On Tue, Aug 12, 2014 at 11:53 AM, Phil Pennock <pdp@???> wrote:
> On 2014-08-12 at 08:07 -0700, Todd Lyons wrote:
>> OpenBSD 5.5 was released on May 1 2014. In it, there appears to be
>> movement on deprecating arc4random_* function calls. A build client
>> builds all of the object files correctly, but is failing to link the
>> final exim binary with the following error:
>
> Already covered in:
> https://github.com/Exim/exim/issues/14
>
> If we now have an OpenBSD build bot and want to support it, first class,
> then we need a new #define to guard on, "HAVENOT_ARC4RANDOM_STIR"
> perhaps, then define that in "OS/os.h-OpenBSD". A comment on the guard
> should make clear that before defining this for a new OS, we need to
> make sure that all known releases of that OS support auto-mixing,
> because if not then defining the guard is weakening protection.
I experimented with a vagrant OpenBSD 5.5 box and ended up with this
change. Look ok to the Unix types? I don't really like including a
new header file, but it's the simplest (only?) clean way I could see
to get an OS version number.
diff --git a/src/OS/os.h-OpenBSD b/src/OS/os.h-OpenBSD
index 55bade6..9578047 100644
--- a/src/OS/os.h-OpenBSD
+++ b/src/OS/os.h-OpenBSD
@@ -5,6 +5,13 @@
#define HAVE_SYS_MOUNT_H
#define SIOCGIFCONF_GIVES_ADDR
#define HAVE_ARC4RANDOM
+/* In May 2014, OpenBSD 5.5 was released which cleaned up the arc4random_* API
+ which removed the arc4random_stir() function. Set NOT_HAVE_ARC4RANDOM_STIR
+ if the version released is past that point. */
+#include <sys/param.h>
+#if OpenBSD >= 201405
+#define NOT_HAVE_ARC4RANDOM_STIR
+#endif
·
typedef struct flock flock_t;
·
diff --git a/src/src/expand.c b/src/src/expand.c
index 70d7c7d..0b6513c 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -913,7 +913,9 @@ vaguely_random_number(int max)
#ifdef HAVE_ARC4RANDOM
/* cryptographically strong randomness, common on *BSD platforms, not
so much elsewhere. Alas. */
+#ifndef NOT_HAVE_ARC4RANDOM_STIR
arc4random_stir();
+#endif
#elif defined(HAVE_SRANDOM) || defined(HAVE_SRANDOMDEV)
#ifdef HAVE_SRANDOMDEV
/* uses random(4) for seeding */
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine
