diff options
author | Matthieu Herrb <matthieu@herrb.eu> | 2017-02-28 19:18:43 +0100 |
---|---|---|
committer | Adam Jackson <ajax@redhat.com> | 2017-02-28 14:18:26 -0500 |
commit | ab15f65fe5d6d50e705c1064a6a5c1a0c2a8e045 (patch) | |
tree | 05e009185721815e12a56c71e7c4d7af9f1ea6fe | |
parent | 3f61c7a09b220805ee6778f4bf2f429e3df8e37a (diff) |
Use arc4random_buf(3) if available to generate cookies.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
(cherry picked from commit 957e8db38f27932d353e86e9aa69cf16778b18f1)
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | include/dix-config.h.in | 6 | ||||
-rw-r--r-- | os/auth.c | 7 |
3 files changed, 15 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 62cd547ef..610de09b4 100644 --- a/configure.ac +++ b/configure.ac @@ -225,6 +225,8 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\ timingsafe_memcmp]) AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"]) +AC_CHECK_LIB([bsd], [arc4random_buf]) + AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]]) dnl Check for SO_PEERCRED #define diff --git a/include/dix-config.h.in b/include/dix-config.h.in index 4b86c1a3c..d357910a6 100644 --- a/include/dix-config.h.in +++ b/include/dix-config.h.in @@ -125,6 +125,9 @@ /* Build a standalone xpbproxy */ #undef STANDALONE_XPBPROXY +/* Define to 1 if you have the `bsd' library (-lbsd). */ +#undef HAVE_LIBBSD + /* Define to 1 if you have the `m' library (-lm). */ #undef HAVE_LIBM @@ -161,6 +164,9 @@ /* Define to 1 if you have the <rpcsvc/dbm.h> header file. */ #undef HAVE_RPCSVC_DBM_H +/* Define to 1 if you have the `arc4random_buf' function. */ +#undef HAVE_ARC4RANDOM_BUF + /* Define to use libc SHA1 functions */ #undef HAVE_SHA1_IN_LIBC @@ -45,6 +45,9 @@ from The Open Group. #ifdef WIN32 #include <X11/Xw32defs.h> #endif +#ifdef HAVE_LIBBSD +#include <bsd/stdlib.h> /* for arc4random_buf() */ +#endif struct protocol { unsigned short name_length; @@ -303,11 +306,15 @@ GenerateAuthorization(unsigned name_length, void GenerateRandomData(int len, char *buf) { +#ifdef HAVE_ARC4RANDOMBUF + arc4random_buf(buf, len); +#else int fd; fd = open("/dev/urandom", O_RDONLY); read(fd, buf, len); close(fd); +#endif } #endif /* XCSECURITY */ |