mirror of
https://github.com/qpdf/qpdf.git
synced 2024-10-31 19:02:30 +00:00
Move random number device check to runtime (fixes #1022)
Having it at compile time breaks cross-compilation and isn't really right anyway.
This commit is contained in:
parent
2b4dcb33aa
commit
87765bace9
@ -1,3 +1,10 @@
|
||||
2023-09-03 Jay Berkenbilt <ejb@ql.org>
|
||||
|
||||
* Move check for random number device to runtime instead of
|
||||
compile time. Since, by default, the crypto provider provides
|
||||
random numbers, runtime determinination of a random number device
|
||||
is usually not needed. Fixes #1022.
|
||||
|
||||
2023-09-02 Jay Berkenbilt <ejb@ql.org>
|
||||
|
||||
* Bug fix from M. Holger: allow fix-qdf to read from pipe. Fixes #1010.
|
||||
|
@ -320,8 +320,6 @@ check_symbol_exists(fseeko "stdio.h" HAVE_FSEEKO)
|
||||
check_symbol_exists(fseeko64 "stdio.h" HAVE_FSEEKO64)
|
||||
check_symbol_exists(localtime_r "time.h" HAVE_LOCALTIME_R)
|
||||
check_symbol_exists(random "stdlib.h" HAVE_RANDOM)
|
||||
find_file(RANDOM_DEVICE
|
||||
"urandom" "arandom" "arandom" PATHS "/dev" NO_DEFAULT_PATH)
|
||||
|
||||
check_c_source_compiles(
|
||||
"#include <time.h>
|
||||
|
@ -87,24 +87,27 @@ SecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)
|
||||
throw std::runtime_error("unable to generate secure random data");
|
||||
}
|
||||
|
||||
# elif defined(RANDOM_DEVICE)
|
||||
# else
|
||||
static std::unique_ptr<QUtil::FileCloser> random_device = []() {
|
||||
FILE* f = fopen("/dev/urandom", "rb");
|
||||
if (f == nullptr) {
|
||||
f = fopen("/dev/arandom", "rb");
|
||||
}
|
||||
if (f == nullptr) {
|
||||
f = fopen("/dev/random", "rb");
|
||||
}
|
||||
if (f == nullptr) {
|
||||
throw std::runtime_error("unable to find device in /dev for generating random numbers");
|
||||
}
|
||||
return std::make_unique<QUtil::FileCloser>(f);
|
||||
}();
|
||||
|
||||
// Optimization: wrap the file open and close in a class so that the file is closed in a
|
||||
// destructor, then make this static to keep the file handle open. Only do this if it can be
|
||||
// done in a thread-safe fashion.
|
||||
FILE* f = QUtil::safe_fopen(RANDOM_DEVICE, "rb");
|
||||
size_t fr = fread(data, 1, len, f);
|
||||
fclose(f);
|
||||
size_t fr = fread(data, 1, len, random_device->f);
|
||||
if (fr != len) {
|
||||
throw std::runtime_error(
|
||||
"unable to read " + std::to_string(len) + " bytes from " + std::string(RANDOM_DEVICE));
|
||||
"unable to read " + std::to_string(len) + " bytes from random number device");
|
||||
}
|
||||
|
||||
# else
|
||||
|
||||
# error \
|
||||
"Don't know how to generate secure random numbers on this platform. See random number generation in the top-level README.md"
|
||||
|
||||
# endif
|
||||
}
|
||||
|
||||
|
@ -24,8 +24,5 @@
|
||||
#cmakedefine HAVE_MALLOC_INFO 1
|
||||
#cmakedefine HAVE_OPEN_MEMSTREAM 1
|
||||
|
||||
/* system random device (e.g. /dev/random) if any */
|
||||
#cmakedefine RANDOM_DEVICE "${RANDOM_DEVICE}"
|
||||
|
||||
/* bytes in the size_t type */
|
||||
#cmakedefine SIZEOF_SIZE_T ${SIZEOF_SIZE_T}
|
||||
|
Loading…
Reference in New Issue
Block a user