i];
-	}
-      len -= n;
-    }
-  close (fd);
-  memcpy (res, &sum, sizeof(sum));
-  return 0;
-}
-
-/*
- * Create a sequence of random 64 bit blocks.
- * The sequence is indexed with a long long and 
- * based on an initial des key used as a seed.
- */
-static des_key_schedule sequence_seed;
-static u_int32_t sequence_index[2];
-
-/* 
- * Random number generator based on ideas from truerand in cryptolib
- * as described on page 424 in Applied Cryptography 2 ed. by Bruce
- * Schneier.
- */
-
-static volatile int counter;
-static volatile unsigned char *gdata; /* Global data */
-static volatile int igdata;	/* Index into global data */
-static int gsize;
-
-#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__)
-/* Visual C++ 4.0 (Windows95/NT) */
-
-static
-RETSIGTYPE
-sigALRM(int sig)
-{
-    if (igdata < gsize)
-	gdata[igdata++] ^= counter & 0xff;
-
-#ifndef HAVE_SIGACTION
-    signal(SIGALRM, sigALRM); /* Reinstall SysV signal handler */
-#endif
-    SIGRETURN(0);
-}
-
-#endif
-
-#if !defined(HAVE_RANDOM) && defined(HAVE_RAND)
-#ifndef srandom
-#define srandom srand
-#endif
-#ifndef random
-#define random rand
-#endif
-#endif
-
-static void
-des_not_rand_data(unsigned char *data, int size)
-{
-  int i;
-
-  srandom (time (NULL));
-
-  for(i = 0; i < size; ++i)
-    data[i] ^= random() % 0x100;
-}
-
-#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__)
-
-#ifndef HAVE_SETITIMER
-static void
-pacemaker(struct timeval *tv)
-{
-    fd_set fds;
-    pid_t pid;
-    pid = getppid();
-    while(1){
-	FD_ZERO(&fds);
-	FD_SET(0, &fds);
-	select(1, &fds, NULL, NULL, tv);
-	kill(pid, SIGALRM);
-    }
-}
-#endif
-
-#ifdef HAVE_SIGACTION
-/* XXX ugly hack, should perhaps use function from roken */
-static RETSIGTYPE 
-(*fake_signal(int sig, RETSIGTYPE (*f)(int)))(int)
-{
-    struct sigaction sa, osa;
-    sa.sa_handler = f;
-    sa.sa_flags = 0;
-    sigemptyset(&sa.sa_mask);
-    sigaction(sig, &sa, &osa);
-    return osa.sa_handler;
-}
-#define signal(S, F) fake_signal((S), (F))
-#endif
-
-/*
- * Generate size bytes of "random" data using timed interrupts.
- * It takes about 40ms/byte random data.
- * It's not neccessary to be root to run it.
- */
-void
-des_rand_data(unsigned char *data, int size)
-{
-    struct itimerval tv;
-#ifdef HAVE_SETITIMER
-    struct itimerval otv;
-#endif
-    RETSIGTYPE (*osa)(int);
-    int i, j;
-#ifndef HAVE_SETITIMER 
-    RETSIGTYPE (*ochld)(int);
-    pid_t pid;
-#endif
-    char *rnd_devices[] = {"/dev/random",
-			   "/dev/srandom",
-			   "/dev/urandom",
-			   NULL};
-    char **p;
-
-    for(p = rnd_devices; *p; p++) {
-      int fd = open(*p, O_RDONLY | O_NDELAY);
-      
-      if(fd >= 0 && read(fd, data, size) == size) {
-	close(fd);
-	return;
-      }
-      close(fd);
-    }
-
-    /* Paranoia? Initialize data from /dev/mem if we can read it. */
-    if (size >= 8)
-      sumFile("/dev/mem", (1024*1024*2), data);
-
-    gdata = data;
-    gsize = size;
-    igdata = 0;
-
-    osa = signal(SIGALRM, sigALRM);
-  
-    /* Start timer */
-    tv.it_value.tv_sec = 0;
-    tv.it_value.tv_usec = 10 * 1000; /* 10 ms */
-    tv.it_interval = tv.it_value;
-#ifdef HAVE_SETITIMER
-    setitimer(ITIMER_REAL, &tv, &otv);
-#else
-    ochld = signal(SIGCHLD, SIG_IGN);
-    pid = fork();
-    if(pid == -1){
-	signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL);
-	des_not_rand_data(data, size);
-	return;
-    }
-    if(pid == 0)
-	pacemaker(&tv.it_interval);
-#endif
-
-    for(i = 0; i < 4; i++) {
-	for (igdata = 0; igdata < size;) /* igdata++ in sigALRM */
-	    counter++;
-	for (j = 0; j < size; j++) /* Only use 2 bits each lap */
-	    gdata[j] = (gdata[j]>>2) | (gdata[j]<<6);
-    }
-#ifdef HAVE_SETITIMER
-    setitimer(ITIMER_REAL, &otv, 0);
-#else
-    kill(pid, SIGKILL);
-    while(waitpid(pid, NULL, 0) != pid);
-    signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL);
-#endif
-    signal(SIGALRM, osa != SIG_ERR ? osa : SIG_DFL);
-}
-#else
-void
-des_rand_data(unsigned char *p, int s)
-{
-  des_not_rand_data (p, s);
-}
-#endif
-
-void
-des_generate_random_block(des_cblock *block)
-{
-  des_rand_data((unsigned char *)block, sizeof(*block));
-}
-
-/*
- * Generate a "random" DES key.
- */
-void
-des_rand_data_key(des_cblock *key)
-{
-    unsigned char data[8];
-    des_key_schedule sched;
-    do {
-	des_rand_data(data, sizeof(data));
-	des_rand_data((unsigned char*)key, sizeof(des_cblock));
-	des_set_odd_parity(key);
-	des_key_sched(key, sched);
-	des_ecb_encrypt(&data, key, sched, DES_ENCRYPT);
-	memset(&data, 0, sizeof(data));
-	memset(&sched, 0, sizeof(sched));
-	des_set_odd_parity(key);
-    } while(des_is_weak_key(key));
-}
-
-/*
- * Generate "random" data by checksumming /dev/mem
- *
- * It's neccessary to be root to run it. Returns -1 if there were any
- * problems with permissions.
- */
-int
-des_mem_rand8(unsigned char *data)
-{
-  return 1;
-}
-
-/*
- * In case the generator does not get initialized use this as fallback.
- */
-static int initialized;
-
-static void
-do_initialize(void)
-{
-    des_cblock default_seed;
-    do {
-	des_generate_random_block(&default_seed);
-	des_set_odd_parity(&default_seed);
-    } while (des_is_weak_key(&default_seed));
-    des_init_random_number_generator(&default_seed);
-}
-
-#define zero_long_long(ll) do { ll[0] = ll[1] = 0; } while (0)
-
-#define incr_long_long(ll) do { if (++ll[0] == 0) ++ll[1]; } while (0)
-
-#define set_sequence_number(ll) \
-memcpy((char *)sequence_index, (ll), sizeof(sequence_index));
-
-/*
- * Set the sequnce number to this value (a long long).
- */
-void
-des_set_sequence_number(unsigned char *ll)
-{
-    set_sequence_number(ll);
-}
-
-/*
- * Set the generator seed and reset the sequence number to 0.
- */
-void
-des_set_random_generator_seed(des_cblock *seed)
-{
-    des_key_sched(seed, sequence_seed);
-    zero_long_long(sequence_index);
-    initialized = 1;
-}
-
-/*
- * Generate a sequence of random des keys
- * using the random block sequence, fixup
- * parity and skip weak keys.
- */
-int
-des_new_random_key(des_cblock *key)
-{
-    if (!initialized)
-	do_initialize();
-
-    do {
-	des_ecb_encrypt((des_cblock *) sequence_index,
-			key,
-			sequence_seed,
-			DES_ENCRYPT);
-	incr_long_long(sequence_index);
-	/* random key must have odd parity and not be weak */
-	des_set_odd_parity(key);
-    } while (des_is_weak_key(key));
-    return(0);
-}
-
-/*
- * des_init_random_number_generator:
- *
- * Initialize the sequence of random 64 bit blocks.  The input seed
- * can be a secret key since it should be well hidden and is also not
- * kept.
- *
- */
-void 
-des_init_random_number_generator(des_cblock *seed)
-{
-    struct timeval now;
-    des_cblock uniq;
-    des_cblock new_key;
-
-    gettimeofday(&now, (struct timezone *)0);
-    des_generate_random_block(&uniq);
-
-    /* Pick a unique random key from the shared sequence. */
-    des_set_random_generator_seed(seed);
-    set_sequence_number((unsigned char *)&uniq);
-    des_new_random_key(&new_key);
-
-    /* Select a new nonshared sequence, */
-    des_set_random_generator_seed(&new_key);
-
-    /* and use the current time to pick a key for the new sequence. */
-    set_sequence_number((unsigned char *)&now);
-    des_new_random_key(&new_key);
-    des_set_random_generator_seed(&new_key);
-}
-
-#ifdef TESTRUN
-int
-main()
-{
-    unsigned char data[8];
-    int i;
-
-    while (1)
-        {
-	    if (sumFile("/dev/mem", (1024*1024*8), data) != 0)
-	      { perror("sumFile"); exit(1); }
-            for (i = 0; i < 8; i++)
-                printf("%02x", data[i]);
-            printf("\n");
-        }
-}
-#endif
-
-#ifdef TESTRUN2
-int
-main()
-{
-    des_cblock data;
-    int i;
-
-    while (1)
-        {
-	    do_initialize();
-            des_random_key(data);
-            for (i = 0; i < 8; i++)
-                printf("%02x", data[i]);
-            printf("\n");
-        }
-}
-#endif
diff --git a/crypto/telnet/libtelnet/enc_des.c b/crypto/telnet/libtelnet/enc_des.c
index 5ac693b..cb70b57 100644
--- a/crypto/telnet/libtelnet/enc_des.c
+++ b/crypto/telnet/libtelnet/enc_des.c
@@ -54,7 +54,6 @@ static const char sccsid[] = "@(#)enc_des.c	8.3 (Berkeley) 5/30/95";
 #include "misc-proto.h"
 
 extern int encrypt_debug_mode;
-void des_set_random_generator_seed(des_cblock *); /* XXX */
 
 #define	CFB	0
 #define	OFB	1
@@ -75,7 +74,6 @@ struct fb {
 	int need_start;
 	int state[2];
 	int keyid[2];
-	int once;
 	struct stinfo {
 		Block		str_output;
 		Block		str_feed;
@@ -211,7 +209,7 @@ fb64_start(struct fb *fbp, int dir, int server __unused)
 		/*
 		 * Create a random feed and send it over.
 		 */
-		des_new_random_key((Block *)fbp->temp_feed);
+		des_random_key((Block *)fbp->temp_feed);
 		des_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed,
 				fbp->krbdes_sched, 1);
 		p = fbp->fb_feed + 3;
@@ -397,10 +395,6 @@ fb64_session(Session_Key *key, int server, struct fb *fbp)
 	fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]);
 	fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]);
 
-	if (fbp->once == 0) {
-		des_set_random_generator_seed((Block *)fbp->krbdes_key);
-		fbp->once = 1;
-	}
 	des_key_sched((Block *)fbp->krbdes_key, fbp->krbdes_sched);
 	/*
 	 * Now look to see if krbdes_start() was was waiting for
diff --git a/crypto/telnet/libtelnet/kerberos.c b/crypto/telnet/libtelnet/kerberos.c
index 39b2dd5..2380c27 100644
--- a/crypto/telnet/libtelnet/kerberos.c
+++ b/crypto/telnet/libtelnet/kerberos.c
@@ -207,8 +207,7 @@ kerberos4_send(Authenticator *ap)
 		register int i;
 
 		des_key_sched(&cred.session, sched);
-		des_init_random_number_generator(&cred.session);
-		des_new_random_key(&session_key);
+		des_random_key(&session_key);
 		des_ecb_encrypt(&session_key, &session_key, sched, 0);
 		des_ecb_encrypt(&session_key, &challenge, sched, 0);
 		/*
@@ -299,11 +298,6 @@ kerberos4_is(Authenticator *ap, unsigned char *data, int cnt)
 			break;
 		}
 
-		/*
-		 * Initialize the random number generator since it's
-		 * used later on by the encryption routine.
-		 */
-		des_init_random_number_generator(&session_key);
 		des_key_sched(&session_key, sched);
 		memmove((void *)datablock, (void *)data, sizeof(Block));
 		/*