| Summary: | net-misc/openssh-9.1_p1-r3[x509]: src_prepare fails | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | setun.90 |
| Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | kfm, Letto2 |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 891639 | ||
| Attachments: | net-misc/openssh-9.1_p1-r3 build log | ||
|
Description
setun.90
2023-01-22 08:44:04 UTC
Created attachment 848953 [details]
net-misc/openssh-9.1_p1-r3 build log
This is really another piece of evidence supporting the idea of splitting x509+HPN into their own ebuild. Fun, looks like the X509 patch has it's own fix for the getentropy bug, implemented differently. Will conditionally not apply that fix for x509.
excerpt from the x509 diff:
- if (getentropy(rnd, sizeof rnd) == -1)
- _getentropy_fail();
+#ifdef WITH_OPENSSL
+ /* Always prefer OpenSSL random functionality */
+ if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
+ fatal("Couldn't obtain random bytes (error 0x%lx)",
+ (unsigned long)ERR_get_error());
+#else
+ if (_ssh_compat_getentropy(rnd, sizeof rnd) == -1)
+ fatal("getentropy failed");
+#endif
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1b2bcb67e18ff9150bc5c7e758bc2d6d72e75ba9 commit 1b2bcb67e18ff9150bc5c7e758bc2d6d72e75ba9 Author: Robin H. Johnson <robbat2@gentoo.org> AuthorDate: 2023-01-22 17:49:01 +0000 Commit: Robin H. Johnson <robbat2@gentoo.org> CommitDate: 2023-01-22 17:50:32 +0000 net-misc/openssh: avoid conflict between x509 patch and getentropy fix Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> Closes: https://bugs.gentoo.org/891665 net-misc/openssh/openssh-9.1_p1-r3.ebuild | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) |
