_dbus_generate_random_bytes: use getrandom(2)

Use getrandom(2) and fall back to /dev/urandom if it is missing or if it
fails some any reason.

This solves problem where dbus-uuidgen is called from a chroot which
lacks /dev/urandom.

Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>

diff --git a/cmake/ConfigureChecks.cmake b/cmake/ConfigureChecks.cmake
index 3a1165f00f6505e322388e400bd731d21733e9e0..ac8e0e120945e49acf5af8756d94771a75dcbb58 100644 (file)
--- a/cmake/ConfigureChecks.cmake
+++ b/cmake/ConfigureChecks.cmake
@@ -28,6 +28,7 @@ check_include_file(strings.h     HAVE_STRINGS_H)
 check_include_file(syslog.h     HAVE_SYSLOG_H)
 check_include_files("stdint.h;sys/types.h;sys/event.h" HAVE_SYS_EVENT_H)
 check_include_file(sys/inotify.h     HAVE_SYS_INOTIFY_H)
+check_include_file(sys/random.h     HAVE_SYS_RANDOM_H)
 check_include_file(sys/resource.h     HAVE_SYS_RESOURCE_H)
 check_include_file(sys/stat.h     HAVE_SYS_STAT_H)
 check_include_file(sys/types.h     HAVE_SYS_TYPES_H)
@@ -64,6 +65,7 @@ check_symbol_exists(inotify_init1 "sys/inotify.h"           HAVE_INOTIFY_INIT1)
 check_symbol_exists(SCM_RIGHTS    "sys/types.h;sys/socket.h;sys/un.h" HAVE_UNIX_FD_PASSING)
 check_symbol_exists(prctl        "sys/prctl.h"              HAVE_PRCTL)
 check_symbol_exists(raise        "signal.h"                 HAVE_RAISE)
+check_symbol_exists(getrandom    "sys/random.h"             HAVE_GETRANDOM)
 check_symbol_exists(getrlimit    "sys/resource.h;sys/time.h" HAVE_GETRLIMIT)
 check_symbol_exists(prlimit      "sys/resource.h;sys/time.h" HAVE_PRLIMIT)
 check_symbol_exists(setrlimit    "sys/resource.h;sys/time.h" HAVE_SETRLIMIT)

diff --git a/cmake/config.h.cmake b/cmake/config.h.cmake
index 2f9f5413e2f7de4cc9a761502045335cc7e11f77..b76890e8e543054c164f06f88bb6760ef9a82514 100644 (file)
--- a/cmake/config.h.cmake
+++ b/cmake/config.h.cmake
@@ -135,6 +135,7 @@
 #cmakedefine HAVE_SYS_EVENTS_H 1
 #cmakedefine HAVE_SYS_INOTIFY_H 1
 #cmakedefine HAVE_SYS_PRCTL_H 1
+#cmakedefine HAVE_SYS_RANDOM_H 1
 #cmakedefine HAVE_SYS_RESOURCE_H 1
 #cmakedefine HAVE_SYS_STAT_H 1
 
@@ -218,6 +219,7 @@
 #cmakedefine HAVE_DDFD 1
 
 #cmakedefine HAVE_INOTIFY_INIT1 1
+#cmakedefine HAVE_GETRANDOM 1
 #cmakedefine HAVE_GETRLIMIT 1
 #cmakedefine HAVE_PRCTL 1
 #cmakedefine HAVE_PRLIMIT 1

diff --git a/configure.ac b/configure.ac
index ec208beff3716ba521636e3423aa578298bbe603..709a46b22f565f0e1dd1f075d59f7338958093b0 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -386,6 +386,7 @@ fpathconf
 getgrouplist
 getpeereid
 getpeerucred
+getrandom
 getresuid
 getrlimit
 inotify_init1
@@ -421,6 +422,7 @@ locale.h
 signal.h
 stdint.h
 sys/prctl.h
+sys/random.h
 sys/resource.h
 sys/syslimits.h
 sys/time.h

diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
index 71e5d86dc1aa77b84ff1e58c3520b08f9fc5992a..5fa165ea8f260a4b5e8f596757eba73cc9370ed0 100644 (file)
--- a/dbus/dbus-sysdeps-unix.c
+++ b/dbus/dbus-sysdeps-unix.c
@@ -80,6 +80,9 @@
 #ifdef HAVE_ALLOCA_H
 #include <alloca.h>
 #endif
+#ifdef HAVE_SYS_RANDOM_H
+#include <sys/random.h>
+#endif
 
 #ifdef HAVE_ADT
 #include <bsm/adt.h>
@@ -3385,12 +3388,26 @@ _dbus_generate_random_bytes (DBusString *str,
                              int         n_bytes,
                              DBusError  *error)
 {
-  int old_len;
+  int old_len = _dbus_string_get_length (str);
   int fd;
   int result;
+#ifdef HAVE_GETRANDOM
+  char *buffer;
+
+  if (!_dbus_string_lengthen (str, n_bytes))
+    {
+      _DBUS_SET_OOM (error);
+      return FALSE;
+    }
+
+  buffer = _dbus_string_get_data_len (str, old_len, n_bytes);
+  result = getrandom (buffer, n_bytes, GRND_NONBLOCK);
 
-  old_len = _dbus_string_get_length (str);
-  fd = -1;
+  if (result == n_bytes)
+    return TRUE;
+
+  _dbus_string_set_length (str, old_len);
+#endif
 
   /* note, urandom on linux will fall back to pseudorandom */
   fd = open ("/dev/urandom", O_RDONLY);

diff --git a/tools/ci-build.sh b/tools/ci-build.sh
index 2f9d89b8aec5fac4cd8bbf8cedbe4355481b33d2..c31eddf9e133e3b21b5b78373105546f5781aae0 100755 (executable)
--- a/tools/ci-build.sh
+++ b/tools/ci-build.sh
@@ -205,6 +205,8 @@ case "$ci_buildsys" in
                 # armel, is one architecture that really
                 # doesn't have them)
                 set "$@" dbus_cv_sync_sub_and_fetch=no
+               # Disable getrandom syscall
+                set "$@" ac_cv_func_getrandom=no
                 # No epoll, kqueue or poll (we will fall back
                 # to select, even on Unix where we would
                 # usually at least have poll)