Blame SOURCES/0001-Backport-OpenSSL-for-hashes.patch

2f37dd
From fc1fe251a565423327faad91b9341b1344334456 Mon Sep 17 00:00:00 2001
519a7b
From: Jaroslav Rohel <jrohel@redhat.com>
2f37dd
Date: Fri, 25 Oct 2019 14:33:22 +0200
2f37dd
Subject: [PATCH 1/2] Add support for computing hashes using OpenSSL
519a7b
2f37dd
It adds WITH_OPENSSL build option.
2f37dd
If it is ON, OpenSSL will be used instead of internal implementation
2f37dd
of computing hashes (MD5, SHA1, SHA224, SHA256, SHA384, SHA512).
519a7b
---
519a7b
 CMakeLists.txt       | 11 ++++++++++-
2f37dd
 src/CMakeLists.txt   | 16 +++++++++++-----
519a7b
 src/chksum.c         | 32 ++++++++++++++++++++++++++++++++
519a7b
 tools/CMakeLists.txt |  2 +-
2f37dd
 4 files changed, 54 insertions(+), 7 deletions(-)
519a7b
519a7b
diff --git a/CMakeLists.txt b/CMakeLists.txt
2f37dd
index b39fd991..33ce8047 100644
519a7b
--- a/CMakeLists.txt
519a7b
+++ b/CMakeLists.txt
2f37dd
@@ -39,6 +39,7 @@ OPTION (ENABLE_ZCHUNK_COMPRESSION "Build with zchunk compression support?" OFF)
519a7b
 OPTION (WITH_SYSTEM_ZCHUNK "Use system zchunk library?" OFF)
519a7b
 OPTION (WITH_LIBXML2  "Build with libxml2 instead of libexpat?" OFF)
2f37dd
 OPTION (WITHOUT_COOKIEOPEN "Disable the use of stdio cookie opens?" OFF)
519a7b
+OPTION (WITH_OPENSSL "Use OpenSSL instead of internal implementation of hashes?" OFF)
519a7b
 
2f37dd
 include (GNUInstallDirs)
2f37dd
 message (STATUS "Libraries will be installed in ${CMAKE_INSTALL_FULL_LIBDIR}")
2f37dd
@@ -160,6 +161,11 @@ INCLUDE_DIRECTORIES (${EXPAT_INCLUDE_DIRS})
519a7b
 ENDIF (WITH_LIBXML2 )
519a7b
 ENDIF (ENABLE_RPMMD OR ENABLE_SUSEREPO OR ENABLE_APPDATA OR ENABLE_COMPS OR ENABLE_HELIXREPO OR ENABLE_MDKREPO)
519a7b
 
519a7b
+IF (WITH_OPENSSL)
519a7b
+FIND_PACKAGE (OpenSSL REQUIRED)
519a7b
+INCLUDE_DIRECTORIES (${OPENSSL_INCLUDE_DIR})
519a7b
+ENDIF(WITH_OPENSSL)
519a7b
+
519a7b
 IF (ENABLE_ZLIB_COMPRESSION)
519a7b
 FIND_PACKAGE (ZLIB REQUIRED)
519a7b
 INCLUDE_DIRECTORIES (${ZLIB_INCLUDE_DIRS})
2f37dd
@@ -270,7 +276,7 @@ ENDIF (${CMAKE_MAJOR_VERSION} GREATER 2)
519a7b
 
519a7b
 # should create config.h with #cmakedefine instead...
519a7b
 FOREACH (VAR HAVE_STRCHRNUL HAVE_FOPENCOOKIE HAVE_FUNOPEN WORDS_BIGENDIAN
2f37dd
-  HAVE_RPM_DB_H HAVE_PGPDIGGETPARAMS WITH_LIBXML2 WITHOUT_COOKIEOPEN)
2f37dd
+  HAVE_RPM_DB_H HAVE_PGPDIGGETPARAMS WITH_LIBXML2 WITHOUT_COOKIEOPEN WITH_OPENSSL)
519a7b
   IF(${VAR})
519a7b
     ADD_DEFINITIONS (-D${VAR}=1)
519a7b
     SET (SWIG_FLAGS ${SWIG_FLAGS} -D${VAR})
2f37dd
@@ -407,6 +413,9 @@ ENDIF (ENABLE_ZSTD_COMPRESSION)
519a7b
 IF (WITH_SYSTEM_ZCHUNK)
519a7b
 SET (SYSTEM_LIBRARIES ${SYSTEM_LIBRARIES} ${ZCHUNK_LIBRARIES})
519a7b
 ENDIF (WITH_SYSTEM_ZCHUNK)
519a7b
+IF (WITH_OPENSSL)
519a7b
+SET (SYSTEM_LIBRARIES ${SYSTEM_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY})
519a7b
+ENDIF (WITH_OPENSSL)
519a7b
 IF (ENABLE_RPMDB)
519a7b
 SET (SYSTEM_LIBRARIES ${RPMDB_LIBRARY} ${SYSTEM_LIBRARIES})
519a7b
 ENDIF (ENABLE_RPMDB)
519a7b
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
2f37dd
index 6abb3adb..d356c7d6 100644
519a7b
--- a/src/CMakeLists.txt
519a7b
+++ b/src/CMakeLists.txt
519a7b
@@ -18,9 +18,8 @@ SET (libsolv_SRCS
519a7b
     solver.c solverdebug.c repo_solv.c repo_write.c evr.c pool.c
519a7b
     queue.c repo.c repodata.c repopage.c util.c policy.c solvable.c
519a7b
     transaction.c order.c rules.c problems.c linkedpkg.c cplxdeps.c
519a7b
-    chksum.c md5.c sha1.c sha2.c solvversion.c selection.c
519a7b
-    fileprovides.c diskusage.c suse.c solver_util.c cleandeps.c
519a7b
-    userinstalled.c filelistfilter.c)
519a7b
+    chksum.c solvversion.c selection.c fileprovides.c diskusage.c
519a7b
+    suse.c solver_util.c cleandeps.c userinstalled.c filelistfilter.c)
519a7b
 
519a7b
 SET (libsolv_HEADERS
519a7b
     bitmap.h evr.h hash.h policy.h poolarch.h poolvendor.h pool.h
2f37dd
@@ -43,14 +42,21 @@ IF (WIN32)
2f37dd
     LIST (APPEND libsolv_SRCS ${WIN32_COMPAT_SOURCES})
2f37dd
 ENDIF (WIN32)
519a7b
 
519a7b
+IF (NOT WITH_OPENSSL)
519a7b
+  SET (libsolv_SRCS ${libsolv_SRCS} md5.c sha1.c sha2.c)
519a7b
+ENDIF (NOT WITH_OPENSSL)
2f37dd
+
519a7b
 IF (HAVE_LINKER_VERSION_SCRIPT)
519a7b
 SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} ${LINK_FLAGS} -Wl,--version-script=${CMAKE_SOURCE_DIR}/src/libsolv.ver")
519a7b
 ENDIF (HAVE_LINKER_VERSION_SCRIPT)
519a7b
 
519a7b
 IF (DISABLE_SHARED)
519a7b
-ADD_LIBRARY (libsolv STATIC ${libsolv_SRCS})
519a7b
+  ADD_LIBRARY (libsolv STATIC ${libsolv_SRCS})
519a7b
 ELSE (DISABLE_SHARED)
519a7b
-ADD_LIBRARY (libsolv SHARED ${libsolv_SRCS})
519a7b
+  ADD_LIBRARY (libsolv SHARED ${libsolv_SRCS})
519a7b
+  IF (WITH_OPENSSL)
519a7b
+    TARGET_LINK_LIBRARIES (libsolv ${OPENSSL_CRYPTO_LIBRARY})
519a7b
+  ENDIF (WITH_OPENSSL)
519a7b
 ENDIF (DISABLE_SHARED)
519a7b
 
519a7b
 SET_TARGET_PROPERTIES(libsolv PROPERTIES OUTPUT_NAME "solv")
519a7b
diff --git a/src/chksum.c b/src/chksum.c
2f37dd
index 1f8ab471..9189b744 100644
519a7b
--- a/src/chksum.c
519a7b
+++ b/src/chksum.c
519a7b
@@ -15,10 +15,42 @@
519a7b
 #include "util.h"
519a7b
 #include "chksum.h"
519a7b
 
519a7b
+#ifdef WITH_OPENSSL
519a7b
+
519a7b
+#include <openssl/md5.h>
519a7b
+#include <openssl/sha.h>
519a7b
+
519a7b
+typedef SHA_CTX SHA1_CTX;
519a7b
+typedef SHA256_CTX SHA224_CTX;
519a7b
+typedef SHA512_CTX SHA384_CTX;
519a7b
+
519a7b
+#define solv_MD5_Init(ctx) MD5_Init(ctx)
519a7b
+#define solv_MD5_Update(ctx, data, len) MD5_Update(ctx, data, len)
519a7b
+#define solv_MD5_Final(md, ctx) MD5_Final(md, ctx)
519a7b
+#define solv_SHA1_Init(ctx) SHA1_Init(ctx)
519a7b
+#define solv_SHA1_Update(ctx, data, len) SHA1_Update(ctx, data, len)
519a7b
+#define solv_SHA1_Final(ctx, md) SHA1_Final(md, ctx)
519a7b
+#define solv_SHA224_Init(ctx) SHA224_Init(ctx)
519a7b
+#define solv_SHA224_Update(ctx, data, len) SHA224_Update(ctx, data, len)
519a7b
+#define solv_SHA224_Final(md, ctx) SHA224_Final(md, ctx)
519a7b
+#define solv_SHA256_Init(ctx) SHA256_Init(ctx)
519a7b
+#define solv_SHA256_Update(ctx, data, len) SHA256_Update(ctx, data, len)
519a7b
+#define solv_SHA256_Final(md, ctx) SHA256_Final(md, ctx)
519a7b
+#define solv_SHA384_Init(ctx) SHA384_Init(ctx)
519a7b
+#define solv_SHA384_Update(ctx, data, len) SHA384_Update(ctx, data, len)
519a7b
+#define solv_SHA384_Final(md, ctx) SHA384_Final(md, ctx)
519a7b
+#define solv_SHA512_Init(ctx) SHA512_Init(ctx)
519a7b
+#define solv_SHA512_Update(ctx, data, len) SHA512_Update(ctx, data, len)
519a7b
+#define solv_SHA512_Final(md, ctx) SHA512_Final(md, ctx)
519a7b
+
519a7b
+#else
519a7b
+
519a7b
 #include "md5.h"
519a7b
 #include "sha1.h"
519a7b
 #include "sha2.h"
519a7b
 
519a7b
+#endif
519a7b
+
2f37dd
 #ifdef _WIN32
2f37dd
   #include "strfncs.h"
2f37dd
 #endif
519a7b
diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt
2f37dd
index f19030eb..d477e195 100644
519a7b
--- a/tools/CMakeLists.txt
519a7b
+++ b/tools/CMakeLists.txt
2f37dd
@@ -116,7 +116,7 @@ SET(tools_list ${tools_list} repo2solv)
2f37dd
 ENDIF (NOT WIN32)
519a7b
 
519a7b
 ADD_EXECUTABLE (dumpsolv dumpsolv.c )
519a7b
-TARGET_LINK_LIBRARIES (dumpsolv libsolv)
519a7b
+TARGET_LINK_LIBRARIES (dumpsolv libsolv ${SYSTEM_LIBRARIES})
519a7b
 
519a7b
 ADD_EXECUTABLE (mergesolv mergesolv.c )
519a7b
 TARGET_LINK_LIBRARIES (mergesolv toolstuff libsolvext libsolv ${SYSTEM_LIBRARIES})
519a7b
2f37dd
From ef403d41780fb2bac1df40cbb7a55967e8206127 Mon Sep 17 00:00:00 2001
2f37dd
From: Jaroslav Rohel <jrohel@redhat.com>
2f37dd
Date: Tue, 9 Apr 2019 10:20:16 +0200
2f37dd
Subject: [PATCH 2/2] Use OpenSSL for computing hashes by default
2f37dd
2f37dd
It simplifies backporting to downstream, because
2f37dd
it does not need to change the .spec file for using OpenSSL.
2f37dd
---
2f37dd
 CMakeLists.txt | 2 +-
2f37dd
 1 file changed, 1 insertion(+), 1 deletion(-)
2f37dd
2f37dd
diff --git a/CMakeLists.txt b/CMakeLists.txt
2f37dd
index 33ce8047..5d1d6daf 100644
2f37dd
--- a/CMakeLists.txt
2f37dd
+++ b/CMakeLists.txt
2f37dd
@@ -39,7 +39,7 @@ OPTION (ENABLE_ZCHUNK_COMPRESSION "Build with zchunk compression support?" OFF)
2f37dd
 OPTION (WITH_SYSTEM_ZCHUNK "Use system zchunk library?" OFF)
2f37dd
 OPTION (WITH_LIBXML2  "Build with libxml2 instead of libexpat?" OFF)
2f37dd
 OPTION (WITHOUT_COOKIEOPEN "Disable the use of stdio cookie opens?" OFF)
2f37dd
-OPTION (WITH_OPENSSL "Use OpenSSL instead of internal implementation of hashes?" OFF)
2f37dd
+OPTION (WITH_OPENSSL "Use OpenSSL instead of internal implementation of hashes?" ON)
2f37dd
 
2f37dd
 include (GNUInstallDirs)
2f37dd
 message (STATUS "Libraries will be installed in ${CMAKE_INSTALL_FULL_LIBDIR}")