mirror of
https://github.com/moparisthebest/pacman
synced 2024-12-22 07:48:50 -05:00
Allow replacing libcrypto with libnettle in pacman
Add a --with-nettle configure option that directs pacman to use the libnettle hashing functions. Only one of the --with-libssl and --with-nettle configure options can be specified. [Allan: rewrote configure check] Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
parent
1f8f0bd9ac
commit
603f087cd7
32
configure.ac
32
configure.ac
@ -120,10 +120,11 @@ AC_ARG_WITH(ldconfig,
|
|||||||
[set the full path to ldconfig]),
|
[set the full path to ldconfig]),
|
||||||
[LDCONFIG=$withval], [LDCONFIG=/sbin/ldconfig])
|
[LDCONFIG=$withval], [LDCONFIG=/sbin/ldconfig])
|
||||||
|
|
||||||
# Help line for using OpenSSL
|
# Help line for selecting a crypto library
|
||||||
AC_ARG_WITH(openssl,
|
AC_ARG_WITH(crypto,
|
||||||
AS_HELP_STRING([--with-openssl], [use OpenSSL crypto implementations instead of internal routines]),
|
AS_HELP_STRING([--with-crypto={openssl|nettle}],
|
||||||
[], [with_openssl=check])
|
[select crypto implementation @<:@default=openssl@:>@]),
|
||||||
|
[with_crypto=$withval], [with_crypto=openssl])
|
||||||
|
|
||||||
# Help line for using gpgme
|
# Help line for using gpgme
|
||||||
AC_ARG_WITH(gpgme,
|
AC_ARG_WITH(gpgme,
|
||||||
@ -220,19 +221,25 @@ PKG_CHECK_MODULES(LIBARCHIVE, [libarchive >= 2.8.0], ,
|
|||||||
|
|
||||||
# Check for OpenSSL
|
# Check for OpenSSL
|
||||||
have_openssl=no
|
have_openssl=no
|
||||||
if test "x$with_openssl" != "xno"; then
|
have_nettle=no
|
||||||
|
if test "x$with_crypto" == "xnettle"; then
|
||||||
|
PKG_CHECK_MODULES(NETTLE, [nettle],
|
||||||
|
[AC_DEFINE(HAVE_LIBNETTLE, 1, [Define whether to use nettle]) have_nettle=yes], have_nettle=no)
|
||||||
|
if test "x$have_nettle" = xno -a "x$with_crypto" = xnettle; then
|
||||||
|
AC_MSG_ERROR([*** nettle support requested but libraries not found])
|
||||||
|
fi
|
||||||
|
else if test "x$with_crypto" == "xopenssl"; then
|
||||||
PKG_CHECK_MODULES(LIBSSL, [libcrypto],
|
PKG_CHECK_MODULES(LIBSSL, [libcrypto],
|
||||||
[AC_DEFINE(HAVE_LIBSSL, 1, [Define if libcrypto is available]) have_openssl=yes], have_openssl=no)
|
[AC_DEFINE(HAVE_LIBSSL, 1, [Define if libcrypto is available]) have_openssl=yes], have_openssl=no)
|
||||||
if test "x$have_openssl" = xno -a "x$with_openssl" = xyes; then
|
if test "x$have_openssl" = xno; then
|
||||||
AC_MSG_ERROR([*** openssl support requested but libraries not found])
|
AC_MSG_ERROR([*** openssl support requested but libraries not found])
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
AC_MSG_ERROR([*** unknown crypto support library requested - $with_crypto])
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
AM_CONDITIONAL(HAVE_LIBSSL, [test "$have_openssl" = "yes"])
|
AM_CONDITIONAL(HAVE_LIBSSL, [test "$have_openssl" = "yes"])
|
||||||
|
AM_CONDITIONAL(HAVE_LIBNETTLE, [test "$have_nettle" = "yes"])
|
||||||
# Ensure one library for generating checksums is present
|
|
||||||
if test "$have_openssl" != "yes"; then
|
|
||||||
AC_MSG_ERROR([*** no library for checksum generation found])
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check for libcurl
|
# Check for libcurl
|
||||||
have_libcurl=no
|
have_libcurl=no
|
||||||
@ -542,7 +549,7 @@ ${PACKAGE_NAME}:
|
|||||||
compiler : ${CC}
|
compiler : ${CC}
|
||||||
preprocessor flags : ${CPPFLAGS}
|
preprocessor flags : ${CPPFLAGS}
|
||||||
compiler flags : ${WARNING_CFLAGS} ${CFLAGS}
|
compiler flags : ${WARNING_CFLAGS} ${CFLAGS}
|
||||||
library flags : ${LIBS} ${LIBSSL_LIBS} ${LIBARCHIVE_LIBS} ${LIBCURL_LIBS} ${GPGME_LIBS}
|
library flags : ${LIBS} ${LIBSSL_LIBS} ${NETTLE_LIBS} ${LIBARCHIVE_LIBS} ${LIBCURL_LIBS} ${GPGME_LIBS}
|
||||||
linker flags : ${LDFLAGS}
|
linker flags : ${LDFLAGS}
|
||||||
|
|
||||||
Architecture : ${CARCH}
|
Architecture : ${CARCH}
|
||||||
@ -569,6 +576,7 @@ ${PACKAGE_NAME}:
|
|||||||
Use libcurl : ${have_libcurl}
|
Use libcurl : ${have_libcurl}
|
||||||
Use GPGME : ${have_gpgme}
|
Use GPGME : ${have_gpgme}
|
||||||
Use OpenSSL : ${have_openssl}
|
Use OpenSSL : ${have_openssl}
|
||||||
|
Use nettle : ${have_nettle}
|
||||||
Run make in doc/ dir : ${wantdoc} ${asciidoc}
|
Run make in doc/ dir : ${wantdoc} ${asciidoc}
|
||||||
Doxygen support : ${usedoxygen}
|
Doxygen support : ${usedoxygen}
|
||||||
debug support : ${debug}
|
debug support : ${debug}
|
||||||
|
@ -65,13 +65,15 @@ libalpm_la_CFLAGS = \
|
|||||||
$(GPGME_CFLAGS) \
|
$(GPGME_CFLAGS) \
|
||||||
$(LIBARCHIVE_CFLAGS) \
|
$(LIBARCHIVE_CFLAGS) \
|
||||||
$(LIBCURL_CFLAGS) \
|
$(LIBCURL_CFLAGS) \
|
||||||
$(LIBSSL_CFLAGS)
|
$(LIBSSL_CFLAGS) \
|
||||||
|
$(NETTLE_CFLAGS)
|
||||||
|
|
||||||
libalpm_la_LIBADD = \
|
libalpm_la_LIBADD = \
|
||||||
$(LTLIBINTL) \
|
$(LTLIBINTL) \
|
||||||
$(GPGME_LIBS) \
|
$(GPGME_LIBS) \
|
||||||
$(LIBARCHIVE_LIBS) \
|
$(LIBARCHIVE_LIBS) \
|
||||||
$(LIBCURL_LIBS) \
|
$(LIBCURL_LIBS) \
|
||||||
$(LIBSSL_LIBS)
|
$(LIBSSL_LIBS) \
|
||||||
|
$(NETTLE_LIBS)
|
||||||
|
|
||||||
# vim:set noet:
|
# vim:set noet:
|
||||||
|
@ -9,4 +9,4 @@ URL: http://www.archlinux.org/pacman/
|
|||||||
Version: @LIB_VERSION@
|
Version: @LIB_VERSION@
|
||||||
Cflags: -I${includedir} @LFS_CFLAGS@
|
Cflags: -I${includedir} @LFS_CFLAGS@
|
||||||
Libs: -L${libdir} -lalpm
|
Libs: -L${libdir} -lalpm
|
||||||
Libs.private: @LIBS@ @LIBARCHIVE_LIBS@ @LIBSSL_LIBS@ @LIBCURL_LIBS@ @GPGME_LIBS@
|
Libs.private: @LIBS@ @LIBARCHIVE_LIBS@ @LIBSSL_LIBS@ @NETTLE_LIBS@ @LIBCURL_LIBS@ @GPGME_LIBS@
|
||||||
|
@ -42,6 +42,11 @@
|
|||||||
#include <openssl/sha.h>
|
#include <openssl/sha.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef HAVE_LIBNETTLE
|
||||||
|
#include <nettle/md5.h>
|
||||||
|
#include <nettle/sha2.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
/* libalpm */
|
/* libalpm */
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
@ -856,7 +861,7 @@ const char *_alpm_filecache_setup(alpm_handle_t *handle)
|
|||||||
return cachedir;
|
return cachedir;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_LIBSSL
|
#if defined HAVE_LIBSSL || defined HAVE_LIBNETTLE
|
||||||
/** Compute the MD5 message digest of a file.
|
/** Compute the MD5 message digest of a file.
|
||||||
* @param path file path of file to compute MD5 digest of
|
* @param path file path of file to compute MD5 digest of
|
||||||
* @param output string to hold computed MD5 digest
|
* @param output string to hold computed MD5 digest
|
||||||
@ -864,7 +869,11 @@ const char *_alpm_filecache_setup(alpm_handle_t *handle)
|
|||||||
*/
|
*/
|
||||||
static int md5_file(const char *path, unsigned char output[16])
|
static int md5_file(const char *path, unsigned char output[16])
|
||||||
{
|
{
|
||||||
|
#if HAVE_LIBSSL
|
||||||
MD5_CTX ctx;
|
MD5_CTX ctx;
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
struct md5_ctx ctx;
|
||||||
|
#endif
|
||||||
unsigned char *buf;
|
unsigned char *buf;
|
||||||
ssize_t n;
|
ssize_t n;
|
||||||
int fd;
|
int fd;
|
||||||
@ -877,13 +886,21 @@ static int md5_file(const char *path, unsigned char output[16])
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if HAVE_LIBSSL
|
||||||
MD5_Init(&ctx);
|
MD5_Init(&ctx);
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
md5_init(&ctx);
|
||||||
|
#endif
|
||||||
|
|
||||||
while((n = read(fd, buf, ALPM_BUFFER_SIZE)) > 0 || errno == EINTR) {
|
while((n = read(fd, buf, ALPM_BUFFER_SIZE)) > 0 || errno == EINTR) {
|
||||||
if(n < 0) {
|
if(n < 0) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
#if HAVE_LIBSSL
|
||||||
MD5_Update(&ctx, buf, n);
|
MD5_Update(&ctx, buf, n);
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
md5_update(&ctx, n, buf);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
close(fd);
|
close(fd);
|
||||||
@ -893,7 +910,11 @@ static int md5_file(const char *path, unsigned char output[16])
|
|||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if HAVE_LIBSSL
|
||||||
MD5_Final(output, &ctx);
|
MD5_Final(output, &ctx);
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
md5_digest(&ctx, MD5_DIGEST_SIZE, output);
|
||||||
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -904,7 +925,11 @@ static int md5_file(const char *path, unsigned char output[16])
|
|||||||
*/
|
*/
|
||||||
static int sha256_file(const char *path, unsigned char output[32])
|
static int sha256_file(const char *path, unsigned char output[32])
|
||||||
{
|
{
|
||||||
|
#if HAVE_LIBSSL
|
||||||
SHA256_CTX ctx;
|
SHA256_CTX ctx;
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
struct sha256_ctx ctx;
|
||||||
|
#endif
|
||||||
unsigned char *buf;
|
unsigned char *buf;
|
||||||
ssize_t n;
|
ssize_t n;
|
||||||
int fd;
|
int fd;
|
||||||
@ -917,13 +942,21 @@ static int sha256_file(const char *path, unsigned char output[32])
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if HAVE_LIBSSL
|
||||||
SHA256_Init(&ctx);
|
SHA256_Init(&ctx);
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
sha256_init(&ctx);
|
||||||
|
#endif
|
||||||
|
|
||||||
while((n = read(fd, buf, ALPM_BUFFER_SIZE)) > 0 || errno == EINTR) {
|
while((n = read(fd, buf, ALPM_BUFFER_SIZE)) > 0 || errno == EINTR) {
|
||||||
if(n < 0) {
|
if(n < 0) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
#if HAVE_LIBSSL
|
||||||
SHA256_Update(&ctx, buf, n);
|
SHA256_Update(&ctx, buf, n);
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
sha256_update(&ctx, n, buf);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
close(fd);
|
close(fd);
|
||||||
@ -933,10 +966,14 @@ static int sha256_file(const char *path, unsigned char output[32])
|
|||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if HAVE_LIBSSL
|
||||||
SHA256_Final(output, &ctx);
|
SHA256_Final(output, &ctx);
|
||||||
|
#else /* HAVE_LIBNETTLE */
|
||||||
|
sha256_digest(&ctx, SHA256_DIGEST_SIZE, output);
|
||||||
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif
|
#endif /* HAVE_LIBSSL || HAVE_LIBNETTLE */
|
||||||
|
|
||||||
/** Create a string representing bytes in hexadecimal.
|
/** Create a string representing bytes in hexadecimal.
|
||||||
* @param bytes the bytes to represent in hexadecimal
|
* @param bytes the bytes to represent in hexadecimal
|
||||||
|
Loading…
Reference in New Issue
Block a user