Commit d1881acb authored by Jonathan Reams's avatar Jonathan Reams

Clean up after using randombytes from libsodium

When Curve authentication is used, libsodium opens a file
descriptor to /dev/urandom to generate random bytes. When
the ZMQ context terminates, it should ensure that file gets
closed.
parent 83c6bc20
...@@ -36,6 +36,14 @@ ...@@ -36,6 +36,14 @@
#include "err.hpp" #include "err.hpp"
#include "msg.hpp" #include "msg.hpp"
#ifdef HAVE_LIBSODIUM
#ifdef HAVE_TWEETNACL
#include "randombytes.h"
#else
#include "sodium.h"
#endif
#endif
#define ZMQ_CTX_TAG_VALUE_GOOD 0xabadcafe #define ZMQ_CTX_TAG_VALUE_GOOD 0xabadcafe
#define ZMQ_CTX_TAG_VALUE_BAD 0xdeadbeef #define ZMQ_CTX_TAG_VALUE_BAD 0xdeadbeef
...@@ -93,6 +101,12 @@ zmq::ctx_t::~ctx_t () ...@@ -93,6 +101,12 @@ zmq::ctx_t::~ctx_t ()
// corresponding io_thread/socket objects. // corresponding io_thread/socket objects.
free (slots); free (slots);
// If we've done any Curve encryption, we may have a file handle
// to /dev/urandom open that needs to be cleaned up.
#ifdef HAVE_LIBSODIUM
randombytes_close();
#endif
// Remove the tag, so that the object is considered dead. // Remove the tag, so that the object is considered dead.
tag = ZMQ_CTX_TAG_VALUE_BAD; tag = ZMQ_CTX_TAG_VALUE_BAD;
} }
......
...@@ -32,3 +32,13 @@ void randombytes(unsigned char *x,unsigned long long xlen) ...@@ -32,3 +32,13 @@ void randombytes(unsigned char *x,unsigned long long xlen)
xlen -= i; xlen -= i;
} }
} }
int randombytes_close(void)
{
int rc = -1;
if(fd != -1 && close(fd) == 0) {
fd = -1;
rc = 0;
}
return rc;
}
...@@ -12,6 +12,7 @@ extern "C" { ...@@ -12,6 +12,7 @@ extern "C" {
#endif #endif
extern void randombytes(unsigned char *,unsigned long long); extern void randombytes(unsigned char *,unsigned long long);
extern int randombytes_close(void);
#ifdef __cplusplus #ifdef __cplusplus
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment