new upstream version 1.8.4
This commit is contained in:
		
							parent
							
								
									911a1f2955
								
							
						
					
					
						commit
						abc0e95a20
					
				
							
								
								
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -19,3 +19,4 @@ libgcrypt-1.4.5-hobbled.tar.bz2 | |||||||
| /libgcrypt-1.8.1-hobbled.tar.xz | /libgcrypt-1.8.1-hobbled.tar.xz | ||||||
| /libgcrypt-1.8.2-hobbled.tar.xz | /libgcrypt-1.8.2-hobbled.tar.xz | ||||||
| /libgcrypt-1.8.3-hobbled.tar.xz | /libgcrypt-1.8.3-hobbled.tar.xz | ||||||
|  | /libgcrypt-1.8.4-hobbled.tar.xz | ||||||
|  | |||||||
| @ -1057,7 +1057,7 @@ _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy) | |||||||
|   if (!strcmp (name, "q.x") && ec->Q && ec->Q->x) |   if (!strcmp (name, "q.x") && ec->Q && ec->Q->x) | ||||||
|     return mpi_is_const (ec->Q->x) && !copy? ec->Q->x : mpi_copy (ec->Q->x); |     return mpi_is_const (ec->Q->x) && !copy? ec->Q->x : mpi_copy (ec->Q->x); | ||||||
|   if (!strcmp (name, "q.y") && ec->Q && ec->Q->y) |   if (!strcmp (name, "q.y") && ec->Q && ec->Q->y) | ||||||
|     return mpi_is_const (ec->G->y) && !copy? ec->Q->y : mpi_copy (ec->Q->y); |     return mpi_is_const (ec->Q->y) && !copy? ec->Q->y : mpi_copy (ec->Q->y); | ||||||
| 
 | 
 | ||||||
|   /* If the base point has been requested, return it in standard
 |   /* If the base point has been requested, return it in standard
 | ||||||
|      encoding.  */ |      encoding.  */ | ||||||
|  | |||||||
| @ -1,101 +0,0 @@ | |||||||
| diff -up libgcrypt-1.8.3/random/random.c.getrandom libgcrypt-1.8.3/random/random.c
 |  | ||||||
| --- libgcrypt-1.8.3/random/random.c.getrandom	2017-11-23 19:16:58.000000000 +0100
 |  | ||||||
| +++ libgcrypt-1.8.3/random/random.c	2018-07-10 15:38:34.303855808 +0200
 |  | ||||||
| @@ -110,8 +110,8 @@ _gcry_random_read_conf (void)
 |  | ||||||
|    unsigned int result = 0; |  | ||||||
|   |  | ||||||
|    fp = fopen (fname, "r"); |  | ||||||
| -  if (!fp)
 |  | ||||||
| -    return result;
 |  | ||||||
| +  if (!fp) /* We make only_urandom the default. */
 |  | ||||||
| +    return RANDOM_CONF_ONLY_URANDOM;
 |  | ||||||
|   |  | ||||||
|    for (;;) |  | ||||||
|      { |  | ||||||
| diff -up libgcrypt-1.8.3/random/random-csprng.c.getrandom libgcrypt-1.8.3/random/random-csprng.c
 |  | ||||||
| --- libgcrypt-1.8.3/random/random-csprng.c.getrandom	2017-11-23 19:16:58.000000000 +0100
 |  | ||||||
| +++ libgcrypt-1.8.3/random/random-csprng.c	2018-06-14 16:31:04.731179208 +0200
 |  | ||||||
| @@ -55,6 +55,10 @@
 |  | ||||||
|  #ifdef __MINGW32__ |  | ||||||
|  #include <process.h> |  | ||||||
|  #endif |  | ||||||
| +#if defined(__linux__) && defined(HAVE_SYSCALL)
 |  | ||||||
| +# include <sys/syscall.h>
 |  | ||||||
| +# include <linux/random.h>
 |  | ||||||
| +#endif
 |  | ||||||
|  #include "g10lib.h" |  | ||||||
|  #include "random.h" |  | ||||||
|  #include "rand-internal.h" |  | ||||||
| @@ -1116,6 +1120,22 @@ getfnc_gather_random (void))(void (*)(co
 |  | ||||||
|               enum random_origins, size_t, int); |  | ||||||
|   |  | ||||||
|  #if USE_RNDLINUX |  | ||||||
| +#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
 |  | ||||||
| +  long ret;
 |  | ||||||
| +  char buffer[1];
 |  | ||||||
| +
 |  | ||||||
| +  _gcry_pre_syscall ();
 |  | ||||||
| +  ret = syscall (__NR_getrandom,
 |  | ||||||
| +                 (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK);
 |  | ||||||
| +  _gcry_post_syscall ();
 |  | ||||||
| +  if (ret != -1 || errno != ENOSYS)
 |  | ||||||
| +    {
 |  | ||||||
| +      fnc = _gcry_rndlinux_gather_random;
 |  | ||||||
| +      return fnc;
 |  | ||||||
| +    }
 |  | ||||||
| +  else
 |  | ||||||
| +          /* The syscall is not supported - fallback to /dev/urandom. */
 |  | ||||||
| +#endif
 |  | ||||||
|    if ( !access (NAME_OF_DEV_RANDOM, R_OK) |  | ||||||
|         && !access (NAME_OF_DEV_URANDOM, R_OK)) |  | ||||||
|      { |  | ||||||
| diff -up libgcrypt-1.8.3/random/rndlinux.c.getrandom libgcrypt-1.8.3/random/rndlinux.c
 |  | ||||||
| --- libgcrypt-1.8.3/random/rndlinux.c.getrandom	2018-06-14 16:31:04.722178971 +0200
 |  | ||||||
| +++ libgcrypt-1.8.3/random/rndlinux.c	2018-07-10 15:55:03.301075155 +0200
 |  | ||||||
| @@ -35,6 +35,7 @@
 |  | ||||||
|  #include <poll.h> |  | ||||||
|  #if defined(__linux__) && defined(HAVE_SYSCALL) |  | ||||||
|  # include <sys/syscall.h> |  | ||||||
| +# include <linux/random.h>
 |  | ||||||
|  #endif |  | ||||||
|   |  | ||||||
|  #include "types.h" |  | ||||||
| @@ -204,6 +205,18 @@ _gcry_rndlinux_gather_random (void (*add
 |  | ||||||
|      { |  | ||||||
|        if (fd_urandom == -1) |  | ||||||
|          { |  | ||||||
| +#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
 |  | ||||||
| +          long ret;
 |  | ||||||
| +
 |  | ||||||
| +          _gcry_pre_syscall ();
 |  | ||||||
| +          ret = syscall (__NR_getrandom,
 |  | ||||||
| +                         (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK);
 |  | ||||||
| +          _gcry_post_syscall ();
 |  | ||||||
| +          if (ret > -1 || errno == EAGAIN || errno == EINTR)
 |  | ||||||
| +            fd_urandom = -2;
 |  | ||||||
| +	  else
 |  | ||||||
| +            /* The syscall is not supported - fallback to /dev/urandom. */
 |  | ||||||
| +#endif
 |  | ||||||
|            fd_urandom = open_device (NAME_OF_DEV_URANDOM, (ever_opened & 2)); |  | ||||||
|            ever_opened |= 2; |  | ||||||
|          } |  | ||||||
| @@ -230,7 +243,7 @@ _gcry_rndlinux_gather_random (void (*add
 |  | ||||||
|         * syscall and not a new device and thus we are not able to use |  | ||||||
|         * select(2) to have a timeout. */ |  | ||||||
|  #if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) |  | ||||||
| -      if (fd == fd_urandom)
 |  | ||||||
| +      if (fd == -2)
 |  | ||||||
|          { |  | ||||||
|            long ret; |  | ||||||
|            size_t nbytes; |  | ||||||
| @@ -246,9 +259,7 @@ _gcry_rndlinux_gather_random (void (*add
 |  | ||||||
|                _gcry_post_syscall (); |  | ||||||
|              } |  | ||||||
|            while (ret == -1 && errno == EINTR); |  | ||||||
| -          if (ret == -1 && errno == ENOSYS)
 |  | ||||||
| -            ; /* The syscall is not supported - fallback to /dev/urandom.  */
 |  | ||||||
| -          else
 |  | ||||||
| +          if (1)
 |  | ||||||
|              { /* The syscall is supported.  Some sanity checks.  */ |  | ||||||
|                if (ret == -1) |  | ||||||
|                  log_fatal ("unexpected error from getrandom: %s\n", |  | ||||||
							
								
								
									
										134
									
								
								libgcrypt-1.8.4-getrandom.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										134
									
								
								libgcrypt-1.8.4-getrandom.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,134 @@ | |||||||
|  | diff -up libgcrypt-1.8.4/random/random.c.getrandom libgcrypt-1.8.4/random/random.c
 | ||||||
|  | --- libgcrypt-1.8.4/random/random.c.getrandom	2017-11-23 19:16:58.000000000 +0100
 | ||||||
|  | +++ libgcrypt-1.8.4/random/random.c	2018-11-20 15:52:41.738708554 +0100
 | ||||||
|  | @@ -110,8 +110,8 @@ _gcry_random_read_conf (void)
 | ||||||
|  |    unsigned int result = 0; | ||||||
|  |   | ||||||
|  |    fp = fopen (fname, "r"); | ||||||
|  | -  if (!fp)
 | ||||||
|  | -    return result;
 | ||||||
|  | +  if (!fp) /* We make only_urandom the default. */
 | ||||||
|  | +    return RANDOM_CONF_ONLY_URANDOM;
 | ||||||
|  |   | ||||||
|  |    for (;;) | ||||||
|  |      { | ||||||
|  | diff -up libgcrypt-1.8.4/random/random-csprng.c.getrandom libgcrypt-1.8.4/random/random-csprng.c
 | ||||||
|  | --- libgcrypt-1.8.4/random/random-csprng.c.getrandom	2017-11-23 19:16:58.000000000 +0100
 | ||||||
|  | +++ libgcrypt-1.8.4/random/random-csprng.c	2018-11-20 15:52:41.738708554 +0100
 | ||||||
|  | @@ -55,6 +55,10 @@
 | ||||||
|  |  #ifdef __MINGW32__ | ||||||
|  |  #include <process.h> | ||||||
|  |  #endif | ||||||
|  | +#if defined(__linux__) && defined(HAVE_SYSCALL)
 | ||||||
|  | +# include <sys/syscall.h>
 | ||||||
|  | +# include <linux/random.h>
 | ||||||
|  | +#endif
 | ||||||
|  |  #include "g10lib.h" | ||||||
|  |  #include "random.h" | ||||||
|  |  #include "rand-internal.h" | ||||||
|  | @@ -1116,6 +1120,22 @@ getfnc_gather_random (void))(void (*)(co
 | ||||||
|  |               enum random_origins, size_t, int); | ||||||
|  |   | ||||||
|  |  #if USE_RNDLINUX | ||||||
|  | +#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
 | ||||||
|  | +  long ret;
 | ||||||
|  | +  char buffer[1];
 | ||||||
|  | +
 | ||||||
|  | +  _gcry_pre_syscall ();
 | ||||||
|  | +  ret = syscall (__NR_getrandom,
 | ||||||
|  | +                 (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK);
 | ||||||
|  | +  _gcry_post_syscall ();
 | ||||||
|  | +  if (ret != -1 || errno != ENOSYS)
 | ||||||
|  | +    {
 | ||||||
|  | +      fnc = _gcry_rndlinux_gather_random;
 | ||||||
|  | +      return fnc;
 | ||||||
|  | +    }
 | ||||||
|  | +  else
 | ||||||
|  | +          /* The syscall is not supported - fallback to /dev/urandom. */
 | ||||||
|  | +#endif
 | ||||||
|  |    if ( !access (NAME_OF_DEV_RANDOM, R_OK) | ||||||
|  |         && !access (NAME_OF_DEV_URANDOM, R_OK)) | ||||||
|  |      { | ||||||
|  | diff -up libgcrypt-1.8.4/random/rndlinux.c.getrandom libgcrypt-1.8.4/random/rndlinux.c
 | ||||||
|  | --- libgcrypt-1.8.4/random/rndlinux.c.getrandom	2018-11-20 15:52:41.731708393 +0100
 | ||||||
|  | +++ libgcrypt-1.8.4/random/rndlinux.c	2018-11-20 16:06:45.431207374 +0100
 | ||||||
|  | @@ -35,6 +35,7 @@
 | ||||||
|  |  #include <poll.h> | ||||||
|  |  #if defined(__linux__) && defined(HAVE_SYSCALL) | ||||||
|  |  # include <sys/syscall.h> | ||||||
|  | +# include <linux/random.h>
 | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  |  #include "types.h" | ||||||
|  | @@ -147,12 +148,12 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|  |    if (!add) | ||||||
|  |      { | ||||||
|  |        /* Special mode to close the descriptors.  */ | ||||||
|  | -      if (fd_random != -1)
 | ||||||
|  | +      if (fd_random >= 0)
 | ||||||
|  |          { | ||||||
|  |            close (fd_random); | ||||||
|  |            fd_random = -1; | ||||||
|  |          } | ||||||
|  | -      if (fd_urandom != -1)
 | ||||||
|  | +      if (fd_urandom >= 0)
 | ||||||
|  |          { | ||||||
|  |            close (fd_urandom); | ||||||
|  |            fd_urandom = -1; | ||||||
|  | @@ -166,12 +167,12 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|  |    apid = getpid (); | ||||||
|  |    if (my_pid != apid) | ||||||
|  |      { | ||||||
|  | -      if (fd_random != -1)
 | ||||||
|  | +      if (fd_random >= 0)
 | ||||||
|  |          { | ||||||
|  |            close (fd_random); | ||||||
|  |            fd_random = -1; | ||||||
|  |          } | ||||||
|  | -      if (fd_urandom != -1)
 | ||||||
|  | +      if (fd_urandom >= 0)
 | ||||||
|  |          { | ||||||
|  |            close (fd_urandom); | ||||||
|  |            fd_urandom = -1; | ||||||
|  | @@ -216,6 +217,22 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|  |       that we always require the device to be existent but want a more | ||||||
|  |       graceful behaviour if the rarely needed close operation has been | ||||||
|  |       used and the device needs to be re-opened later. */ | ||||||
|  | +#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
 | ||||||
|  | +   if (fd_urandom != -2)
 | ||||||
|  | +     {
 | ||||||
|  | +       long ret;
 | ||||||
|  | +
 | ||||||
|  | +       _gcry_pre_syscall ();
 | ||||||
|  | +       ret = syscall (__NR_getrandom,
 | ||||||
|  | +                      (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK);
 | ||||||
|  | +       _gcry_post_syscall ();
 | ||||||
|  | +       if (ret > -1 || errno == EAGAIN || errno == EINTR)
 | ||||||
|  | +         {
 | ||||||
|  | +           fd_urandom = -2;
 | ||||||
|  | +           fd_random = -2;
 | ||||||
|  | +         }
 | ||||||
|  | +     }
 | ||||||
|  | +#endif
 | ||||||
|  |    if (level >= GCRY_VERY_STRONG_RANDOM && !only_urandom) | ||||||
|  |      { | ||||||
|  |        if (fd_random == -1) | ||||||
|  | @@ -255,6 +272,7 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|  |         * syscall and not a new device and thus we are not able to use | ||||||
|  |         * select(2) to have a timeout. */ | ||||||
|  |  #if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) | ||||||
|  | +      if (fd == -2)
 | ||||||
|  |          { | ||||||
|  |            long ret; | ||||||
|  |            size_t nbytes; | ||||||
|  | @@ -270,9 +288,7 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|  |                _gcry_post_syscall (); | ||||||
|  |              } | ||||||
|  |            while (ret == -1 && errno == EINTR); | ||||||
|  | -          if (ret == -1 && errno == ENOSYS)
 | ||||||
|  | -            ; /* The syscall is not supported - fallback to pulling from fd.  */
 | ||||||
|  | -          else
 | ||||||
|  | +          if (1)
 | ||||||
|  |              { /* The syscall is supported.  Some sanity checks.  */ | ||||||
|  |                if (ret == -1) | ||||||
|  |                  log_fatal ("unexpected error from getrandom: %s\n", | ||||||
| @ -1,6 +1,6 @@ | |||||||
| diff -up libgcrypt-1.8.0/random/rndlinux.c.use-poll libgcrypt-1.8.0/random/rndlinux.c
 | diff -up libgcrypt-1.8.4/random/rndlinux.c.use-poll libgcrypt-1.8.4/random/rndlinux.c
 | ||||||
| --- libgcrypt-1.8.0/random/rndlinux.c.use-poll	2017-06-24 13:34:29.000000000 +0200
 | --- libgcrypt-1.8.4/random/rndlinux.c.use-poll	2018-10-26 13:50:20.000000000 +0200
 | ||||||
| +++ libgcrypt-1.8.0/random/rndlinux.c	2017-08-15 15:37:37.604629377 +0200
 | +++ libgcrypt-1.8.4/random/rndlinux.c	2018-11-20 15:51:56.760669058 +0100
 | ||||||
| @@ -32,6 +32,7 @@
 | @@ -32,6 +32,7 @@
 | ||||||
|  #include <string.h> |  #include <string.h> | ||||||
|  #include <unistd.h> |  #include <unistd.h> | ||||||
| @ -9,7 +9,7 @@ diff -up libgcrypt-1.8.0/random/rndlinux.c.use-poll libgcrypt-1.8.0/random/rndli | |||||||
|  #if defined(__linux__) && defined(HAVE_SYSCALL) |  #if defined(__linux__) && defined(HAVE_SYSCALL) | ||||||
|  # include <sys/syscall.h> |  # include <sys/syscall.h> | ||||||
|  #endif |  #endif | ||||||
| @@ -216,9 +217,8 @@ _gcry_rndlinux_gather_random (void (*add
 | @@ -241,9 +242,8 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|                   return with something we will actually use 100ms. */ |                   return with something we will actually use 100ms. */ | ||||||
|    while (length) |    while (length) | ||||||
|      { |      { | ||||||
| @ -18,9 +18,9 @@ diff -up libgcrypt-1.8.0/random/rndlinux.c.use-poll libgcrypt-1.8.0/random/rndli | |||||||
|        int rc; |        int rc; | ||||||
| +      struct pollfd pfd;
 | +      struct pollfd pfd;
 | ||||||
|   |   | ||||||
|        /* If we have a modern Linux kernel and we want to read from the |        /* If we have a modern Linux kernel, we first try to use the new | ||||||
|         * the non-blocking /dev/urandom, we first try to use the new |         * getrandom syscall.  That call guarantees that the kernel's | ||||||
| @@ -276,36 +276,25 @@ _gcry_rndlinux_gather_random (void (*add
 | @@ -300,36 +300,25 @@ _gcry_rndlinux_gather_random (void (*add
 | ||||||
|            any_need_entropy = 1; |            any_need_entropy = 1; | ||||||
|          } |          } | ||||||
|   |   | ||||||
| @ -1,6 +1,6 @@ | |||||||
| Name: libgcrypt | Name: libgcrypt | ||||||
| Version: 1.8.3 | Version: 1.8.4 | ||||||
| Release: 3%{?dist} | Release: 1%{?dist} | ||||||
| URL: http://www.gnupg.org/ | URL: http://www.gnupg.org/ | ||||||
| Source0: libgcrypt-%{version}-hobbled.tar.xz | Source0: libgcrypt-%{version}-hobbled.tar.xz | ||||||
| # The original libgcrypt sources now contain potentially patented ECC | # The original libgcrypt sources now contain potentially patented ECC | ||||||
| @ -24,7 +24,7 @@ Patch5: libgcrypt-1.8.0-tests.patch | |||||||
| # update the CAVS tests | # update the CAVS tests | ||||||
| Patch7: libgcrypt-1.7.3-fips-cavs.patch | Patch7: libgcrypt-1.7.3-fips-cavs.patch | ||||||
| # use poll instead of select when gathering randomness | # use poll instead of select when gathering randomness | ||||||
| Patch11: libgcrypt-1.8.0-use-poll.patch | Patch11: libgcrypt-1.8.4-use-poll.patch | ||||||
| # slight optimalization of mpicoder.c to silence Valgrind (#968288) | # slight optimalization of mpicoder.c to silence Valgrind (#968288) | ||||||
| Patch13: libgcrypt-1.6.1-mpicoder-gccopt.patch | Patch13: libgcrypt-1.6.1-mpicoder-gccopt.patch | ||||||
| # fix tests to work with approved ECC | # fix tests to work with approved ECC | ||||||
| @ -34,7 +34,7 @@ Patch18: libgcrypt-1.8.3-fips-ctor.patch | |||||||
| # Block some operations if in FIPS non-operational state | # Block some operations if in FIPS non-operational state | ||||||
| Patch22: libgcrypt-1.7.3-fips-reqs.patch | Patch22: libgcrypt-1.7.3-fips-reqs.patch | ||||||
| # Do not try to open /dev/urandom if getrandom() works | # Do not try to open /dev/urandom if getrandom() works | ||||||
| Patch24: libgcrypt-1.8.3-getrandom.patch | Patch24: libgcrypt-1.8.4-getrandom.patch | ||||||
| 
 | 
 | ||||||
| %define gcrylibdir %{_libdir} | %define gcrylibdir %{_libdir} | ||||||
| 
 | 
 | ||||||
| @ -191,6 +191,9 @@ exit 0 | |||||||
| %license COPYING | %license COPYING | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Tue Nov 20 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.4-1 | ||||||
|  | - new upstream version 1.8.4 | ||||||
|  | 
 | ||||||
| * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.3-3 | * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.3-3 | ||||||
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild | - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild | ||||||
| 
 | 
 | ||||||
|  | |||||||
							
								
								
									
										2
									
								
								sources
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								sources
									
									
									
									
									
								
							| @ -1 +1 @@ | |||||||
| SHA512 (libgcrypt-1.8.3-hobbled.tar.xz) = 6981367a138e03375d7ccf44e2dacb5c96f0ebadf34c2734f95cf3b94a7d7b206a2864304abfbcc3acf0055cc83491fd68d065af33487fefa73f550954a99613 | SHA512 (libgcrypt-1.8.4-hobbled.tar.xz) = 9f124d84a401f6b63faabe46b983e157573a20064e9652fe47b4d18b58d580eab9458a47eb24694b26e8e8e7e8c82002f354f075a0fc7037e61fb4ab0eafdf19 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user