xref: /freebsd/crypto/openssh/openbsd-compat/mktemp.c (revision 4d3fc8b0570b29fb0d6ee9525f104d52176ff0d4) 
183d2307dSDag-Erling Smørgrav /* THIS FILE HAS BEEN MODIFIED FROM THE ORIGINAL OPENBSD SOURCE */
283d2307dSDag-Erling Smørgrav /* Changes: Removed mktemp */
383d2307dSDag-Erling Smørgrav 
4462c32cbSDag-Erling Smørgrav /*	$OpenBSD: mktemp.c,v 1.30 2010/03/21 23:09:30 schwarze Exp $ */
583d2307dSDag-Erling Smørgrav /*
6462c32cbSDag-Erling Smørgrav  * Copyright (c) 1996-1998, 2008 Theo de Raadt
7462c32cbSDag-Erling Smørgrav  * Copyright (c) 1997, 2008-2009 Todd C. Miller
883d2307dSDag-Erling Smørgrav  *
9462c32cbSDag-Erling Smørgrav  * Permission to use, copy, modify, and distribute this software for any
10462c32cbSDag-Erling Smørgrav  * purpose with or without fee is hereby granted, provided that the above
11462c32cbSDag-Erling Smørgrav  * copyright notice and this permission notice appear in all copies.
1283d2307dSDag-Erling Smørgrav  *
13462c32cbSDag-Erling Smørgrav  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14462c32cbSDag-Erling Smørgrav  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15462c32cbSDag-Erling Smørgrav  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16462c32cbSDag-Erling Smørgrav  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17462c32cbSDag-Erling Smørgrav  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18462c32cbSDag-Erling Smørgrav  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19462c32cbSDag-Erling Smørgrav  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
2083d2307dSDag-Erling Smørgrav  */
2183d2307dSDag-Erling Smørgrav 
22021d409fSDag-Erling Smørgrav /* OPENBSD ORIGINAL: lib/libc/stdio/mktemp.c */
23021d409fSDag-Erling Smørgrav 
2483d2307dSDag-Erling Smørgrav #include "includes.h"
2583d2307dSDag-Erling Smørgrav 
26761efaa7SDag-Erling Smørgrav #include <sys/types.h>
27761efaa7SDag-Erling Smørgrav #include <sys/stat.h>
28761efaa7SDag-Erling Smørgrav #include <errno.h>
29462c32cbSDag-Erling Smørgrav #include <fcntl.h>
30462c32cbSDag-Erling Smørgrav #include <limits.h>
31462c32cbSDag-Erling Smørgrav #include <stdio.h>
32462c32cbSDag-Erling Smørgrav #include <stdlib.h>
33462c32cbSDag-Erling Smørgrav #include <string.h>
34462c32cbSDag-Erling Smørgrav #include <ctype.h>
35761efaa7SDag-Erling Smørgrav #include <unistd.h>
36761efaa7SDag-Erling Smørgrav 
37*4d3fc8b0SEd Maste #ifdef mkstemp
38*4d3fc8b0SEd Maste #undef mkstemp
39*4d3fc8b0SEd Maste #endif
40*4d3fc8b0SEd Maste int mkstemp(char *);
41*4d3fc8b0SEd Maste 
42*4d3fc8b0SEd Maste /*
43*4d3fc8b0SEd Maste  * From glibc man page: 'In glibc versions 2.06 and earlier, the file is
44*4d3fc8b0SEd Maste  * created with permissions 0666, that is, read and write for all users.'
45*4d3fc8b0SEd Maste  * Provide a wrapper to make sure the mask is reasonable (POSIX requires
46*4d3fc8b0SEd Maste  * mode 0600, so mask off any other bits).
47*4d3fc8b0SEd Maste  */
48*4d3fc8b0SEd Maste int
_ssh_mkstemp(char * template)49*4d3fc8b0SEd Maste _ssh_mkstemp(char *template)
50*4d3fc8b0SEd Maste {
51*4d3fc8b0SEd Maste 	mode_t mask;
52*4d3fc8b0SEd Maste 	int ret;
53*4d3fc8b0SEd Maste 
54*4d3fc8b0SEd Maste 	mask = umask(0177);
55*4d3fc8b0SEd Maste 	ret = mkstemp(template);
56*4d3fc8b0SEd Maste 	(void)umask(mask);
57*4d3fc8b0SEd Maste 	return ret;
58*4d3fc8b0SEd Maste }
59*4d3fc8b0SEd Maste 
6019261079SEd Maste #if !defined(HAVE_MKDTEMP)
6183d2307dSDag-Erling Smørgrav 
62462c32cbSDag-Erling Smørgrav #define MKTEMP_NAME	0
63462c32cbSDag-Erling Smørgrav #define MKTEMP_FILE	1
64462c32cbSDag-Erling Smørgrav #define MKTEMP_DIR	2
6583d2307dSDag-Erling Smørgrav 
66462c32cbSDag-Erling Smørgrav #define TEMPCHARS	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
67462c32cbSDag-Erling Smørgrav #define NUM_CHARS	(sizeof(TEMPCHARS) - 1)
68462c32cbSDag-Erling Smørgrav 
69462c32cbSDag-Erling Smørgrav static int
mktemp_internal(char * path,int slen,int mode)70462c32cbSDag-Erling Smørgrav mktemp_internal(char *path, int slen, int mode)
7183d2307dSDag-Erling Smørgrav {
72462c32cbSDag-Erling Smørgrav 	char *start, *cp, *ep;
73462c32cbSDag-Erling Smørgrav 	const char *tempchars = TEMPCHARS;
74462c32cbSDag-Erling Smørgrav 	unsigned int r, tries;
75462c32cbSDag-Erling Smørgrav 	struct stat sb;
76462c32cbSDag-Erling Smørgrav 	size_t len;
7783d2307dSDag-Erling Smørgrav 	int fd;
7883d2307dSDag-Erling Smørgrav 
79462c32cbSDag-Erling Smørgrav 	len = strlen(path);
80462c32cbSDag-Erling Smørgrav 	if (len == 0 || slen < 0 || (size_t)slen >= len) {
81462c32cbSDag-Erling Smørgrav 		errno = EINVAL;
82462c32cbSDag-Erling Smørgrav 		return(-1);
8383d2307dSDag-Erling Smørgrav 	}
84462c32cbSDag-Erling Smørgrav 	ep = path + len - slen;
85462c32cbSDag-Erling Smørgrav 
86462c32cbSDag-Erling Smørgrav 	tries = 1;
87462c32cbSDag-Erling Smørgrav 	for (start = ep; start > path && start[-1] == 'X'; start--) {
88462c32cbSDag-Erling Smørgrav 		if (tries < INT_MAX / NUM_CHARS)
89462c32cbSDag-Erling Smørgrav 			tries *= NUM_CHARS;
90462c32cbSDag-Erling Smørgrav 	}
91462c32cbSDag-Erling Smørgrav 	tries *= 2;
92462c32cbSDag-Erling Smørgrav 
93462c32cbSDag-Erling Smørgrav 	do {
94462c32cbSDag-Erling Smørgrav 		for (cp = start; cp != ep; cp++) {
95462c32cbSDag-Erling Smørgrav 			r = arc4random_uniform(NUM_CHARS);
96462c32cbSDag-Erling Smørgrav 			*cp = tempchars[r];
97462c32cbSDag-Erling Smørgrav 		}
98462c32cbSDag-Erling Smørgrav 
99462c32cbSDag-Erling Smørgrav 		switch (mode) {
100462c32cbSDag-Erling Smørgrav 		case MKTEMP_NAME:
101462c32cbSDag-Erling Smørgrav 			if (lstat(path, &sb) != 0)
102462c32cbSDag-Erling Smørgrav 				return(errno == ENOENT ? 0 : -1);
103462c32cbSDag-Erling Smørgrav 			break;
104462c32cbSDag-Erling Smørgrav 		case MKTEMP_FILE:
105462c32cbSDag-Erling Smørgrav 			fd = open(path, O_CREAT|O_EXCL|O_RDWR, S_IRUSR|S_IWUSR);
106462c32cbSDag-Erling Smørgrav 			if (fd != -1 || errno != EEXIST)
107462c32cbSDag-Erling Smørgrav 				return(fd);
108462c32cbSDag-Erling Smørgrav 			break;
109462c32cbSDag-Erling Smørgrav 		case MKTEMP_DIR:
110462c32cbSDag-Erling Smørgrav 			if (mkdir(path, S_IRUSR|S_IWUSR|S_IXUSR) == 0)
111462c32cbSDag-Erling Smørgrav 				return(0);
112462c32cbSDag-Erling Smørgrav 			if (errno != EEXIST)
113462c32cbSDag-Erling Smørgrav 				return(-1);
114462c32cbSDag-Erling Smørgrav 			break;
115462c32cbSDag-Erling Smørgrav 		}
116462c32cbSDag-Erling Smørgrav 	} while (--tries);
117462c32cbSDag-Erling Smørgrav 
118462c32cbSDag-Erling Smørgrav 	errno = EEXIST;
119462c32cbSDag-Erling Smørgrav 	return(-1);
120462c32cbSDag-Erling Smørgrav }
121462c32cbSDag-Erling Smørgrav 
122462c32cbSDag-Erling Smørgrav #if 0
123462c32cbSDag-Erling Smørgrav char *_mktemp(char *);
124462c32cbSDag-Erling Smørgrav 
125462c32cbSDag-Erling Smørgrav char *
126462c32cbSDag-Erling Smørgrav _mktemp(char *path)
127462c32cbSDag-Erling Smørgrav {
128462c32cbSDag-Erling Smørgrav 	if (mktemp_internal(path, 0, MKTEMP_NAME) == -1)
129462c32cbSDag-Erling Smørgrav 		return(NULL);
130462c32cbSDag-Erling Smørgrav 	return(path);
131462c32cbSDag-Erling Smørgrav }
132462c32cbSDag-Erling Smørgrav 
133462c32cbSDag-Erling Smørgrav __warn_references(mktemp,
134462c32cbSDag-Erling Smørgrav     "warning: mktemp() possibly used unsafely; consider using mkstemp()");
135462c32cbSDag-Erling Smørgrav 
136462c32cbSDag-Erling Smørgrav char *
137462c32cbSDag-Erling Smørgrav mktemp(char *path)
138462c32cbSDag-Erling Smørgrav {
139462c32cbSDag-Erling Smørgrav 	return(_mktemp(path));
140462c32cbSDag-Erling Smørgrav }
141462c32cbSDag-Erling Smørgrav #endif
14283d2307dSDag-Erling Smørgrav 
14383d2307dSDag-Erling Smørgrav int
mkstemp(char * path)144021d409fSDag-Erling Smørgrav mkstemp(char *path)
14583d2307dSDag-Erling Smørgrav {
146462c32cbSDag-Erling Smørgrav 	return(mktemp_internal(path, 0, MKTEMP_FILE));
147462c32cbSDag-Erling Smørgrav }
14883d2307dSDag-Erling Smørgrav 
149462c32cbSDag-Erling Smørgrav int
mkstemps(char * path,int slen)150462c32cbSDag-Erling Smørgrav mkstemps(char *path, int slen)
151462c32cbSDag-Erling Smørgrav {
152462c32cbSDag-Erling Smørgrav 	return(mktemp_internal(path, slen, MKTEMP_FILE));
15383d2307dSDag-Erling Smørgrav }
15483d2307dSDag-Erling Smørgrav 
15583d2307dSDag-Erling Smørgrav char *
mkdtemp(char * path)156021d409fSDag-Erling Smørgrav mkdtemp(char *path)
15783d2307dSDag-Erling Smørgrav {
158462c32cbSDag-Erling Smørgrav 	int error;
15983d2307dSDag-Erling Smørgrav 
160462c32cbSDag-Erling Smørgrav 	error = mktemp_internal(path, 0, MKTEMP_DIR);
161462c32cbSDag-Erling Smørgrav 	return(error ? NULL : path);
16283d2307dSDag-Erling Smørgrav }
16383d2307dSDag-Erling Smørgrav 
16419261079SEd Maste #endif /* !defined(HAVE_MKDTEMP) */
165