You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by yl...@apache.org on 2018/04/03 21:17:01 UTC
svn commit: r1828287 - in /apr/apr/branches/1.7.x: ./ CHANGES configure.in
misc/unix/rand.c
Author: ylavic
Date: Tue Apr 3 21:17:01 2018
New Revision: 1828287
URL: http://svn.apache.org/viewvc?rev=1828287&view=rev
Log:
Merge r1814239, r1814240, r1814326, r1814329, r1814331, r1820755 from trunk:
rand: add support for the arc4random API as an entropy source.
The arc4random API originates from OpenBSD where it supersedes random(3),
rand(3), and files in the /dev filesystem.
Use it for apr_generate_random_bytes().
Proposed by: Christian Weisgerber
Reviewed by: ylavic
rand: add support for getrandom() on Linux as an entropy source.
Use it for apr_generate_random_bytes() when available, reading from the
urandom source, and non-blocking such that the call fails with EAGAIN if
there is not enough entropy on the system (which shouldn't be the case
in userspace).
rand: follow up to r1814240.
Fall back to using SYS_getrandom syscall when it's available in linux (3.17+)
but not in glibc (2.25+, not very deployed yet).
rand: follow up to r1814240 and r1814326.
Thanks Brane, <sys/random.h> may be available w/o getrandom(), and obviously
we must not USE_GETRANDOM in this case.
rand: follow up to r1814239, r1814240 and r1814326.
The above commits added the checks for HAVE_GETRANDOM and HAVE_ARC4RANDOM first
in configure.in so to avoid breaking the AC_MESSAGE_CHECKING/RESULT line, thus
it also defined the macros unconditionally (while the others were and still are
only defined if no previous one is elected already).
Yet the top priority one should remain HAVE_EGD when --with-egd is specified,
so we now have to rearrange apr_generate_random_bytes()'s #ifdefs to preserve
that now.
While at it, let's add an #error for the "should not happen" case where
APR_HAS_RANDOM is defined but no implementation is found.
fix ifdef for arc4random
r1814239 added:
AC_CHECK_FUNCS(arc4random_buf)
Which only defines HAVE_ARC4RANDOM_BUF
Submitted by: ylavic, covener
Modified:
apr/apr/branches/1.7.x/ (props changed)
apr/apr/branches/1.7.x/CHANGES
apr/apr/branches/1.7.x/configure.in
apr/apr/branches/1.7.x/misc/unix/rand.c
Propchange: apr/apr/branches/1.7.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Apr 3 21:17:01 2018
@@ -1,4 +1,4 @@
/apr/apr/branches/1.4.x:1003369,1101301
-/apr/apr/trunk:733052,739635,741862,741866-741867,741869,741871,745763-745764,746310,747990,748080,748361,748371,748565,748888,748902,748988,749810,760443,767895,775683,782838,783398,783958,784633,784773,788588,789050,793192-793193,794118,794485,795267,799497,800627,809745,809854,810472,811455,813063,821306,829490,831641,832904,835607,888669,892028,892159,892435,892909,896382,896653,899905,901088,902077,902090,908427,910419,910597,917819,917837-917838,923311,923320,925965,929796,930508,931973,932585,951771,960665,960671,979891,983618,989450,990435,1003338,1044440,1044447,1055657,1072165,1078845,1081462,1081495,1083038,1083242,1084662,1086695,1088023,1089031,1089129,1089438,1099348,1103310,1183683,1183685-1183686,1183688,1183693,1183698,1213382,1235047,1236970,1237078,1237507,1240472,1340286,1340288,1340470,1341193,1341196,1343233,1343243,1367050,1368819,1370494,1372018,1372022,1372093,1372849,1376957,1384764,1389077,1400200,1402868,1405985,1406690,1420106,1420109,1425356,1428809,143
8940,1438957-1438959,1442903,1449568,1456418,1459994,1460179-1460180,1460241,1460399,1460405,1462738,1462813,1470186,1470348,1475509,1478905,1480067,1481262,1481265,1484271,1487796,1489517,1496407,1502804,1510354,1516261,1523384,1523479,1523484,1523505,1523521,1523604,1523613,1523615,1523844-1523845,1523853,1524014,1524031,1528797,1528809,1529488,1529495,1529515,1529521,1529668,1530786,1530800,1530988,1531554,1531768,1531884,1532022,1533104,1533111,1533979,1535027,1535157,1536744,1538171,1539374,1539389,1539455,1539603,1541054,1541061,1541486,1541655,1541666,1541744,1542601,1542779,1543033,1543056,1548575,1550907,1551650,1551659,1558905,1559382,1559873,1559975,1561040,1561260,1561265,1561321,1561347,1561356,1561361,1561394,1561555,1571894,1575509,1578420,1587045,1587063,1587543,1587545,1588878,1588937,1589982,1593611,1593614-1593615,1593680,1594684,1594708,1595549,1597797,1597803,1604590,1604596,1604598,1605104,1610854,1611023,1611107,1611110,1611117,1611120,1611125,1611184,1611193,
1611466,1611515,1611517,1625173,1626564,1634615,1642159,1648830,1664406,1664447,1664451,1664471,1664769-1664770,1664775,1664904,1664911,1664958,1666341,1666411,1666458,1666611,1667420-1667421,1667423,1667900-1667901,1667903,1667914-1667916,1667962,1669077,1671292,1671329,1671356,1671386,1671389,1671513-1671514,1671957,1672354,1672366,1672495,1672575,1675644,1675656,1675668,1676013,1683521,1685929,1696140,1696767,1722547,1722557,1726928,1727020,1727160,1727175,1727199,1728957,1732582,1733451,1733594,1733694,1733706,1733708,1733775,1734816,1736552,1738791,1738925,1750374,1755709,1755740,1755746,1755758,1755954,1761279,1762326,1774712,1774973,1775069,1776994,1776998,1788334,1788337,1788929,1789947,1789998,1790045,1790200,1790296,1790302-1790304,1790330-1790331,1790436,1790439,1790444,1790446,1790488,1790521,1790523,1790569,1790632,1791598,1791718,1791728,1792621-1792622,1792625,1792961,1792963,1797415,1798105,1805380,1808039,1808836,1808910,1809649,1810452,1813286,1813330,1816527,18166
28,1817485,1819857-1819858,1819860-1819861,1819934-1819935,1820080,1827534
+/apr/apr/trunk:733052,739635,741862,741866-741867,741869,741871,745763-745764,746310,747990,748080,748361,748371,748565,748888,748902,748988,749810,760443,767895,775683,782838,783398,783958,784633,784773,788588,789050,793192-793193,794118,794485,795267,799497,800627,809745,809854,810472,811455,813063,821306,829490,831641,832904,835607,888669,892028,892159,892435,892909,896382,896653,899905,901088,902077,902090,908427,910419,910597,917819,917837-917838,923311,923320,925965,929796,930508,931973,932585,951771,960665,960671,979891,983618,989450,990435,1003338,1044440,1044447,1055657,1072165,1078845,1081462,1081495,1083038,1083242,1084662,1086695,1088023,1089031,1089129,1089438,1099348,1103310,1183683,1183685-1183686,1183688,1183693,1183698,1213382,1235047,1236970,1237078,1237507,1240472,1340286,1340288,1340470,1341193,1341196,1343233,1343243,1367050,1368819,1370494,1372018,1372022,1372093,1372849,1376957,1384764,1389077,1400200,1402868,1405985,1406690,1420106,1420109,1425356,1428809,143
8940,1438957-1438959,1442903,1449568,1456418,1459994,1460179-1460180,1460241,1460399,1460405,1462738,1462813,1470186,1470348,1475509,1478905,1480067,1481262,1481265,1484271,1487796,1489517,1496407,1502804,1510354,1516261,1523384,1523479,1523484,1523505,1523521,1523604,1523613,1523615,1523844-1523845,1523853,1524014,1524031,1528797,1528809,1529488,1529495,1529515,1529521,1529668,1530786,1530800,1530988,1531554,1531768,1531884,1532022,1533104,1533111,1533979,1535027,1535157,1536744,1538171,1539374,1539389,1539455,1539603,1541054,1541061,1541486,1541655,1541666,1541744,1542601,1542779,1543033,1543056,1548575,1550907,1551650,1551659,1558905,1559382,1559873,1559975,1561040,1561260,1561265,1561321,1561347,1561356,1561361,1561394,1561555,1571894,1575509,1578420,1587045,1587063,1587543,1587545,1588878,1588937,1589982,1593611,1593614-1593615,1593680,1594684,1594708,1595549,1597797,1597803,1604590,1604596,1604598,1605104,1610854,1611023,1611107,1611110,1611117,1611120,1611125,1611184,1611193,
1611466,1611515,1611517,1625173,1626564,1634615,1642159,1648830,1664406,1664447,1664451,1664471,1664769-1664770,1664775,1664904,1664911,1664958,1666341,1666411,1666458,1666611,1667420-1667421,1667423,1667900-1667901,1667903,1667914-1667916,1667962,1669077,1671292,1671329,1671356,1671386,1671389,1671513-1671514,1671957,1672354,1672366,1672495,1672575,1675644,1675656,1675668,1676013,1683521,1685929,1696140,1696767,1722547,1722557,1726928,1727020,1727160,1727175,1727199,1728957,1732582,1733451,1733594,1733694,1733706,1733708,1733775,1734816,1736552,1738791,1738925,1750374,1755709,1755740,1755746,1755758,1755954,1761279,1762326,1774712,1774973,1775069,1776994,1776998,1788334,1788337,1788929,1789947,1789998,1790045,1790200,1790296,1790302-1790304,1790330-1790331,1790436,1790439,1790444,1790446,1790488,1790521,1790523,1790569,1790632,1791598,1791718,1791728,1792621-1792622,1792625,1792961,1792963,1797415,1798105,1805380,1808039,1808836,1808910,1809649,1810452,1813286,1813330,1814239-18142
40,1814326,1814329,1814331,1816527,1816628,1817485,1819857-1819858,1819860-1819861,1819934-1819935,1820080,1820755,1827534
/apr/apr/trunk/test/testnames.c:1460405
/httpd/httpd/trunk:1604590
Modified: apr/apr/branches/1.7.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr/branches/1.7.x/CHANGES?rev=1828287&r1=1828286&r2=1828287&view=diff
==============================================================================
--- apr/apr/branches/1.7.x/CHANGES [utf-8] (original)
+++ apr/apr/branches/1.7.x/CHANGES [utf-8] Tue Apr 3 21:17:01 2018
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes for APR 1.7.0
+ *) rand: Use arc4random_buf() on BSD platforms and getrandom() on Linux,
+ when available. [Christian Weisgerber <naddy openbsd.org, Yann Ylavic]
+
*) Add apr_sockaddr_zone_set, apr_sockaddr_zone_set to set and retrieve
the zone for link-local IPv6 addresses. [Joe Orton]
Modified: apr/apr/branches/1.7.x/configure.in
URL: http://svn.apache.org/viewvc/apr/apr/branches/1.7.x/configure.in?rev=1828287&r1=1828286&r2=1828287&view=diff
==============================================================================
--- apr/apr/branches/1.7.x/configure.in (original)
+++ apr/apr/branches/1.7.x/configure.in Tue Apr 3 21:17:01 2018
@@ -2493,6 +2493,15 @@ else
fi
dnl ----------------------------- Checking for /dev/random
+AC_CHECK_HEADERS(sys/random.h)
+AC_CHECK_FUNCS(getrandom)
+
+AC_CHECK_HEADERS(sys/syscall.h)
+AC_CHECK_HEADERS(linux/random.h)
+AC_CHECK_DECLS([SYS_getrandom], [], [], [#include <sys/syscall.h>])
+
+AC_CHECK_FUNCS(arc4random_buf)
+
AC_MSG_CHECKING(for entropy source)
why_no_rand=""
@@ -2511,6 +2520,23 @@ AC_ARG_WITH(egd,
])
if test "$rand" != "1"; then
+ if test "$ac_cv_func_getrandom" = yes; then
+ AC_MSG_RESULT(getrandom)
+ rand="1"
+ elif test "$ac_cv_have_decl_SYS_getrandom" = yes; then
+ AC_MSG_RESULT(SYS_getrandom)
+ rand="1"
+ fi
+fi
+
+if test "$rand" != "1"; then
+ if test "$ac_cv_func_arc4random_buf" = yes; then
+ AC_MSG_RESULT(arc4random)
+ rand="1"
+ fi
+fi
+
+if test "$rand" != "1"; then
AC_ARG_WITH(devrandom,
[ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches by default]]],
[ apr_devrandom="$withval" ], [ apr_devrandom="yes" ])
Modified: apr/apr/branches/1.7.x/misc/unix/rand.c
URL: http://svn.apache.org/viewvc/apr/apr/branches/1.7.x/misc/unix/rand.c?rev=1828287&r1=1828286&r2=1828287&view=diff
==============================================================================
--- apr/apr/branches/1.7.x/misc/unix/rand.c (original)
+++ apr/apr/branches/1.7.x/misc/unix/rand.c Tue Apr 3 21:17:01 2018
@@ -43,6 +43,30 @@
#include <sys/uuid.h>
#endif
+#if defined(HAVE_SYS_RANDOM_H) && \
+ defined(HAVE_GETRANDOM)
+
+#include <sys/random.h>
+#define USE_GETRANDOM
+
+#elif defined(HAVE_SYS_SYSCALL_H) && \
+ defined(HAVE_LINUX_RANDOM_H) && \
+ defined(HAVE_DECL_SYS_GETRANDOM) && \
+ HAVE_DECL_SYS_GETRANDOM
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+#include <unistd.h>
+#include <sys/syscall.h>
+#include <linux/random.h>
+
+#define getrandom(buf, buflen, flags) \
+ syscall(SYS_getrandom, (buf), (buflen), (flags))
+#define USE_GETRANDOM
+
+#endif /* HAVE_SYS_RANDOM_H */
+
#ifndef SHUT_RDWR
#define SHUT_RDWR 2
#endif
@@ -87,48 +111,7 @@ APR_DECLARE(apr_status_t) apr_os_uuid_ge
APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf,
apr_size_t length)
{
-#ifdef DEV_RANDOM
-
- int fd = -1;
-
- /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then
- * gives EOF, so reading 'length' bytes may require opening the
- * device several times. */
- do {
- apr_ssize_t rc;
-
- if (fd == -1)
- if ((fd = open(DEV_RANDOM, O_RDONLY)) == -1)
- return errno;
-
- do {
- rc = read(fd, buf, length);
- } while (rc == -1 && errno == EINTR);
-
- if (rc < 0) {
- int errnum = errno;
- close(fd);
- return errnum;
- }
- else if (rc == 0) {
- close(fd);
- fd = -1; /* force open() again */
- }
- else {
- buf += rc;
- length -= rc;
- }
- } while (length > 0);
-
- close(fd);
-#elif defined(OS2)
- static UCHAR randbyte();
- unsigned int idx;
-
- for (idx=0; idx<length; idx++)
- buf[idx] = randbyte();
-
-#elif defined(HAVE_EGD)
+#if defined(HAVE_EGD)
/* use EGD-compatible socket daemon (such as EGD or PRNGd).
* message format:
* 0x00 (get entropy level)
@@ -224,6 +207,70 @@ APR_DECLARE(apr_status_t) apr_generate_r
return bad_errno;
}
+#elif defined(USE_GETRANDOM)
+
+ do {
+ int rc;
+
+ rc = getrandom(buf, length, GRND_NONBLOCK);
+ if (rc == -1) {
+ if (errno == EINTR) {
+ continue;
+ }
+ return errno;
+ }
+
+ buf += rc;
+ length -= rc;
+ } while (length > 0);
+
+#elif defined(HAVE_ARC4RANDOM_BUF)
+
+ arc4random_buf(buf, length);
+
+#elif defined(DEV_RANDOM)
+
+ int fd = -1;
+
+ /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then
+ * gives EOF, so reading 'length' bytes may require opening the
+ * device several times. */
+ do {
+ apr_ssize_t rc;
+
+ if (fd == -1)
+ if ((fd = open(DEV_RANDOM, O_RDONLY)) == -1)
+ return errno;
+
+ do {
+ rc = read(fd, buf, length);
+ } while (rc == -1 && errno == EINTR);
+
+ if (rc < 0) {
+ int errnum = errno;
+ close(fd);
+ return errnum;
+ }
+ else if (rc == 0) {
+ close(fd);
+ fd = -1; /* force open() again */
+ }
+ else {
+ buf += rc;
+ length -= rc;
+ }
+ } while (length > 0);
+
+ close(fd);
+
+#elif defined(OS2)
+
+ static UCHAR randbyte();
+ unsigned int idx;
+
+ for (idx=0; idx<length; idx++)
+ buf[idx] = randbyte();
+
#elif defined(HAVE_TRUERAND) /* use truerand */
extern int randbyte(void); /* from the truerand library */
@@ -235,6 +282,10 @@ APR_DECLARE(apr_status_t) apr_generate_r
for (idx=0; idx<length; idx++)
buf[idx] = (unsigned char) randbyte();
+#else
+
+#error APR_HAS_RANDOM defined with no implementation
+
#endif /* DEV_RANDOM */
return APR_SUCCESS;