Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 02 Feb 2013 13:46:50 -0500
From: "Anthony G. Basile" <basile@...nsource.dyc.edu>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] Add support for mkostemp, mkstemps and mkostemps

Hi Rich,

Revised patch submitted.  The only thing I'm not certain of is the 
entropy for the random name.  I considered what everyone said, and 
looked at how uclibc/glibc do it and came up with something that is 1) 
fast, 2) small footprint, but whether there's enough randomness is 
debatable.


On 02/01/2013 10:48 PM, Rich Felker wrote:
> Hi again,
>
> Now that the release is done, I'd like to get back to integrating
> things like this. Have you made any changes based on the reviews?
> Overall this looks good and I'd like to commit a patch within the next
> few days. If you don't have time to work on it more, let me know and I
> can prepare a final patch based on what you sent.
>
> Rich
>
> On Mon, Jan 28, 2013 at 12:06:23AM -0500, Anthony G. Basile wrote:
>> From: "Anthony G. Basile" <basile@...nsource.dyc.edu>
>>
>> Signed-off-by: Anthony G. Basile <blueness@...too.org>
>> ---
>>   include/stdlib.h     |  6 ++++++
>>   src/temp/mkostemp.c  | 18 ++++++++++++++++++
>>   src/temp/mkostemps.c | 18 ++++++++++++++++++
>>   src/temp/mkstemp.c   | 15 ++-------------
>>   src/temp/mkstemps.c  | 18 ++++++++++++++++++
>>   src/temp/mktemp.c    |  7 +++----
>>   src/temp/randname.c  | 22 ++++++++++++++++++++++
>>   src/temp/tempfile.c  | 42 ++++++++++++++++++++++++++++++++++++++++++
>>   8 files changed, 129 insertions(+), 17 deletions(-)
>>   create mode 100644 src/temp/mkostemp.c
>>   create mode 100644 src/temp/mkostemps.c
>>   create mode 100644 src/temp/mkstemps.c
>>   create mode 100644 src/temp/randname.c
>>   create mode 100644 src/temp/tempfile.c
>>
>> diff --git a/include/stdlib.h b/include/stdlib.h
>> index 671d188..4210f40 100644
>> --- a/include/stdlib.h
>> +++ b/include/stdlib.h
>> @@ -95,6 +95,9 @@ int posix_memalign (void **, size_t, size_t);
>>   int setenv (const char *, const char *, int);
>>   int unsetenv (const char *);
>>   int mkstemp (char *);
>> +int mkostemp (char *, int);
>> +int mkstemps (char *, int);
>> +int mkostemps (char *, int, int);
>>   char *mkdtemp (char *);
>>   int getsubopt (char **, char *const *, char **);
>>   int rand_r (unsigned *);
>> @@ -150,6 +153,9 @@ char *gcvt(double, int, char *);
>>
>>   #if defined(_LARGEFILE64_SOURCE) || defined(_GNU_SOURCE)
>>   #define mkstemp64 mkstemp
>> +#define mkostemp64 mkostemp
>> +#define mkstemps64 mkstemps
>> +#define mkostemps64 mkostemps
>>   #endif
>>
>>   #ifdef __cplusplus
>> diff --git a/src/temp/mkostemp.c b/src/temp/mkostemp.c
>> new file mode 100644
>> index 0000000..750d880
>> --- /dev/null
>> +++ b/src/temp/mkostemp.c
>> @@ -0,0 +1,18 @@
>> +#define _GNU_SOURCE
>> +#include <string.h>
>> +#include <stdio.h>
>> +#include <stdlib.h>
>> +#include <fcntl.h>
>> +#include <unistd.h>
>> +#include <limits.h>
>> +#include <errno.h>
>> +#include "libc.h"
>> +
>> +int __open_tempfile (char *, int, int);
>> +
>> +int __mkostemp(char *template, int flags)
>> +{
>> +	return __open_tempfile (template, 0, flags);
>> +}
>> +
>> +weak_alias(__mkostemp, mkostemp);
>> diff --git a/src/temp/mkostemps.c b/src/temp/mkostemps.c
>> new file mode 100644
>> index 0000000..8c810ce
>> --- /dev/null
>> +++ b/src/temp/mkostemps.c
>> @@ -0,0 +1,18 @@
>> +#define _GNU_SOURCE
>> +#include <string.h>
>> +#include <stdio.h>
>> +#include <stdlib.h>
>> +#include <fcntl.h>
>> +#include <unistd.h>
>> +#include <limits.h>
>> +#include <errno.h>
>> +#include "libc.h"
>> +
>> +int __open_tempfile (char *, int, int);
>> +
>> +int __mkostemps(char *template, int len, int flags)
>> +{
>> +	return __open_tempfile (template, len, flags);
>> +}
>> +
>> +weak_alias(__mkostemps, mkostemps);
>> diff --git a/src/temp/mkstemp.c b/src/temp/mkstemp.c
>> index a390d42..ccaf3c6 100644
>> --- a/src/temp/mkstemp.c
>> +++ b/src/temp/mkstemp.c
>> @@ -7,22 +7,11 @@
>>   #include <errno.h>
>>   #include "libc.h"
>>
>> -char *__mktemp(char *);
>> +int __open_tempfile (char *, int, int);
>>
>>   int mkstemp(char *template)
>>   {
>> -	int fd, retries = 100, t0 = *template;
>> -	while (retries--) {
>> -		if (!*__mktemp(template)) return -1;
>> -		if ((fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600))>=0)
>> -			return fd;
>> -		if (errno != EEXIST) return -1;
>> -		/* this is safe because mktemp verified
>> -		 * that we have a valid template string */
>> -		template[0] = t0;
>> -		strcpy(template+strlen(template)-6, "XXXXXX");
>> -	}
>> -	return -1;
>> +	return __open_tempfile (template, 0, O_RDWR);
>>   }
>>
>>   LFS64(mkstemp);
>> diff --git a/src/temp/mkstemps.c b/src/temp/mkstemps.c
>> new file mode 100644
>> index 0000000..53fea07
>> --- /dev/null
>> +++ b/src/temp/mkstemps.c
>> @@ -0,0 +1,18 @@
>> +#define _GNU_SOURCE
>> +#include <string.h>
>> +#include <stdio.h>
>> +#include <stdlib.h>
>> +#include <fcntl.h>
>> +#include <unistd.h>
>> +#include <limits.h>
>> +#include <errno.h>
>> +#include "libc.h"
>> +
>> +int __open_tempfile (char *, int, int);
>> +
>> +int __mkstemps(char *template, int len)
>> +{
>> +	return __open_tempfile (template, len, O_RDWR);
>> +}
>> +
>> +weak_alias(__mkstemps, mkstemps);
>> diff --git a/src/temp/mktemp.c b/src/temp/mktemp.c
>> index c0e06f5..de1afb4 100644
>> --- a/src/temp/mktemp.c
>> +++ b/src/temp/mktemp.c
>> @@ -8,6 +8,8 @@
>>   #include <stdint.h>
>>   #include "libc.h"
>>
>> +char *__randname(char *);
>> +
>>   char *__mktemp(char *template)
>>   {
>>   	struct timespec ts;
>> @@ -21,10 +23,7 @@ char *__mktemp(char *template)
>>   		return template;
>>   	}
>>   	while (retries--) {
>> -		clock_gettime(CLOCK_REALTIME, &ts);
>> -		r = ts.tv_nsec + (uintptr_t)&ts / 16 + (uintptr_t)template;
>> -		for (i=1; i<=6; i++, r>>=4)
>> -			template[l-i] = 'A'+(r&15);
>> +		__randname(template);
>>   		if (access(template, F_OK) < 0) return template;
>>   	}
>>   	*template = 0;
>> diff --git a/src/temp/randname.c b/src/temp/randname.c
>> new file mode 100644
>> index 0000000..4d3476f
>> --- /dev/null
>> +++ b/src/temp/randname.c
>> @@ -0,0 +1,22 @@
>> +#include <string.h>
>> +#include <unistd.h>
>> +#include <errno.h>
>> +#include <time.h>
>> +#include <stdint.h>
>> +#include "libc.h"
>> +
>> +char *__randname(char *template)
>> +{
>> +	struct timespec ts;
>> +	size_t i, l = strlen(template);
>> +	unsigned long r;
>> +
>> +	/* This assumes that a check for the template
>> +	   size has alrady been made */
>> +	clock_gettime(CLOCK_REALTIME, &ts);
>> +	r = ts.tv_nsec + (uintptr_t)&ts / 16 + (uintptr_t)template;
>> +	for (i=1; i<=6; i++, r>>=4)
>> +		template[l-i] = 'A'+(r&15);
>> +
>> +	return template;
>> +}
>> diff --git a/src/temp/tempfile.c b/src/temp/tempfile.c
>> new file mode 100644
>> index 0000000..93808a6
>> --- /dev/null
>> +++ b/src/temp/tempfile.c
>> @@ -0,0 +1,42 @@
>> +#include <string.h>
>> +#include <stdio.h>
>> +#include <stdlib.h>
>> +#include <fcntl.h>
>> +#include <unistd.h>
>> +#include <limits.h>
>> +#include <errno.h>
>> +#include "libc.h"
>> +
>> +char *__randname(char *);
>> +
>> +int __open_tempfile (char *template, int len, int flags)
>> +{
>> +	if (len < 0) return EINVAL;
>> +
>> +	int l = strlen(template)-len;
>> +	if (l < 6 || strncmp(template+l-6, "XXXXXX",6)) {
>> +		errno = EINVAL;
>> +		*template = 0;
>> +		return -1;
>> +	}
>> +
>> +	/* Null terminate the template before the suffix,
>> +	   and save the char for adding back the suffix */
>> +	char suffix = template[l];
>> +	template[l] = '\0';
>> +
>> +	int fd, retries = 100, t0 = *template;
>> +	while (retries--) {
>> +		if (!*__randname(template)) return -1;
>> +		/* Add back the suffix */
>> +		template[l] = suffix;
>> +		if ((fd = open(template, flags | O_CREAT | O_EXCL, 0600))>=0)
>> +			return fd;
>> +		if (errno != EEXIST) return -1;
>> +		/* this is safe because mktemp verified
>> +		 * that we have a valid template string */
>> +		template[0] = t0;
>> +		strcpy(template+l-6, "XXXXXX");
>> +	}
>> +	return -1;
>> +}
>> --
>> 1.7.12.4


-- 
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.