frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

os: Add libnettle as a choice of SHA1 implementation 

libnettle is smaller than libgcrypt, currently being released more
frequently, and has replaced the latter in gnutls-3.x (which is used
by TigerVNC, so they can avoid pulling in two crypto libraries
simultaneously).

Signed-off-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
This commit is contained in:
Yaakov Selkowitz 2012-10-29 22:37:37 -05:00
parent 2ff56033de
commit 54ba26cb1f
3 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
configure.ac
View File

@ -1360,7 +1360,7 @@ CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
# SHA1 hashing # SHA1 hashing
AC_ARG_WITH([sha1], AC_ARG_WITH([sha1],
[AS_HELP_STRING([--with-sha1=libc|libmd|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI], [AS_HELP_STRING([--with-sha1=libc|libmd|libnettle|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI],
[choose SHA1 implementation])]) [choose SHA1 implementation])])
AC_CHECK_FUNC([SHA1Init], [HAVE_SHA1_IN_LIBC=yes]) AC_CHECK_FUNC([SHA1Init], [HAVE_SHA1_IN_LIBC=yes])
if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_LIBC" = xyes; then if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_LIBC" = xyes; then
@ -1423,6 +1423,18 @@ if test "x$with_sha1" = xlibsha1; then
[Use libsha1 for SHA1]) [Use libsha1 for SHA1])
SHA1_LIBS=-lsha1 SHA1_LIBS=-lsha1
fi fi
AC_CHECK_LIB([nettle], [nettle_sha1_init], [HAVE_LIBNETTLE=yes])
if test "x$with_sha1" = x && test "x$HAVE_LIBNETTLE" = xyes; then
with_sha1=libnettle
fi
if test "x$with_sha1" = xlibnettle && test "x$HAVE_LIBNETTLE" != xyes; then
AC_MSG_ERROR([libnettle requested but not found])
fi
if test "x$with_sha1" = xlibnettle; then
AC_DEFINE([HAVE_SHA1_IN_LIBNETTLE], [1],
[Use libnettle SHA1 functions])
SHA1_LIBS=-lnettle
fi
AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes]) AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes])
if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then
with_sha1=libgcrypt with_sha1=libgcrypt

3
include/dix-config.h.in
View File

@ -157,6 +157,9 @@
/* Define to use libgcrypt SHA1 functions */ /* Define to use libgcrypt SHA1 functions */
#undef HAVE_SHA1_IN_LIBGCRYPT #undef HAVE_SHA1_IN_LIBGCRYPT
/* Define to use libnettle SHA1 functions */
#undef HAVE_SHA1_IN_LIBNETTLE
/* Define to use libsha1 for SHA1 */ /* Define to use libsha1 for SHA1 */
#undef HAVE_SHA1_IN_LIBSHA1 #undef HAVE_SHA1_IN_LIBSHA1

30
os/xsha1.c
View File

@ -116,6 +116,36 @@ x_sha1_final(void *ctx, unsigned char result[20])
return 1; return 1;
} }
#elif defined(HAVE_SHA1_IN_LIBNETTLE) /* Use libnettle for SHA1 */
#include <nettle/sha.h>
void *
x_sha1_init(void)
{
struct sha1_ctx *ctx = malloc(sizeof(*ctx));
if (!ctx)
return NULL;
sha1_init(ctx);
return ctx;
}
int
x_sha1_update(void *ctx, void *data, int size)
{
sha1_update(ctx, size, data);
return 1;
}
int
x_sha1_final(void *ctx, unsigned char result[20])
{
sha1_digest(ctx, 20, result);
free(ctx);
return 1;
}
#elif defined(HAVE_SHA1_IN_LIBGCRYPT) /* Use libgcrypt for SHA1 */ #elif defined(HAVE_SHA1_IN_LIBGCRYPT) /* Use libgcrypt for SHA1 */
#include <gcrypt.h> #include <gcrypt.h>