Index: slim-1.3.1/app.cpp
===================================================================
--- slim-1.3.1.orig/app.cpp
+++ slim-1.3.1/app.cpp
@@ -129,15 +129,18 @@ void User1Signal(int sig) {
#ifdef USE_PAM
-App::App(int argc, char** argv):
- pam(conv, static_cast<void*>(&LoginPanel)){
+App::App(int argc, char** argv)
+ : pam(conv, static_cast<void*>(&LoginPanel)),
#else
-App::App(int argc, char** argv){
+App::App(int argc, char** argv)
+ :
#endif
+ mcookiesize(32)// Must be divisible by 4
+{
int tmp;
ServerPID = -1;
testing = false;
- mcookie = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+ mcookie = string(App::mcookiesize, 'a');
daemonmode = false;
force_nodaemon = false;
firstlogin = true;
@@ -1128,13 +1131,13 @@ string App::findValidRandomTheme(const s
name = name.substr(0, name.length() - 1);
}
- srandom(getpid()+time(NULL));
+ Util::srandom(Util::makeseed());
vector<string> themes;
string themefile;
Cfg::split(themes, name, ',');
do {
- int sel = random() % themes.size();
+ int sel = Util::random() % themes.size();
name = Cfg::Trim(themes[sel]);
themefile = string(THEMESDIR) +"/" + name + THEMESFILE;
@@ -1161,27 +1164,27 @@ void App::replaceVariables(string& input
}
+/*
+ * We rely on the fact that all bits generated by Util::random()
+ * are usable, so we are taking full words from its output.
+ */
void App::CreateServerAuth() {
/* create mit cookie */
- int i, r;
- int hexcount = 0;
- string authfile;
- string cmd;
+ uint16_t word;
+ uint8_t hi, lo;
+ int i;
+ string authfile;
const char *digits = "0123456789abcdef";
- srand( time(NULL) );
- for ( i = 0; i < 31; i++ ) {
- r = rand()%16;
- mcookie[i] = digits[r];
- if (r>9)
- hexcount++;
- }
- /* MIT-COOKIE: even occurrences of digits and hex digits */
- if ((hexcount%2) == 0) {
- r = rand()%10;
- } else {
- r = rand()%5+10;
- }
- mcookie[31] = digits[r];
+ Util::srandom(Util::makeseed());
+ for (i = 0; i < App::mcookiesize; i+=4) {
+ word = Util::random() & 0xffff;
+ lo = word & 0xff;
+ hi = word >> 8;
+ mcookie[i] = digits[lo & 0x0f];
+ mcookie[i+1] = digits[lo >> 4];
+ mcookie[i+2] = digits[hi & 0x0f];
+ mcookie[i+3] = digits[hi >> 4];
+ }
/* reinitialize auth file */
authfile = cfg->getOption("authfile");
remove(authfile.c_str());
Index: slim-1.3.1/app.h
===================================================================
--- slim-1.3.1.orig/app.h
+++ slim-1.3.1/app.h
@@ -101,6 +101,8 @@ private:
std::string themeName;
std::string mcookie;
+
+ const int mcookiesize;
};
Index: slim-1.3.1/util.cpp
===================================================================
--- slim-1.3.1.orig/util.cpp
+++ slim-1.3.1/util.cpp
@@ -7,7 +7,13 @@
(at your option) any later version.
*/
+#include <sys/types.h>
+
#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <unistd.h>
+
#include "util.h"
/*
@@ -30,3 +36,34 @@ bool Util::add_mcookie(const std::string
pclose(fp);
return true;
}
+
+/*
+ * Interface for random number generator. Just now it uses ordinary
+ * random/srandom routines and serves as a wrapper for them.
+ */
+void Util::srandom(unsigned long seed)
+{
+::srandom(seed);
+}
+
+long Util::random(void)
+{
+return ::random();
+}
+
+/*
+ * Makes seed for the srandom() using "random" values obtained from
+ * getpid(), time(NULL) and others.
+ */
+long Util::makeseed(void)
+{
+struct timespec ts;
+long pid = getpid();
+long tm = time(NULL);
+
+if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
+ts.tv_sec = ts.tv_nsec = 0;
+}
+
+return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
+}
Index: slim-1.3.1/util.h
===================================================================
--- slim-1.3.1.orig/util.h
+++ slim-1.3.1/util.h
@@ -12,8 +12,13 @@
#include <string>
namespace Util {
- bool add_mcookie(const std::string &mcookie, const char *display,
- const std::string &xauth_cmd, const std::string &authfile);
+ bool add_mcookie(const std::string &mcookie, const char *display,
+ const std::string &xauth_cmd, const std::string &authfile);
+
+ void srandom(unsigned long seed);
+ long random(void);
+
+ long makeseed(void);
};
#endif /* __UTIL_H__ */