Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
libgcrypt.25806
libgcrypt-1.6.1-use-fipscheck.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libgcrypt-1.6.1-use-fipscheck.patch of Package libgcrypt.25806
diff --git a/src/fips.c b/src/fips.c index ebb2fe7..523accc 100644 --- a/src/fips.c +++ b/src/fips.c @@ -589,23 +589,41 @@ run_random_selftests (void) return !!err; } +static int +get_library_path(const char *symbolname, char *path, size_t pathlen) +{ + Dl_info info; + void *sym; + int rv = -1; + + sym = dlsym(RTLD_DEFAULT, symbolname); + + if (sym != NULL && dladdr(sym, &info)) { + strncpy(path, info.dli_fname, pathlen-1); + path[pathlen-1] = '\0'; + rv = 0; + } + + return rv; +} + /* Run an integrity check on the binary. Returns 0 on success. */ static int check_binary_integrity (void) { #ifdef ENABLE_HMAC_BINARY_CHECK gpg_error_t err; - Dl_info info; + char libpath[4096]; unsigned char digest[32]; int dlen; char *fname = NULL; - const char key[] = "What am I, a doctor or a moonshuttle conductor?"; + const char key[] = "orboDeJITITejsirpADONivirpUkvarP"; - if (!dladdr ("gcry_check_version", &info)) + if (get_library_path ("gcry_check_version", libpath, sizeof(libpath))) err = gpg_error_from_syserror (); else { - dlen = _gcry_hmac256_file (digest, sizeof digest, info.dli_fname, + dlen = _gcry_hmac256_file (digest, sizeof digest, libpath, key, strlen (key)); if (dlen < 0) err = gpg_error_from_syserror (); @@ -613,7 +631,7 @@ check_binary_integrity (void) err = gpg_error (GPG_ERR_INTERNAL); else { - fname = _gcry_malloc (strlen (info.dli_fname) + 1 + 5 + 1 ); + fname = _gcry_malloc (strlen (libpath) + 1 + 5 + 1 ); if (!fname) err = gpg_error_from_syserror (); else @@ -622,7 +640,7 @@ check_binary_integrity (void) char *p; /* Prefix the basename with a dot. */ - strcpy (fname, info.dli_fname); + strcpy (fname, libpath); p = strrchr (fname, '/'); if (p) p++;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor