1 files changed, 52 insertions, 0 deletions

diff --git a/share/security/patches/SA-00:52/tcp-iss.patch b/share/security/patches/SA-00:52/tcp-iss.patch
new file mode 100644
index 0000000000..0587a621dd
--- /dev/null
+++ b/share/security/patches/SA-00:52/tcp-iss.patch
@@ -0,0 +1,52 @@
+Index: tcp_seq.h
+===================================================================
+RCS file: /usr2/ncvs/src/sys/netinet/tcp_seq.h,v
+retrieving revision 1.11
+retrieving revision 1.12
+diff -u -r1.11 -r1.12
+--- tcp_seq.h	1999/12/29 04:41:02	1.11
++++ tcp_seq.h	2000/09/29 01:37:19	1.12
+@@ -31,7 +31,7 @@
+  * SUCH DAMAGE.
+  *
+  *	@(#)tcp_seq.h	8.3 (Berkeley) 6/21/95
+- * $FreeBSD: src/sys/netinet/tcp_seq.h,v 1.11 1999/12/29 04:41:02 peter Exp $
++ * $FreeBSD: src/sys/netinet/tcp_seq.h,v 1.12 2000/09/29 01:37:19 kris Exp $
+  */
+ 
+ #ifndef _NETINET_TCP_SEQ_H_
+@@ -91,7 +91,7 @@
+  * number in the range [0-0x3ffff] that is hard to predict.
+  */
+ #ifndef tcp_random18
+-#define	tcp_random18()	((random() >> 14) & 0x3ffff)
++#define	tcp_random18()	(arc4random() & 0x3ffff)
+ #endif
+ #define	TCP_ISSINCR	(122*1024 + tcp_random18())
+ 
+Index: tcp_subr.c
+===================================================================
+RCS file: /usr2/ncvs/src/sys/netinet/tcp_subr.c,v
+retrieving revision 1.80
+retrieving revision 1.81
+diff -u -r1.80 -r1.81
+--- tcp_subr.c	2000/09/25 23:40:22	1.80
++++ tcp_subr.c	2000/09/29 01:37:19	1.81
+@@ -31,7 +31,7 @@
+  * SUCH DAMAGE.
+  *
+  *	@(#)tcp_subr.c	8.2 (Berkeley) 5/24/95
+- * $FreeBSD: src/sys/netinet/tcp_subr.c,v 1.80 2000/09/25 23:40:22 bmilekic Exp $
++ * $FreeBSD: src/sys/netinet/tcp_subr.c,v 1.81 2000/09/29 01:37:19 kris Exp $
+  */
+ 
+ #include "opt_compat.h"
+@@ -178,7 +178,7 @@
+ {
+ 	int hashsize;
+ 	
+-	tcp_iss = random();	/* wrong, but better than a constant */
++	tcp_iss = arc4random();	/* wrong, but better than a constant */
+ 	tcp_ccgen = 1;
+ 	tcp_cleartaocache();
+