[src/netbsd-1-5]: src/crypto/dist/openssl/crypto/rand Pull up revision 1.2 (r...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-1-5]: src/crypto/dist/openssl/crypto/rand Pull up revision 1.2 (r...
From: jhawk <jhawk%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 07:26:49 +0000

details:   https://anonhg.NetBSD.org/src/rev/9edd4ad2bab3
branches:  netbsd-1-5
changeset: 490531:9edd4ad2bab3
user:      jhawk <jhawk%NetBSD.org@localhost>
date:      Thu Jan 25 20:35:24 2001 +0000

description:
Pull up revision 1.2 (requested by itojun):
  Ignore environment variables if issetugid(), and fall back to /dev/random.

diffstat:

 crypto/dist/openssl/crypto/rand/randfile.c |  47 +++++++++++++++++++++--------
 1 files changed, 34 insertions(+), 13 deletions(-)

diffs (66 lines):

diff -r 5e366202a850 -r 9edd4ad2bab3 crypto/dist/openssl/crypto/rand/randfile.c
--- a/crypto/dist/openssl/crypto/rand/randfile.c        Thu Jan 25 20:26:36 2001 +0000
+++ b/crypto/dist/openssl/crypto/rand/randfile.c        Thu Jan 25 20:35:24 2001 +0000
@@ -194,28 +194,49 @@
 
 const char *RAND_file_name(char *buf, int size)
        {
-       char *s;
+       char *s = NULL;
        char *ret=NULL;
+       struct stat sb;
 
-       s=getenv("RANDFILE");
-       if (s != NULL)
+       if (issetugid() == 0)
+               s = getenv("RANDFILE");
+       if (s != NULL && *s && strlen(s) + 1 < size)
                {
-               strncpy(buf,s,size-1);
-               buf[size-1]='\0';
+               strlcpy(buf,s,size);
                ret=buf;
                }
        else
                {
-               s=getenv("HOME");
-               if (s == NULL) return(RFILE);
-               if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
-                       return(RFILE);
-               strcpy(buf,s);
+               if (issetugid() == 0)
+                       s=getenv("HOME");
+               if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
+                       {
+                       strlcpy(buf,s,size);
 #ifndef VMS
-               strcat(buf,"/");
+                       strlcat(buf,"/",size);
 #endif
-               strcat(buf,RFILE);
-               ret=buf;
+                       strlcat(buf,RFILE,size);
+                       ret=buf;
+                       }
                }
+
+#ifdef DEVRANDOM
+       /* given that all random loads just fail if the file can't be 
+        * seen on a stat, we stat the file we're returning, if it
+        * fails, use DEVRANDOM instead. the allows the user to 
+        * use their own source for good random data, but defaults
+        * to something hopefully decent if that isn't available. 
+        */
+
+       if (ret == NULL)
+               ret = DEVRANDOM;
+
+       if (stat(ret,&sb) == -1)
+               ret = DEVRANDOM;
+#else
+       /* old behavior */
+       if (ret == NULL)
+               ret = RFILE;
+#endif
        return(ret);
        }

Prev by Date: [src/netbsd-1-5]: src/lib/libc/regex Pull up revision 1.17 (requested by simo...
Next by Date: [src/netbsd-1-5]: src/sys/arch/pmax/pmax Pull up revision 1.57 via patch (req...
Previous by Thread: [src/netbsd-1-5]: src/lib/libc/regex Pull up revision 1.17 (requested by simo...
Next by Thread: [src/netbsd-1-5]: src/sys/arch/pmax/pmax Pull up revision 1.57 via patch (req...
Indexes:

Home | Main Index | Thread Index | Old Index