diff options
author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 12:23:09 +0100 |
---|---|---|
committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 14:30:30 +0100 |
commit | bcdead0fd4642a5e8985981c1583d40ff779299a (patch) | |
tree | 2285d47c351a1a07bb22f060293f641b711d5785 /dbus/dbus-auth.c | |
parent | f385324d8b03eab13f3e618ce9a0018977c9a7cb (diff) | |
download | dbus-bcdead0fd4642a5e8985981c1583d40ff779299a.tar.gz |
Fail to generate random bytes instead of falling back to rand()
This is more robust against broken setups where we run out
of memory or cannot read /dev/urandom.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=90414
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
[smcv: document @error]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Diffstat (limited to 'dbus/dbus-auth.c')
-rw-r--r-- | dbus/dbus-auth.c | 64 |
1 files changed, 46 insertions, 18 deletions
diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c index 1503d5f1..f2227875 100644 --- a/dbus/dbus-auth.c +++ b/dbus/dbus-auth.c @@ -524,10 +524,8 @@ sha1_handle_first_client_response (DBusAuth *auth, */ DBusString tmp; DBusString tmp2; - dbus_bool_t retval; - DBusError error; - - retval = FALSE; + dbus_bool_t retval = FALSE; + DBusError error = DBUS_ERROR_INIT; _dbus_string_set_length (&auth->challenge, 0); @@ -578,7 +576,6 @@ sha1_handle_first_client_response (DBusAuth *auth, if (auth->keyring == NULL) { - dbus_error_init (&error); auth->keyring = _dbus_keyring_new_for_credentials (auth->desired_identity, &auth->context, &error); @@ -610,7 +607,6 @@ sha1_handle_first_client_response (DBusAuth *auth, _dbus_assert (auth->keyring != NULL); - dbus_error_init (&error); auth->cookie_id = _dbus_keyring_get_best_key (auth->keyring, &error); if (auth->cookie_id < 0) { @@ -640,8 +636,25 @@ sha1_handle_first_client_response (DBusAuth *auth, if (!_dbus_string_append (&tmp2, " ")) goto out; - if (!_dbus_generate_random_bytes (&tmp, N_CHALLENGE_BYTES)) - goto out; + if (!_dbus_generate_random_bytes (&tmp, N_CHALLENGE_BYTES, &error)) + { + if (dbus_error_has_name (&error, DBUS_ERROR_NO_MEMORY)) + { + dbus_error_free (&error); + goto out; + } + else + { + _DBUS_ASSERT_ERROR_IS_SET (&error); + _dbus_verbose ("%s: Error generating challenge: %s\n", + DBUS_AUTH_NAME (auth), error.message); + if (send_rejected (auth)) + retval = TRUE; /* retval is only about mem */ + + dbus_error_free (&error); + goto out; + } + } _dbus_string_set_length (&auth->challenge, 0); if (!_dbus_string_hex_encode (&tmp, 0, &auth->challenge, 0)) @@ -826,7 +839,7 @@ handle_client_data_cookie_sha1_mech (DBusAuth *auth, * name, the cookie ID, and the server challenge, separated by * spaces. We send back our challenge string and the correct hash. */ - dbus_bool_t retval; + dbus_bool_t retval = FALSE; DBusString context; DBusString cookie_id_str; DBusString server_challenge; @@ -835,9 +848,8 @@ handle_client_data_cookie_sha1_mech (DBusAuth *auth, DBusString tmp; int i, j; long val; - - retval = FALSE; - + DBusError error = DBUS_ERROR_INIT; + if (!_dbus_string_find_blank (data, 0, &i)) { if (send_error (auth, @@ -903,9 +915,6 @@ handle_client_data_cookie_sha1_mech (DBusAuth *auth, if (auth->keyring == NULL) { - DBusError error; - - dbus_error_init (&error); auth->keyring = _dbus_keyring_new_for_credentials (NULL, &context, &error); @@ -942,9 +951,28 @@ handle_client_data_cookie_sha1_mech (DBusAuth *auth, if (!_dbus_string_init (&tmp)) goto out_3; - - if (!_dbus_generate_random_bytes (&tmp, N_CHALLENGE_BYTES)) - goto out_4; + + if (!_dbus_generate_random_bytes (&tmp, N_CHALLENGE_BYTES, &error)) + { + if (dbus_error_has_name (&error, DBUS_ERROR_NO_MEMORY)) + { + dbus_error_free (&error); + goto out_4; + } + else + { + _DBUS_ASSERT_ERROR_IS_SET (&error); + + _dbus_verbose ("%s: Failed to generate challenge: %s\n", + DBUS_AUTH_NAME (auth), error.message); + + if (send_error (auth, "Failed to generate challenge")) + retval = TRUE; /* retval is only about mem */ + + dbus_error_free (&error); + goto out_4; + } + } if (!_dbus_string_init (&client_challenge)) goto out_4; |