--- sourceforge.net/trunk/rdesktop/rdesktop.c	2002/10/04 14:28:14	211
+++ sourceforge.net/trunk/rdesktop/rdesktop.c	2002/10/11 04:00:32	222
@@ -29,6 +29,17 @@
 #include <sys/times.h>		/* times */
 #include "rdesktop.h"
 
+#ifdef EGD_SOCKET
+#include <sys/socket.h>		/* socket connect */
+#include <sys/un.h>		/* sockaddr_un */
+#endif
+
+#ifdef WITH_OPENSSL
+#include <openssl/md5.h>
+#else
+#include "crypto/md5.h"
+#endif
+
 char title[32] = "";
 char username[16];
 char hostname[16];
@@ -40,7 +51,6 @@
 BOOL bitmap_compression = True;
 BOOL sendmotion = True;
 BOOL orders = True;
-BOOL licence = True;
 BOOL encryption = True;
 BOOL desktop_save = True;
 BOOL fullscreen = False;
@@ -54,13 +64,12 @@
 	fprintf(stderr, "Version " VERSION ". Copyright (C) 1999-2002 Matt Chapman.\n");
 	fprintf(stderr, "See http://www.rdesktop.org/ for more information.\n\n");
 
-	fprintf(stderr, "Usage: %s [options] server\n", program);
+	fprintf(stderr, "Usage: %s [options] server[:port]\n", program);
 	fprintf(stderr, "   -u: user name\n");
 	fprintf(stderr, "   -d: domain\n");
 	fprintf(stderr, "   -s: shell\n");
 	fprintf(stderr, "   -c: working directory\n");
 	fprintf(stderr, "   -p: password (- to prompt)\n");
-	fprintf(stderr, "   -P: askpass-program (autologon)\n");
 	fprintf(stderr, "   -n: client hostname\n");
 	fprintf(stderr, "   -k: keyboard layout on terminal server (us,sv,gr etc.)\n");
 	fprintf(stderr, "   -g: desktop geometry (WxH)\n");
@@ -68,8 +77,6 @@
 	fprintf(stderr, "   -b: force bitmap updates\n");
 	fprintf(stderr, "   -e: disable encryption (French TS)\n");
 	fprintf(stderr, "   -m: do not send motion events\n");
-	fprintf(stderr, "   -l: do not request licence\n");
-	fprintf(stderr, "   -t: rdp tcp port\n");
 	fprintf(stderr, "   -K: keep window manager key bindings\n");
 	fprintf(stderr, "   -w: window title\n");
 }
@@ -114,16 +121,16 @@
 int
 main(int argc, char *argv[])
 {
+	char server[64];
 	char fullhostname[64];
 	char domain[16];
 	char password[16];
-	char *askpass_result;
 	char shell[32];
 	char directory[32];
 	BOOL prompt_password;
 	struct passwd *pw;
-	char *server, *p;
 	uint32 flags;
+	char *p;
 	int c;
 
 	flags = RDP_LOGON_NORMAL;
@@ -131,7 +138,7 @@
 	domain[0] = password[0] = shell[0] = directory[0] = 0;
 	strcpy(keymapname, "us");
 
-	while ((c = getopt(argc, argv, "u:d:s:c:p:P:n:k:g:t:fbemlKw:h?")) != -1)
+	while ((c = getopt(argc, argv, "u:d:s:c:p:n:k:g:fbemKw:h?")) != -1)
 	{
 		switch (c)
 		{
@@ -167,16 +174,6 @@
 					*(p++) = 'X';
 				break;
 
-			case 'P':
-				askpass_result = askpass(optarg, "Enter password");
-				if (askpass_result == NULL)
-					exit(1);
-
-				STRNCPY(password, askpass_result, sizeof(password));
-				free(askpass_result);
-				flags |= RDP_LOGON_AUTO;
-				break;
-
 			case 'n':
 				STRNCPY(hostname, optarg, sizeof(hostname));
 				break;
@@ -213,20 +210,12 @@
 				sendmotion = False;
 				break;
 
-			case 'l':
-				licence = False;
-				break;
-
-			case 't':
-				tcp_port_rdp = strtol(optarg, NULL, 10);
-				break;
-
 			case 'K':
 				grab_keyboard = False;
 				break;
 
 			case 'w':
-				strncpy(title, optarg, sizeof(title));
+				STRNCPY(title, optarg, sizeof(title));
 				break;
 
 			case 'h':
@@ -243,7 +232,13 @@
 		return 1;
 	}
 
-	server = argv[optind];
+	STRNCPY(server, argv[optind], sizeof(server));
+	p = strchr(server, ':');
+	if (p != NULL)
+	{
+		tcp_port_rdp = strtol(p + 1, NULL, 10);
+		*p = 0;
+	}
 
 	if (username[0] == 0)
 	{
@@ -302,25 +297,72 @@
 	return 0;
 }
 
+#ifdef EGD_SOCKET
+/* Read 32 random bytes from PRNGD or EGD socket (based on OpenSSL RAND_egd) */
+static BOOL
+generate_random_egd(uint8 * buf)
+{
+	struct sockaddr_un addr;
+	BOOL ret = False;
+	int fd;
+
+	fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if (fd == -1)
+		return False;
+
+	addr.sun_family = AF_UNIX;
+	memcpy(addr.sun_path, EGD_SOCKET, sizeof(EGD_SOCKET));
+	if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1)
+		goto err;
+
+	/* PRNGD and EGD use a simple communications protocol */
+	buf[0] = 1;  /* Non-blocking (similar to /dev/urandom) */
+	buf[1] = 32; /* Number of requested random bytes */
+	if (write(fd, buf, 2) != 2)
+		goto err;
+
+	if ((read(fd, buf, 1) != 1) || (buf[0] == 0)) /* Available? */
+		goto err;
+
+	if (read(fd, buf, 32) != 32)
+		goto err;
+
+	ret = True;
+
+err:
+	close(fd);
+	return ret;
+}
+#endif
+
 /* Generate a 32-byte random for the secure transport code. */
 void
 generate_random(uint8 * random)
 {
 	struct stat st;
 	struct tms tmsbuf;
-	uint32 *r = (uint32 *) random;
-	int fd;
+	MD5_CTX md5;
+	uint32 *r;
+	int fd, n;
 
-	/* If we have a kernel random device, use it. */
+	/* If we have a kernel random device, try that first */
 	if (((fd = open("/dev/urandom", O_RDONLY)) != -1)
 	    || ((fd = open("/dev/random", O_RDONLY)) != -1))
 	{
-		read(fd, random, 32);
+		n = read(fd, random, 32);
 		close(fd);
-		return;
+		if (n == 32)
+			return;
 	}
 
+#ifdef EGD_SOCKET
+	/* As a second preference use an EGD */
+	if (generate_random_egd(random))
+		return;
+#endif
+
 	/* Otherwise use whatever entropy we can gather - ideas welcome. */
+	r = (uint32 *)random;
 	r[0] = (getpid()) | (getppid() << 16);
 	r[1] = (getuid()) | (getgid() << 16);
 	r[2] = times(&tmsbuf);	/* system uptime (clocks) */
@@ -329,6 +371,13 @@
 	r[5] = st.st_atime;
 	r[6] = st.st_mtime;
 	r[7] = st.st_ctime;
+
+	/* Hash both halves with MD5 to obscure possible patterns */
+	MD5_Init(&md5);
+	MD5_Update(&md5, random, 16); 
+	MD5_Final(random, &md5);
+	MD5_Update(&md5, random+16, 16);
+	MD5_Final(random+16, &md5);
 }
 
 /* malloc; exit if out of memory */