Backport of SVN r1097263 to fix Solaris compilation with [CVE-2010-0436]

git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdebase@1117290 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
author: tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da> 2010-04-21 19:01:33 +0000
committer: tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da> 2010-04-21 19:01:33 +0000
commit: 0a9caa3b3716846c944b76795b182caa4050e63a (patch)
tree: 93edad259cad5c669297858f198ae2bc88b5be28 /kdm
parent: 9885131c3e220b351fa05ff9fdee265b7f83549e (diff)
download: tdebase-0a9caa3b3716846c944b76795b182caa4050e63a.tar.gz
tdebase-0a9caa3b3716846c944b76795b182caa4050e63a.zip
5 files changed, 52 insertions, 29 deletions
diff --git a/kdm/backend/auth.c b/kdm/backend/auth.c
index 21b3c5d48..3fb18ac4c 100644
--- a/kdm/backend/auth.c
+++ b/kdm/backend/auth.c
@@ -227,6 +227,21 @@ fdOpenW( int fd )
 	return 0;
 }
 
+static FILE *
+mkTempFile( char *nambuf, int namelen )
+{
+	FILE *f;
+	int r;
+
+	for (r = 0; r < 100; r++) {
+		randomStr( nambuf + namelen );
+		if ((f = fdOpenW( open( nambuf, O_WRONLY | O_CREAT | O_EXCL, 0600 ) )))
+			return f;
+		if (errno != EEXIST)
+			break;
+	}
+	return 0;
+}
 
 #define NAMELEN 255
 
@@ -234,9 +249,7 @@ static FILE *
 MakeServerAuthFile( struct display *d )
 {
 	FILE *f;
-#ifndef HAVE_MKSTEMP
-	int r;
-#endif
+	int i;
 	char cleanname[NAMELEN], nambuf[NAMELEN+128];
 
 	/*
@@ -248,22 +261,11 @@ MakeServerAuthFile( struct display *d )
 	if (mkdir( authDir, 0755 ) < 0  &&  errno != EEXIST)
 		return 0;
 	CleanUpFileName( d->name, cleanname, NAMELEN - 8 );
-#ifdef HAVE_MKSTEMP
-	sprintf( nambuf, "%s/A%s-XXXXXX", authDir, cleanname );
-	if ((f = fdOpenW( mkstemp( nambuf ) ))) {
+	i = sprintf( nambuf, "%s/A%s-", authDir, cleanname );
+	if ((f = mkTempFile( nambuf, i ))) {
 		StrDup( &d->authFile, nambuf );
 		return f;
 	}
-#else
-	for (r = 0; r < 100; r++) {
-		sprintf( nambuf, "%s/A%s-XXXXXX", authDir, cleanname );
-		(void)mktemp( nambuf );
-		if ((f = fdOpenW( open( nambuf, O_WRONLY | O_CREAT | O_EXCL, 0600 ) ))) {
-			StrDup( &d->authFile, nambuf );
-			return f;
-		}
-	}
-#endif
 	return 0;
 }
 
@@ -1131,19 +1133,8 @@ SetUserAuthorization( struct display *d )
 			 * temporary - we can assume, that we are the only ones
 			 * knowing about this file anyway.
 			 */
-#ifdef HAVE_MKSTEMP
-			sprintf( name_buf, "%s/.XauthXXXXXX", d->userAuthDir );
-			new = fdOpenW( mkstemp( name_buf ) );
-#else
-			for (i = 0; i < 100; i++) {
-				sprintf( name_buf, "%s/.XauthXXXXXX", d->userAuthDir );
-				(void)mktemp( name_buf );
-				if ((new =
-				     fdOpenW( open( name_buf, O_WRONLY | O_CREAT | O_EXCL,
-				                    0600 ) )))
-					break;
-			}
-#endif
+			i = sprintf( name_buf, "%s/.Xauth", d->userAuthDir );
+			new = mkTempFile( name_buf, i );
 			if (!new) {
 				LogError( "Can't create authorization file in %s\n",
 				          d->userAuthDir );
diff --git a/kdm/backend/dm.h b/kdm/backend/dm.h
index 5f81e24b9..c05d4c865 100644
--- a/kdm/backend/dm.h
+++ b/kdm/backend/dm.h
@@ -542,6 +542,7 @@ const char *localHostname( void );
 int Reader( int fd, void *buf, int len );
 int Writer( int fd, const void *buf, int len );
 int fGets( char *buf, int max, FILE *f );
+void randomStr( char *s );
 time_t mTime( const char *fn );
 void ListSessions( int flags, struct display *d, void *ctx,
                    void (*emitXSess)( struct display *, struct display *, void * ),
diff --git a/kdm/backend/dm_auth.h b/kdm/backend/dm_auth.h
index ccf4697b8..28725ee8d 100644
--- a/kdm/backend/dm_auth.h
+++ b/kdm/backend/dm_auth.h
@@ -96,4 +96,10 @@ void AddOtherEntropy( void );
 void AddTimerEntropy( void );
 #endif
 
+#ifdef HAVE_ARC4RANDOM
+# define secureRandom() arc4random()
+#else
+int secureRandom( void );
+#endif
+
 #endif /* _DM_AUTH_H_ */
diff --git a/kdm/backend/genauth.c b/kdm/backend/genauth.c
index 2978851e1..6da95cce0 100644
--- a/kdm/backend/genauth.c
+++ b/kdm/backend/genauth.c
@@ -488,3 +488,13 @@ GenerateAuthData( char *auth, int len )
 # endif
 #endif
 }
+
+#ifndef HAVE_ARC4RANDOM
+int
+secureRandom( void )
+{
+	int rslt;
+	GenerateAuthData( (char *)&rslt, sizeof(int) );
+	return rslt & 0x7fffffff;
+}
+#endif
+\ No newline at end of file
diff --git a/kdm/backend/util.c b/kdm/backend/util.c
index c3e9a520c..b980862f1 100644
--- a/kdm/backend/util.c
+++ b/kdm/backend/util.c
@@ -35,6 +35,7 @@ from the copyright holder.
  */
 
 #include "dm.h"
+#include "dm_auth.h"
 #include "dm_error.h"
 
 #include <string.h>
@@ -519,6 +520,20 @@ mTime( const char *fn )
 		return st.st_mtime;
 }
 
+void
+randomStr( char *s )
+{
+	static const char letters[] =
+		"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+	unsigned i, rn = secureRandom();
+
+	for (i = 0; i < 6; i++) {
+		*s++ = letters[rn % 62];
+		rn /= 62;
+	}
+	*s = 0;
+}
+
 static int
 StrNChrCnt( const char *s, int slen, char c )
 {
author	tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>	2010-04-21 19:01:33 +0000
committer	tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>	2010-04-21 19:01:33 +0000
commit	0a9caa3b3716846c944b76795b182caa4050e63a (patch)
tree	93edad259cad5c669297858f198ae2bc88b5be28 /kdm
parent	9885131c3e220b351fa05ff9fdee265b7f83549e (diff)
download	tdebase-0a9caa3b3716846c944b76795b182caa4050e63a.tar.gz tdebase-0a9caa3b3716846c944b76795b182caa4050e63a.zip