summaryrefslogtreecommitdiff
path: root/pkg/nsd/patch/0002-Use-timingsafe_memcmp-if-available.patch
blob: ea96aa4329fa67c2b0e6c6d2cae395253c4e430a (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

From 3d154a079c8417779c0c83d4ce73678613ba6026 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Tue, 21 Aug 2018 15:52:34 -0700
Subject: [PATCH] Use timingsafe_memcmp if available

---
 configure.ac | 2 +-
 tsig.c       | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index bd64fdb2..0ce02518 100644
--- a/configure.ac
+++ b/configure.ac
@@ -635,7 +635,7 @@ AC_CHECK_SIZEOF(void*)
 AC_CHECK_SIZEOF(off_t)
 AC_CHECK_FUNCS([getrandom arc4random arc4random_uniform])
 AC_SEARCH_LIBS([setusercontext],[util],[AC_CHECK_HEADERS([login_cap.h],,, [AC_INCLUDES_DEFAULT])])
-AC_CHECK_FUNCS([tzset alarm chroot dup2 endpwent gethostname memset memcpy pwrite socket strcasecmp strchr strdup strerror strncasecmp strtol writev getaddrinfo getnameinfo freeaddrinfo gai_strerror sigaction sigprocmask strptime strftime localtime_r setusercontext glob initgroups setresuid setreuid setresgid setregid getpwnam mmap ppoll clock_gettime accept4 getifaddrs])
+AC_CHECK_FUNCS([tzset alarm chroot dup2 endpwent gethostname memset memcpy pwrite socket strcasecmp strchr strdup strerror strncasecmp strtol writev getaddrinfo getnameinfo freeaddrinfo gai_strerror sigaction sigprocmask strptime strftime localtime_r setusercontext glob initgroups setresuid setreuid setresgid setregid getpwnam mmap ppoll clock_gettime accept4 getifaddrs timingsafe_memcmp])
 
 AC_CHECK_TYPE([struct mmsghdr], AC_DEFINE(HAVE_MMSGHDR, 1, [If sys/socket.h has a struct mmsghdr.]), [], [
 AC_INCLUDES_DEFAULT
diff --git a/tsig.c b/tsig.c
index 8b24fd1b..e75aa231 100644
--- a/tsig.c
+++ b/tsig.c
@@ -19,7 +19,9 @@
 #include "query.h"
 #include "rbtree.h"
 
-#if !defined(HAVE_SSL) || !defined(HAVE_CRYPTO_MEMCMP)
+#if defined(HAVE_TIMINGSAFE_MEMCMP)
+#define CRYPTO_memcmp timingsafe_memcmp
+#elif !defined(HAVE_SSL) || !defined(HAVE_CRYPTO_MEMCMP)
 /* we need fixed time compare */
 #define CRYPTO_memcmp memcmp_fixedtime
 int memcmp_fixedtime(const void *s1, const void *s2, size_t n)
-- 
2.31.1
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-12 18:17:52 +0000