diff options
| author | Julian Andres Klode <julian.klode@canonical.com> | 2024-12-21 15:26:34 +0100 |
|---|---|---|
| committer | Julian Andres Klode <julian.klode@canonical.com> | 2024-12-22 23:45:15 +0100 |
| commit | 7b1fb90b93ced7c0772d726e512da01fad456852 (patch) | |
| tree | 0c20cecf6451fa20e5ede1ba38f0ac1873860549 /apt-pkg | |
| parent | 90270f0959d490d56db891809d83c91b3d4b9bf0 (diff) | |
Remove GnuTLS and gcrypt support
OpenSSL is mandatory now, it is no longer possible to build
without https support either.
Diffstat (limited to 'apt-pkg')
| -rw-r--r-- | apt-pkg/CMakeLists.txt | 8 | ||||
| -rw-r--r-- | apt-pkg/contrib/hashes.cc | 140 |
2 files changed, 2 insertions, 146 deletions
diff --git a/apt-pkg/CMakeLists.txt b/apt-pkg/CMakeLists.txt index 88f07fb79..4c036cc67 100644 --- a/apt-pkg/CMakeLists.txt +++ b/apt-pkg/CMakeLists.txt @@ -56,9 +56,7 @@ target_include_directories(apt-pkg $<$<BOOL:${UDEV_FOUND}>:${UDEV_INCLUDE_DIRS}> $<$<BOOL:${SYSTEMD_FOUND}>:${SYSTEMD_INCLUDE_DIRS}> ${ICONV_INCLUDE_DIRS} - $<$<BOOL:${WITH_OPENSSL}>:${OPENSSL_INCLUDE_DIRS}> - $<$<BOOL:${GNUTLS_FOUND}>:${GNUTLS_INCLUDE_DIRS}> - $<$<BOOL:${GCRYPT_FOUND}>:${GCRYPT_INCLUDE_DIRS}> + ${OPENSSL_INCLUDE_DIRS} $<$<BOOL:${XXHASH_FOUND}>:${XXHASH_INCLUDE_DIRS}> ) @@ -73,9 +71,7 @@ target_link_libraries(apt-pkg $<$<BOOL:${UDEV_FOUND}>:${UDEV_LIBRARIES}> $<$<BOOL:${SYSTEMD_FOUND}>:${SYSTEMD_LIBRARIES}> ${ICONV_LIBRARIES} - $<$<BOOL:${WITH_OPENSSL}>:OpenSSL::Crypto> - $<$<BOOL:${GNUTLS_FOUND}>:${GNUTLS_LIBRARIES}> - $<$<BOOL:${GCRYPT_FOUND}>:${GCRYPT_LIBRARIES}> + OpenSSL::Crypto $<$<BOOL:${XXHASH_FOUND}>:${XXHASH_LIBRARIES}> ) set_target_properties(apt-pkg PROPERTIES VERSION ${MAJOR}.${MINOR}) diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index 664ad0ac7..c7a4ab0e7 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -30,13 +30,7 @@ #include <string> #include <unistd.h> -#if defined(WITH_OPENSSL) #include <openssl/evp.h> -#elif defined(HAVE_GNUTLS) -#include <gnutls/crypto.h> -#else -#include <gcrypt.h> -#endif /*}}}*/ const char * HashString::_SupportedHashes[] = @@ -331,7 +325,6 @@ class PrivateHashes unsigned long long FileSize{0}; private: -#if defined(WITH_OPENSSL) std::array<EVP_MD_CTX *, 4> contexts{}; public: @@ -398,139 +391,6 @@ class PrivateHashes EVP_MD_CTX_free(ctx); } -#elif defined(HAVE_GNUTLS) - std::array<std::optional<gnutls_hash_hd_t>, 4> digs{}; - - public: - struct HashAlgo - { - size_t index; - const char *name; - gnutls_digest_algorithm_t gnuTlsAlgo; - Hashes::SupportedHashes ourAlgo; - }; - - static constexpr std::array<HashAlgo, 4> Algorithms{ - HashAlgo{0, "MD5Sum", GNUTLS_DIG_MD5, Hashes::MD5SUM}, - HashAlgo{1, "SHA1", GNUTLS_DIG_SHA1, Hashes::SHA1SUM}, - HashAlgo{2, "SHA256", GNUTLS_DIG_SHA256, Hashes::SHA256SUM}, - HashAlgo{3, "SHA512", GNUTLS_DIG_SHA512, Hashes::SHA512SUM}, - }; - - bool Write(unsigned char const *Data, size_t Size) - { - for (auto &dig : digs) - { - if (dig) - gnutls_hash(*dig, Data, Size); - } - return true; - } - - std::string HexDigest(HashAlgo const &algo) - { - auto Size = gnutls_hash_get_len(algo.gnuTlsAlgo); - unsigned char Sum[Size]; - if (auto copy = gnutls_hash_copy(*digs[algo.index])) - gnutls_hash_deinit(copy, &Sum); - return ::HexDigest(std::basic_string_view<unsigned char>(Sum, Size)); - } - bool Enable(HashAlgo const &algo) - { - digs[algo.index].emplace(); - if (gnutls_hash_init(&*digs[algo.index], algo.gnuTlsAlgo) == 0) - return true; - digs[algo.index] = std::nullopt; - return false; - } - bool IsEnabled(HashAlgo const &algo) - { - return bool{digs[algo.index]}; - } - - explicit PrivateHashes() {} - ~PrivateHashes() - { - for (auto &dig : digs) - { - if (dig) - gnutls_hash_deinit(*dig, nullptr); - } - } -#else - gcry_md_hd_t hd; - - void maybeInit() - { - - // Yikes, we got to initialize libgcrypt, or we get warnings. But we - // abstract away libgcrypt in Hashes from our users - they are not - // supposed to know what the hashing backend is, so we can't force - // them to init themselves as libgcrypt folks want us to. So this - // only leaves us with this option... - if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P)) - { - if (!gcry_check_version(nullptr)) - { - fprintf(stderr, "libgcrypt is too old (need %s, have %s)\n", - "nullptr", gcry_check_version(NULL)); - exit(2); - } - - gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); - } - } - - public: - struct HashAlgo - { - const char *name; - int gcryAlgo; - Hashes::SupportedHashes ourAlgo; - }; - - static constexpr std::array<HashAlgo, 4> Algorithms{ - HashAlgo{"MD5Sum", GCRY_MD_MD5, Hashes::MD5SUM}, - HashAlgo{"SHA1", GCRY_MD_SHA1, Hashes::SHA1SUM}, - HashAlgo{"SHA256", GCRY_MD_SHA256, Hashes::SHA256SUM}, - HashAlgo{"SHA512", GCRY_MD_SHA512, Hashes::SHA512SUM}, - }; - - bool Write(unsigned char const *Data, size_t Size) - { - gcry_md_write(hd, Data, Size); - return true; - } - - std::string HexDigest(HashAlgo const &algo) - { - auto Size = gcry_md_get_algo_dlen(algo.gcryAlgo); - auto Sum = gcry_md_read(hd, algo.gcryAlgo); - return ::HexDigest(std::basic_string_view<unsigned char>(Sum, Size)); - } - - bool Enable(HashAlgo const &Algo) - { - gcry_md_enable(hd, Algo.gcryAlgo); - return true; - } - bool IsEnabled(HashAlgo const &algo) - { - return gcry_md_is_enabled(hd, algo.gcryAlgo); - } - - explicit PrivateHashes() - { - maybeInit(); - gcry_md_open(&hd, 0, 0); - } - - ~PrivateHashes() - { - gcry_md_close(hd); - } -#endif - explicit PrivateHashes(unsigned int const CalcHashes) : PrivateHashes() { for (auto & Algo : Algorithms) |
