| 1 | /* |
| 2 | * This file is part of secnet. |
| 3 | * See README for full list of copyright holders. |
| 4 | * |
| 5 | * secnet is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License as published by |
| 7 | * the Free Software Foundation; either version d of the License, or |
| 8 | * (at your option) any later version. |
| 9 | * |
| 10 | * secnet is distributed in the hope that it will be useful, but |
| 11 | * WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 13 | * General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License |
| 16 | * version 3 along with secnet; if not, see |
| 17 | * https://www.gnu.org/licenses/gpl.html. |
| 18 | */ |
| 19 | |
| 20 | #include "secnet.h" |
| 21 | #include <stdio.h> |
| 22 | #include <fcntl.h> |
| 23 | #include <string.h> |
| 24 | #include <sys/stat.h> |
| 25 | #include <unistd.h> |
| 26 | #include <assert.h> |
| 27 | |
| 28 | struct rgen_data { |
| 29 | closure_t cl; |
| 30 | struct random_if ops; |
| 31 | struct cloc loc; |
| 32 | int fd; |
| 33 | }; |
| 34 | |
| 35 | static random_fn random_generate; |
| 36 | static bool_t random_generate(void *data, int32_t bytes, uint8_t *buff) |
| 37 | { |
| 38 | struct rgen_data *st=data; |
| 39 | int r; |
| 40 | |
| 41 | r= read(st->fd,buff,bytes); |
| 42 | |
| 43 | assert(r == bytes); |
| 44 | /* This is totally crap error checking, but AFAICT many callers of |
| 45 | * this function do not check the return value. This is a minimal |
| 46 | * change to make the code not fail silently-but-insecurely. |
| 47 | * |
| 48 | * A proper fix requires either: |
| 49 | * - Declare all random number generation failures as fatal |
| 50 | * errors, and make this return void, and fix all callers, |
| 51 | * and make this call some appropriate function if it fails. |
| 52 | * - Make this have proper error checking (and reporting!) |
| 53 | * and make all callers check the error (and report!); |
| 54 | * this will be tricky, I think, because you have to report |
| 55 | * the errno somewhere. |
| 56 | * |
| 57 | * There's also the issue that this is only one possible |
| 58 | * implementation of a random number source; others may not rely |
| 59 | * on reading from a file descriptor, and may not produce |
| 60 | * appropriate settings of errno. |
| 61 | */ |
| 62 | |
| 63 | return True; |
| 64 | } |
| 65 | |
| 66 | static list_t *random_apply(closure_t *self, struct cloc loc, |
| 67 | dict_t *context, list_t *args) |
| 68 | { |
| 69 | struct rgen_data *st; |
| 70 | item_t *arg1, *arg2; |
| 71 | string_t filename=NULL; |
| 72 | |
| 73 | NEW(st); |
| 74 | |
| 75 | st->cl.description="randomsource"; |
| 76 | st->cl.type=CL_RANDOMSRC; |
| 77 | st->cl.apply=NULL; |
| 78 | st->cl.interface=&st->ops; |
| 79 | st->ops.st=st; |
| 80 | st->ops.blocking=False; |
| 81 | st->ops.generate=random_generate; |
| 82 | st->loc=loc; |
| 83 | |
| 84 | arg1=list_elem(args,0); |
| 85 | arg2=list_elem(args,1); |
| 86 | |
| 87 | if (!arg1) { |
| 88 | cfgfatal(loc,"randomsource","requires a filename\n"); |
| 89 | } |
| 90 | if (arg1->type != t_string) { |
| 91 | cfgfatal(arg1->loc,"randomsource", |
| 92 | "filename (arg1) must be a string\n"); |
| 93 | } |
| 94 | filename=arg1->data.string; |
| 95 | |
| 96 | if (arg2) { |
| 97 | if (arg2->type != t_bool) { |
| 98 | cfgfatal(arg2->loc,"randomsource", |
| 99 | "blocking parameter (arg2) must be bool\n"); |
| 100 | } |
| 101 | st->ops.blocking=arg2->data.bool; |
| 102 | } |
| 103 | |
| 104 | if (!filename) { |
| 105 | cfgfatal(loc,"randomsource","requires a filename\n"); |
| 106 | } |
| 107 | st->fd=open(filename,O_RDONLY); |
| 108 | if (st->fd<0) { |
| 109 | fatal_perror("randomsource (%s:%d): cannot open %s",arg1->loc.file, |
| 110 | arg1->loc.line,filename); |
| 111 | } |
| 112 | return new_closure(&st->cl); |
| 113 | } |
| 114 | |
| 115 | void random_module(dict_t *d) |
| 116 | { |
| 117 | add_closure(d,"randomfile",random_apply); |
| 118 | } |