Use PDNS_CHECK_SECURE_MEMSET, as suggested by @rcagogne

diff --git a/configure.ac b/configure.ac
index ce048aef23926040d02f8444db63fb1812214b40..d6ad04a3c527611ec926c760959a347151ebbd28 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -154,7 +154,8 @@ dnl Checks for library functions.
 dnl the *_r functions are in posix so we can use them unconditionally, but the ext/yahttp code is
 dnl using the defines.
 AC_CHECK_FUNCS_ONCE([strcasestr localtime_r gmtime_r recvmmsg sched_setscheduler])
-AC_CHECK_FUNCS_ONCE([explicit_bzero memset_s getrandom getentropy arc4random arc4random_uniform arc4random_buf])
+AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf])
+PDNS_CHECK_SECURE_MEMSET
 
 AM_CONDITIONAL([HAVE_RECVMMSG], [test "x$ac_cv_func_recvmmsg" = "xyes"])
 

diff --git a/ext/arc4random/arc4random.hh b/ext/arc4random/arc4random.hh
index c9bedac4733feae8ef259ad9380d459c12ed4a8d..cff8dd031ecda124fd23dd29c691efd7dab093c1 100644 (file)
--- a/ext/arc4random/arc4random.hh
+++ b/ext/arc4random/arc4random.hh
@@ -15,6 +15,6 @@ extern "C"
   uint32_t arc4random_uniform(uint32_t upper_bound);
 #endif
 #ifndef HAVE_EXPLICIT_BZERO
-  void explicit_bzero(void *, size_t len);
+  void explicit_bzero(void*, size_t len);
 #endif
 }

diff --git a/m4/pdns_check_secure_memset.m4 b/m4/pdns_check_secure_memset.m4
index 4f582199a90553328f002bfe0e294ea35f382fab..220eaebe66900ebeae689db1845732ad0a6bb14d 100644 (file)
--- a/m4/pdns_check_secure_memset.m4
+++ b/m4/pdns_check_secure_memset.m4
@@ -1,3 +1,3 @@
 AC_DEFUN([PDNS_CHECK_SECURE_MEMSET], [
-  AC_CHECK_FUNCS([explicit_bzero explicit_memset])
+  AC_CHECK_FUNCS([explicit_bzero explicit_memset memset_s])
 ])

diff --git a/pdns/dnsdistdist/configure.ac b/pdns/dnsdistdist/configure.ac
index 6ab2749d3ad4dce7de8ad63119fdf59e718ec9ca..aa7ffbf7a44e21f3b0dca476a32779b9dd0cda35 100644 (file)
--- a/pdns/dnsdistdist/configure.ac
+++ b/pdns/dnsdistdist/configure.ac
@@ -49,7 +49,7 @@ PDNS_WITH_SERVICE_USER([dnsdist])
 dnl the *_r functions are in posix so we can use them unconditionally, but the ext/yahttp code is
 dnl using the defines.
 AC_CHECK_FUNCS_ONCE([localtime_r gmtime_r])
-AC_CHECK_FUNCS_ONCE([explicit_bzero memset_s getrandom getentropy arc4random arc4random_uniform arc4random_buf])
+AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf])
 AC_SUBST([YAHTTP_CFLAGS], ['-I$(top_srcdir)/ext/yahttp'])
 AC_SUBST([YAHTTP_LIBS], ['$(top_builddir)/ext/yahttp/yahttp/libyahttp.la'])
 AC_SUBST([IPCRYPT_CFLAGS], ['-I$(top_srcdir)/ext/ipcrypt'])

diff --git a/pdns/recursordist/configure.ac b/pdns/recursordist/configure.ac
index 8945ae6618429eba135fe71efcd0c48f23cc95c5..2e8f9351b35e166b7529443b7f87ffd1fb0a3452 100644 (file)
--- a/pdns/recursordist/configure.ac
+++ b/pdns/recursordist/configure.ac
@@ -113,7 +113,8 @@ PDNS_CHECK_CURL
 dnl the *_r functions are in posix so we can use them unconditionally, but the ext/yahttp code is
 dnl using the defines.
 AC_CHECK_FUNCS_ONCE([localtime_r gmtime_r strcasestr])
-AC_CHECK_FUNCS_ONCE([explicit_bzero memset_s getrandom getentropy arc4random arc4random_uniform arc4random_buf])
+AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf])
+PDNS_CHECK_SECURE_MEMSET
 
 AC_CHECK_HEADERS([sys/random.h])
 

diff --git a/pdns/recursordist/m4/pdns_check_secure_memset.m4 b/pdns/recursordist/m4/pdns_check_secure_memset.m4
new file mode 120000 (symlink)
index 0000000..58f6bd3
--- /dev/null
+++ b/pdns/recursordist/m4/pdns_check_secure_memset.m4
@@ -0,0 +1 @@
+../../../m4/pdns_check_secure_memset.m4
\ No newline at end of file