From 05de38d2266e54c45241a2aa476b8db787e34271 Mon Sep 17 00:00:00 2001
From: Matt Chapman <matthewc@cse.unsw.edu.au>
Date: Thu, 10 Oct 2002 07:25:31 +0000
Subject: [PATCH] Improve security of random number generation (support EGD,
 use MD5 in our poor man's version) - Jacco de Leeuw <jacco2@dds.nl>

git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@219 423420c4-83ab-492f-b58f-81f9feb106b5
---
 configure  | 59 +++++++++++++++++++++++++++++++++---------
 rdesktop.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 117 insertions(+), 17 deletions(-)

diff --git a/configure b/configure
index 00ec739..824d7de 100755
--- a/configure
+++ b/configure
@@ -17,7 +17,7 @@ cflags=
 ldflags=
 
 for arg in $*; do
-optarg=`echo $arg | sed 's/[-a-z]*=//'`    
+optarg=`echo $arg | sed 's/[-a-z]*=//'`
 case $arg in
   --prefix=*)
     echo "prefix      = $optarg" >>Makeconf
@@ -34,10 +34,17 @@ case $arg in
   --sharedir=*)
     echo "datadir     = $optarg" >>Makeconf
     ;;
+  --with-x*)
+    extraxdir=$optarg
+    ;;
   --with-openssl*)
+    extrassldir=$optarg
     ;;
   --without-openssl*)
     ;;
+  --with-egd-socket=*)
+    extraegdpath=$optarg
+    ;;
   --with-debug)
     cflags="$cflags -g -DWITH_DEBUG"
     ;;
@@ -48,15 +55,18 @@ case $arg in
     ;;
   *)
     echo "Target directories:"
-    echo " --prefix=PREFIX        location for architecture-independent files"
-    echo " --exec-prefix=EPREFIX  location for architecture-dependent files"
-    echo " --bindir=BINDIR        location for program binaries [EPREFIX/bin]"
-    echo " --mandir=MANDIR        location for man pages [PREFIX/man]"
-    echo " --sharedir=SHAREDIR    location for architecture-independent shared files [PREFIX/share/rdesktop]"
+    echo " --prefix=PREFIX         location for architecture-independent files"
+    echo " --exec-prefix=EPREFIX   location for architecture-dependent files"
+    echo " --bindir=BINDIR         location for program binaries [EPREFIX/bin]"
+    echo " --mandir=MANDIR         location for man pages [PREFIX/man]"
+    echo " --sharedir=SHAREDIR     location for architecture-independent shared files [PREFIX/share/rdesktop]"
     echo
     echo "Build configuration:"
-    echo " --with-debug           enable protocol debugging output"
-    echo " --with-debug-kbd       enable debugging of keyboard handling"
+    echo " --with-x=DIR            look for X Window System at DIR/include, DIR/lib"
+    echo " --with-openssl=DIR      look for OpenSSL at DIR/include, DIR/lib"
+    echo " --with-egd-socket=PATH  look for Entropy Gathering Daemon socket at PATH"
+    echo " --with-debug            enable protocol debugging output"
+    echo " --with-debug-kbd        enable debugging of keyboard handling"
     echo
     rm -f Makeconf
     exit 1
@@ -79,7 +89,7 @@ esac
 
 # Find X installation
 
-xdirs="/usr/X11R6 /usr/X11 /usr/openwin /usr /usr/local/X11R6 /usr/local/X11 /usr/local"
+xdirs="$extraxdir /usr/X11R6 /usr/X11 /usr/openwin /usr /usr/local/X11R6 /usr/local/X11 /usr/local"
 
 for dir in $xdirs; do
     if [ -f $dir/include/X11/Xlib.h ]; then
@@ -90,7 +100,7 @@ done
 
 if [ -z "$xdir" ]; then
     echo "ERROR: could not find X Window System headers"
-    echo "(searched for include/X11/Xlib.h in $xdirs)"
+    echo "(searched for include/X11/Xlib.h in: $xdirs)"
 
     # additional helpful information for Linux users
     if [ -f /etc/redhat_release ]; then
@@ -119,7 +129,7 @@ ldflags="$ldflags -lX11"
 
 # Find OpenSSL installation if available
 
-ssldirs="/usr/openssl /usr/ssl /usr /usr/local/openssl /usr/local/ssl /usr/local"
+ssldirs="$extrassldir /usr/openssl /usr/ssl /usr /usr/local/openssl /usr/local/ssl /usr/local"
 
 for dir in $ssldirs; do
     if [ -f $dir/include/openssl/rc4.h ]; then
@@ -130,7 +140,7 @@ done
 
 if [ -z "$ssldir" ]; then
     echo "WARNING: could not find OpenSSL headers"
-    echo "(searched for include/openssl/rc4.h in $ssldirs)"
+    echo "(searched for include/openssl/rc4.h in: $ssldirs)"
     echo "Using in-tree crypto; installing OpenSSL is recommended."
     echo
 else
@@ -154,6 +164,31 @@ else
 fi
 
 
+# Find EGD socket if we don't have /dev/urandom or /dev/random
+if [ ! -c /dev/random -a ! -c /dev/urandom ]; then
+    egdpaths="$extraegdpath /var/run/egd-pool /dev/egd-pool /etc/egd-pool /etc/entropy"
+
+    for path in $egdpaths; do
+	# -e isn't portable, so we use -r
+	if [ -r $path ]; then
+	    egdpath=$path
+	    break
+	fi
+    done
+
+    if [ -z "$egdpath" ]; then
+	echo "WARNING: could not find /dev/urandom, /dev/random or Entropy Gathering Daemon (EGD) socket"
+	echo "(searched: $egdpaths)"
+	echo "Session keys may be less secure; installing a system randomness source is recommended."
+	echo
+    else
+	echo "Entropy Gathering Daemon (EGD):"
+        echo "  socket    $egdpath"
+	echo
+	cflags="$cflags -DEGD_SOCKET=\\\"$egdpath\\\""
+    fi
+fi
+
 echo "CFLAGS     += $cflags" >>Makeconf
 echo "LDFLAGS    += $ldflags" >>Makeconf
 
diff --git a/rdesktop.c b/rdesktop.c
index d0e1e6a..e385893 100644
--- a/rdesktop.c
+++ b/rdesktop.c
@@ -29,6 +29,17 @@
 #include <sys/times.h>		/* times */
 #include "rdesktop.h"
 
+#ifdef EGD_SOCKET
+#include <sys/socket.h>		/* socket connect */
+#include <sys/un.h>		/* sockaddr_un */
+#endif
+
+#ifdef WITH_OPENSSL
+#include <openssl/md5.h>
+#else
+#include "crypto/md5.h"
+#endif
+
 char title[32] = "";
 char username[16];
 char hostname[16];
@@ -284,25 +295,72 @@ main(int argc, char *argv[])
 	return 0;
 }
 
+#ifdef EGD_SOCKET
+/* Read 32 random bytes from PRNGD or EGD socket (based on OpenSSL RAND_egd) */
+static BOOL
+generate_random_egd(uint8 * buf)
+{
+	struct sockaddr_un addr;
+	BOOL ret = False;
+	int fd;
+
+	fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if (fd == -1)
+		return False;
+
+	addr.sun_family = AF_UNIX;
+	memcpy(addr.sun_path, EGD_SOCKET, sizeof(EGD_SOCKET));
+	if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1)
+		goto err;
+
+	/* PRNGD and EGD use a simple communications protocol */
+	buf[0] = 1;  /* Non-blocking (similar to /dev/urandom) */
+	buf[1] = 32; /* Number of requested random bytes */
+	if (write(fd, buf, 2) != 2)
+		goto err;
+
+	if ((read(fd, buf, 1) != 1) || (buf[0] == 0)) /* Available? */
+		goto err;
+
+	if (read(fd, buf, 32) != 32)
+		goto err;
+
+	ret = True;
+
+err:
+	close(fd);
+	return ret;
+}
+#endif
+
 /* Generate a 32-byte random for the secure transport code. */
 void
 generate_random(uint8 * random)
 {
 	struct stat st;
 	struct tms tmsbuf;
-	uint32 *r = (uint32 *) random;
-	int fd;
+	MD5_CTX md5;
+	uint32 *r;
+	int fd, n;
 
-	/* If we have a kernel random device, use it. */
+	/* If we have a kernel random device, try that first */
 	if (((fd = open("/dev/urandom", O_RDONLY)) != -1)
 	    || ((fd = open("/dev/random", O_RDONLY)) != -1))
 	{
-		read(fd, random, 32);
+		n = read(fd, random, 32);
 		close(fd);
-		return;
+		if (n == 32)
+			return;
 	}
 
+#ifdef EGD_SOCKET
+	/* As a second preference use an EGD */
+	if (generate_random_egd(random))
+		return;
+#endif
+
 	/* Otherwise use whatever entropy we can gather - ideas welcome. */
+	r = (uint32 *)random;
 	r[0] = (getpid()) | (getppid() << 16);
 	r[1] = (getuid()) | (getgid() << 16);
 	r[2] = times(&tmsbuf);	/* system uptime (clocks) */
@@ -311,6 +369,13 @@ generate_random(uint8 * random)
 	r[5] = st.st_atime;
 	r[6] = st.st_mtime;
 	r[7] = st.st_ctime;
+
+	/* Hash both halves with MD5 to obscure possible patterns */
+	MD5_Init(&md5);
+	MD5_Update(&md5, random, 16); 
+	MD5_Final(random, &md5);
+	MD5_Update(&md5, random+16, 16);
+	MD5_Final(random+16, &md5);
 }
 
 /* malloc; exit if out of memory */