1 /* $OpenBSD: util.c,v 1.48 2020/10/15 04:12:43 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1998 Per Fogelstrom, Opsycon AB 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS 16 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 19 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 * 27 */ 28 29 #include <sys/types.h> 30 #include <syslog.h> 31 #include "archdep.h" 32 #include "resolve.h" 33 #define KEYSTREAM_ONLY 34 #include "chacha_private.h" 35 36 #ifndef _RET_PROTECTOR 37 /* 38 * Stack protector dummies. 39 * Ideally, a scheme to compile these stubs from libc should be used, but 40 * this would end up dragging too much code from libc here. 41 */ 42 long __guard_local __dso_hidden __attribute__((section(".openbsd.randomdata"))); 43 44 void __stack_smash_handler(char [], int); 45 46 void 47 __stack_smash_handler(char func[], int damaged) 48 { 49 char message[256]; 50 51 /* <10> indicates LOG_CRIT */ 52 _dl_strlcpy(message, "<10>ld.so:", sizeof message); 53 _dl_strlcat(message, __progname, sizeof message); 54 if (_dl_strlen(message) > sizeof(message)/2) 55 _dl_strlcpy(message + sizeof(message)/2, "...", 56 sizeof(message) - sizeof(message)/2); 57 _dl_strlcat(message, " stack overflow in function ", sizeof message); 58 _dl_strlcat(message, func, sizeof message); 59 60 _dl_sendsyslog(message, _dl_strlen(message), LOG_CONS); 61 _dl_diedie(); 62 } 63 #endif /* _RET_PROTECTOR */ 64 65 char * 66 _dl_strdup(const char *orig) 67 { 68 char *newstr; 69 size_t len; 70 71 len = _dl_strlen(orig)+1; 72 newstr = _dl_malloc(len); 73 if (newstr != NULL) 74 _dl_strlcpy(newstr, orig, len); 75 return (newstr); 76 } 77 78 #define KEYSZ 32 79 #define IVSZ 8 80 #define REKEY_AFTER_BYTES (1 << 31) 81 static chacha_ctx chacha; 82 static size_t chacha_bytes; 83 84 void 85 _dl_arc4randombuf(void *buf, size_t buflen) 86 { 87 if (chacha_bytes == 0) { 88 char bytes[KEYSZ + IVSZ]; 89 90 if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0) 91 _dl_die("no entropy"); 92 chacha_keysetup(&chacha, bytes, KEYSZ * 8); 93 chacha_ivsetup(&chacha, bytes + KEYSZ); 94 if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0) 95 _dl_die("could not clobber rng key"); 96 } 97 98 chacha_encrypt_bytes(&chacha, buf, buf, buflen); 99 100 if (REKEY_AFTER_BYTES - chacha_bytes < buflen) 101 chacha_bytes = 0; 102 else 103 chacha_bytes += buflen; 104 } 105 106 u_int32_t 107 _dl_arc4random(void) 108 { 109 u_int32_t rnd; 110 111 _dl_arc4randombuf(&rnd, sizeof(rnd)); 112 return (rnd); 113 } 114