Fix detection of getrandom()
This commit is contained in:
parent
f5203e0bb5
commit
d97828e7af
2 changed files with 52 additions and 16 deletions
|
@ -28,6 +28,8 @@ Features
|
||||||
errors on use of deprecated functions.
|
errors on use of deprecated functions.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
|
* Fix detection of support for getrandom() on Linux (reported by syzzer) by
|
||||||
|
doing it at runtime (using uname) rather that compile time.
|
||||||
* Fix handling of symlinks by "make install" (found by Gaël PORTAY).
|
* Fix handling of symlinks by "make install" (found by Gaël PORTAY).
|
||||||
* Fix potential NULL pointer dereference (not trigerrable remotely) when
|
* Fix potential NULL pointer dereference (not trigerrable remotely) when
|
||||||
ssl_write() is called before the handshake is finished (introduced in
|
ssl_write() is called before the handshake is finished (introduced in
|
||||||
|
|
|
@ -86,27 +86,46 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
|
||||||
{
|
{
|
||||||
return( syscall( SYS_getrandom, buf, buflen, flags ) );
|
return( syscall( SYS_getrandom, buf, buflen, flags ) );
|
||||||
}
|
}
|
||||||
#endif /* SYS_getrandom */
|
|
||||||
#endif /* __linux__ */
|
|
||||||
|
|
||||||
#if defined(HAVE_GETRANDOM)
|
#include <sys/utsname.h>
|
||||||
|
/* Check if version is at least 3.17.0 */
|
||||||
#include <errno.h>
|
static int check_version_3_17_plus( void )
|
||||||
|
|
||||||
int platform_entropy_poll( void *data,
|
|
||||||
unsigned char *output, size_t len, size_t *olen )
|
|
||||||
{
|
{
|
||||||
int ret;
|
int minor;
|
||||||
((void) data);
|
struct utsname un;
|
||||||
|
const char *ver;
|
||||||
|
|
||||||
if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
|
/* Get version information */
|
||||||
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
|
uname(&un);
|
||||||
|
ver = un.release;
|
||||||
|
|
||||||
|
/* Check major version; assume a single digit */
|
||||||
|
if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' )
|
||||||
|
return( -1 );
|
||||||
|
|
||||||
|
if( ver[0] - '0' > 3 )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
|
/* Ok, so now we know major == 3, check minor.
|
||||||
|
* Assume 1 or 2 digits. */
|
||||||
|
if( ver[2] < '0' || ver[2] > '9' )
|
||||||
|
return( -1 );
|
||||||
|
|
||||||
|
minor = ver[2] - '0';
|
||||||
|
|
||||||
|
if( ver[3] >= '0' && ver[3] <= '9' )
|
||||||
|
minor = 10 * minor + ver[3] - '0';
|
||||||
|
else if( ver [3] != '.' )
|
||||||
|
return( -1 );
|
||||||
|
|
||||||
|
if( minor < 17 )
|
||||||
|
return( -1 );
|
||||||
|
|
||||||
*olen = ret;
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
static int has_getrandom = -1;
|
||||||
#else /* HAVE_GETRANDOM */
|
#endif /* SYS_getrandom */
|
||||||
|
#endif /* __linux__ */
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
|
@ -117,6 +136,22 @@ int platform_entropy_poll( void *data,
|
||||||
size_t ret;
|
size_t ret;
|
||||||
((void) data);
|
((void) data);
|
||||||
|
|
||||||
|
#if defined(HAVE_GETRANDOM)
|
||||||
|
if( has_getrandom == -1 )
|
||||||
|
has_getrandom = ( check_version_3_17_plus() == 0 );
|
||||||
|
|
||||||
|
if( has_getrandom )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
|
||||||
|
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
|
||||||
|
|
||||||
|
*olen = ret;
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
#endif /* HAVE_GETRANDOM */
|
||||||
|
|
||||||
*olen = 0;
|
*olen = 0;
|
||||||
|
|
||||||
file = fopen( "/dev/urandom", "rb" );
|
file = fopen( "/dev/urandom", "rb" );
|
||||||
|
@ -135,7 +170,6 @@ int platform_entropy_poll( void *data,
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* HAVE_GETRANDOM */
|
|
||||||
#endif /* _WIN32 && !EFIX64 && !EFI32 */
|
#endif /* _WIN32 && !EFIX64 && !EFI32 */
|
||||||
#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */
|
#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue