Various randomness handling bugfixes and improvements --

[openssl.git] / crypto / rand / randfile.c

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 8ee23b61d112d0c5f40e36121bea4e9c6d8db829..942a963e836976b8c8c91f1f985501e9d9070977 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -56,24 +56,31 @@
  * [including the GNU Public Licence.]
  */
 
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include "e_os.h"
-#include "rand.h"
+
+#include "openssl/e_os.h"
+
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef MAC_OS_pre_X
+# include <stat.h>
+#else
+# include <sys/stat.h>
+#endif
+
+#include <openssl/rand.h>
 
 #undef BUFSIZE
 #define BUFSIZE        1024
 #define RAND_DATA 1024
 
-/* #define RFILE ".rand" - defined in ../../e_os.h */
+/* #define RFILE ".rnd" - defined in ../../e_os.h */
 
-int RAND_load_file(file,bytes)
-const char *file;
-long bytes;
+int RAND_load_file(const char *file, long bytes)
        {
        MS_STATIC unsigned char buf[BUFSIZE];
        struct stat sb;
@@ -84,7 +91,7 @@ long bytes;
 
        i=stat(file,&sb);
        /* If the state fails, put some crap in anyway */
-       RAND_seed((unsigned char *)&sb,sizeof(sb));
+       RAND_seed(&sb,sizeof(sb));
        ret+=sizeof(sb);
        if (i < 0) return(0);
        if (bytes <= 0) return(ret);
@@ -108,17 +115,42 @@ err:
        return(ret);
        }
 
-int RAND_write_file(file)
-const char *file;
+int RAND_write_file(const char *file)
        {
        unsigned char buf[BUFSIZE];
        int i,ret=0;
-       FILE *out;
+       FILE *out = NULL;
        int n;
 
-       out=fopen(file,"w");
+       /* Under VMS, fopen(file, "wb") will create a new version of the
+          same file.  This is not good, so let's try updating an existing
+          one, and create file only if it doesn't already exist.  This
+          should be completely harmless on system that have no file
+          versions.                                    -- Richard Levitte */
+       out=fopen(file,"rb+");
+       if (out == NULL
+#ifdef ENOENT
+           && errno == ENOENT
+#endif
+          )
+               {
+               errno = 0;
+#if defined O_CREAT && defined O_EXCL
+               /* chmod(..., 0600) is too late to protect the file,
+                * permissions should be restrictive from the start */
+               {
+                   int fd = open(file, O_CREAT | O_EXCL, 0600);
+                   if (fd != -1)
+                       out = fdopen(fd, "wb");
+               }
+#else          
+               out=fopen(file,"wb");
+#endif
+               }
        if (out == NULL) goto err;
+#ifndef NO_CHMOD
        chmod(file,0600);
+#endif
        n=RAND_DATA;
        for (;;)
                {
@@ -140,9 +172,7 @@ err:
        return(ret);
        }
 
-char *RAND_file_name(buf,size)
-char *buf;
-int size;
+char *RAND_file_name(char *buf, int size)
        {
        char *s;
        char *ret=NULL;
@@ -161,7 +191,9 @@ int size;
                if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
                        return(RFILE);
                strcpy(buf,s);
+#ifndef VMS
                strcat(buf,"/");
+#endif
                strcat(buf,RFILE);
                ret=buf;
                }