29 |
#include <sys/times.h> /* times */ |
#include <sys/times.h> /* times */ |
30 |
#include "rdesktop.h" |
#include "rdesktop.h" |
31 |
|
|
32 |
|
#ifdef EGD_SOCKET |
33 |
|
#include <sys/socket.h> /* socket connect */ |
34 |
|
#include <sys/un.h> /* sockaddr_un */ |
35 |
|
#endif |
36 |
|
|
37 |
|
#ifdef WITH_OPENSSL |
38 |
|
#include <openssl/md5.h> |
39 |
|
#else |
40 |
|
#include "crypto/md5.h" |
41 |
|
#endif |
42 |
|
|
43 |
char title[32] = ""; |
char title[32] = ""; |
44 |
char username[16]; |
char username[16]; |
45 |
char hostname[16]; |
char hostname[16]; |
295 |
return 0; |
return 0; |
296 |
} |
} |
297 |
|
|
298 |
|
#ifdef EGD_SOCKET |
299 |
|
/* Read 32 random bytes from PRNGD or EGD socket (based on OpenSSL RAND_egd) */ |
300 |
|
static BOOL |
301 |
|
generate_random_egd(uint8 * buf) |
302 |
|
{ |
303 |
|
struct sockaddr_un addr; |
304 |
|
BOOL ret = False; |
305 |
|
int fd; |
306 |
|
|
307 |
|
fd = socket(AF_UNIX, SOCK_STREAM, 0); |
308 |
|
if (fd == -1) |
309 |
|
return False; |
310 |
|
|
311 |
|
addr.sun_family = AF_UNIX; |
312 |
|
memcpy(addr.sun_path, EGD_SOCKET, sizeof(EGD_SOCKET)); |
313 |
|
if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) |
314 |
|
goto err; |
315 |
|
|
316 |
|
/* PRNGD and EGD use a simple communications protocol */ |
317 |
|
buf[0] = 1; /* Non-blocking (similar to /dev/urandom) */ |
318 |
|
buf[1] = 32; /* Number of requested random bytes */ |
319 |
|
if (write(fd, buf, 2) != 2) |
320 |
|
goto err; |
321 |
|
|
322 |
|
if ((read(fd, buf, 1) != 1) || (buf[0] == 0)) /* Available? */ |
323 |
|
goto err; |
324 |
|
|
325 |
|
if (read(fd, buf, 32) != 32) |
326 |
|
goto err; |
327 |
|
|
328 |
|
ret = True; |
329 |
|
|
330 |
|
err: |
331 |
|
close(fd); |
332 |
|
return ret; |
333 |
|
} |
334 |
|
#endif |
335 |
|
|
336 |
/* Generate a 32-byte random for the secure transport code. */ |
/* Generate a 32-byte random for the secure transport code. */ |
337 |
void |
void |
338 |
generate_random(uint8 * random) |
generate_random(uint8 * random) |
339 |
{ |
{ |
340 |
struct stat st; |
struct stat st; |
341 |
struct tms tmsbuf; |
struct tms tmsbuf; |
342 |
uint32 *r = (uint32 *) random; |
MD5_CTX md5; |
343 |
int fd; |
uint32 *r; |
344 |
|
int fd, n; |
345 |
|
|
346 |
/* If we have a kernel random device, use it. */ |
/* If we have a kernel random device, try that first */ |
347 |
if (((fd = open("/dev/urandom", O_RDONLY)) != -1) |
if (((fd = open("/dev/urandom", O_RDONLY)) != -1) |
348 |
|| ((fd = open("/dev/random", O_RDONLY)) != -1)) |
|| ((fd = open("/dev/random", O_RDONLY)) != -1)) |
349 |
{ |
{ |
350 |
read(fd, random, 32); |
n = read(fd, random, 32); |
351 |
close(fd); |
close(fd); |
352 |
return; |
if (n == 32) |
353 |
|
return; |
354 |
} |
} |
355 |
|
|
356 |
|
#ifdef EGD_SOCKET |
357 |
|
/* As a second preference use an EGD */ |
358 |
|
if (generate_random_egd(random)) |
359 |
|
return; |
360 |
|
#endif |
361 |
|
|
362 |
/* Otherwise use whatever entropy we can gather - ideas welcome. */ |
/* Otherwise use whatever entropy we can gather - ideas welcome. */ |
363 |
|
r = (uint32 *)random; |
364 |
r[0] = (getpid()) | (getppid() << 16); |
r[0] = (getpid()) | (getppid() << 16); |
365 |
r[1] = (getuid()) | (getgid() << 16); |
r[1] = (getuid()) | (getgid() << 16); |
366 |
r[2] = times(&tmsbuf); /* system uptime (clocks) */ |
r[2] = times(&tmsbuf); /* system uptime (clocks) */ |
369 |
r[5] = st.st_atime; |
r[5] = st.st_atime; |
370 |
r[6] = st.st_mtime; |
r[6] = st.st_mtime; |
371 |
r[7] = st.st_ctime; |
r[7] = st.st_ctime; |
372 |
|
|
373 |
|
/* Hash both halves with MD5 to obscure possible patterns */ |
374 |
|
MD5_Init(&md5); |
375 |
|
MD5_Update(&md5, random, 16); |
376 |
|
MD5_Final(random, &md5); |
377 |
|
MD5_Update(&md5, random+16, 16); |
378 |
|
MD5_Final(random+16, &md5); |
379 |
} |
} |
380 |
|
|
381 |
/* malloc; exit if out of memory */ |
/* malloc; exit if out of memory */ |