add more randomness into xid generation (#1195693)

dhcp-improved-xid.patch

@@ -1,7 +1,7 @@
-diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclient.c
---- dhcp-4.3.0a1/client/dhclient.c.improved-xid	2013-12-20 13:29:41.836260810 +0100
-+++ dhcp-4.3.0a1/client/dhclient.c	2013-12-20 13:29:41.843260713 +0100
-@@ -894,6 +894,26 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.2/client/dhclient.c.improved-xid dhcp-4.3.2/client/dhclient.c
+--- dhcp-4.3.2/client/dhclient.c.improved-xid	2015-06-24 18:55:36.775988325 +0200
++++ dhcp-4.3.2/client/dhclient.c	2015-06-24 18:56:41.598810344 +0200
+@@ -916,6 +916,26 @@ main(int argc, char **argv) {
  		}
  	}
  
@@ -28,7 +28,7 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
  	/* At this point, all the interfaces that the script thinks
  	   are relevant should be running, so now we once again call
  	   discover_interfaces(), and this time ask it to actually set
-@@ -908,14 +928,36 @@ main(int argc, char **argv) {
+@@ -930,14 +950,36 @@ main(int argc, char **argv) {
  	   Not much entropy, but we're booting, so we're not likely to
  	   find anything better. */
  	seed = 0;
@@ -59,14 +59,14 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
 +		}
 +		/* we only use seed and no current time as a broadcast reply */
 +		/* will certainly be used by the hwaddrless interface */
-+		srandom(seed);
++		srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
 +	}
 +	else
-+	        srandom(seed + cur_time + (unsigned)getpid());
++	        srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
  
  	/* Setup specific Infiniband options */
  	for (ip = interfaces; ip; ip = ip->next) {
-@@ -1460,7 +1502,7 @@ void dhcpack (packet)
+@@ -1491,7 +1533,7 @@ void dhcpack (packet)
  		return;
  	}
  
@@ -75,7 +75,7 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
  
  	lease = packet_to_lease (packet, client);
  	if (!lease) {
-@@ -2171,7 +2213,7 @@ void dhcpnak (packet)
+@@ -2211,7 +2253,7 @@ void dhcpnak (packet)
  		return;
  	}
  
@@ -84,7 +84,7 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
  
  	if (!client -> active) {
  #if defined (DEBUG)
-@@ -2298,10 +2340,10 @@ void send_discover (cpp)
+@@ -2338,10 +2380,10 @@ void send_discover (cpp)
  		client -> packet.secs = htons (65535);
  	client -> secs = client -> packet.secs;
  
@@ -97,7 +97,7 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
  
  	/* Send out a packet. */
  	result = send_packet(client->interface, NULL, &client->packet,
-@@ -2570,10 +2612,10 @@ void send_request (cpp)
+@@ -2610,10 +2652,10 @@ void send_request (cpp)
  			client -> packet.secs = htons (65535);
  	}
  
@@ -110,7 +110,7 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
  
  	if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
  	    fallback_interface) {
-@@ -2613,10 +2655,10 @@ void send_decline (cpp)
+@@ -2653,10 +2695,10 @@ void send_decline (cpp)
  
  	int result;
  
@@ -123,7 +123,7 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclien
  
  	/* Send out a packet. */
  	result = send_packet(client->interface, NULL, &client->packet,
-@@ -2659,10 +2701,10 @@ void send_release (cpp)
+@@ -2699,10 +2741,10 @@ void send_release (cpp)
  		return;
  	}
  

dhcp.spec

@@ -18,7 +18,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  4.3.2
-Release:  7%{?dist}
+Release:  8%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -675,6 +675,9 @@ done
 %doc doc/html/
 
 %changelog
+* Wed Jun 24 2015 Jiri Popelka <jpopelka@redhat.com> - 12:4.3.2-8
+- add more randomness into xid generation (#1195693)
+
 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 12:4.3.2-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild