Allow use of libbsd functions with configure option --with-libbsd

Add a new configure option `--with-libbsd', which allows to use libbsd's
portable implementations of:

    strlcpy strlcat arc4random arc4random_uniform reallocarray

instead of the embedded code copies in contrib/, which will be
difficult to maintain in the long term.

Also patch util/random.c so that, when building with libbsd and without
OpenSSL, arc4random can still be used as the PRNG.  Otherwise, building
with libnettle would need a kernel-specific getentropy implementation,
and libbsd does not export one.

[edmonds@debian.org: Imported patch description from BTS, refreshed
patch against Unbound 1.9.6.]

diff --git a/configure.ac b/configure.ac
index 0104554dc731b5fc48ab6f6e43f801466bb837c7..15efda669bab79020e88ed1c75295ce01ad87d2d 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -881,6 +881,19 @@ fi
 fi
 AC_SUBST(SSLLIB)
 
+# libbsd
+AC_ARG_WITH([libbsd], AC_HELP_STRING([--with-libbsd], [Use portable libbsd functions]), [
+       AC_CHECK_HEADERS([bsd/string.h bsd/stdlib.h],,, [AC_INCLUDES_DEFAULT])
+       if test "x$ac_cv_header_bsd_string_h" = xyes -a "x$ac_cv_header_bsd_stdlib_h" = xyes; then
+               for func in strlcpy strlcat arc4random arc4random_uniform reallocarray; do
+                       AC_SEARCH_LIBS([$func], [bsd], [
+                               AC_DEFINE(HAVE_LIBBSD, 1, [Use portable libbsd functions])
+                               PC_LIBBSD_DEPENDENCY=libbsd
+                               AC_SUBST(PC_LIBBSD_DEPENDENCY)
+                       ])
+               done
+       fi
+])
 
 AC_ARG_ENABLE(sha1, AC_HELP_STRING([--disable-sha1], [Disable SHA1 RRSIG support, does not disable nsec3 support]))
 case "$enable_sha1" in
@@ -1946,6 +1959,11 @@ char *strptime(const char *s, const char *format, struct tm *tm);
 void *reallocarray(void *ptr, size_t nmemb, size_t size);
 #endif
 
+#ifdef HAVE_LIBBSD
+#include <bsd/string.h>
+#include <bsd/stdlib.h>
+#endif
+
 #ifdef HAVE_LIBRESSL
 #  if !HAVE_DECL_STRLCPY
 size_t strlcpy(char *dst, const char *src, size_t siz);

diff --git a/contrib/libunbound.pc.in b/contrib/libunbound.pc.in
index 810c571343a4b49419273d7607b8fed187de6a13..e3e842695b3c26a114856a6cd6264371e986931e 100644 (file)
--- a/contrib/libunbound.pc.in
+++ b/contrib/libunbound.pc.in
@@ -8,7 +8,7 @@ Description: Library with validating, recursive, and caching DNS resolver
 URL: http://www.unbound.net
 Version: @PACKAGE_VERSION@
 Requires: libcrypto libssl @PC_LIBEVENT_DEPENDENCY@
-Requires.private: @PC_PY_DEPENDENCY@
+Requires.private: @PC_PY_DEPENDENCY@ @PC_LIBBSD_DEPENDENCY@
 Libs: -L${libdir} -lunbound -lssl -lcrypto
 Libs.private: @SSLLIB@ @LIBS@
 Cflags: -I${includedir} 

diff --git a/util/random.c b/util/random.c
index bb564f2f99aad6cba1b6b4bd349b0150d3d078b9..6eb102c634b9af80a30f66c403cebdf9f614dd33 100644 (file)
--- a/util/random.c
+++ b/util/random.c
@@ -78,7 +78,7 @@
  */
 #define MAX_VALUE 0x7fffffff
 
-#if defined(HAVE_SSL)
+#if defined(HAVE_SSL) || defined(HAVE_LIBBSD)
 struct ub_randstate* 
 ub_initstate(struct ub_randstate* ATTR_UNUSED(from))
 {
@@ -183,10 +183,10 @@ long int ub_random(struct ub_randstate* s)
        }
        return x & MAX_VALUE;
 }
-#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */
+#endif /* HAVE_SSL or HAVE_LIBBSD or HAVE_NSS or HAVE_NETTLE */
 
 
-#if defined(HAVE_NSS) || defined(HAVE_NETTLE)
+#if defined(HAVE_NSS) || defined(HAVE_NETTLE) && !defined(HAVE_LIBBSD)
 long int
 ub_random_max(struct ub_randstate* state, long int x)
 {
@@ -198,7 +198,7 @@ ub_random_max(struct ub_randstate* state, long int x)
                v = ub_random(state);
        return (v % x);
 }
-#endif /* HAVE_NSS or HAVE_NETTLE */
+#endif /* HAVE_NSS or HAVE_NETTLE and !HAVE_LIBBSD */
 
 void 
 ub_randfree(struct ub_randstate* s)