1/*
2Copyright 1989, 1998  The Open Group
3
4Permission to use, copy, modify, distribute, and sell this software and its
5documentation for any purpose is hereby granted without fee, provided that
6the above copyright notice appear in all copies and that both that
7copyright notice and this permission notice appear in supporting
8documentation.
9
10The above copyright notice and this permission notice shall be included in
11all copies or substantial portions of the Software.
12
13THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
16OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
17AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
18CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19
20Except as contained in this notice, the name of The Open Group shall not be
21used in advertising or otherwise to promote the sale, use or other dealings
22in this Software without prior written authorization from The Open Group.
23 *
24 * Author:  Keith Packard, MIT X Consortium
25 */
26
27#ifdef HAVE_CONFIG_H
28#include <config.h>
29#endif
30#include <X11/Xos.h>
31#include <X11/X.h>
32#include <X11/Xmd.h>
33#include <X11/Xdmcp.h>
34#include <stdlib.h>
35
36#ifndef HAVE_ARC4RANDOM_BUF
37static void
38getbits (long data, unsigned char *dst)
39{
40    dst[0] = (data      ) & 0xff;
41    dst[1] = (data >>  8) & 0xff;
42    dst[2] = (data >> 16) & 0xff;
43    dst[3] = (data >> 24) & 0xff;
44}
45
46#define Time_t time_t
47
48#if defined(HAVE_LRAND48) && defined(HAVE_SRAND48)
49#define srandom srand48
50#define random lrand48
51#endif
52#ifdef WIN32
53#include <process.h>
54#define srandom srand
55#define random rand
56#define getpid(x) _getpid(x)
57#endif
58
59/* Solaris 11.3.0 - 11.4.15 only define getentropy() in <sys/random.h> */
60#if HAVE_GETENTROPY && HAVE_SYS_RANDOM_H
61# include <sys/random.h>
62#endif
63
64static void
65insecure_getrandom_buf (unsigned char *auth, int len)
66{
67    long    lowbits, highbits;
68
69    srandom ((int)getpid() ^ time((Time_t *)0));
70    lowbits = random ();
71    highbits = random ();
72    getbits (lowbits, auth);
73    getbits (highbits, auth + 4);
74}
75
76static void
77arc4random_buf (void *auth, int len)
78{
79#if HAVE_GETENTROPY
80    int	    ret;
81
82    /* weak emulation of arc4random through the getentropy libc call */
83    ret = getentropy (auth, len);
84    if (ret == 0)
85	return;
86#endif /* HAVE_GETENTROPY */
87
88    insecure_getrandom_buf (auth, len);
89}
90
91#endif /* !defined(HAVE_ARC4RANDOM_BUF) */
92
93void
94XdmcpGenerateKey (XdmAuthKeyPtr key)
95{
96    arc4random_buf(key->data, 8);
97}
98
99int
100XdmcpCompareKeys (const XdmAuthKeyPtr a, const XdmAuthKeyPtr b)
101{
102    int	i;
103
104    for (i = 0; i < 8; i++)
105	if (a->data[i] != b->data[i])
106	    return FALSE;
107    return TRUE;
108}
109
110void
111XdmcpIncrementKey (XdmAuthKeyPtr key)
112{
113    int	i;
114
115    i = 7;
116    while (++key->data[i] == 0)
117	if (--i < 0)
118	    break;
119}
120
121void
122XdmcpDecrementKey (XdmAuthKeyPtr key)
123{
124    int	i;
125
126    i = 7;
127    while (key->data[i]-- == 0)
128	if (--i < 0)
129	    break;
130}
131