Hi, Please find attached support for Haiku, patched against the libressl portability release.
This also includes fixes to the Makefile in man that erroneously tries to install files to the same location twice. Kindest Regards, Jessica Hamilton >From a14498eed7fa985255a9390ca540c67edf4bde6c Mon Sep 17 00:00:00 2001 From: Jessica Hamilton <[email protected]> Date: Sat, 26 Jul 2014 16:32:09 +0000 Subject: Platform support for Haiku diff --git a/configure.ac b/configure.ac index 797c165..fa134c3 100644 --- a/configure.ac +++ b/configure.ac @@ -28,6 +28,10 @@ case $host_os in *mingw*) HOST_OS=win32 ;; + *haiku*) + HOST_OS=haiku; + AC_SUBST([PLATFORM_LDADD], ['-lnetwork']) + ;; *) ;; esac @@ -35,6 +39,7 @@ AM_CONDITIONAL(HOST_DARWIN, test x$HOST_OS = xdarwin) AM_CONDITIONAL(HOST_LINUX, test x$HOST_OS = xlinux) AM_CONDITIONAL(HOST_SOLARIS, test x$HOST_OS = xsolaris) AM_CONDITIONAL(HOST_WIN, test x$HOST_OS = xwin) +AM_CONDITIONAL(HOST_HAIKU, test x$HOST_OS = xhaiku) AC_CHECK_FUNC([clock_gettime],, [AC_SEARCH_LIBS([clock_gettime],[rt posix4])]) diff --git a/crypto/Makefile.am b/crypto/Makefile.am index 4e671d1..2b57bd7 100644 --- a/crypto/Makefile.am +++ b/crypto/Makefile.am @@ -61,6 +61,9 @@ endif if HOST_WIN libcompat_la_SOURCES += compat/getentropy_win.c endif +if HOST_HAIKU +libcompat_la_SOURCES += compat/getentropy_haiku.c +endif endif endif @@ -78,6 +81,7 @@ noinst_HEADERS += compat/arc4random_linux.h noinst_HEADERS += compat/arc4random_osx.h noinst_HEADERS += compat/arc4random_solaris.h noinst_HEADERS += compat/arc4random_win.h +noinst_HEADERS += compat/arc4random_haiku.h noinst_HEADERS += compat/chacha_private.h libcrypto_la_SOURCES = EXTRA_libcrypto_la_SOURCES = diff --git a/crypto/compat/arc4random.h b/crypto/compat/arc4random.h index e4ecd06..61143d7 100644 --- a/crypto/compat/arc4random.h +++ b/crypto/compat/arc4random.h @@ -14,3 +14,6 @@ #include "arc4random_win.h" #endif +#ifdef __HAIKU__ +#include "arc4random_haiku.h" +#endif diff --git a/crypto/compat/arc4random_haiku.h b/crypto/compat/arc4random_haiku.h new file mode 100644 index 0000000..82cb4dd --- /dev/null +++ b/crypto/compat/arc4random_haiku.h @@ -0,0 +1,79 @@ +/* $OpenBSD: arc4random_solaris.h,v 1.6 2014/07/19 15:29:25 bcook Exp $ */ + +/* + * Copyright (c) 1996, David Mazieres <[email protected]> + * Copyright (c) 2008, Damien Miller <[email protected]> + * Copyright (c) 2013, Markus Friedl <[email protected]> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Stub functions for portability. + */ + +#include <sys/mman.h> + +#include <pthread.h> +#include <signal.h> + +static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; +#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) +#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) + +#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) + +static inline void +_getentropy_fail(void) +{ + raise(SIGKILL); +} + +static volatile sig_atomic_t _rs_forked; + +static inline void +_rs_forkhandler(void) +{ + _rs_forked = 1; +} + +static inline void +_rs_forkdetect(void) +{ + static pid_t _rs_pid = 0; + pid_t pid = getpid(); + + if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { + _rs_pid = pid; + _rs_forked = 0; + if (rs) + memset(rs, 0, sizeof(*rs)); + } +} + +static inline int +_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) +{ + if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, + MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) + return (-1); + + if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, + MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { + munmap(*rsxp, sizeof(**rsxp)); + return (-1); + } + + _ARC4_ATFORK(_rs_forkhandler); + return (0); +} diff --git a/crypto/compat/getentropy_haiku.c b/crypto/compat/getentropy_haiku.c new file mode 100644 index 0000000..60495e5 --- /dev/null +++ b/crypto/compat/getentropy_haiku.c @@ -0,0 +1,408 @@ +/* $OpenBSD: getentropy_solaris.c,v 1.8 2014/07/19 16:12:00 deraadt Exp $ */ + +/* + * Copyright (c) 2014 Theo de Raadt <[email protected]> + * Copyright (c) 2014 Bob Beck <[email protected]> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Emulation of getentropy(2) as documented at: + * http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2 + */ + +#include <sys/types.h> +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/resource.h> +#include <sys/statvfs.h> +#include <sys/socket.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <stdlib.h> +#include <stdint.h> +#include <stdio.h> +#include <termios.h> +#include <fcntl.h> +#include <signal.h> +#include <string.h> +#include <errno.h> +#include <unistd.h> +#include <time.h> +#include <openssl/sha.h> + +#include <sys/statvfs.h> + +#define REPEAT 5 +#define min(a, b) (((a) < (b)) ? (a) : (b)) + +#define HX(a, b) \ + do { \ + if ((a)) \ + HD(errno); \ + else \ + HD(b); \ + } while (0) + +#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) +#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) +#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) + +int getentropy(void *buf, size_t len); + +static int gotdata(char *buf, size_t len); +static int getentropy_urandom(void *buf, size_t len); +static int getentropy_fallback(void *buf, size_t len); + +extern int secure_random_value(); + +int +getentropy(void *buf, size_t len) +{ + int ret = -1; + + if (len > 256) { + errno = EIO; + return -1; + } + + /* + * Try to get entropy with /dev/urandom + * + * This can fail if the process is inside a chroot which lacks + * the devfs mount, or if file descriptors are exhausted. + */ + ret = getentropy_urandom(buf, len); + if (ret != -1) + return (ret); + + /* + * Entropy collection via /dev/urandom has failed. + * + * No other API exists for collecting entropy, and we have + * no failsafe way to get it on Solaris that is not sensitive + * to resource exhaustion. + * + * We have very few options: + * - Even syslog_r is unsafe to call at this low level, so + * there is no way to alert the user or program. + * - Cannot call abort() because some systems have unsafe + * corefiles. + * - Could raise(SIGKILL) resulting in silent program termination. + * - Return EIO, to hint that arc4random's stir function + * should raise(SIGKILL) + * - Do the best under the circumstances.... + * + * This code path exists to bring light to the issue that Solaris + * does not provide a failsafe API for entropy collection. + * + * We hope this demonstrates that Solaris should consider + * providing a new failsafe API which works in a chroot or + * when file descriptors are exhausted. + */ + ret = secure_random_value(); +#undef FAIL_INSTEAD_OF_TRYING_FALLBACK +#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK + raise(SIGKILL); +#endif + ret = getentropy_fallback(buf, len); + if (ret != -1) + return (ret); + + errno = EIO; + return (ret); +} + +/* + * Basic sanity checking; wish we could do better. + */ +static int +gotdata(char *buf, size_t len) +{ + char any_set = 0; + size_t i; + + for (i = 0; i < len; ++i) + any_set |= buf[i]; + if (any_set == 0) + return -1; + return 0; +} + +static int +getentropy_urandom(void *buf, size_t len) +{ + struct stat st; + size_t i; + int fd, flags; + int save_errno = errno; + +start: + + flags = O_RDONLY; +#ifdef O_NOFOLLOW + flags |= O_NOFOLLOW; +#endif +#ifdef O_CLOEXEC + flags |= O_CLOEXEC; +#endif + fd = open("/dev/urandom", flags, 0); + if (fd == -1) { + if (errno == EINTR) + goto start; + goto nodevrandom; + } +#ifndef O_CLOEXEC + fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); +#endif + + /* Lightly verify that the device node looks sane */ + if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { + close(fd); + goto nodevrandom; + } + for (i = 0; i < len; ) { + size_t wanted = len - i; + ssize_t ret = read(fd, (char *)buf + i, wanted); + + if (ret == -1) { + if (errno == EAGAIN || errno == EINTR) + continue; + close(fd); + goto nodevrandom; + } + i += ret; + } + close(fd); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } +nodevrandom: + errno = EIO; + return -1; +} + +static const int cl[] = { + CLOCK_REALTIME, +#ifdef CLOCK_MONOTONIC + CLOCK_MONOTONIC, +#endif +#ifdef CLOCK_MONOTONIC_RAW + CLOCK_MONOTONIC_RAW, +#endif +#ifdef CLOCK_TAI + CLOCK_TAI, +#endif +#ifdef CLOCK_VIRTUAL + CLOCK_VIRTUAL, +#endif +#ifdef CLOCK_UPTIME + CLOCK_UPTIME, +#endif +#ifdef CLOCK_PROCESS_CPUTIME_ID + CLOCK_PROCESS_CPUTIME_ID, +#endif +#ifdef CLOCK_THREAD_CPUTIME_ID + CLOCK_THREAD_CPUTIME_ID, +#endif +}; + +static int +getentropy_fallback(void *buf, size_t len) +{ + uint8_t results[SHA512_DIGEST_LENGTH]; + int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; + static int cnt; + struct timespec ts; + struct timeval tv; + double loadavg[3]; + struct rusage ru; + sigset_t sigset; + struct stat st; + SHA512_CTX ctx; + static pid_t lastpid; + pid_t pid; + size_t i, ii, m; + char *p; + + pid = getpid(); + if (lastpid == pid) { + faster = 1; + repeat = 2; + } else { + faster = 0; + lastpid = pid; + repeat = REPEAT; + } + for (i = 0; i < len; ) { + int j; + SHA512_Init(&ctx); + for (j = 0; j < repeat; j++) { + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) + HX(clock_gettime(cl[ii], &ts) == -1, ts); + + HX((pid = getpid()) == -1, pid); + HX((pid = getsid(pid)) == -1, pid); + HX((pid = getppid()) == -1, pid); + HX((pid = getpgid(0)) == -1, pid); + HX((e = getpriority(0, 0)) == -1, e); + HX((getloadavg(loadavg, 3) == -1), loadavg); + + if (!faster) { + ts.tv_sec = 0; + ts.tv_nsec = 1; + (void) nanosleep(&ts, NULL); + } + + HX(sigpending(&sigset) == -1, sigset); + HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, + sigset); + + HF(getentropy); /* an addr in this library */ + HF(printf); /* an addr in libc */ + p = (char *)&p; + HD(p); /* an addr on stack */ + p = (char *)&errno; + HD(p); /* the addr of errno */ + + if (i == 0) { + struct sockaddr_storage ss; + struct statvfs stvfs; + struct termios tios; + socklen_t ssl; + off_t off; + + /* + * Prime-sized mappings encourage fragmentation; + * thus exposing some address entropy. + */ + struct mm { + size_t npg; + void *p; + } mm[] = { + { 17, MAP_FAILED }, { 3, MAP_FAILED }, + { 11, MAP_FAILED }, { 2, MAP_FAILED }, + { 5, MAP_FAILED }, { 3, MAP_FAILED }, + { 7, MAP_FAILED }, { 1, MAP_FAILED }, + { 57, MAP_FAILED }, { 3, MAP_FAILED }, + { 131, MAP_FAILED }, { 1, MAP_FAILED }, + }; + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + HX(mm[m].p = mmap(NULL, + mm[m].npg * pgs, + PROT_READ|PROT_WRITE, + MAP_PRIVATE|MAP_ANON, -1, + (off_t)0), mm[m].p); + if (mm[m].p != MAP_FAILED) { + size_t mo; + + /* Touch some memory... */ + p = mm[m].p; + mo = cnt % + (mm[m].npg * pgs - 1); + p[mo] = 1; + cnt += (int)((long)(mm[m].p) + / pgs); + } + + /* Check cnts and times... */ + for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); + ii++) { + HX((e = clock_gettime(cl[ii], + &ts)) == -1, ts); + if (e != -1) + cnt += (int)ts.tv_nsec; + } + + HX((e = getrusage(RUSAGE_SELF, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + if (mm[m].p != MAP_FAILED) + munmap(mm[m].p, mm[m].npg * pgs); + mm[m].p = MAP_FAILED; + } + + HX(stat(".", &st) == -1, st); + HX(statvfs(".", &stvfs) == -1, stvfs); + + HX(stat("/", &st) == -1, st); + HX(statvfs("/", &stvfs) == -1, stvfs); + + HX((e = fstat(0, &st)) == -1, st); + if (e == -1) { + if (S_ISREG(st.st_mode) || + S_ISFIFO(st.st_mode) || + S_ISSOCK(st.st_mode)) { + HX(fstatvfs(0, &stvfs) == -1, + stvfs); + HX((off = lseek(0, (off_t)0, + SEEK_CUR)) < 0, off); + } + if (S_ISCHR(st.st_mode)) { + HX(tcgetattr(0, &tios) == -1, + tios); + } else if (S_ISSOCK(st.st_mode)) { + memset(&ss, 0, sizeof ss); + ssl = sizeof(ss); + HX(getpeername(0, + (void *)&ss, &ssl) == -1, + ss); + } + } + + HX((e = getrusage(RUSAGE_CHILDREN, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } else { + /* Subsequent hashes absorb previous result */ + HD(results); + } + + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + HD(cnt); + } + SHA512_Final(results, &ctx); + memcpy((char *)buf + i, results, min(sizeof(results), len - i)); + i += min(sizeof(results), len - i); + } + explicit_bzero(&ctx, sizeof ctx); + explicit_bzero(results, sizeof results); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } + errno = EIO; + return -1; +} diff --git a/include/machine/endian.h b/include/machine/endian.h index 302d29e..5454864 100644 --- a/include/machine/endian.h +++ b/include/machine/endian.h @@ -22,6 +22,9 @@ #elif defined(__sun) #include <arpa/nameser_compat.h> +#elif defined(__HAIKU__) +#include <endian.h> + #else #include_next <machine/endian.h> diff --git a/man/Makefile.am b/man/Makefile.am index 15632d3..81d88fa 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -1,6 +1,7 @@ include $(top_srcdir)/Makefile.am.common dist_man_MANS= + dist_man_MANS += ASN1_OBJECT_new.3 dist_man_MANS += ASN1_STRING_length.3 dist_man_MANS += ASN1_STRING_new.3 @@ -773,7 +774,6 @@ install-data-hook: ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_get_cipherbynid.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_get_cipherbyobj.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_idea_cbc.3 - ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_idea_cbc.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_idea_cfb.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_idea_ecb.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_EncryptInit.3 $(DESTDIR)$(mandir)/man3/EVP_idea_ofb.3 @@ -800,8 +800,8 @@ install-data-hook: ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_set_signature_md.3 - ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_ctrl_str.3 - ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_get_default_digest_nid.3 + ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl_str.3 + ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_ctrl.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_get_default_digest_nid.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_new.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_new_id.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_new.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_dup.3 ln -f $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_new.3 $(DESTDIR)$(mandir)/man3/EVP_PKEY_CTX_free.3 -- 1.8.3.4 >From 3476684e7b0cffaedeb0340175988ceccb1a4bf8 Mon Sep 17 00:00:00 2001 From: Jessica Hamilton <[email protected]> Date: Sat, 26 Jul 2014 16:57:54 +0000 Subject: Disable getentropy_fallback. I'm not well-versed enough to fix this in a safe way for Haiku that's still somewhat secure. diff --git a/crypto/compat/getentropy_haiku.c b/crypto/compat/getentropy_haiku.c index 60495e5..2fb859b 100644 --- a/crypto/compat/getentropy_haiku.c +++ b/crypto/compat/getentropy_haiku.c @@ -62,7 +62,9 @@ int getentropy(void *buf, size_t len); static int gotdata(char *buf, size_t len); static int getentropy_urandom(void *buf, size_t len); +#if 0 static int getentropy_fallback(void *buf, size_t len); +#endif extern int secure_random_value(); @@ -115,10 +117,11 @@ getentropy(void *buf, size_t len) #ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK raise(SIGKILL); #endif +#if 0 ret = getentropy_fallback(buf, len); if (ret != -1) return (ret); - +#endif errno = EIO; return (ret); } @@ -193,6 +196,7 @@ nodevrandom: return -1; } +#if 0 static const int cl[] = { CLOCK_REALTIME, #ifdef CLOCK_MONOTONIC @@ -406,3 +410,4 @@ getentropy_fallback(void *buf, size_t len) errno = EIO; return -1; } +#endif -- 1.8.3.4 >From 4c66a09b491c85457ea0ace6988d920407ac2150 Mon Sep 17 00:00:00 2001 From: Jessica Hamilton <[email protected]> Date: Sat, 26 Jul 2014 17:33:39 +0000 Subject: Add stub for issetugid on Haiku diff --git a/crypto/Makefile.am b/crypto/Makefile.am index 2b57bd7..866271b 100644 --- a/crypto/Makefile.am +++ b/crypto/Makefile.am @@ -72,6 +72,9 @@ if NO_ISSETUGID if HOST_LINUX libcompat_la_SOURCES += compat/issetugid_linux.c endif +if HOST_HAIKU +libcompat_la_SOURCES += compat/issetugid_haiku.c +endif endif noinst_HEADERS = des/ncbc_enc.c diff --git a/crypto/compat/issetugid_haiku.c b/crypto/compat/issetugid_haiku.c new file mode 100644 index 0000000..9d460c2 --- /dev/null +++ b/crypto/compat/issetugid_haiku.c @@ -0,0 +1,13 @@ +/* + * issetugid implementation for Haiku, + * based on haiku/src/libs/bsd/issetugid.c + * Public domain + */ + +#include <unistd.h> + +int issetugid(void) +{ + // as long as Haiku is effectively a single user system, this will do + return 1; +} -- 1.8.3.4 >From 07a3ebe4fbf9ecea5596121fa41d210d2e647dcc Mon Sep 17 00:00:00 2001 From: Jessica Hamilton <[email protected]> Date: Sat, 26 Jul 2014 17:46:31 +0000 Subject: Fix a stray function call that I was testing. diff --git a/crypto/compat/getentropy_haiku.c b/crypto/compat/getentropy_haiku.c index 2fb859b..6c8503d 100644 --- a/crypto/compat/getentropy_haiku.c +++ b/crypto/compat/getentropy_haiku.c @@ -66,8 +66,6 @@ static int getentropy_urandom(void *buf, size_t len); static int getentropy_fallback(void *buf, size_t len); #endif -extern int secure_random_value(); - int getentropy(void *buf, size_t len) { @@ -92,12 +90,10 @@ getentropy(void *buf, size_t len) * Entropy collection via /dev/urandom has failed. * * No other API exists for collecting entropy, and we have - * no failsafe way to get it on Solaris that is not sensitive + * no failsafe way to get it on Haiku that is not sensitive * to resource exhaustion. * * We have very few options: - * - Even syslog_r is unsafe to call at this low level, so - * there is no way to alert the user or program. * - Cannot call abort() because some systems have unsafe * corefiles. * - Could raise(SIGKILL) resulting in silent program termination. @@ -105,14 +101,13 @@ getentropy(void *buf, size_t len) * should raise(SIGKILL) * - Do the best under the circumstances.... * - * This code path exists to bring light to the issue that Solaris + * This code path exists to bring light to the issue that Haiku * does not provide a failsafe API for entropy collection. * - * We hope this demonstrates that Solaris should consider + * We hope this demonstrates that Haiku should consider * providing a new failsafe API which works in a chroot or * when file descriptors are exhausted. */ - ret = secure_random_value(); #undef FAIL_INSTEAD_OF_TRYING_FALLBACK #ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK raise(SIGKILL); -- 1.8.3.4
