From fd9581a34e5665958939e3db408893fd4fac7398 Mon Sep 17 00:00:00 2001 From: Sebastian Pipping Date: Sat, 29 Jul 2017 21:29:14 +0200 Subject: [PATCH] Never require XML_POOR_ENTROPY for "./configure && make" .. as XML_POOR_ENTROPY was intended to catch _accidental_ compilation with no provider of high quality entropy enabled for _non-Autoconf_ build systems from the start. --- .travis.yml | 1 - expat/Changes | 3 +++ expat/configure.ac | 2 ++ expat/lib/xmlparse.c | 10 ++++++---- 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index 547b8f87..6dd84934 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,7 +6,6 @@ dist: trusty env: global: - - CPPFLAGS='-DXML_POOR_ENTROPY' # bad idea, do not copy! - CFLAGS='-g -pipe' matrix: - MODE=address diff --git a/expat/Changes b/expat/Changes index 24ce1530..e9577e7d 100644 --- a/expat/Changes +++ b/expat/Changes @@ -20,6 +20,9 @@ Release 2.2.? ???????????????? Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) for CloudABI #100 Fix use of SIPHASH_MAIN in siphash.h + Repair "./configure && make" for systems without any + provider of high quality entropy + and try reading /dev/urandom on those Special thanks to: Chanho Park diff --git a/expat/configure.ac b/expat/configure.ac index 5e4c9255..328ff91a 100644 --- a/expat/configure.ac +++ b/expat/configure.ac @@ -199,6 +199,8 @@ AC_DEFINE([XML_NS], 1, [Define to make XML Namespaces functionality available.]) AC_DEFINE([XML_DTD], 1, [Define to make parameter entity parsing functionality available.]) +AC_DEFINE([XML_DEV_URANDOM], 1, + [Define to include code reading entropy from `/dev/urandom'.]) AC_ARG_ENABLE([xml-context], AS_HELP_STRING([--enable-xml-context @<:@COUNT@:>@], diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c index e948cbdf..c20bc395 100644 --- a/expat/lib/xmlparse.c +++ b/expat/lib/xmlparse.c @@ -60,6 +60,7 @@ #if !defined(HAVE_GETRANDOM) && !defined(HAVE_SYSCALL_GETRANDOM) \ && !defined(HAVE_ARC4RANDOM_BUF) && !defined(HAVE_ARC4RANDOM) \ + && !defined(XML_DEV_URANDOM) \ && !defined(_WIN32) \ && !defined(XML_POOR_ENTROPY) # error \ @@ -73,6 +74,7 @@ * BSD / macOS <10.7 (arc4random): HAVE_ARC4RANDOM, \ * libbsd (arc4random_buf): HAVE_ARC4RANDOM_BUF + HAVE_LIBBSD, \ * libbsd (arc4random): HAVE_ARC4RANDOM + HAVE_LIBBSD, \ + * Linux / BSD / macOS (/dev/urandom): XML_DEV_URANDOM \ * Windows (RtlGenRandom): _WIN32. \ \ If insist on not using any of these, bypass this error by defining \ @@ -784,7 +786,7 @@ writeRandomBytes_getrandom_nonblock(void * target, size_t count) { #endif /* defined(HAVE_GETRANDOM) || defined(HAVE_SYSCALL_GETRANDOM) */ -#if ! defined(_WIN32) +#if ! defined(_WIN32) && defined(XML_DEV_URANDOM) /* Extract entropy from /dev/urandom */ static int @@ -814,7 +816,7 @@ writeRandomBytes_dev_urandom(void * target, size_t count) { return success; } -#endif /* ! defined(_WIN32) */ +#endif /* ! defined(_WIN32) && defined(XML_DEV_URANDOM) */ #if defined(HAVE_ARC4RANDOM) @@ -934,11 +936,11 @@ generate_hash_secret_salt(XML_Parser parser) return ENTROPY_DEBUG("getrandom", entropy); } #endif -#if ! defined(_WIN32) +#if ! defined(_WIN32) && defined(XML_DEV_URANDOM) if (writeRandomBytes_dev_urandom((void *)&entropy, sizeof(entropy))) { return ENTROPY_DEBUG("/dev/urandom", entropy); } -#endif /* ! defined(_WIN32) */ +#endif /* ! defined(_WIN32) && defined(XML_DEV_URANDOM) */ /* .. and self-made low quality for backup: */ /* Process ID is 0 bits entropy if attacker has local access */