From a56bae53977178e4b3eb7c47f22f2e97be3441e4 Mon Sep 17 00:00:00 2001 From: Brian Cox Date: Tue, 5 Sep 2017 19:14:27 -0700 Subject: [PATCH] Only use /dev/urandom if --enable-urandom configure arg is used, since current impl falls over on HP-UX & Solaris 10 SPARC & possibly elsewhere --- config.h.in | 3 +++ configure | 14 ++++++++++++++ configure.ac | 6 ++++++ src/core/platform.h | 2 ++ src/twcrypto/crypto.cpp | 4 ++-- src/twtest/platform_t.cpp | 2 +- 6 files changed, 28 insertions(+), 3 deletions(-) diff --git a/config.h.in b/config.h.in index 184a9f7..616429f 100644 --- a/config.h.in +++ b/config.h.in @@ -6,6 +6,9 @@ /* Compile with debug code */ #undef DEBUG +/* Enable use of /dev/urandom */ +#undef ENABLE_DEV_URANDOM + /* this is the prefix for STL exception functions */ #undef EXCEPTION_NAMESPACE diff --git a/configure b/configure index 5c6690e..f08717a 100755 --- a/configure +++ b/configure @@ -752,6 +752,7 @@ enable_static enable_debug enable_coverage enable_profiling +enable_urandom enable_dependency_tracking enable_commoncrypto enable_iconv @@ -1399,6 +1400,7 @@ Optional Features: --enable-debug compile with debuging enabled --enable-coverage enable code coverage --enable-profiling enable profiling + --enable-urandom use /dev/urandom --enable-dependency-tracking do not reject slow dependency extractors --disable-dependency-tracking @@ -3525,6 +3527,18 @@ then LDFLAGS="${LDFLAGS} -pg" fi +# Check whether --enable-urandom was given. +if test "${enable_urandom+set}" = set; then : + enableval=$enable_urandom; +fi + +if test "x$enable_urandom" = xyes +then + +$as_echo "#define ENABLE_DEV_URANDOM 1" >>confdefs.h + +fi + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' diff --git a/configure.ac b/configure.ac index 8b995a8..3cc105e 100644 --- a/configure.ac +++ b/configure.ac @@ -60,6 +60,12 @@ then LDFLAGS="${LDFLAGS} -pg" fi +AC_ARG_ENABLE(urandom, [ --enable-urandom use /dev/urandom]) +if test "x$enable_urandom" = xyes +then + AC_DEFINE(ENABLE_DEV_URANDOM, 1, [Enable use of /dev/urandom]) +fi + dnl ################### dnl Checks for programs dnl ################### diff --git a/src/core/platform.h b/src/core/platform.h index 7a5ffcf..56155be 100644 --- a/src/core/platform.h +++ b/src/core/platform.h @@ -320,6 +320,8 @@ // which uses this syntax for UNC paths. So we'll allow leading double slashes there, but // continue removing them on all other platforms +#define USE_DEV_URANDOM (HAVE_DEV_URANDOM && ENABLE_DEV_URANDOM) + //============================================================================= // Miscellaneous // diff --git a/src/twcrypto/crypto.cpp b/src/twcrypto/crypto.cpp index a5efe74..0334555 100644 --- a/src/twcrypto/crypto.cpp +++ b/src/twcrypto/crypto.cpp @@ -1241,7 +1241,7 @@ cHashedKey192::~cHashedKey192() ///////////////////////////////////////////////////////// -#if HAVE_DEV_URANDOM +#if USE_DEV_URANDOM static bool randomize_by_device(const char* device_name, int8* destbuf, int len) { static int rng_device = -1; @@ -1267,7 +1267,7 @@ static bool gRandomizeBytesSeeded = false; void RandomizeBytes(int8* destbuf, int len) { -#if HAVE_DEV_URANDOM +#if USE_DEV_URANDOM if (randomize_by_device("/dev/urandom", destbuf, len)) return; diff --git a/src/twtest/platform_t.cpp b/src/twtest/platform_t.cpp index bf63b62..b9b96b0 100644 --- a/src/twtest/platform_t.cpp +++ b/src/twtest/platform_t.cpp @@ -91,7 +91,7 @@ AlignMe::AlignMe() // to have any need for that behavior, which begs the question of why // this test exists in the first place. // -bcox -#if (!IS_HPUX) +#if (!IS_HPUX && !IS_SOLARIS) //Turns out Solaris SPARC is unhappy with this test too, btw TCOUT << _T("Testing alignment of size ") << ALIGN_SIZE << std::endl; // access a double in the byte array to see if it is aligned. if it isn't and the CPU