diff options
| author | beck <> | 2000-04-16 21:46:36 +0000 |
|---|---|---|
| committer | beck <> | 2000-04-16 21:46:36 +0000 |
| commit | 78ac5255911b9af24b3ecda501019be4b4d73a24 (patch) | |
| tree | 9bb0a74f7b3999822e3e0a885bd9f7b3c3cfc033 /src | |
| parent | 1e80449c6a001847d7094684ca69044a85314391 (diff) | |
| download | openbsd-78ac5255911b9af24b3ecda501019be4b4d73a24.tar.gz openbsd-78ac5255911b9af24b3ecda501019be4b4d73a24.tar.bz2 openbsd-78ac5255911b9af24b3ecda501019be4b4d73a24.zip | |
Fix randfile so it doesn't attempt to chmod and write entropy back to
devices. This caused people's /dev/arandom's to be permitted 600,
which causes rsa to fail to get random data, which results in all
kinds of fun with ssh :)
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/rand/randfile.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/rand/randfile.c | 15 |
2 files changed, 28 insertions, 2 deletions
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index 4a994bf73b..c3a0c12c58 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c | |||
| @@ -142,7 +142,20 @@ int RAND_write_file(const char *file) | |||
| 142 | int i,ret=0,err=0; | 142 | int i,ret=0,err=0; |
| 143 | FILE *out = NULL; | 143 | FILE *out = NULL; |
| 144 | int n; | 144 | int n; |
| 145 | 145 | struct stat sb; | |
| 146 | |||
| 147 | i=stat(file,&sb); | ||
| 148 | if (i != -1) { | ||
| 149 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { | ||
| 150 | /* this file is a device. we don't write back to it. | ||
| 151 | * we "succeed" on the assumption this is some sort | ||
| 152 | * of random device. Otherwise attempting to write to | ||
| 153 | * and chmod the device causes problems. | ||
| 154 | */ | ||
| 155 | return(1); | ||
| 156 | } | ||
| 157 | } | ||
| 158 | |||
| 146 | #if defined(O_CREAT) && defined(O_EXCL) && !defined(WIN32) | 159 | #if defined(O_CREAT) && defined(O_EXCL) && !defined(WIN32) |
| 147 | /* For some reason Win32 can't write to files created this way */ | 160 | /* For some reason Win32 can't write to files created this way */ |
| 148 | 161 | ||
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c index 4a994bf73b..c3a0c12c58 100644 --- a/src/lib/libssl/src/crypto/rand/randfile.c +++ b/src/lib/libssl/src/crypto/rand/randfile.c | |||
| @@ -142,7 +142,20 @@ int RAND_write_file(const char *file) | |||
| 142 | int i,ret=0,err=0; | 142 | int i,ret=0,err=0; |
| 143 | FILE *out = NULL; | 143 | FILE *out = NULL; |
| 144 | int n; | 144 | int n; |
| 145 | 145 | struct stat sb; | |
| 146 | |||
| 147 | i=stat(file,&sb); | ||
| 148 | if (i != -1) { | ||
| 149 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { | ||
| 150 | /* this file is a device. we don't write back to it. | ||
| 151 | * we "succeed" on the assumption this is some sort | ||
| 152 | * of random device. Otherwise attempting to write to | ||
| 153 | * and chmod the device causes problems. | ||
| 154 | */ | ||
| 155 | return(1); | ||
| 156 | } | ||
| 157 | } | ||
| 158 | |||
| 146 | #if defined(O_CREAT) && defined(O_EXCL) && !defined(WIN32) | 159 | #if defined(O_CREAT) && defined(O_EXCL) && !defined(WIN32) |
| 147 | /* For some reason Win32 can't write to files created this way */ | 160 | /* For some reason Win32 can't write to files created this way */ |
| 148 | 161 | ||