Do not pull libbsd, use getentropy or getrandom syscall instead

0001-Use-getentropy-if-arc4random_buf-is-not-available.patch

@@ -0,0 +1,90 @@
+From 0554324ec6bbc2071f5d1f8ad211a1643e29eb1f Mon Sep 17 00:00:00 2001
+From: Benjamin Tissoires <benjamin.tissoires@gmail.com>
+Date: Tue, 4 Apr 2017 19:13:38 +0200
+Subject: [PATCH libXdmcp 1/3] Use getentropy() if arc4random_buf() is not
+ available
+
+This allows to fix CVE-2017-2625 on Linux platforms without pulling in
+libbsd.
+The libc getentropy() is available since glibc 2.25 but also on OpenBSD.
+For Linux, we need at least a v3.17 kernel. If the recommended
+arc4random_buf() function is not available, emulate it by first trying
+to use getentropy() on a supported glibc and kernel. If the call fails,
+fall back to the current (vulnerable) code.
+
+Signed-off-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
+Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
+Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ Key.c        | 31 ++++++++++++++++++++++++++-----
+ configure.ac |  2 +-
+ 2 files changed, 27 insertions(+), 6 deletions(-)
+
+diff --git a/Key.c b/Key.c
+index a09b316..70607d0 100644
+--- a/Key.c
++++ b/Key.c
+@@ -62,10 +62,11 @@ getbits (long data, unsigned char *dst)
+ #define getpid(x) _getpid(x)
+ #endif
+ 
+-void
+-XdmcpGenerateKey (XdmAuthKeyPtr key)
+-{
+ #ifndef HAVE_ARC4RANDOM_BUF
++
++static void
++emulate_getrandom_buf (char *auth, int len)
++{
+     long    lowbits, highbits;
+ 
+     srandom ((int)getpid() ^ time((Time_t *)0));
+@@ -73,9 +74,29 @@ XdmcpGenerateKey (XdmAuthKeyPtr key)
+     highbits = random ();
+     getbits (lowbits, key->data);
+     getbits (highbits, key->data + 4);
+-#else
++}
++
++static void
++arc4random_buf (void *auth, int len)
++{
++    int	    ret;
++
++#if HAVE_GETENTROPY
++    /* weak emulation of arc4random through the getentropy libc call */
++    ret = getentropy (auth, len);
++    if (ret == 0)
++	return;
++#endif /* HAVE_GETENTROPY */
++
++    emulate_getrandom_buf (auth, len);
++}
++
++#endif /* !defined(HAVE_ARC4RANDOM_BUF) */
++
++void
++XdmcpGenerateKey (XdmAuthKeyPtr key)
++{
+     arc4random_buf(key->data, 8);
+-#endif
+ }
+ 
+ int
+diff --git a/configure.ac b/configure.ac
+index 2288502..d2b045d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -65,7 +65,7 @@ esac
+ 
+ # Checks for library functions.
+ AC_CHECK_LIB([bsd], [arc4random_buf])
+-AC_CHECK_FUNCS([srand48 lrand48 arc4random_buf])
++AC_CHECK_FUNCS([srand48 lrand48 arc4random_buf getentropy])
+ 
+ # Obtain compiler/linker options for depedencies
+ PKG_CHECK_MODULES(XDMCP, xproto)
+-- 
+2.9.3
+

0002-Fix-compilation-error-when-arc4random_buf-is-not-ava.patch

@@ -0,0 +1,53 @@
+From 95bef09f135a70ba1174a0021f441b0bb62a9bec Mon Sep 17 00:00:00 2001
+From: Benjamin Tissoires <benjamin.tissoires@gmail.com>
+Date: Thu, 4 May 2017 11:05:15 +0200
+Subject: [PATCH libXdmcp 2/3] Fix compilation error when arc4random_buf is not
+ available
+
+Not sure how I missed that, but I did.
+
+Also rename emulate_getrandom_buf() into insecure_getrandom_buf() as
+requested in the previous patch reviews.
+
+Last, getbits() expects an unsigned char, so remove the warning.
+
+Signed-off-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
+---
+ Key.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/Key.c b/Key.c
+index 70607d0..d61ad0e 100644
+--- a/Key.c
++++ b/Key.c
+@@ -65,15 +65,15 @@ getbits (long data, unsigned char *dst)
+ #ifndef HAVE_ARC4RANDOM_BUF
+ 
+ static void
+-emulate_getrandom_buf (char *auth, int len)
++insecure_getrandom_buf (unsigned char *auth, int len)
+ {
+     long    lowbits, highbits;
+ 
+     srandom ((int)getpid() ^ time((Time_t *)0));
+     lowbits = random ();
+     highbits = random ();
+-    getbits (lowbits, key->data);
+-    getbits (highbits, key->data + 4);
++    getbits (lowbits, auth);
++    getbits (highbits, auth + 4);
+ }
+ 
+ static void
+@@ -88,7 +88,7 @@ arc4random_buf (void *auth, int len)
+ 	return;
+ #endif /* HAVE_GETENTROPY */
+ 
+-    emulate_getrandom_buf (auth, len);
++    insecure_getrandom_buf (auth, len);
+ }
+ 
+ #endif /* !defined(HAVE_ARC4RANDOM_BUF) */
+-- 
+2.9.3
+

0003-Add-getentropy-emulation-through-syscall.patch

@@ -0,0 +1,74 @@
+From 4e166987d7e7d37d1f5cc71c0eb7918dea4fe443 Mon Sep 17 00:00:00 2001
+From: Benjamin Tissoires <benjamin.tissoires@gmail.com>
+Date: Thu, 4 May 2017 11:13:51 +0200
+Subject: [PATCH libXdmcp 3/3] Add getentropy emulation through syscall
+
+RHEL/f24/f25 only patch
+
+Signed-off-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
+---
+ Key.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 48 insertions(+)
+
+diff --git a/Key.c b/Key.c
+index d61ad0e..4b0e9c0 100644
+--- a/Key.c
++++ b/Key.c
+@@ -76,6 +76,54 @@ insecure_getrandom_buf (unsigned char *auth, int len)
+     getbits (highbits, auth + 4);
+ }
+ 
++#ifndef HAVE_GETENTROPY
++#include <sys/syscall.h>
++#include <errno.h>
++
++/* code taken from libressl, license: */
++/*
++ * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
++ * Copyright (c) 2014 Bob Beck <beck@obtuse.com>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ *
++ * Emulation of getentropy(2) as documented at:
++ * http://man.openbsd.org/getentropy.2
++ */
++#ifdef __NR_getrandom
++
++static int
++getentropy(void *buf, size_t len)
++{
++	int pre_errno = errno;
++	int ret;
++	if (len > 256)
++		return (-1);
++	do {
++		ret = syscall(__NR_getrandom, buf, len, 0);
++	} while (ret == -1 && errno == EINTR);
++
++	if (ret != len)
++		return (-1);
++	errno = pre_errno;
++
++	return (0);
++}
++#define HAVE_GETENTROPY 1
++#endif /* __NR_getrandom */
++
++#endif /* HAVE_GETENTROPY */
++
+ static void
+ arc4random_buf (void *auth, int len)
+ {
+-- 
+2.9.3
+

libXdmcp.spec

@@ -1,7 +1,7 @@
 Summary: X Display Manager Control Protocol library
 Name: libXdmcp
 Version: 1.1.2
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: MIT
 Group: System Environment/Libraries
 URL: http://www.x.org
@@ -12,7 +12,10 @@ BuildRequires: xorg-x11-util-macros
 BuildRequires: autoconf automake libtool
 BuildRequires: xorg-x11-proto-devel
 BuildRequires: xmlto
-BuildRequires: libbsd-devel
+
+Patch0: 0001-Use-getentropy-if-arc4random_buf-is-not-available.patch
+Patch1: 0002-Fix-compilation-error-when-arc4random_buf-is-not-ava.patch
+Patch2: 0003-Add-getentropy-emulation-through-syscall.patch
 
 %description
 X Display Manager Control Protocol library.
@@ -27,6 +30,9 @@ libXdmcp development package.
 
 %prep
 %setup -q
+%patch0 -p1 -b .cve-2017-2625
+%patch1 -p1 -b .cve-2017-2625
+%patch2 -p1 -b .cve-2017-2625
 
 %build
 autoreconf -v --install --force
@@ -64,6 +70,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/pkgconfig/xdmcp.pc
 
 %changelog
+* Tue Mar 28 2017 Benjamin Tissoires <benjamin.tissoires@redhat.com> 1.1.2-6
+- Do not pull libbsd, use getentropy or getrandom syscall instead
+
 * Wed Mar 01 2017 Benjamin Tissoires <benjamin.tissoires@redhat.com> 1.1.2-5
 - Use libbsd for randoms (CVE-2017-2625, rhbz#1427716)