Re: openssh portable and libressl portable cause recursion between arc4random and RAND_bytes

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Sat, 12 Jul 2014, Hanno B?ck wrote:

> Hi,
> 
> Yesterday I tried to replace the system openssl in a gentoo system with
> libressl.
> 
> With openssh an interesting issue popped up:
> * RAND_bytes in libressl calls arc4random
> * arc4random is a compat function both in openssh and libressl
> * arc4random from openssh uses RAND_bytes

Right, I think we should just delay the checks for arc4random. I'd like
to sync arc4random.c, but that's a separate issue.

Can you tell me if this works for you?

Index: configure.ac
===================================================================
RCS file: /var/cvs/openssh/configure.ac,v
retrieving revision 1.577
diff -u -p -r1.577 configure.ac
--- configure.ac	3 Jul 2014 01:54:19 -0000	1.577
+++ configure.ac	13 Jul 2014 23:34:33 -0000
@@ -1575,10 +1575,6 @@ AC_CHECK_FUNCS([ \
 	Blowfish_expandstate \
 	Blowfish_expand0state \
 	Blowfish_stream2word \
-	arc4random \
-	arc4random_buf \
-	arc4random_stir \
-	arc4random_uniform \
 	asprintf \
 	b64_ntop \
 	__b64_ntop \
@@ -2639,6 +2635,13 @@ fi
 
 AC_SUBST([TEST_SSH_ECC])
 AC_SUBST([COMMENT_OUT_ECC])
+
+AC_CHECK_FUNCS([ \
+	arc4random \
+	arc4random_buf \
+	arc4random_stir \
+	arc4random_uniform \
+])
 
 saved_LIBS="$LIBS"
 AC_CHECK_LIB([iaf], [ia_openinfo], [
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux