1From c4930223e51d0e3dbfd8b2a814f4be2e269e2a9d Mon Sep 17 00:00:00 2001 2From: Brad House <brad@brad-house.com> 3Date: Sun, 30 Apr 2023 14:53:34 -0400 4Subject: [PATCH] Merge pull request from GHSA-54xr-f67r-4pc4 5 6* CARES_RANDOM_FILE should always default to /dev/urandom 7 8During cross-compilation, CARES_RANDOM_FILE may not be able to be appropriately 9detected, therefore we should always set it to /dev/urandom and allow the 10entity requesting compilation override the value. The code does appropriately 11fall back if CARES_RANDOM_FILE cannot be opened. 12 13* use set not option 14 15Conflict: NA 16Reference: https://github.com/c-ares/c-ares/commit/c4930223e51d0e3dbfd8b2a814f4be2e269e2a9d 17--- 18 CMakeLists.txt | 6 ++---- 19 configure.ac | 12 +----------- 20 2 files changed, 3 insertions(+), 15 deletions(-) 21 22diff --git a/CMakeLists.txt b/CMakeLists.txt 23index 7a29fef..0ec8d41 100644 24--- a/CMakeLists.txt 25+++ b/CMakeLists.txt 26@@ -36,6 +36,8 @@ OPTION (CARES_STATIC_PIC "Build the static library as PIC (position independent) 27 OPTION (CARES_BUILD_TESTS "Build and run tests" OFF) 28 OPTION (CARES_BUILD_CONTAINER_TESTS "Build and run container tests (implies CARES_BUILD_TESTS, Linux only)" OFF) 29 OPTION (CARES_BUILD_TOOLS "Build tools" ON) 30+SET (CARES_RANDOM_FILE "/dev/urandom" CACHE STRING "Suitable File / Device Path for entropy, such as /dev/urandom") 31+ 32 33 # Tests require static to be enabled on Windows to be able to access otherwise hidden symbols 34 IF (CARES_BUILD_TESTS AND (NOT CARES_STATIC) AND WIN32) 35@@ -402,10 +404,6 @@ SET (CMAKE_REQUIRED_DEFINITIONS) 36 SET (CMAKE_REQUIRED_LIBRARIES) 37 38 39-find_file(CARES_RANDOM_FILE urandom /dev) 40-mark_as_advanced(CARES_RANDOM_FILE) 41- 42- 43 ################################################################################ 44 # recv, recvfrom, send, getnameinfo, gethostname 45 # ARGUMENTS AND RETURN VALUES 46diff --git a/configure.ac b/configure.ac 47index 56a570b..f8ebd07 100644 48--- a/configure.ac 49+++ b/configure.ac 50@@ -896,17 +896,7 @@ AC_ARG_WITH(random, 51 AS_HELP_STRING([--with-random=FILE], 52 [read randomness from FILE (default=/dev/urandom)]), 53 [ CARES_RANDOM_FILE="$withval" ], 54- [ 55- dnl Check for random device. If we're cross compiling, we can't 56- dnl check, and it's better to assume it doesn't exist than it is 57- dnl to fail on AC_CHECK_FILE or later. 58- if test "$cross_compiling" = "no"; then 59- AC_CHECK_FILE("/dev/urandom", [ CARES_RANDOM_FILE="/dev/urandom"] ) 60- else 61- AC_MSG_WARN([cannot check for /dev/urandom while cross compiling; assuming none]) 62- fi 63- 64- ] 65+ [ CARES_RANDOM_FILE="/dev/urandom" ] 66 ) 67 if test -n "$CARES_RANDOM_FILE" && test X"$CARES_RANDOM_FILE" != Xno ; then 68 AC_SUBST(CARES_RANDOM_FILE) 69-- 702.33.0 71 72