libgcrypt 1.7.4 breaks KWallet5: "Can't get secure memory" from GCRYCTL_INIT_SECMEM
Closed, ResolvedPublic

Description

Libgcrypt 1.7.4 completely breaks KWallet5, which starts complaining "Can't get
secure memory" and refuses to open wallet files, thus cutting off access to all of
the user's saved passwords. Downgrading to libgcrypt 1.7.3 restores correct
functionality. Took me a while to figure this out. :\

You can find the location of the failure here:
https://github.com/KDE/kwallet/blob/5f1f5fed934a3f2639591aaa7e303983936a68a0/src/r
untime/kwalletd/backend/kwalletbackend.cc#L135

Why would gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0) succeed in libgcrypt 1.7.3
but fail in libgcrypt 1.7.4?

Details

Version
1.7.4
mwhitlock set Version to 1.7.4.Dec 13 2016, 7:12 AM
mwhitlock added projects: libgcrypt, Bug Report.
mwhitlock added a subscriber: mwhitlock.
justus added a subscriber: justus.Dec 13 2016, 11:58 AM

This is indeed a bug in libgcrypt. Thanks for the report.

I improved our test suite so that it detects this problem.

justus assigned this task to werner.Dec 13 2016, 2:04 PM
justus added a subscriber: werner.

The Gentoo bug report for this has a
proposed fix, correcting a typo (EGAIN-

EAGAIN) in an autoconf script.

https://bugs.gentoo.org/show_bug.cgi?
id=602502#c5

werner closed this task as "Resolved".

Applied with commit 0a90f87799 to master. I will backport and release 1.7.5 today.