Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, The patch was submitted upstream for their feedback [1], and was finally agreed. So I will upload a new package very soon then. /Nicolas [1] https://github.com/libevent/libevent/issues/1393#issuecomment-1453924054
Bug#1023284: libevent: FTBFS with glibc 2.36
Hi, It seems a fix for this is sitting git, but hasn't been uploaded. Is there a reason it's not been uploaded yet? Kurt
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, I opened an issue upstream [1] to ask for feedbacks. Azat suggest to change the function signature from void evutil_secure_rng_add_bytes(const char *buf, size_t n); to: int evutil_secure_rng_add_bytes(const char *buf, size_t n) and make evutil_secure_rng_add_bytes to return -1, to make it more explicit that the function is no-oped. I understand and I tend to agree with this suggestion, but I'm wondering if this solution is correct for this bug? The symbol would still be the same, but would the signature change introduce problems in the libevent package dependencies and build-deps? Any thoughts? /Nicolas [1] https://github.com/libevent/libevent/issues/1393
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello all, I'm forwarding my questions and thoughts about this patch. Le 2023-01-04 à 11 h 39, Shengjing Zhu a écrit : So Just make evutil_secure_rng_add_bytes noop with glibc's implemtation of arc4random. Please see following patch. In the libevent repo, azat mentions that nooping evutil_secure_rng_add_bytes is not a good thing to do [1] but on the other hand, other implementation have applied this kind of patch, like oracle mentioned above. I'm not pretending I know more, but I'd like to make sure this patch won't silently remove a core functionality in some packages, leading to random number generator being less random. Also, the libevent transition with glibc made by ubuntu in october went fine apparently, just a couple of build had an error [2] Again, I'm not trying to force one solution or another, but I question what solution is the best considering the little time we have until freeze. /Nicolas [1] https://github.com/libevent/libevent/issues/615#issuecomment-421182890 [2] https://bugs.launchpad.net/ubuntu/+source/libevent/+bug/1990941
Bug#1023284: libevent: FTBFS with glibc 2.36
On Fri, Nov 25, 2022 at 10:56:09AM -0500, Nicolas Mora wrote:
> Hello,
>
> Le 2022-11-17 à 04 h 15, Benjamin Drung a écrit :
> >
> > We did a library transition in Ubuntu to remove this symbol:
> > https://launchpad.net/bugs/1990941
> > Attached the patch we applied.
> >
> Thanks, I've made a new package based on your patch lately,
> libevent_2.1.12-stable-7 is in NEW for now [1]. Waiting for FTP masters to
> review the new package so the transition can start.
>
Probably late for this. But this really isn't right for a library transition.
I've read the discussion on launchpad. The orig patch to keep ABI has problem
for mixing arc4random functions from the vendored sources and glibc.
But as I read the code, the arc4random_addrandom shouldn't be called. So glibc
doesn't provide such.
(Why you want to add entropy yourself?)
Looking at other implementation that still has arc4random_addrandom, for example
https://docs.oracle.com/cd/E88353_01/html/E37843/arc4random-addrandom-3c.html
It's just empty function, provided for compatibility.
So Just make evutil_secure_rng_add_bytes noop with glibc's implemtation of
arc4random. Please see following patch.
diff --git a/evutil_rand.c b/evutil_rand.c
index 8e9afda..15deab3 100644
--- a/evutil_rand.c
+++ b/evutil_rand.c
@@ -190,14 +190,14 @@ evutil_secure_rng_get_bytes(void *buf, size_t n)
ev_arc4random_buf(buf, n);
}
-#if !defined(EVENT__HAVE_ARC4RANDOM) ||
defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
void
evutil_secure_rng_add_bytes(const char *buf, size_t n)
{
+#if defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
arc4random_addrandom((unsigned char*)buf,
n>(size_t)INT_MAX ? INT_MAX : (int)n);
-}
#endif
+}
void
evutil_free_secure_rng_globals_(void)
diff --git a/include/event2/util.h b/include/event2/util.h
index 02aa7ba..aa7177d 100644
--- a/include/event2/util.h
+++ b/include/event2/util.h
@@ -862,7 +862,6 @@ int evutil_secure_rng_init(void);
EVENT2_EXPORT_SYMBOL
int evutil_secure_rng_set_urandom_device_file(char *fname);
-#if !defined(EVENT__HAVE_ARC4RANDOM) ||
defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
/** Seed the random number generator with extra random bytes.
You should almost never need to call this function; it should be
@@ -879,7 +878,6 @@ int evutil_secure_rng_set_urandom_device_file(char *fname);
*/
EVENT2_EXPORT_SYMBOL
void evutil_secure_rng_add_bytes(const char *dat, size_t datlen);
-#endif
#ifdef __cplusplus
}
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, Le 2022-11-17 à 04 h 15, Benjamin Drung a écrit : We did a library transition in Ubuntu to remove this symbol: https://launchpad.net/bugs/1990941 Attached the patch we applied. Thanks, I've made a new package based on your patch lately, libevent_2.1.12-stable-7 is in NEW for now [1]. Waiting for FTP masters to review the new package so the transition can start. /Nicolas [1] https://ftp-master.debian.org/new/libevent_2.1.12-stable-7.html
Bug#1023284: libevent: FTBFS with glibc 2.36
On Thu, 3 Nov 2022 00:32:52 +0100 Samuel Thibault
wrote:
> Nicolas Mora, le mer. 02 nov. 2022 19:14:51 -0400, a ecrit:
> > If I understand correctly, removing the symbols
evutil_secure_rng_add_bytes from the symbols files is enough to fix this
bug?
>
> It will make the package build again. But possibly some binaries in
> Debian are using that symbol, that'd have to be checked before
accepting
> that this symbol disappears, otherwise those binaries will break.
We did a library transition in Ubuntu to remove this symbol:
https://launchpad.net/bugs/1990941
Attached the patch we applied.
--
Benjamin Drung
Debian & Ubuntu Developer
diff -pruN 2.1.12-stable-5/debian/control 2.1.12-stable-5ubuntu1/debian/control
--- 2.1.12-stable-5/debian/control 2022-04-15 15:26:42.0 +
+++ 2.1.12-stable-5ubuntu1/debian/control 2022-10-05 17:07:42.0 +
@@ -14,8 +14,8 @@ Package: libevent-dev
Architecture: any
Section: libdevel
Depends: ${misc:Depends},
- libevent-2.1-7 (= ${binary:Version}),
- libevent-core-2.1-7 (= ${binary:Version}),
+ libevent-2.1-7a (= ${binary:Version}),
+ libevent-core-2.1-7a (= ${binary:Version}),
libevent-extra-2.1-7 (= ${binary:Version}),
libevent-pthreads-2.1-7 (= ${binary:Version}),
libevent-openssl-2.1-7 (= ${binary:Version})
@@ -26,12 +26,14 @@ Description: Asynchronous event notifica
.
This package includes development files for compiling against libevent.
-Package: libevent-2.1-7
+Package: libevent-2.1-7a
Architecture: any
Multi-Arch: same
Depends: ${shlibs:Depends},
${misc:Depends}
Pre-Depends: ${misc:Pre-Depends}
+Conflicts: libevent-2.1-7
+Replaces: libevent-2.1-7
Description: Asynchronous event notification library
Libevent is an asynchronous event notification library that provides a
mechanism to execute a callback function when a specific event occurs
@@ -46,12 +48,14 @@ Description: Asynchronous event notifica
the libevent library that includes everything in libevent_core and
libevent_extra.
-Package: libevent-core-2.1-7
+Package: libevent-core-2.1-7a
Architecture: any
Multi-Arch: same
Depends: ${shlibs:Depends},
${misc:Depends}
Pre-Depends: ${misc:Pre-Depends}
+Conflicts: libevent-core-2.1-7
+Replaces: libevent-core-2.1-7
Description: Asynchronous event notification library (core)
Libevent is an asynchronous event notification library that provides a
mechanism to execute a callback function when a specific event occurs
@@ -72,7 +76,7 @@ Architecture: any
Multi-Arch: same
Depends: ${shlibs:Depends},
${misc:Depends},
- libevent-core-2.1-7 (= ${binary:Version})
+ libevent-core-2.1-7a (= ${binary:Version})
Pre-Depends: ${misc:Pre-Depends}
Description: Asynchronous event notification library (extra)
Libevent is an asynchronous event notification library that provides a
@@ -94,7 +98,7 @@ Architecture: any
Multi-Arch: same
Depends: ${shlibs:Depends},
${misc:Depends},
- libevent-core-2.1-7 (= ${binary:Version})
+ libevent-core-2.1-7a (= ${binary:Version})
Pre-Depends: ${misc:Pre-Depends}
Description: Asynchronous event notification library (pthreads)
Libevent is an asynchronous event notification library that provides a
@@ -114,7 +118,7 @@ Architecture: any
Multi-Arch: same
Depends: ${shlibs:Depends},
${misc:Depends},
- libevent-core-2.1-7 (= ${binary:Version})
+ libevent-core-2.1-7a (= ${binary:Version})
Pre-Depends: ${misc:Pre-Depends}
Description: Asynchronous event notification library (openssl)
Libevent is an asynchronous event notification library that provides a
diff -pruN 2.1.12-stable-5/debian/libevent-2.1-7a.install 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.install
--- 2.1.12-stable-5/debian/libevent-2.1-7a.install 1970-01-01 00:00:00.0 +
+++ 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.install 2022-09-27 08:19:35.0 +
@@ -0,0 +1 @@
+usr/lib/*/libevent-2.1.so.*
diff -pruN 2.1.12-stable-5/debian/libevent-2.1-7a.symbols 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.symbols
--- 2.1.12-stable-5/debian/libevent-2.1-7a.symbols 1970-01-01 00:00:00.0 +
+++ 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.symbols 2022-10-05 17:02:22.0 +
@@ -0,0 +1,648 @@
+# SymbolsHelper-Confirmed: 2.1.8-stable amd64
+libevent-2.1.so.7 libevent-2.1-7a #MINVER#
+* Build-Depends-Package: libevent-dev
+ EVUTIL_ISALNUM_@Base 2.1.8-stable
+ EVUTIL_ISALPHA_@Base 2.1.8-stable
+ EVUTIL_ISDIGIT_@Base 2.1.8-stable
+ EVUTIL_ISLOWER_@Base 2.1.8-stable
+ EVUTIL_ISPRINT_@Base 2.1.8-stable
+ EVUTIL_ISSPACE_@Base 2.1.8-stable
+ EVUTIL_ISUPPER_@Base 2.1.8-stable
+ EVUTIL_ISXDIGIT_@Base 2.1.8-stable
+ EVUTIL_TOLOWER_@Base 2.1.8-stable
+ EVUTIL_TOUPPER_@Base 2.1.8-stable
+ bufferevent_add_event_@Base 2.1.8-stable
+ bufferevent_add_to_rate_limit_group@Base 2.1.8-stable
+ bufferevent_base_set@Base 2.1.8-stable
+ bufferevent_decref@Base 2.1.8-stable
+
Bug#1023284: libevent: FTBFS with glibc 2.36
Nicolas Mora, le mer. 02 nov. 2022 19:14:51 -0400, a ecrit: > If I understand correctly, removing the symbols evutil_secure_rng_add_bytes > from the symbols files is enough to fix this bug? It will make the package build again. But possibly some binaries in Debian are using that symbol, that'd have to be checked before accepting that this symbol disappears, otherwise those binaries will break. Samuel
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, If I understand correctly, removing the symbols evutil_secure_rng_add_bytes from the symbols files is enough to fix this bug? If no objection, I'll upload the fixed package tomorrow.
Bug#1023284: libevent: FTBFS with glibc 2.36
Source: libevent
Version: 2.0.21-stable-2+deb8u1
Severity: serious
Justification: FTBFS
Hello,
Since the upload of glibc 2.36 in unstable (2.36-3), libevent fails to
build from source:
dpkg-gensymbols: error: some symbols or patterns disappeared in the symbols
file: see diff output below
dpkg-gensymbols: warning: debian/libevent-core-2.1-7/DEBIAN/symbols doesn't
match completely debian/libevent-core-2.1-7.symbols
--- debian/libevent-core-2.1-7.symbols
(libevent-core-2.1-7_2.1.12-stable-5_amd64)
+++ dpkg-gensymbolse6mOZa 2022-11-01 18:35:41.660556092 +0100
@@ -394,7 +394,7 @@
evutil_parse_sockaddr_port@Base 2.1.8-stable
evutil_read_file_@Base 2.1.8-stable
evutil_rtrim_lws_@Base 2.1.8-stable
- evutil_secure_rng_add_bytes@Base 2.1.8-stable
+#MISSING: 2.1.12-stable-5# evutil_secure_rng_add_bytes@Base 2.1.8-stable
evutil_secure_rng_get_bytes@Base 2.1.8-stable
evutil_secure_rng_global_setup_locks_@Base 2.1.8-stable
evutil_secure_rng_init@Base 2.1.8-stable
That's probably due the addition of arc4random in glibc, which makes
#if !defined(EVENT__HAVE_ARC4RANDOM) ||
defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
void
evutil_secure_rng_add_bytes(const char *buf, size_t n)
{
arc4random_addrandom((unsigned char*)buf,
n>(size_t)INT_MAX ? INT_MAX : (int)n);
}
#endif
not define evutil_secure_rng_add_bytes any more.
Samuel
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable-debug'), (500,
'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500,
'proposed-updates-debug'), (500, 'proposed-updates'), (500,
'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'),
(500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1,
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64
Kernel: Linux 6.0.0 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.
