From nobody Sat Oct 04 08:54:40 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cdzqh6Fsyz6B714; Sat, 04 Oct 2025 08:54:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cdzqh5Q5cz3Jb9; Sat, 04 Oct 2025 08:54:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759568080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CMCR1Gy8VC2OL/kx+WO4wE3z81dEU4D12GfNSz63IMc=; b=o7Z/hdd+3I4ypB83UW4XPvF2EQ1p0Sqfo5cwtiJ6bthWlTfiX+zI5rtuU52z1eIPDTQnQR NNznISIk6ZYfCv8CfXO2QG1C7tMOJvvjP5ROGnlr7Y52FgUWoQ8IrVu95DDD7J03lAwA+6 1fqjFKkLAk1fS7D7caT4Q7q/ukFt1L1yMiepaI8Z0lM6HoVdCy6hwM8GpFgkGIowWz922j YGMrXEk36NjSFh+tXTFQupDi8ieWi2YMYMd+RyaPYr4OwtbRU4CSV1nDpCtHL1L89mKB6a f7QhbA+QWegscNuaChY/4npUFd7+QwzUKP0b3sqYeUQS2rgjKdq/Yv57YcFxYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759568080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CMCR1Gy8VC2OL/kx+WO4wE3z81dEU4D12GfNSz63IMc=; b=cueF1yiGQVkKfaEvIaMZoEJQEhJ73EPHT01m3M5W9npIpjs+/Lk1QBDGJis+Av8J1CCLy3 7x0AXBnPiiSUV5Egg90wYb/4ozWvaRyCmRelXJeP6jhytZDZZgGh/8lNO+rqqd3jT/G9cW qgSobMnA52N0ZbnH2/wHdTD0FPcM9UhSfaYllVW+q5pe9jozbA3Qh5I2LNChfM9/0e90Ax fP0cRHVjrkfc6JNDkYaFWM9gIyXp3DTD+Bn/E2+tqgKGkTT1ymd3aXn+A/IS7Y3DfFa7Ki vZBEnVXOLKySbZDVylhI/WBD5ljbRQlEyeK84Mn+5rhhYHaoRMm0NITVlT97Zg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1759568080; a=rsa-sha256; cv=none; b=xapPkunj3T02FrPe0km0YnjxhnRfRYwuldMAozthyyg+5UXmxZkrEE0JCm2mZfy9MXONyj Onb4pKsK6P4mqVrrLNmYabB8uQGb7wUIYh+uYFfSW3OSuywFdgeDW/2mS6/BMbHJ2rNPVV cT3TZETAoUIZJ/L+g2YGH25R0E34dUOKW6of72vgUle2DJyd7jSl/g6VMvax7DzKwlGU50 9Cw/c6AnomEVIiHWv4HDlR9RRQUfXid/BH7dwkIjJw3nNpb5FWU4dBqdd8cPsC9a9oXE4K AYC1ztp5Kb4GvdEqStD9SA91K3CUhe6RMkwaRZ29Y4KvFL77bJA8N7jKqqH3Cw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cdzqh51H3zbdb; Sat, 04 Oct 2025 08:54:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5948seh2074037; Sat, 4 Oct 2025 08:54:40 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5948seuR074034; Sat, 4 Oct 2025 08:54:40 GMT (envelope-from git) Date: Sat, 4 Oct 2025 08:54:40 GMT Message-Id: <202510040854.5948seuR074034@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Robert Clausecker Subject: git: d518f64cef6d - main - libc/resolv: get rid of MD5 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: fuz X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d518f64cef6db1d301377e78742b94ca96a881e3 Auto-Submitted: auto-generated The branch main has been updated by fuz: URL: https://cgit.FreeBSD.org/src/commit/?id=d518f64cef6db1d301377e78742b94ca96a881e3 commit d518f64cef6db1d301377e78742b94ca96a881e3 Author: Robert Clausecker AuthorDate: 2025-09-29 13:53:14 +0000 Commit: Robert Clausecker CommitDate: 2025-10-04 08:50:02 +0000 libc/resolv: get rid of MD5 MD5 is used by libc/resolv to generate a random sequence id from a current time stamp. Replace this convoluted mechanism with a call to arc4random(). This permits us to entirely drop MD5 from libc, simplifying the MD5 rework proposed in D45670. Approved by: markj Reviewed by: kevans, markj See also: D45670 Event: EuroBSDcon 2025 Differential Revision: https://reviews.freebsd.org/D52784 --- include/resolv.h | 4 +-- lib/libc/Makefile | 1 - lib/libc/include/port_before.h | 1 - lib/libc/md/Makefile.inc | 3 --- lib/libc/resolv/Symbol.map | 1 - lib/libc/resolv/res_init.c | 61 +++++------------------------------------- 6 files changed, 7 insertions(+), 64 deletions(-) diff --git a/include/resolv.h b/include/resolv.h index f32f52bab431..6ef79601b5f8 100644 --- a/include/resolv.h +++ b/include/resolv.h @@ -188,7 +188,7 @@ struct __res_state { struct __res_state_ext *ext; /*%< extension for IPv6 */ } _ext; } _u; - u_char *_rnd; /*%< PRIVATE: random state */ + u_char *_rnd; /*%< PRIVATE: random state (unused) */ }; typedef struct __res_state *res_state; @@ -380,7 +380,6 @@ extern const struct res_sym __p_rcode_syms[]; #define res_nisourserver __res_nisourserver #define res_ownok __res_ownok #define res_queriesmatch __res_queriesmatch -#define res_rndinit __res_rndinit #define res_randomid __res_randomid #define res_nrandomid __res_nrandomid #define sym_ntop __sym_ntop @@ -445,7 +444,6 @@ int dn_count_labels(const char *); int dn_comp(const char *, u_char *, int, u_char **, u_char **); int dn_expand(const u_char *, const u_char *, const u_char *, char *, int); -void res_rndinit(res_state); u_int res_randomid(void); u_int res_nrandomid(res_state); int res_nameinquery(const char *, int, int, const u_char *, diff --git a/lib/libc/Makefile b/lib/libc/Makefile index d0c254e33396..8705568f6d34 100644 --- a/lib/libc/Makefile +++ b/lib/libc/Makefile @@ -109,7 +109,6 @@ NOASM= .include "${LIBC_SRCTOP}/inet/Makefile.inc" .include "${LIBC_SRCTOP}/isc/Makefile.inc" .include "${LIBC_SRCTOP}/locale/Makefile.inc" -.include "${LIBC_SRCTOP}/md/Makefile.inc" .include "${LIBC_SRCTOP}/nameser/Makefile.inc" .include "${LIBC_SRCTOP}/net/Makefile.inc" .include "${LIBC_SRCTOP}/nls/Makefile.inc" diff --git a/lib/libc/include/port_before.h b/lib/libc/include/port_before.h index cfc43c53f157..aa2cd394104a 100644 --- a/lib/libc/include/port_before.h +++ b/lib/libc/include/port_before.h @@ -5,7 +5,6 @@ #define _LIBC 1 #define DO_PTHREADS 1 #define USE_POLL 1 -#define HAVE_MD5 1 #define ISC_SOCKLEN_T socklen_t #define ISC_FORMAT_PRINTF(fmt, args) \ diff --git a/lib/libc/md/Makefile.inc b/lib/libc/md/Makefile.inc deleted file mode 100644 index 82c5f0670485..000000000000 --- a/lib/libc/md/Makefile.inc +++ /dev/null @@ -1,3 +0,0 @@ -.PATH: ${SRCTOP}/sys/kern - -SRCS+= md5c.c diff --git a/lib/libc/resolv/Symbol.map b/lib/libc/resolv/Symbol.map index 6b9c43298fb5..26daecbe2eff 100644 --- a/lib/libc/resolv/Symbol.map +++ b/lib/libc/resolv/Symbol.map @@ -103,6 +103,5 @@ FBSD_1.0 { }; FBSD_1.4 { - __res_rndinit; __res_nrandomid; }; diff --git a/lib/libc/resolv/res_init.c b/lib/libc/resolv/res_init.c index 71ab2dcb7038..5a2fce013c8c 100644 --- a/lib/libc/resolv/res_init.c +++ b/lib/libc/resolv/res_init.c @@ -86,19 +86,6 @@ #include #include -#ifndef HAVE_MD5 -# include "../dst/md5.h" -#else -# ifdef SOLARIS2 -# include -# elif _LIBC -# include -# endif -#endif -#ifndef _MD5_H_ -# define _MD5_H_ 1 /*%< make sure we do not include rsaref md5.h file */ -#endif - #include "un-namespace.h" #include "port_after.h" @@ -184,8 +171,6 @@ __res_vinit(res_state statp, int preinit) { statp->options = RES_DEFAULT; } - statp->_rnd = malloc(16); - res_rndinit(statp); statp->id = res_nrandomid(statp); memset(u, 0, sizeof(u)); @@ -733,48 +718,18 @@ net_mask(struct in_addr in) /*!< XXX - should really use system's version of th } #endif -static u_char srnd[16]; - void -res_rndinit(res_state statp) +freebsd15_res_rndinit(res_state statp) { - struct timeval now; - u_int32_t u32; - u_int16_t u16; - u_char *rnd = statp->_rnd == NULL ? srnd : statp->_rnd; - - gettimeofday(&now, NULL); - u32 = now.tv_sec; - memcpy(rnd, &u32, 4); - u32 = now.tv_usec; - memcpy(rnd + 4, &u32, 4); - u32 += now.tv_sec; - memcpy(rnd + 8, &u32, 4); - u16 = getpid(); - memcpy(rnd + 12, &u16, 2); + (void)statp; } +__sym_compat(__res_rndinit, freebsd15_res_rndinit, FBSD_1.4); u_int res_nrandomid(res_state statp) { - struct timeval now; - u_int16_t u16; - MD5_CTX ctx; - u_char *rnd = statp->_rnd == NULL ? srnd : statp->_rnd; - - gettimeofday(&now, NULL); - u16 = (u_int16_t) (now.tv_sec ^ now.tv_usec); - memcpy(rnd + 14, &u16, 2); -#ifndef HAVE_MD5 - MD5_Init(&ctx); - MD5_Update(&ctx, rnd, 16); - MD5_Final(rnd, &ctx); -#else - MD5Init(&ctx); - MD5Update(&ctx, rnd, 16); - MD5Final(rnd, &ctx); -#endif - memcpy(&u16, rnd + 14, 2); - return ((u_int) u16); + (void) statp; + + return ((u_int)(arc4random() & 0xffff)); } /*% @@ -808,10 +763,6 @@ res_ndestroy(res_state statp) { free(statp->_u._ext.ext); statp->_u._ext.ext = NULL; } - if (statp->_rnd != NULL) { - free(statp->_rnd); - statp->_rnd = NULL; - } statp->options &= ~RES_INIT; }