diff options
| author | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2017-02-28 18:27:41 +0000 |
|---|---|---|
| committer | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2017-02-28 18:27:41 +0000 |
| commit | fd800bbc3cec0669ae1c74e95f070a55824c761d (patch) | |
| tree | 650b8ff8ec14ac6e98c58ae965f2b71bdd31f327 /xserver/os | |
| parent | 11a00362ca01a84c7da9b5703d5f9ccaa4bc5f6f (diff) | |
MFC: Use arc4random_buf(3) if available to generate cookies.
Advisory X41-2017-001: Multiple Vulnerabilities in X.Org.
Diffstat (limited to 'xserver/os')
| -rw-r--r-- | xserver/os/auth.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/xserver/os/auth.c b/xserver/os/auth.c index 7da6fc6ed..e0cd0186b 100644 --- a/xserver/os/auth.c +++ b/xserver/os/auth.c @@ -45,6 +45,9 @@ from The Open Group. #ifdef WIN32 #include <X11/Xw32defs.h> #endif +#ifdef HAVE_LIBBSD +#include <bsd/stdlib.h> /* for arc4random_buf() */ +#endif struct protocol { unsigned short name_length; @@ -303,11 +306,15 @@ GenerateAuthorization(unsigned name_length, void GenerateRandomData(int len, char *buf) { +#ifndef HAVE_ARC4RANDOMBUF int fd; fd = open("/dev/urandom", O_RDONLY); read(fd, buf, len); close(fd); +#else + arc4random_buf(buf, len); +#endif } #endif /* XCSECURITY */ |