From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 8 Apr 2021 16:33:59 +0000 (+0200)
Subject: Use sodium_memcmp() if CRYPTO_memcmp() is not available
X-Git-Tag: dnsdist-1.7.0-alpha1~12^2~18
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=dde80251541d95e231052f0e914e8e92eec675b1;p=thirdparty%2Fpdns.git

Use sodium_memcmp() if CRYPTO_memcmp() is not available
---

diff --git a/m4/pdns_with_libsodium.m4 b/m4/pdns_with_libsodium.m4
index 44e034b2d2..2c316de7ca 100644
--- a/m4/pdns_with_libsodium.m4
+++ b/m4/pdns_with_libsodium.m4
@@ -15,7 +15,7 @@ AC_DEFUN([PDNS_WITH_LIBSODIUM], [
         save_LIBS=$LIBS
         CFLAGS="$LIBSODIUM_CFLAGS $CFLAGS"
         LIBS="$LIBSODIUM_LIBS $LIBS"
-        AC_CHECK_FUNCS([crypto_box_easy_afternm crypto_box_curve25519xchacha20poly1305_easy randombytes_stir])
+        AC_CHECK_FUNCS([crypto_box_easy_afternm crypto_box_curve25519xchacha20poly1305_easy randombytes_stir sodium_memcmp crypto_pwhash_str])
         CFLAGS=$save_CFLAGS
         LIBS=$save_LIBS
       ], [ : ])
diff --git a/pdns/misc.cc b/pdns/misc.cc
index ca480c8f54..ad3a2f4506 100644
--- a/pdns/misc.cc
+++ b/pdns/misc.cc
@@ -1648,7 +1648,11 @@ size_t parseSVCBValueList(const std::string &in, vector<std::string> &val) {
 
 #ifdef HAVE_CRYPTO_MEMCMP
 #include <openssl/crypto.h>
-#endif
+#else /* HAVE_CRYPTO_MEMCMP */
+#ifdef HAVE_SODIUM_MEMCMP
+#include <sodium.h>
+#endif /* HAVE_SODIUM_MEMCMP */
+#endif /* HAVE_CRYPTO_MEMCMP */
 
 bool constantTimeStringEquals(const std::string& a, const std::string& b)
 {
@@ -1658,7 +1662,10 @@ bool constantTimeStringEquals(const std::string& a, const std::string& b)
   const size_t size = a.size();
 #ifdef HAVE_CRYPTO_MEMCMP
   return CRYPTO_memcmp(a.c_str(), b.c_str(), size) == 0;
-#else
+#else /* HAVE_CRYPTO_MEMCMP */
+#ifdef HAVE_SODIUM_MEMCMP
+  return sodium_memcmp(a.c_str(), b.c_str(), size) == 0;
+#else /* HAVE_SODIUM_MEMCMP */
   const volatile unsigned char *_a = (const volatile unsigned char *) a.c_str();
   const volatile unsigned char *_b = (const volatile unsigned char *) b.c_str();
   unsigned char res = 0;
@@ -1668,6 +1675,6 @@ bool constantTimeStringEquals(const std::string& a, const std::string& b)
   }
 
   return res == 0;
-#endif
+#endif /* !HAVE_SODIUM_MEMCMP */
+#endif /* !HAVE_CRYPTO_MEMCMP */
 }
-