From 31612e4f76eeb07d0fffa33814ce5edef04b286a Mon Sep 17 00:00:00 2001

From: Evan Hunt <each@isc.org>

Date: Tue, 12 Sep 2017 19:05:46 -0700

Subject: [PATCH] rebased rt31459c

[rt31459d] update the newer tools

[rt31459d] setup entropy in dns_lib_init()

[rt31459d] silence compiler warning

DNS_OPENSSL_LIBS -> DST_OPENSSL_LIBS

Include new unit test

---

 bin/tests/system/pipelined/pipequeries.c |  1 +

 bin/tests/system/pipelined/tests.sh      |  4 +-

 bin/tests/system/tkey/keycreate.c        |  1 +

 bin/tests/system/tkey/keydelete.c        |  1 +

 bin/tests/system/tkey/tests.sh           |  8 +-

 configure                                | 97 ++++++++++--------------

 lib/dns/include/dst/dst.h                |  8 ++

 lib/dns/lib.c                            |  1 +

 lib/dns/tests/Makefile.in                |  5 ++

 lib/isc/include/isc/types.h              |  2 +

 win32utils/Configure                     |  4 +-

 11 files changed, 66 insertions(+), 66 deletions(-)

diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c

index 74de833..4fac3cb 100644

--- a/bin/tests/system/pipelined/pipequeries.c

+++ b/bin/tests/system/pipelined/pipequeries.c

@@ -205,6 +205,7 @@ sendqueries(isc_task_t *task, isc_event_t *event) {

 int

 main(int argc, char *argv[]) {

+	char *randomfile = NULL;

 	isc_sockaddr_t bind_any;

 	struct in_addr inaddr;

 	isc_result_t result;

diff --git a/bin/tests/system/pipelined/tests.sh b/bin/tests/system/pipelined/tests.sh

index 61f1ff7..ed1302a 100644

--- a/bin/tests/system/pipelined/tests.sh

+++ b/bin/tests/system/pipelined/tests.sh

@@ -19,7 +19,7 @@ status=0

 echo_i "check pipelined TCP queries"

 ret=0

-$PIPEQUERIES -p ${PORT} < input > raw || ret=1

+$PIPEQUERIES -p ${PORT} -r $RANDFILE < input > raw || ret=1

 awk '{ print $1 " " $5 }' < raw > output

 sort < output > output-sorted

 $DIFF ref output-sorted || { ret=1 ; echo_i "diff sorted failed"; }

@@ -43,7 +43,7 @@ status=`expr $status + $ret`

 echo_i "check keep-response-order"

 ret=0

-$PIPEQUERIES -p ${PORT} ++ < inputb > rawb || ret=1

+$PIPEQUERIES -p ${PORT} -r $RANDFILE ++ < inputb > rawb || ret=1

 awk '{ print $1 " " $5 }' < rawb > outputb

 $DIFF refb outputb || ret=1

 if [ $ret != 0 ]; then echo_i "failed"; fi

diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c

index c39f6a4..b29a3cb 100644

--- a/bin/tests/system/tkey/keycreate.c

+++ b/bin/tests/system/tkey/keycreate.c

@@ -195,6 +195,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {

 int

 main(int argc, char *argv[]) {

 	char *ourkeyname;

+	char *randomfile;

 	isc_taskmgr_t *taskmgr;

 	isc_timermgr_t *timermgr;

 	isc_socketmgr_t *socketmgr;

diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c

index 547e8d0..efcea1d 100644

--- a/bin/tests/system/tkey/keydelete.c

+++ b/bin/tests/system/tkey/keydelete.c

@@ -136,6 +136,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {

 int

 main(int argc, char **argv) {

 	char *keyname;

+	char *randomfile;

 	isc_taskmgr_t *taskmgr;

 	isc_timermgr_t *timermgr;

 	isc_socketmgr_t *socketmgr;

diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh

index a293d32..51ed2cb 100644

--- a/bin/tests/system/tkey/tests.sh

+++ b/bin/tests/system/tkey/tests.sh

@@ -31,7 +31,7 @@ for owner in . foo.example.

 do

 	echo "I:creating new key using owner name \"$owner\""

 	ret=0

-	keyname=`$KEYCREATE $dhkeyname $owner` || ret=1

+	keyname=`$KEYCREATE -r $RANDFILE $dhkeyname $owner` || ret=1

 	if [ $ret != 0 ]; then

 		echo "I:failed"

 		status=`expr $status + $ret`

@@ -53,7 +53,7 @@ do

 	echo "I:deleting new key"

 	ret=0

-	$KEYDELETE $keyname || ret=1

+	$KEYDELETE -r $RANDFILE $keyname || ret=1

 	if [ $ret != 0 ]; then

 		echo "I:failed"

 	fi

@@ -73,7 +73,7 @@ done

 echo "I:creating new key using owner name bar.example."

 ret=0

-keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1

+keyname=`$KEYCREATE -r $RANDFILE $dhkeyname bar.example.` || ret=1

 if [ $ret != 0 ]; then

         echo "I:failed"

 	status=`expr $status + $ret`

@@ -114,7 +114,7 @@ status=`expr $status + $ret`

 echo "I:recreating the bar.example. key"

 ret=0

-keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1

+keyname=`$KEYCREATE -r $RANDFILE $dhkeyname bar.example.` || ret=1

 if [ $ret != 0 ]; then

         echo "I:failed"

 	status=`expr $status + $ret`

diff --git a/configure b/configure

index 4c97c8c..1e047bd 100755

--- a/configure

+++ b/configure

@@ -632,6 +632,7 @@ ac_includes_default="\

 ac_subst_vars='LTLIBOBJS

 LIBOBJS

+LIBDIR_SUFFIX

 BUILD_LIBS

 BUILD_LDFLAGS

 BUILD_CPPFLAGS

@@ -20509,6 +20510,30 @@ fi

 #

 dlzdir='${DLZ_DRIVER_DIR}'

+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for target libdir" >&5

+$as_echo_n "checking for target libdir... " >&6; }

+if test "$cross_compiling" = yes; then :

+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5

+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}

+as_fn_error $? "cannot run test program while cross compiling

+See \`config.log' for more details" "$LINENO" 5; }

+else

+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext

+/* end confdefs.h.  */

+int main(void) {exit((sizeof(void *) == 8) ? 0 : 1);}

+_ACEOF

+if ac_fn_c_try_run "$LINENO"; then :

+  target_lib=lib64

+else

+  target_lib=lib

+fi

+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \

+  conftest.$ac_objext conftest.beam conftest.$ac_ext

+fi

+

+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: \"$target_lib\"" >&5

+$as_echo "\"$target_lib\"" >&6; }

+

 #

 # Private autoconf macro to simplify configuring drivers:

 #

@@ -20839,11 +20864,11 @@ $as_echo "no" >&6; }

 $as_echo "using mysql with libs ${mysql_lib} and includes ${mysql_include}" >&6; }

 		;;

 	*)

-		if test -d "$use_dlz_mysql/lib/mysql"

+		if test -d $use_dlz_mysql/${target_lib}/mysql

 		then

-			mysql_lib="$use_dlz_mysql/lib/mysql"

+			mysql_lib=$use_dlz_mysql/${target_lib}/mysql

 		else

-			mysql_lib="$use_dlz_mysql/lib"

+			mysql_lib=$use_dlz_mysql/${target_lib}

 		fi

 	CONTRIB_DLZ="$CONTRIB_DLZ -DDLZ_MYSQL"

@@ -20928,7 +20953,7 @@ $as_echo "" >&6; }

 			# Check other locations for includes.

 			# Order is important (sigh).

-			bdb_incdirs="/db53 /db51 /db48 /db47 /db46 /db45 /db44 /db43 /db42 /db41 /db4 /db"

+			bdb_incdirs="/db53 /db51 /db48 /db47 /db46 /db45 /db44 /db43 /db42 /db41 /db4 /libdb /db"

 			# include a blank element first

 			for d in "" $bdb_incdirs

 			do

@@ -20953,57 +20978,9 @@ $as_echo "" >&6; }

 			bdb_libnames="db53 db-5.3 db51 db-5.1 db48 db-4.8 db47 db-4.7 db46 db-4.6 db45 db-4.5 db44 db-4.4 db43 db-4.3 db42 db-4.2 db41 db-4.1 db"

 			for d in $bdb_libnames

 			do

-				if test "$dd" = "/usr"

-				then

-					as_ac_Lib=`$as_echo "ac_cv_lib_$d''_db_create" | $as_tr_sh`

-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create in -l$d" >&5

-$as_echo_n "checking for db_create in -l$d... " >&6; }

-if eval \${$as_ac_Lib+:} false; then :

-  $as_echo_n "(cached) " >&6

-else

-  ac_check_lib_save_LIBS=$LIBS

-LIBS="-l$d  $LIBS"

-cat confdefs.h - <<_ACEOF >conftest.$ac_ext

-/* end confdefs.h.  */

-

-/* Override any GCC internal prototype to avoid an error.

-   Use char because int might match the return type of a GCC

-   builtin and then its argument prototype would still apply.  */

-#ifdef __cplusplus

-extern "C"

-#endif

-char db_create ();

-int

-main ()

-{

-return db_create ();

-  ;

-  return 0;

-}

-_ACEOF

-if ac_fn_c_try_link "$LINENO"; then :

-  eval "$as_ac_Lib=yes"

-else

-  eval "$as_ac_Lib=no"

-fi

-rm -f core conftest.err conftest.$ac_objext \

-    conftest$ac_exeext conftest.$ac_ext

-LIBS=$ac_check_lib_save_LIBS

-fi

-eval ac_res=\$$as_ac_Lib

-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5

-$as_echo "$ac_res" >&6; }

-if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :

-  dlz_bdb_libs="-l${d}"

-fi

-

-					if test $dlz_bdb_libs != "yes"

-					then

-						break

-					fi

-				elif test -f "$dd/lib/lib${d}.so"

+				if test -f "$dd/${target_lib}/lib${d}.so"

 				then

-					dlz_bdb_libs="-L${dd}/lib -l${d}"

+					dlz_bdb_libs="-L${dd}/${target_lib}/libdb -l${d}"

 					break

 				fi

 			done

@@ -21162,10 +21139,10 @@ $as_echo "no" >&6; }

 		DLZ_DRIVER_INCLUDES="$DLZ_DRIVER_INCLUDES -I$use_dlz_ldap/include"

 		DLZ_DRIVER_LDAP_INCLUDES="-I$use_dlz_ldap/include"

 	fi

-	if test -n "-L$use_dlz_ldap/lib -lldap -llber"

+	if test -n "-L$use_dlz_ldap/${target_lib} -lldap -llber"

 	then

-		DLZ_DRIVER_LIBS="$DLZ_DRIVER_LIBS -L$use_dlz_ldap/lib -lldap -llber"

-		DLZ_DRIVER_LDAP_LIBS="-L$use_dlz_ldap/lib -lldap -llber"

+		DLZ_DRIVER_LIBS="$DLZ_DRIVER_LIBS -L$use_dlz_ldap/${target_lib} -lldap -llber"

+		DLZ_DRIVER_LDAP_LIBS="-L$use_dlz_ldap/${target_lib} -lldap -llber"

 	fi

@@ -21251,11 +21228,11 @@ fi

 		odbcdirs="/usr /usr/local /usr/pkg"

 		for d in $odbcdirs

 		do

-			if test -f $d/include/sql.h -a -f $d/lib/libodbc.a

+			if test -f $d/include/sql.h -a -f $d/${target_lib}/libodbc.a

 			then

 				use_dlz_odbc=$d

 				dlz_odbc_include="-I$use_dlz_odbc/include"

-				dlz_odbc_libs="-L$use_dlz_odbc/lib -lodbc"

+				dlz_odbc_libs="-L$use_dlz_odbc/${target_lib} -lodbc"

 				break

 			fi

 		done

@@ -21530,6 +21507,8 @@ DNS_CRYPTO_LIBS="$NEWFLAGS"

+

+

 #

 # Commands to run at the end of config.status.

 # Don't just put these into configure, it won't work right if somebody

diff --git a/lib/dns/include/dst/dst.h b/lib/dns/include/dst/dst.h

index 3146d88..3f7ac4d 100644

--- a/lib/dns/include/dst/dst.h

+++ b/lib/dns/include/dst/dst.h

@@ -153,6 +153,14 @@ dst_lib_destroy(void);

  * Releases all resources allocated by DST.

  */

+isc_result_t

+dst_random_getdata(void *data, unsigned int length,

+		   unsigned int *returned, unsigned int flags);

+/*%<

+ * \brief Return data from the crypto random generator.

+ * Specialization of isc_entropy_getdata().

+ */

+

 bool

 dst_algorithm_supported(unsigned int alg);

 /*%<

diff --git a/lib/dns/lib.c b/lib/dns/lib.c

index 5fccb57..1f627c4 100644

--- a/lib/dns/lib.c

+++ b/lib/dns/lib.c

@@ -51,6 +51,7 @@ static unsigned int references = 0;

 static void

 initialize(void) {

 	isc_result_t result;

+	isc_entropy_t *ectx = NULL;

 	REQUIRE(initialize_done == false);

diff --git a/lib/dns/tests/Makefile.in b/lib/dns/tests/Makefile.in

index 7b35b93..c5befff 100644

--- a/lib/dns/tests/Makefile.in

+++ b/lib/dns/tests/Makefile.in

@@ -259,6 +259,11 @@ zt_test@EXEEXT@: zt_test.@O@ dnstest.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}

 		${LDFLAGS} -o $@ zt_test.@O@ dnstest.@O@ \

 		${DNSLIBS} ${ISCLIBS} ${LIBS}

+dstrandom_test@EXEEXT@: dstrandom_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}

+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \

+			dstrandom_test.@O@ ${DNSLIBS} \

+			${ISCLIBS} ${ISCPK11LIBS} ${LIBS}

+

 unit::

 	sh ${top_builddir}/unit/unittest.sh

diff --git a/lib/isc/include/isc/types.h b/lib/isc/include/isc/types.h

index f8e5ae6..d0dc9b5 100644

--- a/lib/isc/include/isc/types.h

+++ b/lib/isc/include/isc/types.h

@@ -82,6 +82,8 @@ typedef struct isc_time			isc_time_t;		/*%< Time */

 typedef struct isc_timer		isc_timer_t;		/*%< Timer */

 typedef struct isc_timermgr		isc_timermgr_t;		/*%< Timer Manager */

+typedef isc_result_t (*isc_entropy_getdata_t)(void *, unsigned int,

+					      unsigned int *, unsigned int);

 typedef void (*isc_taskaction_t)(isc_task_t *, isc_event_t *);

 typedef int (*isc_sockfdwatch_t)(isc_task_t *, isc_socket_t *, void *, int);

diff --git a/win32utils/Configure b/win32utils/Configure

index 9731b0c..0b7bc6e 100644

--- a/win32utils/Configure

+++ b/win32utils/Configure

@@ -353,7 +353,8 @@ my @allcond = (@substcond, "NOTYET", "NOLONGER");

 # enable-xxx/disable-xxx

-my @enablelist = ("developer",

+my @enablelist = ("crypto-rand",

+                  "developer",

                   "fixed-rrset",

                   "intrinsics",

                   "isc-spnego",

@@ -2929,6 +2930,7 @@ exit 0;

 #  --enable-developer partially supported

 #  --enable-newstats (9.9/9.9sub only)

 #  --enable-native-pkcs11 supported

+#  --enable-crypto-rand supported

 #  --enable-openssl-version-check included without a way to disable it

 #  --enable-openssl-hash supported

 #  --enable-threads included without a way to disable it

-- 

2.20.1