openssh/openbsd-compat/mktemp.c

83d2307dSDag-Erling Smørgrav/* THIS FILE HAS BEEN MODIFIED FROM THE ORIGINAL OPENBSD SOURCE */
83d2307dSDag-Erling Smørgrav/* Changes: Removed mktemp */
83d2307dSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav/*	$OpenBSD: mktemp.c,v 1.30 2010/03/21 23:09:30 schwarze Exp $ */
83d2307dSDag-Erling Smørgrav/*
462c32cbSDag-Erling Smørgrav * Copyright (c) 1996-1998, 2008 Theo de Raadt
462c32cbSDag-Erling Smørgrav * Copyright (c) 1997, 2008-2009 Todd C. Miller
83d2307dSDag-Erling Smørgrav *
462c32cbSDag-Erling Smørgrav * Permission to use, copy, modify, and distribute this software for any
462c32cbSDag-Erling Smørgrav * purpose with or without fee is hereby granted, provided that the above
462c32cbSDag-Erling Smørgrav * copyright notice and this permission notice appear in all copies.
83d2307dSDag-Erling Smørgrav *
462c32cbSDag-Erling Smørgrav * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
462c32cbSDag-Erling Smørgrav * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
462c32cbSDag-Erling Smørgrav * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
462c32cbSDag-Erling Smørgrav * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
462c32cbSDag-Erling Smørgrav * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
462c32cbSDag-Erling Smørgrav * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
462c32cbSDag-Erling Smørgrav * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
83d2307dSDag-Erling Smørgrav */
83d2307dSDag-Erling Smørgrav
021d409fSDag-Erling Smørgrav/* OPENBSD ORIGINAL: lib/libc/stdio/mktemp.c */
021d409fSDag-Erling Smørgrav
83d2307dSDag-Erling Smørgrav#include "includes.h"
83d2307dSDag-Erling Smørgrav
761efaa7SDag-Erling Smørgrav#include <sys/types.h>
761efaa7SDag-Erling Smørgrav#include <sys/stat.h>
761efaa7SDag-Erling Smørgrav#include <errno.h>
462c32cbSDag-Erling Smørgrav#include <fcntl.h>
462c32cbSDag-Erling Smørgrav#include <limits.h>
462c32cbSDag-Erling Smørgrav#include <stdio.h>
462c32cbSDag-Erling Smørgrav#include <stdlib.h>
462c32cbSDag-Erling Smørgrav#include <string.h>
462c32cbSDag-Erling Smørgrav#include <ctype.h>
761efaa7SDag-Erling Smørgrav#include <unistd.h>
761efaa7SDag-Erling Smørgrav
4d3fc8b0SEd Maste#ifdef mkstemp
4d3fc8b0SEd Maste#undef mkstemp
4d3fc8b0SEd Maste#endif
4d3fc8b0SEd Masteint mkstemp(char *);
4d3fc8b0SEd Maste
4d3fc8b0SEd Maste/*
4d3fc8b0SEd Maste * From glibc man page: 'In glibc versions 2.06 and earlier, the file is
4d3fc8b0SEd Maste * created with permissions 0666, that is, read and write for all users.'
4d3fc8b0SEd Maste * Provide a wrapper to make sure the mask is reasonable (POSIX requires
4d3fc8b0SEd Maste * mode 0600, so mask off any other bits).
4d3fc8b0SEd Maste */
4d3fc8b0SEd Masteint
4d3fc8b0SEd Maste_ssh_mkstemp(char *template)
4d3fc8b0SEd Maste{
4d3fc8b0SEd Maste	mode_t mask;
4d3fc8b0SEd Maste	int ret;
4d3fc8b0SEd Maste
4d3fc8b0SEd Maste	mask = umask(0177);
4d3fc8b0SEd Maste	ret = mkstemp(template);
4d3fc8b0SEd Maste	(void)umask(mask);
4d3fc8b0SEd Maste	return ret;
4d3fc8b0SEd Maste}
4d3fc8b0SEd Maste
19261079SEd Maste#if !defined(HAVE_MKDTEMP)
83d2307dSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav#define MKTEMP_NAME	0
462c32cbSDag-Erling Smørgrav#define MKTEMP_FILE	1
462c32cbSDag-Erling Smørgrav#define MKTEMP_DIR	2
83d2307dSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav#define TEMPCHARS	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
462c32cbSDag-Erling Smørgrav#define NUM_CHARS	(sizeof(TEMPCHARS) - 1)
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgravstatic int
462c32cbSDag-Erling Smørgravmktemp_internal(char *path, int slen, int mode)
83d2307dSDag-Erling Smørgrav{
462c32cbSDag-Erling Smørgrav	char *start, *cp, *ep;
462c32cbSDag-Erling Smørgrav	const char *tempchars = TEMPCHARS;
462c32cbSDag-Erling Smørgrav	unsigned int r, tries;
462c32cbSDag-Erling Smørgrav	struct stat sb;
462c32cbSDag-Erling Smørgrav	size_t len;
83d2307dSDag-Erling Smørgrav	int fd;
83d2307dSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav	len = strlen(path);
462c32cbSDag-Erling Smørgrav	if (len == 0 || slen < 0 || (size_t)slen >= len) {
462c32cbSDag-Erling Smørgrav		errno = EINVAL;
462c32cbSDag-Erling Smørgrav		return(-1);
83d2307dSDag-Erling Smørgrav	}
462c32cbSDag-Erling Smørgrav	ep = path + len - slen;
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav	tries = 1;
462c32cbSDag-Erling Smørgrav	for (start = ep; start > path && start[-1] == 'X'; start--) {
462c32cbSDag-Erling Smørgrav		if (tries < INT_MAX / NUM_CHARS)
462c32cbSDag-Erling Smørgrav			tries *= NUM_CHARS;
462c32cbSDag-Erling Smørgrav	}
462c32cbSDag-Erling Smørgrav	tries *= 2;
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav	do {
462c32cbSDag-Erling Smørgrav		for (cp = start; cp != ep; cp++) {
462c32cbSDag-Erling Smørgrav			r = arc4random_uniform(NUM_CHARS);
462c32cbSDag-Erling Smørgrav			*cp = tempchars[r];
462c32cbSDag-Erling Smørgrav		}
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav		switch (mode) {
462c32cbSDag-Erling Smørgrav		case MKTEMP_NAME:
462c32cbSDag-Erling Smørgrav			if (lstat(path, &sb) != 0)
462c32cbSDag-Erling Smørgrav				return(errno == ENOENT ? 0 : -1);
462c32cbSDag-Erling Smørgrav			break;
462c32cbSDag-Erling Smørgrav		case MKTEMP_FILE:
462c32cbSDag-Erling Smørgrav			fd = open(path, O_CREAT|O_EXCL|O_RDWR, S_IRUSR|S_IWUSR);
462c32cbSDag-Erling Smørgrav			if (fd != -1 || errno != EEXIST)
462c32cbSDag-Erling Smørgrav				return(fd);
462c32cbSDag-Erling Smørgrav			break;
462c32cbSDag-Erling Smørgrav		case MKTEMP_DIR:
462c32cbSDag-Erling Smørgrav			if (mkdir(path, S_IRUSR|S_IWUSR|S_IXUSR) == 0)
462c32cbSDag-Erling Smørgrav				return(0);
462c32cbSDag-Erling Smørgrav			if (errno != EEXIST)
462c32cbSDag-Erling Smørgrav				return(-1);
462c32cbSDag-Erling Smørgrav			break;
462c32cbSDag-Erling Smørgrav		}
462c32cbSDag-Erling Smørgrav	} while (--tries);
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav	errno = EEXIST;
462c32cbSDag-Erling Smørgrav	return(-1);
462c32cbSDag-Erling Smørgrav}
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav#if 0
462c32cbSDag-Erling Smørgravchar *_mktemp(char *);
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgravchar *
462c32cbSDag-Erling Smørgrav_mktemp(char *path)
462c32cbSDag-Erling Smørgrav{
462c32cbSDag-Erling Smørgrav	if (mktemp_internal(path, 0, MKTEMP_NAME) == -1)
462c32cbSDag-Erling Smørgrav		return(NULL);
462c32cbSDag-Erling Smørgrav	return(path);
462c32cbSDag-Erling Smørgrav}
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav__warn_references(mktemp,
462c32cbSDag-Erling Smørgrav    "warning: mktemp() possibly used unsafely; consider using mkstemp()");
462c32cbSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgravchar *
462c32cbSDag-Erling Smørgravmktemp(char *path)
462c32cbSDag-Erling Smørgrav{
462c32cbSDag-Erling Smørgrav	return(_mktemp(path));
462c32cbSDag-Erling Smørgrav}
462c32cbSDag-Erling Smørgrav#endif
83d2307dSDag-Erling Smørgrav
83d2307dSDag-Erling Smørgravint
021d409fSDag-Erling Smørgravmkstemp(char *path)
83d2307dSDag-Erling Smørgrav{
462c32cbSDag-Erling Smørgrav	return(mktemp_internal(path, 0, MKTEMP_FILE));
462c32cbSDag-Erling Smørgrav}
83d2307dSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgravint
462c32cbSDag-Erling Smørgravmkstemps(char *path, int slen)
462c32cbSDag-Erling Smørgrav{
462c32cbSDag-Erling Smørgrav	return(mktemp_internal(path, slen, MKTEMP_FILE));
83d2307dSDag-Erling Smørgrav}
83d2307dSDag-Erling Smørgrav
83d2307dSDag-Erling Smørgravchar *
021d409fSDag-Erling Smørgravmkdtemp(char *path)
83d2307dSDag-Erling Smørgrav{
462c32cbSDag-Erling Smørgrav	int error;
83d2307dSDag-Erling Smørgrav
462c32cbSDag-Erling Smørgrav	error = mktemp_internal(path, 0, MKTEMP_DIR);
462c32cbSDag-Erling Smørgrav	return(error ? NULL : path);
83d2307dSDag-Erling Smørgrav}
83d2307dSDag-Erling Smørgrav
19261079SEd Maste#endif /* !defined(HAVE_MKDTEMP) */