diff --git a/configure.ac b/configure.ac index fa454faca..1a8f97e19 100644 --- a/configure.ac +++ b/configure.ac @@ -1283,23 +1283,25 @@ CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include' # OpenSSL used for SHA1 hashing in render/glyph.c, but we don't need all of # the OpenSSL libraries, just libcrypto # Some systems have matching functionality in the smaller/simpler libmd -# Builders who want to force a choice can set SHA1_LIB and SHA1_CFLAGS +# Builders who want to force a choice can set SHA1_LIBS and SHA1_CFLAGS if test "x$SHA1_LIB" = "x" ; then - AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIB="-lmd" + AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIBS="-lmd" AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1], [Use libmd SHA1 functions instead of OpenSSL libcrypto])]) fi if test "x$SHA1_LIB" = "x" ; then - PKG_CHECK_EXISTS([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes], + PKG_CHECK_EXISTS([openssl], [HAVE_OPENSSL_PKC=yes], [HAVE_OPENSSL_PKC=no]) if test "x$HAVE_OPENSSL_PKC" = xyes; then - REQUIRED_LIBS="$REQUIRED_LIBS openssl" + PKG_CHECK_MODULES([SHA1], [openssl]) else - AC_CHECK_LIB([crypto], [SHA1_Init], [SHA1_LIB="-lcrypto"], + AC_CHECK_LIB([crypto], [SHA1_Init], [SHA1_LIBS="-lcrypto"], [AC_MSG_ERROR([OpenSSL must be installed in order to build the X server.])]) fi fi +AC_SUBST(SHA1_LIBS) +AC_SUBST(SHA1_CFLAGS) PKG_CHECK_MODULES([XSERVERCFLAGS], [$REQUIRED_MODULES $REQUIRED_LIBS]) PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS]) @@ -1319,9 +1321,9 @@ PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS]) # XSERVER_SYS_LIBS is the set of out-of-tree libraries which all servers # require. # -XSERVER_CFLAGS="${XSERVER_CFLAGS} ${XSERVERCFLAGS_CFLAGS} ${SHA1_CFLAGS}" +XSERVER_CFLAGS="${XSERVER_CFLAGS} ${XSERVERCFLAGS_CFLAGS}" XSERVER_LIBS="$DIX_LIB $CONFIG_LIB $MI_LIB $OS_LIB" -XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS} ${SHA1_LIB}" +XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS}" AC_SUBST([XSERVER_LIBS]) AC_SUBST([XSERVER_SYS_LIBS]) diff --git a/include/Makefile.am b/include/Makefile.am index aa5db7d5f..d684f9c2b 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -66,4 +66,5 @@ AM_CFLAGS = $(DIX_CFLAGS) EXTRA_DIST = \ dix-config-apple-verbatim.h \ eventconvert.h eventstr.h \ - protocol-versions.h + protocol-versions.h \ + xsha1.h diff --git a/include/xsha1.h b/include/xsha1.h new file mode 100644 index 000000000..aab71067a --- /dev/null +++ b/include/xsha1.h @@ -0,0 +1,19 @@ +#ifndef XSHA1_H +#define XSHA1_H + +/* Initialize SHA1 computation. Returns NULL on error. */ +void *x_sha1_init(void); + +/* + * Add some data to be hashed. ctx is the value returned by x_sha1_init() + * Returns 0 on error, 1 on success. + */ +int x_sha1_update(void *ctx, void *data, int size); + +/* + * Place the hash in result, and free ctx. + * Returns 0 on error, 1 on success. + */ +int x_sha1_final(void *ctx, unsigned char result[20]); + +#endif diff --git a/os/Makefile.am b/os/Makefile.am index a7f34a5b8..9902f045c 100644 --- a/os/Makefile.am +++ b/os/Makefile.am @@ -1,6 +1,6 @@ noinst_LTLIBRARIES = libos.la -AM_CFLAGS = $(DIX_CFLAGS) +AM_CFLAGS = $(DIX_CFLAGS) $(SHA1_CFLAGS) SECURERPC_SRCS = rpcauth.c XDMCP_SRCS = xdmcp.c @@ -22,9 +22,11 @@ libos_la_SOURCES = \ strcasecmp.c \ strcasestr.c \ xdmauth.c \ + xsha1.c \ xstrans.c \ xprintf.c \ $(XORG_SRCS) +libos_la_LIBADD = @SHA1_LIBS@ if SECURE_RPC libos_la_SOURCES += $(SECURERPC_SRCS) diff --git a/os/xsha1.c b/os/xsha1.c new file mode 100644 index 000000000..20169807e --- /dev/null +++ b/os/xsha1.c @@ -0,0 +1,74 @@ +#ifdef HAVE_DIX_CONFIG_H +#include +#endif + +#include "os.h" +#include "xsha1.h" + +#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */ + +# include + +void *x_sha1_init(void) +{ + SHA1_CTX *ctx = xalloc(sizeof(*ctx)); + if (!ctx) + return NULL; + SHA1Init(ctx); + return ctx; +} + +int x_sha1_update(void *ctx, void *data, int size) +{ + SHA1_CTX *sha1_ctx = ctx; + SHA1Update(sha1_ctx, data, size); + return 1; +} + +int x_sha1_final(void *ctx, unsigned char result[20]) +{ + SHA1_CTX *sha1_ctx = ctx; + SHA1Final(result, sha1_ctx); + xfree(sha1_ctx); + return 1; +} + +#else /* Use OpenSSL's libcrypto */ + +# include /* buggy openssl/sha.h wants size_t */ +# include + +void *x_sha1_init(void) +{ + int ret; + SHA_CTX *ctx = xalloc(sizeof(*ctx)); + if (!ctx) + return NULL; + ret = SHA1_Init(ctx); + if (!ret) { + xfree(ctx); + return NULL; + } + return ctx; +} + +int x_sha1_update(void *ctx, void *data, int size) +{ + int ret; + SHA_CTX *sha_ctx = ctx; + ret = SHA1_Update(sha_ctx, data, size); + if (!ret) + xfree(sha_ctx); + return ret; +} + +int x_sha1_final(void *ctx, unsigned char result[20]) +{ + int ret; + SHA_CTX *sha_ctx = ctx; + ret = SHA1_Final(result, sha_ctx); + xfree(sha_ctx); + return ret; +} + +#endif diff --git a/render/glyph.c b/render/glyph.c index 7fcdfd9d1..0b864ad4d 100644 --- a/render/glyph.c +++ b/render/glyph.c @@ -26,12 +26,7 @@ #include #endif -#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */ -# include -#else /* Use OpenSSL's libcrypto */ -# include /* buggy openssl/sha.h wants size_t */ -# include -#endif +#include "xsha1.h" #include "misc.h" #include "scrnintstr.h" @@ -198,34 +193,21 @@ HashGlyph (xGlyphInfo *gi, unsigned long size, unsigned char sha1[20]) { -#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */ - SHA1_CTX ctx; - - SHA1Init (&ctx); - SHA1Update (&ctx, gi, sizeof (xGlyphInfo)); - SHA1Update (&ctx, bits, size); - SHA1Final (sha1, &ctx); -#else /* Use OpenSSL's libcrypto */ - SHA_CTX ctx; + void *ctx = x_sha1_init(); int success; - success = SHA1_Init (&ctx); - if (! success) + if (!ctx) return BadAlloc; - success = SHA1_Update (&ctx, gi, sizeof (xGlyphInfo)); - if (! success) + success = x_sha1_update(ctx, gi, sizeof(xGlyphInfo)); + if (!success) return BadAlloc; - - success = SHA1_Update (&ctx, bits, size); - if (! success) + success = x_sha1_update(ctx, bits, size); + if (!success) return BadAlloc; - - success = SHA1_Final (sha1, &ctx); - if (! success) + success = x_sha1_final(ctx, sha1); + if (!success) return BadAlloc; -#endif - return Success; }