Accepting request 53806 from security

Accepted submit request 53806 from user elvigia OBS-URL: https://build.opensuse.org/request/show/53806 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haveged?expand=0&rev=6
2010-11-24 09:46:06 +00:00 · 2010-11-24 09:46:06 +00:00 · 099a9adc8d
commit 099a9adc8d
parent 9e8a6c896c aede7370a4
6 changed files with 14 additions and 137 deletions
--- a/haveged-0.9-cloexec.patch
+++ b/haveged-0.9-cloexec.patch
@ -1,68 +0,0 @@
-Index: src/haveged.c
-===================================================================
--- src/haveged.c.orig	2009-09-02 18:58:14.000000000 +0200
-+++ src/haveged.c	2010-07-26 17:14:35.334236000 +0200
-@@ -83,7 +83,7 @@ void daemonize(struct hperf *perf)
-    signal(SIGTERM, tidy_exit);
-    if (daemon(0, 0) == -1)
-       error_exit("Cannot fork into the background");
-   fh = fopen(params->pid_file, "w");
-+   fh = fopen(params->pid_file, "we");
-    if (!fh)
-       error_exit("Couldn't open PID file \"%s\" for writing: %m.", params->pid_file);
-    fprintf(fh, "%i", getpid());
-@@ -147,12 +147,12 @@ int get_poolsize()
-    int max_bits,major,minor;
- 
-    if (params->run_level==0) {
-      poolsize_fh = fopen(params->poolsize, "rb");
-+      poolsize_fh = fopen(params->poolsize, "rbe");
-       if (poolsize_fh) {
-          if (fscanf(poolsize_fh, "%d", &max_bits)!=1)
-             max_bits = -1;
-          fclose(poolsize_fh);
-         osrel_fh = fopen(params->os_rel, "rb");
-+         osrel_fh = fopen(params->os_rel, "rbe");
-          if (osrel_fh) {
-             if (fscanf(osrel_fh,"%d.%d", &major, &minor)<2)
-               major = minor = 0;
-@@ -263,7 +263,7 @@ void run(int poolsize, struct rand_pool_
-          daemonize(perf);
-          if (params->low_water>0)
-             set_watermark(params->low_water);
-         random_fd = open(params->random_device, O_RDWR);
-+         random_fd = open(params->random_device, O_RDWR | O_CLOEXEC);
-          if (random_fd == -1)
-             error_exit("Couldn't open random device: %m");
-          break;
-@@ -272,7 +272,7 @@ void run(int poolsize, struct rand_pool_
-          return;
-       default:
-          ct = params->sample_size*1024;
-         if (!(fout = fopen (params->sample_out, "wb")))
-+         if (!(fout = fopen (params->sample_out, "wbe")))
-             error_exit("Cannot open file <%s> for writing.\n", params->sample_out);
-          fprintf(stderr, "Writing %d byte sample\n",ct);
-       }
-@@ -334,7 +334,7 @@ void set_watermark(int level)
- {
-    FILE *wm_fh;
- 
-   wm_fh = fopen(params->watermark, "w");
-+   wm_fh = fopen(params->watermark, "we");
-    if (wm_fh) {
-       fprintf(wm_fh, "%d\n", level);
-       fclose(wm_fh);
-Index: configure.ac
-===================================================================
--- configure.ac.orig	2009-09-02 01:22:33.000000000 +0200
-+++ configure.ac	2010-07-26 17:20:58.745701000 +0200
-@@ -8,7 +8,7 @@ AC_CONFIG_AUX_DIR(config)
- AC_CONFIG_HEADER([config.h])
- AM_INIT_AUTOMAKE
- AC_CONFIG_SRCDIR([/src/haveged.c])
-
-+AC_USE_SYSTEM_EXTENSIONS
- ## Make nist self-test configurable
- AC_ARG_ENABLE(nistest, AS_HELP_STRING([--enable-nistest=[no/yes]],[Run NIST test suite [default=no]]),, enable_nistest="no")
- if test "x$enable_nistest" = "xyes"; then
--- a/haveged-0.9.tar.bz2
+++ b/haveged-0.9.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b94fdb1c0891aaf8b7a00faa0b426e1a6c93a0665c60cd8db510ca4d87ea834d
-size 166681
--- a/haveged-0.9_git201011232331.tar.xz
+++ b/haveged-0.9_git201011232331.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f92960e729d5e533b752556dbc8b345be713e12cda71b355cd34f5a9925a2e1b
+size 77808
--- a/haveged-capabilties.patch
+++ b/haveged-capabilties.patch
@ -1,58 +0,0 @@
--- configure.ac.orig	2010-09-24 18:13:42.282707000 +0200
-+++ configure.ac	2010-09-24 18:13:42.311704000 +0200
-@@ -68,7 +68,7 @@ AC_FUNC_MALLOC
- AC_FUNC_SELECT_ARGTYPES
- AC_TYPE_SIGNAL
- AC_CHECK_FUNCS([floor gettimeofday memset pow select sqrt])
-
-+LIBCAP_NG_PATH
- # Sets hardware depedent define for the build
- AC_SUBST(HA_CPPFLAGS,$HA_CPPFLAGS)
- 
--- src/Makefile.am.orig	2009-09-01 22:45:25.000000000 +0200
-+++ src/Makefile.am	2010-09-24 18:13:42.319719000 +0200
-@@ -4,5 +4,5 @@ AM_CFLAGS=-Wall
- AM_CPPFLAGS = @HA_CPPFLAGS@
- 
- haveged_SOURCES = haveged.c havege.c havegedef.h haveged.h havege.h oneiteration.h loopbody.h
-
-+haveged_LDADD = @CAPNG_LDADD@
- MAINTAINERCLEANFILES = Makefile.in
--- src/haveged.c.orig	2010-09-24 18:13:42.276714000 +0200
-+++ src/haveged.c	2010-09-24 18:14:41.605757000 +0200
-@@ -16,6 +16,11 @@
-  ** You should have received a copy of the GNU General Public License
-  ** along with this program.  If not, see <http://www.gnu.org/licenses/>.
-  */
-+
-+#ifdef HAVE_CONFIG_H
-+#include "config.h"
-+#endif
-+
- #include <stdlib.h>
- #include <stdio.h>
- #include <math.h>
-@@ -37,6 +42,10 @@
- #include <linux/random.h>
- #include <errno.h>
- 
-+#ifdef HAVE_LIBCAP_NG
-+#include <cap-ng.h>
-+#endif
-+
- #include "havege.h"
- /**
-  * Parameters
-@@ -170,6 +179,12 @@ int get_poolsize()
-  */
- int main(int argc, char **argv)
- {
-+#ifdef HAVE_LIBCAP_NG
-+       /* Drop capabilities */
-+       capng_clear(CAPNG_SELECT_BOTH);
-+       capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN);
-+       capng_apply(CAPNG_SELECT_BOTH);
-+#endif
-    static const char* cmds[] = {
-       "d", "data",    "1", "Data cache size [KB]",
-       "i", "inst",    "1", "Instruction cache size [KB]",
--- a/haveged.changes
+++ b/haveged.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Nov 23 23:37:48 UTC 2010 - cristian.rodriguez@opensuse.org
+
+- Fix optimization problem, actually a bug in inline asm
+  code. avoid using it, instead try hard to use either
+  GCC builtins or properly corrected inline asm.
+  Thanks Richard for pointing to the right solution.
+
 -------------------------------------------------------------------
 Sat Nov  6 00:00:24 UTC 2010 - aj@suse.de

--- a/haveged.spec
+++ b/haveged.spec
@ -18,22 +18,20 @@


 Name:           haveged
-Version:        0.9
+Version:        0.9_git201011232331
 Release:        3
 License:        GPLv3
 Group:          System/Daemons
 Summary:        Feed entropy into random pool
 Url:            http://www.issihosts.com/haveged/
-Source0:        http://www.issihosts.com/haveged/haveged-%{version}.tar.bz2
+Source0:        http://www.issihosts.com/haveged/haveged-%{version}.tar.xz
 Source1:        haveged.init
 Source2:        haveged.service
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Requires(pre):	%insserv_prereq
 Requires(post):	 grep util-linux
 Enhances:       openssl gpg2 php5 apache2 openvpn smtp_daemon    
-Patch:          haveged-0.9-cloexec.patch 
-Patch1:         haveged-capabilties.patch
-BuildRequires:  libcap-ng-devel
+BuildRequires:  libcap-ng-devel lzma

 %description
 The haveged daemon feeds the linux entropy pool with random
@ -43,12 +41,9 @@ For more informations see http://www.issihosts.com/haveged/

 %prep
 %setup -q
-%patch
-%patch1

 %build
 autoreconf -fiv
-export CFLAGS="$RPM_OPT_FLAGS -O0"
 export LDFLAGS="-Wl,-z,relro,-z,now"
 %configure --with-libcap-ng=yes --sbindir=/sbin --enable-nistest=yes
 make %{?smp_flags}