X-Original-To: alpine-aports@mail.alpinelinux.org Delivered-To: alpine-aports@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id A72F2DC085E for ; Sat, 5 Sep 2015 18:53:26 +0000 (UTC) Received: from smtp142.ord.emailsrvr.com (smtp142.ord.emailsrvr.com [173.203.6.142]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 70550DC0780 for ; Sat, 5 Sep 2015 18:53:26 +0000 (UTC) Received: from smtp22.relay.ord1a.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp22.relay.ord1a.emailsrvr.com (SMTP Server) with ESMTP id 9200E100115; Sat, 5 Sep 2015 14:53:25 -0400 (EDT) Received: by smtp22.relay.ord1a.emailsrvr.com (Authenticated sender: jonathan-AT-curran.in) with ESMTPSA id 432011000D9; Sat, 5 Sep 2015 14:53:25 -0400 (EDT) X-Sender-Id: jonathan@curran.in Received: from alpine.my.domain (cpe-97-99-28-109.tx.res.rr.com [97.99.28.109]) (using TLSv1.2 with cipher AES128-SHA256) by 0.0.0.0:25 (trex/5.4.2); Sat, 05 Sep 2015 18:53:25 GMT From: Jonathan Curran To: alpine-aports@lists.alpinelinux.org Cc: Jonathan Curran Subject: [alpine-aports] [PATCH] testing/libasr: fix package Date: Sat, 5 Sep 2015 18:52:46 +0000 Message-Id: <1441479166-24180-1-git-send-email-jonathan@curran.in> X-Mailer: git-send-email 2.4.1 X-Virus-Scanned: ClamAV using ClamSMTP X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: res_randomid() is not implemented in musl. As such, running `ldd` on the generated .so yields: Error relocating src/libasr-1.0.2/src/.libs/libasr.so.0.0.2: res_randomid: symbol not found This patch implements res_randomid using OpenBSD's implementation. Also changed the source of the tarball to point to the tagged version available at github since it does not assume a specific version of autotools (the older source tarball does). FYI, the included patch is awaiting merging upstream: https://github.com/OpenSMTPD/libasr/pull/10 --- testing/libasr/00-use-openbsd-res_randomid.patch | 944 +++++++++++++++++++++++ testing/libasr/APKBUILD | 18 +- 2 files changed, 956 insertions(+), 6 deletions(-) create mode 100644 testing/libasr/00-use-openbsd-res_randomid.patch diff --git a/testing/libasr/00-use-openbsd-res_randomid.patch b/testing/libasr/00-use-openbsd-res_randomid.patch new file mode 100644 index 0000000..c1bd6a7 --- /dev/null +++ b/testing/libasr/00-use-openbsd-res_randomid.patch @@ -0,0 +1,944 @@ +diff --git a/configure.ac b/configure.ac +index 10aff04..ec6fadf 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -41,7 +41,7 @@ AC_PATH_PROG([NROFF], [nroff]) + AC_PATH_PROG([MANDOC], [mandoc]) + AC_PROG_YACC + +-AM_INIT_AUTOMAKE ++AM_INIT_AUTOMAKE([subdir-objects no-dependencies]) + + LT_INIT + +@@ -442,6 +442,10 @@ fi + #l1572 (customized) + dnl Checks for library functions. Please keep in alphabetical order + AC_CHECK_FUNCS([ \ ++ arc4random \ ++ arc4random_buf \ ++ arc4random_stir \ ++ arc4random_uniform \ + asprintf \ + bcopy \ + explicit_bzero \ +@@ -465,6 +469,13 @@ AC_CHECK_FUNCS([ \ + vasprintf \ + vsnprintf \ + ]) ++ ++AC_CHECK_FUNC([res_randomid], ++ [AC_DEFINE([HAVE_RES_RANDOMID], [1], [Define if res_randomid exists])]) ++AM_CONDITIONAL([USE_OPENBSD_RES_RANDOM], [test "x$HAVE_RES_RANDOMID" = "x" ]) ++AM_COND_IF([USE_OPENBSD_RES_RANDOM], ++ [AC_CHECK_LIB([crypto], [RAND_bytes], [], [AC_MSG_ERROR([libcrypto not found])])]) ++ + #l1685 + + #l1715 +diff --git a/openbsd-compat/NOTES b/openbsd-compat/NOTES +index baa60ec..0eb0710 100644 +--- a/openbsd-compat/NOTES ++++ b/openbsd-compat/NOTES +@@ -1,10 +1,12 @@ + List of files and where they come from + ++arc4random.c portable openssh + clock_gettime.c handmade + defines.h portable openssh + fgetln.c part of /usr/src/usr.bin/make/util.c + includes.h portable openssh + openbsd-compat.h portable openssh ++res_random.c src/lib/libc/net/res_random.c + strlcat.c portable openssh + strlcpy.c portable openssh + strtonum.c portable openssh +diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c +new file mode 100644 +index 0000000..ca4434d +--- /dev/null ++++ b/openbsd-compat/arc4random.c +@@ -0,0 +1,296 @@ ++/* OPENBSD ORIGINAL: lib/libc/crypto/arc4random.c */ ++ ++/* $OpenBSD: arc4random.c,v 1.25 2013/10/01 18:34:57 markus Exp $ */ ++ ++/* ++ * Copyright (c) 1996, David Mazieres ++ * Copyright (c) 2008, Damien Miller ++ * Copyright (c) 2013, Markus Friedl ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* ++ * ChaCha based random number generator for OpenBSD. ++ */ ++ ++#include "includes.h" ++ ++#include ++#include ++#include ++#include ++#include ++ ++#ifndef HAVE_ARC4RANDOM ++ ++#include ++#include ++ ++#define KEYSTREAM_ONLY ++#include "chacha_private.h" ++ ++#ifdef __GNUC__ ++#define inline __inline ++#else /* !__GNUC__ */ ++#define inline ++#endif /* !__GNUC__ */ ++ ++/* OpenSSH isn't multithreaded */ ++#define _ARC4_LOCK() ++#define _ARC4_UNLOCK() ++ ++#define KEYSZ 32 ++#define IVSZ 8 ++#define BLOCKSZ 64 ++#define RSBUFSZ (16*BLOCKSZ) ++static int rs_initialized; ++static pid_t rs_stir_pid; ++static chacha_ctx rs; /* chacha context for random keystream */ ++static u_char rs_buf[RSBUFSZ]; /* keystream blocks */ ++static size_t rs_have; /* valid bytes at end of rs_buf */ ++static size_t rs_count; /* bytes till reseed */ ++ ++static inline void _rs_rekey(u_char *dat, size_t datlen); ++ ++static inline void ++_rs_init(u_char *buf, size_t n) ++{ ++ if (n < KEYSZ + IVSZ) ++ return; ++ chacha_keysetup(&rs, buf, KEYSZ * 8, 0); ++ chacha_ivsetup(&rs, buf + KEYSZ); ++} ++ ++static void ++_rs_stir(void) ++{ ++ u_char rnd[KEYSZ + IVSZ]; ++ ++ if (RAND_bytes(rnd, sizeof(rnd)) <= 0) { ++ fprintf(stderr, ++ "libasr: Couldn't obtain random bytes (error %ld)", ++ ERR_get_error()); ++ exit(1); ++ } ++ ++ if (!rs_initialized) { ++ rs_initialized = 1; ++ _rs_init(rnd, sizeof(rnd)); ++ } else ++ _rs_rekey(rnd, sizeof(rnd)); ++ memset(rnd, 0, sizeof(rnd)); ++ ++ /* invalidate rs_buf */ ++ rs_have = 0; ++ memset(rs_buf, 0, RSBUFSZ); ++ ++ rs_count = 1600000; ++} ++ ++static inline void ++_rs_stir_if_needed(size_t len) ++{ ++ pid_t pid = getpid(); ++ ++ if (rs_count <= len || !rs_initialized || rs_stir_pid != pid) { ++ rs_stir_pid = pid; ++ _rs_stir(); ++ } else ++ rs_count -= len; ++} ++ ++static inline void ++_rs_rekey(u_char *dat, size_t datlen) ++{ ++#ifndef KEYSTREAM_ONLY ++ memset(rs_buf, 0,RSBUFSZ); ++#endif ++ /* fill rs_buf with the keystream */ ++ chacha_encrypt_bytes(&rs, rs_buf, rs_buf, RSBUFSZ); ++ /* mix in optional user provided data */ ++ if (dat) { ++ size_t i, m; ++ ++ m = MIN(datlen, KEYSZ + IVSZ); ++ for (i = 0; i < m; i++) ++ rs_buf[i] ^= dat[i]; ++ } ++ /* immediately reinit for backtracking resistance */ ++ _rs_init(rs_buf, KEYSZ + IVSZ); ++ memset(rs_buf, 0, KEYSZ + IVSZ); ++ rs_have = RSBUFSZ - KEYSZ - IVSZ; ++} ++ ++static inline void ++_rs_random_buf(void *_buf, size_t n) ++{ ++ u_char *buf = (u_char *)_buf; ++ size_t m; ++ ++ _rs_stir_if_needed(n); ++ while (n > 0) { ++ if (rs_have > 0) { ++ m = MIN(n, rs_have); ++ memcpy(buf, rs_buf + RSBUFSZ - rs_have, m); ++ memset(rs_buf + RSBUFSZ - rs_have, 0, m); ++ buf += m; ++ n -= m; ++ rs_have -= m; ++ } ++ if (rs_have == 0) ++ _rs_rekey(NULL, 0); ++ } ++} ++ ++static inline void ++_rs_random_u32(u_int32_t *val) ++{ ++ _rs_stir_if_needed(sizeof(*val)); ++ if (rs_have < sizeof(*val)) ++ _rs_rekey(NULL, 0); ++ memcpy(val, rs_buf + RSBUFSZ - rs_have, sizeof(*val)); ++ memset(rs_buf + RSBUFSZ - rs_have, 0, sizeof(*val)); ++ rs_have -= sizeof(*val); ++ return; ++} ++ ++void ++arc4random_stir(void) ++{ ++ _ARC4_LOCK(); ++ _rs_stir(); ++ _ARC4_UNLOCK(); ++} ++ ++void ++arc4random_addrandom(u_char *dat, int datlen) ++{ ++ int m; ++ ++ _ARC4_LOCK(); ++ if (!rs_initialized) ++ _rs_stir(); ++ while (datlen > 0) { ++ m = MIN(datlen, KEYSZ + IVSZ); ++ _rs_rekey(dat, m); ++ dat += m; ++ datlen -= m; ++ } ++ _ARC4_UNLOCK(); ++} ++ ++u_int32_t ++arc4random(void) ++{ ++ u_int32_t val; ++ ++ _ARC4_LOCK(); ++ _rs_random_u32(&val); ++ _ARC4_UNLOCK(); ++ return val; ++} ++ ++/* ++ * If we are providing arc4random, then we can provide a more efficient ++ * arc4random_buf(). ++ */ ++# ifndef HAVE_ARC4RANDOM_BUF ++void ++arc4random_buf(void *buf, size_t n) ++{ ++ _ARC4_LOCK(); ++ _rs_random_buf(buf, n); ++ _ARC4_UNLOCK(); ++} ++# endif /* !HAVE_ARC4RANDOM_BUF */ ++#endif /* !HAVE_ARC4RANDOM */ ++ ++/* arc4random_buf() that uses platform arc4random() */ ++#if !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) ++void ++arc4random_buf(void *_buf, size_t n) ++{ ++ size_t i; ++ u_int32_t r = 0; ++ char *buf = (char *)_buf; ++ ++ for (i = 0; i < n; i++) { ++ if (i % 4 == 0) ++ r = arc4random(); ++ buf[i] = r & 0xff; ++ r >>= 8; ++ } ++ explicit_bzero(&r, sizeof(r)); ++} ++#endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */ ++ ++#ifndef HAVE_ARC4RANDOM_UNIFORM ++/* ++ * Calculate a uniformly distributed random number less than upper_bound ++ * avoiding "modulo bias". ++ * ++ * Uniformity is achieved by generating new random numbers until the one ++ * returned is outside the range [0, 2**32 % upper_bound). This ++ * guarantees the selected random number will be inside ++ * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound) ++ * after reduction modulo upper_bound. ++ */ ++u_int32_t ++arc4random_uniform(u_int32_t upper_bound) ++{ ++ u_int32_t r, min; ++ ++ if (upper_bound < 2) ++ return 0; ++ ++ /* 2**32 % x == (2**32 - x) % x */ ++ min = -upper_bound % upper_bound; ++ ++ /* ++ * This could theoretically loop forever but each retry has ++ * p > 0.5 (worst case, usually far better) of selecting a ++ * number inside the range we need, so it should rarely need ++ * to re-roll. ++ */ ++ for (;;) { ++ r = arc4random(); ++ if (r >= min) ++ break; ++ } ++ ++ return r % upper_bound; ++} ++#endif /* !HAVE_ARC4RANDOM_UNIFORM */ ++ ++#if 0 ++/*-------- Test code for i386 --------*/ ++#include ++#include ++int ++main(int argc, char **argv) ++{ ++ const int iter = 1000000; ++ int i; ++ pctrval v; ++ ++ v = rdtsc(); ++ for (i = 0; i < iter; i++) ++ arc4random(); ++ v = rdtsc() - v; ++ v /= iter; ++ ++ printf("%qd cycles\n", v); ++ exit(0); ++} ++#endif +diff --git a/openbsd-compat/chacha_private.h b/openbsd-compat/chacha_private.h +new file mode 100644 +index 0000000..7c3680f +--- /dev/null ++++ b/openbsd-compat/chacha_private.h +@@ -0,0 +1,222 @@ ++/* ++chacha-merged.c version 20080118 ++D. J. Bernstein ++Public domain. ++*/ ++ ++/* $OpenBSD: chacha_private.h,v 1.2 2013/10/04 07:02:27 djm Exp $ */ ++ ++typedef unsigned char u8; ++typedef unsigned int u32; ++ ++typedef struct ++{ ++ u32 input[16]; /* could be compressed */ ++} chacha_ctx; ++ ++#define U8C(v) (v##U) ++#define U32C(v) (v##U) ++ ++#define U8V(v) ((u8)(v) & U8C(0xFF)) ++#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF)) ++ ++#define ROTL32(v, n) \ ++ (U32V((v) << (n)) | ((v) >> (32 - (n)))) ++ ++#define U8TO32_LITTLE(p) \ ++ (((u32)((p)[0]) ) | \ ++ ((u32)((p)[1]) << 8) | \ ++ ((u32)((p)[2]) << 16) | \ ++ ((u32)((p)[3]) << 24)) ++ ++#define U32TO8_LITTLE(p, v) \ ++ do { \ ++ (p)[0] = U8V((v) ); \ ++ (p)[1] = U8V((v) >> 8); \ ++ (p)[2] = U8V((v) >> 16); \ ++ (p)[3] = U8V((v) >> 24); \ ++ } while (0) ++ ++#define ROTATE(v,c) (ROTL32(v,c)) ++#define XOR(v,w) ((v) ^ (w)) ++#define PLUS(v,w) (U32V((v) + (w))) ++#define PLUSONE(v) (PLUS((v),1)) ++ ++#define QUARTERROUND(a,b,c,d) \ ++ a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \ ++ c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \ ++ a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ ++ c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); ++ ++static const char sigma[16] = "expand 32-byte k"; ++static const char tau[16] = "expand 16-byte k"; ++ ++static void ++chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits) ++{ ++ const char *constants; ++ ++ x->input[4] = U8TO32_LITTLE(k + 0); ++ x->input[5] = U8TO32_LITTLE(k + 4); ++ x->input[6] = U8TO32_LITTLE(k + 8); ++ x->input[7] = U8TO32_LITTLE(k + 12); ++ if (kbits == 256) { /* recommended */ ++ k += 16; ++ constants = sigma; ++ } else { /* kbits == 128 */ ++ constants = tau; ++ } ++ x->input[8] = U8TO32_LITTLE(k + 0); ++ x->input[9] = U8TO32_LITTLE(k + 4); ++ x->input[10] = U8TO32_LITTLE(k + 8); ++ x->input[11] = U8TO32_LITTLE(k + 12); ++ x->input[0] = U8TO32_LITTLE(constants + 0); ++ x->input[1] = U8TO32_LITTLE(constants + 4); ++ x->input[2] = U8TO32_LITTLE(constants + 8); ++ x->input[3] = U8TO32_LITTLE(constants + 12); ++} ++ ++static void ++chacha_ivsetup(chacha_ctx *x,const u8 *iv) ++{ ++ x->input[12] = 0; ++ x->input[13] = 0; ++ x->input[14] = U8TO32_LITTLE(iv + 0); ++ x->input[15] = U8TO32_LITTLE(iv + 4); ++} ++ ++static void ++chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u32 bytes) ++{ ++ u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; ++ u32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; ++ u8 *ctarget = NULL; ++ u8 tmp[64]; ++ u_int i; ++ ++ if (!bytes) return; ++ ++ j0 = x->input[0]; ++ j1 = x->input[1]; ++ j2 = x->input[2]; ++ j3 = x->input[3]; ++ j4 = x->input[4]; ++ j5 = x->input[5]; ++ j6 = x->input[6]; ++ j7 = x->input[7]; ++ j8 = x->input[8]; ++ j9 = x->input[9]; ++ j10 = x->input[10]; ++ j11 = x->input[11]; ++ j12 = x->input[12]; ++ j13 = x->input[13]; ++ j14 = x->input[14]; ++ j15 = x->input[15]; ++ ++ for (;;) { ++ if (bytes < 64) { ++ for (i = 0;i < bytes;++i) tmp[i] = m[i]; ++ m = tmp; ++ ctarget = c; ++ c = tmp; ++ } ++ x0 = j0; ++ x1 = j1; ++ x2 = j2; ++ x3 = j3; ++ x4 = j4; ++ x5 = j5; ++ x6 = j6; ++ x7 = j7; ++ x8 = j8; ++ x9 = j9; ++ x10 = j10; ++ x11 = j11; ++ x12 = j12; ++ x13 = j13; ++ x14 = j14; ++ x15 = j15; ++ for (i = 20;i > 0;i -= 2) { ++ QUARTERROUND( x0, x4, x8,x12) ++ QUARTERROUND( x1, x5, x9,x13) ++ QUARTERROUND( x2, x6,x10,x14) ++ QUARTERROUND( x3, x7,x11,x15) ++ QUARTERROUND( x0, x5,x10,x15) ++ QUARTERROUND( x1, x6,x11,x12) ++ QUARTERROUND( x2, x7, x8,x13) ++ QUARTERROUND( x3, x4, x9,x14) ++ } ++ x0 = PLUS(x0,j0); ++ x1 = PLUS(x1,j1); ++ x2 = PLUS(x2,j2); ++ x3 = PLUS(x3,j3); ++ x4 = PLUS(x4,j4); ++ x5 = PLUS(x5,j5); ++ x6 = PLUS(x6,j6); ++ x7 = PLUS(x7,j7); ++ x8 = PLUS(x8,j8); ++ x9 = PLUS(x9,j9); ++ x10 = PLUS(x10,j10); ++ x11 = PLUS(x11,j11); ++ x12 = PLUS(x12,j12); ++ x13 = PLUS(x13,j13); ++ x14 = PLUS(x14,j14); ++ x15 = PLUS(x15,j15); ++ ++#ifndef KEYSTREAM_ONLY ++ x0 = XOR(x0,U8TO32_LITTLE(m + 0)); ++ x1 = XOR(x1,U8TO32_LITTLE(m + 4)); ++ x2 = XOR(x2,U8TO32_LITTLE(m + 8)); ++ x3 = XOR(x3,U8TO32_LITTLE(m + 12)); ++ x4 = XOR(x4,U8TO32_LITTLE(m + 16)); ++ x5 = XOR(x5,U8TO32_LITTLE(m + 20)); ++ x6 = XOR(x6,U8TO32_LITTLE(m + 24)); ++ x7 = XOR(x7,U8TO32_LITTLE(m + 28)); ++ x8 = XOR(x8,U8TO32_LITTLE(m + 32)); ++ x9 = XOR(x9,U8TO32_LITTLE(m + 36)); ++ x10 = XOR(x10,U8TO32_LITTLE(m + 40)); ++ x11 = XOR(x11,U8TO32_LITTLE(m + 44)); ++ x12 = XOR(x12,U8TO32_LITTLE(m + 48)); ++ x13 = XOR(x13,U8TO32_LITTLE(m + 52)); ++ x14 = XOR(x14,U8TO32_LITTLE(m + 56)); ++ x15 = XOR(x15,U8TO32_LITTLE(m + 60)); ++#endif ++ ++ j12 = PLUSONE(j12); ++ if (!j12) { ++ j13 = PLUSONE(j13); ++ /* stopping at 2^70 bytes per nonce is user's responsibility */ ++ } ++ ++ U32TO8_LITTLE(c + 0,x0); ++ U32TO8_LITTLE(c + 4,x1); ++ U32TO8_LITTLE(c + 8,x2); ++ U32TO8_LITTLE(c + 12,x3); ++ U32TO8_LITTLE(c + 16,x4); ++ U32TO8_LITTLE(c + 20,x5); ++ U32TO8_LITTLE(c + 24,x6); ++ U32TO8_LITTLE(c + 28,x7); ++ U32TO8_LITTLE(c + 32,x8); ++ U32TO8_LITTLE(c + 36,x9); ++ U32TO8_LITTLE(c + 40,x10); ++ U32TO8_LITTLE(c + 44,x11); ++ U32TO8_LITTLE(c + 48,x12); ++ U32TO8_LITTLE(c + 52,x13); ++ U32TO8_LITTLE(c + 56,x14); ++ U32TO8_LITTLE(c + 60,x15); ++ ++ if (bytes <= 64) { ++ if (bytes < 64) { ++ for (i = 0;i < bytes;++i) ctarget[i] = c[i]; ++ } ++ x->input[12] = j12; ++ x->input[13] = j13; ++ return; ++ } ++ bytes -= 64; ++ c += 64; ++#ifndef KEYSTREAM_ONLY ++ m += 64; ++#endif ++ } ++} +diff --git a/openbsd-compat/defines.h b/openbsd-compat/defines.h +index da7a42c..e79ef51 100644 +--- a/openbsd-compat/defines.h ++++ b/openbsd-compat/defines.h +@@ -745,6 +745,15 @@ struct winsize { + #define INET6_ADDRSTRLEN 46 + #endif + ++/* ++ * Platforms that have arc4random_uniform() and not arc4random_stir() ++ * shouldn't need the latter. ++ */ ++#if defined(HAVE_ARC4RANDOM) && defined(HAVE_ARC4RANDOM_UNIFORM) && \ ++ !defined(HAVE_ARC4RANDOM_STIR) ++# define arc4random_stir() ++#endif ++ + #ifndef HAVE_VA_COPY + # ifdef HAVE___VA_COPY + # define va_copy(dest, src) __va_copy(dest, src) +diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h +index c30591c..7baccc8 100644 +--- a/openbsd-compat/openbsd-compat.h ++++ b/openbsd-compat/openbsd-compat.h +@@ -63,7 +63,28 @@ char *strsep(char **stringp, const char *delim); + + #ifndef HAVE_ASPRINTF + int asprintf(char **, const char *, ...); +-#endif ++#endif ++ ++#ifdef HAVE_ARC4RANDOM ++# ifndef HAVE_ARC4RANDOM_STIR ++# define arc4random_stir() ++# endif ++#else ++unsigned int arc4random(void); ++void arc4random_stir(void); ++#endif /* !HAVE_ARC4RANDOM */ ++ ++#ifndef HAVE_ARC4RANDOM_BUF ++void arc4random_buf(void *, size_t); ++#endif ++ ++#ifndef HAVE_ARC4RANDOM_UNIFORM ++u_int32_t arc4random_uniform(u_int32_t); ++#endif ++ ++#ifndef HAVE_RES_RANDOMID ++u_int res_randomid(void); ++#endif + + /* #include XXX needed? For size_t */ + +diff --git a/openbsd-compat/res_random.c b/openbsd-compat/res_random.c +new file mode 100644 +index 0000000..7910019 +--- /dev/null ++++ b/openbsd-compat/res_random.c +@@ -0,0 +1,283 @@ ++/* $OpenBSD: res_random.c,v 1.22 2015/06/04 19:26:39 eric Exp $ */ ++ ++/* ++ * Copyright 1997 Niels Provos ++ * Copyright 2008 Damien Miller ++ * All rights reserved. ++ * ++ * Theo de Raadt came up with the idea of using ++ * such a mathematical system to generate more random (yet non-repeating) ++ * ids to solve the resolver/named problem. But Niels designed the ++ * actual system based on the constraints. ++ * ++ * Later modified by Damien Miller to wrap the LCG output in a 15-bit ++ * permutation generator based on a Luby-Rackoff block cipher. This ++ * ensures the output is non-repeating and preserves the MSB twiddle ++ * trick, but makes it more resistant to LCG prediction. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, ++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF ++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ */ ++ ++/* ++ * seed = random 15bit ++ * n = prime, g0 = generator to n, ++ * j = random so that gcd(j,n-1) == 1 ++ * g = g0^j mod n will be a generator again. ++ * ++ * X[0] = random seed. ++ * X[n] = a*X[n-1]+b mod m is a Linear Congruential Generator ++ * with a = 7^(even random) mod m, ++ * b = random with gcd(b,m) == 1 ++ * m = 31104 and a maximal period of m-1. ++ * ++ * The transaction id is determined by: ++ * id[n] = seed xor (g^X[n] mod n) ++ * ++ * Effectivly the id is restricted to the lower 15 bits, thus ++ * yielding two different cycles by toggling the msb on and off. ++ * This avoids reuse issues caused by reseeding. ++ * ++ * The output of this generator is then randomly permuted though a ++ * custom 15 bit Luby-Rackoff block cipher. ++ */ ++ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include "thread_private.h" ++ ++#include "openbsd-compat.h" ++ ++#define RU_OUT 180 /* Time after wich will be reseeded */ ++#define RU_MAX 30000 /* Uniq cycle, avoid blackjack prediction */ ++#define RU_GEN 2 /* Starting generator */ ++#define RU_N 32749 /* RU_N-1 = 2*2*3*2729 */ ++#define RU_AGEN 7 /* determine ru_a as RU_AGEN^(2*rand) */ ++#define RU_M 31104 /* RU_M = 2^7*3^5 - don't change */ ++#define RU_ROUNDS 11 /* Number of rounds for permute (odd) */ ++ ++struct prf_ctx { ++ /* PRF lookup table for odd rounds (7 bits input to 8 bits output) */ ++ u_char prf7[(RU_ROUNDS / 2) * (1 << 7)]; ++ ++ /* PRF lookup table for even rounds (8 bits input to 7 bits output) */ ++ u_char prf8[((RU_ROUNDS + 1) / 2) * (1 << 8)]; ++}; ++ ++#define PFAC_N 3 ++static const u_int16_t pfacts[PFAC_N] = { ++ 2, ++ 3, ++ 2729 ++}; ++ ++static u_int16_t ru_x; ++static u_int16_t ru_seed, ru_seed2; ++static u_int16_t ru_a, ru_b; ++static u_int16_t ru_g; ++static u_int16_t ru_counter = 0; ++static u_int16_t ru_msb = 0; ++static struct prf_ctx *ru_prf = NULL; ++static time_t ru_reseed; ++static pid_t ru_pid; ++ ++static u_int16_t pmod(u_int16_t, u_int16_t, u_int16_t); ++static void res_initid(void); ++ ++/* ++ * Do a fast modular exponation, returned value will be in the range ++ * of 0 - (mod-1) ++ */ ++static u_int16_t ++pmod(u_int16_t gen, u_int16_t exp, u_int16_t mod) ++{ ++ u_int16_t s, t, u; ++ ++ s = 1; ++ t = gen; ++ u = exp; ++ ++ while (u) { ++ if (u & 1) ++ s = (s * t) % mod; ++ u >>= 1; ++ t = (t * t) % mod; ++ } ++ return (s); ++} ++ ++/* ++ * 15-bit permutation based on Luby-Rackoff block cipher ++ */ ++static u_int ++permute15(u_int in) ++{ ++ int i; ++ u_int left, right, tmp; ++ ++ if (ru_prf == NULL) ++ return in; ++ ++ left = (in >> 8) & 0x7f; ++ right = in & 0xff; ++ ++ /* ++ * Each round swaps the width of left and right. Even rounds have ++ * a 7-bit left, odd rounds have an 8-bit left. Since this uses an ++ * odd number of rounds, left is always 8 bits wide at the end. ++ */ ++ for (i = 0; i < RU_ROUNDS; i++) { ++ if ((i & 1) == 0) ++ tmp = ru_prf->prf8[(i << (8 - 1)) | right] & 0x7f; ++ else ++ tmp = ru_prf->prf7[((i - 1) << (7 - 1)) | right]; ++ tmp ^= left; ++ left = right; ++ right = tmp; ++ } ++ ++ return (right << 8) | left; ++} ++ ++/* ++ * Initializes the seed and chooses a suitable generator. Also toggles ++ * the msb flag. The msb flag is used to generate two distinct ++ * cycles of random numbers and thus avoiding reuse of ids. ++ * ++ * This function is called from res_randomid() when needed, an ++ * application does not have to worry about it. ++ */ ++static void ++res_initid(void) ++{ ++ u_int16_t j, i; ++ u_int32_t tmp; ++ int noprime = 1; ++ struct timespec ts; ++ ++ ru_x = arc4random_uniform(RU_M); ++ ++ /* 15 bits of random seed */ ++ tmp = arc4random(); ++ ru_seed = (tmp >> 16) & 0x7FFF; ++ ru_seed2 = tmp & 0x7FFF; ++ ++ /* Determine the LCG we use */ ++ tmp = arc4random(); ++ ru_b = (tmp & 0xfffe) | 1; ++ ru_a = pmod(RU_AGEN, (tmp >> 16) & 0xfffe, RU_M); ++ while (ru_b % 3 == 0) ++ ru_b += 2; ++ ++ j = arc4random_uniform(RU_N); ++ ++ /* ++ * Do a fast gcd(j,RU_N-1), so we can find a j with ++ * gcd(j, RU_N-1) == 1, giving a new generator for ++ * RU_GEN^j mod RU_N ++ */ ++ ++ while (noprime) { ++ for (i = 0; i < PFAC_N; i++) ++ if (j % pfacts[i] == 0) ++ break; ++ ++ if (i >= PFAC_N) ++ noprime = 0; ++ else ++ j = (j + 1) % RU_N; ++ } ++ ++ ru_g = pmod(RU_GEN, j, RU_N); ++ ru_counter = 0; ++ ++ /* Initialise PRF for Luby-Rackoff permutation */ ++ if (ru_prf == NULL) ++ ru_prf = malloc(sizeof(*ru_prf)); ++ if (ru_prf != NULL) ++ arc4random_buf(ru_prf, sizeof(*ru_prf)); ++ ++ clock_gettime(CLOCK_MONOTONIC, &ts); ++ ru_reseed = ts.tv_sec + RU_OUT; ++ ru_msb = ru_msb == 0x8000 ? 0 : 0x8000; ++} ++ ++u_int ++res_randomid(void) ++{ ++ struct timespec ts; ++ pid_t pid; ++ u_int r; ++ _THREAD_PRIVATE_MUTEX(random); ++ ++ clock_gettime(CLOCK_MONOTONIC, &ts); ++ pid = getpid(); ++ ++ _THREAD_PRIVATE_MUTEX_LOCK(random); ++ ++ if (ru_counter >= RU_MAX || ts.tv_sec > ru_reseed || pid != ru_pid) { ++ res_initid(); ++ ru_pid = pid; ++ } ++ ++ /* Linear Congruential Generator */ ++ ru_x = (ru_a * ru_x + ru_b) % RU_M; ++ ru_counter++; ++ ++ r = permute15(ru_seed ^ pmod(ru_g, ru_seed2 + ru_x, RU_N)) | ru_msb; ++ ++ _THREAD_PRIVATE_MUTEX_UNLOCK(random); ++ ++ return (r); ++} ++ ++#if 0 ++int ++main(int argc, char **argv) ++{ ++ int i, n; ++ u_int16_t wert; ++ ++ res_initid(); ++ ++ printf("Generator: %u\n", ru_g); ++ printf("Seed: %u\n", ru_seed); ++ printf("Reseed at %ld\n", ru_reseed); ++ printf("Ru_X: %u\n", ru_x); ++ printf("Ru_A: %u\n", ru_a); ++ printf("Ru_B: %u\n", ru_b); ++ ++ n = argc > 1 ? atoi(argv[1]) : 60001; ++ for (i=0;i pkgname=libasr pkgver=1.0.2 -pkgrel=0 +pkgrel=1 pkgdesc="libasr is a free, simple and portable asynchronous resolver library" url="http://www.opensmtpd.org" arch="all" @@ -12,9 +12,10 @@ depends_dev="" makedepends="mdocml bison openssl-dev automake autoconf libtool" install="" subpackages="$pkgname-dev" -source="https://www.opensmtpd.org/archives/${pkgname}-${pkgver}.tar.gz" +source="https://github.com/OpenSMTPD/libasr/archive/libasr-1.0.2.zip + 00-use-openbsd-res_randomid.patch" -_builddir=${srcdir}/${pkgname}-${pkgver} +_builddir=${srcdir}/${pkgname}-${pkgname}-${pkgver} prepare() { local i cd "$_builddir" @@ -27,9 +28,11 @@ prepare() { build() { cd "$_builddir" + ./bootstrap ./configure --build=$CBUILD \ --host=$CHOST \ --with-pie \ + --with-Werror \ --prefix=/usr \ --mandir=/usr/share/man \ --with-mantype=man || return 1 @@ -42,6 +45,9 @@ package() { find "$pkgdir" -name '*.la' -delete || return 1 } -md5sums="2a2832e8c25683bd17f4ce8b37ba940a libasr-1.0.2.tar.gz" -sha256sums="a6f5d1c6306938156da3427525572b9b16c1e6be6c69845d390bb63f41a58b34 libasr-1.0.2.tar.gz" -sha512sums="a4825a30130f70a452044c484871ac37459e1c1e6659c4c38dead7d3abbdaecb3517b7accb46586537975fee033857566fd279ecf97ae87dc80bb6bcdd467d3e libasr-1.0.2.tar.gz" +md5sums="1919b1b1c5a08821901fd2c0a6d488a7 libasr-1.0.2.zip +7d0cacd365ae27209172e64d006545f5 00-use-openbsd-res_randomid.patch" +sha256sums="8e1ed7420446219d105ac0c384cf69160791335dc69bf1ca0581279472241ca7 libasr-1.0.2.zip +416cd9151ebf6de148b7f57b0a2ee0539fca0dbe5ee6a8a33ac854ceaccf58e4 00-use-openbsd-res_randomid.patch" +sha512sums="2b9185c9bd953d093be397554bc024ddab03003e0c56f19018a8bc22d48434fe3364274fef631cd5e2984321368baff4cd4a504d61b71c60ceffd9e5cc3c8124 libasr-1.0.2.zip +80a90726cb556339b70b4f39e8b0525e6759f7230b17c38c6813329aeb6616caca3370ef8ef538c05ea8acc5fd0e1015a5d37b300947019fd550bb3695c0c931 00-use-openbsd-res_randomid.patch" -- 2.4.1 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---