diff options
| author | deraadt <> | 2014-07-14 00:01:39 +0000 | 
|---|---|---|
| committer | deraadt <> | 2014-07-14 00:01:39 +0000 | 
| commit | a46137d3ad2d8637a6c5b8511d1c6cba0bb33794 (patch) | |
| tree | 7974c4f4891ebd338a70e4a147980ea8d0af914a /src/lib/libcrypto/rand/randfile.c | |
| parent | f3c215bf8d1b8caaa3cde931a718945e8abb7c33 (diff) | |
| download | openbsd-a46137d3ad2d8637a6c5b8511d1c6cba0bb33794.tar.gz openbsd-a46137d3ad2d8637a6c5b8511d1c6cba0bb33794.tar.bz2 openbsd-a46137d3ad2d8637a6c5b8511d1c6cba0bb33794.zip | |
Improve RAND_write_file(), chmod crud, etc.
ok tedu
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/rand/randfile.c | 46 | 
1 files changed, 19 insertions, 27 deletions
| diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index ba9bf1d490..dca49b10aa 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: randfile.c,v 1.38 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: randfile.c,v 1.39 2014/07/14 00:01:39 deraadt Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <errno.h> | 59 | #include <errno.h> | 
| 60 | #include <stdio.h> | 60 | #include <stdio.h> | 
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> | 
| 62 | #include <unistd.h> | ||
| 62 | #include <string.h> | 63 | #include <string.h> | 
| 63 | 64 | ||
| 64 | #include <openssl/crypto.h> | 65 | #include <openssl/crypto.h> | 
| @@ -91,35 +92,28 @@ RAND_write_file(const char *file) | |||
| 91 | unsigned char buf[BUFSIZE]; | 92 | unsigned char buf[BUFSIZE]; | 
| 92 | int i, ret = 0, rand_err = 0; | 93 | int i, ret = 0, rand_err = 0; | 
| 93 | FILE *out = NULL; | 94 | FILE *out = NULL; | 
| 94 | int n; | 95 | int n, fd; | 
| 95 | struct stat sb; | 96 | struct stat sb; | 
| 96 | 97 | ||
| 97 | i = stat(file, &sb); | 98 | /* | 
| 98 | if (i != -1) { | 99 | * If this file is a device, avoid opening it. | 
| 99 | if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { | 100 | * XXX TOCTOU | 
| 100 | /* this file is a device. we don't write back to it. | 101 | */ | 
| 101 | * we "succeed" on the assumption this is some sort | 102 | if (stat(file, &sb) != -1 && | 
| 102 | * of random device. Otherwise attempting to write to | 103 | (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode))) { | 
| 103 | * and chmod the device causes problems. | 104 | return (1); | 
| 104 | */ | ||
| 105 | return (1); | ||
| 106 | } | ||
| 107 | } | 105 | } | 
| 108 | 106 | ||
| 109 | { | 107 | fd = open(file, O_WRONLY|O_CREAT, 0600); | 
| 110 | /* chmod(..., 0600) is too late to protect the file, | 108 | if (fd == -1) | 
| 111 | * permissions should be restrictive from the start */ | 109 | return (1); | 
| 112 | int fd = open(file, O_WRONLY|O_CREAT, 0600); | 110 | out = fdopen(fd, "wb"); | 
| 113 | if (fd != -1) | ||
| 114 | out = fdopen(fd, "wb"); | ||
| 115 | } | ||
| 116 | 111 | ||
| 117 | if (out == NULL) | 112 | if (out == NULL) { | 
| 118 | out = fopen(file, "wb"); | 113 | close(fd); | 
| 119 | if (out == NULL) | 114 | return (1); | 
| 120 | goto err; | 115 | } | 
| 121 | 116 | ||
| 122 | chmod(file, 0600); | ||
| 123 | n = RAND_DATA; | 117 | n = RAND_DATA; | 
| 124 | for (;;) { | 118 | for (;;) { | 
| 125 | i = (n > BUFSIZE) ? BUFSIZE : n; | 119 | i = (n > BUFSIZE) ? BUFSIZE : n; | 
| @@ -138,13 +132,11 @@ RAND_write_file(const char *file) | |||
| 138 | 132 | ||
| 139 | fclose(out); | 133 | fclose(out); | 
| 140 | OPENSSL_cleanse(buf, BUFSIZE); | 134 | OPENSSL_cleanse(buf, BUFSIZE); | 
| 141 | |||
| 142 | err: | ||
| 143 | return (rand_err ? -1 : ret); | 135 | return (rand_err ? -1 : ret); | 
| 144 | } | 136 | } | 
| 145 | 137 | ||
| 146 | const char * | 138 | const char * | 
| 147 | RAND_file_name(char *buf, size_t size) | 139 | RAND_file_name(char * buf, size_t size) | 
| 148 | { | 140 | { | 
| 149 | if (strlcpy(buf, "/dev/urandom", size) >= size) | 141 | if (strlcpy(buf, "/dev/urandom", size) >= size) | 
| 150 | return (NULL); | 142 | return (NULL); | 
