oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(scrub_file): new function

Browse Source 
(erase_file): re-write, use scrub_file


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8221 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2000-05-13 20:23:49 +00:00
parent 64175ac51c
commit 01dbf026d8
1 changed files with 47 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
lib/krb5/fcache.c
View File

@@ -87,12 +87,41 @@ fcc_resolve(krb5_context context, krb5_ccache *id, const char *res)
* Try to scrub the contents of `filename' safely. * Try to scrub the contents of `filename' safely.
*/ */
static int
scrub_file (int fd)
{
off_t pos;
char buf[128];
pos = lseek(fd, 0, SEEK_END);
if (pos < 0)
return errno;
pos = lseek(fd, 0, SEEK_SET);
if (pos < 0)
return errno;
memset(buf, 0, sizeof(buf));
while(pos > 0) {
ssize_t tmp = write(fd, buf, min(sizeof(buf), pos));
if (tmp < 0)
return errno;
pos -= tmp;
}
fsync (fd);
return 0;
}
/*
* Erase `filename' if it exists, trying to remove the contents if
* it's `safe'. We always try to remove the file, it it exists. It's
* only overwritten if it's a regular file (not a symlink and not a
* hardlink)
*/
static krb5_error_code static krb5_error_code
erase_file(const char *filename) erase_file(const char *filename)
{ {
int fd; int fd;
off_t pos;
char buf[128];
struct stat sb1, sb2; struct stat sb1, sb2;
int ret; int ret;
@@ -107,32 +136,34 @@ erase_file(const char *filename)
else else
return errno; return errno;
} }
if (unlink(filename) < 0) {
close (fd);
return errno;
}
ret = fstat (fd, &sb2); ret = fstat (fd, &sb2);
if (ret < 0) { if (ret < 0) {
close (fd); close (fd);
return errno; return errno;
} }
/* someone was playing with symlinks */ /* check if someone was playing with symlinks */
if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) { if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) {
close (fd); close (fd);
return EPERM; return EPERM;
} }
/* XXX - uid checks? */ /* there are still hard links to this file */
pos = lseek(fd, 0, SEEK_END); if (sb2.st_nlink != 0) {
lseek(fd, 0, SEEK_SET); close (fd);
memset(buf, 0, sizeof(buf)); return 0;
while(pos > 0) }
pos -= write(fd, buf, sizeof(buf));
close(fd); ret = scrub_file (fd);
#ifdef HAVE_REVOKE close (fd);
revoke(filename); return ret;
#endif
unlink(filename);
return 0;
} }
static krb5_error_code static krb5_error_code
@@ -144,7 +175,7 @@ fcc_gen_new(krb5_context context, krb5_ccache *id)
f = malloc(sizeof(*f)); f = malloc(sizeof(*f));
if(f == NULL) if(f == NULL)
return KRB5_CC_NOMEM; return KRB5_CC_NOMEM;
asprintf(&file, "/tmp/krb5cc_XXXXXX"); /* XXX */ file = strdup (KRB5_DEFAULT_CCFILE_ROOT);
if(file == NULL) { if(file == NULL) {
free(f); free(f);
return KRB5_CC_NOMEM; return KRB5_CC_NOMEM;