summaryrefslogtreecommitdiff
path: root/src/common
diff options
context:
space:
mode:
authorAlexander Færøy <ahf@torproject.org>2018-02-01 21:25:33 +0100
committerAlexander Færøy <ahf@torproject.org>2018-02-01 21:32:32 +0100
commita2990081d516873d94643853d1a98b9cc3da55c4 (patch)
tree4b62b47dd1fddb9e176f53e1908a5aa65635bf49 /src/common
parent5516d22a26648f2f3c05324a854cf573b4b5e39c (diff)
downloadtor-a2990081d516873d94643853d1a98b9cc3da55c4.tar.gz
tor-a2990081d516873d94643853d1a98b9cc3da55c4.zip
Slightly different wording for error cases around entropy source selection.
This patch makes the wording around error cases for selecting an entropy source in Tor slightly more verbose. We also let the user know when something goes wrong that we are trying out a fallback method instead. See: https://bugs.torproject.org/25120
Diffstat (limited to 'src/common')
-rw-r--r--src/common/crypto.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 2ecf64c393..0dcffd2fb4 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1903,13 +1903,13 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
if (!provider_set) {
if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT)) {
- log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
+ log_warn(LD_CRYPTO, "Unable to set Windows CryptoAPI provider [1].");
return -1;
}
provider_set = 1;
}
if (!CryptGenRandom(provider, out_len, out)) {
- log_warn(LD_CRYPTO, "Can't get entropy from CryptoAPI.");
+ log_warn(LD_CRYPTO, "Unable get entropy from the Windows CryptoAPI.");
return -1;
}
@@ -1954,9 +1954,11 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
log_warn(LD_CRYPTO, "Can't get entropy from getrandom()."
" You are running a version of Tor built to support"
" getrandom(), but the kernel doesn't implement this"
- " function--probably because it is too old?");
+ " function--probably because it is too old?"
+ " Trying fallback method instead.");
} else {
log_warn(LD_CRYPTO, "Can't get entropy from getrandom(): %s.",
+ " Trying fallback method instead."
strerror(errno));
}
@@ -2009,7 +2011,7 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
size_t n;
for (i = 0; filenames[i]; ++i) {
- log_debug(LD_FS, "Considering %s for entropy", filenames[i]);
+ log_debug(LD_FS, "Considering %s as entropy source", filenames[i]);
fd = open(sandbox_intern_string(filenames[i]), O_RDONLY, 0);
if (fd<0) continue;
log_info(LD_CRYPTO, "Reading entropy from \"%s\"", filenames[i]);
@@ -2019,7 +2021,8 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
/* LCOV_EXCL_START
* We can't make /dev/foorandom actually fail. */
log_warn(LD_CRYPTO,
- "Error reading from entropy source (read only %lu bytes).",
+ "Error reading from entropy source %s (read only %lu bytes).",
+ filenames[i],
(unsigned long)n);
return -1;
/* LCOV_EXCL_STOP */