| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 | 4 |
| 5 #include <stdio.h> | 5 #include <stdio.h> |
| 6 #include <string.h> | 6 #include <string.h> |
| 7 #include <signal.h> | 7 #include <signal.h> |
| 8 #include <unistd.h> | 8 #include <unistd.h> |
| 9 #include <limits.h> | 9 #include <limits.h> |
| 10 #include <errno.h> | 10 #include <errno.h> |
| (...skipping 898 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 909 * BSD/OS we do not call safe_popen when we succeeded in getting data | 909 * BSD/OS we do not call safe_popen when we succeeded in getting data |
| 910 * from /dev/urandom. | 910 * from /dev/urandom. |
| 911 * | 911 * |
| 912 * Bug 174993: On platforms providing /dev/urandom, don't fork netstat | 912 * Bug 174993: On platforms providing /dev/urandom, don't fork netstat |
| 913 * either, if data has been gathered successfully. | 913 * either, if data has been gathered successfully. |
| 914 */ | 914 */ |
| 915 | 915 |
| 916 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \ | 916 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \ |
| 917 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \ | 917 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \ |
| 918 || defined(HPUX) | 918 || defined(HPUX) |
| 919 if (bytes) | 919 if (bytes == SYSTEM_RNG_SEED_COUNT) |
| 920 return; | 920 return; |
| 921 | 921 |
| 922 /* | 922 /* |
| 923 * Modified to abort the process if it failed to read from /dev/urandom. | 923 * Modified to abort the process if it failed to read from /dev/urandom. |
| 924 * | 924 * |
| 925 * See crbug.com/244661 for details. | 925 * See crbug.com/244661 for details. |
| 926 */ | 926 */ |
| 927 fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " | 927 fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) " |
| 928 "Abort process.\n", __FILE__, __LINE__); | 928 "from /dev/urandom. Abort process.\n", __FILE__, __LINE__, |
| 929 bytes, SYSTEM_RNG_SEED_COUNT); |
| 929 fflush(stderr); | 930 fflush(stderr); |
| 930 abort(); | 931 abort(); |
| 931 #endif | 932 #endif |
| 932 | 933 |
| 933 #ifdef SOLARIS | 934 #ifdef SOLARIS |
| 934 | 935 |
| 935 /* | 936 /* |
| 936 * On Solaris, NSS may be initialized automatically from libldap in | 937 * On Solaris, NSS may be initialized automatically from libldap in |
| 937 * applications that are unaware of the use of NSS. safe_popen forks, and | 938 * applications that are unaware of the use of NSS. safe_popen forks, and |
| 938 * sometimes creates issues with some applications' pthread_atfork handlers. | 939 * sometimes creates issues with some applications' pthread_atfork handlers. |
| (...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1126 { | 1127 { |
| 1127 static int fileToRead = 1; | 1128 static int fileToRead = 1; |
| 1128 | 1129 |
| 1129 if (ReadOneFile(fileToRead)) { | 1130 if (ReadOneFile(fileToRead)) { |
| 1130 fileToRead = 1; | 1131 fileToRead = 1; |
| 1131 } else { | 1132 } else { |
| 1132 fileToRead++; | 1133 fileToRead++; |
| 1133 } | 1134 } |
| 1134 } | 1135 } |
| 1135 | 1136 |
| 1137 /* |
| 1138 * Modified to abort the process if it failed to read from /dev/urandom. |
| 1139 * |
| 1140 * See crbug.com/244661 for details. |
| 1141 */ |
| 1136 size_t RNG_SystemRNG(void *dest, size_t maxLen) | 1142 size_t RNG_SystemRNG(void *dest, size_t maxLen) |
| 1137 { | 1143 { |
| 1138 FILE *file; | 1144 FILE *file; |
| 1139 size_t bytes; | 1145 size_t bytes; |
| 1140 size_t fileBytes = 0; | 1146 size_t fileBytes = 0; |
| 1141 unsigned char *buffer = dest; | 1147 unsigned char *buffer = dest; |
| 1142 | 1148 |
| 1143 file = fopen("/dev/urandom", "r"); | 1149 file = fopen("/dev/urandom", "r"); |
| 1144 if (file == NULL) { | 1150 if (file == NULL) { |
| 1145 /* | |
| 1146 * Modified to abort the process if it failed to read from /dev/urandom. | |
| 1147 * | |
| 1148 * See crbug.com/244661 for details. | |
| 1149 */ | |
| 1150 fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " | 1151 fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
| 1151 "Abort process.\n", __FILE__, __LINE__); | 1152 "Abort process.\n", __FILE__, __LINE__); |
| 1152 fflush(stderr); | 1153 fflush(stderr); |
| 1153 abort(); | 1154 abort(); |
| 1154 } | 1155 } |
| 1155 while (maxLen > fileBytes) { | 1156 while (maxLen > fileBytes) { |
| 1156 bytes = maxLen - fileBytes; | 1157 bytes = maxLen - fileBytes; |
| 1157 bytes = fread(buffer, 1, bytes, file); | 1158 bytes = fread(buffer, 1, bytes, file); |
| 1158 if (bytes == 0) | 1159 if (bytes == 0) |
| 1159 break; | 1160 break; |
| 1160 fileBytes += bytes; | 1161 fileBytes += bytes; |
| 1161 buffer += bytes; | 1162 buffer += bytes; |
| 1162 } | 1163 } |
| 1163 fclose(file); | 1164 fclose(file); |
| 1164 if (fileBytes != maxLen) { | 1165 if (fileBytes != maxLen) { |
| 1165 » PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */ | 1166 » fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
| 1166 » fileBytes = 0; | 1167 » » "Abort process.\n", __FILE__, __LINE__); |
| 1168 » fflush(stderr); |
| 1169 » abort(); |
| 1167 } | 1170 } |
| 1168 return fileBytes; | 1171 return fileBytes; |
| 1169 } | 1172 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 17058006:
RNG_SystemRNG should fail rather than falling back on rng_systemFromNoise (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/