summaryrefslogtreecommitdiff
path: root/ssh-rand-helper.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh-rand-helper.c')
-rw-r--r--ssh-rand-helper.c38
1 files changed, 29 insertions, 9 deletions
diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c
index 7cd081fab..6412d44e2 100644
--- a/ssh-rand-helper.c
+++ b/ssh-rand-helper.c
@@ -39,7 +39,7 @@
39#include "pathnames.h" 39#include "pathnames.h"
40#include "log.h" 40#include "log.h"
41 41
42RCSID("$Id: ssh-rand-helper.c,v 1.20 2004/12/20 01:05:08 dtucker Exp $"); 42RCSID("$Id: ssh-rand-helper.c,v 1.21 2005/02/16 02:02:45 djm Exp $");
43 43
44/* Number of bytes we write out */ 44/* Number of bytes we write out */
45#define OUTPUT_SEED_SIZE 48 45#define OUTPUT_SEED_SIZE 48
@@ -550,10 +550,11 @@ prng_check_seedfile(char *filename)
550void 550void
551prng_write_seedfile(void) 551prng_write_seedfile(void)
552{ 552{
553 int fd; 553 int fd, save_errno;
554 unsigned char seed[SEED_FILE_SIZE]; 554 unsigned char seed[SEED_FILE_SIZE];
555 char filename[MAXPATHLEN]; 555 char filename[MAXPATHLEN], tmpseed[MAXPATHLEN];
556 struct passwd *pw; 556 struct passwd *pw;
557 mode_t old_umask;
557 558
558 pw = getpwuid(getuid()); 559 pw = getpwuid(getuid());
559 if (pw == NULL) 560 if (pw == NULL)
@@ -568,7 +569,10 @@ prng_write_seedfile(void)
568 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, 569 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
569 SSH_PRNG_SEED_FILE); 570 SSH_PRNG_SEED_FILE);
570 571
571 debug("writing PRNG seed to file %.100s", filename); 572 strlcpy(tmpseed, filename, sizeof(tmpseed));
573 if (strlcat(tmpseed, ".XXXXXXXXXX", sizeof(tmpseed)) >=
574 sizeof(tmpseed))
575 fatal("PRNG seed filename too long");
572 576
573 if (RAND_bytes(seed, sizeof(seed)) <= 0) 577 if (RAND_bytes(seed, sizeof(seed)) <= 0)
574 fatal("PRNG seed extraction failed"); 578 fatal("PRNG seed extraction failed");
@@ -576,15 +580,31 @@ prng_write_seedfile(void)
576 /* Don't care if the seed doesn't exist */ 580 /* Don't care if the seed doesn't exist */
577 prng_check_seedfile(filename); 581 prng_check_seedfile(filename);
578 582
579 if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { 583 old_umask = umask(0177);
580 debug("WARNING: couldn't access PRNG seedfile %.100s " 584
581 "(%.100s)", filename, strerror(errno)); 585 if ((fd = mkstemp(tmpseed)) == -1) {
586 debug("WARNING: couldn't make temporary PRNG seedfile %.100s "
587 "(%.100s)", tmpseed, strerror(errno));
582 } else { 588 } else {
583 if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed)) 589 debug("writing PRNG seed to file %.100s", tmpseed);
590 if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed)) {
591 save_errno = errno;
592 close(fd);
593 unlink(tmpseed);
584 fatal("problem writing PRNG seedfile %.100s " 594 fatal("problem writing PRNG seedfile %.100s "
585 "(%.100s)", filename, strerror(errno)); 595 "(%.100s)", filename, strerror(save_errno));
596 }
586 close(fd); 597 close(fd);
598 debug("moving temporary PRNG seed to file %.100s", filename);
599 if (rename(tmpseed, filename) == -1) {
600 save_errno = errno;
601 unlink(tmpseed);
602 fatal("problem renaming PRNG seedfile from %.100s "
603 "to %.100s (%.100s)", tmpseed, filename,
604 strerror(save_errno));
605 }
587 } 606 }
607 umask(old_umask);
588} 608}
589 609
590void 610void