From 3fbc1b4027aa696892315b7fbaeb6a4d9f00b226 Mon Sep 17 00:00:00 2001 From: div72 Date: Wed, 3 Jul 2024 18:20:56 +0300 Subject: [PATCH 1/3] build: add missing randomness checks in configure.ac 1a6f0015e1012d3449b8e8fee3d9e17ca1962961 introduced code using new defines from checks not implemented yet. This is ok as the fallback code that reads /dev/urandom is triggered instead but let's use the proper interface. --- configure.ac | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/configure.ac b/configure.ac index 9aedbfc434..8ba13ccb59 100755 --- a/configure.ac +++ b/configure.ac @@ -912,22 +912,43 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include ]], ) # Check for different ways of gathering OS randomness -AC_MSG_CHECKING(for Linux getrandom syscall) -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include - #include - #include ]], - [[ syscall(SYS_getrandom, nullptr, 32, 0); ]])], - [ AC_MSG_RESULT(yes); AC_DEFINE(HAVE_SYS_GETRANDOM, 1,[Define this symbol if the Linux getrandom system call is available]) ], - [ AC_MSG_RESULT(no)] +AC_MSG_CHECKING([for Linux getrandom function]) +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include ]], + [[ getrandom(nullptr, 32, 0); ]])], + [ AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GETRANDOM], [1], [Define this symbol if the Linux getrandom function call is available]) ], + [ AC_MSG_RESULT([no])] +) + +AC_MSG_CHECKING([for getentropy via sys/random.h]) +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include ]], + [[ getentropy(nullptr, 32) ]])], + [ AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GETENTROPY_RAND], [1], [Define this symbol if the BSD getentropy system call is available with sys/random.h]) ], + [ AC_MSG_RESULT([no])] +) + +AC_MSG_CHECKING([for sysctl]) +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include + #include ]], + [[ #ifdef __linux__ + #error "Don't use sysctl on Linux, it's deprecated even when it works" + #endif + sysctl(nullptr, 2, nullptr, nullptr, nullptr, 0); ]])], + [ AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_SYSCTL], [1], [Define this symbol if the BSD sysctl() is available]) ], + [ AC_MSG_RESULT([no])] ) -AC_MSG_CHECKING(for sysctl KERN_ARND) +AC_MSG_CHECKING([for sysctl KERN_ARND]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include #include ]], - [[ static const int name[2] = {CTL_KERN, KERN_ARND}; + [[ #ifdef __linux__ + #error "Don't use sysctl on Linux, it's deprecated even when it works" + #endif + static int name[2] = {CTL_KERN, KERN_ARND}; sysctl(name, 2, nullptr, nullptr, nullptr, 0); ]])], - [ AC_MSG_RESULT(yes); AC_DEFINE(HAVE_SYSCTL_ARND, 1,[Define this symbol if the BSD sysctl(KERN_ARND) is available]) ], - [ AC_MSG_RESULT(no)] + [ AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_SYSCTL_ARND], [1], [Define this symbol if the BSD sysctl(KERN_ARND) is available]) ], + [ AC_MSG_RESULT([no])] ) # LevelDB platform checks From 156f0fc185a123f159000d8d55d2d1e98f12fa61 Mon Sep 17 00:00:00 2001 From: div72 Date: Wed, 3 Jul 2024 18:34:30 +0300 Subject: [PATCH 2/3] build: add missing randomness checks in CMakeLists.txt See the previous commit. --- CMakeLists.txt | 7 ++++--- src/config/gridcoin-config.h.cmake.in | 8 +++----- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 1d5537c267..ed8c8075dd 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -331,9 +331,10 @@ if(NOT HAVE_GMTIME_R) endif() endif() -check_symbol_exists(SYS_getrandom "sys/syscall.h" HAVE_SYS_GETRANDOM) -check_symbol_exists(getentropy "unistd.h" HAVE_GETENTROPY) -check_symbol_exists(KERN_ARND "sys/sysctl.h" HAVE_SYSCTL_ARND) +check_symbol_exists(getrandom "sys/random.h" HAVE_GETRANDOM) +check_symbol_exists(getentropy "sys/random.h" HAVE_GETENTROPY_RAND) +check_symbol_exists(sysctl "sys/sysctl.h" "sys/types.h" HAVE_SYSCTL) +check_symbol_exists(KERN_ARND "sys/sysctl.h" "sys/types.h" HAVE_SYSCTL_ARND) check_symbol_exists(O_CLOEXEC "fcntl.h" HAVE_O_CLOEXEC) check_symbol_exists(getauxval "sys/auxv.h" HAVE_STRONG_GETAUXVAL) diff --git a/src/config/gridcoin-config.h.cmake.in b/src/config/gridcoin-config.h.cmake.in index 94a13f41a3..3449c78498 100644 --- a/src/config/gridcoin-config.h.cmake.in +++ b/src/config/gridcoin-config.h.cmake.in @@ -66,11 +66,9 @@ #cmakedefine01 HAVE_SYSTEM #cmakedefine HAVE_GMTIME_R -// Define if the Linux getrandom system call is available -#cmakedefine HAVE_SYS_GETRANDOM -// Define if the BSD getentropy system call is available -#cmakedefine HAVE_GETENTROPY -// Define if the BSD sysctl(KERN_ARND) is available +#cmakedefine HAVE_GETRANDOM +#cmakedefine HAVE_GETENTROPY_RAND +#cmakedefine HAVE_SYSCTL #cmakedefine HAVE_SYSCTL_ARND #cmakedefine01 HAVE_O_CLOEXEC From 128035d5e86db8d640d2d81bf3b8bfe916b9d674 Mon Sep 17 00:00:00 2001 From: div72 Date: Mon, 15 Jul 2024 16:46:57 +0300 Subject: [PATCH 3/3] refactor: replace be32enc with WriteBE32 be32enc is a function on BSDs which can lead to conflicts. Use the WriteBE32 function that's used in crypto code instead. --- src/pbkdf2.cpp | 31 ++++--------------------------- 1 file changed, 4 insertions(+), 27 deletions(-) diff --git a/src/pbkdf2.cpp b/src/pbkdf2.cpp index bcd75f3f86..9a20e0aa6d 100644 --- a/src/pbkdf2.cpp +++ b/src/pbkdf2.cpp @@ -1,33 +1,10 @@ // Copyright (c) 2013 NovaCoin Developers -#include -#include "pbkdf2.h" - -// Only commented out since it will be used in Big endian support -// in the future. -/* -static inline uint32_t -be32dec(const void *pp) -{ - const uint8_t *p = (uint8_t const *)pp; - - return ((uint32_t)(p[3]) + ((uint32_t)(p[2]) << 8) + - ((uint32_t)(p[1]) << 16) + ((uint32_t)(p[0]) << 24)); -} -*/ +#include +#include -#ifndef __FreeBSD__ -static inline void -be32enc(void *pp, uint32_t x) -{ - uint8_t * p = (uint8_t *)pp; +#include - p[3] = x & 0xff; - p[2] = (x >> 8) & 0xff; - p[1] = (x >> 16) & 0xff; - p[0] = (x >> 24) & 0xff; -} -#endif /** * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen): @@ -54,7 +31,7 @@ PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt, /* Iterate through the blocks. */ for (i = 0; i * 32 < dkLen; i++) { /* Generate INT(i + 1). */ - be32enc(ivec, (uint32_t)(i + 1)); + WriteBE32(ivec, (uint32_t)(i + 1)); /* Compute U_1 = PRF(P, S || INT(i)). */ CHMAC_SHA256 U_1 = salted;