[git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.12-13-gb1abc01

by Werner Koch cvs at cvs.gnupg.org
Wed Nov 7 19:34:56 CET 2012 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-1-4 has been updated
       via  b1abc01d4ad199258b3d2fb579ac06c6fea747fd (commit)
       via  a74f05c32deb12373111510d4395ad52eb53d342 (commit)
      from  6a41f385c496c180ee730ce80ff5653746410759 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b1abc01d4ad199258b3d2fb579ac06c6fea747fd
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Nov 7 18:06:27 2012 +0100

    Improve handling of random_seed read errors.
    
    * cipher/random.c (read_seed_file): Distinguish between errors and
    short reads.
    --
    
    This should help to avoid program aborts due to races.  Nevertheless a
    better and cross-platform locking would be a more solid solution.
    
    GnuPG-bug-id: 1439

diff --git a/cipher/random.c b/cipher/random.c
index caf35dd..b634161 100644
--- a/cipher/random.c
+++ b/cipher/random.c
@@ -489,14 +489,38 @@ read_seed_file(void)
 	close(fd);
 	return 0;
     }
+
     do {
 	n = read( fd, buffer, POOLSIZE );
     } while( n == -1 && errno == EINTR );
-    if( n != POOLSIZE ) {
+    /* The N==0, ENOENT, and N!=POOLSIZE cases may happen if another
+       process is updating the file.  For consistency we use the same
+       recovery strategy as with the pre-read checks.  */
+    if (!n) {
+        log_info(_("note: random_seed file is empty\n") );
+        allow_seed_file_update = 1;
+        close(fd);
+        return 0;
+    }
+    else if( n == -1 && errno == ENOENT) {
+        /* On a Unix system that should never happen.  However, I can
+           imagine this error code on non-inode based systems.  */
+	log_info(_("can't read `%s': %s\n"), seed_file_name, strerror(errno));
+        allow_seed_file_update = 1;
+	close(fd);
+	return 0;
+    }
+    else if( n == -1 ) {
+        /* A real read error.  */
 	log_fatal(_("can't read `%s': %s\n"), seed_file_name,strerror(errno) );
 	close(fd);
 	return 0;
     }
+    else if ( n != POOLSIZE ) {
+        log_info(_("WARNING: invalid size of random_seed file - not used\n") );
+	close(fd);
+	return 0;
+    }
 
     close(fd);
 

commit a74f05c32deb12373111510d4395ad52eb53d342
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Nov 7 18:00:45 2012 +0100

    Remove trailing white space from one file
    
    --

diff --git a/cipher/random.c b/cipher/random.c
index 460c2af..caf35dd 100644
--- a/cipher/random.c
+++ b/cipher/random.c
@@ -155,7 +155,7 @@ getfnc_gather_random (void))(void (*)(const void*, size_t, int), int,
 {
 #ifdef USE_ALL_RANDOM_MODULES
   static int (*fnc)(void (*)(const void*, size_t, int), int, size_t, int);
-  
+
   if (fnc)
     return fnc;
 # ifdef USE_RNDLINUX
@@ -231,7 +231,7 @@ static void
 burn_stack (int bytes)
 {
     char buf[128];
-    
+
     wipememory(buf,sizeof buf);
     bytes -= sizeof buf;
     if (bytes > 0)
@@ -293,7 +293,7 @@ random_is_faked()
 }
 
 /* Disable locking of seed files. */
-void 
+void
 random_disable_locking ()
 {
   no_seed_file_locking = 1;
@@ -401,7 +401,7 @@ lock_seed_file (int fd, const char *fname, int for_write)
 
   if (no_seed_file_locking)
     return 0;
-  
+
   /* We take a lock on the entire file. */
   memset (&lck, 0, sizeof lck);
   lck.l_type = for_write? F_WRLCK : F_RDLCK;
@@ -417,7 +417,7 @@ lock_seed_file (int fd, const char *fname, int for_write)
 
       if (backoff > 2) /* Show the first message after ~3.75 seconds. */
         log_info( _("waiting for lock on `%s'...\n"), fname);
-      
+
       tv.tv_sec = backoff;
       tv.tv_usec = 250000;
       select (0, NULL, NULL, NULL, &tv);
@@ -569,10 +569,10 @@ update_random_seed_file()
                         seed_file_name, strerror (errno));
               return;
             }
-          
+
           if (backoff > 2) /* Show the first message after ~3.75 seconds. */
             log_info( _("waiting for lock on `%s'...\n"), seed_file_name);
-          
+
           wait_vms( backoff+ 0.25);
           if (backoff < 10)
             backoff++ ;
@@ -766,7 +766,7 @@ fast_random_poll()
     /* fall back to the generic function */
 #if defined(HAVE_GETHRTIME) && !defined(HAVE_BROKEN_GETHRTIME)
     {	hrtime_t tv;
-        /* On some Solaris and HPUX system gethrtime raises an SIGILL, but we 
+        /* On some Solaris and HPUX system gethrtime raises an SIGILL, but we
          * checked this with configure */
 	tv = gethrtime();
 	add_randomness( &tv, sizeof(tv), 1 );
@@ -801,11 +801,11 @@ fast_random_poll()
     {	struct rusage buf;
         /* QNX/Neutrino does return ENOSYS - so we just ignore it and
          * add whatever is in buf.  In a chroot environment it might not
-         * work at all (i.e. because /proc/ is not accessible), so we better 
+         * work at all (i.e. because /proc/ is not accessible), so we better
          * ignore all error codes and hope for the best
          */
         getrusage( RUSAGE_SELF, &buf );
-        
+
 	add_randomness( &buf, sizeof buf, 1 );
 	wipememory( &buf, sizeof buf );
     }

-----------------------------------------------------------------------

Summary of changes:
 cipher/random.c |   46 +++++++++++++++++++++++++++++++++++-----------
 1 files changed, 35 insertions(+), 11 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list