Hi all, This seems to be related to https://lists.debian.org/debian-dpkg/2023/06/msg00059.html which I've found after I've created this patch already. The motivation is not to use openssl instead of libmd, but to have the option to use it in addition to.
For openSUSE, we have dpkg in Ring0 rebuild set. It means, this set of packages is rebuild quite often and is always consistent. Adding additional dependencies, even small ones like libmd, increases the load that is placed on our infrastructure. So the purpose here is to add support for OpenSSL while keeping libmd as the primary source of the hashing function. For the record, I do agree with the initial rationale of replacing the in-tree implementation with libmd. - Adam PS. Please CC me in replies as I'm not on this list. >From da3057e9c050f4b831c448d80510b51f5d4f1d50 Mon Sep 17 00:00:00 2001 From: Adam Majer <[email protected]> Date: Thu, 20 Jul 2023 16:01:06 +0200 Subject: [PATCH] build: add support for OpenSSL for hashing In 2767801430de3c6d4ec7394e286fc261a8180feb dpkg fully switched to libmd for hasing instead of in-tree version. For distributions like openSUSE Tumbleweed, this adds additional dependencies in the rebuild set. Using library like OpenSSL that is already in this rebuild set, doesn't add additional dependencies. This patch adds support for using OpenSSL for hash calculation. Signed-off-by: Adam Majer <[email protected]> --- configure.ac | 8 ++++++++ lib/dpkg/Makefile.am | 2 +- lib/dpkg/buffer.c | 10 +++++++++- m4/dpkg-libs.m4 | 21 ++++++++++++++++++--- 4 files changed, 36 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index d1fa8357d..f8b8f4eae 100644 --- a/configure.ac +++ b/configure.ac @@ -97,6 +97,13 @@ AC_SYS_LARGEFILE # Checks for libraries. DPKG_LIB_RT DPKG_LIB_MD +AS_IF([test "x$have_libmd" = "xno"], [ + DPKG_LIB_OPENSSL + AS_IF([test "x$have_crypto" = "xno"], [ + AC_MSG_FAILURE([md5 digest functions not found in libmd or openssl]) + ]) +]) + DPKG_LIB_Z DPKG_LIB_BZ2 DPKG_LIB_LZMA @@ -308,6 +315,7 @@ Configuration: libkvm . . . . . . . . . . . : ${have_libkvm:-no} libselinux . . . . . . . . . : $have_libselinux libmd . . . . . . . . . . . . : $have_libmd + libcryto . . . . . . . . . . : $have_libcrypto libz . . . . . . . . . . . . : $have_libz_impl liblzma . . . . . . . . . . . : $have_liblzma libzstd . . . . . . . . . . . : $have_libzstd diff --git a/lib/dpkg/Makefile.am b/lib/dpkg/Makefile.am index 3403338ce..96c4a4cbf 100644 --- a/lib/dpkg/Makefile.am +++ b/lib/dpkg/Makefile.am @@ -50,7 +50,7 @@ EXTRA_libdpkg_la_DEPENDENCIES += \ libdpkg.sym \ # EOL endif -libdpkg_la_LDFLAGS += $(MD_LIBS) +libdpkg_la_LDFLAGS += $(MD_LIBS) $(OPENSSL_LIBS) libdpkg_la_LIBADD = \ ../compat/libcompat.la \ # EOL diff --git a/lib/dpkg/buffer.c b/lib/dpkg/buffer.c index ed05f4b4a..bf6f7d1f7 100644 --- a/lib/dpkg/buffer.c +++ b/lib/dpkg/buffer.c @@ -23,10 +23,18 @@ #include <config.h> #include <compat.h> +#ifdef HAVE_MD5_H +#include <md5.h> +#elif HAVE_OPENSSL_MD5_H +#include <openssl/md5.h> +#define MD5Init MD5_Init +#define MD5Update MD5_Update +#define MD5Final MD5_Final +#endif + #include <sys/types.h> #include <errno.h> -#include <md5.h> #include <string.h> #include <unistd.h> #include <stdlib.h> diff --git a/m4/dpkg-libs.m4 b/m4/dpkg-libs.m4 index f1eba330b..2196be457 100644 --- a/m4/dpkg-libs.m4 +++ b/m4/dpkg-libs.m4 @@ -20,11 +20,26 @@ AC_DEFUN([DPKG_LIB_MD], [ MD_LIBS="$ac_cv_search_MD5Init" ]) ]) - AS_IF([test "x$have_libmd" = "xno"], [ - AC_MSG_FAILURE([md5 digest functions not found]) - ]) ])# DPKG_LIB_MD +# DPKG_LIB_OPENSSL +# ----------- +# Check for the digests support in openssl library. +AC_DEFUN([DPKG_LIB_OPENSSL], [ + AC_ARG_VAR([OPENSSL_LIBS], [linker flags for openssl library]) + have_libcryto="no" + AC_CHECK_HEADERS([openssl/md5.h], [ + dpkg_save_libcrypto_LIBS=$LIBS + AC_SEARCH_LIBS([MD5_Init], [crypto]) + LIBS=$dpkg_save_libcrypto_LIBS + AS_IF([test "x$ac_cv_search_MD5_Init" != "xno"], [ + have_libcrypto="yes" + OPENSSL_LIBS="$ac_cv_search_MD5_Init" + ]) + ]) +])# DPKG_LIB_OPENSSL + + # DPKG_WITH_COMPRESS_LIB(NAME, HEADER, FUNC) # ------------------------------------------------- # Check for availability of a compression library. -- 2.41.0
