File U_Use-arc4random-when-available-to-produce-the-XDM-AUT.patch of Package libXdmcp.6605
From 66514a4af7eaa47e8718434356d7efce95e570cf Mon Sep 17 00:00:00 2001
From: Matthieu Herrb <matthieu.herrb@laas.fr>
Date: Sun, 4 Aug 2013 10:42:57 +0200
Subject: [PATCH] Use arc4random when available to produce the
XDM-AUTHENTICATION1 key
arc4random() and associated functions can be found in libbsd on
GNU/Linux systems.
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
Key.c | 10 ++++++++++
configure.ac | 3 ++-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/Key.c b/Key.c
index aa4add6..a09b316 100644
--- a/Key.c
+++ b/Key.c
@@ -32,6 +32,11 @@ in this Software without prior written authorization from The Open Group.
#include <X11/Xmd.h>
#include <X11/Xdmcp.h>
+#ifdef HAVE_LIBBSD
+#include <bsd/stdlib.h> /* for arc4random_buf() */
+#endif
+
+#ifndef HAVE_ARC4RANDOM_BUF
static void
getbits (long data, unsigned char *dst)
{
@@ -40,6 +45,7 @@ getbits (long data, unsigned char *dst)
dst[2] = (data >> 16) & 0xff;
dst[3] = (data >> 24) & 0xff;
}
+#endif
#define Time_t time_t
@@ -59,6 +65,7 @@ getbits (long data, unsigned char *dst)
void
XdmcpGenerateKey (XdmAuthKeyPtr key)
{
+#ifndef HAVE_ARC4RANDOM_BUF
long lowbits, highbits;
srandom ((int)getpid() ^ time((Time_t *)0));
@@ -66,6 +73,9 @@ XdmcpGenerateKey (XdmAuthKeyPtr key)
highbits = random ();
getbits (lowbits, key->data);
getbits (highbits, key->data + 4);
+#else
+ arc4random_buf(key->data, 8);
+#endif
}
int
diff --git a/configure.ac b/configure.ac
index 08c046a..d8ddfae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -53,7 +53,8 @@ AC_PROG_LN_S
AC_SEARCH_LIBS([recvfrom],[socket])
# Checks for library functions.
-AC_CHECK_FUNCS([srand48 lrand48])
+AC_CHECK_LIB([bsd], [arc4random_buf])
+AC_CHECK_FUNCS([srand48 lrand48 arc4random_buf])
# Obtain compiler/linker options for depedencies
PKG_CHECK_MODULES(XDMCP, xproto)
--
2.12.3
