Include random chars in xauth cookie tmpfile (#125)

* Tweak protocol.txt (#118)

* Include random chars in xauth cookie tmpfile

Addresses DoS race in #121 
doesn't yet address the umask assumption for xauth(1)

protocol.txt

@@ -19,9 +19,9 @@ The kex (or "Key EXchange") consists of the client sending three size-specified
 
 The first message consists of one byte indicating the kex version number (currently must be zero), followed by a Ed25519 public key value. This is the long-term client key.
 
-The second message consists of eight bytes containing a big-endian representation of the number of whole seconds since the unix epoch, followed by a different Ed25519 public key. This is the ephemeral client key.
+The second message consists of eight bytes containing a big-endian representation of the number of whole seconds since the unix epoch, followed by a different X25519 public key. This is the ephemeral client key.
 
-The third message contains an ECDSA signature of the value of the second message, signed using the long-term client key from the first message.
+The third message contains an Ed25519 signature of the value of the second message, signed using the long-term client key from the first message.
 
 The server performs authentication intially by directly comparing the shared long-term client key value to its database of known client keys. No deserialization or cryptographic processing is done at this time. Only when the server is pre-existingly in possession of a byte-for-byte identical public key value does the server proceed with signature verification. Upon successful verification of the signature contained in the third message (and verification that the eight-byte timestamp is current), the server proceeds to send three symmetrical messages: a long term server public key, an ephemeral server public key, and a signature message authenticating the ephemeral key.
 

src/core.rs

@@ -27,6 +27,7 @@ use std::{
 };
 use transportation::{
     self,
+    ring::rand::SecureRandom,
     mio::net::TcpListener,
     set_timeout, BufferedTransport, EncryptedTransport,
     EncryptionPerspective::{Alice, Bob},
@@ -617,9 +618,13 @@ impl Oxy {
         } else {
             "untrusted"
         };
+        let mut nonce = [0u8; 8];
+        transportation::RNG.fill(&mut nonce).unwrap();
+        let cookiefile = format!("/tmp/oxy-{}.xauth", ::data_encoding::HEXUPPER.encode(&nonce));
+        debug!("xauth cookie filename: {}", &cookiefile);
         let xauth = ::std::process::Command::new("xauth")
             .arg("-f")
-            .arg("/tmp/xcookie")
+            .arg(&cookiefile)
             .arg("generate")
             .arg(":0")
             .arg(".")
@@ -631,13 +636,13 @@ impl Oxy {
             warn!("Failed to generate an xauthority cookie");
             return;
         }
-        let cookie = ::std::process::Command::new("xauth").arg("-f").arg("/tmp/xcookie").arg("list").output();
+        let cookie = ::std::process::Command::new("xauth").arg("-f").arg(&cookiefile).arg("list").output();
         if cookie.is_err() {
             warn!("Failed to retrieve the xauthority cookie");
-            ::std::fs::remove_file("/tmp/xcookie").ok();
+            ::std::fs::remove_file(&cookiefile).ok();
             return;
         }
-        ::std::fs::remove_file("/tmp/xcookie").unwrap();
+        ::std::fs::remove_file(&cookiefile).unwrap();
         let cookie = cookie.unwrap();
         let cookie = String::from_utf8(cookie.stdout.clone());
         if cookie.is_err() {