In message <20160524070954.ga17...@doctor.nl2k.ab.ca> on Tue, 24 May 2016
01:09:55 -0600, The Doctor <doc...@doctor.nl2k.ab.ca> said:
doctor> On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte wrote:
doctor> > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 May
2016 01:04:29 -0600, The Doctor <doc...@doctor.nl2k.ab.ca> said:
doctor> >
doctor> > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote:
doctor> > doctor> >
doctor> > doctor> > when executing
doctor> > doctor> >
doctor> > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss
-days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions
v3_ca
doctor> > doctor> >
doctor> > doctor> > during the test phase, it looks as if the test hangs.
doctor> > doctor> >
doctor> > doctor> > Please look into this.
doctor> > doctor> >
doctor> > doctor>
doctor> > doctor>
doctor> > doctor> This issue now exists in 20160523 .
doctor> > doctor>
doctor> > doctor> Please look into this showstopper.
doctor> >
doctor> > Can't reproduce. I've tried on Linux (Debian bleeding edge) and
doctor> > FreeBSD (8.4-RELEASE-p14). However, I did it with the default config
doctor> > (BSD-x86_64, which is what ./config gives me automagically, and no
doctor> > extra options), please remind me of yours.
doctor> >
doctor>
doctor> All right, what changed between 20160520 and 20160521 ?
doctor>
doctor> Simple question. That is the source of the showstopper.
I'm attaching the only change that I can think makes a difference.
Try a 'patch -R -p1 < xopen_source.patch' and see if that changes
anything.
I don't think we're going to back off from that change, so if you can
help us figure out what goes wrong with it on your system and how to
improve the change, that's be great.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
commit e10b54ca32280d9fec20085f404dcdcf2217c90e
Author: Andy Polyakov <ap...@openssl.org>
Date: Mon May 16 16:44:33 2016 +0200
rand/randfile.c: remove _XOPEN_SOURCE definition.
Defintions of macros similar to _XOPEN_SOURCE belong in command line
or in worst case prior first #include directive in source. As for
macros is was allegedly controlling. One can argue that we are
probably better off demanding S_IS* macros but there are systems
that just don't comply, hence this compromise solution...
Reviewed-by: Rich Salz <rs...@openssl.org>
(cherry picked from commit 2e6d7799ffc47604d06e0465afeb84b91aff8006)
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 9537c56..76bdb9a 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -56,11 +56,6 @@
* [including the GNU Public Licence.]
*/
-/* We need to define this to get macros like S_IFBLK and S_IFCHR */
-#if !defined(OPENSSL_SYS_VXWORKS)
-# define _XOPEN_SOURCE 500
-#endif
-
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
@@ -80,6 +75,29 @@
#ifndef OPENSSL_NO_POSIX_IO
# include <sys/stat.h>
# include <fcntl.h>
+/*
+ * Following should not be needed, and we could have been stricter
+ * and demand S_IS*. But some systems just don't comply... Formally
+ * below macros are "anatomically incorrect", because normally they
+ * would look like ((m) & MASK == TYPE), but since MASK availability
+ * is as questionable, we settle for this poor-man fallback...
+ */
+# if !defined(S_ISBLK)
+# if defined(_S_IFBLK)
+# define S_ISBLK(m) ((m) & _S_IFBLK)
+# elif defined(S_IFBLK)
+# define S_ISBLK(m) ((m) & S_IFBLK)
+# elif defined(_WIN32)
+# define S_ISBLK(m) 0 /* no concept of block devices on Windows */
+# endif
+# endif
+# if !defined(S_ISCHR)
+# if defined(_S_IFCHR)
+# define S_ISCHR(m) ((m) & _S_IFCHR)
+# elif defined(S_IFCHR)
+# define S_ISCHR(m) ((m) & S_IFCHR)
+# endif
+# endif
#endif
#ifdef _WIN32
@@ -151,8 +169,8 @@ int RAND_load_file(const char *file, long bytes)
#endif
if (in == NULL)
goto err;
-#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
- if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
+#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO)
+ if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
/*
* this file is a device. we don't want read an infinite number of
* bytes from a random device, nor do we want to use buffered I/O
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
