diff options
| author | beck <> | 2014-06-25 15:53:56 +0000 |
|---|---|---|
| committer | beck <> | 2014-06-25 15:53:56 +0000 |
| commit | 69d2f36faae2eadd4be09546d27257594f86a13a (patch) | |
| tree | e328c7903c5e458f5a420b0abb22438b430ba27a /src | |
| parent | 246d5b153abc2cefc0db7c0c99d72576232d926f (diff) | |
| download | openbsd-69d2f36faae2eadd4be09546d27257594f86a13a.tar.gz openbsd-69d2f36faae2eadd4be09546d27257594f86a13a.tar.bz2 openbsd-69d2f36faae2eadd4be09546d27257594f86a13a.zip | |
O_NOFOLLOW would be very nice to have here if the version of linux
we are running supports it.
from enh@google.com
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/arc4random/getentropy_linux.c | 21 | ||||
| -rw-r--r-- | src/lib/libcrypto/crypto/getentropy_linux.c | 21 |
2 files changed, 22 insertions, 20 deletions
diff --git a/src/lib/libcrypto/arc4random/getentropy_linux.c b/src/lib/libcrypto/arc4random/getentropy_linux.c index d833d4c9e1..8166131899 100644 --- a/src/lib/libcrypto/arc4random/getentropy_linux.c +++ b/src/lib/libcrypto/arc4random/getentropy_linux.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_linux.c,v 1.8 2014/06/23 03:47:46 beck Exp $ */ | 1 | /* $OpenBSD: getentropy_linux.c,v 1.9 2014/06/25 15:53:56 beck Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> |
| @@ -169,24 +169,25 @@ getentropy_urandom(void *buf, size_t len) | |||
| 169 | { | 169 | { |
| 170 | struct stat st; | 170 | struct stat st; |
| 171 | size_t i; | 171 | size_t i; |
| 172 | int fd, cnt; | 172 | int fd, cnt, flags; |
| 173 | int save_errno = errno; | 173 | int save_errno = errno; |
| 174 | 174 | ||
| 175 | start: | 175 | start: |
| 176 | |||
| 177 | flags = O_RDONLY; | ||
| 178 | #ifdef O_NOFOLLOW | ||
| 179 | flags |= O_NOFOLLOW; | ||
| 180 | #endif | ||
| 176 | #ifdef O_CLOEXEC | 181 | #ifdef O_CLOEXEC |
| 177 | fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC, 0); | 182 | flags |= O_CLOEXEC; |
| 178 | if (fd == -1) { | 183 | #endif |
| 179 | if (errno == EINTR) | 184 | fd = open("/dev/urandom", flags, 0); |
| 180 | goto start; | ||
| 181 | goto nodevrandom; | ||
| 182 | } | ||
| 183 | #else | ||
| 184 | fd = open("/dev/urandom", O_RDONLY, 0); | ||
| 185 | if (fd == -1) { | 185 | if (fd == -1) { |
| 186 | if (errno == EINTR) | 186 | if (errno == EINTR) |
| 187 | goto start; | 187 | goto start; |
| 188 | goto nodevrandom; | 188 | goto nodevrandom; |
| 189 | } | 189 | } |
| 190 | #ifndef O_CLOEXEC | ||
| 190 | fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); | 191 | fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); |
| 191 | #endif | 192 | #endif |
| 192 | 193 | ||
diff --git a/src/lib/libcrypto/crypto/getentropy_linux.c b/src/lib/libcrypto/crypto/getentropy_linux.c index d833d4c9e1..8166131899 100644 --- a/src/lib/libcrypto/crypto/getentropy_linux.c +++ b/src/lib/libcrypto/crypto/getentropy_linux.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_linux.c,v 1.8 2014/06/23 03:47:46 beck Exp $ */ | 1 | /* $OpenBSD: getentropy_linux.c,v 1.9 2014/06/25 15:53:56 beck Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> |
| @@ -169,24 +169,25 @@ getentropy_urandom(void *buf, size_t len) | |||
| 169 | { | 169 | { |
| 170 | struct stat st; | 170 | struct stat st; |
| 171 | size_t i; | 171 | size_t i; |
| 172 | int fd, cnt; | 172 | int fd, cnt, flags; |
| 173 | int save_errno = errno; | 173 | int save_errno = errno; |
| 174 | 174 | ||
| 175 | start: | 175 | start: |
| 176 | |||
| 177 | flags = O_RDONLY; | ||
| 178 | #ifdef O_NOFOLLOW | ||
| 179 | flags |= O_NOFOLLOW; | ||
| 180 | #endif | ||
| 176 | #ifdef O_CLOEXEC | 181 | #ifdef O_CLOEXEC |
| 177 | fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC, 0); | 182 | flags |= O_CLOEXEC; |
| 178 | if (fd == -1) { | 183 | #endif |
| 179 | if (errno == EINTR) | 184 | fd = open("/dev/urandom", flags, 0); |
| 180 | goto start; | ||
| 181 | goto nodevrandom; | ||
| 182 | } | ||
| 183 | #else | ||
| 184 | fd = open("/dev/urandom", O_RDONLY, 0); | ||
| 185 | if (fd == -1) { | 185 | if (fd == -1) { |
| 186 | if (errno == EINTR) | 186 | if (errno == EINTR) |
| 187 | goto start; | 187 | goto start; |
| 188 | goto nodevrandom; | 188 | goto nodevrandom; |
| 189 | } | 189 | } |
| 190 | #ifndef O_CLOEXEC | ||
| 190 | fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); | 191 | fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); |
| 191 | #endif | 192 | #endif |
| 192 | 193 | ||