diff options
author | BLINDAUER Emmanuel <e.blindauer@gmail.com> | 2016-12-14 00:29:22 +0100 |
---|---|---|
committer | BLINDAUER Emmanuel <e.blindauer@gmail.com> | 2016-12-14 00:29:22 +0100 |
commit | 0aa4b85f817ac97ab8916c6aaae3066149902ba6 (patch) | |
tree | aef62cc00899694132efffd0e9354d121ae62393 | |
parent | 6875dbe8607a6a7354988b97ba60e987a7708705 (diff) | |
download | xrdp-proprietary-0aa4b85f817ac97ab8916c6aaae3066149902ba6.tar.gz xrdp-proprietary-0aa4b85f817ac97ab8916c6aaae3066149902ba6.zip |
Xauth: use snprintf for setting the filename and adjust the value of computed cookie
-rw-r--r-- | sesman/session.c | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/sesman/session.c b/sesman/session.c index ea3a7ee8..f057c93d 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -441,6 +441,9 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s) struct list *xserver_params = (struct list *)NULL; struct tm stime; time_t ltime; + char cookie[33]; /* the cookie which will be used for xauth */ + char cookie_tmpval; /* Used to fill the cookie with random values */ + char authfile[255]; /* The filename for storing xauth informations */ /* initialize (zero out) local variables: */ g_memset(<ime, 0, sizeof(time_t)); @@ -676,16 +679,23 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s) g_snprintf(text, 255, "%d", g_cfg->sess.kill_disconnected); g_setenv("XRDP_SESMAN_KILL_DISCONNECTED", text, 1); - /* now the Xauthority stuff */ - char cookie[33] = ""; - char authfile[255] = ".Xauthority"; - + /* prepare the Xauthority stuff */ if (g_getenv("XAUTHORITY") !=NULL) - g_sprintf(authfile, "%s", g_getenv("XAUTHORITY")); + { + g_snprintf(authfile, 255, "%s", g_getenv("XAUTHORITY")); + } + else + { + g_snprintf(authfile, 11, "%s", ".Xauthority"); + } + /* Create the cookie */ - srand((unsigned int) time(0)); - for (i = 0; i < 32; i += 2) - sprintf(&cookie[i], "%02X", rand() % 16); + for (i = 0; i < 32; i++) + { + g_random((char *) &cookie_tmpval, 1); + sprintf(&cookie[i], "%02X", cookie_tmpval & 0xff); + } + cookie[32]='\0'; /* Add the entry in XAUTORITY file */ env_add_xauth_user(display, cookie, NULL); |