Issue2870

Title libgcrypt 1.7.4 breaks KWallet5: "Can't get secure memory" from GCRYCTL_INIT_SECMEM
Priority bug Status resolved
Category libgcrypt Due Date
Version 1.7.4 ExtLink  (go)
Superseder Nosy List mwhitlock, werner
Assigned To werner Topics  (help)

Created on 2016-12-13.06:12:07 by mwhitlock, last changed 2016-12-16.07:21:32 by werner.

Messages
msg9600 (view) Author: werner Date: 2016-12-15.07:57:14
Applied with commit 0a90f87799 to master.  I will backport and release 1.7.5 today.
msg9599 (view) Author: mwhitlock Date: 2016-12-15.01:31:34
The Gentoo bug report for this has a 
proposed fix, correcting a typo (EGAIN-
>EAGAIN) in an autoconf script.

https://bugs.gentoo.org/show_bug.cgi?
id=602502#c5
msg9591 (view) Author: justus Date: 2016-12-13.13:04:20
I improved our test suite so that it detects this problem.
msg9590 (view) Author: justus Date: 2016-12-13.10:58:23
This is indeed a bug in libgcrypt.  Thanks for the report.
msg9589 (view) Author: mwhitlock Date: 2016-12-13.06:12:07
Libgcrypt 1.7.4 completely breaks KWallet5, which starts complaining "Can't get 
secure memory" and refuses to open wallet files, thus cutting off access to all of 
the user's saved passwords. Downgrading to libgcrypt 1.7.3 restores correct 
functionality. Took me a while to figure this out. :\

You can find the location of the failure here:
https://github.com/KDE/kwallet/blob/5f1f5fed934a3f2639591aaa7e303983936a68a0/src/r
untime/kwalletd/backend/kwalletbackend.cc#L135

Why would gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0) succeed in libgcrypt 1.7.3 
but fail in libgcrypt 1.7.4?
History
Date User Action Args
2016-12-16 07:21:32wernersetstatus: not-released -> resolved
2016-12-15 07:57:14wernersetstatus: chatting -> not-released
messages: + msg9600
2016-12-15 01:31:34mwhitlocksetmessages: + msg9599
2016-12-13 13:04:20justussetassignedto: werner
messages: + msg9591
nosy: + werner
2016-12-13 10:58:24justussetstatus: unread -> chatting
messages: + msg9590
2016-12-13 06:12:07mwhitlockcreate