From e4e96fe77fb3af4793f0b814344c9d3cc8db371a Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Wed, 25 Nov 2020 09:02:22 +0100
Subject: exchange challenge files

This makes sure that the challenge file is never non-existent.
---
 bin/ykfde.c | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/bin/ykfde.c b/bin/ykfde.c
index 8a766e5..77bb363 100644
--- a/bin/ykfde.c
+++ b/bin/ykfde.c
@@ -8,6 +8,8 @@
  * $ gcc -o ykfde ykfde.c -lcryptsetup -liniparser -lkeyutils -lykpers-1 -lyubikey
  */
 
+#define _GNU_SOURCE
+
 #include <fcntl.h>
 #include <getopt.h>
 #include <stdio.h>
@@ -387,7 +389,12 @@ int main(int argc, char **argv) {
 			goto out60;
 		}
 
-		if (unlink(challengefilename) < 0) {
+		if (renameat2(AT_FDCWD, challengefiletmpname, AT_FDCWD, challengefilename, RENAME_EXCHANGE) < 0) {
+			fprintf(stderr, "Failed to rename (exchange) challenge files.\n");
+			goto out60;
+		}
+
+		if (unlink(challengefiletmpname) < 0) {
 			fprintf(stderr, "Failed to delete old challenge file.\n");
 			goto out60;
 		}
@@ -401,11 +408,11 @@ int main(int argc, char **argv) {
 			fprintf(stderr, "Could not add passphrase for key slot %d.\n", luks_slot);
 			goto out60;
 		}
-	}
 
-	if (rename(challengefiletmpname, challengefilename) < 0) {
-		fprintf(stderr, "Failed to rename new challenge file.\n");
-		goto out60;
+		if (rename(challengefiletmpname, challengefilename) < 0) {
+			fprintf(stderr, "Failed to rename new challenge file.\n");
+			goto out60;
+		}
 	}
 
 	sd_notify(0, "READY=1\nSTATUS=All done.");
-- 
cgit v1.2.3-54-g00ecf