upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

detection of sha256 and sha512 by testing if functionality was compiled

Browse source 
into openssl.


git-svn-id: file:///svn/unbound/trunk@1328 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2008-11-03 16:06:12 +00:00
parent 8a32f9003b
commit 0d01be50bc
8 changed files with 124 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
config.h.in
View file

@ -39,6 +39,15 @@
/* Define to 1 if you have the <event.h> header file. */ /* Define to 1 if you have the <event.h> header file. */
#undef HAVE_EVENT_H #undef HAVE_EVENT_H
/* Define to 1 if you have the `EVP_sha1' function. */
#undef HAVE_EVP_SHA1
/* Define to 1 if you have the `EVP_sha256' function. */
#undef HAVE_EVP_SHA256
/* Define to 1 if you have the `EVP_sha512' function. */
#undef HAVE_EVP_SHA512
/* Define to 1 if you have the `fcntl' function. */ /* Define to 1 if you have the `fcntl' function. */
#undef HAVE_FCNTL #undef HAVE_FCNTL

96
configure vendored
View file

@ -21259,6 +21259,102 @@ fi
done done
for ac_func in EVP_sha1 EVP_sha256 EVP_sha512
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
{ echo "$as_me:$LINENO: checking for $ac_func" >&5
echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
For example, HP-UX 11i <limits.h> declares gettimeofday. */
#define $ac_func innocuous_$ac_func
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func (); below.
Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
<limits.h> exists even on freestanding compilers. */
#ifdef __STDC__
# include <limits.h>
#else
# include <assert.h>
#endif
#undef $ac_func
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
#if defined __stub_$ac_func || defined __stub___$ac_func
choke me
#endif
int
main ()
{
return $ac_func ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (ac_try="$ac_link"
case "(($ac_try" in
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
*) ac_try_echo=$ac_try;;
esac
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
(eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && {
test -z "$ac_c_werror_flag" ||
test ! -s conftest.err
} && test -s conftest$ac_exeext &&
$as_test_x conftest$ac_exeext; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
eval "$as_ac_var=no"
fi
rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
ac_res=`eval echo '${'$as_ac_var'}'`
{ echo "$as_me:$LINENO: result: $ac_res" >&5
echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
# check if libssl needs libdl # check if libssl needs libdl
BAKLIBS="$LIBS" BAKLIBS="$LIBS"
LIBS="-lssl $LIBS" LIBS="-lssl $LIBS"

1
configure.ac
View file

@ -554,6 +554,7 @@ AC_ARG_WITH(ssl, AC_HELP_STRING([--with-ssl=pathname],
AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_FUNCS([EVP_sha1 EVP_sha256 EVP_sha512])
# check if libssl needs libdl # check if libssl needs libdl
BAKLIBS="$LIBS" BAKLIBS="$LIBS"

1
doc/Changelog
View file

@ -6,6 +6,7 @@
- changed to use new algorithm identifiers for sha256/sha512 - changed to use new algorithm identifiers for sha256/sha512
from ldns 1.4.0 (need very latest version). from ldns 1.4.0 (need very latest version).
- updated the included ldns tarball. - updated the included ldns tarball.
- proper detection of SHA256 and SHA512 functions (not just sizes).
23 October 2008: Wouter 23 October 2008: Wouter
- a little more debug info for failure on signer names. prints names. - a little more debug info for failure on signer names. prints names.

2
testcode/testbound.c
View file

@ -227,7 +227,7 @@ main(int argc, char* argv[])
while( (c=getopt(argc, argv, "2ho:p:")) != -1) { while( (c=getopt(argc, argv, "2ho:p:")) != -1) {
switch(c) { switch(c) {
case '2': case '2':
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
printf("SHA256 supported\n"); printf("SHA256 supported\n");
exit(0); exit(0);
#else #else

4
testcode/unitverify.c
View file

@ -471,11 +471,11 @@ verify_test()
verifytest_file("testdata/test_signatures.6", "20080416005004"); verifytest_file("testdata/test_signatures.6", "20080416005004");
verifytest_file("testdata/test_signatures.7", "20070829144150"); verifytest_file("testdata/test_signatures.7", "20070829144150");
verifytest_file("testdata/test_signatures.8", "20070829144150"); verifytest_file("testdata/test_signatures.8", "20070829144150");
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
verifytest_file("testdata/test_signatures.9", "20070829144150"); verifytest_file("testdata/test_signatures.9", "20070829144150");
verifytest_file("testdata/test_signatures.11", "20070829144150"); verifytest_file("testdata/test_signatures.11", "20070829144150");
#endif #endif
#ifdef SHA512_DIGEST_LENGTH #ifdef HAVE_EVP_SHA512
verifytest_file("testdata/test_signatures.10", "20070829144150"); verifytest_file("testdata/test_signatures.10", "20070829144150");
#endif #endif
dstest_file("testdata/test_ds_sig.1"); dstest_file("testdata/test_ds_sig.1");

8
validator/val_nsec3.c
View file

@ -535,7 +535,7 @@ nsec3_get_hashed(ldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
ldns_buffer_write(buf, salt, saltlen); ldns_buffer_write(buf, salt, saltlen);
ldns_buffer_flip(buf); ldns_buffer_flip(buf);
switch(algo) { switch(algo) {
#ifdef SHA_DIGEST_LENGTH #ifdef HAVE_EVP_SHA1
case NSEC3_HASH_SHA1: case NSEC3_HASH_SHA1:
hash_len = SHA_DIGEST_LENGTH; hash_len = SHA_DIGEST_LENGTH;
if(hash_len > max) if(hash_len > max)
@ -554,7 +554,7 @@ nsec3_get_hashed(ldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
(unsigned char*)res); (unsigned char*)res);
} }
break; break;
#endif /* SHA_DIGEST_LENGTH */ #endif /* HAVE_EVP_SHA1 */
default: default:
log_err("nsec3 hash of unknown algo %d", algo); log_err("nsec3 hash of unknown algo %d", algo);
return 0; return 0;
@ -580,7 +580,7 @@ nsec3_calc_hash(struct regional* region, ldns_buffer* buf,
ldns_buffer_write(buf, salt, saltlen); ldns_buffer_write(buf, salt, saltlen);
ldns_buffer_flip(buf); ldns_buffer_flip(buf);
switch(algo) { switch(algo) {
#ifdef SHA_DIGEST_LENGTH #ifdef HAVE_EVP_SHA1
case NSEC3_HASH_SHA1: case NSEC3_HASH_SHA1:
c->hash_len = SHA_DIGEST_LENGTH; c->hash_len = SHA_DIGEST_LENGTH;
c->hash = (uint8_t*)regional_alloc(region, c->hash = (uint8_t*)regional_alloc(region,
@ -601,7 +601,7 @@ nsec3_calc_hash(struct regional* region, ldns_buffer* buf,
(unsigned char*)c->hash); (unsigned char*)c->hash);
} }
break; break;
#endif /* SHA_DIGEST_LENGTH */ #endif /* HAVE_EVP_SHA1 */
default: default:
log_err("nsec3 hash of unknown algo %d", algo); log_err("nsec3 hash of unknown algo %d", algo);
return -1; return -1;

20
validator/val_sigcrypt.c
View file

@ -248,11 +248,11 @@ static size_t
ds_digest_size_algo(struct ub_packed_rrset_key* k, size_t idx) ds_digest_size_algo(struct ub_packed_rrset_key* k, size_t idx)
{ {
switch(ds_get_digest_algo(k, idx)) { switch(ds_get_digest_algo(k, idx)) {
#ifdef SHA_DIGEST_LENGTH #ifdef HAVE_EVP_SHA1
case LDNS_SHA1: case LDNS_SHA1:
return SHA_DIGEST_LENGTH; return SHA_DIGEST_LENGTH;
#endif #endif
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
case LDNS_SHA256: case LDNS_SHA256:
return SHA256_DIGEST_LENGTH; return SHA256_DIGEST_LENGTH;
#endif #endif
@ -294,13 +294,13 @@ ds_create_dnskey_digest(struct module_env* env,
ldns_buffer_flip(b); ldns_buffer_flip(b);
switch(ds_get_digest_algo(ds_rrset, ds_idx)) { switch(ds_get_digest_algo(ds_rrset, ds_idx)) {
#ifdef SHA_DIGEST_LENGTH #ifdef HAVE_EVP_SHA1
case LDNS_SHA1: case LDNS_SHA1:
(void)SHA1((unsigned char*)ldns_buffer_begin(b), (void)SHA1((unsigned char*)ldns_buffer_begin(b),
ldns_buffer_limit(b), (unsigned char*)digest); ldns_buffer_limit(b), (unsigned char*)digest);
return 1; return 1;
#endif #endif
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
case LDNS_SHA256: case LDNS_SHA256:
(void)SHA256((unsigned char*)ldns_buffer_begin(b), (void)SHA256((unsigned char*)ldns_buffer_begin(b),
ldns_buffer_limit(b), (unsigned char*)digest); ldns_buffer_limit(b), (unsigned char*)digest);
@ -370,11 +370,11 @@ dnskey_algo_id_is_supported(int id)
case LDNS_RSASHA1: case LDNS_RSASHA1:
case LDNS_RSASHA1_NSEC3: case LDNS_RSASHA1_NSEC3:
case LDNS_RSAMD5: case LDNS_RSAMD5:
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
case LDNS_RSASHA256: case LDNS_RSASHA256:
case LDNS_RSASHA256_NSEC3: case LDNS_RSASHA256_NSEC3:
#endif #endif
#ifdef SHA512_DIGEST_LENGTH #ifdef HAVE_EVP_SHA512
case LDNS_RSASHA512: case LDNS_RSASHA512:
case LDNS_RSASHA512_NSEC3: case LDNS_RSASHA512_NSEC3:
#endif #endif
@ -1302,11 +1302,11 @@ setup_key_digest(int algo, EVP_PKEY* evp_key, const EVP_MD** digest_type,
break; break;
case LDNS_RSASHA1: case LDNS_RSASHA1:
case LDNS_RSASHA1_NSEC3: case LDNS_RSASHA1_NSEC3:
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
case LDNS_RSASHA256: case LDNS_RSASHA256:
case LDNS_RSASHA256_NSEC3: case LDNS_RSASHA256_NSEC3:
#endif #endif
#ifdef SHA512_DIGEST_LENGTH #ifdef HAVE_EVP_SHA512
case LDNS_RSASHA512: case LDNS_RSASHA512:
case LDNS_RSASHA512_NSEC3: case LDNS_RSASHA512_NSEC3:
#endif #endif
@ -1323,13 +1323,13 @@ setup_key_digest(int algo, EVP_PKEY* evp_key, const EVP_MD** digest_type,
} }
/* select SHA version */ /* select SHA version */
#ifdef SHA256_DIGEST_LENGTH #ifdef HAVE_EVP_SHA256
if(algo == LDNS_RSASHA256 || if(algo == LDNS_RSASHA256 ||
algo == LDNS_RSASHA256_NSEC3) algo == LDNS_RSASHA256_NSEC3)
*digest_type = EVP_sha256(); *digest_type = EVP_sha256();
else else
#endif #endif
#ifdef SHA512_DIGEST_LENGTH #ifdef HAVE_EVP_SHA512
if(algo == LDNS_RSASHA512 || if(algo == LDNS_RSASHA512 ||
algo == LDNS_RSASHA512_NSEC3) algo == LDNS_RSASHA512_NSEC3)
*digest_type = EVP_sha512(); *digest_type = EVP_sha512();