All files have their licence and copyright information clearly
identifiable. If not in the file header, they are set separately in
.reuse/dep5.
All used license texts are provided in LICENSES/
* segment random number generation into own file
* abstract random code to make it more modular so we can have multiple backends
* rand: add support for arc4random_buf() and also direct CARES_RANDOM_FILE reading
* autotools: fix detection of arc4random_buf
* rework initial rc4 seed for PRNG as last fallback
* rc4: more proper implementation, simplified for clarity
* clarifications
* CARES_RANDOM_FILE should always default to /dev/urandom
During cross-compilation, CARES_RANDOM_FILE may not be able to be appropriately
detected, therefore we should always set it to /dev/urandom and allow the
entity requesting compilation override the value. The code does appropriately
fall back if CARES_RANDOM_FILE cannot be opened.
* use set not option
There is no autoconf macro called STDC_HEADERS. AC_HEADER_STDC however does
exist and it defines the STDC_HEADERS macro for use.
Not clear that STDC_HEADERS from its use in the repo is needed but
would rather not meddle with it for now.
Fixes an annoying warning on `./configure`:
```
/var/tmp/portage/net-dns/c-ares-1.18.1/work/c-ares-1.18.1/configure: 24546: STDC_HEADERS: not found
```
Signed-off-by: Sam James <sam@gentoo.org>
RANDOM_FILE was never defined by cmake, causing RC4 key generation to use the less secure rand() method.
Also, due to clashes with chain-building from other projects (e.g. curl) that may define RANDOM_FILE, this was renamed to CARES_RANDOM_FILE.
This is the proposed change for #396
Fix By: Brad House (@bradh352)
Originally started by Daniel Stenberg (@bagder) with #123, this patch reorganizes the c-ares source tree to have a more modern layout. It also fixes out of tree builds for autotools, and automatically builds the tests if tests are enabled. All tests are passing which tests each of the supported build systems (autotools, cmake, nmake, mingw gmake). There may be some edge cases that will have to be caught later on for things I'm not aware of.
Fix By: Brad House (@bradh352)
The rc4 function iterates over a buffer of size buffer_len who's maximum
value is INT_MAX with a counter of type short that is not guaranteed to
have maximum size INT_MAX.
In circumstances where short is narrower than int and where buffer_len
is larger than the maximum value of a short, it may be possible to loop
infinitely as counter will overflow and never be greater than or equal
to buffer_len.
The solution is to make the comparison be between types of equal width.
This commit defines counter as an int.
Fix By: Fionn Fitzmaurice (@fionn)