From e7471e1f6fab00c3597faea6b5db04fe773922ea Mon Sep 17 00:00:00 2001 From: "git@daemon.de" Date: Tue, 17 Feb 2015 10:27:55 +0100 Subject: [PATCH] avoid blocking /dev/random on cpantesters systems --- CHANGELOG | 6 +++++- README | 2 +- lib/Crypt/PWSafe3.pm | 2 -- t/run.t | 17 ++++++++++++++++- 4 files changed, 22 insertions(+), 5 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 282ab53..5cafdc2 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,4 +1,4 @@ -NEXT: +1.17: added license to META open tmpfiles with O_EXLOCK disabled (cpantesters) @@ -16,6 +16,10 @@ NEXT: replaced "new $perl::$object" with $perl::$object->new() everywhere. + using weak random source for unit tests to avoid blocking + /dev/random on cpantesters systems with heavy entropy + load. + 1.16 re-licensed from artistic1 to artistic2 in order to be compatible to fedora packaging. no code changes otherwise diff --git a/README b/README index 1dc520d..8c7ddaa 100644 --- a/README +++ b/README @@ -52,5 +52,5 @@ AUTHOR VERSION - 1.16 + 1.17 diff --git a/lib/Crypt/PWSafe3.pm b/lib/Crypt/PWSafe3.pm index e24b29a..d62908f 100644 --- a/lib/Crypt/PWSafe3.pm +++ b/lib/Crypt/PWSafe3.pm @@ -22,7 +22,6 @@ use Digest::SHA; use Crypt::Random qw( makerandom ); use Data::UUID; use File::Copy qw(copy move); -#use File::Spec; use File::Temp; use FileHandle; use Data::Dumper; @@ -176,7 +175,6 @@ sub create { # encrypt b1 .. b4 my $crypt = Crypt::ECB->new; - #$crypt->padding(PADDING_AUTO); $crypt->cipher('Twofish'); $crypt->key( $this->strechedpw() ); $this->b1( $crypt->encrypt( $this->random(16) ) ); diff --git a/t/run.t b/t/run.t index a94dcc9..a7d5b82 100644 --- a/t/run.t +++ b/t/run.t @@ -15,6 +15,7 @@ use Data::Dumper; use Test::More tests => 11; #use Test::More qw(no_plan); + my %params = (create => 0, password => 'tom'); my %record = ( @@ -25,6 +26,8 @@ my %record = ( notes => 'n3' ); + + sub rdpw { my $file = shift; my $vault = Crypt::PWSafe3->new(file => $file, %params) or die "$!"; @@ -36,6 +39,18 @@ sub rdpw { BEGIN { use_ok "Crypt::PWSafe3"}; require_ok( 'Crypt::PWSafe3' ); +# I'm going to replace the secure random number generator +# backends with this very primitive and insecure one, because +# these are only unit tests and because we use external modules +# for the purpose anyway (which are not to be tested with these +# unit tests). +# This has to be done, so that unit tests running on cpantesters +# don't block if we use a real random source, which has reportedly +# happened in the past. +# ***** CAUTION: DO NOT USE THIS CODE IN PRODUCTION. EVER. **** +*Crypt::PWSafe3::random = sub { return join'',map{chr(int(rand(255)))}(1..$_[1]); }; + + ### 2 # open vault and read in all records eval { @@ -62,7 +77,7 @@ my $tmpfile = "$fd"; close($fd); eval { - my $vault = Crypt::PWSafe3->new(file => $tmpfile, password => 'tom') or die "$!"; + my $vault = Crypt::PWSafe3->new(file => $tmpfile, password => 'tom', random => $trand) or die "$!"; $vault->newrecord(%record); $vault->save(); };