[openssh-commits] [openssh] 01/02: Rename our getentropy to prevent possible loops.

git+noreply at mindrot.org git+noreply at mindrot.org
Wed Aug 10 17:58:47 AEST 2022 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 7e2f51940ba48a1c0fae1107801ea643fa83c971
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Wed Aug 10 17:25:24 2022 +1000

    Rename our getentropy to prevent possible loops.
    
    Since arc4random seeds from getentropy, and we use OpenSSL for that
    if enabled, there's the possibility that if we build on a system that
    does not have getentropy then run on a system that does have it, then
    OpenSSL could end up calling our getentropy and getting stuck in a loop.
    Pointed out by deraadt@, ok djm@
---
 openbsd-compat/arc4random.c     | 9 +++++++++
 openbsd-compat/bsd-getentropy.c | 2 +-
 openbsd-compat/openbsd-compat.h | 2 +-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index f43b5c7c..2f91c2b2 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -35,6 +35,15 @@
 
 #ifndef HAVE_ARC4RANDOM
 
+/*
+ * If we're not using a native getentropy, use the one from bsd-getentropy.c
+ * under a different name, so that if in future these binaries are run on
+ * a system that has a native getentropy OpenSSL cannot call the wrong one.
+ */
+#ifndef HAVE_GETENTROPY
+# define getentropy(x, y) (_ssh_compat_getentropy((x), (y)))
+#endif
+
 #define MINIMUM(a, b)    (((a) < (b)) ? (a) : (b))
 
 #include "log.h"
diff --git a/openbsd-compat/bsd-getentropy.c b/openbsd-compat/bsd-getentropy.c
index 1733e287..bd4b6695 100644
--- a/openbsd-compat/bsd-getentropy.c
+++ b/openbsd-compat/bsd-getentropy.c
@@ -41,7 +41,7 @@
 #include "log.h"
 
 int
-getentropy(void *s, size_t len)
+_ssh_compat_getentropy(void *s, size_t len)
 {
 #ifdef WITH_OPENSSL
 	if (RAND_bytes(s, len) <= 0)
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 1835a9a5..3e2ebb60 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -70,7 +70,7 @@ int ftruncate(int filedes, off_t length);
 #endif
 
 #if defined(HAVE_DECL_GETENTROPY) && HAVE_DECL_GETENTROPY == 0
-int getentropy(void *, size_t);
+int _ssh_compat_getentropy(void *, size_t);
 #endif
 
 #ifndef HAVE_GETLINE

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list