Use getentropy() if arc4random_buf() is not available - xorg/lib/libXdmcp - X Display Manager Control Protocol routines (mirrored from https://gitlab.freedesktop.org/xorg/lib/libxdmcp)

diff options

author	Benjamin Tissoires <benjamin.tissoires@gmail.com>	2017-04-04 19:13:38 +0200
committer	Peter Hutterer <peter.hutterer@who-t.net>	2017-04-24 11:11:53 +1000
commit	0554324ec6bbc2071f5d1f8ad211a1643e29eb1f (patch)
tree	986a6602dd07c35235bc9713f6ec2f01d9756b6a /include/X11
parent	f1bf902c52884e35d48f4d03915f019337f84717 (diff)

Use getentropy() if arc4random_buf() is not available

This allows to fix CVE-2017-2625 on Linux platforms without pulling in libbsd. The libc getentropy() is available since glibc 2.25 but also on OpenBSD. For Linux, we need at least a v3.17 kernel. If the recommended arc4random_buf() function is not available, emulate it by first trying to use getentropy() on a supported glibc and kernel. If the call fails, fall back to the current (vulnerable) code. Signed-off-by: Benjamin Tissoires <benjamin.tissoires@gmail.com> Reviewed-by: Mark Kettenis <kettenis@openbsd.org> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

Diffstat (limited to 'include/X11')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: