libxml2: fallback to internal entropy (#531)

* libxml2: fallback to internal entropy
jellyfin · Feb 1, 2025 · 9ce0bcc · 9ce0bcc
1 parent 9ba6e9a
commit 9ce0bcc
Show file tree

Hide file tree

Showing 5 changed files with 155 additions and 0 deletions.
diff --git a/builder/patches/libxml2/master/0001-dict-Fallback-to-internal-entropy-master.patch b/builder/patches/libxml2/master/0001-dict-Fallback-to-internal-entropy-master.patch
@@ -0,0 +1,73 @@
+From fafdb8d58fd001bd167608e9b23d1a3a1f252281 Mon Sep 17 00:00:00 2001
+From: nyanmisaka <[email protected]>
+Date: Sat, 1 Feb 2025 15:08:12 +0800
+Subject: [PATCH] dict: Fallback to internal entropy
+
+Signed-off-by: nyanmisaka <[email protected]>
+---
+ dict.c | 42 +++++++++++++++++++++++++++---------------
+ 1 file changed, 27 insertions(+), 15 deletions(-)
+
+diff --git a/dict.c b/dict.c
+index ccd8b54..f4010e4 100644
+--- a/dict.c
++++ b/dict.c
+@@ -957,28 +957,40 @@ xmlInitRandom(void) {
+         status = BCryptGenRandom(NULL, (unsigned char *) globalRngState,
+                                  sizeof(globalRngState),
+                                  BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+-        if (!BCRYPT_SUCCESS(status))
+-            xmlAbort("libxml2: BCryptGenRandom failed with error code %lu\n",
+-                     GetLastError());
++        if (!BCRYPT_SUCCESS(status)) {
++            xmlPrintErrorMessage("libxml2: BCryptGenRandom failed with "
++                                 "error code %lu, using internal entropy\n",
++                                 GetLastError());
++            goto internal_entropy;
++        }
++        return;
+ #elif HAVE_DECL_GETENTROPY
+         while (1) {
+             if (getentropy(globalRngState, sizeof(globalRngState)) == 0)
+                 break;
+
+-            if (errno != EINTR)
+-                xmlAbort("libxml2: getentropy failed with error code %d\n",
+-                         errno);
++            if (errno != EINTR) {
++                xmlPrintErrorMessage("libxml2: getentropy failed with "
++                                     "error code %d, using internal entropy\n",
++                                     errno);
++                goto internal_entropy;
++            }
+         }
+-#else
+-        int var;
+-
+-        globalRngState[0] =
+-                (unsigned) time(NULL) ^
+-                HASH_ROL((unsigned) ((size_t) &xmlInitRandom & 0xFFFFFFFF), 8);
+-        globalRngState[1] =
+-                HASH_ROL((unsigned) ((size_t) &xmlRngMutex & 0xFFFFFFFF), 16) ^
+-                HASH_ROL((unsigned) ((size_t) &var & 0xFFFFFFFF), 24);
++        return;
+ #endif
++internal_entropy:
++        {
++            int var;
++
++            memset(globalRngState, 0, sizeof(globalRngState));
++
++            globalRngState[0] =
++                    (unsigned) time(NULL) ^
++                    HASH_ROL((unsigned) ((size_t) &xmlInitRandom & 0xFFFFFFFF), 8);
++            globalRngState[1] =
++                    HASH_ROL((unsigned) ((size_t) &xmlRngMutex & 0xFFFFFFFF), 16) ^
++                    HASH_ROL((unsigned) ((size_t) &var & 0xFFFFFFFF), 24);
++        }
+     }
+ }
+
+-- 
+2.34.1
+
diff --git a/builder/patches/libxml2/v2.13.5/0001-dict-Fallback-to-internal-entropy.patch b/builder/patches/libxml2/v2.13.5/0001-dict-Fallback-to-internal-entropy.patch
@@ -0,0 +1,67 @@
+From 09b9b54c88cb45e5892ca2b5e0f4e4e33877cc4a Mon Sep 17 00:00:00 2001
+From: nyanmisaka <[email protected]>
+Date: Sat, 1 Feb 2025 15:19:30 +0800
+Subject: [PATCH] dict: Fallback to internal entropy
+
+Signed-off-by: nyanmisaka <[email protected]>
+---
+ dict.c | 32 +++++++++++++++++++-------------
+ 1 file changed, 19 insertions(+), 13 deletions(-)
+
+diff --git a/dict.c b/dict.c
+index 49e1c6bf..301ef61b 100644
+--- a/dict.c
++++ b/dict.c
+@@ -962,9 +962,10 @@ xmlInitRandom(void) {
+                                  BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+         if (!BCRYPT_SUCCESS(status)) {
+             fprintf(stderr, "libxml2: BCryptGenRandom failed with "
+-                    "error code %lu\n", GetLastError());
+-            abort();
++                    "error code %lu, using internal entropy\n", GetLastError());
++            goto internal_entropy;
+         }
++        return;
+ #elif defined(HAVE_GETENTROPY)
+         while (1) {
+             if (getentropy(globalRngState, sizeof(globalRngState)) == 0)
+@@ -972,20 +973,25 @@ xmlInitRandom(void) {
+
+             if (errno != EINTR) {
+                 fprintf(stderr, "libxml2: getentropy failed with "
+-                        "error code %d\n", errno);
+-                abort();
++                        "error code %d, using internal entropy\n", errno);
++                goto internal_entropy;
+             }
+         }
+-#else
+-        int var;
+-
+-        globalRngState[0] =
+-                (unsigned) time(NULL) ^
+-                HASH_ROL((unsigned) ((size_t) &xmlInitRandom & 0xFFFFFFFF), 8);
+-        globalRngState[1] =
+-                HASH_ROL((unsigned) ((size_t) &xmlRngMutex & 0xFFFFFFFF), 16) ^
+-                HASH_ROL((unsigned) ((size_t) &var & 0xFFFFFFFF), 24);
++        return;
+ #endif
++internal_entropy:
++        {
++            int var;
++
++            memset(globalRngState, 0, sizeof(globalRngState));
++
++            globalRngState[0] =
++                    (unsigned) time(NULL) ^
++                    HASH_ROL((unsigned) ((size_t) &xmlInitRandom & 0xFFFFFFFF), 8);
++            globalRngState[1] =
++                    HASH_ROL((unsigned) ((size_t) &xmlRngMutex & 0xFFFFFFFF), 16) ^
++                    HASH_ROL((unsigned) ((size_t) &var & 0xFFFFFFFF), 24);
++        }
+     }
+ }
+
+-- 
+2.34.1
+
diff --git a/builder/scripts.d/25-libxml2.sh b/builder/scripts.d/25-libxml2.sh
@@ -7,13 +7,22 @@ ffbuild_enabled() {
     return 0
 }
 
+ffbuild_dockerstage() {
+    to_df "RUN --mount=src=${SELF},dst=/stage.sh --mount=src=patches/libxml2/master,dst=/patches run_stage /stage.sh"
+}
+
 ffbuild_dockerbuild() {
     # libxml2 is macOS built-in
     [[ $TARGET == mac* ]] && return 0
 
     git-mini-clone "$SCRIPT_REPO" "$SCRIPT_COMMIT" libxml2
     cd libxml2
 
+    for patch in /patches/*.patch; do
+        echo "Applying $patch"
+        patch -p1 < "$patch"
+    done
+
     local myconf=(
         --prefix="$FFBUILD_PREFIX"
         --without-python

diff --git a/docker-build-win64.sh b/docker-build-win64.sh
@@ -49,6 +49,8 @@ popd
 # LIBXML2
 git clone --depth=1 https://github.com/GNOME/libxml2.git
 pushd libxml2
+# Fallback to internal entropy when system native method failed
+git apply ${SOURCE_DIR}/builder/patches/libxml2/master/0001-dict-Fallback-to-internal-entropy-master.patch
 ./autogen.sh \
     --prefix=${FF_DEPS_PREFIX} \
     --host=${FF_TOOLCHAIN} \

diff --git a/docker-build.sh b/docker-build.sh
@@ -74,6 +74,10 @@ prepare_extra_common() {
     fi
     git clone -b ${libxml2_ver} --depth=1 https://github.com/GNOME/libxml2.git
     pushd libxml2
+    if [[ $(lsb_release -c -s) != "focal" ]]; then
+        # Fallback to internal entropy when system native method failed
+        git apply ${SOURCE_DIR}/builder/patches/libxml2/v2.13.5/0001-dict-Fallback-to-internal-entropy.patch
+    fi
     ./autogen.sh \
         ${CROSS_OPT} \
         --prefix=${TARGET_DIR} \