Use arc4random when available to produce the auth cookie.

arc4random() and associated functions can be found in libbsd on
GNU/Linux systems.

Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>

2 files changed, 12 insertions, 2 deletions

diff --git a/configure.ac b/configure.ac
index 81809ce..701b6c8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -37,7 +37,8 @@ XTRANS_CONNECTION_FLAGS
 AC_DEFINE(ICE_t, 1, [Xtrans transport type])
 
 # Checks for library functions.
-AC_CHECK_FUNCS([asprintf])
+AC_CHECK_LIB([bsd], [arc4random_buf])
+AC_CHECK_FUNCS([asprintf arc4random_buf])
 
 # Allow checking code with lint, sparse, etc.
 XORG_WITH_LINT
diff --git a/src/iceauth.c b/src/iceauth.c
index f4d9f36..ef66626 100644
--- a/src/iceauth.c
+++ b/src/iceauth.c
@@ -36,6 +36,10 @@ Author: Ralph Mor, X Consortium
 #include <time.h>
 #define Time_t time_t
 
+#ifdef HAVE_LIBBSD
+#include <bsd/stdlib.h>	/* for arc4random_buf() */
+#endif
+
 static int was_called_state;
 
 /*
@@ -50,14 +54,19 @@ IceGenerateMagicCookie (
 )
 {
     char    *auth;
+#ifndef HAVE_ARC4RANDOM_BUF
     long    ldata[2];
     int	    seed;
     int	    value;
     int	    i;
+#endif
 
     if ((auth = malloc (len + 1)) == NULL)
 	return (NULL);
 
+#ifdef HAVE_ARC4RANDOM_BUF
+    arc4random_buf(auth, len);
+#else
 #ifdef ITIMER_REAL
     {
 	struct timeval  now;
@@ -79,8 +88,8 @@ IceGenerateMagicCookie (
 	value = rand ();
 	auth[i] = value & 0xff;
     }
+#endif
     auth[len] = '\0';
-
     return (auth);
 }