commit 14c47a0b5c8965463957f8c8c9311bcb96885049 Author: Alexander Færøy <ahf@torproject.org> Date: Thu Feb 1 21:27:38 2018 +0100 Lower log-level in different error conditions in entropy selection. This patch lowers the log-level from warning to info in the cases where we are going to attempt another method as entropy source to hopefully make the user feel less concerned. See: https://bugs.torproject.org/25120 --- src/common/crypto.c | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/src/common/crypto.c b/src/common/crypto.c index 0dcffd2fb..f8da2fcf1 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1891,6 +1891,12 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len) { tor_assert(out_len <= MAX_STRONGEST_RAND_SIZE); + /* We only log at notice-level here because in the case that this function + * fails the crypto_strongest_rand_raw() caller will log with a warning-level + * message and let crypto_strongest_rand() error out and finally terminating + * Tor with an assertion error. + */ + #ifdef TOR_UNIT_TESTS if (break_strongest_rng_syscall) return -1; @@ -1903,13 +1909,13 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len) if (!provider_set) { if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - log_warn(LD_CRYPTO, "Unable to set Windows CryptoAPI provider [1]."); + log_notice(LD_CRYPTO, "Unable to set Windows CryptoAPI provider [1]."); return -1; } provider_set = 1; } if (!CryptGenRandom(provider, out_len, out)) { - log_warn(LD_CRYPTO, "Unable get entropy from the Windows CryptoAPI."); + log_notice(LD_CRYPTO, "Unable get entropy from the Windows CryptoAPI."); return -1; } @@ -1951,14 +1957,14 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len) /* Useful log message for errno. */ if (errno == ENOSYS) { - log_warn(LD_CRYPTO, "Can't get entropy from getrandom()." - " You are running a version of Tor built to support" - " getrandom(), but the kernel doesn't implement this" - " function--probably because it is too old?" - " Trying fallback method instead."); + log_notice(LD_CRYPTO, "Can't get entropy from getrandom()." + " You are running a version of Tor built to support" + " getrandom(), but the kernel doesn't implement this" + " function--probably because it is too old?" + " Trying fallback method instead."); } else { - log_warn(LD_CRYPTO, "Can't get entropy from getrandom(): %s.", - " Trying fallback method instead." + log_notice(LD_CRYPTO, "Can't get entropy from getrandom(): %s.", + " Trying fallback method instead." strerror(errno)); } @@ -2020,10 +2026,10 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len) if (n != out_len) { /* LCOV_EXCL_START * We can't make /dev/foorandom actually fail. */ - log_warn(LD_CRYPTO, - "Error reading from entropy source %s (read only %lu bytes).", - filenames[i], - (unsigned long)n); + log_notice(LD_CRYPTO, + "Error reading from entropy source %s (read only %lu bytes).", + filenames[i], + (unsigned long)n); return -1; /* LCOV_EXCL_STOP */ }