Changeset 1738

Timestamp:

Jan 24, 2008 3:27:30 PM (16 years ago)

Author:

bennylp

Message:

More ticket #61: SRTP will try to use /dev/urandom as RNG if fcntl.h and unistd.h is present. If it fails, it will fallback to using rand()

Location:

pjproject/trunk

Files:

• aconfigure (modified) (1 diff)
• aconfigure.ac (modified) (1 diff)
• pjlib/include/pj/compat/os_auto.h.in (modified) (1 diff)
• third_party/build/srtp/srtp_config.h (modified) (3 diffs)
• third_party/srtp/crypto/rng/rand_source.c (modified) (4 diffs)

pjproject/trunk/aconfigure

@@ -5510 +5510 @@
 esac
 
+if test "${ac_cv_header_fcntl_h+set}" = set; then
+  { echo "$as_me:$LINENO: checking for fcntl.h" >&5
+echo $ECHO_N "checking for fcntl.h... $ECHO_C" >&6; }
+if test "${ac_cv_header_fcntl_h+set}" = set; then
+  echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_fcntl_h" >&5
+echo "${ECHO_T}$ac_cv_header_fcntl_h" >&6; }
+else
+  # Is the header compilable?
+{ echo "$as_me:$LINENO: checking fcntl.h usability" >&5
+echo $ECHO_N "checking fcntl.h usability... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+$ac_includes_default
+#include <fcntl.h>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+  (eval "$ac_compile") 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } && {
+         test -z "$ac_c_werror_flag" ||
+         test ! -s conftest.err
+       } && test -s conftest.$ac_objext; then
+  ac_header_compiler=yes
+else
+  echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+        ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ echo "$as_me:$LINENO: checking fcntl.h presence" >&5
+echo $ECHO_N "checking fcntl.h presence... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+#include <fcntl.h>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } >/dev/null && {
+         test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+         test ! -s conftest.err
+       }; then
+  ac_header_preproc=yes
+else
+  echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+  ac_header_preproc=no
+fi
+
+rm -f conftest.err conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
+
+# So?  What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+  yes:no: )
+    { echo "$as_me:$LINENO: WARNING: fcntl.h: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: fcntl.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
+    { echo "$as_me:$LINENO: WARNING: fcntl.h: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: fcntl.h: proceeding with the compiler's result" >&2;}
+    ac_header_preproc=yes
+    ;;
+  no:yes:* )
+    { echo "$as_me:$LINENO: WARNING: fcntl.h: present but cannot be compiled" >&5
+echo "$as_me: WARNING: fcntl.h: present but cannot be compiled" >&2;}
+    { echo "$as_me:$LINENO: WARNING: fcntl.h:     check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: fcntl.h:     check for missing prerequisite headers?" >&2;}
+    { echo "$as_me:$LINENO: WARNING: fcntl.h: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: fcntl.h: see the Autoconf documentation" >&2;}
+    { echo "$as_me:$LINENO: WARNING: fcntl.h:     section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: fcntl.h:     section \"Present But Cannot Be Compiled\"" >&2;}
+    { echo "$as_me:$LINENO: WARNING: fcntl.h: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: fcntl.h: proceeding with the preprocessor's result" >&2;}
+    { echo "$as_me:$LINENO: WARNING: fcntl.h: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: fcntl.h: in the future, the compiler will take precedence" >&2;}
+
+    ;;
+esac
+{ echo "$as_me:$LINENO: checking for fcntl.h" >&5
+echo $ECHO_N "checking for fcntl.h... $ECHO_C" >&6; }
+if test "${ac_cv_header_fcntl_h+set}" = set; then
+  echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+  ac_cv_header_fcntl_h=$ac_header_preproc
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_header_fcntl_h" >&5
+echo "${ECHO_T}$ac_cv_header_fcntl_h" >&6; }
+
+fi
+if test $ac_cv_header_fcntl_h = yes; then
+  cat >>confdefs.h <<\_ACEOF
+#define PJ_HAS_FCNTL_H 1
+_ACEOF
+
+fi
+
+
 if test "${ac_cv_header_linux_socket_h+set}" = set; then
   { echo "$as_me:$LINENO: checking for linux/socket.h" >&5

pjproject/trunk/aconfigure.ac

@@ -139 +139 @@
 esac
 
+AC_CHECK_HEADER(fcntl.h,[AC_DEFINE(PJ_HAS_FCNTL_H,1)])
 AC_CHECK_HEADER(linux/socket.h,[AC_DEFINE(PJ_HAS_LINUX_SOCKET_H,1)])
 AC_CHECK_HEADER(malloc.h,[AC_DEFINE(PJ_HAS_MALLOC_H,1)])

pjproject/trunk/pjlib/include/pj/compat/os_auto.h.in

@@ -47 +47 @@
 #undef PJ_HAS_CTYPE_H
 #undef PJ_HAS_ERRNO_H
+#undef PJ_HAS_FCNTL_H
 #undef PJ_HAS_LINUX_SOCKET_H
 #undef PJ_HAS_MALLOC_H

pjproject/trunk/third_party/build/srtp/srtp_config.h

@@ -27 +27 @@
     (defined(PJ_M_IA64) && PJ_M_IA64!=0)
 #   define CPU_CISC         1
-#   define HAVE_X86         1   /* use X86 inlined assembly code */
+/* #   define HAVE_X86      1   use X86 inlined assembly code */
 #else
 #   define CPU_RISC         1
@@ -114 +114 @@
 #endif
 
-#define SIZEOF_UNSIGNED_LONG        (sizeof(unsigned long))
+#define SIZEOF_UNSIGNED_LONG        8
 #define SIZEOF_UNSIGNED_LONG_LONG   8
 
@@ -156 +156 @@
 /* #define DEV_URANDOM "/dev/urandom" */
 
+/* Only with PJSIP:
+ * Try to open PJ_DEV_URANDOM if present
+ */
+#if defined(PJ_HAS_FCNTL_H) && defined(PJ_HAS_UNISTD_H)
+#   define PJ_DEV_URANDOM       "/dev/urandom"
+#endif
+
 /* We have overridden libsrtp error mechanism, so these are not used. */
 /* #undef ERR_REPORTING_FILE */

pjproject/trunk/third_party/srtp/crypto/rng/rand_source.c

@@ -45 +45 @@
 #include "srtp_config.h"
 
-#ifdef DEV_URANDOM
+#if defined(DEV_URANDOM) || defined(PJ_DEV_URANDOM)
 # include <fcntl.h>          /* for open()  */
 # include <unistd.h>         /* for close() */
@@ -88 +88 @@
   if (dev_random_fdes < 0)
     return err_status_init_fail;
+#elif defined(PJ_DEV_URANDOM)
+  /* open random source for reading */
+  dev_random_fdes = open(PJ_DEV_URANDOM, O_RDONLY);
+  if (dev_random_fdes < 0) {
+    err_report(3,"Ugh: /dev/urandom not present, using rand() instead");
+    return err_status_ok;  /* it's ok, it'll fallback to using rand() */
+  }
 #elif (_MSC_VER >= 1400)
   dev_random_fdes = RAND_SOURCE_READY;
@@ -124 +131 @@
   }
 #else
+  uint8_t *dst = (uint8_t *)dest;
+
+  /* First try with /dev/urandom, if it's opened */
+  if (dev_random_fdes >= 0) {
+    if (read(dev_random_fdes, dest, len) == len)
+        return err_status_ok;   /* success */
+  }
+
   /* Generic C-library (rand()) version */
   /* This is a random source of last resort */
-  uint8_t *dst = (uint8_t *)dest;
   while (len)
   {
@@ -142 +156 @@
 err_status_t
 rand_source_deinit(void) {
+#ifndef PJ_DEV_URANDOM
   if (dev_random_fdes < 0)
     return err_status_dealloc_fail;  /* well, we haven't really failed, *
                                       * but there is something wrong    */
-#ifdef DEV_URANDOM
-  close(dev_random_fdes);  
 #endif
+
+  if (dev_random_fdes >= 0)
+    close(dev_random_fdes);  
+
   dev_random_fdes = RAND_SOURCE_NOT_READY;
   
   return err_status_ok;  
 }
+