From 39e07e62f471cbf40503cdc1926da6fef0cc0a3e Mon Sep 17 00:00:00 2001 From: "Alex Xu (Hello71)" Date: Wed, 15 Aug 2018 13:18:17 -0400 Subject: Source cleanups. --- INSTALL | 2 +- LICENSE | 8 +- Makefile.in | 27 +-- README | 45 +++-- autogen.sh | 3 +- configure.ac | 11 +- doc/random-seed.8 | 10 ++ m4/ax_check_compile_flag.m4 | 74 ++++++++ m4/pkg.m4 | 343 ++++++++++++++++++++++++++++++++++++ random-seed-save.service.in | 16 -- random-seed-save.timer | 11 -- random-seed.8 | 10 -- random-seed.service.in | 28 --- src/musl-libgen-c.h | 3 +- src/random-seed.c | 16 +- src/sha2.c | 3 +- src/sha2.h | 3 +- src/util.c | 2 + src/util.h | 6 +- systemd/random-seed-save.service.in | 16 ++ systemd/random-seed-save.timer | 11 ++ systemd/random-seed.service.in | 28 +++ 22 files changed, 567 insertions(+), 109 deletions(-) create mode 100644 doc/random-seed.8 create mode 100644 m4/ax_check_compile_flag.m4 create mode 100644 m4/pkg.m4 delete mode 100644 random-seed-save.service.in delete mode 100644 random-seed-save.timer delete mode 100644 random-seed.8 delete mode 100644 random-seed.service.in create mode 100644 systemd/random-seed-save.service.in create mode 100644 systemd/random-seed-save.timer create mode 100644 systemd/random-seed.service.in diff --git a/INSTALL b/INSTALL index e3bc2df..9d98581 100644 --- a/INSTALL +++ b/INSTALL @@ -1,4 +1,4 @@ -Use ./configure; make; sudo make test; sudo make install. +Use ./configure; make; make test; sudo make install. If building from git, run ./autogen.sh first. diff --git a/LICENSE b/LICENSE index a2b1204..e0d83e9 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,7 @@ This software is a combination of components distributed under the 3-clause -BSD, MIT, and FSF unlimited licenses. +BSD, MIT, and FSF unlimited licenses. Note that libudev, libblkid, and libmount +are LGPL licensed, so when random-seed is built against those, the terms of the +LGPL apply for those libraries. All files that neither have copyright notices at the top nor are listed below are distributed under the 3-clause BSD license: @@ -33,7 +35,9 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --- -Autoconf generated files are distributed under the FSF unlimited license located in their respective files (as of writing, aclocal.m4, config.status, configure). +Autoconf generated files are distributed under the FSF unlimited license +located in their respective files (as of writing, aclocal.m4, config.status, +configure). --- diff --git a/Makefile.in b/Makefile.in index 455315c..536a372 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,7 +1,9 @@ +# SPDX-License-Identifier: BSD-3-Clause # @configure_input@ VPATH = @srcdir@:@srcdir@/src srcdir = @srcdir@ +abs_builddir = @abs_builddir@ prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -14,7 +16,7 @@ systemdsystemunitdir = @systemdsystemunitdir@ default_seed_path_dir = @default_seed_path_dir@ CC = @CC@ -CFLAGS = -Wall -Wextra -pedantic @CFLAGS@ -UNDEBUG -include @abs_builddir@/config.h +CFLAGS = @CFLAGS@ -UNDEBUG -I$(abs_builddir) CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ @@ -22,9 +24,12 @@ SRC := random-seed.c sha2.c util.c OBJ := $(SRC:.c=.o) TEST_FILE := random-seed.test -all: random-seed random-seed.service random-seed-save.service +all: random-seed systemd/random-seed.service systemd/random-seed-save.service -Makefile: Makefile.in configure.ac +$(srcdir)/configure: $(srcdir)/aclocal.m4 $(srcdir)/autogen.sh $(srcdir)/configure.ac + cd $(srcdir); ./autogen.sh + +Makefile: $(srcdir)/configure Makefile.in $(srcdir)/configure random-seed: $(OBJ) @@ -35,18 +40,19 @@ util.o: util.c util.h sha2.h sha2.o: sha2.c sha2.h -random-seed.service random-seed-save.service: Makefile +systemd/random-seed.service systemd/random-seed-save.service: Makefile +.in: sed -e 's|@sbindir[@]|$(sbindir)|g' \ -e 's|@default_seed_path_dir[@]|$(default_seed_path_dir)|g' \ $(srcdir)/$@.in > $@ install: all install -D -m755 random-seed $(DESTDIR)$(sbindir)/random-seed - install -D -m644 $(srcdir)/random-seed.8 $(DESTDIR)$(mandir)/man8/random-seed.8 + install -D -m644 $(srcdir)/doc/random-seed.8 $(DESTDIR)$(mandir)/man8/random-seed.8 ifneq ($(systemdsystemunitdir),) - install -D -m644 random-seed.service $(DESTDIR)$(systemdsystemunitdir)/random-seed.service - install -D -m644 $(srcdir)/random-seed-save.service $(DESTDIR)$(systemdsystemunitdir)/random-seed-save.service - install -D -m644 $(srcdir)/random-seed-save.timer $(DESTDIR)$(systemdsystemunitdir)/random-seed-save.timer + install -D -m644 systemd/random-seed.service $(DESTDIR)$(systemdsystemunitdir)/random-seed.service + install -D -m644 $(srcdir)/systemd/random-seed-save.service $(DESTDIR)$(systemdsystemunitdir)/random-seed-save.service + install -D -m644 $(srcdir)/systemd/random-seed-save.timer $(DESTDIR)$(systemdsystemunitdir)/random-seed-save.timer endif test: $(TEST_FILE) @@ -56,10 +62,11 @@ $(TEST_FILE): random-seed $(TEST_WRAPPER) ./random-seed load $(TEST_FILE) || [ $$? = 15 ] clean: - $(RM) random-seed random-seed.service random-seed-save.service $(OBJ) $(DEP) $(TEST_FILE) + $(RM) random-seed systemd/random-seed.service systemd/random-seed-save.service $(OBJ) $(DEP) $(TEST_FILE) + rmdir systemd 2>/dev/null || true distclean: clean - $(RM) -r autom4te.cache config.h config.log config.status Makefile + $(RM) -r autom4te.cache config.cache config.h config.log config.status Makefile .PHONY: all install test clean random-seed.test .INTERMEDIATE: $(TEST_FILE) diff --git a/README b/README index 6c27edb..1fb5062 100644 --- a/README +++ b/README @@ -1,16 +1,14 @@ random-seed is a random seed management program. In contrast with other random seed implementations, random-seed will credit the random seed to the kernel entropy count. It attempts to prevent inadvertent random seed sharing by -checking that certain system identifiers, such as the machine ID and filesystem +checking that certain system identifiers such as the machine ID and filesystem ID have not changed between a save and load. If these identifiers do not match, random-seed will still load the random seed, but will not credit the entropy. -It is my understanding that other operating systems are either not commonly -imaged (e.g. BSDs) or have official tools for system image preparation (e.g. -sysprep for Windows). Therefore, random-seed is Linux specific. However, it -should be reasonably easy to port by simply adjusting the paths and changing -getrandom to /dev/random. +random-seed is intended for distribution use. For a system that is +administratively guaranteed not to be cloned, consider the random-seed-basic +project instead. random-seed requires the following to compile: @@ -18,8 +16,35 @@ random-seed requires the following to compile: - GNU make (BSD make is not fine) - Bourne-like sh (autoconf compatible, i.e. probably all of them) -If compiling from git, autoconf is also required. random-seed does not use -automake, gettext, or libtool. +random-seed also supports linking with libudev or libmount and libblkid. It is +highly recommended to enable libudev if your target platform includes udevd +(eudev is supported), as it allows detection of the hard drive ID. Otherwise, +it is highly recommended to enable libmount and libblkid, as these allow +reliable detection of the file system UUID. It is assumed that most GNU/Linux +systems will include the util-linux package that contains these libraries, so +that should cover almost everybody. Even so, if neither of these are compiled +in, random-seed will fall back on the statfs(2) system call and use the f_fsid +field to identify the file system, if the file system type is btrfs, ext2/3/4, +JFS, NTFS, reiserfs, or UBIFS. If the file system type is none of these, and +none of the above libraries have been compiled in, random-seed will only use +the machine ID for cloning detection. However, if you do not have libudev, you +probably also do not use systemd or dbus, so you will probably not have a +machine ID. In this case, random-seed will never credit the entropy, so you may +as well use a "dd if=random-seed of=/dev/urandom" script. -random-seed requires Linux 3.11 or higher supporting the getrandom(2) system -call. +When compiling from git, autoconf, aclocal, and autoconf-archive are required. +aclocal is provided by the automake package on most operating systems. [1] + +random-seed is Linux-specific, as it is my understanding that other operating +systems are either not commonly imaged (e.g. BSDs) or have official tools for +system image preparation (e.g. sysprep for Windows). However, it should be +reasonably easy to port by simply adjusting the paths and changing getrandom to +/dev/random. + +random-seed supports a daemonize mode. This is recommended on systems without +a centralized timer synchronization mechanism similar to Android or systemd. +random-seed uses under 100 KB of RAM and negligible CPU when daemonized. + +[1] Automake has a "Future of aclocal" section in its manual. This section has +contained the text "aclocal is expected to disappear" since its inception in +2003, more than 15 years ago as of writing. diff --git a/autogen.sh b/autogen.sh index afcd93c..ae9d8c7 100755 --- a/autogen.sh +++ b/autogen.sh @@ -1,9 +1,10 @@ #!/bin/sh +# SPDX-License-Identifier: BSD-3-Clause set -e autoheader & -aclocal +aclocal -I m4 --install autoconf wait diff --git a/configure.ac b/configure.ac index 813238a..e157917 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,10 @@ +# SPDX-License-Identifier: BSD-3-Clause + AC_INIT(random-seed, 0.1) +AC_CONFIG_MACRO_DIRS([m4]) + AC_LANG(C) + AC_CONFIG_HEADERS(config.h) AC_PROG_CC @@ -7,7 +12,7 @@ AC_PROG_CC_C99 AS_IF([test "$ac_cv_prog_cc_c99" = no], [AC_MSG_ERROR([a C99 compatible compiler is required])]) -CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200809L" +CPPFLAGS="${CPPFLAGS+$CPPFLAGS }-D_GNU_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200809L" PKG_CHECK_VAR(systemdsystemunitdir, systemd, systemdsystemunitdir) @@ -44,4 +49,8 @@ AC_DEFINE_UNQUOTED(DEFAULT_SEED_PATH, "$default_seed_path", [default seed path]) default_seed_path_dir=${default_seed_path%/*} AC_SUBST(default_seed_path_dir) +AX_CHECK_COMPILE_FLAG(-Wall, [CFLAGS="-Wall${CFLAGS+ $CFLAGS}"]) +AX_CHECK_COMPILE_FLAG(-Wextra, [CFLAGS="-Wextra${CFLAGS+ $CFLAGS}"]) +AX_CHECK_COMPILE_FLAG(-pedantic, [CFLAGS="-pedantic${CFLAGS+ $CFLAGS}"]) + AC_OUTPUT(Makefile) diff --git a/doc/random-seed.8 b/doc/random-seed.8 new file mode 100644 index 0000000..484159d --- /dev/null +++ b/doc/random-seed.8 @@ -0,0 +1,10 @@ +.TH RANDOM-SEED 8 +.SH NAME +random\-seed \- random seed manager +.SH SYNOPSIS +\fBrandom\-seed \fImode \fR[ \fIfile \fR] +.SH DESCRIPTION +Random seed manager. +.SH SEE ALSO +.BR random (4), +.BR systemd-random-seed (8) diff --git a/m4/ax_check_compile_flag.m4 b/m4/ax_check_compile_flag.m4 new file mode 100644 index 0000000..dcabb92 --- /dev/null +++ b/m4/ax_check_compile_flag.m4 @@ -0,0 +1,74 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT]) +# +# DESCRIPTION +# +# Check whether the given FLAG works with the current language's compiler +# or gives an error. (Warnings, however, are ignored) +# +# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on +# success/failure. +# +# If EXTRA-FLAGS is defined, it is added to the current language's default +# flags (e.g. CFLAGS) when the check is done. The check is thus made with +# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to +# force the compiler to issue an error when a bad flag is given. +# +# INPUT gives an alternative input source to AC_COMPILE_IFELSE. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this +# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 5 + +AC_DEFUN([AX_CHECK_COMPILE_FLAG], +[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF +AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl +AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [ + ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS + _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1" + AC_COMPILE_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])], + [AS_VAR_SET(CACHEVAR,[yes])], + [AS_VAR_SET(CACHEVAR,[no])]) + _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags]) +AS_VAR_IF(CACHEVAR,yes, + [m4_default([$2], :)], + [m4_default([$3], :)]) +AS_VAR_POPDEF([CACHEVAR])dnl +])dnl AX_CHECK_COMPILE_FLAGS diff --git a/m4/pkg.m4 b/m4/pkg.m4 new file mode 100644 index 0000000..d8549a4 --- /dev/null +++ b/m4/pkg.m4 @@ -0,0 +1,343 @@ +# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- +# serial 11 (pkg-config-0.29.1) + +dnl Copyright © 2004 Scott James Remnant . +dnl Copyright © 2012-2015 Dan Nicholson +dnl +dnl This program is free software; you can redistribute it and/or modify +dnl it under the terms of the GNU General Public License as published by +dnl the Free Software Foundation; either version 2 of the License, or +dnl (at your option) any later version. +dnl +dnl This program is distributed in the hope that it will be useful, but +dnl WITHOUT ANY WARRANTY; without even the implied warranty of +dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +dnl General Public License for more details. +dnl +dnl You should have received a copy of the GNU General Public License +dnl along with this program; if not, write to the Free Software +dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +dnl 02111-1307, USA. +dnl +dnl As a special exception to the GNU General Public License, if you +dnl distribute this file as part of a program that contains a +dnl configuration script generated by Autoconf, you may include it under +dnl the same distribution terms that you use for the rest of that +dnl program. + +dnl PKG_PREREQ(MIN-VERSION) +dnl ----------------------- +dnl Since: 0.29 +dnl +dnl Verify that the version of the pkg-config macros are at least +dnl MIN-VERSION. Unlike PKG_PROG_PKG_CONFIG, which checks the user's +dnl installed version of pkg-config, this checks the developer's version +dnl of pkg.m4 when generating configure. +dnl +dnl To ensure that this macro is defined, also add: +dnl m4_ifndef([PKG_PREREQ], +dnl [m4_fatal([must install pkg-config 0.29 or later before running autoconf/autogen])]) +dnl +dnl See the "Since" comment for each macro you use to see what version +dnl of the macros you require. +m4_defun([PKG_PREREQ], +[m4_define([PKG_MACROS_VERSION], [0.29.1]) +m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1, + [m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])]) +])dnl PKG_PREREQ + +dnl PKG_PROG_PKG_CONFIG([MIN-VERSION]) +dnl ---------------------------------- +dnl Since: 0.16 +dnl +dnl Search for the pkg-config tool and set the PKG_CONFIG variable to +dnl first found in the path. Checks that the version of pkg-config found +dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is +dnl used since that's the first version where most current features of +dnl pkg-config existed. +AC_DEFUN([PKG_PROG_PKG_CONFIG], +[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) +m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$]) +m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$]) +AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) +AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) +AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) + +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=m4_default([$1], [0.9.0]) + AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PKG_CONFIG="" + fi +fi[]dnl +])dnl PKG_PROG_PKG_CONFIG + +dnl PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +dnl ------------------------------------------------------------------- +dnl Since: 0.18 +dnl +dnl Check to see whether a particular set of modules exists. Similar to +dnl PKG_CHECK_MODULES(), but does not set variables or print errors. +dnl +dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +dnl only at the first occurence in configure.ac, so if the first place +dnl it's called might be skipped (such as if it is within an "if", you +dnl have to call PKG_CHECK_EXISTS manually +AC_DEFUN([PKG_CHECK_EXISTS], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +if test -n "$PKG_CONFIG" && \ + AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then + m4_default([$2], [:]) +m4_ifvaln([$3], [else + $3])dnl +fi]) + +dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) +dnl --------------------------------------------- +dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting +dnl pkg_failed based on the result. +m4_define([_PKG_CONFIG], +[if test -n "$$1"; then + pkg_cv_[]$1="$$1" + elif test -n "$PKG_CONFIG"; then + PKG_CHECK_EXISTS([$3], + [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null` + test "x$?" != "x0" && pkg_failed=yes ], + [pkg_failed=yes]) + else + pkg_failed=untried +fi[]dnl +])dnl _PKG_CONFIG + +dnl _PKG_SHORT_ERRORS_SUPPORTED +dnl --------------------------- +dnl Internal check to see if pkg-config supports short errors. +AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi[]dnl +])dnl _PKG_SHORT_ERRORS_SUPPORTED + + +dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], +dnl [ACTION-IF-NOT-FOUND]) +dnl -------------------------------------------------------------- +dnl Since: 0.4.0 +dnl +dnl Note that if there is a possibility the first call to +dnl PKG_CHECK_MODULES might not happen, you should be sure to include an +dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac +AC_DEFUN([PKG_CHECK_MODULES], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl +AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl + +pkg_failed=no +AC_MSG_CHECKING([for $1]) + +_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) +_PKG_CONFIG([$1][_LIBS], [libs], [$2]) + +m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS +and $1[]_LIBS to avoid the need to call pkg-config. +See the pkg-config man page for more details.]) + +if test $pkg_failed = yes; then + AC_MSG_RESULT([no]) + _PKG_SHORT_ERRORS_SUPPORTED + if test $_pkg_short_errors_supported = yes; then + $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1` + else + $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD + + m4_default([$4], [AC_MSG_ERROR( +[Package requirements ($2) were not met: + +$$1_PKG_ERRORS + +Consider adjusting the PKG_CONFIG_PATH environment variable if you +installed software in a non-standard prefix. + +_PKG_TEXT])[]dnl + ]) +elif test $pkg_failed = untried; then + AC_MSG_RESULT([no]) + m4_default([$4], [AC_MSG_FAILURE( +[The pkg-config script could not be found or is too old. Make sure it +is in your PATH or set the PKG_CONFIG environment variable to the full +path to pkg-config. + +_PKG_TEXT + +To get pkg-config, see .])[]dnl + ]) +else + $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS + $1[]_LIBS=$pkg_cv_[]$1[]_LIBS + AC_MSG_RESULT([yes]) + $3 +fi[]dnl +])dnl PKG_CHECK_MODULES + + +dnl PKG_CHECK_MODULES_STATIC(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], +dnl [ACTION-IF-NOT-FOUND]) +dnl --------------------------------------------------------------------- +dnl Since: 0.29 +dnl +dnl Checks for existence of MODULES and gathers its build flags with +dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags +dnl and VARIABLE-PREFIX_LIBS from --libs. +dnl +dnl Note that if there is a possibility the first call to +dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to +dnl include an explicit call to PKG_PROG_PKG_CONFIG in your +dnl configure.ac. +AC_DEFUN([PKG_CHECK_MODULES_STATIC], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +_save_PKG_CONFIG=$PKG_CONFIG +PKG_CONFIG="$PKG_CONFIG --static" +PKG_CHECK_MODULES($@) +PKG_CONFIG=$_save_PKG_CONFIG[]dnl +])dnl PKG_CHECK_MODULES_STATIC + + +dnl PKG_INSTALLDIR([DIRECTORY]) +dnl ------------------------- +dnl Since: 0.27 +dnl +dnl Substitutes the variable pkgconfigdir as the location where a module +dnl should install pkg-config .pc files. By default the directory is +dnl $libdir/pkgconfig, but the default can be changed by passing +dnl DIRECTORY. The user can override through the --with-pkgconfigdir +dnl parameter. +AC_DEFUN([PKG_INSTALLDIR], +[m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])]) +m4_pushdef([pkg_description], + [pkg-config installation directory @<:@]pkg_default[@:>@]) +AC_ARG_WITH([pkgconfigdir], + [AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],, + [with_pkgconfigdir=]pkg_default) +AC_SUBST([pkgconfigdir], [$with_pkgconfigdir]) +m4_popdef([pkg_default]) +m4_popdef([pkg_description]) +])dnl PKG_INSTALLDIR + + +dnl PKG_NOARCH_INSTALLDIR([DIRECTORY]) +dnl -------------------------------- +dnl Since: 0.27 +dnl +dnl Substitutes the variable noarch_pkgconfigdir as the location where a +dnl module should install arch-independent pkg-config .pc files. By +dnl default the directory is $datadir/pkgconfig, but the default can be +dnl changed by passing DIRECTORY. The user can override through the +dnl --with-noarch-pkgconfigdir parameter. +AC_DEFUN([PKG_NOARCH_INSTALLDIR], +[m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])]) +m4_pushdef([pkg_description], + [pkg-config arch-independent installation directory @<:@]pkg_default[@:>@]) +AC_ARG_WITH([noarch-pkgconfigdir], + [AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],, + [with_noarch_pkgconfigdir=]pkg_default) +AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir]) +m4_popdef([pkg_default]) +m4_popdef([pkg_description]) +])dnl PKG_NOARCH_INSTALLDIR + + +dnl PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE, +dnl [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +dnl ------------------------------------------- +dnl Since: 0.28 +dnl +dnl Retrieves the value of the pkg-config variable for the given module. +AC_DEFUN([PKG_CHECK_VAR], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl + +_PKG_CONFIG([$1], [variable="][$3]["], [$2]) +AS_VAR_COPY([$1], [pkg_cv_][$1]) + +AS_VAR_IF([$1], [""], [$5], [$4])dnl +])dnl PKG_CHECK_VAR + +dnl PKG_WITH_MODULES(VARIABLE-PREFIX, MODULES, +dnl [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND], +dnl [DESCRIPTION], [DEFAULT]) +dnl ------------------------------------------ +dnl +dnl Prepare a "--with-" configure option using the lowercase +dnl [VARIABLE-PREFIX] name, merging the behaviour of AC_ARG_WITH and +dnl PKG_CHECK_MODULES in a single macro. +AC_DEFUN([PKG_WITH_MODULES], +[ +m4_pushdef([with_arg], m4_tolower([$1])) + +m4_pushdef([description], + [m4_default([$5], [build with ]with_arg[ support])]) + +m4_pushdef([def_arg], [m4_default([$6], [auto])]) +m4_pushdef([def_action_if_found], [AS_TR_SH([with_]with_arg)=yes]) +m4_pushdef([def_action_if_not_found], [AS_TR_SH([with_]with_arg)=no]) + +m4_case(def_arg, + [yes],[m4_pushdef([with_without], [--without-]with_arg)], + [m4_pushdef([with_without],[--with-]with_arg)]) + +AC_ARG_WITH(with_arg, + AS_HELP_STRING(with_without, description[ @<:@default=]def_arg[@:>@]),, + [AS_TR_SH([with_]with_arg)=def_arg]) + +AS_CASE([$AS_TR_SH([with_]with_arg)], + [yes],[PKG_CHECK_MODULES([$1],[$2],$3,$4)], + [auto],[PKG_CHECK_MODULES([$1],[$2], + [m4_n([def_action_if_found]) $3], + [m4_n([def_action_if_not_found]) $4])]) + +m4_popdef([with_arg]) +m4_popdef([description]) +m4_popdef([def_arg]) + +])dnl PKG_WITH_MODULES + +dnl PKG_HAVE_WITH_MODULES(VARIABLE-PREFIX, MODULES, +dnl [DESCRIPTION], [DEFAULT]) +dnl ----------------------------------------------- +dnl +dnl Convenience macro to trigger AM_CONDITIONAL after PKG_WITH_MODULES +dnl check._[VARIABLE-PREFIX] is exported as make variable. +AC_DEFUN([PKG_HAVE_WITH_MODULES], +[ +PKG_WITH_MODULES([$1],[$2],,,[$3],[$4]) + +AM_CONDITIONAL([HAVE_][$1], + [test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"]) +])dnl PKG_HAVE_WITH_MODULES + +dnl PKG_HAVE_DEFINE_WITH_MODULES(VARIABLE-PREFIX, MODULES, +dnl [DESCRIPTION], [DEFAULT]) +dnl ------------------------------------------------------ +dnl +dnl Convenience macro to run AM_CONDITIONAL and AC_DEFINE after +dnl PKG_WITH_MODULES check. HAVE_[VARIABLE-PREFIX] is exported as make +dnl and preprocessor variable. +AC_DEFUN([PKG_HAVE_DEFINE_WITH_MODULES], +[ +PKG_HAVE_WITH_MODULES([$1],[$2],[$3],[$4]) + +AS_IF([test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"], + [AC_DEFINE([HAVE_][$1], 1, [Enable ]m4_tolower([$1])[ support])]) +])dnl PKG_HAVE_DEFINE_WITH_MODULES diff --git a/random-seed-save.service.in b/random-seed-save.service.in deleted file mode 100644 index e70192b..0000000 --- a/random-seed-save.service.in +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Random seed save -RequiresMountsFor=@default_seed_path_dir@ -After=systemd-remount-fs.service - -[Service] -ExecStart=@sbindir@/random-seed save -CapabilityBoundingSet= -NoNewPrivileges=yes -PrivateDevices=yes -PrivateNetwork=yes -ProtectKernelTunables=yes -ProtectKernelModules=yes -LockPersonality=yes -TemporaryFileSystem=/:ro -BindPaths=@default_seed_path_dir@ diff --git a/random-seed-save.timer b/random-seed-save.timer deleted file mode 100644 index f39227d..0000000 --- a/random-seed-save.timer +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Random seed save timer -ConditionVirtualization=!container - -[Timer] -OnActiveSec=3h -OnUnitInactiveSec=3h -AccuracySec=2h - -[Install] -WantedBy=timers.target diff --git a/random-seed.8 b/random-seed.8 deleted file mode 100644 index 484159d..0000000 --- a/random-seed.8 +++ /dev/null @@ -1,10 +0,0 @@ -.TH RANDOM-SEED 8 -.SH NAME -random\-seed \- random seed manager -.SH SYNOPSIS -\fBrandom\-seed \fImode \fR[ \fIfile \fR] -.SH DESCRIPTION -Random seed manager. -.SH SEE ALSO -.BR random (4), -.BR systemd-random-seed (8) diff --git a/random-seed.service.in b/random-seed.service.in deleted file mode 100644 index 97bda54..0000000 --- a/random-seed.service.in +++ /dev/null @@ -1,28 +0,0 @@ -[Unit] -Description=Random seed load/save -Documentation=man:random-seed(8) man:random(4) -DefaultDependencies=no -RequiresMountsFor=@default_seed_path_dir@ -Conflicts=shutdown.target -After=systemd-remount-fs.service -Before=sysinit.target shutdown.target -ConditionVirtualization=!container - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=@sbindir@/random-seed load -ExecStop=@sbindir@/random-seed save -CapabilityBoundingSet=CAP_SYS_ADMIN -NoNewPrivileges=yes -PrivateDevices=yes -PrivateNetwork=yes -ProtectKernelTunables=yes -ProtectKernelModules=yes -LockPersonality=yes -TemporaryFileSystem=/:ro -BindPaths=@default_seed_path_dir@ -TimeoutSec=30s - -[Install] -WantedBy=sysinit.target diff --git a/src/musl-libgen-c.h b/src/musl-libgen-c.h index 99c90ee..d947197 100644 --- a/src/musl-libgen-c.h +++ b/src/musl-libgen-c.h @@ -1,4 +1,5 @@ -/* +/* SPDX-License-Identifier: MIT + * * Copied from musl. * * Copyright © 2005-2014 Rich Felker, et al. diff --git a/src/random-seed.c b/src/random-seed.c index 0b7c5c4..b8e8ad7 100644 --- a/src/random-seed.c +++ b/src/random-seed.c @@ -1,17 +1,4 @@ -/* Copyright 2018 Alex Xu (aka Hello71, alxu) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// SPDX-License-Identifier: BSD-3-Clause #include #include @@ -30,6 +17,7 @@ #include #include +#include "config.h" #include "musl-libgen-c.h" #include "util.h" diff --git a/src/sha2.c b/src/sha2.c index 4c2b615..d949537 100644 --- a/src/sha2.c +++ b/src/sha2.c @@ -1,4 +1,5 @@ -/* +/* SPDX-License-Identifier: BSD-3-Clause + * * FIPS 180-2 SHA-224/256/384/512 implementation * Last update: 02/02/2007 * Issue date: 04/30/2005 diff --git a/src/sha2.h b/src/sha2.h index bd968ba..e55b74f 100644 --- a/src/sha2.h +++ b/src/sha2.h @@ -1,4 +1,5 @@ -/* +/* SPDX-License-Identifier: BSD-3-Clause + * * FIPS 180-2 SHA-224/256/384/512 implementation * Last update: 02/02/2007 * Issue date: 04/30/2005 diff --git a/src/util.c b/src/util.c index a5eb220..908e3a2 100644 --- a/src/util.c +++ b/src/util.c @@ -1,3 +1,5 @@ +// SPDX-License-Identifier: BSD-3-Clause + #include #include #include diff --git a/src/util.h b/src/util.h index 9cd2bd4..8759cd0 100644 --- a/src/util.h +++ b/src/util.h @@ -1,5 +1,7 @@ -#ifndef UTIL_H -#define UTIL_H +// SPDX-License-Identifier: BSD-3-Clause + +#ifndef RANDOM_SEED_UTIL_H +#define RANDOM_SEED_UTIL_H #include #include diff --git a/systemd/random-seed-save.service.in b/systemd/random-seed-save.service.in new file mode 100644 index 0000000..e70192b --- /dev/null +++ b/systemd/random-seed-save.service.in @@ -0,0 +1,16 @@ +[Unit] +Description=Random seed save +RequiresMountsFor=@default_seed_path_dir@ +After=systemd-remount-fs.service + +[Service] +ExecStart=@sbindir@/random-seed save +CapabilityBoundingSet= +NoNewPrivileges=yes +PrivateDevices=yes +PrivateNetwork=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +LockPersonality=yes +TemporaryFileSystem=/:ro +BindPaths=@default_seed_path_dir@ diff --git a/systemd/random-seed-save.timer b/systemd/random-seed-save.timer new file mode 100644 index 0000000..f39227d --- /dev/null +++ b/systemd/random-seed-save.timer @@ -0,0 +1,11 @@ +[Unit] +Description=Random seed save timer +ConditionVirtualization=!container + +[Timer] +OnActiveSec=3h +OnUnitInactiveSec=3h +AccuracySec=2h + +[Install] +WantedBy=timers.target diff --git a/systemd/random-seed.service.in b/systemd/random-seed.service.in new file mode 100644 index 0000000..97bda54 --- /dev/null +++ b/systemd/random-seed.service.in @@ -0,0 +1,28 @@ +[Unit] +Description=Random seed load/save +Documentation=man:random-seed(8) man:random(4) +DefaultDependencies=no +RequiresMountsFor=@default_seed_path_dir@ +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=sysinit.target shutdown.target +ConditionVirtualization=!container + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@sbindir@/random-seed load +ExecStop=@sbindir@/random-seed save +CapabilityBoundingSet=CAP_SYS_ADMIN +NoNewPrivileges=yes +PrivateDevices=yes +PrivateNetwork=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +LockPersonality=yes +TemporaryFileSystem=/:ro +BindPaths=@default_seed_path_dir@ +TimeoutSec=30s + +[Install] +WantedBy=sysinit.target -- cgit v1.2.3-54-g00ecf