1/* $OpenBSD: util.c,v 1.49 2022/01/08 06:49:41 guenther Exp $ */ 2 3/* 4 * Copyright (c) 1998 Per Fogelstrom, Opsycon AB 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS 16 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 19 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 * 27 */ 28 29#include <sys/types.h> 30#include <syslog.h> 31 32#include "syscall.h" 33#include "util.h" 34#include "resolve.h" 35#define KEYSTREAM_ONLY 36#include "chacha_private.h" 37 38#ifndef _RET_PROTECTOR 39/* 40 * Stack protector dummies. 41 * Ideally, a scheme to compile these stubs from libc should be used, but 42 * this would end up dragging too much code from libc here. 43 */ 44long __guard_local __dso_hidden __attribute__((section(".openbsd.randomdata"))); 45 46void __stack_smash_handler(char [], int); 47 48void 49__stack_smash_handler(char func[], int damaged) 50{ 51 char message[256]; 52 53 /* <10> indicates LOG_CRIT */ 54 _dl_strlcpy(message, "<10>ld.so:", sizeof message); 55 _dl_strlcat(message, __progname, sizeof message); 56 if (_dl_strlen(message) > sizeof(message)/2) 57 _dl_strlcpy(message + sizeof(message)/2, "...", 58 sizeof(message) - sizeof(message)/2); 59 _dl_strlcat(message, " stack overflow in function ", sizeof message); 60 _dl_strlcat(message, func, sizeof message); 61 62 _dl_sendsyslog(message, _dl_strlen(message), LOG_CONS); 63 _dl_diedie(); 64} 65#endif /* _RET_PROTECTOR */ 66 67char * 68_dl_strdup(const char *orig) 69{ 70 char *newstr; 71 size_t len; 72 73 len = _dl_strlen(orig)+1; 74 newstr = _dl_malloc(len); 75 if (newstr != NULL) 76 _dl_strlcpy(newstr, orig, len); 77 return (newstr); 78} 79 80#define KEYSZ 32 81#define IVSZ 8 82#define REKEY_AFTER_BYTES (1 << 31) 83static chacha_ctx chacha; 84static size_t chacha_bytes; 85 86void 87_dl_arc4randombuf(void *buf, size_t buflen) 88{ 89 if (chacha_bytes == 0) { 90 char bytes[KEYSZ + IVSZ]; 91 92 if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0) 93 _dl_die("no entropy"); 94 chacha_keysetup(&chacha, bytes, KEYSZ * 8); 95 chacha_ivsetup(&chacha, bytes + KEYSZ); 96 if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0) 97 _dl_die("could not clobber rng key"); 98 } 99 100 chacha_encrypt_bytes(&chacha, buf, buf, buflen); 101 102 if (REKEY_AFTER_BYTES - chacha_bytes < buflen) 103 chacha_bytes = 0; 104 else 105 chacha_bytes += buflen; 106} 107 108u_int32_t 109_dl_arc4random(void) 110{ 111 u_int32_t rnd; 112 113 _dl_arc4randombuf(&rnd, sizeof(rnd)); 114 return (rnd); 115} 116