[PATCH 2/3] Use arc4random_buf(3) if available to generate cookies.

Eric Engestrom eric.engestrom at imgtec.com
Wed Mar 1 16:49:17 UTC 2017 

On Tuesday, 2017-02-28 19:18:43 +0100, Matthieu Herrb wrote:
> Signed-off-by: Matthieu Herrb <matthieu at herrb.eu>
> ---
>  configure.ac            | 2 ++
>  include/dix-config.h.in | 6 ++++++
>  os/auth.c               | 7 +++++++
>  3 files changed, 15 insertions(+)
> 
> diff --git a/configure.ac b/configure.ac
> index f6a49302f..6a7c4cc6f 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -225,6 +225,8 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\
>  	timingsafe_memcmp])
>  AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"])
>  
> +AC_CHECK_LIB([bsd], [arc4random_buf])
> +
>  AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]])
>  
>  dnl Check for SO_PEERCRED #define
> diff --git a/include/dix-config.h.in b/include/dix-config.h.in
> index 4b86c1a3c..d357910a6 100644
> --- a/include/dix-config.h.in
> +++ b/include/dix-config.h.in
> @@ -125,6 +125,9 @@
>  /* Build a standalone xpbproxy */
>  #undef STANDALONE_XPBPROXY
>  
> +/* Define to 1 if you have the `bsd' library (-lbsd). */
> +#undef HAVE_LIBBSD
> +
>  /* Define to 1 if you have the `m' library (-lm). */
>  #undef HAVE_LIBM
>  
> @@ -161,6 +164,9 @@
>  /* Define to 1 if you have the <rpcsvc/dbm.h> header file. */
>  #undef HAVE_RPCSVC_DBM_H
>  
> +/* Define to 1 if you have the `arc4random_buf' function. */
> +#undef HAVE_ARC4RANDOM_BUF
> +
>  /* Define to use libc SHA1 functions */
>  #undef HAVE_SHA1_IN_LIBC
>  
> diff --git a/os/auth.c b/os/auth.c
> index 7da6fc6ed..81164a2f5 100644
> --- a/os/auth.c
> +++ b/os/auth.c
> @@ -45,6 +45,9 @@ from The Open Group.
>  #ifdef WIN32
>  #include    <X11/Xw32defs.h>
>  #endif
> +#ifdef HAVE_LIBBSD
> +#include   <bsd/stdlib.h>       /* for arc4random_buf() */
> +#endif
>  
>  struct protocol {
>      unsigned short name_length;
> @@ -303,11 +306,15 @@ GenerateAuthorization(unsigned name_length,
>  void
>  GenerateRandomData(int len, char *buf)
>  {
> +#ifdef HAVE_ARC4RANDOMBUF

HAVE_ARC4RANDOM_BUF (missing underscore)

> +    arc4random_buf(buf, len);
> +#else
>      int fd;
>  
>      fd = open("/dev/urandom", O_RDONLY);
>      read(fd, buf, len);
>      close(fd);
> +#endif
>  }
>  
>  #endif                          /* XCSECURITY */
> -- 
> 2.11.1
>

More information about the xorg-devel mailing list