From f6b4f2a14918c96c3c3f5e35775e3edf4418ef24 Mon Sep 17 00:00:00 2001 From: Steven Chamberlain Date: Thu, 16 Feb 2017 12:37:41 +0000 Subject: [PATCH] Allow use of libbsd functions with configure option --with-libbsd Add a new configure option `--with-libbsd', which allows to use libbsd's portable implementations of: strlcpy strlcat arc4random arc4random_uniform reallocarray instead of the embedded code copies in contrib/, which will be difficult to maintain in the long term. Also patch util/random.c so that, when building with libbsd and without OpenSSL, arc4random can still be used as the PRNG. Otherwise, building with libnettle would need a kernel-specific getentropy implementation, and libbsd does not export one. [edmonds@debian.org: Imported patch description from BTS, refreshed patch against Unbound 1.9.6.] --- configure.ac | 18 ++++++++++++++++++ contrib/libunbound.pc.in | 2 +- util/random.c | 8 ++++---- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index 0104554dc..15efda669 100644 --- a/configure.ac +++ b/configure.ac @@ -881,6 +881,19 @@ fi fi AC_SUBST(SSLLIB) +# libbsd +AC_ARG_WITH([libbsd], AC_HELP_STRING([--with-libbsd], [Use portable libbsd functions]), [ + AC_CHECK_HEADERS([bsd/string.h bsd/stdlib.h],,, [AC_INCLUDES_DEFAULT]) + if test "x$ac_cv_header_bsd_string_h" = xyes -a "x$ac_cv_header_bsd_stdlib_h" = xyes; then + for func in strlcpy strlcat arc4random arc4random_uniform reallocarray; do + AC_SEARCH_LIBS([$func], [bsd], [ + AC_DEFINE(HAVE_LIBBSD, 1, [Use portable libbsd functions]) + PC_LIBBSD_DEPENDENCY=libbsd + AC_SUBST(PC_LIBBSD_DEPENDENCY) + ]) + done + fi +]) AC_ARG_ENABLE(sha1, AC_HELP_STRING([--disable-sha1], [Disable SHA1 RRSIG support, does not disable nsec3 support])) case "$enable_sha1" in @@ -1946,6 +1959,11 @@ char *strptime(const char *s, const char *format, struct tm *tm); void *reallocarray(void *ptr, size_t nmemb, size_t size); #endif +#ifdef HAVE_LIBBSD +#include +#include +#endif + #ifdef HAVE_LIBRESSL # if !HAVE_DECL_STRLCPY size_t strlcpy(char *dst, const char *src, size_t siz); diff --git a/contrib/libunbound.pc.in b/contrib/libunbound.pc.in index 810c57134..e3e842695 100644 --- a/contrib/libunbound.pc.in +++ b/contrib/libunbound.pc.in @@ -8,7 +8,7 @@ Description: Library with validating, recursive, and caching DNS resolver URL: http://www.unbound.net Version: @PACKAGE_VERSION@ Requires: libcrypto libssl @PC_LIBEVENT_DEPENDENCY@ -Requires.private: @PC_PY_DEPENDENCY@ +Requires.private: @PC_PY_DEPENDENCY@ @PC_LIBBSD_DEPENDENCY@ Libs: -L${libdir} -lunbound -lssl -lcrypto Libs.private: @SSLLIB@ @LIBS@ Cflags: -I${includedir} diff --git a/util/random.c b/util/random.c index bb564f2f9..6eb102c63 100644 --- a/util/random.c +++ b/util/random.c @@ -78,7 +78,7 @@ */ #define MAX_VALUE 0x7fffffff -#if defined(HAVE_SSL) +#if defined(HAVE_SSL) || defined(HAVE_LIBBSD) struct ub_randstate* ub_initstate(struct ub_randstate* ATTR_UNUSED(from)) { @@ -183,10 +183,10 @@ long int ub_random(struct ub_randstate* s) } return x & MAX_VALUE; } -#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */ +#endif /* HAVE_SSL or HAVE_LIBBSD or HAVE_NSS or HAVE_NETTLE */ -#if defined(HAVE_NSS) || defined(HAVE_NETTLE) +#if defined(HAVE_NSS) || defined(HAVE_NETTLE) && !defined(HAVE_LIBBSD) long int ub_random_max(struct ub_randstate* state, long int x) { @@ -198,7 +198,7 @@ ub_random_max(struct ub_randstate* state, long int x) v = ub_random(state); return (v % x); } -#endif /* HAVE_NSS or HAVE_NETTLE */ +#endif /* HAVE_NSS or HAVE_NETTLE and !HAVE_LIBBSD */ void ub_randfree(struct ub_randstate* s)