Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, The patch was submitted upstream for their feedback [1], and was finally agreed. So I will upload a new package very soon then. /Nicolas [1] https://github.com/libevent/libevent/issues/1393#issuecomment-1453924054
Bug#1023284: libevent: FTBFS with glibc 2.36
Hi, It seems a fix for this is sitting git, but hasn't been uploaded. Is there a reason it's not been uploaded yet? Kurt
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, I opened an issue upstream [1] to ask for feedbacks. Azat suggest to change the function signature from void evutil_secure_rng_add_bytes(const char *buf, size_t n); to: int evutil_secure_rng_add_bytes(const char *buf, size_t n) and make evutil_secure_rng_add_bytes to return -1, to make it more explicit that the function is no-oped. I understand and I tend to agree with this suggestion, but I'm wondering if this solution is correct for this bug? The symbol would still be the same, but would the signature change introduce problems in the libevent package dependencies and build-deps? Any thoughts? /Nicolas [1] https://github.com/libevent/libevent/issues/1393
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello all, I'm forwarding my questions and thoughts about this patch. Le 2023-01-04 à 11 h 39, Shengjing Zhu a écrit : So Just make evutil_secure_rng_add_bytes noop with glibc's implemtation of arc4random. Please see following patch. In the libevent repo, azat mentions that nooping evutil_secure_rng_add_bytes is not a good thing to do [1] but on the other hand, other implementation have applied this kind of patch, like oracle mentioned above. I'm not pretending I know more, but I'd like to make sure this patch won't silently remove a core functionality in some packages, leading to random number generator being less random. Also, the libevent transition with glibc made by ubuntu in october went fine apparently, just a couple of build had an error [2] Again, I'm not trying to force one solution or another, but I question what solution is the best considering the little time we have until freeze. /Nicolas [1] https://github.com/libevent/libevent/issues/615#issuecomment-421182890 [2] https://bugs.launchpad.net/ubuntu/+source/libevent/+bug/1990941
Bug#1023284: libevent: FTBFS with glibc 2.36
On Fri, Nov 25, 2022 at 10:56:09AM -0500, Nicolas Mora wrote: > Hello, > > Le 2022-11-17 à 04 h 15, Benjamin Drung a écrit : > > > > We did a library transition in Ubuntu to remove this symbol: > > https://launchpad.net/bugs/1990941 > > Attached the patch we applied. > > > Thanks, I've made a new package based on your patch lately, > libevent_2.1.12-stable-7 is in NEW for now [1]. Waiting for FTP masters to > review the new package so the transition can start. > Probably late for this. But this really isn't right for a library transition. I've read the discussion on launchpad. The orig patch to keep ABI has problem for mixing arc4random functions from the vendored sources and glibc. But as I read the code, the arc4random_addrandom shouldn't be called. So glibc doesn't provide such. (Why you want to add entropy yourself?) Looking at other implementation that still has arc4random_addrandom, for example https://docs.oracle.com/cd/E88353_01/html/E37843/arc4random-addrandom-3c.html It's just empty function, provided for compatibility. So Just make evutil_secure_rng_add_bytes noop with glibc's implemtation of arc4random. Please see following patch. diff --git a/evutil_rand.c b/evutil_rand.c index 8e9afda..15deab3 100644 --- a/evutil_rand.c +++ b/evutil_rand.c @@ -190,14 +190,14 @@ evutil_secure_rng_get_bytes(void *buf, size_t n) ev_arc4random_buf(buf, n); } -#if !defined(EVENT__HAVE_ARC4RANDOM) || defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM) void evutil_secure_rng_add_bytes(const char *buf, size_t n) { +#if defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM) arc4random_addrandom((unsigned char*)buf, n>(size_t)INT_MAX ? INT_MAX : (int)n); -} #endif +} void evutil_free_secure_rng_globals_(void) diff --git a/include/event2/util.h b/include/event2/util.h index 02aa7ba..aa7177d 100644 --- a/include/event2/util.h +++ b/include/event2/util.h @@ -862,7 +862,6 @@ int evutil_secure_rng_init(void); EVENT2_EXPORT_SYMBOL int evutil_secure_rng_set_urandom_device_file(char *fname); -#if !defined(EVENT__HAVE_ARC4RANDOM) || defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM) /** Seed the random number generator with extra random bytes. You should almost never need to call this function; it should be @@ -879,7 +878,6 @@ int evutil_secure_rng_set_urandom_device_file(char *fname); */ EVENT2_EXPORT_SYMBOL void evutil_secure_rng_add_bytes(const char *dat, size_t datlen); -#endif #ifdef __cplusplus }
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, Le 2022-11-17 à 04 h 15, Benjamin Drung a écrit : We did a library transition in Ubuntu to remove this symbol: https://launchpad.net/bugs/1990941 Attached the patch we applied. Thanks, I've made a new package based on your patch lately, libevent_2.1.12-stable-7 is in NEW for now [1]. Waiting for FTP masters to review the new package so the transition can start. /Nicolas [1] https://ftp-master.debian.org/new/libevent_2.1.12-stable-7.html
Bug#1023284: libevent: FTBFS with glibc 2.36
On Thu, 3 Nov 2022 00:32:52 +0100 Samuel Thibault wrote: > Nicolas Mora, le mer. 02 nov. 2022 19:14:51 -0400, a ecrit: > > If I understand correctly, removing the symbols evutil_secure_rng_add_bytes from the symbols files is enough to fix this bug? > > It will make the package build again. But possibly some binaries in > Debian are using that symbol, that'd have to be checked before accepting > that this symbol disappears, otherwise those binaries will break. We did a library transition in Ubuntu to remove this symbol: https://launchpad.net/bugs/1990941 Attached the patch we applied. -- Benjamin Drung Debian & Ubuntu Developer diff -pruN 2.1.12-stable-5/debian/control 2.1.12-stable-5ubuntu1/debian/control --- 2.1.12-stable-5/debian/control 2022-04-15 15:26:42.0 + +++ 2.1.12-stable-5ubuntu1/debian/control 2022-10-05 17:07:42.0 + @@ -14,8 +14,8 @@ Package: libevent-dev Architecture: any Section: libdevel Depends: ${misc:Depends}, - libevent-2.1-7 (= ${binary:Version}), - libevent-core-2.1-7 (= ${binary:Version}), + libevent-2.1-7a (= ${binary:Version}), + libevent-core-2.1-7a (= ${binary:Version}), libevent-extra-2.1-7 (= ${binary:Version}), libevent-pthreads-2.1-7 (= ${binary:Version}), libevent-openssl-2.1-7 (= ${binary:Version}) @@ -26,12 +26,14 @@ Description: Asynchronous event notifica . This package includes development files for compiling against libevent. -Package: libevent-2.1-7 +Package: libevent-2.1-7a Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends} Pre-Depends: ${misc:Pre-Depends} +Conflicts: libevent-2.1-7 +Replaces: libevent-2.1-7 Description: Asynchronous event notification library Libevent is an asynchronous event notification library that provides a mechanism to execute a callback function when a specific event occurs @@ -46,12 +48,14 @@ Description: Asynchronous event notifica the libevent library that includes everything in libevent_core and libevent_extra. -Package: libevent-core-2.1-7 +Package: libevent-core-2.1-7a Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends} Pre-Depends: ${misc:Pre-Depends} +Conflicts: libevent-core-2.1-7 +Replaces: libevent-core-2.1-7 Description: Asynchronous event notification library (core) Libevent is an asynchronous event notification library that provides a mechanism to execute a callback function when a specific event occurs @@ -72,7 +76,7 @@ Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends}, - libevent-core-2.1-7 (= ${binary:Version}) + libevent-core-2.1-7a (= ${binary:Version}) Pre-Depends: ${misc:Pre-Depends} Description: Asynchronous event notification library (extra) Libevent is an asynchronous event notification library that provides a @@ -94,7 +98,7 @@ Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends}, - libevent-core-2.1-7 (= ${binary:Version}) + libevent-core-2.1-7a (= ${binary:Version}) Pre-Depends: ${misc:Pre-Depends} Description: Asynchronous event notification library (pthreads) Libevent is an asynchronous event notification library that provides a @@ -114,7 +118,7 @@ Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends}, - libevent-core-2.1-7 (= ${binary:Version}) + libevent-core-2.1-7a (= ${binary:Version}) Pre-Depends: ${misc:Pre-Depends} Description: Asynchronous event notification library (openssl) Libevent is an asynchronous event notification library that provides a diff -pruN 2.1.12-stable-5/debian/libevent-2.1-7a.install 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.install --- 2.1.12-stable-5/debian/libevent-2.1-7a.install 1970-01-01 00:00:00.0 + +++ 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.install 2022-09-27 08:19:35.0 + @@ -0,0 +1 @@ +usr/lib/*/libevent-2.1.so.* diff -pruN 2.1.12-stable-5/debian/libevent-2.1-7a.symbols 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.symbols --- 2.1.12-stable-5/debian/libevent-2.1-7a.symbols 1970-01-01 00:00:00.0 + +++ 2.1.12-stable-5ubuntu1/debian/libevent-2.1-7a.symbols 2022-10-05 17:02:22.0 + @@ -0,0 +1,648 @@ +# SymbolsHelper-Confirmed: 2.1.8-stable amd64 +libevent-2.1.so.7 libevent-2.1-7a #MINVER# +* Build-Depends-Package: libevent-dev + EVUTIL_ISALNUM_@Base 2.1.8-stable + EVUTIL_ISALPHA_@Base 2.1.8-stable + EVUTIL_ISDIGIT_@Base 2.1.8-stable + EVUTIL_ISLOWER_@Base 2.1.8-stable + EVUTIL_ISPRINT_@Base 2.1.8-stable + EVUTIL_ISSPACE_@Base 2.1.8-stable + EVUTIL_ISUPPER_@Base 2.1.8-stable + EVUTIL_ISXDIGIT_@Base 2.1.8-stable + EVUTIL_TOLOWER_@Base 2.1.8-stable + EVUTIL_TOUPPER_@Base 2.1.8-stable + bufferevent_add_event_@Base 2.1.8-stable + bufferevent_add_to_rate_limit_group@Base 2.1.8-stable + bufferevent_base_set@Base 2.1.8-stable + bufferevent_decref@Base 2.1.8-stable +
Bug#1023284: libevent: FTBFS with glibc 2.36
Nicolas Mora, le mer. 02 nov. 2022 19:14:51 -0400, a ecrit: > If I understand correctly, removing the symbols evutil_secure_rng_add_bytes > from the symbols files is enough to fix this bug? It will make the package build again. But possibly some binaries in Debian are using that symbol, that'd have to be checked before accepting that this symbol disappears, otherwise those binaries will break. Samuel
Bug#1023284: libevent: FTBFS with glibc 2.36
Hello, If I understand correctly, removing the symbols evutil_secure_rng_add_bytes from the symbols files is enough to fix this bug? If no objection, I'll upload the fixed package tomorrow.
Bug#1023284: libevent: FTBFS with glibc 2.36
Source: libevent Version: 2.0.21-stable-2+deb8u1 Severity: serious Justification: FTBFS Hello, Since the upload of glibc 2.36 in unstable (2.36-3), libevent fails to build from source: dpkg-gensymbols: error: some symbols or patterns disappeared in the symbols file: see diff output below dpkg-gensymbols: warning: debian/libevent-core-2.1-7/DEBIAN/symbols doesn't match completely debian/libevent-core-2.1-7.symbols --- debian/libevent-core-2.1-7.symbols (libevent-core-2.1-7_2.1.12-stable-5_amd64) +++ dpkg-gensymbolse6mOZa 2022-11-01 18:35:41.660556092 +0100 @@ -394,7 +394,7 @@ evutil_parse_sockaddr_port@Base 2.1.8-stable evutil_read_file_@Base 2.1.8-stable evutil_rtrim_lws_@Base 2.1.8-stable - evutil_secure_rng_add_bytes@Base 2.1.8-stable +#MISSING: 2.1.12-stable-5# evutil_secure_rng_add_bytes@Base 2.1.8-stable evutil_secure_rng_get_bytes@Base 2.1.8-stable evutil_secure_rng_global_setup_locks_@Base 2.1.8-stable evutil_secure_rng_init@Base 2.1.8-stable That's probably due the addition of arc4random in glibc, which makes #if !defined(EVENT__HAVE_ARC4RANDOM) || defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM) void evutil_secure_rng_add_bytes(const char *buf, size_t n) { arc4random_addrandom((unsigned char*)buf, n>(size_t)INT_MAX ? INT_MAX : (int)n); } #endif not define evutil_secure_rng_add_bytes any more. Samuel -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 6.0.0 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- Samuel --- Pour une évaluation indépendante, transparente et rigoureuse ! Je soutiens la Commission d'Évaluation de l'Inria.