From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Fri, 16 Jun 2017 08:20:44 +0000 (+0000)
Subject: - Fix dnscrypt chacha cert support ifdefs.
X-Git-Tag: release-1.6.4rc1~4
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2288777334324e4f915c3c37fbe0bf075c330986;p=thirdparty%2Funbound.git

- Fix dnscrypt chacha cert support ifdefs.
- Fix dnscrypt chacha cert unit test escapes in grep.
- Remove asynclook tests that cause test and purifier problems.


git-svn-id: file:///svn/unbound/trunk@4233 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/dnscrypt/dnscrypt.c b/dnscrypt/dnscrypt.c
index c43706421..9e858c3fb 100644
--- a/dnscrypt/dnscrypt.c
+++ b/dnscrypt/dnscrypt.c
@@ -64,7 +64,7 @@ dnscrypt_server_uncurve(const dnsccert *cert,
     query_header = (struct dnscrypt_query_header *)buf;
     memcpy(nmkey, query_header->publickey, crypto_box_PUBLICKEYBYTES);
     if(cert->es_version[1] == 2) {
-#ifdef HAVE_XCHACHA20
+#ifdef USE_DNSCRYPT_XCHACHA20
         if (crypto_box_curve25519xchacha20poly1305_beforenm(
                 nmkey, nmkey, cert->keypair->crypt_secretkey) != 0) {
             return -1;
@@ -82,7 +82,7 @@ dnscrypt_server_uncurve(const dnsccert *cert,
     memset(nonce + crypto_box_HALF_NONCEBYTES, 0, crypto_box_HALF_NONCEBYTES);
 
     if(cert->es_version[1] == 2) {
-#ifdef HAVE_XCHACHA20
+#ifdef USE_DNSCRYPT_XCHACHA20
         if (crypto_box_curve25519xchacha20poly1305_open_easy_afternm
                 (buf,
                 buf + DNSCRYPT_QUERY_BOX_OFFSET,
@@ -253,7 +253,7 @@ dnscrypt_server_curve(const dnsccert *cert,
     add_server_nonce(nonce);
 
     if(cert->es_version[1] == 2) {
-#ifdef HAVE_XCHACHA20
+#ifdef USE_DNSCRYPT_XCHACHA20
         if (crypto_box_curve25519xchacha20poly1305_easy_afternm
             (boxed, boxed + crypto_box_MACBYTES, len, nonce, nmkey) != 0) {
             return -1;
@@ -546,7 +546,7 @@ dnsc_parse_keys(struct dnsc_env *env, struct config_file *cfg)
 					head->str, fingerprint);
 				verbose(VERB_OPS, "Using %s",
 					key_get_es_version(current_cert->es_version));
-#ifndef HAVE_XCHACHA20
+#ifndef USE_DNSCRYPT_XCHACHA20
 				if (current_cert->es_version[1] == 0x02) {
 				    fatal_exit("Certificate for XChacha20 but libsodium does not support it.");
 				}
diff --git a/doc/Changelog b/doc/Changelog
index 97c4f41cf..1cab2e0c9 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -3,6 +3,9 @@
 	- Free callback in edns-subnetmod on exit and restart.
 	- Fix memory leak in sldns_buffer_new_frm_data.
 	- Fix memory leak in dnscrypt config read.
+	- Fix dnscrypt chacha cert support ifdefs.
+	- Fix dnscrypt chacha cert unit test escapes in grep.
+	- Remove asynclook tests that cause test and purifier problems.
 
 15 June 2017: Wouter
 	- Fix stub zone queries leaking to the internet for
diff --git a/testdata/05-asynclook.tpkg b/testdata/05-asynclook.tpkg
index 8143b43f4..e13476ab2 100644
Binary files a/testdata/05-asynclook.tpkg and b/testdata/05-asynclook.tpkg differ
diff --git a/testdata/08-host-lib.tpkg b/testdata/08-host-lib.tpkg
index 3c7be0e6c..818ed5bca 100644
Binary files a/testdata/08-host-lib.tpkg and b/testdata/08-host-lib.tpkg differ
diff --git a/testdata/dnscrypt_cert_chacha.tpkg b/testdata/dnscrypt_cert_chacha.tpkg
index 1aefd0a1b..4df461f03 100644
Binary files a/testdata/dnscrypt_cert_chacha.tpkg and b/testdata/dnscrypt_cert_chacha.tpkg differ