bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num

From:	Andy Moreton
Subject:	bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Date:	Wed, 20 Jan 2016 15:15:02 +0000
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (windows-nt)

On Wed 20 Jan 2016, Eli Zaretskii wrote:

>> From: Andy Moreton <andrewjmoreton@gmail.com>
>> Date: Wed, 20 Jan 2016 14:06:42 +0000
>> 
>> On Tue 19 Jan 2016, Glenn Morris wrote:
>> 
>> > Andy Moreton wrote:
>> >
>> >>  - broke all builds configured with "--without-gnutls"
>> >
>> > AFAICS, you are mistaken.
>> 
>> I may well be, but please explain.
>> src/sysdep.c (at emacs-25 commit c5ee6de21d4b) contains:
>> 
>> #include "gnutls.h"
>> #if 0x020c00 <= GNUTLS_VERSION_NUMBER && !defined WINDOWSNT
>> # include <gnutls/crypto.h>
>> #else
>> # define emacs_gnutls_global_init() Qnil
>> # define gnutls_rnd(level, data, len) (-1)
>> #endif
>> 
>> How can this build properly on a non-Windows system which does not
>> contain an installed "gnutls.h" header ?
>
> That's src/gnutls.h header that comes with Emacs sources.

Thanks - I knew it had to be something obvious. Sorry for the noise.

    AndyM

[Prev in Thread]

Current Thread

[Next in Thread]

bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, (continued)

Prev by Date: bug#22407: Better support external completion tools
Next by Date: bug#22412: 25.1.50; win32; master branch; build fails; \emacs\src/sysdep.c:2122: undefined reference t
Previous by thread: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Next by thread: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Index(es):
- Date
- Thread