367601 – fake-dev-random should not be used unconditionally

Bug 367601 - fake-dev-random should not be used unconditionally

Summary: fake-dev-random should not be used unconditionally

Status:	RESOLVED FIXED

Alias:	None

Product:	trojita
Classification:	Unmaintained
Component:	Cryptography (show other bugs)
Version:	git
Platform:	Compiled Sources OpenBSD

Importance:	NOR normal
Target Milestone:	---
Assignee:	Trojita default assignee

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-08-20 11:10 UTC by Caspar Schutijser
Modified:	2016-09-01 18:59 UTC (History)
CC List:	0 users

See Also:
Latest Commit:	http://commits.kde.org/trojita/1311c5afd1f4b5a17c946c245d7ec30d39a22eb4
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Caspar Schutijser 2016-08-20 11:10:03 UTC

The fake-dev-random library, used in some Cryptography unit tests, should not be used unconditionally. On OpenBSD, I am not able to compile trojita when I enable the tests:


gmake -f CMakeFiles/fake-dev-random.dir/build.make CMakeFiles/fake-dev-random.dir/build
gmake[2]: Entering directory '/home/caspar/src/trojita/_build'
[ 56%] Building C object CMakeFiles/fake-dev-random.dir/tests/Utils/fake-dev-random.c.o
/usr/local/bin/egcc  -DQT_STRICT_ITERATORS -DQT_USE_FAST_CONCATENATION -DQT_USE_FAST_OPERATOR_PLUS -DQT_USE_QSTRINGBUILDER -Dfake_dev_random_EXPORTS -I/home/caspar/src/trojita/src -I/home/caspar/src/trojita/_build  -g -fPIC   -o CMakeFiles/fake-dev-random.dir/tests/Utils/fake-dev-random.c.o   -c /home/caspar/src/trojita/tests/Utils/fake-dev-random.c
/home/caspar/src/trojita/tests/Utils/fake-dev-random.c:10:24: fatal error: bits/fcntl.h: No such file or directory
 #include <bits/fcntl.h>
                        ^
compilation terminated.


The same problem probably applies to some other non-Linux operating systems too.

There is no need to make it compile on OpenBSD; /dev/random does not block there.

The commit message that introduced this file (commit f29e5b1d84425965dfa3eee89b8b370c551ddd90) states the following: "Regarding the test suite -- the /dev/urandom faking is needed for pre-2.1 GnuPG.". In my humble opinion, it's unfortunate that the fake-dev-random hack is used regardless of the GnuPG version.

Reproducible: Always

Comment 1 Jan Kundrát 2016-08-29 11:08:37 UTC

See https://bugs.kde.org/show_bug.cgi?id=367601 for a workaround. I'll be happy to accept patches which skip the LD_PRELOAD use on OpenBSD -- simply skipping the export in keygen.sh (and maybe its building in the cmake if you want to be fancy) should be enough.

Comment 2 Jan Kundrát 2016-09-01 18:59:42 UTC

Git commit 1311c5afd1f4b5a17c946c245d7ec30d39a22eb4 by Jan Kundrát.
Committed on 29/08/2016 at 11:06.
Pushed by gerrit into branch 'master'.

tests: Remove Linux-specific includes for dlsym

The dlsym(RTLD_NEXT) appears to be reasonably portable (it's POSIX,
except the minor RTLD_NEXT and _GNU_SOURCE on glibc), so let's use this
thing to fix a build failure on OpenBSD.

We are doing this because GnuPG 2.1+ is still not really that
mainstream and because faking the random generator just for the tests at
all platforms simplifies the test matrix. Alternatives such as GnuPG
version detection are IMHO too fancy.
Change-Id: Icf0001a20c6e2901a88b65a705059d687951b1fb

M  +1    -4    tests/Utils/fake-dev-random.c

http://commits.kde.org/trojita/1311c5afd1f4b5a17c946c245d7ec30d39a22eb4