Bug #1612: Use a stronger PRNG.

Currently just reads from /dev/urandom, and only on Linux.

configure.ac

@@ -175,6 +175,12 @@ fi
 AC_CHECK_FUNC([dlopen], [],
 	AC_CHECK_LIB([dl], [dlopen], DLOPEN_LIBS="-ldl"))
 
+case $host_os in
+    linux*)
+	AC_DEFINE(HAVE_URANDOM, 1, [Has /dev/urandom]) ;;
+    *) ;;
+esac
+
 dnl Checks for library functions.
 AC_FUNC_VPRINTF
 AC_CHECK_FUNCS([geteuid getuid link memmove memset mkstemp strchr strrchr \

include/dix-config.h.in

@@ -240,6 +240,9 @@
 /* Define to 1 if you have the <unistd.h> header file. */
 #undef HAVE_UNISTD_H
 
+/* Have /dev/urandom */
+#undef HAVE_URANDOM
+
 /* Define to 1 if you have the `vprintf' function. */
 #undef HAVE_VPRINTF
 

os/auth.c

@@ -325,6 +325,20 @@ GenerateAuthorization(
     return -1;
 }
 
+#ifdef HAVE_URANDOM
+
+void
+GenerateRandomData (int len, char *buf)
+{
+    int fd;
+
+    fd = open("/dev/urandom", O_RDONLY);
+    read(fd, buf, len);
+    close(fd);
+}
+
+#else /* !HAVE_URANDOM */
+
 /* A random number generator that is more unpredictable
    than that shipped with some systems.
    This code is taken from the C standard. */
@@ -362,4 +376,6 @@ GenerateRandomData (int len, char *buf)
     /* XXX add getrusage, popen("ps -ale") */
 }
 
+#endif /* HAVE_URANDOM */
+
 #endif /* XCSECURITY */