diff --git a/Makefile b/Makefile index 59b0f28..16273a1 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,9 @@ -# Set to 'yes' to include debugging informations, e.g. DEBUG=yes make -e +# Set to 'yes' to include debugging information, e.g. DEBUG=yes make -e DEBUG := no +PREFIX ?= /usr +LIBDIR ?= lib + # compiler/linker options CC := gcc CFLAGS := $(CFLAGS) -Wall -fPIC `pkg-config --cflags libxml-2.0` \ @@ -25,7 +28,7 @@ PAM_USB_SRCS := src/pam.c PAM_USB_OBJS := $(PAM_USB_SRCS:.c=.o) PAM_USB := pam_usb.so PAM_USB_LDFLAGS := -shared -PAM_USB_DEST := $(DESTDIR)/lib/security +PAM_USB_DEST := $(DESTDIR)/$(LIBDIR)/security # pamusb-check PAMUSB_CHECK_SRCS := src/pamusb-check.c @@ -35,7 +38,7 @@ PAMUSB_CHECK := pamusb-check # Tools PAMUSB_CONF := pamusb-conf PAMUSB_AGENT := pamusb-agent -TOOLS_DEST := $(DESTDIR)/usr/bin +TOOLS_DEST := $(DESTDIR)$(PREFIX)/bin TOOLS_SRC := tools # Conf @@ -44,11 +47,11 @@ CONFS_DEST := $(DESTDIR)/etc # Doc DOCS := doc/CONFIGURATION.md -DOCS_DEST := $(DESTDIR)/usr/share/doc/pamusb +DOCS_DEST := $(DESTDIR)$(PREFIX)/share/doc/pamusb # Man MANS := doc/pamusb-conf.1.gz doc/pamusb-agent.1.gz doc/pamusb-check.1.gz -MANS_DEST := $(DESTDIR)/usr/share/man/man1 +MANS_DEST := $(DESTDIR)$(PREFIX)/share/man/man1 # Binaries RM := rm diff --git a/src/conf.h b/src/conf.h index 07a8810..c43f598 100644 --- a/src/conf.h +++ b/src/conf.h @@ -23,7 +23,9 @@ # define CONF_SERVICE_XPATH "//configuration/services/service[@id='%s']/%s" # define CONF_USER_MAXLEN 32 # include +#ifdef __linux__ # include +#endif # include # ifndef PATH_MAX # define PATH_MAX 4096 diff --git a/src/pad.c b/src/pad.c index 3074364..1137322 100644 --- a/src/pad.c +++ b/src/pad.c @@ -22,6 +22,7 @@ #include #include #include +#include #include #include #include "conf.h" @@ -73,7 +74,7 @@ static FILE *pusb_pad_open_system(t_pusb_options *opts, if (!(user_ent = getpwnam(user)) || !(user_ent->pw_dir)) { - log_error("Unable to retrieve informations for user \"%s\": %s\n", + log_error("Unable to retrieve information for user \"%s\": %s\n", strerror(errno)); return (0); } @@ -111,7 +112,7 @@ static int pusb_pad_protect(const char *user, int fd) log_debug("Protecting pad file...\n"); if (!(user_ent = getpwnam(user))) { - log_error("Unable to retrieve informations for user \"%s\": %s\n", + log_error("Unable to retrieve information for user \"%s\": %s\n", strerror(errno)); return (0); } @@ -181,6 +182,8 @@ static void pusb_pad_update(t_pusb_options *opts, FILE *f_system = NULL; char magic[1024]; int i; + unsigned int seed; + int devrandom; if (!pusb_pad_should_update(opts, user)) return ; @@ -201,7 +204,14 @@ static void pusb_pad_update(t_pusb_options *opts, pusb_pad_protect(user, fileno(f_system)); log_debug("Generating %d bytes unique pad...\n", sizeof(magic)); - srand(getpid() * time(NULL)); + devrandom = open("/dev/random", O_RDONLY); + if (devrandom < 0 || read(devrandom, &seed, sizeof seed) != sizeof seed) { + log_debug("/dev/random seeding failed...\n"); + seed = getpid() * time(NULL); /* low-entropy fallback */ + } + if (devrandom > 0) + close(devrandom); + srand(seed); for (i = 0; i < sizeof(magic); ++i) magic[i] = (char)rand(); log_debug("Writing pad to the device...\n"); diff --git a/src/volume.c b/src/volume.c index d54ee72..1b8fe86 100644 --- a/src/volume.c +++ b/src/volume.c @@ -21,7 +21,9 @@ #include #include #include +#ifndef __GNU__ #include +#endif #include "mem.h" #include "conf.h" #include "log.h"