Never require XML_POOR_ENTROPY for "./configure && make"

.. as XML_POOR_ENTROPY was intended to catch _accidental_
compilation with no provider of high quality entropy
enabled for _non-Autoconf_ build systems from the start.

diff --git a/.travis.yml b/.travis.yml
index 547b8f870a9ac684c2f9c03589349e01bb9a638b..6dd84934fa14fcc7b47c1566cd86c738912236f2 100644 (file)
--- a/.travis.yml
+++ b/.travis.yml
@@ -6,7 +6,6 @@ dist: trusty
 
 env:
   global:
-    - CPPFLAGS='-DXML_POOR_ENTROPY'  # bad idea, do not copy!
     - CFLAGS='-g -pipe'
   matrix:
     - MODE=address

diff --git a/expat/Changes b/expat/Changes
index 24ce15303e5fd6be4635af064ae01a408dc03557..e9577e7d9f850fa72396dd4bfab50cbf7a9d2e24 100644 (file)
--- a/expat/Changes
+++ b/expat/Changes
@@ -20,6 +20,9 @@ Release 2.2.? ????????????????
                   Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__)
                     for CloudABI
             #100  Fix use of SIPHASH_MAIN in siphash.h
+                  Repair "./configure && make" for systems without any
+                    provider of high quality entropy
+                    and try reading /dev/urandom on those
 
         Special thanks to:
             Chanho Park

diff --git a/expat/configure.ac b/expat/configure.ac
index 5e4c9255ecc25567fbd188cd4ba0823bc61c2c1d..328ff91a39371f4939d526cb9fc98d183504ad90 100644 (file)
--- a/expat/configure.ac
+++ b/expat/configure.ac
@@ -199,6 +199,8 @@ AC_DEFINE([XML_NS], 1,
           [Define to make XML Namespaces functionality available.])
 AC_DEFINE([XML_DTD], 1,
           [Define to make parameter entity parsing functionality available.])
+AC_DEFINE([XML_DEV_URANDOM], 1,
+          [Define to include code reading entropy from `/dev/urandom'.])
 
 AC_ARG_ENABLE([xml-context],
   AS_HELP_STRING([--enable-xml-context @<:@COUNT@:>@],

diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
index e948cbdf1e1234fd4e0bcafbccbabf278f4c7b51..c20bc395be4dac18f95ce050f3ae1121a7ff984f 100644 (file)
--- a/expat/lib/xmlparse.c
+++ b/expat/lib/xmlparse.c
@@ -60,6 +60,7 @@
 
 #if !defined(HAVE_GETRANDOM) && !defined(HAVE_SYSCALL_GETRANDOM) \
     && !defined(HAVE_ARC4RANDOM_BUF) && !defined(HAVE_ARC4RANDOM) \
+    && !defined(XML_DEV_URANDOM) \
     && !defined(_WIN32) \
     && !defined(XML_POOR_ENTROPY)
 # error  \
@@ -73,6 +74,7 @@
       * BSD / macOS <10.7 (arc4random): HAVE_ARC4RANDOM, \
       * libbsd (arc4random_buf): HAVE_ARC4RANDOM_BUF + HAVE_LIBBSD, \
       * libbsd (arc4random): HAVE_ARC4RANDOM + HAVE_LIBBSD, \
+      * Linux / BSD / macOS (/dev/urandom): XML_DEV_URANDOM \
       * Windows (RtlGenRandom): _WIN32. \
     \
     If insist on not using any of these, bypass this error by defining \
@@ -784,7 +786,7 @@ writeRandomBytes_getrandom_nonblock(void * target, size_t count) {
 #endif  /* defined(HAVE_GETRANDOM) || defined(HAVE_SYSCALL_GETRANDOM) */
 
 
-#if ! defined(_WIN32)
+#if ! defined(_WIN32) && defined(XML_DEV_URANDOM)
 
 /* Extract entropy from /dev/urandom */
 static int
@@ -814,7 +816,7 @@ writeRandomBytes_dev_urandom(void * target, size_t count) {
   return success;
 }
 
-#endif  /* ! defined(_WIN32) */
+#endif  /* ! defined(_WIN32) && defined(XML_DEV_URANDOM) */
 
 
 #if defined(HAVE_ARC4RANDOM)
@@ -934,11 +936,11 @@ generate_hash_secret_salt(XML_Parser parser)
     return ENTROPY_DEBUG("getrandom", entropy);
   }
 #endif
-#if ! defined(_WIN32)
+#if ! defined(_WIN32) && defined(XML_DEV_URANDOM)
   if (writeRandomBytes_dev_urandom((void *)&entropy, sizeof(entropy))) {
     return ENTROPY_DEBUG("/dev/urandom", entropy);
   }
-#endif  /* ! defined(_WIN32) */
+#endif  /* ! defined(_WIN32) && defined(XML_DEV_URANDOM) */
   /* .. and self-made low quality for backup: */
 
   /* Process ID is 0 bits entropy if attacker has local access */