X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frand%2Frandfile.c;h=dda020fb108f433507ca04cdf491761c5287de31;hp=d01b9852e9473c4a45bdbd7283caf0f60769bff3;hb=29dc3508138b2bbb1103b50408eb41e22806638f;hpb=50e4e9283d30a3d70aa7b6091196674155c88005 diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index d01b9852e9..dda020fb10 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -56,14 +56,20 @@ * [including the GNU Public Licence.] */ +/* We need to define this to get macros like S_IFBLK and S_IFCHR */ +#define _XOPEN_SOURCE 1 + #include #include #include #include -#include "openssl/e_os.h" +#include "e_os.h" +#include +#include +#include -#ifdef VMS +#ifdef OPENSSL_SYS_VMS #include #endif #ifndef NO_SYS_TYPES_H @@ -75,15 +81,15 @@ # include #endif -#include -#include - #undef BUFSIZE #define BUFSIZE 1024 #define RAND_DATA 1024 /* #define RFILE ".rnd" - defined in ../../e_os.h */ +/* Note that these functions are intended for seed files only. + * Entropy devices and EGD sockets are handled in rand_unix.c */ + int RAND_load_file(const char *file, long bytes) { /* If bytes >= 0, read up to 'bytes' bytes. @@ -98,12 +104,22 @@ int RAND_load_file(const char *file, long bytes) i=stat(file,&sb); /* If the state fails, put some crap in anyway */ - RAND_add(&sb,sizeof(sb),0); + RAND_add(&sb,sizeof(sb),0.0); if (i < 0) return(0); if (bytes == 0) return(ret); in=fopen(file,"rb"); if (in == NULL) goto err; +#if defined(S_IFBLK) && defined(S_IFCHR) + if (sb.st_mode & (S_IFBLK | S_IFCHR)) { + /* this file is a device. we don't want read an infinite number + * of bytes from a random device, nor do we want to use buffered + * I/O because we will waste system entropy. + */ + bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ + setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ + } +#endif for (;;) { if (bytes > 0) @@ -113,16 +129,16 @@ int RAND_load_file(const char *file, long bytes) i=fread(buf,1,n,in); if (i <= 0) break; /* even if n != i, use the full array */ - RAND_add(buf,n,i); + RAND_add(buf,n,(double)i); ret+=i; if (bytes > 0) { bytes-=n; - if (bytes == 0) break; + if (bytes <= 0) break; } } fclose(in); - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); err: return(ret); } @@ -130,11 +146,27 @@ err: int RAND_write_file(const char *file) { unsigned char buf[BUFSIZE]; - int i,ret=0,err=0; + int i,ret=0,rand_err=0; FILE *out = NULL; int n; + struct stat sb; -#if defined(O_CREAT) && !defined(WIN32) + i=stat(file,&sb); + if (i != -1) { +#if defined(S_IFBLK) && defined(S_IFCHR) + if (sb.st_mode & (S_IFBLK | S_IFCHR)) { + /* this file is a device. we don't write back to it. + * we "succeed" on the assumption this is some sort + * of random device. Otherwise attempting to write to + * and chmod the device causes problems. + */ + return(1); + } +#endif + } + +#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) + { /* For some reason Win32 can't write to files created this way */ /* chmod(..., 0600) is too late to protect the file, @@ -142,6 +174,7 @@ int RAND_write_file(const char *file) int fd = open(file, O_CREAT, 0600); if (fd != -1) out = fdopen(fd, "wb"); + } #endif if (out == NULL) out = fopen(file,"wb"); @@ -156,7 +189,7 @@ int RAND_write_file(const char *file) i=(n > BUFSIZE)?BUFSIZE:n; n-=BUFSIZE; if (RAND_bytes(buf,i) <= 0) - err=1; + rand_err=1; i=fwrite(buf,1,i,out); if (i <= 0) { @@ -166,13 +199,13 @@ int RAND_write_file(const char *file) ret+=i; if (n <= 0) break; } -#ifdef VMS +#ifdef OPENSSL_SYS_VMS /* Try to delete older versions of the file, until there aren't any */ { char *tmpf; - tmpf = Malloc(strlen(file) + 4); /* to add ";-1" and a nul */ + tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ if (tmpf) { strcpy(tmpf, file); @@ -184,38 +217,69 @@ int RAND_write_file(const char *file) some point... */ } } -#endif /* VMS */ +#endif /* OPENSSL_SYS_VMS */ fclose(out); - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); err: - return(err ? -1 : ret); + return (rand_err ? -1 : ret); } -const char *RAND_file_name(char *buf, int size) +const char *RAND_file_name(char *buf, size_t size) { - char *s; - char *ret=NULL; + char *s=NULL; + int ok = 0; +#ifdef __OpenBSD__ + struct stat sb; +#endif - s=getenv("RANDFILE"); - if (s != NULL) + if (OPENSSL_issetugid() == 0) + s=getenv("RANDFILE"); + if (s != NULL && *s && strlen(s) + 1 < size) { - strncpy(buf,s,size-1); - buf[size-1]='\0'; - ret=buf; + if (BUF_strlcpy(buf,s,size) >= size) + return NULL; } else { - s=getenv("HOME"); - if (s == NULL) return(RFILE); - if (((int)(strlen(s)+strlen(RFILE)+2)) > size) - return(RFILE); - strcpy(buf,s); -#ifndef VMS - strcat(buf,"/"); + if (OPENSSL_issetugid() == 0) + s=getenv("HOME"); +#ifdef DEFAULT_HOME + if (s == NULL) + { + s = DEFAULT_HOME; + } +#endif + if (s && *s && strlen(s)+strlen(RFILE)+2 < size) + { + BUF_strlcpy(buf,s,size); +#ifndef OPENSSL_SYS_VMS + BUF_strlcat(buf,"/",size); #endif - strcat(buf,RFILE); - ret=buf; + BUF_strlcat(buf,RFILE,size); + ok = 1; + } + else + buf[0] = '\0'; /* no file name */ } - return(ret); + +#ifdef __OpenBSD__ + /* given that all random loads just fail if the file can't be + * seen on a stat, we stat the file we're returning, if it + * fails, use /dev/arandom instead. this allows the user to + * use their own source for good random data, but defaults + * to something hopefully decent if that isn't available. + */ + + if (!ok) + if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) { + return(NULL); + } + if (stat(buf,&sb) == -1) + if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) { + return(NULL); + } + +#endif + return(buf); }