From: Natanael Copa Date: Tue, 24 Mar 2020 10:31:41 +0000 (+0100) Subject: _dbus_generate_random_bytes: use getrandom(2) X-Git-Tag: dbus-1.13.14~6^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6d92e8e9833c594d33f5197293f38f7077117e31;p=thirdparty%2Fdbus.git _dbus_generate_random_bytes: use getrandom(2) Use getrandom(2) and fall back to /dev/urandom if it is missing or if it fails some any reason. This solves problem where dbus-uuidgen is called from a chroot which lacks /dev/urandom. Signed-off-by: Natanael Copa --- diff --git a/cmake/ConfigureChecks.cmake b/cmake/ConfigureChecks.cmake index 3a1165f00..ac8e0e120 100644 --- a/cmake/ConfigureChecks.cmake +++ b/cmake/ConfigureChecks.cmake @@ -28,6 +28,7 @@ check_include_file(strings.h HAVE_STRINGS_H) check_include_file(syslog.h HAVE_SYSLOG_H) check_include_files("stdint.h;sys/types.h;sys/event.h" HAVE_SYS_EVENT_H) check_include_file(sys/inotify.h HAVE_SYS_INOTIFY_H) +check_include_file(sys/random.h HAVE_SYS_RANDOM_H) check_include_file(sys/resource.h HAVE_SYS_RESOURCE_H) check_include_file(sys/stat.h HAVE_SYS_STAT_H) check_include_file(sys/types.h HAVE_SYS_TYPES_H) @@ -64,6 +65,7 @@ check_symbol_exists(inotify_init1 "sys/inotify.h" HAVE_INOTIFY_INIT1) check_symbol_exists(SCM_RIGHTS "sys/types.h;sys/socket.h;sys/un.h" HAVE_UNIX_FD_PASSING) check_symbol_exists(prctl "sys/prctl.h" HAVE_PRCTL) check_symbol_exists(raise "signal.h" HAVE_RAISE) +check_symbol_exists(getrandom "sys/random.h" HAVE_GETRANDOM) check_symbol_exists(getrlimit "sys/resource.h;sys/time.h" HAVE_GETRLIMIT) check_symbol_exists(prlimit "sys/resource.h;sys/time.h" HAVE_PRLIMIT) check_symbol_exists(setrlimit "sys/resource.h;sys/time.h" HAVE_SETRLIMIT) diff --git a/cmake/config.h.cmake b/cmake/config.h.cmake index 2f9f5413e..b76890e8e 100644 --- a/cmake/config.h.cmake +++ b/cmake/config.h.cmake @@ -135,6 +135,7 @@ #cmakedefine HAVE_SYS_EVENTS_H 1 #cmakedefine HAVE_SYS_INOTIFY_H 1 #cmakedefine HAVE_SYS_PRCTL_H 1 +#cmakedefine HAVE_SYS_RANDOM_H 1 #cmakedefine HAVE_SYS_RESOURCE_H 1 #cmakedefine HAVE_SYS_STAT_H 1 @@ -218,6 +219,7 @@ #cmakedefine HAVE_DDFD 1 #cmakedefine HAVE_INOTIFY_INIT1 1 +#cmakedefine HAVE_GETRANDOM 1 #cmakedefine HAVE_GETRLIMIT 1 #cmakedefine HAVE_PRCTL 1 #cmakedefine HAVE_PRLIMIT 1 diff --git a/configure.ac b/configure.ac index ec208beff..709a46b22 100644 --- a/configure.ac +++ b/configure.ac @@ -386,6 +386,7 @@ fpathconf getgrouplist getpeereid getpeerucred +getrandom getresuid getrlimit inotify_init1 @@ -421,6 +422,7 @@ locale.h signal.h stdint.h sys/prctl.h +sys/random.h sys/resource.h sys/syslimits.h sys/time.h diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 71e5d86dc..5fa165ea8 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -80,6 +80,9 @@ #ifdef HAVE_ALLOCA_H #include #endif +#ifdef HAVE_SYS_RANDOM_H +#include +#endif #ifdef HAVE_ADT #include @@ -3385,12 +3388,26 @@ _dbus_generate_random_bytes (DBusString *str, int n_bytes, DBusError *error) { - int old_len; + int old_len = _dbus_string_get_length (str); int fd; int result; +#ifdef HAVE_GETRANDOM + char *buffer; + + if (!_dbus_string_lengthen (str, n_bytes)) + { + _DBUS_SET_OOM (error); + return FALSE; + } + + buffer = _dbus_string_get_data_len (str, old_len, n_bytes); + result = getrandom (buffer, n_bytes, GRND_NONBLOCK); - old_len = _dbus_string_get_length (str); - fd = -1; + if (result == n_bytes) + return TRUE; + + _dbus_string_set_length (str, old_len); +#endif /* note, urandom on linux will fall back to pseudorandom */ fd = open ("/dev/urandom", O_RDONLY); diff --git a/tools/ci-build.sh b/tools/ci-build.sh index 2f9d89b8a..c31eddf9e 100755 --- a/tools/ci-build.sh +++ b/tools/ci-build.sh @@ -205,6 +205,8 @@ case "$ci_buildsys" in # armel, is one architecture that really # doesn't have them) set "$@" dbus_cv_sync_sub_and_fetch=no + # Disable getrandom syscall + set "$@" ac_cv_func_getrandom=no # No epoll, kqueue or poll (we will fall back # to select, even on Unix where we would # usually at least have poll)