main/libasr: move from testing

needed by opensmtpd

2 files changed, 1005 insertions, 0 deletions

diff --git a/main/libasr/00-use-openbsd-res_randomid.patch b/main/libasr/00-use-openbsd-res_randomid.patch
new file mode 100644
index 0000000000..4fb97828e6
--- /dev/null
+++ b/main/libasr/00-use-openbsd-res_randomid.patch
@@ -0,0 +1,953 @@
+diff --git a/configure.ac b/configure.ac
+index 10aff04..ec6fadf 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -41,7 +41,7 @@ AC_PATH_PROG([NROFF], [nroff])
+ AC_PATH_PROG([MANDOC], [mandoc])
+ AC_PROG_YACC
+ 
+-AM_INIT_AUTOMAKE
++AM_INIT_AUTOMAKE([subdir-objects no-dependencies])
+ 
+ LT_INIT
+ 
+@@ -442,6 +442,10 @@ fi
+ #l1572 (customized)
+ dnl    Checks for library functions. Please keep in alphabetical order
+ AC_CHECK_FUNCS([ \
++	arc4random \
++	arc4random_buf \
++	arc4random_stir \
++	arc4random_uniform \
+ 	asprintf \
+ 	bcopy \
+ 	explicit_bzero \
+@@ -465,6 +469,13 @@ AC_CHECK_FUNCS([ \
+ 	vasprintf \
+ 	vsnprintf \
+ ])
++
++AC_CHECK_FUNC([res_randomid],
++	[AC_DEFINE([HAVE_RES_RANDOMID], [1], [Define if res_randomid exists])])
++AM_CONDITIONAL([USE_OPENBSD_RES_RANDOM], [test "x$HAVE_RES_RANDOMID" = "x" ])
++AM_COND_IF([USE_OPENBSD_RES_RANDOM],
++	[AC_CHECK_LIB([crypto], [RAND_bytes], [], [AC_MSG_ERROR([libcrypto not found])])])
++
+ #l1685
+ 
+ #l1715
+diff --git a/openbsd-compat/NOTES b/openbsd-compat/NOTES
+index baa60ec..0eb0710 100644
+--- a/openbsd-compat/NOTES
++++ b/openbsd-compat/NOTES
+@@ -1,10 +1,12 @@
+ List of files and where they come from
+ 
++arc4random.c		portable openssh
+ clock_gettime.c		handmade
+ defines.h		portable openssh
+ fgetln.c		part of /usr/src/usr.bin/make/util.c
+ includes.h		portable openssh
+ openbsd-compat.h	portable openssh
++res_random.c		src/lib/libc/net/res_random.c
+ strlcat.c		portable openssh
+ strlcpy.c		portable openssh
+ strtonum.c		portable openssh
+diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
+new file mode 100644
+index 0000000..ca4434d
+--- /dev/null
++++ b/openbsd-compat/arc4random.c
+@@ -0,0 +1,296 @@
++/* OPENBSD ORIGINAL: lib/libc/crypto/arc4random.c */
++
++/*	$OpenBSD: arc4random.c,v 1.25 2013/10/01 18:34:57 markus Exp $	*/
++
++/*
++ * Copyright (c) 1996, David Mazieres <dm@uun.org>
++ * Copyright (c) 2008, Damien Miller <djm@openbsd.org>
++ * Copyright (c) 2013, Markus Friedl <markus@openbsd.org>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ */
++
++/*
++ * ChaCha based random number generator for OpenBSD.
++ */
++
++#include "includes.h"
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++#include <sys/types.h>
++
++#ifndef HAVE_ARC4RANDOM
++
++#include <openssl/rand.h>
++#include <openssl/err.h>
++
++#define KEYSTREAM_ONLY
++#include "chacha_private.h"
++
++#ifdef __GNUC__
++#define inline __inline
++#else				/* !__GNUC__ */
++#define inline
++#endif				/* !__GNUC__ */
++
++/* OpenSSH isn't multithreaded */
++#define _ARC4_LOCK()
++#define _ARC4_UNLOCK()
++
++#define KEYSZ	32
++#define IVSZ	8
++#define BLOCKSZ	64
++#define RSBUFSZ	(16*BLOCKSZ)
++static int rs_initialized;
++static pid_t rs_stir_pid;
++static chacha_ctx rs;		/* chacha context for random keystream */
++static u_char rs_buf[RSBUFSZ];	/* keystream blocks */
++static size_t rs_have;		/* valid bytes at end of rs_buf */
++static size_t rs_count;		/* bytes till reseed */
++
++static inline void _rs_rekey(u_char *dat, size_t datlen);
++
++static inline void
++_rs_init(u_char *buf, size_t n)
++{
++	if (n < KEYSZ + IVSZ)
++		return;
++	chacha_keysetup(&rs, buf, KEYSZ * 8, 0);
++	chacha_ivsetup(&rs, buf + KEYSZ);
++}
++
++static void
++_rs_stir(void)
++{
++	u_char rnd[KEYSZ + IVSZ];
++
++	if (RAND_bytes(rnd, sizeof(rnd)) <= 0) {
++		fprintf(stderr,
++		    "libasr: Couldn't obtain random bytes (error %ld)",
++		    ERR_get_error());
++		exit(1);
++	}
++
++	if (!rs_initialized) {
++		rs_initialized = 1;
++		_rs_init(rnd, sizeof(rnd));
++	} else
++		_rs_rekey(rnd, sizeof(rnd));
++	memset(rnd, 0, sizeof(rnd));
++
++	/* invalidate rs_buf */
++	rs_have = 0;
++	memset(rs_buf, 0, RSBUFSZ);
++
++	rs_count = 1600000;
++}
++
++static inline void
++_rs_stir_if_needed(size_t len)
++{
++	pid_t pid = getpid();
++
++	if (rs_count <= len || !rs_initialized || rs_stir_pid != pid) {
++		rs_stir_pid = pid;
++		_rs_stir();
++	} else
++		rs_count -= len;
++}
++
++static inline void
++_rs_rekey(u_char *dat, size_t datlen)
++{
++#ifndef KEYSTREAM_ONLY
++	memset(rs_buf, 0,RSBUFSZ);
++#endif
++	/* fill rs_buf with the keystream */
++	chacha_encrypt_bytes(&rs, rs_buf, rs_buf, RSBUFSZ);
++	/* mix in optional user provided data */
++	if (dat) {
++		size_t i, m;
++
++		m = MIN(datlen, KEYSZ + IVSZ);
++		for (i = 0; i < m; i++)
++			rs_buf[i] ^= dat[i];
++	}
++	/* immediately reinit for backtracking resistance */
++	_rs_init(rs_buf, KEYSZ + IVSZ);
++	memset(rs_buf, 0, KEYSZ + IVSZ);
++	rs_have = RSBUFSZ - KEYSZ - IVSZ;
++}
++
++static inline void
++_rs_random_buf(void *_buf, size_t n)
++{
++	u_char *buf = (u_char *)_buf;
++	size_t m;
++
++	_rs_stir_if_needed(n);
++	while (n > 0) {
++		if (rs_have > 0) {
++			m = MIN(n, rs_have);
++			memcpy(buf, rs_buf + RSBUFSZ - rs_have, m);
++			memset(rs_buf + RSBUFSZ - rs_have, 0, m);
++			buf += m;
++			n -= m;
++			rs_have -= m;
++		}
++		if (rs_have == 0)
++			_rs_rekey(NULL, 0);
++	}
++}
++
++static inline void
++_rs_random_u32(u_int32_t *val)
++{
++	_rs_stir_if_needed(sizeof(*val));
++	if (rs_have < sizeof(*val))
++		_rs_rekey(NULL, 0);
++	memcpy(val, rs_buf + RSBUFSZ - rs_have, sizeof(*val));
++	memset(rs_buf + RSBUFSZ - rs_have, 0, sizeof(*val));
++	rs_have -= sizeof(*val);
++	return;
++}
++
++void
++arc4random_stir(void)
++{
++	_ARC4_LOCK();
++	_rs_stir();
++	_ARC4_UNLOCK();
++}
++
++void
++arc4random_addrandom(u_char *dat, int datlen)
++{
++	int m;
++
++	_ARC4_LOCK();
++	if (!rs_initialized)
++		_rs_stir();
++	while (datlen > 0) {
++		m = MIN(datlen, KEYSZ + IVSZ);
++		_rs_rekey(dat, m);
++		dat += m;
++		datlen -= m;
++	}
++	_ARC4_UNLOCK();
++}
++
++u_int32_t
++arc4random(void)
++{
++	u_int32_t val;
++
++	_ARC4_LOCK();
++	_rs_random_u32(&val);
++	_ARC4_UNLOCK();
++	return val;
++}
++
++/*
++ * If we are providing arc4random, then we can provide a more efficient 
++ * arc4random_buf().
++ */
++# ifndef HAVE_ARC4RANDOM_BUF
++void
++arc4random_buf(void *buf, size_t n)
++{
++	_ARC4_LOCK();
++	_rs_random_buf(buf, n);
++	_ARC4_UNLOCK();
++}
++# endif /* !HAVE_ARC4RANDOM_BUF */
++#endif /* !HAVE_ARC4RANDOM */
++
++/* arc4random_buf() that uses platform arc4random() */
++#if !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM)
++void
++arc4random_buf(void *_buf, size_t n)
++{
++	size_t i;
++	u_int32_t r = 0;
++	char *buf = (char *)_buf;
++
++	for (i = 0; i < n; i++) {
++		if (i % 4 == 0)
++			r = arc4random();
++		buf[i] = r & 0xff;
++		r >>= 8;
++	}
++	explicit_bzero(&r, sizeof(r));
++}
++#endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */
++
++#ifndef HAVE_ARC4RANDOM_UNIFORM
++/*
++ * Calculate a uniformly distributed random number less than upper_bound
++ * avoiding "modulo bias".
++ *
++ * Uniformity is achieved by generating new random numbers until the one
++ * returned is outside the range [0, 2**32 % upper_bound).  This
++ * guarantees the selected random number will be inside
++ * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound)
++ * after reduction modulo upper_bound.
++ */
++u_int32_t
++arc4random_uniform(u_int32_t upper_bound)
++{
++	u_int32_t r, min;
++
++	if (upper_bound < 2)
++		return 0;
++
++	/* 2**32 % x == (2**32 - x) % x */
++	min = -upper_bound % upper_bound;
++
++	/*
++	 * This could theoretically loop forever but each retry has
++	 * p > 0.5 (worst case, usually far better) of selecting a
++	 * number inside the range we need, so it should rarely need
++	 * to re-roll.
++	 */
++	for (;;) {
++		r = arc4random();
++		if (r >= min)
++			break;
++	}
++
++	return r % upper_bound;
++}
++#endif /* !HAVE_ARC4RANDOM_UNIFORM */
++
++#if 0
++/*-------- Test code for i386 --------*/
++#include <stdio.h>
++#include <machine/pctr.h>
++int
++main(int argc, char **argv)
++{
++	const int iter = 1000000;
++	int     i;
++	pctrval v;
++
++	v = rdtsc();
++	for (i = 0; i < iter; i++)
++		arc4random();
++	v = rdtsc() - v;
++	v /= iter;
++
++	printf("%qd cycles\n", v);
++	exit(0);
++}
++#endif
+diff --git a/openbsd-compat/chacha_private.h b/openbsd-compat/chacha_private.h
+new file mode 100644
+index 0000000..7c3680f
+--- /dev/null
++++ b/openbsd-compat/chacha_private.h
+@@ -0,0 +1,222 @@
++/*
++chacha-merged.c version 20080118
++D. J. Bernstein
++Public domain.
++*/
++
++/* $OpenBSD: chacha_private.h,v 1.2 2013/10/04 07:02:27 djm Exp $ */
++
++typedef unsigned char u8;
++typedef unsigned int u32;
++
++typedef struct
++{
++  u32 input[16]; /* could be compressed */
++} chacha_ctx;
++
++#define U8C(v) (v##U)
++#define U32C(v) (v##U)
++
++#define U8V(v) ((u8)(v) & U8C(0xFF))
++#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF))
++
++#define ROTL32(v, n) \
++  (U32V((v) << (n)) | ((v) >> (32 - (n))))
++
++#define U8TO32_LITTLE(p) \
++  (((u32)((p)[0])      ) | \
++   ((u32)((p)[1]) <<  8) | \
++   ((u32)((p)[2]) << 16) | \
++   ((u32)((p)[3]) << 24))
++
++#define U32TO8_LITTLE(p, v) \
++  do { \
++    (p)[0] = U8V((v)      ); \
++    (p)[1] = U8V((v) >>  8); \
++    (p)[2] = U8V((v) >> 16); \
++    (p)[3] = U8V((v) >> 24); \
++  } while (0)
++
++#define ROTATE(v,c) (ROTL32(v,c))
++#define XOR(v,w) ((v) ^ (w))
++#define PLUS(v,w) (U32V((v) + (w)))
++#define PLUSONE(v) (PLUS((v),1))
++
++#define QUARTERROUND(a,b,c,d) \
++  a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \
++  c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \
++  a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \
++  c = PLUS(c,d); b = ROTATE(XOR(b,c), 7);
++
++static const char sigma[16] = "expand 32-byte k";
++static const char tau[16] = "expand 16-byte k";
++
++static void
++chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits)
++{
++  const char *constants;
++
++  x->input[4] = U8TO32_LITTLE(k + 0);
++  x->input[5] = U8TO32_LITTLE(k + 4);
++  x->input[6] = U8TO32_LITTLE(k + 8);
++  x->input[7] = U8TO32_LITTLE(k + 12);
++  if (kbits == 256) { /* recommended */
++    k += 16;
++    constants = sigma;
++  } else { /* kbits == 128 */
++    constants = tau;
++  }
++  x->input[8] = U8TO32_LITTLE(k + 0);
++  x->input[9] = U8TO32_LITTLE(k + 4);
++  x->input[10] = U8TO32_LITTLE(k + 8);
++  x->input[11] = U8TO32_LITTLE(k + 12);
++  x->input[0] = U8TO32_LITTLE(constants + 0);
++  x->input[1] = U8TO32_LITTLE(constants + 4);
++  x->input[2] = U8TO32_LITTLE(constants + 8);
++  x->input[3] = U8TO32_LITTLE(constants + 12);
++}
++
++static void
++chacha_ivsetup(chacha_ctx *x,const u8 *iv)
++{
++  x->input[12] = 0;
++  x->input[13] = 0;
++  x->input[14] = U8TO32_LITTLE(iv + 0);
++  x->input[15] = U8TO32_LITTLE(iv + 4);
++}
++
++static void
++chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u32 bytes)
++{
++  u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
++  u32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15;
++  u8 *ctarget = NULL;
++  u8 tmp[64];
++  u_int i;
++
++  if (!bytes) return;
++
++  j0 = x->input[0];
++  j1 = x->input[1];
++  j2 = x->input[2];
++  j3 = x->input[3];
++  j4 = x->input[4];
++  j5 = x->input[5];
++  j6 = x->input[6];
++  j7 = x->input[7];
++  j8 = x->input[8];
++  j9 = x->input[9];
++  j10 = x->input[10];
++  j11 = x->input[11];
++  j12 = x->input[12];
++  j13 = x->input[13];
++  j14 = x->input[14];
++  j15 = x->input[15];
++
++  for (;;) {
++    if (bytes < 64) {
++      for (i = 0;i < bytes;++i) tmp[i] = m[i];
++      m = tmp;
++      ctarget = c;
++      c = tmp;
++    }
++    x0 = j0;
++    x1 = j1;
++    x2 = j2;
++    x3 = j3;
++    x4 = j4;
++    x5 = j5;
++    x6 = j6;
++    x7 = j7;
++    x8 = j8;
++    x9 = j9;
++    x10 = j10;
++    x11 = j11;
++    x12 = j12;
++    x13 = j13;
++    x14 = j14;
++    x15 = j15;
++    for (i = 20;i > 0;i -= 2) {
++      QUARTERROUND( x0, x4, x8,x12)
++      QUARTERROUND( x1, x5, x9,x13)
++      QUARTERROUND( x2, x6,x10,x14)
++      QUARTERROUND( x3, x7,x11,x15)
++      QUARTERROUND( x0, x5,x10,x15)
++      QUARTERROUND( x1, x6,x11,x12)
++      QUARTERROUND( x2, x7, x8,x13)
++      QUARTERROUND( x3, x4, x9,x14)
++    }
++    x0 = PLUS(x0,j0);
++    x1 = PLUS(x1,j1);
++    x2 = PLUS(x2,j2);
++    x3 = PLUS(x3,j3);
++    x4 = PLUS(x4,j4);
++    x5 = PLUS(x5,j5);
++    x6 = PLUS(x6,j6);
++    x7 = PLUS(x7,j7);
++    x8 = PLUS(x8,j8);
++    x9 = PLUS(x9,j9);
++    x10 = PLUS(x10,j10);
++    x11 = PLUS(x11,j11);
++    x12 = PLUS(x12,j12);
++    x13 = PLUS(x13,j13);
++    x14 = PLUS(x14,j14);
++    x15 = PLUS(x15,j15);
++
++#ifndef KEYSTREAM_ONLY
++    x0 = XOR(x0,U8TO32_LITTLE(m + 0));
++    x1 = XOR(x1,U8TO32_LITTLE(m + 4));
++    x2 = XOR(x2,U8TO32_LITTLE(m + 8));
++    x3 = XOR(x3,U8TO32_LITTLE(m + 12));
++    x4 = XOR(x4,U8TO32_LITTLE(m + 16));
++    x5 = XOR(x5,U8TO32_LITTLE(m + 20));
++    x6 = XOR(x6,U8TO32_LITTLE(m + 24));
++    x7 = XOR(x7,U8TO32_LITTLE(m + 28));
++    x8 = XOR(x8,U8TO32_LITTLE(m + 32));
++    x9 = XOR(x9,U8TO32_LITTLE(m + 36));
++    x10 = XOR(x10,U8TO32_LITTLE(m + 40));
++    x11 = XOR(x11,U8TO32_LITTLE(m + 44));
++    x12 = XOR(x12,U8TO32_LITTLE(m + 48));
++    x13 = XOR(x13,U8TO32_LITTLE(m + 52));
++    x14 = XOR(x14,U8TO32_LITTLE(m + 56));
++    x15 = XOR(x15,U8TO32_LITTLE(m + 60));
++#endif
++
++    j12 = PLUSONE(j12);
++    if (!j12) {
++      j13 = PLUSONE(j13);
++      /* stopping at 2^70 bytes per nonce is user's responsibility */
++    }
++
++    U32TO8_LITTLE(c + 0,x0);
++    U32TO8_LITTLE(c + 4,x1);
++    U32TO8_LITTLE(c + 8,x2);
++    U32TO8_LITTLE(c + 12,x3);
++    U32TO8_LITTLE(c + 16,x4);
++    U32TO8_LITTLE(c + 20,x5);
++    U32TO8_LITTLE(c + 24,x6);
++    U32TO8_LITTLE(c + 28,x7);
++    U32TO8_LITTLE(c + 32,x8);
++    U32TO8_LITTLE(c + 36,x9);
++    U32TO8_LITTLE(c + 40,x10);
++    U32TO8_LITTLE(c + 44,x11);
++    U32TO8_LITTLE(c + 48,x12);
++    U32TO8_LITTLE(c + 52,x13);
++    U32TO8_LITTLE(c + 56,x14);
++    U32TO8_LITTLE(c + 60,x15);
++
++    if (bytes <= 64) {
++      if (bytes < 64) {
++        for (i = 0;i < bytes;++i) ctarget[i] = c[i];
++      }
++      x->input[12] = j12;
++      x->input[13] = j13;
++      return;
++    }
++    bytes -= 64;
++    c += 64;
++#ifndef KEYSTREAM_ONLY
++    m += 64;
++#endif
++  }
++}
+diff --git a/openbsd-compat/defines.h b/openbsd-compat/defines.h
+index da7a42c..b734c90 100644
+--- a/openbsd-compat/defines.h
++++ b/openbsd-compat/defines.h
+@@ -745,6 +745,15 @@ struct winsize {
+ #define INET6_ADDRSTRLEN 46
+ #endif
+ 
++/*
++ * Platforms that have arc4random_uniform() and not arc4random_stir()
++ * shouldn't need the latter.
++ */
++#if defined(HAVE_ARC4RANDOM) && defined(HAVE_ARC4RANDOM_UNIFORM) && \
++    !defined(HAVE_ARC4RANDOM_STIR)
++# define arc4random_stir()
++#endif
++
+ #ifndef HAVE_VA_COPY
+ # ifdef HAVE___VA_COPY
+ #  define va_copy(dest, src) __va_copy(dest, src)
+@@ -823,7 +832,7 @@ struct winsize {
+ #endif
+ 
+ #ifndef NETDB_SUCCESS
+-# define NETDB_SUCCESS -1
++# define NETDB_SUCCESS 0
+ #endif
+ 
+ /* end of chl */
+diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
+index c30591c..7baccc8 100644
+--- a/openbsd-compat/openbsd-compat.h
++++ b/openbsd-compat/openbsd-compat.h
+@@ -63,7 +63,28 @@ char *strsep(char **stringp, const char *delim);
+ 
+ #ifndef HAVE_ASPRINTF
+ int asprintf(char **, const char *, ...);
+-#endif 
++#endif
++
++#ifdef HAVE_ARC4RANDOM
++# ifndef HAVE_ARC4RANDOM_STIR
++#  define arc4random_stir()
++# endif
++#else
++unsigned int arc4random(void);
++void arc4random_stir(void);
++#endif /* !HAVE_ARC4RANDOM */
++
++#ifndef HAVE_ARC4RANDOM_BUF
++void arc4random_buf(void *, size_t);
++#endif
++
++#ifndef HAVE_ARC4RANDOM_UNIFORM
++u_int32_t arc4random_uniform(u_int32_t);
++#endif
++
++#ifndef HAVE_RES_RANDOMID
++u_int res_randomid(void);
++#endif
+ 
+ /* #include <sys/types.h> XXX needed? For size_t */
+ 
+diff --git a/openbsd-compat/res_random.c b/openbsd-compat/res_random.c
+new file mode 100644
+index 0000000..7910019
+--- /dev/null
++++ b/openbsd-compat/res_random.c
+@@ -0,0 +1,283 @@
++/* $OpenBSD: res_random.c,v 1.22 2015/06/04 19:26:39 eric Exp $ */
++
++/*
++ * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
++ * Copyright 2008 Damien Miller <djm@openbsd.org>
++ * All rights reserved.
++ *
++ * Theo de Raadt <deraadt@openbsd.org> came up with the idea of using
++ * such a mathematical system to generate more random (yet non-repeating)
++ * ids to solve the resolver/named problem.  But Niels designed the
++ * actual system based on the constraints.
++ *
++ * Later modified by Damien Miller to wrap the LCG output in a 15-bit
++ * permutation generator based on a Luby-Rackoff block cipher. This
++ * ensures the output is non-repeating and preserves the MSB twiddle
++ * trick, but makes it more resistant to LCG prediction.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ *    notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ *    notice, this list of conditions and the following disclaimer in the
++ *    documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ */
++
++/* 
++ * seed = random 15bit
++ * n = prime, g0 = generator to n,
++ * j = random so that gcd(j,n-1) == 1
++ * g = g0^j mod n will be a generator again.
++ *
++ * X[0] = random seed.
++ * X[n] = a*X[n-1]+b mod m is a Linear Congruential Generator
++ * with a = 7^(even random) mod m, 
++ *      b = random with gcd(b,m) == 1
++ *      m = 31104 and a maximal period of m-1.
++ *
++ * The transaction id is determined by:
++ * id[n] = seed xor (g^X[n] mod n)
++ *
++ * Effectivly the id is restricted to the lower 15 bits, thus
++ * yielding two different cycles by toggling the msb on and off.
++ * This avoids reuse issues caused by reseeding.
++ *
++ * The output of this generator is then randomly permuted though a
++ * custom 15 bit Luby-Rackoff block cipher.
++ */
++
++#include <sys/types.h>
++#include <netinet/in.h>
++#include <sys/time.h>
++#include <resolv.h>
++
++#include <unistd.h>
++#include <stdlib.h>
++#include <string.h>
++#include <time.h>
++
++#include "thread_private.h"
++
++#include "openbsd-compat.h"
++
++#define RU_OUT  	180	/* Time after wich will be reseeded */
++#define RU_MAX		30000	/* Uniq cycle, avoid blackjack prediction */
++#define RU_GEN		2	/* Starting generator */
++#define RU_N		32749	/* RU_N-1 = 2*2*3*2729 */
++#define RU_AGEN		7	/* determine ru_a as RU_AGEN^(2*rand) */
++#define RU_M		31104	/* RU_M = 2^7*3^5 - don't change */
++#define RU_ROUNDS	11	/* Number of rounds for permute (odd) */
++
++struct prf_ctx {
++	/* PRF lookup table for odd rounds (7 bits input to 8 bits output) */
++	u_char prf7[(RU_ROUNDS / 2) * (1 << 7)];
++
++	/* PRF lookup table for even rounds (8 bits input to 7 bits output) */
++	u_char prf8[((RU_ROUNDS + 1) / 2) * (1 << 8)];
++};
++
++#define PFAC_N 3
++static const u_int16_t pfacts[PFAC_N] = {
++	2, 
++	3,
++	2729
++};
++
++static u_int16_t ru_x;
++static u_int16_t ru_seed, ru_seed2;
++static u_int16_t ru_a, ru_b;
++static u_int16_t ru_g;
++static u_int16_t ru_counter = 0;
++static u_int16_t ru_msb = 0;
++static struct prf_ctx *ru_prf = NULL;
++static time_t ru_reseed;
++static pid_t ru_pid;
++
++static u_int16_t pmod(u_int16_t, u_int16_t, u_int16_t);
++static void res_initid(void);
++
++/*
++ * Do a fast modular exponation, returned value will be in the range
++ * of 0 - (mod-1)
++ */
++static u_int16_t
++pmod(u_int16_t gen, u_int16_t exp, u_int16_t mod)
++{
++	u_int16_t s, t, u;
++
++	s = 1;
++	t = gen;
++	u = exp;
++
++	while (u) {
++		if (u & 1)
++			s = (s * t) % mod;
++		u >>= 1;
++		t = (t * t) % mod;
++	}
++	return (s);
++}
++
++/*
++ * 15-bit permutation based on Luby-Rackoff block cipher
++ */
++static u_int
++permute15(u_int in)
++{
++	int i;
++	u_int left, right, tmp;
++
++	if (ru_prf == NULL)
++		return in;
++
++	left = (in >> 8) & 0x7f;
++	right = in & 0xff;
++
++	/*
++	 * Each round swaps the width of left and right. Even rounds have
++	 * a 7-bit left, odd rounds have an 8-bit left.	Since this uses an
++	 * odd number of rounds, left is always 8 bits wide at the end.
++	 */
++	for (i = 0; i < RU_ROUNDS; i++) {
++		if ((i & 1) == 0)
++			tmp = ru_prf->prf8[(i << (8 - 1)) | right] & 0x7f;
++		else
++			tmp = ru_prf->prf7[((i - 1) << (7 - 1)) | right];
++		tmp ^= left;
++		left = right;
++		right = tmp;
++	}
++
++	return (right << 8) | left;
++}
++
++/* 
++ * Initializes the seed and chooses a suitable generator. Also toggles 
++ * the msb flag. The msb flag is used to generate two distinct
++ * cycles of random numbers and thus avoiding reuse of ids.
++ *
++ * This function is called from res_randomid() when needed, an 
++ * application does not have to worry about it.
++ */
++static void 
++res_initid(void)
++{
++	u_int16_t j, i;
++	u_int32_t tmp;
++	int noprime = 1;
++	struct timespec ts;
++
++	ru_x = arc4random_uniform(RU_M);
++
++	/* 15 bits of random seed */
++	tmp = arc4random();
++	ru_seed = (tmp >> 16) & 0x7FFF;
++	ru_seed2 = tmp & 0x7FFF;
++
++	/* Determine the LCG we use */
++	tmp = arc4random();
++	ru_b = (tmp & 0xfffe) | 1;
++	ru_a = pmod(RU_AGEN, (tmp >> 16) & 0xfffe, RU_M);
++	while (ru_b % 3 == 0)
++		ru_b += 2;
++	
++	j = arc4random_uniform(RU_N);
++
++	/* 
++	 * Do a fast gcd(j,RU_N-1), so we can find a j with
++	 * gcd(j, RU_N-1) == 1, giving a new generator for
++	 * RU_GEN^j mod RU_N
++	 */
++
++	while (noprime) {
++		for (i = 0; i < PFAC_N; i++)
++			if (j % pfacts[i] == 0)
++				break;
++
++		if (i >= PFAC_N)
++			noprime = 0;
++		else 
++			j = (j + 1) % RU_N;
++	}
++
++	ru_g = pmod(RU_GEN, j, RU_N);
++	ru_counter = 0;
++
++	/* Initialise PRF for Luby-Rackoff permutation */
++	if (ru_prf == NULL)
++		ru_prf = malloc(sizeof(*ru_prf));
++	if (ru_prf != NULL)
++		arc4random_buf(ru_prf, sizeof(*ru_prf));
++
++	clock_gettime(CLOCK_MONOTONIC, &ts);
++	ru_reseed = ts.tv_sec + RU_OUT;
++	ru_msb = ru_msb == 0x8000 ? 0 : 0x8000; 
++}
++
++u_int
++res_randomid(void)
++{
++	struct timespec ts;
++	pid_t pid;
++	u_int r;
++	_THREAD_PRIVATE_MUTEX(random);
++
++	clock_gettime(CLOCK_MONOTONIC, &ts);
++	pid = getpid();
++
++	_THREAD_PRIVATE_MUTEX_LOCK(random);
++
++	if (ru_counter >= RU_MAX || ts.tv_sec > ru_reseed || pid != ru_pid) {
++		res_initid();
++		ru_pid = pid;
++	}
++
++	/* Linear Congruential Generator */
++	ru_x = (ru_a * ru_x + ru_b) % RU_M;
++	ru_counter++;
++
++	r = permute15(ru_seed ^ pmod(ru_g, ru_seed2 + ru_x, RU_N)) | ru_msb;
++
++	_THREAD_PRIVATE_MUTEX_UNLOCK(random);
++
++	return (r);
++}
++
++#if 0
++int
++main(int argc, char **argv)
++{
++	int i, n;
++	u_int16_t wert;
++
++	res_initid();
++
++	printf("Generator: %u\n", ru_g);
++	printf("Seed: %u\n", ru_seed);
++	printf("Reseed at %ld\n", ru_reseed);
++	printf("Ru_X: %u\n", ru_x);
++	printf("Ru_A: %u\n", ru_a);
++	printf("Ru_B: %u\n", ru_b);
++
++	n = argc > 1 ? atoi(argv[1]) : 60001;
++	for (i=0;i<n;i++) {
++		wert = res_randomid();
++		printf("%u\n", wert);
++	}
++	return 0;
++}
++#endif
++
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 2e2e40d..75353d4 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -12,6 +12,11 @@ libasr_la_SOURCES +=	$(top_srcdir)/openbsd-compat/strlcpy.c
+ libasr_la_SOURCES +=	$(top_srcdir)/openbsd-compat/strsep.c
+ libasr_la_SOURCES +=	$(top_srcdir)/openbsd-compat/strtonum.c
+ 
++if USE_OPENBSD_RES_RANDOM
++libasr_la_SOURCES +=	$(top_srcdir)/openbsd-compat/arc4random.c
++libasr_la_SOURCES +=	$(top_srcdir)/openbsd-compat/res_random.c
++endif
++
+ include_HEADERS =	asr.h
+ 
+ libasr_la_CPPFLAGS =	-I$(top_srcdir)/src -I$(top_srcdir)/openbsd-compat
diff --git a/main/libasr/APKBUILD b/main/libasr/APKBUILD
new file mode 100644
index 0000000000..178f25e688
--- /dev/null
+++ b/main/libasr/APKBUILD
@@ -0,0 +1,52 @@
+# Contributor: ScrumpyJack <scrumpyjack@st.ilet.to>
+# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
+pkgname=libasr
+pkgver=1.0.2
+pkgrel=2
+pkgdesc="libasr is a free, simple and portable asynchronous resolver library"
+url="http://www.opensmtpd.org"
+arch="all"
+license="ISC"
+depends=""
+depends_dev=""
+makedepends="mdocml bison openssl-dev automake autoconf libtool"
+install=""
+subpackages="$pkgname-dev $pkgname-doc"
+source="https://github.com/OpenSMTPD/libasr/archive/libasr-$pkgver.zip
+	00-use-openbsd-res_randomid.patch"
+
+_builddir=${srcdir}/${pkgname}-${pkgname}-${pkgver}
+prepare() {
+	local i
+	cd "$_builddir"
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
+        ./bootstrap
+}
+
+build() {
+	cd "$_builddir"
+        ./configure --build=$CBUILD \
+		--host=$CHOST \
+		--with-pie \
+		--with-Werror \
+		--prefix=/usr \
+		--mandir=/usr/share/man \
+		--with-mantype=man || return 1
+        make || return 1
+}
+
+package() {
+	cd "$_builddir"
+        make DESTDIR=${pkgdir} install || return 1
+}
+
+md5sums="1919b1b1c5a08821901fd2c0a6d488a7  libasr-1.0.2.zip
+2d32d1f831dc000137d5fcaf9db3e33f  00-use-openbsd-res_randomid.patch"
+sha256sums="8e1ed7420446219d105ac0c384cf69160791335dc69bf1ca0581279472241ca7  libasr-1.0.2.zip
+19ad3fe95f881b60c317ec63777c1b4843dbaea39d28343eb67c5bdbabe4e5f9  00-use-openbsd-res_randomid.patch"
+sha512sums="2b9185c9bd953d093be397554bc024ddab03003e0c56f19018a8bc22d48434fe3364274fef631cd5e2984321368baff4cd4a504d61b71c60ceffd9e5cc3c8124  libasr-1.0.2.zip
+2dd30b5147562f209b23b4a939be787304125cf559bccd937781149cc7cb487c4cf6ec358fba32a33407c7ca3e44545ebbe04ddc2a14504835409f23bdef9689  00-use-openbsd-res_randomid.patch"