rpms / glusterfs

Clone
Source Code
GIT

Blame SOURCES/0364-fips-Replace-md5sum-usage-to-enable-fips-support.patch

c4 c5 c5-plus c6 c6-plus c6-sig-storage-gluster-5 c6-sig-storage-gluster-6 c6-sig-storage-gluster-7 c7 c7-alt c7-atomic c7-beta c7-sig-storage-gluster-5 c7-sig-storage-gluster-6 c7-sig-storage-gluster-7 c7-sig-storage-gluster-8 c7-sig-storage-gluster-9 c8 c8-beta c8-sig-storage-gluster-10 c8-sig-storage-gluster-6 c8-sig-storage-gluster-7 c8-sig-storage-gluster-8 c8-sig-storage-gluster-9 c8s c8s-sig-storage-gluster-10 c8s-sig-storage-gluster-11 c8s-sig-storage-gluster-8 c8s-sig-storage-gluster-9 c9 c9-beta c9s-sig-storage-gluster-10 c9s-sig-storage-gluster-11 c9s-sig-storage-gluster-9
  1.   38347345809a3c9d353b7225971688848978b2f7
  2.   SOURCES
  3.   0364-fips-Replace-md5sum-usage-to-enable-fips-support.patch
Blob History Raw
887953 
From eba2217ac06dab658526991e93e018b91c92d7b5 Mon Sep 17 00:00:00 2001
887953 
From: Kotresh HR <khiremat@redhat.com>
887953 
Date: Tue, 19 Dec 2017 00:05:05 -0500
887953 
Subject: [PATCH 364/385] fips: Replace md5sum usage to enable fips support
887953
887953 
md5sum is not fips compliant. Using xxhash64 instead of
887953 
md5sum for socket file generation in glusterd and
887953 
changelog to enable fips support.
887953
887953 
NOTE: md5sum is 128 bit hash. xxhash used is 64 bit.
887953
887953 
Backport of:
887953 
 > Patch: https://review.gluster.org/19048
887953 
 > Updates: #230
887953 
 > Change-Id: I1bf2ea05905b9151cd29fa951f903685ab0dc84c
887953 
 > Signed-off-by: Kotresh HR <khiremat@redhat.com>
887953
887953 
BUG: 1459709
887953 
Change-Id: I1bf2ea05905b9151cd29fa951f903685ab0dc84c
887953 
Signed-off-by: Kotresh HR <khiremat@redhat.com>
887953 
Reviewed-on: https://code.engineering.redhat.com/gerrit/149770
887953 
Tested-by: RHGS Build Bot <nigelb@redhat.com>
887953 
Reviewed-by: Sunil Kumar Heggodu Gopala Acharya <sheggodu@redhat.com>
887953 
---
887953 
 libglusterfs/src/common-utils.c                 | 11 -----------
887953 
 libglusterfs/src/common-utils.h                 |  1 -
887953 
 xlators/features/changelog/src/changelog-misc.h | 20 ++++++++++----------
887953 
 xlators/mgmt/glusterd/src/glusterd-utils.c      |  8 +++++---
887953 
 4 files changed, 15 insertions(+), 25 deletions(-)
887953
887953 
diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c
887953 
index fd2f004..f632e78 100644
887953 
--- a/libglusterfs/src/common-utils.c
887953 
+++ b/libglusterfs/src/common-utils.c
887953 
@@ -75,17 +75,6 @@ typedef int32_t (*rw_op_t)(int32_t fd, char *buf, int32_t size);
887953 
 typedef int32_t (*rwv_op_t)(int32_t fd, const struct iovec *buf, int32_t size);
887953
887953 
 void
887953 
-md5_wrapper(const unsigned char *data, size_t len, char *md5)
887953 
-{
887953 
-        unsigned short i = 0;
887953 
-        unsigned short lim = MD5_DIGEST_LENGTH*2+1;
887953 
-        unsigned char scratch[MD5_DIGEST_LENGTH] = {0,};
887953 
-        MD5(data, len, scratch);
887953 
-        for (; i < MD5_DIGEST_LENGTH; i++)
887953 
-                snprintf(md5 + i * 2, lim-i*2, "%02x", scratch[i]);
887953 
-}
887953 
-
887953 
-void
887953 
 gf_xxh64_wrapper(const unsigned char *data, size_t len, unsigned long long seed,
887953 
                  char *xxh64)
887953 
 {
887953 
diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h
887953 
index 0131070..da943f4 100644
887953 
--- a/libglusterfs/src/common-utils.h
887953 
+++ b/libglusterfs/src/common-utils.h
887953 
@@ -835,7 +835,6 @@ gf_ports_reserved (char *blocked_port, unsigned char *ports, uint32_t ceiling);
887953 
 int gf_get_hostname_from_ip (char *client_ip, char **hostname);
887953 
 gf_boolean_t gf_is_local_addr (char *hostname);
887953 
 gf_boolean_t gf_is_same_address (char *host1, char *host2);
887953 
-void md5_wrapper(const unsigned char *data, size_t len, char *md5);
887953 
 void gf_xxh64_wrapper(const unsigned char *data, size_t len,
887953 
                       unsigned long long seed, char *xxh64);
887953 
 int gf_set_timestamp  (const char *src, const char* dest);
887953 
diff --git a/xlators/features/changelog/src/changelog-misc.h b/xlators/features/changelog/src/changelog-misc.h
887953 
index 94d6c50..93af201 100644
887953 
--- a/xlators/features/changelog/src/changelog-misc.h
887953 
+++ b/xlators/features/changelog/src/changelog-misc.h
887953 
@@ -36,24 +36,24 @@
887953 
         "GlusterFS Changelog | version: v%d.%d | encoding : %d\n"
887953
887953 
 #define CHANGELOG_MAKE_SOCKET_PATH(brick_path, sockpath, len) do {      \
887953 
-                char md5_sum[MD5_DIGEST_LENGTH*2+1] = {0,};             \
887953 
-                md5_wrapper((unsigned char *) brick_path,               \
887953 
-                            strlen(brick_path),                         \
887953 
-                            md5_sum);                                   \
887953 
+                char xxh64[GF_XXH64_DIGEST_LENGTH*2+1] = {0,};          \
887953 
+                gf_xxh64_wrapper ((unsigned char *)brick_path,          \
887953 
+                                  strlen(brick_path),                   \
887953 
+                                  GF_XXHSUM64_DEFAULT_SEED, xxh64);     \
887953 
                 (void) snprintf (sockpath, len,                         \
887953 
-                                 CHANGELOG_UNIX_SOCK, md5_sum);         \
887953 
+                                 CHANGELOG_UNIX_SOCK, xxh64);           \
887953 
         } while (0)
887953
887953 
 #define CHANGELOG_MAKE_TMP_SOCKET_PATH(brick_path, sockpath, len) do {  \
887953 
                 unsigned long pid = 0;                                  \
887953 
-                char md5_sum[MD5_DIGEST_LENGTH*2+1] = {0,};             \
887953 
+                char xxh64[GF_XXH64_DIGEST_LENGTH*2+1] = {0,};          \
887953 
                 pid = (unsigned long) getpid ();                        \
887953 
-                md5_wrapper((unsigned char *) brick_path,               \
887953 
-                            strlen(brick_path),                         \
887953 
-                            md5_sum);                                   \
887953 
+                gf_xxh64_wrapper ((unsigned char *)brick_path,          \
887953 
+                                  strlen(brick_path),                   \
887953 
+                                  GF_XXHSUM64_DEFAULT_SEED, xxh64);     \
887953 
                 (void) snprintf (sockpath,                              \
887953 
                                  len, CHANGELOG_TMP_UNIX_SOCK,          \
887953 
-                                 md5_sum, pid);                         \
887953 
+                                 xxh64, pid);                           \
887953 
         } while (0)
887953
887953
887953 
diff --git a/xlators/mgmt/glusterd/src/glusterd-utils.c b/xlators/mgmt/glusterd/src/glusterd-utils.c
887953 
index 01345cd..4fd8575 100644
887953 
--- a/xlators/mgmt/glusterd/src/glusterd-utils.c
887953 
+++ b/xlators/mgmt/glusterd/src/glusterd-utils.c
887953 
@@ -1852,10 +1852,12 @@ out:
887953 
 void
887953 
 glusterd_set_socket_filepath (char *sock_filepath, char *sockpath, size_t len)
887953 
 {
887953 
-        char md5_sum[MD5_DIGEST_LENGTH*2+1] = {0,};
887953 
+        char xxh64[GF_XXH64_DIGEST_LENGTH*2+1] = {0,};
887953
887953 
-        md5_wrapper ((unsigned char *) sock_filepath, strlen(sock_filepath), md5_sum);
887953 
-        snprintf (sockpath, len, "%s/%s.socket", GLUSTERD_SOCK_DIR, md5_sum);
887953 
+        gf_xxh64_wrapper ((unsigned char *)sock_filepath,
887953 
+                          strlen(sock_filepath),
887953 
+                          GF_XXHSUM64_DEFAULT_SEED, xxh64);
887953 
+        snprintf (sockpath, len, "%s/%s.socket", GLUSTERD_SOCK_DIR, xxh64);
887953 
 }
887953
887953 
 void
887953 
--
887953 
1.8.3.1
887953

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation