From: Roy Marples <roy@marples.name>
Date: Sun, 1 Jun 2025 15:52:28 +0000 (+0100)
Subject: compat: use timingsafe_bcmp if available
X-Git-Tag: v10.2.4~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=46b6a361bb0444c4e93bc565bbee2ea17e65d2d1;p=thirdparty%2Fdhcpcd.git

compat: use timingsafe_bcmp if available

Its return value is the opposite of consttime_memequal.
This function is available all modern BSD's except for NetBSD where
we have consttime_memequal.
---

diff --git a/configure b/configure
index a60da137..07d68349 100755
--- a/configure
+++ b/configure
@@ -1150,9 +1150,31 @@ EOF
 	echo "$CONSTTIME_MEMEQUAL"
 	rm -f _consttime_memequal.c _consttime_memequal
 fi
+if [ "$CONSTTIME_MEMEQUAL" = no ] && [ -z "$TIMINGSAFE_BCMP" ]; then
+	printf "Testing for timingsafe_bcmp ... "
+	cat <<EOF >_timingsafe_bcmp.c
+#include <string.h>
+int main(void) {
+	return timingsafe_bcmp("deadbeef", "deadbeef", 8);
+}
+EOF
+	if $XCC _timingsafe_bcmp.c -o _timingsafe_bcmp 2>&3; then
+		TIMINGSAFE_BCMP=yes
+	else
+		TIMINGSAFE_BCMP=no
+	fi
+	echo "$TIMINGSAFE_BCMP"
+	rm -f _timingsafe_bcmp.c _timingsafe_bcmp
+fi
+
 if [ "$CONSTTIME_MEMEQUAL" = no ]; then
-	echo "#include			\"compat/consttime_memequal.h\"" \
-	    >>$CONFIG_H
+	if [ "$TIMINGSAFE_BCMP" = yes ]; then
+		echo "#define	consttime_memequal	!timingsafe_bcmp" \
+		    >>$CONFIG_H
+	else
+		echo "#include			\"compat/consttime_memequal.h\"" \
+		    >>$CONFIG_H
+	fi
 fi
 
 if [ -z "$DPRINTF" ]; then