diff options
| author | Adam Tkac <atkac@redhat.com> | 2009-11-12 10:39:54 +0000 |
|---|---|---|
| committer | Adam Tkac <atkac@redhat.com> | 2009-11-12 10:39:54 +0000 |
| commit | b94d538633b6cf9a775f24c26b110e685768acda (patch) | |
| tree | d3a55cb933725968fedcb193795a6ac545db8fd7 /unix | |
| parent | 6100fabf1de0fdf3167530867371f82387b4d073 (diff) | |
| download | tigervnc-b94d538633b6cf9a775f24c26b110e685768acda.tar.gz tigervnc-b94d538633b6cf9a775f24c26b110e685768acda.zip | |
[Bugfix] Use /dev/urandom when available for xauth cookie generation (alan dot coopersmith at sun dot com)
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/branches/1_0@3921 3789f03b-4d11-0410-bbf8-ca57d06f2519
Diffstat (limited to 'unix')
| -rwxr-xr-x | unix/vncserver | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/unix/vncserver b/unix/vncserver index 90ef0d24..28764cbe 100755 --- a/unix/vncserver +++ b/unix/vncserver @@ -189,16 +189,25 @@ $vncPort = 5900 + $displayNumber; $desktopLog = "$vncUserDir/$host:$displayNumber.log"; unlink($desktopLog); -# Make an X server cookie - use as the seed the sum of the current time, our -# PID and part of the encrypted form of the password. Ideally we'd use -# /dev/urandom, but that's only available on Linux. - -srand(time+$$+unpack("L",`cat $vncUserDir/passwd`)); -$cookie = ""; -for (1..16) { +# Make an X server cookie - use /dev/urandom on systems that have it, +# otherwise use perl's random number generator, seeded with the sum +# of the current time, our PID and part of the encrypted form of the password. + +my $cookie = ""; +if (open(URANDOM, '<', '/dev/urandom')) { + my $randata; + if (sysread(URANDOM, $randata, 16) == 16) { + $cookie = unpack 'h*', $randata; + } + close(URANDOM); +} +if ($cookie eq "") { + srand(time+$$+unpack("L",`cat $vncUserDir/passwd`)); + for (1..16) { $cookie .= sprintf("%02x", int(rand(256)) % 256); + } } - + system("xauth -f $xauthorityFile add $host:$displayNumber . $cookie"); system("xauth -f $xauthorityFile add $host/unix:$displayNumber . $cookie"); |