Allow using libmd instead of libcrypto for SHA1 hashing in render/glyph.c

Builders can force one or the other by passing SHA1_LIB & SHA1_CFLAGS
to configure

3 files changed, 34 insertions, 8 deletions

diff --git a/configure.ac b/configure.ac
index 9b7753492..beef3a21e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1137,15 +1137,25 @@ PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS])
 
 # OpenSSL used for SHA1 hashing in render/glyph.c, but we don't need all of
 # the OpenSSL libraries, just libcrypto
-PKG_CHECK_EXISTS([openssl],
- [PKG_CHECK_MODULES([OPENSSL], [openssl],
+# Some systems have matching functionality in the smaller/simpler libmd
+# Builders who want to force a choice can set SHA1_LIB and SHA1_CFLAGS
+if test "x$SHA1_LIB" = "x" ; then
+ AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIB="-lmd"
+	AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1],
+	   [Define to use libmd SHA1 functions instead of OpenSSL libcrypto])])
+fi
+if test "x$SHA1_LIB" = "x" ; then
+ PKG_CHECK_EXISTS([openssl],
+  [PKG_CHECK_MODULES([OPENSSL], [openssl],
    [OPENSSL_LIB_FLAGS=`$PKG_CONFIG --libs-only-L --libs-only-other openssl`])])
-LIBCRYPTO="$OPENSSL_LIB_FLAGS -lcrypto"
+ SHA1_LIB="$OPENSSL_LIB_FLAGS -lcrypto"
+ SHA1_CFLAGS="$OPENSSL_CFLAGS"
+fi
 
 # Autotools has some unfortunate issues with library handling.  In order to
 # get a server to rebuild when a dependency in the tree is changed, it must
 # be listed in SERVERNAME_DEPENDENCIES.  However, no system libraries may be
-# listed there, or some versions of autotols will break (especially if a -L
+# listed there, or some versions of autotools will break (especially if a -L
 # is required to find the library).  So, we keep two sets of libraries
 # detected: NAMESPACE_LIBS for in-tree libraries to be linked against, which
 # will go into the _DEPENDENCIES and _LDADD of the server, and
@@ -1157,9 +1167,9 @@ LIBCRYPTO="$OPENSSL_LIB_FLAGS -lcrypto"
 # XSERVER_SYS_LIBS is the set of out-of-tree libraries which all servers
 # require.
 #
-XSERVER_CFLAGS="${XSERVERCFLAGS_CFLAGS} ${OPENSSL_CFLAGS}"
+XSERVER_CFLAGS="${XSERVERCFLAGS_CFLAGS} ${SHA1_CFLAGS}"
 XSERVER_LIBS="$DIX_LIB $CONFIG_LIB $MI_LIB $OS_LIB"
-XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS} ${LIBCRYPTO}"
+XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS} ${SHA1_LIB}"
 AC_SUBST([XSERVER_LIBS])
 AC_SUBST([XSERVER_SYS_LIBS])
 
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index fc1caa31a..387f65aa1 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -193,6 +193,9 @@
 /* Define to 1 if you have the <rpcsvc/dbm.h> header file. */
 #undef HAVE_RPCSVC_DBM_H
 
+/* Define to use libmd SHA1 functions instead of OpenSSL libcrypto */
+#undef HAVE_SHA1_IN_LIBMD
+
 /* Define to 1 if you have the `shmctl64' function. */
 #undef HAVE_SHMCTL64
 
diff --git a/render/glyph.c b/render/glyph.c
index 286e39d63..de0197083 100644
--- a/render/glyph.c
+++ b/render/glyph.c
@@ -26,8 +26,12 @@
 #include <dix-config.h>
 #endif
 
-#include <stddef.h>  /* buggy openssl/sha.h wants size_t */
-#include <openssl/sha.h>
+#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
+# include <sha1.h>
+#else /* Use OpenSSL's libcrypto */
+# include <stddef.h>  /* buggy openssl/sha.h wants size_t */
+# include <openssl/sha.h>
+#endif
 
 #include "misc.h"
 #include "scrnintstr.h"
@@ -202,6 +206,14 @@ HashGlyph (xGlyphInfo    *gi,
 	   unsigned long size,
 	   unsigned char sha1[20])
 {
+#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
+    SHA1_CTX ctx;
+
+    SHA1Init (&ctx);
+    SHA1Update (&ctx, gi, sizeof (xGlyphInfo));
+    SHA1Update (&ctx, bits, size);
+    SHA1Final (sha1, &ctx);
+#else /* Use OpenSSL's libcrypto */
     SHA_CTX ctx;
     int success;
 
@@ -220,6 +232,7 @@ HashGlyph (xGlyphInfo    *gi,
     success = SHA1_Final (sha1, &ctx);
     if (! success)
 	return BadAlloc;
+#endif
 
     return Success;
 }