summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMax <msuraev@sysmocom.de>2017-10-26 10:56:04 +0200
committerHarald Welte <laforge@gnumonks.org>2017-11-02 18:06:26 +0000
commited029dfab959bca74bd43d86922727c2047eeb4d (patch)
tree07ed1e7bff8b0f154e949b62ffc1b0ba60098e4f /src
parent69b61fe510dd9357040ad0a9f3a1449d913067a7 (diff)
Enable GnuTLS fallback
On systems with GNU/Linux kernel older than 3.17 (Debian 8 "jessie" for example) the osmo_get_rand_id() would always return failure due to missing getrandom() syscall. To support such systems, let's add fallback code which uses GnuTLS library. It can be disabled explicitly via '--disable-gnutls' option at compile-time, otherwise ./configure will fail if both getrandom() and GnuTLS are not available. When building with '--enable-embedded' the fallback is disabled automatically. Related: OS#1694 Change-Id: Ic77866ce65acf524b768882c751a4f9c0635740b
Diffstat (limited to 'src')
-rw-r--r--src/gsm/Makefile.am5
-rw-r--r--src/gsm/gsm_utils.c19
2 files changed, 19 insertions, 5 deletions
diff --git a/src/gsm/Makefile.am b/src/gsm/Makefile.am
index 44769713..12f56db1 100644
--- a/src/gsm/Makefile.am
+++ b/src/gsm/Makefile.am
@@ -38,6 +38,11 @@ libosmogsm_la_SOURCES =
libosmogsm_la_LDFLAGS = $(LTLDFLAGS_OSMOGSM) -version-info $(LIBVERSION) -no-undefined
libosmogsm_la_LIBADD = libgsmint.la $(TALLOC_LIBS)
+if ENABLE_GNUTLS
+AM_CPPFLAGS += $(LIBGNUTLS_CFLAGS)
+libosmogsm_la_LIBADD += $(LIBGNUTLS_LIBS)
+endif
+
EXTRA_DIST = libosmogsm.map
# Convolutional codes generation
diff --git a/src/gsm/gsm_utils.c b/src/gsm/gsm_utils.c
index e3f792ef..134b4752 100644
--- a/src/gsm/gsm_utils.c
+++ b/src/gsm/gsm_utils.c
@@ -106,6 +106,12 @@
#endif
#endif
+#if (USE_GNUTLS)
+#pragma message ("including GnuTLS for getrandom fallback.")
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+#endif
+
/* ETSI GSM 03.38 6.2.1 and 6.2.1.1 default alphabet
* Greek symbols at hex positions 0x10 and 0x12-0x1a
* left out as they can't be handled with a char and
@@ -409,7 +415,7 @@ int gsm_7bit_encode_n_ussd(uint8_t *result, size_t n, const char *data, int *oct
*/
int osmo_get_rand_id(uint8_t *out, size_t len)
{
- int rc;
+ int rc = -ENOTSUP;
/* this function is intended for generating short identifiers only, not arbitrary-length random data */
if (len > OSMO_MAX_RAND_ID_LEN)
@@ -421,13 +427,16 @@ int osmo_get_rand_id(uint8_t *out, size_t len)
#pragma message ("Using direct syscall access for getrandom(): consider upgrading to glibc >= 2.25")
/* FIXME: this can be removed once we bump glibc requirements to 2.25: */
rc = syscall(SYS_getrandom, out, len, GRND_NONBLOCK);
-#else
-#pragma message ("Secure random unavailable: calls to osmo_get_rand_id() will always fail!")
- return -ENOTSUP;
#endif
+
/* getrandom() failed entirely: */
- if (rc < 0)
+ if (rc < 0) {
+#if (USE_GNUTLS)
+#pragma message ("Secure random failed: using GnuTLS fallback.")
+ return gnutls_rnd(GNUTLS_RND_RANDOM, out, len);
+#endif
return -errno;
+ }
/* getrandom() failed partially due to signal interruption:
this should never happen (according to getrandom(2)) as long as OSMO_MAX_RAND_ID_LEN < 256