Apply patch (requested by mrg in ticket #1442): Use arc4random when available to produce the auth cookie. (80f62c54fbd50a3bbdf9c37258525098c9117830 upstream)diff -r1.1.1.3 -r1.1.1.3.2.1 xsrc/external/mit/libICE/dist/src/iceauth.c
(snj)
--- xsrc/external/mit/libICE/dist/src/iceauth.c 2010/11/21 05:47:12 1.1.1.3
+++ xsrc/external/mit/libICE/dist/src/iceauth.c 2017/03/07 21:00:47 1.1.1.3.2.1
@@ -26,73 +26,82 @@ in this Software without prior written a | @@ -26,73 +26,82 @@ in this Software without prior written a | |||
26 | Author: Ralph Mor, X Consortium | 26 | Author: Ralph Mor, X Consortium | |
27 | ******************************************************************************/ | 27 | ******************************************************************************/ | |
28 | 28 | |||
29 | #ifdef HAVE_CONFIG_H | 29 | #ifdef HAVE_CONFIG_H | |
30 | #include <config.h> | 30 | #include <config.h> | |
31 | #endif | 31 | #endif | |
32 | #include <X11/ICE/ICElib.h> | 32 | #include <X11/ICE/ICElib.h> | |
33 | #include "ICElibint.h" | 33 | #include "ICElibint.h" | |
34 | #include <X11/ICE/ICEutil.h> | 34 | #include <X11/ICE/ICEutil.h> | |
35 | 35 | |||
36 | #include <time.h> | 36 | #include <time.h> | |
37 | #define Time_t time_t | 37 | #define Time_t time_t | |
38 | 38 | |||
39 | #ifdef HAVE_LIBBSD | |||
40 | #include <bsd/stdlib.h> /* for arc4random_buf() */ | |||
41 | #endif | |||
42 | ||||
39 | static int was_called_state; | 43 | static int was_called_state; | |
40 | 44 | |||
41 | /* | 45 | /* | |
42 | * MIT-MAGIC-COOKIE-1 is a sample authentication method implemented by | 46 | * MIT-MAGIC-COOKIE-1 is a sample authentication method implemented by | |
43 | * the SI. It is not part of standard ICElib. | 47 | * the SI. It is not part of standard ICElib. | |
44 | */ | 48 | */ | |
45 | 49 | |||
46 | 50 | |||
47 | char * | 51 | char * | |
48 | IceGenerateMagicCookie ( | 52 | IceGenerateMagicCookie ( | |
49 | int len | 53 | int len | |
50 | ) | 54 | ) | |
51 | { | 55 | { | |
52 | char *auth; | 56 | char *auth; | |
57 | #ifndef HAVE_ARC4RANDOM_BUF | |||
53 | long ldata[2]; | 58 | long ldata[2]; | |
54 | int seed; | 59 | int seed; | |
55 | int value; | 60 | int value; | |
56 | int i; | 61 | int i; | |
62 | #endif | |||
57 | 63 | |||
58 | if ((auth = (char *) malloc (len + 1)) == NULL) | 64 | if ((auth = (char *) malloc (len + 1)) == NULL) | |
59 | return (NULL); | 65 | return (NULL); | |
60 | 66 | |||
67 | #ifdef HAVE_ARC4RANDOM_BUF | |||
68 | arc4random_buf(auth, len); | |||
69 | #else | |||
61 | #ifdef ITIMER_REAL | 70 | #ifdef ITIMER_REAL | |
62 | { | 71 | { | |
63 | struct timeval now; | 72 | struct timeval now; | |
64 | X_GETTIMEOFDAY (&now); | 73 | X_GETTIMEOFDAY (&now); | |
65 | ldata[0] = now.tv_sec; | 74 | ldata[0] = now.tv_sec; | |
66 | ldata[1] = now.tv_usec; | 75 | ldata[1] = now.tv_usec; | |
67 | } | 76 | } | |
68 | #else | 77 | #else | |
69 | { | 78 | { | |
70 | #ifndef __UNIXOS2__ | 79 | #ifndef __UNIXOS2__ | |
71 | long time (); | 80 | long time (); | |
72 | #endif | 81 | #endif | |
73 | ldata[0] = time ((long *) 0); | 82 | ldata[0] = time ((long *) 0); | |
74 | ldata[1] = getpid (); | 83 | ldata[1] = getpid (); | |
75 | } | 84 | } | |
76 | #endif | 85 | #endif | |
77 | seed = (ldata[0]) + (ldata[1] << 16); | 86 | seed = (ldata[0]) + (ldata[1] << 16); | |
78 | srand (seed); | 87 | srand (seed); | |
79 | for (i = 0; i < len; i++) | 88 | for (i = 0; i < len; i++) | |
80 | { | 89 | { | |
81 | value = rand (); | 90 | value = rand (); | |
82 | auth[i] = value & 0xff; | 91 | auth[i] = value & 0xff; | |
83 | } | 92 | } | |
93 | #endif | |||
84 | auth[len] = '\0'; | 94 | auth[len] = '\0'; | |
85 | ||||
86 | return (auth); | 95 | return (auth); | |
87 | } | 96 | } | |
88 | 97 | |||
89 | 98 | |||
90 | 99 | |||
91 | IcePoAuthStatus | 100 | IcePoAuthStatus | |
92 | _IcePoMagicCookie1Proc ( | 101 | _IcePoMagicCookie1Proc ( | |
93 | IceConn iceConn, | 102 | IceConn iceConn, | |
94 | IcePointer *authStatePtr, | 103 | IcePointer *authStatePtr, | |
95 | Bool cleanUp, | 104 | Bool cleanUp, | |
96 | Bool swap, | 105 | Bool swap, | |
97 | int authDataLen, | 106 | int authDataLen, | |
98 | IcePointer authData, | 107 | IcePointer authData, |
--- xsrc/xfree/xc/lib/ICE/Attic/iceauth.c 2003/02/28 13:18:45 1.1.1.5
+++ xsrc/xfree/xc/lib/ICE/Attic/iceauth.c 2017/03/07 21:00:47 1.1.1.5.28.1
@@ -27,74 +27,83 @@ in this Software without prior written a | @@ -27,74 +27,83 @@ in this Software without prior written a | |||
27 | Author: Ralph Mor, X Consortium | 27 | Author: Ralph Mor, X Consortium | |
28 | ******************************************************************************/ | 28 | ******************************************************************************/ | |
29 | /* $XFree86: xc/lib/ICE/iceauth.c,v 3.6 2002/05/31 18:45:41 dawes Exp $ */ | 29 | /* $XFree86: xc/lib/ICE/iceauth.c,v 3.6 2002/05/31 18:45:41 dawes Exp $ */ | |
30 | 30 | |||
31 | #include <X11/ICE/ICElib.h> | 31 | #include <X11/ICE/ICElib.h> | |
32 | #include "ICElibint.h" | 32 | #include "ICElibint.h" | |
33 | #include <X11/ICE/ICEutil.h> | 33 | #include <X11/ICE/ICEutil.h> | |
34 | 34 | |||
35 | #include <time.h> | 35 | #include <time.h> | |
36 | #define Time_t time_t | 36 | #define Time_t time_t | |
37 | 37 | |||
38 | static int binaryEqual (); | 38 | static int binaryEqual (); | |
39 | 39 | |||
40 | #ifdef HAVE_LIBBSD | |||
41 | #include <bsd/stdlib.h> /* for arc4random_buf() */ | |||
42 | #endif | |||
43 | ||||
40 | static int was_called_state; | 44 | static int was_called_state; | |
41 | 45 | |||
42 | /* | 46 | /* | |
43 | * MIT-MAGIC-COOKIE-1 is a sample authentication method implemented by | 47 | * MIT-MAGIC-COOKIE-1 is a sample authentication method implemented by | |
44 | * the SI. It is not part of standard ICElib. | 48 | * the SI. It is not part of standard ICElib. | |
45 | */ | 49 | */ | |
46 | 50 | |||
47 | 51 | |||
48 | char * | 52 | char * | |
49 | IceGenerateMagicCookie (len) | 53 | IceGenerateMagicCookie (len) | |
50 | 54 | |||
51 | int len; | 55 | int len; | |
52 | 56 | |||
53 | { | 57 | { | |
54 | char *auth; | 58 | char *auth; | |
59 | #ifndef HAVE_ARC4RANDOM_BUF | |||
55 | long ldata[2]; | 60 | long ldata[2]; | |
56 | int seed; | 61 | int seed; | |
57 | int value; | 62 | int value; | |
58 | int i; | 63 | int i; | |
64 | #endif | |||
59 | 65 | |||
60 | if ((auth = (char *) malloc (len + 1)) == NULL) | 66 | if ((auth = (char *) malloc (len + 1)) == NULL) | |
61 | return (NULL); | 67 | return (NULL); | |
62 | 68 | |||
69 | #ifdef HAVE_ARC4RANDOM_BUF | |||
70 | arc4random_buf(auth, len); | |||
71 | #else | |||
63 | #ifdef ITIMER_REAL | 72 | #ifdef ITIMER_REAL | |
64 | { | 73 | { | |
65 | struct timeval now; | 74 | struct timeval now; | |
66 | X_GETTIMEOFDAY (&now); | 75 | X_GETTIMEOFDAY (&now); | |
67 | ldata[0] = now.tv_sec; | 76 | ldata[0] = now.tv_sec; | |
68 | ldata[1] = now.tv_usec; | 77 | ldata[1] = now.tv_usec; | |
69 | } | 78 | } | |
70 | #else | 79 | #else | |
71 | { | 80 | { | |
72 | #ifndef __UNIXOS2__ | 81 | #ifndef __UNIXOS2__ | |
73 | long time (); | 82 | long time (); | |
74 | #endif | 83 | #endif | |
75 | ldata[0] = time ((long *) 0); | 84 | ldata[0] = time ((long *) 0); | |
76 | ldata[1] = getpid (); | 85 | ldata[1] = getpid (); | |
77 | } | 86 | } | |
78 | #endif | 87 | #endif | |
79 | seed = (ldata[0]) + (ldata[1] << 16); | 88 | seed = (ldata[0]) + (ldata[1] << 16); | |
80 | srand (seed); | 89 | srand (seed); | |
81 | for (i = 0; i < len; i++) | 90 | for (i = 0; i < len; i++) | |
82 | { | 91 | { | |
83 | value = rand (); | 92 | value = rand (); | |
84 | auth[i] = value & 0xff; | 93 | auth[i] = value & 0xff; | |
85 | } | 94 | } | |
95 | #endif | |||
86 | auth[len] = '\0'; | 96 | auth[len] = '\0'; | |
87 | ||||
88 | return (auth); | 97 | return (auth); | |
89 | } | 98 | } | |
90 | 99 | |||
91 | 100 | |||
92 | 101 | |||
93 | IcePoAuthStatus | 102 | IcePoAuthStatus | |
94 | _IcePoMagicCookie1Proc (iceConn, authStatePtr, cleanUp, swap, | 103 | _IcePoMagicCookie1Proc (iceConn, authStatePtr, cleanUp, swap, | |
95 | authDataLen, authData, replyDataLenRet, replyDataRet, errorStringRet) | 104 | authDataLen, authData, replyDataLenRet, replyDataRet, errorStringRet) | |
96 | 105 | |||
97 | IceConn iceConn; | 106 | IceConn iceConn; | |
98 | IcePointer *authStatePtr; | 107 | IcePointer *authStatePtr; | |
99 | Bool cleanUp; | 108 | Bool cleanUp; | |
100 | Bool swap; | 109 | Bool swap; |