1 /* $OpenBSD: util.c,v 1.49 2022/01/08 06:49:41 guenther Exp $ */
2
3 /*
4 * Copyright (c) 1998 Per Fogelstrom, Opsycon AB
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
16 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 *
27 */
28
29 #include <sys/types.h>
30 #include <syslog.h>
31
32 #include "syscall.h"
33 #include "util.h"
34 #include "resolve.h"
35 #define KEYSTREAM_ONLY
36 #include "chacha_private.h"
37
38 #ifndef _RET_PROTECTOR
39 /*
40 * Stack protector dummies.
41 * Ideally, a scheme to compile these stubs from libc should be used, but
42 * this would end up dragging too much code from libc here.
43 */
44 long __guard_local __dso_hidden __attribute__((section(".openbsd.randomdata")));
45
46 void __stack_smash_handler(char [], int);
47
48 void
__stack_smash_handler(char func[],int damaged)49 __stack_smash_handler(char func[], int damaged)
50 {
51 char message[256];
52
53 /* <10> indicates LOG_CRIT */
54 _dl_strlcpy(message, "<10>ld.so:", sizeof message);
55 _dl_strlcat(message, __progname, sizeof message);
56 if (_dl_strlen(message) > sizeof(message)/2)
57 _dl_strlcpy(message + sizeof(message)/2, "...",
58 sizeof(message) - sizeof(message)/2);
59 _dl_strlcat(message, " stack overflow in function ", sizeof message);
60 _dl_strlcat(message, func, sizeof message);
61
62 _dl_sendsyslog(message, _dl_strlen(message), LOG_CONS);
63 _dl_diedie();
64 }
65 #endif /* _RET_PROTECTOR */
66
67 char *
_dl_strdup(const char * orig)68 _dl_strdup(const char *orig)
69 {
70 char *newstr;
71 size_t len;
72
73 len = _dl_strlen(orig)+1;
74 newstr = _dl_malloc(len);
75 if (newstr != NULL)
76 _dl_strlcpy(newstr, orig, len);
77 return (newstr);
78 }
79
80 #define KEYSZ 32
81 #define IVSZ 8
82 #define REKEY_AFTER_BYTES (1 << 31)
83 static chacha_ctx chacha;
84 static size_t chacha_bytes;
85
86 void
_dl_arc4randombuf(void * buf,size_t buflen)87 _dl_arc4randombuf(void *buf, size_t buflen)
88 {
89 if (chacha_bytes == 0) {
90 char bytes[KEYSZ + IVSZ];
91
92 if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0)
93 _dl_die("no entropy");
94 chacha_keysetup(&chacha, bytes, KEYSZ * 8);
95 chacha_ivsetup(&chacha, bytes + KEYSZ);
96 if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0)
97 _dl_die("could not clobber rng key");
98 }
99
100 chacha_encrypt_bytes(&chacha, buf, buf, buflen);
101
102 if (REKEY_AFTER_BYTES - chacha_bytes < buflen)
103 chacha_bytes = 0;
104 else
105 chacha_bytes += buflen;
106 }
107
108 u_int32_t
_dl_arc4random(void)109 _dl_arc4random(void)
110 {
111 u_int32_t rnd;
112
113 _dl_arc4randombuf(&rnd, sizeof(rnd));
114 return (rnd);
115 }
116