* (bug 3019) use the operating system's random number generator if possible

when generating the qkey file

code/client/cl_main.c

@@ -2534,18 +2534,14 @@ static void CL_GenerateQKey(void)
 		return;
 	}
 	else {
-		int i;
-
 		if( len > 0 ) {
 			Com_Printf( "QKEY file size != %d, regenerating\n",
 				QKEY_SIZE );
 		}
 
-		srand(time(0));
-		for(i = 0; i < sizeof(buff) - 1; i++) {
-			buff[i] = (unsigned char)(rand() % 255);
-		}
-		buff[i] = 0;
+		Com_Printf( "QKEY building random string\n" );
+		Com_RandomBytes( buff, sizeof(buff) );
+
 		f = FS_SV_FOpenFileWrite( QKEY_FILE );
 		if( !f ) {
 			Com_Printf( "QKEY could not open %s for write\n",

code/qcommon/common.c

@@ -3217,3 +3217,24 @@ void Field_AutoComplete( field_t *field )
 
 	Field_CompleteCommand( completionField->buffer, qtrue, qtrue );
 }
+
+/*
+==================
+Com_RandomBytes
+
+fills string array with len radom bytes, peferably from the OS randomizer
+==================
+*/
+void Com_RandomBytes( byte *string, int len )
+{
+	int i;
+
+	if( Sys_RandomBytes( string, len ) )
+		return;
+
+	Com_Printf( "Com_RandomBytes: using weak randomization\n" );
+	srand( time( 0 ) );
+	for( i = 0; i < len; i++ )
+		string[i] = (unsigned char)( rand() % 255 );
+}
+

code/qcommon/md5.c

@@ -263,7 +263,7 @@ char *Com_MD5File( const char *fn, int length, const char *prefix, int prefix_le
 	unsigned char digest[16] = {""}; 
 	fileHandle_t f;
 	MD5_CTX md5;
-	char buffer[2048];
+	byte buffer[2048];
 	int i;
 	int filelen = 0;
 	int r = 0;
@@ -296,7 +296,7 @@ char *Com_MD5File( const char *fn, int length, const char *prefix, int prefix_le
 		if(r + total > length)
 			r = length - total;
 		total += r;
-		MD5Update(&md5 , (unsigned char *)buffer, r);
+		MD5Update(&md5 , buffer, r);
 		if(r < sizeof(buffer) || total >= length)
 			break;
 	}

code/qcommon/q_shared.h

@@ -640,6 +640,8 @@ void	QDECL Com_sprintf (char *dest, int size, const char *fmt, ...) __attribute_
 char *Com_SkipTokens( char *s, int numTokens, char *sep );
 char *Com_SkipCharset( char *s, char *sep );
 
+void Com_RandomBytes( byte *string, int len );
+
 // mode parm for FS_FOpenFile
 typedef enum {
 	FS_READ,

code/qcommon/qcommon.h

@@ -1001,6 +1001,8 @@ int		Sys_Milliseconds (void);
 
 void	Sys_SnapVector( float *v );
 
+qboolean Sys_RandomBytes( byte *string, int len );
+
 // the system console is shown when a dedicated server is running
 void	Sys_DisplaySystemConsole( qboolean show );
 

code/unix/unix_shared.c

@@ -174,6 +174,22 @@ char *strlwr (char *s) {
   return s; // bk001204 - duh
 }
 
+qboolean Sys_RandomBytes( byte *string, int len )
+{
+  FILE *fp;
+
+  fp = fopen( "/dev/urandom", "r" );
+  if( !fp )
+    return qfalse;
+
+  if( !fread( string, sizeof( byte ), len, fp ) ) {
+	fclose( fp );
+	return qfalse;
+  }
+  fclose( fp );
+  return qtrue; 
+}
+
 //============================================
 
 #define	MAX_FOUND_FILES	0x1000

code/win32/win_shared.c

@@ -32,6 +32,7 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 #include <direct.h>
 #include <io.h>
 #include <conio.h>
+#include <wincrypt.h>
 
 /*
 ================
@@ -81,6 +82,24 @@ void Sys_SnapVector( float *v )
 }
 #endif
 
+qboolean Sys_RandomBytes( byte *string, int len )
+{
+	HCRYPTPROV  prov;
+
+	if( !CryptAcquireContext( &prov, NULL, NULL,
+		PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) )  {
+
+		return qfalse;
+	}
+
+	if( !CryptGenRandom( prov, len, (BYTE *)string ) )  {
+		CryptReleaseContext( prov, 0 );
+		return qfalse;
+	}
+	CryptReleaseContext( prov, 0 );
+	return qtrue;
+}
+
 
 /*
 **