===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/channels.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- src/usr.bin/ssh/channels.c	1999/09/26 20:53:34	1.1
+++ src/usr.bin/ssh/channels.c	1999/09/28 04:45:36	1.2
@@ -16,7 +16,7 @@
 */
 
 #include "includes.h"
-RCSID("$Id: channels.c,v 1.1 1999/09/26 20:53:34 deraadt Exp $");
+RCSID("$Id: channels.c,v 1.2 1999/09/28 04:45:36 provos Exp $");
 
 #ifndef HAVE_GETHOSTNAME
 #include <sys/utsname.h>
@@ -1334,14 +1334,14 @@
 /* Requests forwarding of X11 connections, generates fake authentication
    data, and enables authentication spoofing. */
 
-void x11_request_forwarding_with_spoofing(RandomState *state,
-					  const char *proto, const char *data)
+void x11_request_forwarding_with_spoofing(const char *proto, const char *data)
 {
   unsigned int data_len = (unsigned int)strlen(data) / 2;
   unsigned int i, value;
   char *new_data;
   int screen_number;
   const char *cp;
+  u_int32_t rand;
 
   cp = getenv("DISPLAY");
   if (cp)
@@ -1364,8 +1364,11 @@
     {
       if (sscanf(data + 2 * i, "%2x", &value) != 1)
 	fatal("x11_request_forwarding: bad authentication data: %.100s", data);
+      if (i % 4 == 0)
+	rand = arc4random();
       x11_saved_data[i] = value;
-      x11_fake_data[i] = random_get_byte(state);
+      x11_fake_data[i] = rand & 0xff;
+      rand >>= 8;
     }
   x11_saved_data_len = data_len;
   x11_fake_data_len = data_len;