xserver: Branch 'master' - 4 commits
Keith Packard
keithp at kemper.freedesktop.org
Wed Oct 28 10:55:57 PDT 2009
configure.ac | 73 ++++++++++++++++++++++---------
include/Makefile.am | 3 -
include/dix-config.h.in | 5 +-
include/xsha1.h | 19 ++++++++
os/Makefile.am | 4 +
os/xsha1.c | 113 ++++++++++++++++++++++++++++++++++++++++++++++++
render/glyph.c | 36 +++------------
7 files changed, 202 insertions(+), 51 deletions(-)
New commits:
commit deb72fc61464250af8185dab2da8ee09f13c55d8
Merge: 55f4c80... a60e676...
Author: Keith Packard <keithp at keithp.com>
Date: Wed Oct 28 10:54:13 2009 -0700
Merge remote branch 'jcristau/sha1'
commit a60e676f1fd243c78859440b87652f523d3f2ec1
Author: Julien Cristau <jcristau at debian.org>
Date: Wed Oct 14 23:51:22 2009 +0200
Add libgcrypt as an option for SHA1
Signed-off-by: Julien Cristau <jcristau at debian.org>
Reviewed-by: Rémi Cardona <remi at gentoo.org>
diff --git a/configure.ac b/configure.ac
index 082f67d..9888528 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1282,7 +1282,7 @@ CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
# SHA1 hashing
AC_ARG_WITH([sha1],
- [AS_HELP_STRING([--with-sha1=libmd|libcrypto],
+ [AS_HELP_STRING([--with-sha1=libmd|libgcrypt|libcrypto],
[choose SHA1 implementation])])
AC_CHECK_LIB([md], [SHA1Init], [HAVE_LIBMD=yes])
if test "x$with_sha1" = x && test "x$HAVE_LIBMD" = xyes; then
@@ -1296,6 +1296,15 @@ if test "x$with_sha1" = xlibmd; then
[Use libmd SHA1 functions])
SHA1_LIBS=-lmd
fi
+AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes])
+if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then
+ with_sha1=libgcrypt
+fi
+if test "x$with_sha1" = xlibgcrypt; then
+ AC_DEFINE([HAVE_SHA1_IN_LIBGCRYPT], [1],
+ [Use libgcrypt SHA1 functions])
+ SHA1_LIBS=-lgcrypt
+fi
# We don't need all of the OpenSSL libraries, just libcrypto
AC_CHECK_LIB([crypto], [SHA1_Init], [HAVE_LIBCRYPTO=yes])
PKG_CHECK_MODULES([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes],
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index a19c3c7..7f1fb18 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -163,6 +163,9 @@
/* Define to use libmd SHA1 functions */
#undef HAVE_SHA1_IN_LIBMD
+/* Define to use libgcrypt SHA1 functions */
+#undef HAVE_SHA1_IN_LIBGCRYPT
+
/* Define to 1 if you have the `shmctl64' function. */
#undef HAVE_SHMCTL64
diff --git a/os/xsha1.c b/os/xsha1.c
index 2016980..723521e 100644
--- a/os/xsha1.c
+++ b/os/xsha1.c
@@ -33,6 +33,45 @@ int x_sha1_final(void *ctx, unsigned char result[20])
return 1;
}
+#elif defined(HAVE_SHA1_IN_LIBGCRYPT) /* Use libgcrypt for SHA1 */
+
+# include <gcrypt.h>
+
+void *x_sha1_init(void)
+{
+ static int init;
+ gcry_md_hd_t h;
+ gcry_error_t err;
+
+ if (!init) {
+ if (!gcry_check_version(NULL))
+ return NULL;
+ gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+ init = 1;
+ }
+
+ err = gcry_md_open(&h, GCRY_MD_SHA1, 0);
+ if (err)
+ return NULL;
+ return h;
+}
+
+int x_sha1_update(void *ctx, void *data, int size)
+{
+ gcry_md_hd_t h = ctx;
+ gcry_md_write(h, data, size);
+ return 1;
+}
+
+int x_sha1_final(void *ctx, unsigned char result[20])
+{
+ gcry_md_hd_t h = ctx;
+ memcpy(result, gcry_md_read(h, GCRY_MD_SHA1), 20);
+ gcry_md_close(h);
+ return 1;
+}
+
#else /* Use OpenSSL's libcrypto */
# include <stddef.h> /* buggy openssl/sha.h wants size_t */
commit d2a6a395435919aff8943285f9cbfe6569a9728f
Author: Julien Cristau <jcristau at debian.org>
Date: Wed Oct 14 23:30:55 2009 +0200
configure: add --with-sha1={libmd,libcrypto} option
Signed-off-by: Julien Cristau <jcristau at debian.org>
Reviewed-by: Rémi Cardona <remi at gentoo.org>
diff --git a/configure.ac b/configure.ac
index 1a8f97e..082f67d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1280,25 +1280,45 @@ MIEXT_SHADOW_INC='-I$(top_srcdir)/miext/shadow'
MIEXT_SHADOW_LIB='$(top_builddir)/miext/shadow/libshadow.la'
CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
-# OpenSSL used for SHA1 hashing in render/glyph.c, but we don't need all of
-# the OpenSSL libraries, just libcrypto
-# Some systems have matching functionality in the smaller/simpler libmd
-# Builders who want to force a choice can set SHA1_LIBS and SHA1_CFLAGS
-if test "x$SHA1_LIB" = "x" ; then
- AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIBS="-lmd"
- AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1],
- [Use libmd SHA1 functions instead of OpenSSL libcrypto])])
-fi
-
-if test "x$SHA1_LIB" = "x" ; then
- PKG_CHECK_EXISTS([openssl], [HAVE_OPENSSL_PKC=yes],
- [HAVE_OPENSSL_PKC=no])
- if test "x$HAVE_OPENSSL_PKC" = xyes; then
- PKG_CHECK_MODULES([SHA1], [openssl])
- else
- AC_CHECK_LIB([crypto], [SHA1_Init], [SHA1_LIBS="-lcrypto"],
- [AC_MSG_ERROR([OpenSSL must be installed in order to build the X server.])])
- fi
+# SHA1 hashing
+AC_ARG_WITH([sha1],
+ [AS_HELP_STRING([--with-sha1=libmd|libcrypto],
+ [choose SHA1 implementation])])
+AC_CHECK_LIB([md], [SHA1Init], [HAVE_LIBMD=yes])
+if test "x$with_sha1" = x && test "x$HAVE_LIBMD" = xyes; then
+ with_sha1=libmd
+fi
+if test "x$with_sha1" = xlibmd && test "x$HAVE_LIBMD" != xyes; then
+ AC_MSG_ERROR([libmd requested but not found])
+fi
+if test "x$with_sha1" = xlibmd; then
+ AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1],
+ [Use libmd SHA1 functions])
+ SHA1_LIBS=-lmd
+fi
+# We don't need all of the OpenSSL libraries, just libcrypto
+AC_CHECK_LIB([crypto], [SHA1_Init], [HAVE_LIBCRYPTO=yes])
+PKG_CHECK_MODULES([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes],
+ [HAVE_OPENSSL_PKC=no])
+if test "x$HAVE_LIBCRYPTO" = xyes || test "x$HAVE_OPENSSL_PKC" = xyes; then
+ if test "x$with_sha1" = x; then
+ with_sha1=libcrypto
+ fi
+else
+ if test "x$with_sha1" = xlibcrypto; then
+ AC_MSG_ERROR([OpenSSL libcrypto requested but not found])
+ fi
+fi
+if test "x$with_sha1" = xlibcrypto; then
+ if test "x$HAVE_LIBCRYPTO" = xyes; then
+ SHA1_LIBS=-lcrypto
+ else
+ SHA1_LIBS="$OPENSSL_LIBS"
+ SHA1_CFLAGS="$OPENSSL_CFLAGS"
+ fi
+fi
+if test "x$with_sha1" = x; then
+ AC_MSG_ERROR([No suitable SHA1 implementation found])
fi
AC_SUBST(SHA1_LIBS)
AC_SUBST(SHA1_CFLAGS)
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index 798d9e7..a19c3c7 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -160,7 +160,7 @@
/* Define to 1 if you have the <rpcsvc/dbm.h> header file. */
#undef HAVE_RPCSVC_DBM_H
-/* Define to use libmd SHA1 functions instead of OpenSSL libcrypto */
+/* Define to use libmd SHA1 functions */
#undef HAVE_SHA1_IN_LIBMD
/* Define to 1 if you have the `shmctl64' function. */
commit 55516094947dd78ad2734bb784a2fb109b64c990
Author: Julien Cristau <jcristau at debian.org>
Date: Wed Oct 14 23:20:44 2009 +0200
Move SHA1 computation from render/glyph.c to os/
Signed-off-by: Julien Cristau <jcristau at debian.org>
Reviewed-by: Rémi Cardona <remi at gentoo.org>
diff --git a/configure.ac b/configure.ac
index fa454fa..1a8f97e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1283,23 +1283,25 @@ CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
# OpenSSL used for SHA1 hashing in render/glyph.c, but we don't need all of
# the OpenSSL libraries, just libcrypto
# Some systems have matching functionality in the smaller/simpler libmd
-# Builders who want to force a choice can set SHA1_LIB and SHA1_CFLAGS
+# Builders who want to force a choice can set SHA1_LIBS and SHA1_CFLAGS
if test "x$SHA1_LIB" = "x" ; then
- AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIB="-lmd"
+ AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIBS="-lmd"
AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1],
[Use libmd SHA1 functions instead of OpenSSL libcrypto])])
fi
if test "x$SHA1_LIB" = "x" ; then
- PKG_CHECK_EXISTS([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes],
+ PKG_CHECK_EXISTS([openssl], [HAVE_OPENSSL_PKC=yes],
[HAVE_OPENSSL_PKC=no])
if test "x$HAVE_OPENSSL_PKC" = xyes; then
- REQUIRED_LIBS="$REQUIRED_LIBS openssl"
+ PKG_CHECK_MODULES([SHA1], [openssl])
else
- AC_CHECK_LIB([crypto], [SHA1_Init], [SHA1_LIB="-lcrypto"],
+ AC_CHECK_LIB([crypto], [SHA1_Init], [SHA1_LIBS="-lcrypto"],
[AC_MSG_ERROR([OpenSSL must be installed in order to build the X server.])])
fi
fi
+AC_SUBST(SHA1_LIBS)
+AC_SUBST(SHA1_CFLAGS)
PKG_CHECK_MODULES([XSERVERCFLAGS], [$REQUIRED_MODULES $REQUIRED_LIBS])
PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS])
@@ -1319,9 +1321,9 @@ PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS])
# XSERVER_SYS_LIBS is the set of out-of-tree libraries which all servers
# require.
#
-XSERVER_CFLAGS="${XSERVER_CFLAGS} ${XSERVERCFLAGS_CFLAGS} ${SHA1_CFLAGS}"
+XSERVER_CFLAGS="${XSERVER_CFLAGS} ${XSERVERCFLAGS_CFLAGS}"
XSERVER_LIBS="$DIX_LIB $CONFIG_LIB $MI_LIB $OS_LIB"
-XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS} ${SHA1_LIB}"
+XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS}"
AC_SUBST([XSERVER_LIBS])
AC_SUBST([XSERVER_SYS_LIBS])
diff --git a/include/Makefile.am b/include/Makefile.am
index aa5db7d..d684f9c 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -66,4 +66,5 @@ AM_CFLAGS = $(DIX_CFLAGS)
EXTRA_DIST = \
dix-config-apple-verbatim.h \
eventconvert.h eventstr.h \
- protocol-versions.h
+ protocol-versions.h \
+ xsha1.h
diff --git a/include/xsha1.h b/include/xsha1.h
new file mode 100644
index 0000000..aab7106
--- /dev/null
+++ b/include/xsha1.h
@@ -0,0 +1,19 @@
+#ifndef XSHA1_H
+#define XSHA1_H
+
+/* Initialize SHA1 computation. Returns NULL on error. */
+void *x_sha1_init(void);
+
+/*
+ * Add some data to be hashed. ctx is the value returned by x_sha1_init()
+ * Returns 0 on error, 1 on success.
+ */
+int x_sha1_update(void *ctx, void *data, int size);
+
+/*
+ * Place the hash in result, and free ctx.
+ * Returns 0 on error, 1 on success.
+ */
+int x_sha1_final(void *ctx, unsigned char result[20]);
+
+#endif
diff --git a/os/Makefile.am b/os/Makefile.am
index a7f34a5..9902f04 100644
--- a/os/Makefile.am
+++ b/os/Makefile.am
@@ -1,6 +1,6 @@
noinst_LTLIBRARIES = libos.la
-AM_CFLAGS = $(DIX_CFLAGS)
+AM_CFLAGS = $(DIX_CFLAGS) $(SHA1_CFLAGS)
SECURERPC_SRCS = rpcauth.c
XDMCP_SRCS = xdmcp.c
@@ -22,9 +22,11 @@ libos_la_SOURCES = \
strcasecmp.c \
strcasestr.c \
xdmauth.c \
+ xsha1.c \
xstrans.c \
xprintf.c \
$(XORG_SRCS)
+libos_la_LIBADD = @SHA1_LIBS@
if SECURE_RPC
libos_la_SOURCES += $(SECURERPC_SRCS)
diff --git a/os/xsha1.c b/os/xsha1.c
new file mode 100644
index 0000000..2016980
--- /dev/null
+++ b/os/xsha1.c
@@ -0,0 +1,74 @@
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#endif
+
+#include "os.h"
+#include "xsha1.h"
+
+#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
+
+# include <sha1.h>
+
+void *x_sha1_init(void)
+{
+ SHA1_CTX *ctx = xalloc(sizeof(*ctx));
+ if (!ctx)
+ return NULL;
+ SHA1Init(ctx);
+ return ctx;
+}
+
+int x_sha1_update(void *ctx, void *data, int size)
+{
+ SHA1_CTX *sha1_ctx = ctx;
+ SHA1Update(sha1_ctx, data, size);
+ return 1;
+}
+
+int x_sha1_final(void *ctx, unsigned char result[20])
+{
+ SHA1_CTX *sha1_ctx = ctx;
+ SHA1Final(result, sha1_ctx);
+ xfree(sha1_ctx);
+ return 1;
+}
+
+#else /* Use OpenSSL's libcrypto */
+
+# include <stddef.h> /* buggy openssl/sha.h wants size_t */
+# include <openssl/sha.h>
+
+void *x_sha1_init(void)
+{
+ int ret;
+ SHA_CTX *ctx = xalloc(sizeof(*ctx));
+ if (!ctx)
+ return NULL;
+ ret = SHA1_Init(ctx);
+ if (!ret) {
+ xfree(ctx);
+ return NULL;
+ }
+ return ctx;
+}
+
+int x_sha1_update(void *ctx, void *data, int size)
+{
+ int ret;
+ SHA_CTX *sha_ctx = ctx;
+ ret = SHA1_Update(sha_ctx, data, size);
+ if (!ret)
+ xfree(sha_ctx);
+ return ret;
+}
+
+int x_sha1_final(void *ctx, unsigned char result[20])
+{
+ int ret;
+ SHA_CTX *sha_ctx = ctx;
+ ret = SHA1_Final(result, sha_ctx);
+ xfree(sha_ctx);
+ return ret;
+}
+
+#endif
diff --git a/render/glyph.c b/render/glyph.c
index 7fcdfd9..0b864ad 100644
--- a/render/glyph.c
+++ b/render/glyph.c
@@ -26,12 +26,7 @@
#include <dix-config.h>
#endif
-#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
-# include <sha1.h>
-#else /* Use OpenSSL's libcrypto */
-# include <stddef.h> /* buggy openssl/sha.h wants size_t */
-# include <openssl/sha.h>
-#endif
+#include "xsha1.h"
#include "misc.h"
#include "scrnintstr.h"
@@ -198,34 +193,21 @@ HashGlyph (xGlyphInfo *gi,
unsigned long size,
unsigned char sha1[20])
{
-#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
- SHA1_CTX ctx;
-
- SHA1Init (&ctx);
- SHA1Update (&ctx, gi, sizeof (xGlyphInfo));
- SHA1Update (&ctx, bits, size);
- SHA1Final (sha1, &ctx);
-#else /* Use OpenSSL's libcrypto */
- SHA_CTX ctx;
+ void *ctx = x_sha1_init();
int success;
- success = SHA1_Init (&ctx);
- if (! success)
+ if (!ctx)
return BadAlloc;
- success = SHA1_Update (&ctx, gi, sizeof (xGlyphInfo));
- if (! success)
+ success = x_sha1_update(ctx, gi, sizeof(xGlyphInfo));
+ if (!success)
return BadAlloc;
-
- success = SHA1_Update (&ctx, bits, size);
- if (! success)
+ success = x_sha1_update(ctx, bits, size);
+ if (!success)
return BadAlloc;
-
- success = SHA1_Final (sha1, &ctx);
- if (! success)
+ success = x_sha1_final(ctx, sha1);
+ if (!success)
return BadAlloc;
-#endif
-
return Success;
}
More information about the xorg-commit
mailing list