<div dir="ltr"><br><br><div class="gmail_quote"><div dir="ltr">On Fri, Dec 7, 2018 at 7:41 AM Rob Landley <<a href="mailto:rob@landley.net">rob@landley.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 12/6/18 10:52 AM, enh via Toybox wrote:<br>
> We can't reuse the password.c code for random ASCII salts because that<br>
> allows '/' (plus it seems to generate sequences of trailing '.'s for<br>
> some reason). Do the simplest thing that could possibly work instead.<br>
<br>
I need a week sometime to properly put the user account management stuff into<br>
mkroot and get it all promoted.<br>
<br>
Part of the reason it's further down my todo list is it's no use to Android<br>
because PIDs mean something else there and login data would go in your version<br>
of the registry instead of being unix-style text files anyway...<br>
<br>
> ---<br>
> tests/mktemp.test | 6 ++++++<br>
> toys/lsb/mktemp.c | 34 ++++++++++++++++++++++++++++------<br>
> 2 files changed, 34 insertions(+), 6 deletions(-)<br>
> <br>
> diff --git a/tests/mktemp.test b/tests/mktemp.test<br>
> index ee023d6b..0c235469 100755<br>
> --- a/tests/mktemp.test<br>
> +++ b/tests/mktemp.test<br>
> @@ -37,3 +37,9 @@ testing "-p DIR -t TEMPLATE but no TMPDIR" "TMPDIR=<br>
> mktemp -u -p DIR -t hello.XX<br>
> <br>
> # mktemp -u doesn't need to be able to write to the directory.<br>
> testing "-u" "mktemp -u -p /proc | grep -q '^/proc/tmp\...........$'<br>
> && echo yes" "yes\n" "" ""<br>
> +<br>
> +# mktemp needs at least XX in the template.<br>
> +testing "bad template" "mktemp -u helloX || echo error" "error\n" "" ""<br>
<br>
The one on ubuntu 14.04 required three XXX, so that's what I checked for...<br></blockquote><div><br></div><div>yeah, they seem to have relaxed that to just XX in newer versions, but i don't think it matters.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
> +# mktemp -q shouldn't print the path.<br>
> +testing "-q" "mktemp -p /proc -q || echo only-failure" "only-failure\n" "" ""<br>
> diff --git a/toys/lsb/mktemp.c b/toys/lsb/mktemp.c<br>
> index 57d1d118..55ab1aff 100644<br>
> --- a/toys/lsb/mktemp.c<br>
> +++ b/toys/lsb/mktemp.c<br>
> @@ -37,6 +37,8 @@ void mktemp_main(void)<br>
> int template_dir = template && !!strchr(template, '/');<br>
> int flags_dir = (toys.optflags & (FLAG_p|FLAG_t));<br>
> int use_dir = flags_dir && !template_dir;<br>
> + char *s, *e;<br>
> + int len;<br>
> <br>
> if (template_dir && flags_dir) error_exit("conflicting directories given");<br>
> <br>
> @@ -61,12 +63,32 @@ void mktemp_main(void)<br>
> // TODO: coreutils cleans paths, so -p /t/// would result in /t/xxx...<br>
> template = use_dir ? xmprintf("%s/%s", TT.p, template) : xstrdup(template);<br>
> <br>
> - if (toys.optflags & FLAG_u) {<br>
> - template = mktemp(template);<br>
> - } else if (toys.optflags & FLAG_d ? !mkdtemp(template) :<br>
> mkstemp(template) == -1) {<br>
> - if (toys.optflags & FLAG_q) toys.exitval = 1;<br>
> - else perror_exit("Failed to create %s %s/%s",<br>
> - toys.optflags & FLAG_d ? "directory" : "file", TT.p, template);<br>
> + // Point `s` and `e` to the start and end of the last region of XXXXXXes.<br>
> + s = e = strrchr(template, 'X');<br>
> + if (!e || e == template || *(e-1) != 'X') error_exit("need XX in template");<br>
> + while (s >= template && *(s-1) == 'X') --s;<br>
> + len = (e-s+1);<br>
> +<br>
> + while (1) {<br>
> + struct stat sb;<br>
> + int i;<br>
> +<br>
> + xgetrandom(toybuf, len, 0);<br>
> + for (i = 0; i < len; ++i) {<br>
> + // mktemp randomness is only from "A-Za-z0-9".<br>
> + s[i] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"<br>
> + "abcdefghijklmnopqrstuvwxyz"<br>
> + "0123456789"[toybuf[i] % (26*2+10)];<br>
> + }<br>
<br>
I wanted to avoid a "long long" division on 32 bit systems pulling in the<br>
function unnecessarily, and you only need 2 more chars for 64, and the "posix<br>
portable file character set" thing has 3 more (- . and _).<br>
<br>
> + if ((FLAG(u) && lstat(template, &sb) == -1 && errno == ENOENT) ||<br>
> + (FLAG(d) && mkdir(template, 0700) != -1) ||<br>
> + (open(template, O_CREAT|O_CLOEXEC, 0500) != -1)) break;<br>
> + if (errno == EEXIST) continue;<br>
> + if (FLAG(q)) {<br>
> + toys.exitval = 1;<br>
> + return;<br>
> + } else perror_exit("%s", template);<br>
<br>
I didn't see this until just now (see "list mass unsubscribe again"), but I'll<br>
try to take a proper look this weekend and see what I missed.<br></blockquote><div><br></div><div>i think you missed an entire change? toybox ToT doesn't currently build. mktemp assumes that xgetrandom returns bool and has a new WARN_ONLY flag, but xgetrandom is void and doesn't have a special case for both getrandom and /dev not being available...</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Rob<br>
</blockquote></div></div>