--- backend/xdmcp.c 23 Mar 2002 14:32:56 -0000 1.19

diff -u -5 -d -p -r1.19 -r1.19.2.2
--- backend/xdmcp.c 23 Mar 2002 14:32:56 -0000 1.19
+++ backend/xdmcp.c 10 Sep 2003 13:53:33 -0000 1.19.2.2
@@ -36,10 +36,13 @@ from The Open Group.
* xdmcp.c - Support for XDMCP
*/

#include "dm.h"
#include "dm_error.h"
+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+# include "dm_auth.h"
+#endif

#ifdef XDMCP

#include "dm_auth.h"
#include "dm_socket.h"
@@ -1251,10 +1252,13 @@ WaitForSomething (void)
#else
nready = select (WellKnownSocketsMax + 1, &reads, 0, 0, 0);
#endif
Debug ("select returns %d. Rescan: %d ChildReady: %d ChkUtmp: %d\n",
nready, Rescan, ChildReady, ChkUtmp);
+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+ AddTimerEntropy ();
+#endif
if (nready > 0)
{
#ifdef XDMCP
if (xdmcpFd >= 0 && FD_ISSET (xdmcpFd, &reads))
{
@@ -1280,9 +1284,13 @@ WaitForSomething (void)
}
if (ChildReady)
{
WaitForChild ();
}
- } else
+ } else {
WaitForChild ();
+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+ AddTimerEntropy ();
+#endif
+ }
}

diff -u -5 -d -p -r1.36.2.3 -r1.36.2.5
--- backend/dm.c 12 Dec 2002 18:26:40 -0000 1.36.2.3
+++ backend/dm.c 10 Sep 2003 13:53:33 -0000 1.36.2.5
@@ -268,10 +268,14 @@ main (int argc, char **argv)
LogError ("Can't lock pid file %s, another xdm is running (pid %d)\n",
pidFile, oldpid);
exit (1);
}

+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+ AddOtherEntropy ();
+#endif
+
/*
* We used to clean up old authorization files here. As authDir is
* supposed to be /var/run/xauth or /tmp, we needn't to care for it.
*/

@@ -1149,10 +1153,13 @@ WaitForChild (void)
{
Debug ("Unknown child termination\n");
}
}
StartDisplays ();
+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+ AddOtherEntropy ();
+#endif
}

static void
CheckDisplayStatus (struct display *d)
{
--- backend/dm.h 11 Aug 2002 10:28:10 -0000 1.40.2.2
+++ backend/dm.h 3 Sep 2003 21:24:17 -0000
@@ -341,4 +341,5 @@
extern char **exportList;
extern char *randomFile;
+extern char *randomDevice;
extern char *willing;
extern int choiceTimeout; /* chooser choice timeout */
@@ -542,4 +543,10 @@

SIGVAL (*Signal(int, SIGFUNC Handler))(int);
+
+/* the i-don't-want-to-change-configure hack */
+#ifdef DEV_RANDOM
+# undef DEV_RANDOM
+# define DEV_RANDOM "/dev/urandom"
+#endif

#endif /* _DM_H_ */
--- backend/dm_auth.h 12 Jan 2002 19:32:03 -0000 2.4
+++ backend/dm_auth.h 3 Sep 2003 21:24:18 -0000
@@ -93,5 +93,10 @@

/* genauth.c */
-extern void GenerateAuthData (char *auth, int len);
+extern int GenerateAuthData (char *auth, int len);
+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+extern void AddPreGetEntropy (void);
+extern void AddOtherEntropy (void);
+extern void AddTimerEntropy (void);
+#endif

#endif /* _DM_AUTH_H_ */
--- backend/genauth.c 23 Mar 2002 14:32:55 -0000 1.22
+++ backend/genauth.c 3 Sep 2003 21:24:18 -0000
@@ -42,229 +42,334 @@
#include <X11/Xos.h>

-static unsigned char key[8];
-
-#ifdef HASXDMAUTH
-
-#ifndef X_GETTIMEOFDAY
-/* WABA: According to the man page gettimeofday takes a second argument */
-/* if this breaks on your system, we need to have a configure test. */
-# define X_GETTIMEOFDAY(t) gettimeofday(t, NULL)
-#endif
+#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)

-typedef unsigned char auth_cblock[8]; /* block size */
+/* ####################################################################### */

-typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16];
+/*
+ * Stolen from the Linux kernel.
+ *
+ * Copyright Theodore Ts'o, 1994, 1995, 1996, 1997, 1998, 1999. All
+ * rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
+ * WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+ * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ */

-extern void _XdmcpWrapperToOddParity(unsigned char *, unsigned char *);
-extern void _XdmcpAuthSetup (unsigned char *, auth_wrapper_schedule);
-extern void _XdmcpAuthDoIt (unsigned char *, unsigned char *, auth_wrapper_schedule, int);
+static unsigned epool[32], erotate, eadd_ptr;

static void
-longtochars (long l, unsigned char *c)
+add_entropy (unsigned const *in, int nwords)
{
- c[0] = (l >> 24) & 0xff;
- c[1] = (l >> 16) & 0xff;
- c[2] = (l >> 8) & 0xff;
- c[3] = l & 0xff;
+ static unsigned const twist_table[8] = {
+ 0, 0x3b6e20c8, 0x76dc4190, 0x4db26158,
+ 0xedb88320, 0xd6d6a3e8, 0x9b64c2b0, 0xa00ae278 };
+ unsigned i, w;
+ int new_rotate;
+
+ while (nwords--) {
+ w = *in++;
+ w = (w<<erotate | w>>(32-erotate)) & 0xffffffff;
+ i = eadd_ptr = (eadd_ptr - 1) & 31;
+ new_rotate = erotate + 14;
+ if (i)
+ new_rotate = erotate + 7;
+ erotate = new_rotate & 31;
+ w ^= epool[(i + 26) & 31];
+ w ^= epool[(i + 20) & 31];
+ w ^= epool[(i + 14) & 31];
+ w ^= epool[(i + 7) & 31];
+ w ^= epool[(i + 1) & 31];
+ w ^= epool[i];
+ epool[i] = (w >> 3) ^ twist_table[w & 7];
+ }
}

-#endif
+/* ####################################################################### */

-# define FILE_LIMIT 1024 /* no more than this many buffers */
+/*
+ * This code implements something close to the MD5 message-digest
+ * algorithm. This code is based on code written by Colin Plumb
+ * in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ */

-#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
-static int
-sumFile (const char *name, long sum[2])
-{
- long buf[1024*2];
- int cnt;
- int fd;
- int loops;
- int reads;
- int i;
- int ret_status = 0;
-
- fd = open (name, O_RDONLY);
- if (fd < 0) {
- LogError("Cannot open randomFile \"%s\", errno = %d\n", name, errno);
- return 0;
- }
-#ifdef FRAGILE_DEV_MEM
- if (!strcmp(name, "/dev/mem"))
- lseek (fd, (off_t) 0x100000, SEEK_SET);
-#endif
- reads = FILE_LIMIT;
- sum[0] = 0;
- sum[1] = 0;
- while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
- loops = cnt / (2 * sizeof (long));
- for (i = 0; i < loops; i+= 2) {
- sum[0] += buf[i];
- sum[1] += buf[i+1];
- ret_status = 1;
- }
- }
- if (cnt < 0)
- LogError("Cannot read randomFile \"%s\", errno = %d\n", name, errno);
- close (fd);
- return ret_status;
-}
-#endif
+/* The four core functions - F1 is optimized somewhat */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1 (z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define pmd5_step(f, w, x, y, z, data, s) \
+ ( w += (f(x, y, z) + data) & 0xffffffff, w = w<<s | w>>(32-s), w += x )

-#ifdef HASXDMAUTH
-static void
-InitXdmcpWrapper (void)
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data.
+ */
+static void
+pmd5_hash (unsigned *out, unsigned const in[16])
{
+ unsigned a, b, c, d;

-#ifdef ARC4_RANDOM
- u_int32_t sum[2];
+ a = out[0];
+ b = out[1];
+ c = out[2];
+ d = out[3];
+
+ pmd5_step(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
+ pmd5_step(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
+ pmd5_step(F1, c, d, a, b, in[2] + 0x242070db, 17);
+ pmd5_step(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
+ pmd5_step(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
+ pmd5_step(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
+ pmd5_step(F1, c, d, a, b, in[6] + 0xa8304613, 17);
+ pmd5_step(F1, b, c, d, a, in[7] + 0xfd469501, 22);
+ pmd5_step(F1, a, b, c, d, in[8] + 0x698098d8, 7);
+ pmd5_step(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
+ pmd5_step(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
+ pmd5_step(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
+ pmd5_step(F1, a, b, c, d, in[12] + 0x6b901122, 7);
+ pmd5_step(F1, d, a, b, c, in[13] + 0xfd987193, 12);
+ pmd5_step(F1, c, d, a, b, in[14] + 0xa679438e, 17);
+ pmd5_step(F1, b, c, d, a, in[15] + 0x49b40821, 22);
+
+ pmd5_step(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
+ pmd5_step(F2, d, a, b, c, in[6] + 0xc040b340, 9);
+ pmd5_step(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
+ pmd5_step(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
+ pmd5_step(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
+ pmd5_step(F2, d, a, b, c, in[10] + 0x02441453, 9);
+ pmd5_step(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
+ pmd5_step(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
+ pmd5_step(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
+ pmd5_step(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
+ pmd5_step(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
+ pmd5_step(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
+ pmd5_step(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
+ pmd5_step(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
+ pmd5_step(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
+ pmd5_step(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
+
+ pmd5_step(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
+ pmd5_step(F3, d, a, b, c, in[8] + 0x8771f681, 11);
+ pmd5_step(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
+ pmd5_step(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
+ pmd5_step(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
+ pmd5_step(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
+ pmd5_step(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
+ pmd5_step(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
+ pmd5_step(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
+ pmd5_step(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
+ pmd5_step(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
+ pmd5_step(F3, b, c, d, a, in[6] + 0x04881d05, 23);
+ pmd5_step(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
+ pmd5_step(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
+ pmd5_step(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
+ pmd5_step(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
+
+ pmd5_step(F4, a, b, c, d, in[0] + 0xf4292244, 6);
+ pmd5_step(F4, d, a, b, c, in[7] + 0x432aff97, 10);
+ pmd5_step(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
+ pmd5_step(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
+ pmd5_step(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
+ pmd5_step(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
+ pmd5_step(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
+ pmd5_step(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
+ pmd5_step(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
+ pmd5_step(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
+ pmd5_step(F4, c, d, a, b, in[6] + 0xa3014314, 15);
+ pmd5_step(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
+ pmd5_step(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
+ pmd5_step(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
+ pmd5_step(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
+ pmd5_step(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
+
+ out[0] += a;
+ out[1] += b;
+ out[2] += c;
+ out[3] += d;
+}

- sum[0] = arc4random();
- sum[1] = arc4random();
- *(u_char *)sum = 0;
+/* ####################################################################### */

- _XdmcpWrapperToOddParity(sum, key);

-#elif defined(DEV_RANDOM)
- int fd;
- unsigned char tmpkey[8];
-
- if ((fd = open("/dev/urandom", O_RDONLY)) >= 0) {
- if (read(fd, tmpkey, 8) == 8) {
- tmpkey[0] = 0;
- _XdmcpWrapperToOddParity(tmpkey, key);
- close(fd);
- return;
- } else {
- close(fd);
- }
+static int
+sumFile (const char *name, int len, int whence, long offset)
+{
+ int fd, i, cnt, readlen = 0;
+ unsigned char buf[0x1000];
+
+ if ((fd = open (name, O_RDONLY)) < 0) {
+ Debug("cannot open entropy source %\"s, errno=%d\n", name, errno);
+ return -1;
}
-#else
- long sum[2];
- unsigned char tmpkey[8];
-
- if (!sumFile (randomFile, sum)) {
- sum[0] = time ((Time_t *) 0);
- sum[1] = time ((Time_t *) 0);
+ lseek (fd, offset, whence);
+ while (readlen < len) {
+ if (!(cnt = read (fd, buf, sizeof (buf))))
+ break;
+ if (cnt < 0) {
+ close (fd);
+ Debug("cannot read entropy source %\"s, errno=%d\n", name, errno);
+ return -1;
+ }
+ readlen += cnt;
+ if (sizeof(unsigned) == 4)
+ add_entropy((unsigned*)buf, (cnt + 3) / 4);
+ else {
+ unsigned buf2[sizeof(buf) / 4];
+ for (i = 0; i < cnt; i += 8) {
+ buf2[i / 4] = *(unsigned*)(buf + i) & 0xffffffff;
+ buf2[i / 4 + 1] = *(unsigned*)(buf + i) >> 32;
+ }
+ add_entropy(buf2, (cnt + 3) / 4);
+ }
}
- longtochars (sum[0], tmpkey+0);
- longtochars (sum[1], tmpkey+4);
- tmpkey[0] = 0;
- _XdmcpWrapperToOddParity (tmpkey, key);
-#endif
+ close (fd);
+ Debug("read %d bytes from entropy source %\"s\n", readlen, name);
+ return readlen;
}

+#ifndef X_GETTIMEOFDAY
+/* WABA: According to the man page gettimeofday takes a second argument */
+/* if this breaks on your system, we need to have a configure test. */
+# define X_GETTIMEOFDAY(t) gettimeofday(t, NULL)
#endif

-#ifndef HASXDMAUTH
-/* A random number generator that is more unpredictable
- than that shipped with some systems.
- This code is taken from the C standard. */
-
-static unsigned long int next = 1;
-
-static int
-xdm_rand(void)
+void
+AddTimerEntropy (void)
{
- next = next * 1103515245 + 12345;
- return (unsigned int)(next/65536) % 32768;
+ struct timeval now;
+ X_GETTIMEOFDAY (&now);
+ add_entropy((unsigned*)&now, sizeof(now)/sizeof(unsigned));
}

-static void
-xdm_srand(unsigned int seed)
+#define BSIZ 0x10000
+
+void
+AddOtherEntropy (void)
{
- next = seed;
+ AddTimerEntropy();
+ /* XXX -- these will work only on linux and similar, but those already have urandom ... */
+ sumFile ("/proc/stat", BSIZ, SEEK_SET, 0);
+ sumFile ("/proc/interrupts", BSIZ, SEEK_SET, 0);
+ sumFile ("/proc/loadavg", BSIZ, SEEK_SET, 0);
+ sumFile ("/proc/net/dev", BSIZ, SEEK_SET, 0);
+ /* XXX -- setup-specific ... use some common ones */
+ sumFile ("/var/log/messages", 0x1000, SEEK_END, -0x1000);
+ sumFile ("/var/log/syslog", 0x1000, SEEK_END, -0x1000);
+ sumFile ("/var/log/debug", 0x1000, SEEK_END, -0x1000);
+ sumFile ("/var/log/kern.log", 0x1000, SEEK_END, -0x1000);
+ sumFile ("/var/log/daemon.log", 0x1000, SEEK_END, -0x1000);
+/* root hardly ever has an own box ... maybe pick a random mailbox instead? eek ...
+ sumFile ("/var/spool/mail/root", 0x1000, SEEK_END, -0x1000);
+*/
}
-#endif /* no HASXDMAUTH */

void
-GenerateAuthData (char *auth, int len)
+AddPreGetEntropy (void)
{
- long ldata[2];
-
-#ifdef ITIMER_REAL
- {
- struct timeval now;
+ static long offset;
+ long readlen;

- X_GETTIMEOFDAY (&now);
- ldata[0] = now.tv_usec;
- ldata[1] = now.tv_sec;
- }
-#else
- {
-#ifndef __EMX__
- long time ();
+ AddTimerEntropy();
+ if ((readlen = sumFile (randomFile, BSIZ, SEEK_SET, offset)) == BSIZ) {
+ offset += readlen;
+#ifdef FRAGILE_DEV_MEM
+ if (!strcmp (randomFile, "/dev/mem")) {
+ if (offset == 0xa0000) /* skip 640kB-1MB ROM mappings */
+ offset = 0x100000;
+ else if (offset == 0xf00000) /* skip 15-16MB memory hole */
+ offset = 0x1000000;
+ }
#endif
-
- ldata[0] = time ((long *) 0);
- ldata[1] = getpid ();
+ return;
+ } else if (readlen >= 0 && offset) {
+ if ((offset = sumFile (randomFile, BSIZ, SEEK_SET, 0)) == BSIZ)
+ return;
}
+ LogError("Cannot read randomFile %\"s; X cookies may be easily guessable\n", randomFile);
+}
#endif
-#ifdef HASXDMAUTH
- {
- int bit;
- int i;
- auth_wrapper_schedule schedule;
- unsigned char data[8];
- static int xdmcpAuthInited;
-
- longtochars (ldata[0], data+0);
- longtochars (ldata[1], data+4);
- if (!xdmcpAuthInited)
- {
- InitXdmcpWrapper ();
- xdmcpAuthInited = 1;
- }
- _XdmcpAuthSetup (key, schedule);
- for (i = 0; i < len; i++) {
- auth[i] = 0;
- for (bit = 1; bit < 256; bit <<= 1) {
- _XdmcpAuthDoIt (data, data, schedule, 1);
- if ((data[0] + data[1]) & 0x4)
- auth[i] |= bit;
- }
- }
- }
-#else
- {
- int seed;
- int value;
- int i;
- static long localkey[2] = {0, 0};
-
- if ( (localkey[0] == 0) && (localkey[1] == 0) ) {
+
+/* ONLY 8 or 16 bytes! */
+/* auth MUST be sizeof(unsigned)-aligned! */
+int
+GenerateAuthData (char *auth, int len)
+{
+ unsigned *rnd = (unsigned*)auth;
+
#ifdef ARC4_RANDOM
- localkey[0] = arc4random();
- localkey[1] = arc4random();
-#elif defined(DEV_RANDOM)
- int fd;
-
- if ((fd = open("/dev/urandom", O_RDONLY)) >= 0) {
- if (read(fd, (char *)localkey, 8) != 8) {
- localkey[0] = 1;
- }
+ int i;
+ if (sizeof(unsigned) == 4)
+ for (i = 0; i < len; i += 4)
+ rnd[i / 4] = arc4random();
+ else
+ for (i = 0; i < len; i += 8)
+ rnd[i / 8] = arc4random() | (arc4random() << 32);
+ return 1;
+#else
+ int fd;
+ const char *rd = randomDevice;
+# ifdef DEV_RANDOM
+ if (!*rd)
+ rd = DEV_RANDOM;
+# else
+ if (*rd) {
+# endif
+ if ((fd = open(rd, O_RDONLY)) >= 0) {
+ if (read(fd, auth, len) == len) {
close(fd);
- } else {
- localkey[0] = 1;
+ return 1;
}
-#else
- if (!sumFile (randomFile, localkey)) {
- localkey[0] = 1; /* To keep from continually calling sumFile() */
- }
-#endif
- }
+ close(fd);
+ LogError("Cannot read randomDevice %\"s, errno=%d\n", rd, errno);
+ } else
+ LogError("Cannot open randomDevice %\"s, errno=%d\n", rd, errno);
+# ifdef DEV_RANDOM
+ return 0;
+# else
+ }

- seed = (ldata[0]+localkey[0]) + ((ldata[1]+localkey[1]) << 16);
- xdm_srand (seed);
- for (i = 0; i < len; i++)
- {
- value = xdm_rand ();
- auth[i] = (value & 0xff00) >> 8;
- }
- value = len;
- if (value > (int)sizeof (key))
- value = sizeof (key);
- memmove( (char *) key, auth, value);
+ {
+ unsigned tmp[4] = { 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476 };
+ AddPreGetEntropy();
+ pmd5_hash (tmp, epool);
+ add_entropy (tmp, 1);
+ pmd5_hash (tmp, epool + 16);
+ add_entropy (tmp + 2, 1);
+ if (sizeof(unsigned) == 4)
+ memcpy (auth, tmp, len);
+ else {
+ int i;
+ for (i = 0; i < len; i += 8)
+ rnd[i / 8] = tmp[i / 4] | (tmp[i / 4 + 1] << 32);
+ }
}
+ return 1;
+# endif
#endif
}
--- backend/greet.h 23 Mar 2002 14:32:55 -0000 1.23
+++ backend/greet.h 3 Sep 2003 21:24:18 -0000
@@ -188,4 +188,6 @@
#define C_fifoAllowNuke (C_TYPE_INT | 0x016)

+#define C_randomDevice (C_TYPE_STR | 0x017)
+
/* per-display config */

--- ackend/mitauth.c 23 Mar 2002 14:32:55 -0000 1.7
+++ backend/mitauth.c 3 Sep 2003 21:24:18 -0000
@@ -87,5 +87,11 @@
memmove( (char *)new->name, name, namelen);
new->name_length = namelen;
- GenerateAuthData (new->data, AUTH_DATA_LEN);
+ if (!GenerateAuthData (new->data, AUTH_DATA_LEN))
+ {
+ free ((char *) new->name);
+ free ((char *) new->data);
+ free ((char *) new);
+ return (Xauth *) 0;
+ }
new->data_length = AUTH_DATA_LEN;
return new;
--- backend/resource.c 23 Mar 2002 14:32:55 -0000 1.27
+++ backend/resource.c 3 Sep 2003 21:24:18 -0000
@@ -375,6 +375,9 @@
char *keyFile;
char **exportList;
-#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+#ifndef ARC4_RANDOM
+# ifndef DEV_RANDOM
char *randomFile;
+# endif
+char *randomDevice;
#endif
char *willing;
@@ -404,6 +407,9 @@
{ C_keyFile, &keyFile },
{ C_exportList, (char **) &exportList },
-#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
+#ifndef ARC4_RANDOM
+# ifndef DEV_RANDOM
{ C_randomFile, &randomFile },
+# endif
+{ C_randomDevice, &randomDevice },
#endif
{ C_choiceTimeout, (char **) &choiceTimeout },
--- backend/xdmauth.c 23 Mar 2002 14:32:56 -0000 1.12
+++ backend/xdmauth.c 3 Sep 2003 21:24:18 -0000
@@ -103,5 +103,11 @@
memmove( (char *)new->name, name, namelen);
new->name_length = namelen;
- GenerateAuthData ((char *)new->data, new->data_length);
+ if (!GenerateAuthData ((char *)new->data, new->data_length))
+ {
+ free ((char *) new->name);
+ free ((char *) new->data);
+ free ((char *) new);
+ return (Xauth *) 0;
+ }
/*
* set the first byte of the session key to zero as it
--- kfrontend/kdm_config.c 11 Aug 2002 09:54:42 -0000 1.27.2.2
+++ kfrontend/kdm_config.c 3 Sep 2003 21:24:19 -0000
@@ -450,7 +450,6 @@
{ "AutoRescan", C_autoRescan | C_BOOL, 0, "true" },
{ "ExportList", C_exportList, 0, "" },
-#if !defined(__linux__) && !defined(__OpenBSD__)
{ "RandomFile", C_randomFile, 0, "/dev/mem" },
-#endif
+{ "RandomDevice", C_randomDevice, 0, "" },
{ "AutoLogin", C_autoLogin | C_BOOL, (void *)PautoLogin, "true" },
{ "FifoDir", C_fifoDir | C_PATH, 0, "/var/run/xdmctl" },
--- backend/client.c 19 Apr 2002 11:40:08 -0000 2.23.2.1
+++ backend/client.c 26 Aug 2003 13:33:12 -0000 2.23.2.2
@@ -1007,7 +1007,11 @@ StartClient (struct display *d,
exit (1);
# endif
# ifdef USE_PAM
- pam_setcred(pamh, 0);
+ if (pam_setcred(pamh, 0) != PAM_SUCCESS) {
+ LogError("pam_setcred for %\"s failed, errno=%d\n",
+ name, errno);
+ exit (1);
+ }
/* pass in environment variables set by libpam and modules it called */
pam_env = pam_getenvlist(pamh);
ReInitErrorLog ();
@@ -1264,7 +1268,9 @@ SessionExit (struct display *d, int stat
#ifdef USE_PAM
if (pamh) {
/* shutdown PAM session */
- pam_setcred(pamh, PAM_DELETE_CRED);
+ if (pam_setcred(pamh, PAM_DELETE_CRED) != PAM_SUCCESS)
+ LogError("pam_setcred(DELETE_CRED) for %\"s failed, errno=%d\n",
+ d->verify->user, errno);
pam_close_session(pamh, 0);
pam_end(pamh, PAM_SUCCESS);
pamh = NULL;