Title: [218814] trunk/Source/WebKit2
- Revision
- 218814
- Author
- [email protected]
- Date
- 2017-06-26 11:01:22 -0700 (Mon, 26 Jun 2017)
Log Message
[GCrypt] Properly initialize libgcrypt before using it
https://bugs.webkit.org/show_bug.cgi?id=173589
Reviewed by Michael Catanzaro.
Initialize libgcrypt in the Unix-specific main() entrypoint. This is early enough
to ensure no other libgcrypt API function is invoked and to also ensure this is
done in a thread-safe manner.
Initialization is initiated through the gcry_check_version() call. 16 kilobytes of
secure memory is pre-allocated before we mark the initialization as complete, as
recommended by the libgcrypt documentation.
* WebProcess/EntryPoint/unix/WebProcessMain.cpp:
(main):
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (218813 => 218814)
--- trunk/Source/WebKit2/ChangeLog 2017-06-26 18:00:40 UTC (rev 218813)
+++ trunk/Source/WebKit2/ChangeLog 2017-06-26 18:01:22 UTC (rev 218814)
@@ -1,3 +1,21 @@
+2017-06-26 Zan Dobersek <[email protected]>
+
+ [GCrypt] Properly initialize libgcrypt before using it
+ https://bugs.webkit.org/show_bug.cgi?id=173589
+
+ Reviewed by Michael Catanzaro.
+
+ Initialize libgcrypt in the Unix-specific main() entrypoint. This is early enough
+ to ensure no other libgcrypt API function is invoked and to also ensure this is
+ done in a thread-safe manner.
+
+ Initialization is initiated through the gcry_check_version() call. 16 kilobytes of
+ secure memory is pre-allocated before we mark the initialization as complete, as
+ recommended by the libgcrypt documentation.
+
+ * WebProcess/EntryPoint/unix/WebProcessMain.cpp:
+ (main):
+
2017-06-26 Jeremy Jones <[email protected]>
When Mission Control closes fullscreen window, allow media element to update its state.
Modified: trunk/Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp (218813 => 218814)
--- trunk/Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp 2017-06-26 18:00:40 UTC (rev 218813)
+++ trunk/Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp 2017-06-26 18:01:22 UTC (rev 218814)
@@ -27,6 +27,10 @@
#include <cstdlib>
+#if USE(GCRYPT)
+#include <gcrypt.h>
+#endif
+
using namespace WebKit;
int main(int argc, char** argv)
@@ -41,5 +45,15 @@
// WARNING: This needs to be KEPT IN SYNC with WebProcessMain.cpp.
setenv("G_TLS_GNUTLS_PRIORITY", "NORMAL:%COMPAT:!VERS-SSL3.0:!ARCFOUR-128", 0);
+#if USE(GCRYPT)
+ // Call gcry_check_version() before any other libgcrypt call, ignoring the
+ // returned version string.
+ gcry_check_version(nullptr);
+
+ // Pre-allocate 16kB of secure memory and finish the initialization.
+ gcry_control(GCRYCTL_INIT_SECMEM, 16384, nullptr);
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, nullptr);
+#endif
+
return WebProcessMainUnix(argc, argv);
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
