Attachment 730212 Details for Bug 1025068

[patch] Additional patch for openSUSE 42.2 with using drop-in replacements for getentropy()

U_Use-getentropy-if-arc4random_buf-is-not-available.patch.addon.gerstner (text/plain), 2.63 KB, created by Stefan Dirsch on 2017-06-26 13:57:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Stefan Dirsch

Created: 2017-06-26 13:57:37 UTC

Size: 2.63 KB

patch

obsolete

>--- libICE-1.0.9.old/src/iceauth.c	2017-06-26 12:26:00.195960007 +0000
>+++ libICE-1.0.9/src/iceauth.c	2017-06-26 12:30:38.053404223 +0000
>@@ -78,6 +78,124 @@ emulate_getrandom_buf (
>     }
> }
> 
>+#ifndef _GNU_SOURCE
>+#define _GNU_SOURCE // needed on SLE11 for O_CLOEXEC
>+#endif
>+#include <sys/types.h>
>+#include <sys/stat.h>
>+#include <fcntl.h>
>+#include <errno.h>
>+#include <linux/random.h>
>+#include <sys/syscall.h>
>+
>+int getentropy_urandom(void *buffer, size_t length)
>+{
>+	int random_fd = -1;
>+	ssize_t res = -1;
>+	size_t filled = 0;
>+
>+	if( length > 256 )
>+	{
>+		errno = EIO;
>+		return -1;
>+	}
>+
>+	random_fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
>+
>+	if( random_fd == -1 )
>+	{
>+		return -1;
>+	}
>+
>+	while( filled < length )
>+	{
>+		res = read(random_fd, (char*)buffer + filled, length - filled);
>+
>+		if( res == -1 )
>+		{
>+			// shouldn't actually happen acc. to man(4) random,
>+			// but you never know
>+			if( errno == EINTR )
>+				continue;
>+
>+			return -1;
>+		}
>+		else if( res == 0 )
>+		{
>+			// no more bytes available? should not happen
>+			errno = EIO;
>+			return -1;
>+		}
>+
>+		filled += res;
>+	}
>+
>+	return 0;
>+}
>+
>+int getentropy_getrandom(void *buffer, size_t length)
>+{
>+	int res;
>+	size_t filled = 0;
>+
>+	if( length > 256 )
>+	{
>+		errno = EIO;
>+		return -1;
>+	}
>+
>+	while( filled < length )
>+	{
>+#ifdef SYS_getrandom
>+		/*
>+		 * glibc does not contain a syscall wrapper for this in older
>+		 * versions
>+		 */
>+		res = syscall(SYS_getrandom, (char*)buffer + filled, length - filled, 0);
>+#else
>+#	warning no getrandom
>+		errno = ENOSYS;
>+		return -1;
>+#endif // SYS_getrandom
>+
>+		if( res == -1 )
>+		{
>+			if( errno == EINTR )
>+				continue;
>+
>+			return -1;
>+		}
>+		else if( res == 0 )
>+		{
>+			// no more bytes available? should not happen
>+			errno = EIO;
>+			return -1;
>+		}
>+
>+		filled += res;
>+	}
>+
>+	return 0;
>+}
>+
>+int getentropy_emulate(void *buffer, size_t length)
>+{
>+	/*
>+	 * check at runtime whether we have a getrandom system call available,
>+	 * otherwise fall back to urandom approach. autoconf check for
>+	 * getrandom() does not work, because there's been no declaration for
>+	 * it for years.
>+	 */
>+	int res = getentropy_getrandom(buffer, length);
>+
>+	if( res == -1 && errno == ENOSYS )
>+	{
>+		return getentropy_urandom(buffer, length);
>+	}
>+
>+	return res;
>+}
>+
> static void
> arc4random_buf (
> 	char *auth,
>@@ -89,9 +207,11 @@ arc4random_buf (
> #if HAVE_GETENTROPY
>     /* weak emulation of arc4random through the entropy libc */
>     ret = getentropy (auth, len);
>+#else
>+    ret = getentropy_emulate (auth, len);
>+#endif /* HAVE_GETENTROPY */
>     if (ret == 0)
> 	return;
>-#endif /* HAVE_GETENTROPY */
> 
>     emulate_getrandom_buf (auth, len);
> }

Actions: View | Diff

Attachments on bug 1025068: 715740 | 715748 | 729646 | 729648 | 729649 | 729681 | 729683 | 730002 | 730193 | 730205 | 730212 | 730213 | 730361 | 730982 | 731944