Inicio Explorar Ayuda
Iniciar sesión
jahway603
/
libreCMC
forked de libreCMC/libreCMC
1
0
Fork 0
Archivos
Árbol: c152c845b4
Ramas Etiquetas
libreCMC
/
package
/
network
/
services
/
dnsmasq
/
patches
/
0110-Support-hash-function-from-nettle-only.patch

0110-Support-hash-function-from-nettle-only.patch 6.0 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181 
  1. From 2024f9729713fd657d65e64c2e4e471baa0a3e5b Mon Sep 17 00:00:00 2001
    2. 

  2. From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
    3. 

  3. Date: Wed, 25 Nov 2020 17:18:55 +0100
    4. 

  4. Subject: Support hash function from nettle (only)
    5. 

  5. 

  6. Unlike COPTS=-DHAVE_DNSSEC, allow usage of just sha256 function from
    7. 

  7. nettle, but keep DNSSEC disabled at build time. Skips use of internal
    8. 

  8. hash implementation without support for validation built-in.
    9. 

  9. ---
    10. 

  10.  Makefile             |  8 +++++---
    11. 

  11.  bld/pkg-wrapper      | 41 ++++++++++++++++++++++-------------------
    12. 

  12.  src/config.h         |  8 ++++++++
    13. 

  13.  src/crypto.c         |  7 +++++++
    14. 

  14.  src/dnsmasq.h        |  2 +-
    15. 

  15.  src/hash_questions.c |  2 +-
    16. 

  16.  6 files changed, 44 insertions(+), 24 deletions(-)
    17. 

  17. 

  18. --- a/Makefile
    19. 

  19. +++ b/Makefile
    20. 

  20. @@ -53,7 +53,7 @@ top?=$(CURDIR)
    21. 

  21.  
    22. 

  22.  dbus_cflags =   `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1` 
    23. 

  23.  dbus_libs =     `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1` 
    24. 

  24. -ubus_libs =     `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_UBUS "" --copy -lubox -lubus`
    25. 

  25. +ubus_libs =     `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_UBUS "" --copy '-lubox -lubus'`
    26. 

  26.  idn_cflags =    `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --cflags libidn` 
    27. 

  27.  idn_libs =      `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --libs libidn` 
    28. 

  28.  idn2_cflags =   `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LIBIDN2 $(PKG_CONFIG) --cflags libidn2`
    29. 

  29. @@ -62,8 +62,10 @@ ct_cflags =     `echo $(COPTS) | $(top)/
    30. 

  30.  ct_libs =       `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --libs libnetfilter_conntrack`
    31. 

  31.  lua_cflags =    `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --cflags lua5.2` 
    32. 

  32.  lua_libs =      `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.2` 
    33. 

  33. -nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed`
    34. 

  34. -nettle_libs =   `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed`
    35. 

  35. +nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC     $(PKG_CONFIG) --cflags 'nettle hogweed' \
    36. 

  36. +                                                        HAVE_NETTLEHASH $(PKG_CONFIG) --cflags nettle`
    37. 

  37. +nettle_libs =   `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC     $(PKG_CONFIG) --libs 'nettle hogweed' \
    38. 

  38. +                                                        HAVE_NETTLEHASH $(PKG_CONFIG) --libs nettle`
    39. 

  39.  gmp_libs =      `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC NO_GMP --copy -lgmp`
    40. 

  40.  sunos_libs =    `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
    41. 

  41.  version =     -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
    42. 

  42. --- a/bld/pkg-wrapper
    43. 

  43. +++ b/bld/pkg-wrapper
    44. 

  44. @@ -1,35 +1,37 @@
    45. 

  45.  #!/bin/sh
    46. 

  46.  
    47. 

  47. -search=$1
    48. 

  48. -shift
    49. 

  49. -pkg=$1
    50. 

  50. -shift
    51. 

  51. -op=$1
    52. 

  52. -shift
    53. 

  53. -
    54. 

  54.  in=`cat`
    55. 

  55.  
    56. 

  56. -if grep "^\#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \
    57. 

  57. -    echo $in | grep $search >/dev/null 2>&1; then
    58. 

  58. +search()
    59. 

  59. +{
    60. 

  60. +    grep "^\#[[:space:]]*define[[:space:]]*$1" config.h >/dev/null 2>&1 || \
    61. 

  61. +    echo $in | grep $1 >/dev/null 2>&1
    62. 

  62. +}
    63. 

  63. +
    64. 

  64. +while [ "$#" -gt 0 ]; do
    65. 

  65. +    search=$1
    66. 

  66. +    pkg=$2
    67. 

  67. +    op=$3
    68. 

  68. +    lib=$4
    69. 

  69. +    shift 4
    70. 

  70. +if search "$search"; then
    71. 

  71. +
    72. 

  72.  # Nasty, nasty, in --copy, arg 2 (if non-empty) is another config to search for, used with NO_GMP
    73. 

  73.      if [ $op = "--copy" ]; then
    74. 

  74.  	if [ -z "$pkg" ]; then
    75. 

  75. -	    pkg="$*"
    76. 

  76. -	elif grep "^\#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \
    77. 

  77. -		 echo $in | grep $pkg >/dev/null 2>&1; then
    78. 

  78. +	    pkg="$lib"
    79. 

  79. +	elif search "$pkg"; then
    80. 

  80.  	    pkg=""
    81. 

  81.  	else 
    82. 

  82. -	    pkg="$*"
    83. 

  83. +	    pkg="$lib"
    84. 

  84.  	fi
    85. 

  85. -    elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
    86. 

  86. -	     echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
    87. 

  87. -	pkg=`$pkg  --static $op $*`
    88. 

  88. +    elif search "${search}_STATIC"; then
    89. 

  89. +	pkg=`$pkg  --static $op $lib`
    90. 

  90.      else
    91. 

  91. -	pkg=`$pkg $op $*`
    92. 

  92. +	pkg=`$pkg $op $lib`
    93. 

  93.      fi
    94. 

  94.      
    95. 

  95. -    if grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
    96. 

  96. -	   echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
    97. 

  97. +    if search "${search}_STATIC"; then
    98. 

  98.  	if [ $op = "--libs" ] || [ $op = "--copy" ]; then
    99. 

  99.  	    echo "-Wl,-Bstatic $pkg -Wl,-Bdynamic"
    100. 

  100.  	else
    101. 

  101. @@ -40,3 +42,4 @@ if grep "^\#[[:space:]]*define[[:space:]
    102. 

  102.      fi
    103. 

  103.  fi
    104. 

  104.  
    105. 

  105. +done
    106. 

  106. --- a/src/config.h
    107. 

  107. +++ b/src/config.h
    108. 

  108. @@ -117,6 +117,9 @@ HAVE_AUTH
    109. 

  109.     define this to include the facility to act as an authoritative DNS
    110. 

  110.     server for one or more zones.
    111. 

  111.  
    112. 

  112. +HAVE_NETTLEHASH
    113. 

  113. +   include just hash function from nettle, but no DNSSEC.
    114. 

  114. +
    115. 

  115.  HAVE_DNSSEC
    116. 

  116.     include DNSSEC validator.
    117. 

  117.  
    118. 

  118. @@ -184,6 +187,7 @@ RESOLVFILE
    119. 

  119.  /* #define HAVE_IDN */
    120. 

  120.  /* #define HAVE_LIBIDN2 */
    121. 

  121.  /* #define HAVE_CONNTRACK */
    122. 

  122. +/* #define HAVE_NETTLEHASH */
    123. 

  123.  /* #define HAVE_DNSSEC */
    124. 

  124.  
    125. 

  125.  
    126. 

  126. @@ -408,6 +412,10 @@ static char *compile_opts =
    127. 

  127.  "no-"
    128. 

  128.  #endif
    129. 

  129.  "auth "
    130. 

  130. +#if !defined(HAVE_NETTLEHASH) && !defined(HAVE_DNSSEC)
    131. 

  131. +"no-"
    132. 

  132. +#endif
    133. 

  133. +"nettlehash "
    134. 

  134.  #ifndef HAVE_DNSSEC
    135. 

  135.  "no-"
    136. 

  136.  #endif
    137. 

  137. --- a/src/crypto.c
    138. 

  138. +++ b/src/crypto.c
    139. 

  139. @@ -23,6 +23,9 @@
    140. 

  140.  #include <nettle/ecdsa.h>
    141. 

  141.  #include <nettle/ecc-curve.h>
    142. 

  142.  #include <nettle/eddsa.h>
    143. 

  143. +#endif
    144. 

  144. +
    145. 

  145. +#if defined(HAVE_DNSSEC) || defined(HAVE_NETTLEHASH)
    146. 

  146.  #include <nettle/nettle-meta.h>
    147. 

  147.  #include <nettle/bignum.h>
    148. 

  148.  
    149. 

  149. @@ -165,6 +168,10 @@ int hash_init(const struct nettle_hash *
    150. 

  150.  
    151. 

  151.    return 1;
    152. 

  152.  }
    153. 

  153. +
    154. 

  154. +#endif
    155. 

  155. +
    156. 

  156. +#ifdef HAVE_DNSSEC
    157. 

  157.    
    158. 

  158.  static int dnsmasq_rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
    159. 

  159.  			      unsigned char *digest, size_t digest_len, int algo)
    160. 

  160. --- a/src/dnsmasq.h
    161. 

  161. +++ b/src/dnsmasq.h
    162. 

  162. @@ -150,7 +150,7 @@ extern int capget(cap_user_header_t head
    163. 

  163.  #include <priv.h>
    164. 

  164.  #endif
    165. 

  165.  
    166. 

  166. -#ifdef HAVE_DNSSEC
    167. 

  167. +#if defined(HAVE_DNSSEC) || defined(HAVE_NETTLEHASH)
    168. 

  168.  #  include <nettle/nettle-meta.h>
    169. 

  169.  #endif
    170. 

  170.  
    171. 

  171. --- a/src/hash_questions.c
    172. 

  172. +++ b/src/hash_questions.c
    173. 

  173. @@ -28,7 +28,7 @@
    174. 

  174.  
    175. 

  175.  #include "dnsmasq.h"
    176. 

  176.  
    177. 

  177. -#ifdef HAVE_DNSSEC
    178. 

  178. +#if defined(HAVE_DNSSEC) || defined(HAVE_NETTLEHASH)
    179. 

  179.  unsigned char *hash_questions(struct dns_header *header, size_t plen, char *name)
    180. 

  180.  {
    181. 

  181.    int q;
    182.