File libgcrypt-fips_avoid_clash_with_gkd.patch of Package libgcrypt
Index: libgcrypt-1.6.1/random/rndlinux.c
===================================================================
--- libgcrypt-1.6.1.orig/random/rndlinux.c 2017-11-20 16:28:20.027653735 +0100
+++ libgcrypt-1.6.1/random/rndlinux.c 2017-11-20 17:52:07.271441469 +0100
@@ -116,9 +116,10 @@ _gcry_rndlinux_gather_random (void (*add
static int fd_urandom = -1;
static int fd_random = -1;
static int fd_configured = -1;
+ static int dummy_fds[3] = { -1, -1, -1 };
static unsigned char ever_opened;
int fd;
- int n;
+ int i, n;
byte buffer[768];
size_t n_hw;
size_t want = length;
@@ -144,9 +145,27 @@ _gcry_rndlinux_gather_random (void (*add
close (fd_configured);
fd_configured = -1;
}
+
+ for (i = 0; i < 3; ++i)
+ {
+ if (dummy_fds[i] != -1)
+ {
+ close (dummy_fds[i]);
+ dummy_fds[i] = -1;
+ }
+ }
+
return 0;
}
+ /* Open dummy descriptors, so the random devices get file descriptors above 2.
+ gnome-keyring-daemon closes descriptors 0-2 on initializatin,
+ which overwrites the stored random device descriptors and causes ligcrypt
+ to never exit the while loop below.
+ (https://bugzilla.suse.com/show_bug.cgi?id=1043333) */
+ for (i = 0; i < 3; ++i)
+ if (dummy_fds[i] == -1)
+ dummy_fds[i] = open ("/dev/null", O_RDONLY);
/* First read from a hardware source. However let it account only
for up to 50% of the requested bytes. */