Merge branch 'bug25120'

2018-02-11 16:10:58 -05:00 · 2018-02-11 16:10:58 -05:00 · 627974b02e
parent 1df701c082 14c47a0b5c
commit 627974b02e
1 changed files with 20 additions and 11 deletions
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@ -1891,6 +1891,12 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
 {
  tor_assert(out_len <= MAX_STRONGEST_RAND_SIZE);

+  /* We only log at notice-level here because in the case that this function
+   * fails the crypto_strongest_rand_raw() caller will log with a warning-level
+   * message and let crypto_strongest_rand() error out and finally terminating
+   * Tor with an assertion error.
+   */
+
 #ifdef TOR_UNIT_TESTS
  if (break_strongest_rng_syscall)
    return -1;
@ -1903,13 +1909,13 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
  if (!provider_set) {
    if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
                             CRYPT_VERIFYCONTEXT)) {
-      log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
+      log_notice(LD_CRYPTO, "Unable to set Windows CryptoAPI provider [1].");
      return -1;
    }
    provider_set = 1;
  }
  if (!CryptGenRandom(provider, out_len, out)) {
-    log_warn(LD_CRYPTO, "Can't get entropy from CryptoAPI.");
+    log_notice(LD_CRYPTO, "Unable get entropy from the Windows CryptoAPI.");
    return -1;
  }

@ -1951,12 +1957,14 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)

      /* Useful log message for errno. */
      if (errno == ENOSYS) {
-        log_warn(LD_CRYPTO, "Can't get entropy from getrandom()."
-                 " You are running a version of Tor built to support"
-                 " getrandom(), but the kernel doesn't implement this"
-                 " function--probably because it is too old?");
+        log_notice(LD_CRYPTO, "Can't get entropy from getrandom()."
+                   " You are running a version of Tor built to support"
+                   " getrandom(), but the kernel doesn't implement this"
+                   " function--probably because it is too old?"
+                   " Trying fallback method instead.");
      } else {
-        log_warn(LD_CRYPTO, "Can't get entropy from getrandom(): %s.",
+        log_notice(LD_CRYPTO, "Can't get entropy from getrandom(): %s.",
+                              " Trying fallback method instead."
                 strerror(errno));
      }

@ -2009,7 +2017,7 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
  size_t n;

  for (i = 0; filenames[i]; ++i) {
-    log_debug(LD_FS, "Considering %s for entropy", filenames[i]);
+    log_debug(LD_FS, "Considering %s as entropy source", filenames[i]);
    fd = open(sandbox_intern_string(filenames[i]), O_RDONLY, 0);
    if (fd<0) continue;
    log_info(LD_CRYPTO, "Reading entropy from \"%s\"", filenames[i]);
@ -2018,9 +2026,10 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
    if (n != out_len) {
      /* LCOV_EXCL_START
       * We can't make /dev/foorandom actually fail. */
-      log_warn(LD_CRYPTO,
-               "Error reading from entropy source (read only %lu bytes).",
-               (unsigned long)n);
+      log_notice(LD_CRYPTO,
+                 "Error reading from entropy source %s (read only %lu bytes).",
+                 filenames[i],
+                 (unsigned long)n);
      return -1;
      /* LCOV_EXCL_STOP */
    }