1 # From http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306
2 # Commited to upstream.
4 diff --git a/Makefile b/Makefile
5 index a01bafd..9bd5555 100644
8 @@ -7,7 +7,7 @@ CXX=/usr/bin/g++
10 CFLAGS=-Wall -I. -I/usr/include/freetype2 -I/usr/include/freetype2/config -I/usr/include/libpng12 -I/usr/include
12 -LDFLAGS=-L/usr/X11R6/lib -lXft -lX11 -lpng12 -lm -lXmu -lpng -ljpeg
13 +LDFLAGS=-L/usr/X11R6/lib -lXft -lX11 -lpng12 -lm -lXmu -lpng -ljpeg -lrt
17 @@ -25,7 +25,8 @@ VERSION=1.3.1
18 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
19 -DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
21 -OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
22 +OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
27 diff --git a/Makefile.freebsd b/Makefile.freebsd
28 index 3ff326e..c925a39 100644
29 --- a/Makefile.freebsd
30 +++ b/Makefile.freebsd
31 @@ -24,7 +24,8 @@ VERSION=1.3.1
32 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
33 -DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
35 -OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
36 +OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
41 diff --git a/Makefile.netbsd b/Makefile.netbsd
42 index ad8bb8b..45f33e6 100644
45 @@ -24,7 +24,8 @@ VERSION=1.3.1
46 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
47 -DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
49 -OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
50 +OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
55 diff --git a/Makefile.openbsd b/Makefile.openbsd
56 index b1829f8..1205b84 100644
57 --- a/Makefile.openbsd
58 +++ b/Makefile.openbsd
59 @@ -20,7 +20,8 @@ VERSION=1.3.1
60 DEFINES=-DPACKAGE=\"$(NAME)\" -DVERSION=\"$(VERSION)\" \
61 -DPKGDATADIR=\"$(PREFIX)/share/slim\" -DSYSCONFDIR=\"$(CFGDIR)\"
63 -OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o panel.o
64 +OBJECTS=jpeg.o png.o main.o image.o numlock.o cfg.o switchuser.o app.o \
67 .SUFFIXES: .c.o .cpp.o
69 diff --git a/app.cpp b/app.cpp
70 index 83ae947..0ac8c3a 100644
81 @@ -128,15 +129,18 @@ void User1Signal(int sig) {
85 -App::App(int argc, char** argv):
86 - pam(conv, static_cast<void*>(&LoginPanel)){
87 +App::App(int argc, char** argv)
88 + : pam(conv, static_cast<void*>(&LoginPanel)),
90 -App::App(int argc, char** argv){
91 +App::App(int argc, char** argv)
94 + mcookiesize(32) // Must be divisible by 4
99 - mcookie = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
100 + mcookie = string(App::mcookiesize, 'a');
102 force_nodaemon = false;
104 @@ -1127,13 +1131,13 @@ string App::findValidRandomTheme(const string& set)
105 name = name.substr(0, name.length() - 1);
108 - srandom(getpid()+time(NULL));
109 + Util::srandom(Util::makeseed());
111 vector<string> themes;
113 Cfg::split(themes, name, ',');
115 - int sel = random() % themes.size();
116 + int sel = Util::random() % themes.size();
118 name = Cfg::Trim(themes[sel]);
119 themefile = string(THEMESDIR) +"/" + name + THEMESFILE;
120 @@ -1160,33 +1164,33 @@ void App::replaceVariables(string& input,
125 + * We rely on the fact that all bits generated by Util::random()
126 + * are usable, so we are taking full words from its output.
128 void App::CreateServerAuth() {
129 /* create mit cookie */
138 const char *digits = "0123456789abcdef";
139 - srand( time(NULL) );
140 - for ( i = 0; i < 31; i++ ) {
142 - mcookie[i] = digits[r];
145 + Util::srandom(Util::makeseed());
146 + for (i = 0; i < App::mcookiesize; i+=4) {
147 + word = Util::random() & 0xffff;
150 + mcookie[i] = digits[lo & 0x0f];
151 + mcookie[i+1] = digits[lo >> 4];
152 + mcookie[i+2] = digits[hi & 0x0f];
153 + mcookie[i+3] = digits[hi >> 4];
155 - /* MIT-COOKIE: even occurrences of digits and hex digits */
156 - if ((hexcount%2) == 0) {
161 - mcookie[31] = digits[r];
162 /* reinitialize auth file */
163 authfile = cfg->getOption("authfile");
164 remove(authfile.c_str());
165 putenv(StrConcat("XAUTHORITY=", authfile.c_str()));
166 - cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
167 - system(cmd.c_str());
168 + Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
172 char* App::StrConcat(const char* str1, const char* str2) {
173 diff --git a/app.h b/app.h
174 index 7b4bd10..9a44269 100644
177 @@ -101,6 +101,8 @@ private:
179 std::string themeName;
182 + const int mcookiesize;
186 diff --git a/switchuser.cpp b/switchuser.cpp
187 index e72a8fc..ec298e1 100644
193 #include "switchuser.h"
198 @@ -53,10 +54,10 @@ void SwitchUser::Execute(const char* cmd) {
201 void SwitchUser::SetClientAuth(const char* mcookie) {
204 string home = string(Pw->pw_dir);
205 string authfile = home + "/.Xauthority";
206 remove(authfile.c_str());
207 - string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
208 - r = system(cmd.c_str());
209 + r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"),
212 diff --git a/util.cpp b/util.cpp
214 index 0000000..5ed972f
218 +/* SLiM - Simple Login Manager
219 + Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
221 + This program is free software; you can redistribute it and/or modify
222 + it under the terms of the GNU General Public License as published by
223 + the Free Software Foundation; either version 2 of the License, or
224 + (at your option) any later version.
227 +#include <sys/types.h>
237 + * Adds the given cookie to the specified Xauthority file.
238 + * Returns true on success, false on fault.
240 +bool Util::add_mcookie(const std::string &mcookie, const char *display,
241 + const std::string &xauth_cmd, const std::string &authfile)
244 + std::string cmd = xauth_cmd + " -f " + authfile + " -q";
246 + fp = popen(cmd.c_str(), "w");
249 + fprintf(fp, "remove %s\n", display);
250 + fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str());
251 + fprintf(fp, "exit\n");
258 + * Interface for random number generator. Just now it uses ordinary
259 + * random/srandom routines and serves as a wrapper for them.
261 +void Util::srandom(unsigned long seed)
266 +long Util::random(void)
272 + * Makes seed for the srandom() using "random" values obtained from
273 + * getpid(), time(NULL) and others.
275 +long Util::makeseed(void)
277 + struct timespec ts;
278 + long pid = getpid();
279 + long tm = time(NULL);
281 + if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) {
282 + ts.tv_sec = ts.tv_nsec = 0;
285 + return pid + tm + (ts.tv_sec ^ ts.tv_nsec);
287 diff --git a/util.h b/util.h
289 index 0000000..b8d2993
293 +/* SLiM - Simple Login Manager
294 + Copyright (C) 2009 Eygene Ryabinkin <rea@codelabs.ru>
296 + This program is free software; you can redistribute it and/or modify
297 + it under the terms of the GNU General Public License as published by
298 + the Free Software Foundation; either version 2 of the License, or
299 + (at your option) any later version.
307 + bool add_mcookie(const std::string &mcookie, const char *display,
308 + const std::string &xauth_cmd, const std::string &authfile);
310 + void srandom(unsigned long seed);
313 + long makeseed(void);
316 +#endif /* __UTIL_H__ */