From 31612e4f76eeb07d0fffa33814ce5edef04b286a Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Tue, 12 Sep 2017 19:05:46 -0700
Subject: [PATCH] rebased rt31459c

[rt31459d] update the newer tools

[rt31459d] setup entropy in dns_lib_init()

[rt31459d] silence compiler warning

DNS_OPENSSL_LIBS -> DST_OPENSSL_LIBS

Include new unit test
---
 bin/tests/system/pipelined/pipequeries.c |  1 +
 bin/tests/system/pipelined/tests.sh      |  4 +-
 bin/tests/system/tkey/keycreate.c        |  1 +
 bin/tests/system/tkey/keydelete.c        |  1 +
 bin/tests/system/tkey/tests.sh           |  8 +-
 configure                                | 97 ++++++++++--------------
 lib/dns/include/dst/dst.h                |  8 ++
 lib/dns/lib.c                            |  1 +
 lib/dns/tests/Makefile.in                |  5 ++
 lib/isc/include/isc/types.h              |  2 +
 win32utils/Configure                     |  4 +-
 11 files changed, 66 insertions(+), 66 deletions(-)

diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c
index 74de833..4fac3cb 100644
--- a/bin/tests/system/pipelined/pipequeries.c
+++ b/bin/tests/system/pipelined/pipequeries.c
@@ -205,6 +205,7 @@ sendqueries(isc_task_t *task, isc_event_t *event) {
 
 int
 main(int argc, char *argv[]) {
+	char *randomfile = NULL;
 	isc_sockaddr_t bind_any;
 	struct in_addr inaddr;
 	isc_result_t result;
diff --git a/bin/tests/system/pipelined/tests.sh b/bin/tests/system/pipelined/tests.sh
index 61f1ff7..ed1302a 100644
--- a/bin/tests/system/pipelined/tests.sh
+++ b/bin/tests/system/pipelined/tests.sh
@@ -19,7 +19,7 @@ status=0
 
 echo_i "check pipelined TCP queries"
 ret=0
-$PIPEQUERIES -p ${PORT} < input > raw || ret=1
+$PIPEQUERIES -p ${PORT} -r $RANDFILE < input > raw || ret=1
 awk '{ print $1 " " $5 }' < raw > output
 sort < output > output-sorted
 $DIFF ref output-sorted || { ret=1 ; echo_i "diff sorted failed"; }
@@ -43,7 +43,7 @@ status=`expr $status + $ret`
 
 echo_i "check keep-response-order"
 ret=0
-$PIPEQUERIES -p ${PORT} ++ < inputb > rawb || ret=1
+$PIPEQUERIES -p ${PORT} -r $RANDFILE ++ < inputb > rawb || ret=1
 awk '{ print $1 " " $5 }' < rawb > outputb
 $DIFF refb outputb || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c
index c39f6a4..b29a3cb 100644
--- a/bin/tests/system/tkey/keycreate.c
+++ b/bin/tests/system/tkey/keycreate.c
@@ -195,6 +195,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {
 int
 main(int argc, char *argv[]) {
 	char *ourkeyname;
+	char *randomfile;
 	isc_taskmgr_t *taskmgr;
 	isc_timermgr_t *timermgr;
 	isc_socketmgr_t *socketmgr;
diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c
index 547e8d0..efcea1d 100644
--- a/bin/tests/system/tkey/keydelete.c
+++ b/bin/tests/system/tkey/keydelete.c
@@ -136,6 +136,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {
 int
 main(int argc, char **argv) {
 	char *keyname;
+	char *randomfile;
 	isc_taskmgr_t *taskmgr;
 	isc_timermgr_t *timermgr;
 	isc_socketmgr_t *socketmgr;
diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh
index a293d32..51ed2cb 100644
--- a/bin/tests/system/tkey/tests.sh
+++ b/bin/tests/system/tkey/tests.sh
@@ -31,7 +31,7 @@ for owner in . foo.example.
 do
 	echo "I:creating new key using owner name \"$owner\""
 	ret=0
-	keyname=`$KEYCREATE $dhkeyname $owner` || ret=1
+	keyname=`$KEYCREATE -r $RANDFILE $dhkeyname $owner` || ret=1
 	if [ $ret != 0 ]; then
 		echo "I:failed"
 		status=`expr $status + $ret`
@@ -53,7 +53,7 @@ do
 
 	echo "I:deleting new key"
 	ret=0
-	$KEYDELETE $keyname || ret=1
+	$KEYDELETE -r $RANDFILE $keyname || ret=1
 	if [ $ret != 0 ]; then
 		echo "I:failed"
 	fi
@@ -73,7 +73,7 @@ done
 
 echo "I:creating new key using owner name bar.example."
 ret=0
-keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1
+keyname=`$KEYCREATE -r $RANDFILE $dhkeyname bar.example.` || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 	status=`expr $status + $ret`
@@ -114,7 +114,7 @@ status=`expr $status + $ret`
 
 echo "I:recreating the bar.example. key"
 ret=0
-keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1
+keyname=`$KEYCREATE -r $RANDFILE $dhkeyname bar.example.` || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 	status=`expr $status + $ret`
diff --git a/configure b/configure
index 4c97c8c..1e047bd 100755
--- a/configure
+++ b/configure
@@ -632,6 +632,7 @@ ac_includes_default="\
 
 ac_subst_vars='LTLIBOBJS
 LIBOBJS
+LIBDIR_SUFFIX
 BUILD_LIBS
 BUILD_LDFLAGS
 BUILD_CPPFLAGS
@@ -20509,6 +20510,30 @@ fi
 #
 dlzdir='${DLZ_DRIVER_DIR}'
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for target libdir" >&5
+$as_echo_n "checking for target libdir... " >&6; }
+if test "$cross_compiling" = yes; then :
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run test program while cross compiling
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+int main(void) {exit((sizeof(void *) == 8) ? 0 : 1);}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  target_lib=lib64
+else
+  target_lib=lib
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: \"$target_lib\"" >&5
+$as_echo "\"$target_lib\"" >&6; }
+
 #
 # Private autoconf macro to simplify configuring drivers:
 #
@@ -20839,11 +20864,11 @@ $as_echo "no" >&6; }
 $as_echo "using mysql with libs ${mysql_lib} and includes ${mysql_include}" >&6; }
 		;;
 	*)
-		if test -d "$use_dlz_mysql/lib/mysql"
+		if test -d $use_dlz_mysql/${target_lib}/mysql
 		then
-			mysql_lib="$use_dlz_mysql/lib/mysql"
+			mysql_lib=$use_dlz_mysql/${target_lib}/mysql
 		else
-			mysql_lib="$use_dlz_mysql/lib"
+			mysql_lib=$use_dlz_mysql/${target_lib}
 		fi
 
 	CONTRIB_DLZ="$CONTRIB_DLZ -DDLZ_MYSQL"
@@ -20928,7 +20953,7 @@ $as_echo "" >&6; }
 			# Check other locations for includes.
 			# Order is important (sigh).
 
-			bdb_incdirs="/db53 /db51 /db48 /db47 /db46 /db45 /db44 /db43 /db42 /db41 /db4 /db"
+			bdb_incdirs="/db53 /db51 /db48 /db47 /db46 /db45 /db44 /db43 /db42 /db41 /db4 /libdb /db"
 			# include a blank element first
 			for d in "" $bdb_incdirs
 			do
@@ -20953,57 +20978,9 @@ $as_echo "" >&6; }
 			bdb_libnames="db53 db-5.3 db51 db-5.1 db48 db-4.8 db47 db-4.7 db46 db-4.6 db45 db-4.5 db44 db-4.4 db43 db-4.3 db42 db-4.2 db41 db-4.1 db"
 			for d in $bdb_libnames
 			do
-				if test "$dd" = "/usr"
-				then
-					as_ac_Lib=`$as_echo "ac_cv_lib_$d''_db_create" | $as_tr_sh`
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create in -l$d" >&5
-$as_echo_n "checking for db_create in -l$d... " >&6; }
-if eval \${$as_ac_Lib+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-l$d  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char db_create ();
-int
-main ()
-{
-return db_create ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  eval "$as_ac_Lib=yes"
-else
-  eval "$as_ac_Lib=no"
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-eval ac_res=\$$as_ac_Lib
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
-  dlz_bdb_libs="-l${d}"
-fi
-
-					if test $dlz_bdb_libs != "yes"
-					then
-						break
-					fi
-				elif test -f "$dd/lib/lib${d}.so"
+				if test -f "$dd/${target_lib}/lib${d}.so"
 				then
-					dlz_bdb_libs="-L${dd}/lib -l${d}"
+					dlz_bdb_libs="-L${dd}/${target_lib}/libdb -l${d}"
 					break
 				fi
 			done
@@ -21162,10 +21139,10 @@ $as_echo "no" >&6; }
 		DLZ_DRIVER_INCLUDES="$DLZ_DRIVER_INCLUDES -I$use_dlz_ldap/include"
 		DLZ_DRIVER_LDAP_INCLUDES="-I$use_dlz_ldap/include"
 	fi
-	if test -n "-L$use_dlz_ldap/lib -lldap -llber"
+	if test -n "-L$use_dlz_ldap/${target_lib} -lldap -llber"
 	then
-		DLZ_DRIVER_LIBS="$DLZ_DRIVER_LIBS -L$use_dlz_ldap/lib -lldap -llber"
-		DLZ_DRIVER_LDAP_LIBS="-L$use_dlz_ldap/lib -lldap -llber"
+		DLZ_DRIVER_LIBS="$DLZ_DRIVER_LIBS -L$use_dlz_ldap/${target_lib} -lldap -llber"
+		DLZ_DRIVER_LDAP_LIBS="-L$use_dlz_ldap/${target_lib} -lldap -llber"
 	fi
 
 
@@ -21251,11 +21228,11 @@ fi
 		odbcdirs="/usr /usr/local /usr/pkg"
 		for d in $odbcdirs
 		do
-			if test -f $d/include/sql.h -a -f $d/lib/libodbc.a
+			if test -f $d/include/sql.h -a -f $d/${target_lib}/libodbc.a
 			then
 				use_dlz_odbc=$d
 				dlz_odbc_include="-I$use_dlz_odbc/include"
-				dlz_odbc_libs="-L$use_dlz_odbc/lib -lodbc"
+				dlz_odbc_libs="-L$use_dlz_odbc/${target_lib} -lodbc"
 				break
 			fi
 		done
@@ -21530,6 +21507,8 @@ DNS_CRYPTO_LIBS="$NEWFLAGS"
 
 
 
+
+
 #
 # Commands to run at the end of config.status.
 # Don't just put these into configure, it won't work right if somebody
diff --git a/lib/dns/include/dst/dst.h b/lib/dns/include/dst/dst.h
index 3146d88..3f7ac4d 100644
--- a/lib/dns/include/dst/dst.h
+++ b/lib/dns/include/dst/dst.h
@@ -153,6 +153,14 @@ dst_lib_destroy(void);
  * Releases all resources allocated by DST.
  */
 
+isc_result_t
+dst_random_getdata(void *data, unsigned int length,
+		   unsigned int *returned, unsigned int flags);
+/*%<
+ * \brief Return data from the crypto random generator.
+ * Specialization of isc_entropy_getdata().
+ */
+
 bool
 dst_algorithm_supported(unsigned int alg);
 /*%<
diff --git a/lib/dns/lib.c b/lib/dns/lib.c
index 5fccb57..1f627c4 100644
--- a/lib/dns/lib.c
+++ b/lib/dns/lib.c
@@ -51,6 +51,7 @@ static unsigned int references = 0;
 static void
 initialize(void) {
 	isc_result_t result;
+	isc_entropy_t *ectx = NULL;
 
 	REQUIRE(initialize_done == false);
 
diff --git a/lib/dns/tests/Makefile.in b/lib/dns/tests/Makefile.in
index 7b35b93..c5befff 100644
--- a/lib/dns/tests/Makefile.in
+++ b/lib/dns/tests/Makefile.in
@@ -259,6 +259,11 @@ zt_test@EXEEXT@: zt_test.@O@ dnstest.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
 		${LDFLAGS} -o $@ zt_test.@O@ dnstest.@O@ \
 		${DNSLIBS} ${ISCLIBS} ${LIBS}
 
+dstrandom_test@EXEEXT@: dstrandom_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
+			dstrandom_test.@O@ ${DNSLIBS} \
+			${ISCLIBS} ${ISCPK11LIBS} ${LIBS}
+
 unit::
 	sh ${top_builddir}/unit/unittest.sh
 
diff --git a/lib/isc/include/isc/types.h b/lib/isc/include/isc/types.h
index f8e5ae6..d0dc9b5 100644
--- a/lib/isc/include/isc/types.h
+++ b/lib/isc/include/isc/types.h
@@ -82,6 +82,8 @@ typedef struct isc_time			isc_time_t;		/*%< Time */
 typedef struct isc_timer		isc_timer_t;		/*%< Timer */
 typedef struct isc_timermgr		isc_timermgr_t;		/*%< Timer Manager */
 
+typedef isc_result_t (*isc_entropy_getdata_t)(void *, unsigned int,
+					      unsigned int *, unsigned int);
 typedef void (*isc_taskaction_t)(isc_task_t *, isc_event_t *);
 typedef int (*isc_sockfdwatch_t)(isc_task_t *, isc_socket_t *, void *, int);
 
diff --git a/win32utils/Configure b/win32utils/Configure
index 9731b0c..0b7bc6e 100644
--- a/win32utils/Configure
+++ b/win32utils/Configure
@@ -353,7 +353,8 @@ my @allcond = (@substcond, "NOTYET", "NOLONGER");
 
 # enable-xxx/disable-xxx
 
-my @enablelist = ("developer",
+my @enablelist = ("crypto-rand",
+                  "developer",
                   "fixed-rrset",
                   "intrinsics",
                   "isc-spnego",
@@ -2929,6 +2930,7 @@ exit 0;
 #  --enable-developer partially supported
 #  --enable-newstats (9.9/9.9sub only)
 #  --enable-native-pkcs11 supported
+#  --enable-crypto-rand supported
 #  --enable-openssl-version-check included without a way to disable it
 #  --enable-openssl-hash supported
 #  --enable-threads included without a way to disable it
-- 
2.20.1