Andrew's git / gitweb.git / diff
?
Merge branch 'ab/sha1dc'
authorJunio C Hamano <gitster@pobox.com>
Mon, 10 Jul 2017 20:42:51 +0000 (13:42 -0700)
committerJunio C Hamano <gitster@pobox.com>
Mon, 10 Jul 2017 20:42:51 +0000 (13:42 -0700)
The "collission-detecting" implementation of SHA-1 hash we borrowed
from is replaced by directly binding the upstream project as our
submodule. Glitches on minority platforms are still being worked out.

* ab/sha1dc:
sha1collisiondetection: automatically enable when submodule is populated
sha1dc: optionally use sha1collisiondetection as a submodule

.gitmodules [new file with mode: 0644] patch | blob
Makefile patch | blob | history
hash.h patch | blob | history
sha1collisiondetection [new submodule] patch | blob
diff --git a/.gitmodules b/.gitmodules
new file mode 100644 (file)
index 0000000..cbeebda
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,4 @@
+[submodule "sha1collisiondetection"]
+       path = sha1collisiondetection
+       url = https://github.com/cr-marcstevens/sha1collisiondetection.git
+       branch = master
diff --git a/Makefile b/Makefile
index 9c9c42f8f9c527a7e2147835a23c4c9af43cb96e..bfa5b3a4ca7885787241eb99dffcf2216e05cdaf 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -162,6 +162,12 @@ all::
 # algorithm. This is slower, but may detect attempted collision attacks.
 # Takes priority over other *_SHA1 knobs.
 #
+# Define DC_SHA1_SUBMODULE in addition to DC_SHA1 to use the
+# sha1collisiondetection shipped as a submodule instead of the
+# non-submodule copy in sha1dc/. This is an experimental option used
+# by the git project to migrate to using sha1collisiondetection as a
+# submodule.
+#
 # Define OPENSSL_SHA1 environment variable when running make to link
 # with the SHA1 routine from openssl library.
 #
@@ -1004,6 +1010,10 @@ EXTLIBS =
 
 GIT_USER_AGENT = git/$(GIT_VERSION)
 
+ifeq ($(wildcard sha1collisiondetection/lib/sha1.h),sha1collisiondetection/lib/sha1.h)
+DC_SHA1_SUBMODULE = auto
+endif
+
 include config.mak.uname
 -include config.mak.autogen
 -include config.mak
@@ -1449,8 +1459,14 @@ ifdef APPLE_COMMON_CRYPTO
        BASIC_CFLAGS += -DSHA1_APPLE
 else
        DC_SHA1 := YesPlease
+ifdef DC_SHA1_SUBMODULE
+       LIB_OBJS += sha1collisiondetection/lib/sha1.o
+       LIB_OBJS += sha1collisiondetection/lib/ubc_check.o
+       BASIC_CFLAGS += -DDC_SHA1_SUBMODULE
+else
        LIB_OBJS += sha1dc/sha1.o
        LIB_OBJS += sha1dc/ubc_check.o
+endif
        BASIC_CFLAGS += \
                -DSHA1_DC \
                -DSHA1DC_NO_STANDARD_INCLUDES \
diff --git a/hash.h b/hash.h
index a11fc9233fc9bb7d876e2e97a1a149260d7a633c..bef3e630a093b508e78419c5f4e228e836ecb88c 100644 (file)
--- a/hash.h
+++ b/hash.h
@@ -8,7 +8,11 @@
 #elif defined(SHA1_OPENSSL)
 #include <openssl/sha.h>
 #elif defined(SHA1_DC)
+#ifdef DC_SHA1_SUBMODULE
+#include "sha1collisiondetection/lib/sha1.h"
+#else
 #include "sha1dc/sha1.h"
+#endif
 #else /* SHA1_BLK */
 #include "block-sha1/sha1.h"
 #endif
diff --git a/sha1collisiondetection b/sha1collisiondetection
new file mode 160000 (submodule)
index 0000000..19d97bf
--- /dev/null
+++ b/sha1collisiondetection
@@ -0,0 +1 @@
+Subproject commit 19d97bf5af05312267c2e874ee6bcf584d9e9681