Stuart Henderson <[email protected]> writes: > libxml's use of random numbers doesn't exactly need to be strong itself, > but extra calls to arc4random help other things on the system, and this > gets rid of some APIWARN from programs that link against it, making it > easier to identify use of unsafe randomness in the many programs which > depend on libxml.
Makes sense to me. > There are no new failures in regression tests with this diff. Does it > look sane? Any comments/objections/OKs? Nitpick: DICT_RANDOMIZATION should also be defined if arc4random is present but one of rand/srand/time is missing (yeah, unlikely). Updated diff, which includes a revision bump. ok (side note: the handling of test data could be better. I'm thinking about http://www.w3.org/XML/Test/xmlts20080827.tar.gz and stuff needed by xstc/. A use case for SUPDISTFILES?) Index: Makefile =================================================================== RCS file: /cvs/ports/textproc/libxml/Makefile,v retrieving revision 1.153 diff -u -p -r1.153 Makefile --- Makefile 12 May 2014 07:48:35 -0000 1.153 +++ Makefile 29 May 2014 12:22:31 -0000 @@ -12,7 +12,7 @@ CATEGORIES= textproc MASTER_SITES= http://gd.tuwien.ac.at/pub/libxml/ \ ftp://xmlsoft.org/libxml/ -REVISION= 0 +REVISION= 1 HOMEPAGE= http://xmlsoft.org/ @@ -23,7 +23,8 @@ WANTLIB= m z MODULES= converters/libiconv -CONFIGURE_STYLE= gnu +CONFIGURE_STYLE= autoconf +AUTOCONF_VERSION= 2.69 CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \ --enable-static \ --with-html-dir="${PREFIX}/share/doc" \ Index: patches/patch-configure_in =================================================================== RCS file: patches/patch-configure_in diff -N patches/patch-configure_in --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-configure_in 29 May 2014 12:11:07 -0000 @@ -0,0 +1,12 @@ +$OpenBSD$ +--- configure.in.orig Thu May 29 11:37:41 2014 ++++ configure.in Thu May 29 11:37:49 2014 +@@ -516,7 +516,7 @@ AC_CHECK_FUNCS(strdup strndup strerror) + AC_CHECK_FUNCS(finite isnand fp_class class fpclass) + AC_CHECK_FUNCS(strftime localtime gettimeofday ftime) + AC_CHECK_FUNCS(stat _stat signal) +-AC_CHECK_FUNCS(rand rand_r srand time) ++AC_CHECK_FUNCS(arc4random rand rand_r srand time) + AC_CHECK_FUNCS(isascii mmap munmap putenv) + + AH_VERBATIM([HAVE_MUNMAP_AFTER],[/* mmap() is no good without munmap() */ Index: patches/patch-dict_c =================================================================== RCS file: patches/patch-dict_c diff -N patches/patch-dict_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-dict_c 29 May 2014 12:18:07 -0000 @@ -0,0 +1,51 @@ +$OpenBSD$ +--- dict.c.orig Fri Apr 5 16:58:37 2013 ++++ dict.c Thu May 29 14:18:00 2014 +@@ -38,7 +38,7 @@ + * list we will use the BigKey algo as soon as the hash size grows + * over MIN_DICT_SIZE so this actually works + */ +-#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) ++#if (defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)) || defined(HAVE_ARC4RANDOM) + #define DICT_RANDOMIZATION + #endif + +@@ -139,7 +139,7 @@ static xmlRMutexPtr xmlDictMutex = NULL; + static int xmlDictInitialized = 0; + + #ifdef DICT_RANDOMIZATION +-#ifdef HAVE_RAND_R ++#if defined(HAVE_RAND_R) && !defined(HAVE_ARC4RANDOM) + /* + * Internal data for random function, protected by xmlDictMutex + */ +@@ -180,7 +180,7 @@ int __xmlInitializeDict(void) { + return(0); + xmlRMutexLock(xmlDictMutex); + +-#ifdef DICT_RANDOMIZATION ++#if defined(DICT_RANDOMIZATION) && !defined(HAVE_ARC4RANDOM) + #ifdef HAVE_RAND_R + rand_seed = time(NULL); + rand_r(& rand_seed); +@@ -200,13 +200,17 @@ int __xmlRandom(void) { + if (xmlDictInitialized == 0) + __xmlInitializeDict(); + ++#ifdef HAVE_ARC4RANDOM ++ ret = arc4random(); ++#else + xmlRMutexLock(xmlDictMutex); +-#ifdef HAVE_RAND_R ++# ifdef HAVE_RAND_R + ret = rand_r(& rand_seed); +-#else ++# else + ret = rand(); +-#endif ++# endif + xmlRMutexUnlock(xmlDictMutex); ++#endif + return(ret); + } + #endif -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
