|
Lines 550-559
Link Here
|
| 550 |
void |
550 |
void |
| 551 |
prng_write_seedfile(void) |
551 |
prng_write_seedfile(void) |
| 552 |
{ |
552 |
{ |
| 553 |
int fd; |
553 |
int fd, save_errno; |
| 554 |
unsigned char seed[SEED_FILE_SIZE]; |
554 |
unsigned char seed[SEED_FILE_SIZE]; |
| 555 |
char filename[MAXPATHLEN]; |
555 |
char filename[MAXPATHLEN], tmpseed[MAXPATHLEN]; |
| 556 |
struct passwd *pw; |
556 |
struct passwd *pw; |
|
|
557 |
mode_t old_umask; |
| 557 |
|
558 |
|
| 558 |
pw = getpwuid(getuid()); |
559 |
pw = getpwuid(getuid()); |
| 559 |
if (pw == NULL) |
560 |
if (pw == NULL) |
|
Lines 568-574
Link Here
|
| 568 |
snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
569 |
snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
| 569 |
SSH_PRNG_SEED_FILE); |
570 |
SSH_PRNG_SEED_FILE); |
| 570 |
|
571 |
|
| 571 |
debug("writing PRNG seed to file %.100s", filename); |
572 |
strlcpy(tmpseed, filename, sizeof(tmpseed)); |
|
|
573 |
if (strlcat(tmpseed, ".XXXXXXXXXX", sizeof(tmpseed)) >= |
| 574 |
sizeof(tmpseed)) |
| 575 |
fatal("PRNG seed filename too long"); |
| 572 |
|
576 |
|
| 573 |
if (RAND_bytes(seed, sizeof(seed)) <= 0) |
577 |
if (RAND_bytes(seed, sizeof(seed)) <= 0) |
| 574 |
fatal("PRNG seed extraction failed"); |
578 |
fatal("PRNG seed extraction failed"); |
|
Lines 576-590
Link Here
|
| 576 |
/* Don't care if the seed doesn't exist */ |
580 |
/* Don't care if the seed doesn't exist */ |
| 577 |
prng_check_seedfile(filename); |
581 |
prng_check_seedfile(filename); |
| 578 |
|
582 |
|
| 579 |
if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { |
583 |
old_umask = umask(0177); |
| 580 |
debug("WARNING: couldn't access PRNG seedfile %.100s " |
584 |
|
| 581 |
"(%.100s)", filename, strerror(errno)); |
585 |
if ((fd = mkstemp(tmpseed)) == -1) { |
|
|
586 |
debug("WARNING: couldn't make temporary PRNG seedfile %.100s " |
| 587 |
"(%.100s)", tmpseed, strerror(errno)); |
| 582 |
} else { |
588 |
} else { |
| 583 |
if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed)) |
589 |
debug("writing PRNG seed to file %.100s", tmpseed); |
|
|
590 |
if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed)) { |
| 591 |
save_errno = errno; |
| 592 |
close(fd); |
| 593 |
unlink(tmpseed); |
| 584 |
fatal("problem writing PRNG seedfile %.100s " |
594 |
fatal("problem writing PRNG seedfile %.100s " |
| 585 |
"(%.100s)", filename, strerror(errno)); |
595 |
"(%.100s)", filename, strerror(save_errno)); |
|
|
596 |
} |
| 586 |
close(fd); |
597 |
close(fd); |
|
|
598 |
debug("moving temporary PRNG seed to file %.100s", filename); |
| 599 |
if (rename(tmpseed, filename) == -1) { |
| 600 |
save_errno = errno; |
| 601 |
unlink(tmpseed); |
| 602 |
fatal("problem renaming PRNG seedfile from %.100s " |
| 603 |
"to %.100s (%.100s)", tmpseed, filename, |
| 604 |
strerror(save_errno)); |
| 605 |
} |
| 587 |
} |
606 |
} |
|
|
607 |
umask(old_umask); |
| 588 |
} |
608 |
} |
| 589 |
|
609 |
|
| 590 |
void |
610 |
void |