refactor exits in mutt_randbuf()

Move the exit()s so we can call it during startup.

diff --git a/main.c b/main.c
index 7a57cb86b637aab684db90da7e25d0e0386657b5..29e87a9956edcbb6079e05268755284e5542906d 100644 (file)
--- a/main.c
+++ b/main.c
@@ -285,7 +285,11 @@ int main(int argc, char **argv, char **env)
 
   mutt_message = mutt_error; /* send messages to stderr, too */
   mutt_perror = mutt_perror_debug;
-  (void) mutt_rand32();
+
+  int out = 0;
+  if (mutt_randbuf(&out, sizeof(out)) < 0)
+    goto main_exit;
+
   umask(077);
 
   /* Init envlist */

diff --git a/muttlib.c b/muttlib.c
index 17fe3a3cd17f58bb2515333127a255d7efbf5e10..f1a476cd7da0a665dc5b08599246cdd8e6d8cc4d 100644 (file)
--- a/muttlib.c
+++ b/muttlib.c
@@ -402,12 +402,12 @@ bool mutt_is_text_part(struct Body *b)
 
 static FILE *frandom;
 
-static void mutt_randbuf(void *out, size_t len)
+int mutt_randbuf(void *out, size_t len)
 {
   if (len > 1048576)
   {
     mutt_error(_("mutt_randbuf len=%zu"), len);
-    mutt_exit(1);
+    return -1;
   }
 /* XXX switch to HAVE_GETRANDOM and getrandom() in about 2017 */
 #if defined(SYS_getrandom) && defined(__linux__)
@@ -417,25 +417,27 @@ static void mutt_randbuf(void *out, size_t len)
     ret = syscall(SYS_getrandom, out, len, 0, 0, 0, 0);
   } while ((ret == -1) && (errno == EINTR));
   if (ret == len)
-    return;
-/* let's try urandom in case we're on an old kernel, or the user has
-   * configured selinux, seccomp or something to not allow getrandom */
+    return 0;
 #endif
+  /* let's try urandom in case we're on an old kernel, or the user has
+   * configured selinux, seccomp or something to not allow getrandom */
   if (!frandom)
   {
     frandom = fopen("/dev/urandom", "rb");
     if (!frandom)
     {
       mutt_error(_("open /dev/urandom: %s"), strerror(errno));
-      mutt_exit(1);
+      return -1;
     }
     setbuf(frandom, NULL);
   }
   if (fread(out, 1, len, frandom) != len)
   {
     mutt_error(_("read /dev/urandom: %s"), strerror(errno));
-    mutt_exit(1);
+    return -1;
   }
+
+  return 0;
 }
 
 static const unsigned char base32[] = "abcdefghijklmnopqrstuvwxyz234567";
@@ -444,24 +446,27 @@ void mutt_rand_base32(void *out, size_t len)
 {
   uint8_t *p = out;
 
-  mutt_randbuf(p, len);
+  if (mutt_randbuf(p, len) < 0)
+    mutt_exit(1);
   for (size_t pos = 0; pos < len; pos++)
     p[pos] = base32[p[pos] % 32];
 }
 
 uint32_t mutt_rand32(void)
 {
-  uint32_t ret;
+  uint32_t ret = 0;
 
-  mutt_randbuf(&ret, sizeof(ret));
+  if (mutt_randbuf(&ret, sizeof(ret)) < 0)
+    mutt_exit(1);
   return ret;
 }
 
 uint64_t mutt_rand64(void)
 {
-  uint64_t ret;
+  uint64_t ret = 0;
 
-  mutt_randbuf(&ret, sizeof(ret));
+  if (mutt_randbuf(&ret, sizeof(ret)) < 0)
+    mutt_exit(1);
   return ret;
 }
 

diff --git a/protos.h b/protos.h
index 52b6a309351d5ba68df20cda770f1dc0e17e9090..7b2bff0650987e610c649f5e3c33c47e2636a44e 100644 (file)
--- a/protos.h
+++ b/protos.h
@@ -345,6 +345,7 @@ size_t mutt_realpath(char *buf);
 void mutt_rand_base32(void *out, size_t len);
 uint32_t mutt_rand32(void);
 uint64_t mutt_rand64(void);
+int mutt_randbuf(void *out, size_t len);
 
 struct Address *alias_reverse_lookup(struct Address *a);