From 0aa7112f1cab6005c677d74dc0a4f69b51ac148f Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Sat, 12 Oct 2002 14:51:32 +0000 Subject: [PATCH] * rndunix.c (my_popen): Make sure that stdin and stderr are connected to a file. This is to avoid NetBSD to complain about set{u,g}id programs invoked with fd 0, 2 closed. Reported by Cristian Biere. (start_gatherer): Likewise. Reordered code. * configure.ac (NAME_OF_DEV_URANDOM): Don't use /dev/srandom for NetBSD. Noted by Christian Biere. --- ChangeLog | 5 ++++ cipher/ChangeLog | 8 ++++++ cipher/rndunix.c | 65 ++++++++++++++++++++++++++++++------------------ configure.ac | 2 +- 4 files changed, 55 insertions(+), 25 deletions(-) diff --git a/ChangeLog b/ChangeLog index cd9e9c9d9..30ec0940d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2002-10-12 Werner Koch + + * configure.ac (NAME_OF_DEV_URANDOM): Don't use /dev/srandom for + NetBSD. Noted by Christian Biere. + 2002-10-07 David Shaw * configure.ac: OpenLDAP 2.0.27 changed the dependencies again. diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 62058ff56..6d68c21da 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,11 @@ +2002-10-12 Werner Koch + + * rndunix.c (my_popen): Make sure that stdin and stderr are + connected to a file. This is to avoid NetBSD to complain about + set{u,g}id programs invoked with fd 0, 2 closed. Reported by + Cristian Biere. + (start_gatherer): Likewise. Reordered code. + 2002-10-02 David Shaw * tiger.c (tiger_get_info): Select the OID to use for TIGER at diff --git a/cipher/rndunix.c b/cipher/rndunix.c index ba1a55a1a..4c8aeaefa 100644 --- a/cipher/rndunix.c +++ b/cipher/rndunix.c @@ -391,10 +391,17 @@ my_popen(struct RI *entry) if (entry->pid == (pid_t) 0) { struct passwd *passwd; + int fd; /* We are the child. Make the read side of the pipe be stdout */ if (dup2(pipedes[STDOUT_FILENO], STDOUT_FILENO) < 0) exit(127); + /* Connect the other standard handles to the bit bucket. */ + if ((fd = open ("/dev/null", O_RDWR)) != -1) { + dup2 (fd, STDIN_FILENO); + dup2 (fd, STDERR_FILENO); + close (fd); + } /* Now that everything is set up, give up our permissions to make * sure we don't read anything sensitive. If the getpwnam() fails, @@ -405,7 +412,7 @@ my_popen(struct RI *entry) setuid(gatherer_uid); - /* Close the pipe descriptors */ + /* Close the pipe descriptors. */ close(pipedes[STDIN_FILENO]); close(pipedes[STDOUT_FILENO]); @@ -659,28 +666,6 @@ start_gatherer( int pipefd ) } dbgall = !!getenv("GNUPG_RNDUNIX_DBGALL"); } - /* close all files but the ones we need */ - { int nmax, n1, n2, i; - #ifdef _SC_OPEN_MAX - if( (nmax=sysconf( _SC_OPEN_MAX )) < 0 ) { - #ifdef _POSIX_OPEN_MAX - nmax = _POSIX_OPEN_MAX; - #else - nmax = 20; /* assume a reasonable value */ - #endif - } - #else - nmax = 20; /* assume a reasonable value */ - #endif - n1 = fileno( stderr ); - n2 = dbgfp? fileno( dbgfp ) : -1; - for(i=0; i < nmax; i++ ) { - if( i != n1 && i != n2 && i != pipefd ) - close(i); - } - errno = 0; - } - /* Set up the buffer */ @@ -705,7 +690,39 @@ start_gatherer( int pipefd ) signal(SIGCHLD, SIG_DFL); #endif - fclose(stderr); /* Arrghh!! It's Stuart code!! */ + fflush (stderr); + /* Arrghh!! It's Stuart code!! */ + /* (close all files but the ones we need) */ + { int nmax, n1, i; + #ifdef _SC_OPEN_MAX + if( (nmax=sysconf( _SC_OPEN_MAX )) < 0 ) { + #ifdef _POSIX_OPEN_MAX + nmax = _POSIX_OPEN_MAX; + #else + nmax = 20; /* assume a reasonable value */ + #endif + } + #else + nmax = 20; /* assume a reasonable value */ + #endif + { + int fd; + if ((fd = open ("/dev/null", O_RDWR)) != -1) { + dup2 (fd, STDIN_FILENO); + dup2 (fd, STDOUT_FILENO); + dup2 (fd, STDERR_FILENO); + close (fd); + } + } + n1 = dbgfp? fileno (dbgfp) : -1; + for(i=0; i < nmax; i++ ) { + if (i != STDIN_FILENO && i != STDOUT_FILENO && i != STDERR_FILENO + && i != n1 && i != pipefd ) + close(i); + } + errno = 0; + } + for(;;) { GATHER_MSG msg; diff --git a/configure.ac b/configure.ac index 018f778ce..5426e7b5c 100644 --- a/configure.ac +++ b/configure.ac @@ -468,7 +468,7 @@ AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME", NAME_OF_DEV_RANDOM="/dev/random" NAME_OF_DEV_URANDOM="/dev/urandom" case "${target}" in - *-openbsd* | *-netbsd*) + *-openbsd*) NAME_OF_DEV_RANDOM="/dev/srandom" NAME_OF_DEV_URANDOM="/dev/urandom" ;;