Implement secure random source for windows

COmpilation fixes for mingw.

configure.ac

@@ -9,25 +9,31 @@ AC_CONFIG_HEADERS([config.h])
 
 AC_CANONICAL_SYSTEM
 
-AC_PREFIX_DEFAULT(/usr/local)
-
 dnl initialize pkg-config so that we can use it within if else fi statements.
 PKG_PROG_PKG_CONFIG()
 
-if test "$prefix" = "NONE"; then
-	prefix=$ac_default_prefix
-fi
-
 AM_INIT_AUTOMAKE
 AM_SILENT_RULES(yes)
 
 # Checks for programs.
 AC_PROG_CC
+dnl because of tunnel library wrapper, C++ is required.
 AC_PROG_CXX
 AM_PROG_CC_C_O
+
 dnl AC_PROG_CC_C99
 LT_INIT(disable-static win32-dll)
 
+dnl Workaround for mingw, whose compiler doesn't check in /usr/include ...
+case "$target_os" in
+	*mingw*)
+		if test "$prefix" = "/usr" ; then
+			CPPFLAGS="$CPPFLAGS -I/usr/include"
+			LDFLAGS="$LDFLAGS -L/usr/lib"
+		fi
+	;;
+esac
+
 if test -f /etc/debian_version ; then
 	use_deb=true;
 else
@@ -35,18 +41,18 @@ else
 fi
 
 AC_ARG_ENABLE(debug,
-		[  --enable-debug    Turn on debug mode (default=yes)],
+		[  --enable-debug    Turn on debug mode (default=no)],
 		[case "${enableval}" in
 		yes) debug=true ;;
 		no)  debug=false ;;
 		*) AC_MSG_ERROR(bad value ${enableval} for --enable-debug) ;;
-		esac],[debug=true])
+		esac],[debug=false])
 
-CFLAGS="-fms-extensions"
+CFLAGS="$CFLAGS -fms-extensions"
 if test "$debug" = "no" ; then
-	CFLAGS="-g -O2"
+	CFLAGS="$CFLAGS -g -O2"
 else
-	CFLAGS="-g"
+	CFLAGS="$CFLAGS -g"
 fi
 
 STRICT_OPTIONS=" -Wall -Werror -Wno-unknown-pragmas -Wno-error=unknown-pragmas"

src/belle_sip_utils.c

@@ -588,6 +588,30 @@ char *belle_sip_unquote_strdup(const char *str){
 	return belle_sip_strdup(str);
 }
 
+#if defined(WIN32) && !defined(_MSC_VER)
+#include <wincrypt.h>
+static int belle_sip_wincrypto_random(unsigned int *rand_number){
+	static HCRYPTPROV hProv=(HCRYPTPROV)-1;
+	static int initd=0;
+	
+	if (!initd){
+		if (!CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)){
+			belle_sip_error("Could not acquire a windows crypto context");
+			return -1;
+		}
+		initd=TRUE;
+	}
+	if (hProv==(HCRYPTPROV)-1)
+		return -1;
+	
+	if (!CryptGenRandom(hProv,4,(BYTE*)rand_number)){
+		belle_sip_error("CryptGenRandom() failed.");
+		return -1;
+	}
+	return 0;
+}
+#endif
+
 unsigned int belle_sip_random(void){
 #if  defined(__linux) || defined(__APPLE__)
 	static int fd=-1;
@@ -600,13 +624,27 @@ unsigned int belle_sip_random(void){
 	}else belle_sip_error("Could not open /dev/urandom");
 #elif defined(WIN32)
 	static int initd=0;
+	unsigned int ret;
+#ifdef _MSC_VER
+	/*rand_s() is pretty nice and simple function but is not wrapped by mingw.*/
+	
+	if (rand_s(&ret)==0){
+		return ret;
+	}
+#else
+	if (belle_sip_wincrypto_random(&ret)==0){
+		return ret;
+	}
+#endif
+	/* Windows's rand() is unsecure but is used as a fallback*/
 	if (!initd) {
 		srand((unsigned int)belle_sip_time_ms());
 		initd=1;
+		belle_sip_warning("Random generator is using rand(), this is unsecure !");
 	}
 	return rand()<<16 | rand();
 #endif
-	/*fallback to random()*/
+	/*fallback to UNIX random()*/
 #ifndef WIN32
 	return (unsigned int) random();
 #endif
@@ -618,7 +656,7 @@ static const char *symbols="aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ
  * Write a random text token of supplied size.
 **/
 char * belle_sip_random_token(char *ret, size_t size){
-	unsigned int val;
+	unsigned int val=0;
 	unsigned int i;
 	
 	for(i=0;i<size-1;++i){
@@ -634,7 +672,7 @@ char * belle_sip_random_token(char *ret, size_t size){
  * Write random bytes of supplied size.
 **/
 unsigned char * belle_sip_random_bytes(unsigned char *ret, size_t size){
-	unsigned int val;
+	unsigned int val=0;
 	unsigned int i;
 	for(i=0;i<size;++i){
 		if (i%4==0) val=belle_sip_random();

src/port.h

@@ -53,6 +53,13 @@ typedef unsigned char uint8_t;
 #define AI_NUMERICSERV 0
 #endif
 
+#ifdef WIN32
+/*Mingw32 does not define AI_V4MAPPED, however it is supported starting from Windows Vista.*/
+#	ifndef AI_V4MAPPED
+#	define AI_V4MAPPED 0x00000800
+#	endif
+#endif
+
 #endif
 
 #if defined(WIN32) || defined(_WIN32) || defined(__WIN32) || defined(__WIN32__)