From: Mark Wooding <mdw@distorted.org.uk>
Date: Fri, 5 Feb 2016 00:20:29 +0000 (+0000)
Subject: Pull fetching random bytes into the system-specific code.
X-Git-Tag: 1.0.4~6
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/yaid/commitdiff_plain/56e93c83efa4ae53b068da006f9bd219d51be58f

Pull fetching random bytes into the system-specific code.

While we're at it, take the opportunity to make the error reporting more
useful.
---

diff --git a/linux.c b/linux.c
index 413fcdc..ecd43a1 100644
--- a/linux.c
+++ b/linux.c
@@ -34,6 +34,22 @@
 /*----- Static variables --------------------------------------------------*/
 
 static FILE *natfp;			/* File handle for NAT table */
+static int randfd;			/* File descriptor for random data */
+
+/*----- Miscellaneous system services -------------------------------------*/
+
+/* Fill the buffer at P with SZ random bytes.  The buffer will be moderately
+ * large: this is intended to be a low-level interface, not a general-purpose
+ * utility.
+ */
+void fill_random(void *p, size_t sz)
+{
+  ssize_t n;
+
+  n = read(randfd, p, sz);
+  if (n < 0) die(1, "error reading `/dev/urandom': %s", strerror(errno));
+  else if (n < sz) die(1, "unexpected short read from `/dev/urandom'");
+}
 
 /*----- Address-type operations -------------------------------------------*/
 
@@ -463,6 +479,12 @@ void init_sys(void)
     die(1, "failed to open `/proc/net/nf_conntrack' for reading: %s",
 	strerror(errno));
   }
+
+  /* Open the random data source. */
+  if ((randfd = open("/dev/urandom", O_RDONLY)) < 0) {
+    die(1, "failed to open `/dev/urandom' for reading: %s",
+	strerror(errno));
+  }
 }
 
 /*----- That's all, folks -------------------------------------------------*/
diff --git a/yaid.c b/yaid.c
index da015e1..13e1208 100644
--- a/yaid.c
+++ b/yaid.c
@@ -88,7 +88,6 @@ static fwatch polfw;			/* Watch policy file for changes */
 
 static unsigned char tokenbuf[4096];	/* Random-ish data for tokens */
 static size_t tokenptr = sizeof(tokenbuf); /* Current read position */
-static int randfd;			/* File descriptor for random data */
 
 static struct client *dead_clients = 0;	/* List of defunct clients */
 static struct proxy *dead_proxies = 0;	/* List of defunct proxies */
@@ -626,8 +625,7 @@ static void user_token(char *p)
    * from the kernel.
    */
   if (tokenptr + TOKENRANDSZ >= sizeof(tokenbuf)) {
-    if (read(randfd, tokenbuf, sizeof(tokenbuf)) < sizeof(tokenbuf))
-      die(1, "unexpected short read or error from `/dev/urandom'");
+    fill_random(tokenbuf, sizeof(tokenbuf));
     tokenptr = 0;
   }
 
@@ -1092,12 +1090,6 @@ int main(int argc, char *argv[])
   if (load_policy_file(policyfile, &policy))
     exit(1);
 
-  /* Open the random data source. */
-  if ((randfd = open("/dev/urandom", O_RDONLY)) < 0) {
-    die(1, "failed to open `/dev/urandom' for reading: %s",
-	strerror(errno));
-  }
-
   /* Set up the I/O event system. */
   sel_init(&sel);
 
diff --git a/yaid.h b/yaid.h
index 15f26bf..a148743 100644
--- a/yaid.h
+++ b/yaid.h
@@ -260,6 +260,12 @@ extern void PRINTF_LIKE(3, 4)
  */
 extern void identify(struct query */*q*/);
 
+/* Fill the buffer at P with SZ random bytes.  The buffer will be moderately
+ * large: this is intended to be a low-level interface, not a general-purpose
+ * utility.
+ */
+extern void fill_random(void */*p*/, size_t /*sz*/);
+
 /* Initialize the system-specific code. */
 extern void init_sys(void);