diff --git a/src/iceauth.c b/src/iceauth.c index 9b77eac..9af62f5 100644 --- a/src/iceauth.c +++ b/src/iceauth.c @@ -78,6 +78,55 @@ emulate_getrandom_buf ( } } +#ifndef HAVE_GETENTROPY +#include +#include + +/* code taken from libressl, license: */ +/* + * Copyright (c) 2014 Theo de Raadt + * Copyright (c) 2014 Bob Beck + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Emulation of getentropy(2) as documented at: + * http://man.openbsd.org/getentropy.2 + */ +#ifdef __NR_getrandom +static int +getentropy(void *buf, size_t len) +{ + int pre_errno = errno; + int ret; + if (len > 256) + return (-1); + do { + ret = syscall(__NR_getrandom, buf, len, 0); + } while (ret == -1 && errno == EINTR); + + if (ret != len) + return (-1); + errno = pre_errno; + + fprintf(stderr, "generating cookie with syscall\n"); + + return (0); +} +#define HAVE_GETENTROPY 1 +#endif /* __NR_getrandom */ + +#endif /* HAVE_GETENTROPY */ + static void arc4random_buf ( char *auth, diff --git a/src/iceauth.c.cve-2017-2626 b/src/iceauth.c.cve-2017-2626 index ef66626..9b77eac 100644 --- a/src/iceauth.c.cve-2017-2626 +++ b/src/iceauth.c.cve-2017-2626 @@ -42,31 +42,19 @@ Author: Ralph Mor, X Consortium static int was_called_state; -/* - * MIT-MAGIC-COOKIE-1 is a sample authentication method implemented by - * the SI. It is not part of standard ICElib. - */ +#ifndef HAVE_ARC4RANDOM_BUF - -char * -IceGenerateMagicCookie ( +static void +emulate_getrandom_buf ( + char *auth, int len ) { - char *auth; -#ifndef HAVE_ARC4RANDOM_BUF long ldata[2]; int seed; int value; int i; -#endif - if ((auth = malloc (len + 1)) == NULL) - return (NULL); - -#ifdef HAVE_ARC4RANDOM_BUF - arc4random_buf(auth, len); -#else #ifdef ITIMER_REAL { struct timeval now; @@ -74,13 +62,13 @@ IceGenerateMagicCookie ( ldata[0] = now.tv_sec; ldata[1] = now.tv_usec; } -#else +#else /* ITIMER_REAL */ { long time (); ldata[0] = time ((long *) 0); ldata[1] = getpid (); } -#endif +#endif /* ITIMER_REAL */ seed = (ldata[0]) + (ldata[1] << 16); srand (seed); for (i = 0; i < len; i++) @@ -88,7 +76,46 @@ IceGenerateMagicCookie ( value = rand (); auth[i] = value & 0xff; } -#endif +} + +static void +arc4random_buf ( + char *auth, + int len +) +{ + int ret; + +#if HAVE_GETENTROPY + /* weak emulation of arc4random through the entropy libc */ + ret = getentropy (auth, len); + if (ret == 0) + return; +#endif /* HAVE_GETENTROPY */ + + emulate_getrandom_buf (auth, len); +} + +#endif /* !defined(HAVE_ARC4RANDOM_BUF) */ + +/* + * MIT-MAGIC-COOKIE-1 is a sample authentication method implemented by + * the SI. It is not part of standard ICElib. + */ + + +char * +IceGenerateMagicCookie ( + int len +) +{ + char *auth; + + if ((auth = malloc (len + 1)) == NULL) + return (NULL); + + arc4random_buf (auth, len); + auth[len] = '\0'; return (auth); }