mirror of git://anongit.mindrot.org/openssh.git
- (djm) Make inability to read/write PRNG seedfile non-fatal
This commit is contained in:
Damien Miller
parent
ff649d8880
commit
52dc96b717
|
|
@ -33,6 +33,8 @@
|
||||||
- (djm) Update version in Redhat spec file
|
- (djm) Update version in Redhat spec file
|
||||||
- (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
|
- (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
|
||||||
Redhat 7.0 spec file
|
Redhat 7.0 spec file
|
||||||
|
- (djm) Make inability to read/write PRNG seedfile non-fatal
|
||||||
|
|
||||||
|
|
||||||
20001015
|
20001015
|
||||||
- (djm) Fix ssh2 hang on background processes at logout.
|
- (djm) Fix ssh2 hang on background processes at logout.
|
||||||
|
|
|
||||||
33
entropy.c
33
entropy.c
|
|
@ -35,7 +35,7 @@
|
||||||
# include <floatingpoint.h>
|
# include <floatingpoint.h>
|
||||||
#endif /* HAVE_FLOATINGPOINT_H */
|
#endif /* HAVE_FLOATINGPOINT_H */
|
||||||
|
|
||||||
RCSID("$Id: entropy.c,v 1.20 2000/09/29 01:12:36 djm Exp $");
|
RCSID("$Id: entropy.c,v 1.21 2000/10/16 09:13:43 djm Exp $");
|
||||||
|
|
||||||
#ifndef offsetof
|
#ifndef offsetof
|
||||||
# define offsetof(type, member) ((size_t) &((type *)0)->member)
|
# define offsetof(type, member) ((size_t) &((type *)0)->member)
|
||||||
|
|
@ -514,10 +514,10 @@ prng_check_seedfile(char *filename) {
|
||||||
/* FIXME raceable: eg replace seed between this stat and subsequent open */
|
/* FIXME raceable: eg replace seed between this stat and subsequent open */
|
||||||
/* Not such a problem because we don't trust the seed file anyway */
|
/* Not such a problem because we don't trust the seed file anyway */
|
||||||
if (lstat(filename, &st) == -1) {
|
if (lstat(filename, &st) == -1) {
|
||||||
/* Fail on hard errors */
|
/* Give up on hard errors */
|
||||||
if (errno != ENOENT)
|
if (errno != ENOENT)
|
||||||
fatal("Couldn't stat random seed file \"%s\": %s", filename,
|
debug("WARNING: Couldn't stat random seed file \"%s\": %s",
|
||||||
strerror(errno));
|
filename, strerror(errno));
|
||||||
|
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
|
@ -527,10 +527,12 @@ prng_check_seedfile(char *filename) {
|
||||||
fatal("PRNG seedfile %.100s is not a regular file", filename);
|
fatal("PRNG seedfile %.100s is not a regular file", filename);
|
||||||
|
|
||||||
/* mode 0600, owned by root or the current user? */
|
/* mode 0600, owned by root or the current user? */
|
||||||
if (((st.st_mode & 0177) != 0) || !(st.st_uid == original_uid))
|
if (((st.st_mode & 0177) != 0) || !(st.st_uid == original_uid)) {
|
||||||
fatal("PRNG seedfile %.100s must be mode 0600, owned by uid %d",
|
debug("WARNING: PRNG seedfile %.100s must be mode 0600, owned by uid %d",
|
||||||
filename, getuid());
|
filename, getuid());
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
return(1);
|
return(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -569,15 +571,16 @@ prng_write_seedfile(void) {
|
||||||
/* Don't care if the seed doesn't exist */
|
/* Don't care if the seed doesn't exist */
|
||||||
prng_check_seedfile(filename);
|
prng_check_seedfile(filename);
|
||||||
|
|
||||||
if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1)
|
if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) {
|
||||||
fatal("couldn't access PRNG seedfile %.100s (%.100s)", filename,
|
debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)",
|
||||||
strerror(errno));
|
filename, strerror(errno));
|
||||||
|
} else {
|
||||||
if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed))
|
if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed))
|
||||||
fatal("problem writing PRNG seedfile %.100s (%.100s)", filename,
|
fatal("problem writing PRNG seedfile %.100s (%.100s)", filename,
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
|
|
||||||
close(fd);
|
close(fd);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue