diff options
Diffstat (limited to 'bin/ykfde.c')
-rw-r--r-- | bin/ykfde.c | 41 |
1 files changed, 30 insertions, 11 deletions
diff --git a/bin/ykfde.c b/bin/ykfde.c index 9cbf01c..682e05c 100644 --- a/bin/ykfde.c +++ b/bin/ykfde.c @@ -1,13 +1,23 @@ /* - * (C) 2014-2019 by Christian Hesse <mail@eworm.de> + * (C) 2014-2024 by Christian Hesse <mail@eworm.de> * - * This software may be used and distributed according to the terms - * of the GNU General Public License, incorporated herein by reference. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. * - * compile with: - * $ gcc -o ykfde ykfde.c -lcryptsetup -liniparser -lkeyutils -lykpers-1 -lyubikey */ +#define _GNU_SOURCE + #include <fcntl.h> #include <getopt.h> #include <stdio.h> @@ -294,7 +304,7 @@ int main(int argc, char **argv) { We generate an array of unsigned int, the use modulo to limit to printable ASCII characters (32 to 127). */ if ((len = getrandom(challenge_int, CHALLENGELEN * sizeof(unsigned int), GRND_RANDOM|GRND_NONBLOCK)) != CHALLENGELEN * sizeof(unsigned int)) - getrandom((void *)((size_t)challenge_int + len), CHALLENGELEN * sizeof(unsigned int) - len, 0); + len += getrandom((void *)((size_t)challenge_int + len), CHALLENGELEN * sizeof(unsigned int) - len, 0); for (i = 0; i < CHALLENGELEN; i++) challenge_new[i] = (challenge_int[i] % (127 - 32)) + 32; @@ -312,6 +322,10 @@ int main(int argc, char **argv) { fprintf(stderr, "Failed to write challenge to file.\n"); goto out50; } + if (fsync(challengefiletmp) < 0) { + fprintf(stderr, "Failed to sync file to disk.\n"); + goto out50; + } challengefiletmp = close(challengefiletmp); /* now that the new challenge has been written to file... @@ -383,7 +397,12 @@ int main(int argc, char **argv) { goto out60; } - if (unlink(challengefilename) < 0) { + if (renameat2(AT_FDCWD, challengefiletmpname, AT_FDCWD, challengefilename, RENAME_EXCHANGE) < 0) { + fprintf(stderr, "Failed to rename (exchange) challenge files.\n"); + goto out60; + } + + if (unlink(challengefiletmpname) < 0) { fprintf(stderr, "Failed to delete old challenge file.\n"); goto out60; } @@ -397,11 +416,11 @@ int main(int argc, char **argv) { fprintf(stderr, "Could not add passphrase for key slot %d.\n", luks_slot); goto out60; } - } - if (rename(challengefiletmpname, challengefilename) < 0) { - fprintf(stderr, "Failed to rename new challenge file.\n"); - goto out60; + if (rename(challengefiletmpname, challengefilename) < 0) { + fprintf(stderr, "Failed to rename new challenge file.\n"); + goto out60; + } } sd_notify(0, "READY=1\nSTATUS=All done."); |