Steven Chamberlain wrote: > Attached is [...] Oops.
-- Steven Chamberlain ste...@pyro.eu.org
Date: Wed, 15 Feb 2017 12:44:13 +0000
From: Steven Chamberlain <ste...@pyro.eu.org>
Subject: enable use of portable libbsd functions
Add a new configure option `--with-libbsd', which allows to use libbsd's
portable implementations of:
strlcpy strlcat arc4random arc4random_uniform reallocarray
instead of the embedded code copies in contrib/, which will be
difficult to maintain in the long term.
Also patch util/random.c so that, when building with libbsd and without
OpenSSL, arc4random can still be used as the PRNG. Otherwise, building
with libnettle would need a kernel-specific getentropy implementation,
and libbsd does not export one.
diff --git a/configure.ac b/configure.ac
index d850539..9744388 100644
--- a/configure.ac
+++ b/configure.ac
@@ -707,6 +707,19 @@ AC_INCLUDES_DEFAULT
fi
AC_SUBST(SSLLIB)
+# libbsd
+AC_ARG_WITH([libbsd], AC_HELP_STRING([--with-libbsd=path], [Use portable libbsd functions]), [
+ AC_CHECK_HEADERS([bsd/string.h bsd/stdlib.h],,, [AC_INCLUDES_DEFAULT])
+ if test "x$ac_cv_header_bsd_string_h" = xyes -a "x$ac_cv_header_bsd_stdlib_h" = xyes; then
+ for func in strlcpy strlcat arc4random arc4random_uniform reallocarray; do
+ AC_SEARCH_LIBS([$func], [bsd], [
+ AC_DEFINE(HAVE_LIBBSD, 1, [Use portable libbsd functions])
+ PC_LIBBSD_DEPENDENCY=libbsd
+ AC_SUBST(PC_LIBBSD_DEPENDENCY)
+ ])
+ done
+ fi
+])
AC_ARG_ENABLE(sha2, AC_HELP_STRING([--disable-sha2], [Disable SHA256 and SHA512 RRSIG support]))
case "$enable_sha2" in
@@ -1469,6 +1482,11 @@ struct tm;
char *strptime(const char *s, const char *format, struct tm *tm);
#endif
+#ifdef HAVE_LIBBSD
+#include <bsd/string.h>
+#include <bsd/stdlib.h>
+#endif
+
#ifdef HAVE_LIBRESSL
# if !HAVE_DECL_STRLCPY
size_t strlcpy(char *dst, const char *src, size_t siz);
diff --git a/contrib/libunbound.pc.in b/contrib/libunbound.pc.in
index 130bef5..b6aec29 100644
--- a/contrib/libunbound.pc.in
+++ b/contrib/libunbound.pc.in
@@ -7,7 +7,7 @@ Name: unbound
Description: Library with validating, recursive, and caching DNS resolver
URL: http://www.unbound.net
Version: @PACKAGE_VERSION@
-Requires: libcrypto libssl @PC_LIBEVENT_DEPENDENCY@ @PC_PY_DEPENDENCY@
+Requires: libcrypto libssl @PC_LIBEVENT_DEPENDENCY@ @PC_PY_DEPENDENCY@ @PC_LIBBSD_DEPENDENCY@
Libs: -L${libdir} -lunbound
Libs.private: @SSLLIB@ @LIBS@
Cflags: -I${includedir}
diff --git a/util/random.c b/util/random.c
index 8332960..b86c548 100644
--- a/util/random.c
+++ b/util/random.c
@@ -78,7 +78,7 @@
*/
#define MAX_VALUE 0x7fffffff
-#if defined(HAVE_SSL)
+#if defined(HAVE_SSL) || defined(HAVE_LIBBSD)
void
ub_systemseed(unsigned int ATTR_UNUSED(seed))
{
@@ -208,10 +208,10 @@ long int ub_random(struct ub_randstate* s)
}
return x & MAX_VALUE;
}
-#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */
+#endif /* HAVE_SSL or HAVE_LIBBSD or HAVE_NSS or HAVE_NETTLE */
-#if defined(HAVE_NSS) || defined(HAVE_NETTLE)
+#if defined(HAVE_NSS) || defined(HAVE_NETTLE) && !defined(HAVE_LIBBSD)
long int
ub_random_max(struct ub_randstate* state, long int x)
{
@@ -223,7 +223,7 @@ ub_random_max(struct ub_randstate* state, long int x)
v = ub_random(state);
return (v % x);
}
-#endif /* HAVE_NSS or HAVE_NETTLE */
+#endif /* HAVE_NSS or HAVE_NETTLE and !HAVE_LIBBSD */
void
ub_randfree(struct ub_randstate* s)
diff --git a/debian/control b/debian/control index f27c922..001428c 100644 --- a/debian/control +++ b/debian/control @@ -15,6 +15,7 @@ Build-Depends: dh-systemd <!pkg.unbound.libonly>, dpkg-dev (>= 1.16.1~), flex, + libbsd-dev (>= 0.8.1~) [!linux-any], libevent-dev, libexpat1-dev, libfstrm-dev <!pkg.unbound.libonly>, diff --git a/debian/rules b/debian/rules index f978494..3e5c216 100755 --- a/debian/rules +++ b/debian/rules @@ -7,6 +7,10 @@ ifneq ($(DEB_HOST_ARCH), amd64) CONFIGURE_ARGS = --disable-flto endif +ifneq ($(DEB_HOST_ARCH_OS), linux) +CONFIGURE_ARGS = --with-libbsd +endif + LIBRARY = libunbound2 DOPACKAGES = $(shell dh_listpackages)
signature.asc
Description: Digital signature
