From: Nick Mathewson Date: Tue, 18 Sep 2018 16:40:18 +0000 (-0400) Subject: Make crypto_strongest_rand() non-mockable X-Git-Tag: tor-0.3.5.3-alpha~34^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ea5792f333b1b92306d20e60b5e12bb0633aa740;p=thirdparty%2Ftor.git Make crypto_strongest_rand() non-mockable Instead, have it call a mockable function. We don't want crypto_strongest_rand() to be mockable, since doing so creates a type error when we call it from ed25519-donna, which we do not build in a test mode. Fixes bug 27728; bugfix on 0.3.5.1-alpha --- diff --git a/changes/bug27728 b/changes/bug27728 new file mode 100644 index 0000000000..f0b3e6dc05 --- /dev/null +++ b/changes/bug27728 @@ -0,0 +1,7 @@ + o Minor bugfixes (compilation): + - Compile the ed25519-donna code with a correct declaration of + crypto_strongest_rand(). Previously, we build it with one type, + but link it against another in the unit tests, which caused + compilation failures with LTO enabled, and which could have + caused other undefined behavior in the tests. Fixes bug 27728; + bugfix on 0.3.5.1-alpha. diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c index 313d829a57..cffd0610f3 100644 --- a/src/lib/crypt_ops/crypto_rand.c +++ b/src/lib/crypt_ops/crypto_rand.c @@ -335,8 +335,18 @@ crypto_strongest_rand_raw(uint8_t *out, size_t out_len) * Try to get out_len bytes of the strongest entropy we can generate, * storing it into out. **/ +void +crypto_strongest_rand(uint8_t *out, size_t out_len) +{ + crypto_strongest_rand_(out, out_len); +} + +/** + * Try to get out_len bytes of the strongest entropy we can generate, + * storing it into out. (Mockable version.) + **/ MOCK_IMPL(void, -crypto_strongest_rand,(uint8_t *out, size_t out_len)) +crypto_strongest_rand_,(uint8_t *out, size_t out_len)) { #define DLEN DIGEST512_LEN diff --git a/src/lib/crypt_ops/crypto_rand.h b/src/lib/crypt_ops/crypto_rand.h index 25bcfa1f1c..0c538d81ac 100644 --- a/src/lib/crypt_ops/crypto_rand.h +++ b/src/lib/crypt_ops/crypto_rand.h @@ -21,7 +21,8 @@ int crypto_seed_rng(void) ATTR_WUR; MOCK_DECL(void,crypto_rand,(char *to, size_t n)); void crypto_rand_unmocked(char *to, size_t n); -MOCK_DECL(void,crypto_strongest_rand,(uint8_t *out, size_t out_len)); +void crypto_strongest_rand(uint8_t *out, size_t out_len); +MOCK_DECL(void,crypto_strongest_rand_,(uint8_t *out, size_t out_len)); int crypto_rand_int(unsigned int max); int crypto_rand_int_range(unsigned int min, unsigned int max); uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 90f2be2906..428ca1024b 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -909,7 +909,7 @@ test_build_authorized_client(void *arg) client_pubkey_b16, strlen(client_pubkey_b16)); - MOCK(crypto_strongest_rand, mock_crypto_strongest_rand); + MOCK(crypto_strongest_rand_, mock_crypto_strongest_rand); hs_desc_build_authorized_client(subcredential, &client_auth_pk, &auth_ephemeral_sk, @@ -925,7 +925,7 @@ test_build_authorized_client(void *arg) done: tor_free(desc_client); tor_free(mem_op_hex_tmp); - UNMOCK(crypto_strongest_rand); + UNMOCK(crypto_strongest_rand_); } struct testcase_t hs_descriptor[] = {