--- sourceforge.net/trunk/rdesktop/rdesktop.c	2002/09/15 12:42:26	160
+++ sourceforge.net/trunk/rdesktop/rdesktop.c	2002/10/11 05:13:19	223
@@ -18,17 +18,28 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
-#include <stdlib.h>		/* malloc realloc free */
 #include <stdarg.h>		/* va_list va_start va_end */
 #include <unistd.h>		/* read close getuid getgid getpid getppid gethostname */
 #include <fcntl.h>		/* open */
 #include <pwd.h>		/* getpwuid */
 #include <limits.h>		/* PATH_MAX */
+#include <termios.h>		/* tcgetattr tcsetattr */
 #include <sys/stat.h>		/* stat */
 #include <sys/time.h>		/* gettimeofday */
 #include <sys/times.h>		/* times */
 #include "rdesktop.h"
 
+#ifdef EGD_SOCKET
+#include <sys/socket.h>		/* socket connect */
+#include <sys/un.h>		/* sockaddr_un */
+#endif
+
+#ifdef WITH_OPENSSL
+#include <openssl/md5.h>
+#else
+#include "crypto/md5.h"
+#endif
+
 char title[32] = "";
 char username[16];
 char hostname[16];
@@ -40,7 +51,6 @@
 BOOL bitmap_compression = True;
 BOOL sendmotion = True;
 BOOL orders = True;
-BOOL licence = True;
 BOOL encryption = True;
 BOOL desktop_save = True;
 BOOL fullscreen = False;
@@ -54,46 +64,81 @@
 	fprintf(stderr, "Version " VERSION ". Copyright (C) 1999-2002 Matt Chapman.\n");
 	fprintf(stderr, "See http://www.rdesktop.org/ for more information.\n\n");
 
-	fprintf(stderr, "Usage: %s [options] server\n", program);
+	fprintf(stderr, "Usage: %s [options] server[:port]\n", program);
 	fprintf(stderr, "   -u: user name\n");
 	fprintf(stderr, "   -d: domain\n");
 	fprintf(stderr, "   -s: shell\n");
 	fprintf(stderr, "   -c: working directory\n");
-	fprintf(stderr, "   -p: password (autologon)\n");
-	fprintf(stderr, "   -P: askpass-program (autologon)\n");
+	fprintf(stderr, "   -p: password (- to prompt)\n");
 	fprintf(stderr, "   -n: client hostname\n");
-	fprintf(stderr, "   -k: keyboard layout on terminal server (us,sv,gr etc.)\n");
+	fprintf(stderr, "   -k: keyboard layout on terminal server (us,sv,gr,etc.)\n");
 	fprintf(stderr, "   -g: desktop geometry (WxH)\n");
 	fprintf(stderr, "   -f: full-screen mode\n");
 	fprintf(stderr, "   -b: force bitmap updates\n");
 	fprintf(stderr, "   -e: disable encryption (French TS)\n");
 	fprintf(stderr, "   -m: do not send motion events\n");
-	fprintf(stderr, "   -l: do not request licence\n");
-	fprintf(stderr, "   -t: rdp tcp port\n");
 	fprintf(stderr, "   -K: keep window manager key bindings\n");
-	fprintf(stderr, "   -w: window title\n");
+	fprintf(stderr, "   -T: window title\n");
+}
+
+static BOOL
+read_password(char *password, int size)
+{
+	struct termios tios;
+	BOOL ret = False;
+	int istty = 0;
+	char *p;
+
+	if (tcgetattr(STDIN_FILENO, &tios) == 0)
+	{
+		fprintf(stderr, "Password: ");
+		tios.c_lflag &= ~ECHO;
+		tcsetattr(STDIN_FILENO, TCSANOW, &tios);
+		istty = 1;
+	}
+
+	if (fgets(password, size, stdin) != NULL)
+	{
+		ret = True;
+
+		/* strip final newline */
+		p = strchr(password, '\n');
+		if (p != NULL)
+			*p = 0;
+	}
+
+	if (istty)
+	{
+		tios.c_lflag |= ECHO;
+		tcsetattr(STDIN_FILENO, TCSANOW, &tios);
+		fprintf(stderr, "\n");
+	}
+
+	return ret;
 }
 
 /* Client program */
 int
 main(int argc, char *argv[])
 {
+	char server[64];
 	char fullhostname[64];
 	char domain[16];
 	char password[16];
-	char *askpass_result;
 	char shell[32];
 	char directory[32];
+	BOOL prompt_password;
 	struct passwd *pw;
-	char *server, *p;
 	uint32 flags;
+	char *p;
 	int c;
 
 	flags = RDP_LOGON_NORMAL;
+	prompt_password = False;
 	domain[0] = password[0] = shell[0] = directory[0] = 0;
 	strcpy(keymapname, "us");
 
-	while ((c = getopt(argc, argv, "u:d:s:c:p:P:n:k:g:t:fbemlKw:h?")) != -1)
+	while ((c = getopt(argc, argv, "u:d:s:c:p:n:k:g:fbemKT:h?")) != -1)
 	{
 		switch (c)
 		{
@@ -114,18 +159,19 @@
 				break;
 
 			case 'p':
+				if ((optarg[0] == '-') && (optarg[1] == 0))
+				{
+					prompt_password = True;
+					break;
+				}
+
 				STRNCPY(password, optarg, sizeof(password));
 				flags |= RDP_LOGON_AUTO;
-				break;
-
-			case 'P':
-				askpass_result = askpass(optarg, "Enter password");
-				if (askpass_result == NULL)
-					exit(1);
 
-				STRNCPY(password, askpass_result, sizeof(password));
-				free(askpass_result);
-				flags |= RDP_LOGON_AUTO;
+				/* try to overwrite argument so it won't appear in ps */
+				p = optarg;
+				while (*p)
+					*(p++) = 'X';
 				break;
 
 			case 'n':
@@ -164,20 +210,12 @@
 				sendmotion = False;
 				break;
 
-			case 'l':
-				licence = False;
-				break;
-
-			case 't':
-				tcp_port_rdp = strtol(optarg, NULL, 10);
-				break;
-
 			case 'K':
 				grab_keyboard = False;
 				break;
 
-			case 'w':
-				strncpy(title, optarg, sizeof(title));
+			case 'T':
+				STRNCPY(title, optarg, sizeof(title));
 				break;
 
 			case 'h':
@@ -194,7 +232,13 @@
 		return 1;
 	}
 
-	server = argv[optind];
+	STRNCPY(server, argv[optind], sizeof(server));
+	p = strchr(server, ':');
+	if (p != NULL)
+	{
+		tcp_port_rdp = strtol(p + 1, NULL, 10);
+		*p = 0;
+	}
 
 	if (username[0] == 0)
 	{
@@ -223,18 +267,10 @@
 		STRNCPY(hostname, fullhostname, sizeof(hostname));
 	}
 
-	if (!strcmp(password, "-"))
-	{
-		p = getpass("Password: ");
-		if (p == NULL)
-		{
-			error("failed to read password\n");
-			return 0;
-		}
-		STRNCPY(password, p, sizeof(password));
-	}
+	if (prompt_password && read_password(password, sizeof(password)))
+		flags |= RDP_LOGON_AUTO;
 
-	if (!strlen(title))
+	if (title[0] == 0)
 	{
 		strcpy(title, "rdesktop - ");
 		strncat(title, server, sizeof(title) - sizeof("rdesktop - "));
@@ -247,6 +283,7 @@
 		return 1;
 
 	DEBUG(("Connection successful.\n"));
+	memset(password, 0, sizeof(password));
 
 	if (ui_create_window())
 	{
@@ -256,28 +293,76 @@
 
 	DEBUG(("Disconnecting...\n"));
 	rdp_disconnect();
+	ui_deinit();
 	return 0;
 }
 
+#ifdef EGD_SOCKET
+/* Read 32 random bytes from PRNGD or EGD socket (based on OpenSSL RAND_egd) */
+static BOOL
+generate_random_egd(uint8 * buf)
+{
+	struct sockaddr_un addr;
+	BOOL ret = False;
+	int fd;
+
+	fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if (fd == -1)
+		return False;
+
+	addr.sun_family = AF_UNIX;
+	memcpy(addr.sun_path, EGD_SOCKET, sizeof(EGD_SOCKET));
+	if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1)
+		goto err;
+
+	/* PRNGD and EGD use a simple communications protocol */
+	buf[0] = 1;  /* Non-blocking (similar to /dev/urandom) */
+	buf[1] = 32; /* Number of requested random bytes */
+	if (write(fd, buf, 2) != 2)
+		goto err;
+
+	if ((read(fd, buf, 1) != 1) || (buf[0] == 0)) /* Available? */
+		goto err;
+
+	if (read(fd, buf, 32) != 32)
+		goto err;
+
+	ret = True;
+
+err:
+	close(fd);
+	return ret;
+}
+#endif
+
 /* Generate a 32-byte random for the secure transport code. */
 void
 generate_random(uint8 * random)
 {
 	struct stat st;
 	struct tms tmsbuf;
-	uint32 *r = (uint32 *) random;
-	int fd;
+	MD5_CTX md5;
+	uint32 *r;
+	int fd, n;
 
-	/* If we have a kernel random device, use it. */
+	/* If we have a kernel random device, try that first */
 	if (((fd = open("/dev/urandom", O_RDONLY)) != -1)
 	    || ((fd = open("/dev/random", O_RDONLY)) != -1))
 	{
-		read(fd, random, 32);
+		n = read(fd, random, 32);
 		close(fd);
-		return;
+		if (n == 32)
+			return;
 	}
 
+#ifdef EGD_SOCKET
+	/* As a second preference use an EGD */
+	if (generate_random_egd(random))
+		return;
+#endif
+
 	/* Otherwise use whatever entropy we can gather - ideas welcome. */
+	r = (uint32 *)random;
 	r[0] = (getpid()) | (getppid() << 16);
 	r[1] = (getuid()) | (getgid() << 16);
 	r[2] = times(&tmsbuf);	/* system uptime (clocks) */
@@ -286,6 +371,13 @@
 	r[5] = st.st_atime;
 	r[6] = st.st_mtime;
 	r[7] = st.st_ctime;
+
+	/* Hash both halves with MD5 to obscure possible patterns */
+	MD5_Init(&md5);
+	MD5_Update(&md5, random, 16); 
+	MD5_Final(random, &md5);
+	MD5_Update(&md5, random+16, 16);
+	MD5_Final(random+16, &md5);
 }
 
 /* malloc; exit if out of memory */
@@ -357,21 +449,21 @@
 
 	while (offset < len)
 	{
-		fprintf(stderr, "%04x ", offset);
+		printf("%04x ", offset);
 		thisline = len - offset;
 		if (thisline > 16)
 			thisline = 16;
 
 		for (i = 0; i < thisline; i++)
-			fprintf(stderr, "%02x ", line[i]);
+			printf("%02x ", line[i]);
 
 		for (; i < 16; i++)
-			fprintf(stderr, "   ");
+			printf("   ");
 
 		for (i = 0; i < thisline; i++)
-			fprintf(stderr, "%c", (line[i] >= 0x20 && line[i] < 0x7f) ? line[i] : '.');
+			printf("%c", (line[i] >= 0x20 && line[i] < 0x7f) ? line[i] : '.');
 
-		fprintf(stderr, "\n");
+		printf("\n");
 		offset += thisline;
 		line += thisline;
 	}