diff options
| author | CoprDistGit <infra@openeuler.org> | 2024-08-02 07:10:58 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2024-08-02 07:10:58 +0000 |
| commit | 4e17ce57fa4b190b82a065fc8aa6fa6143651ecd (patch) | |
| tree | 513a6d740ae342f31f6b89b089b736bf6c2ba6a4 /0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch | |
| parent | 55e88a20b37ca9b6f9738a9f423b19beed17e9bb (diff) | |
automatic import of gnome-remote-desktopopeneuler24.03_LTSopeneuler23.09
Diffstat (limited to '0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch')
| -rw-r--r-- | 0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch b/0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch new file mode 100644 index 0000000..fddcb8b --- /dev/null +++ b/0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch @@ -0,0 +1,92 @@ +From fdc71dd25c8505b3580e70afd4b4213cad8f8ebb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com> +Date: Mon, 25 Oct 2021 16:14:26 +0200 +Subject: [PATCH] crypto: Don't compile SHA1 support when Websockets are + disabled + +SHA1 is not ideal, security wise. Let's make sure we don't even have it +compiled when nothing depends on it, e.g. Websockets. +--- + common/crypto.h | 2 ++ + common/crypto_included.c | 2 ++ + common/crypto_libgcrypt.c | 2 ++ + common/crypto_openssl.c | 2 ++ + 4 files changed, 8 insertions(+) + +diff --git a/common/crypto.h b/common/crypto.h +index 04be9304..c1f32194 100644 +--- a/common/crypto.h ++++ b/common/crypto.h +@@ -11,7 +11,9 @@ + int hash_md5(void *out, const void *in, const size_t in_len); + + /* Generates an SHA1 hash of 'in' and writes it to 'out', which must be 20 bytes in size. */ ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len); ++#endif + + /* Fill 'out' with 'len' random bytes. */ + void random_bytes(void *out, size_t len); +diff --git a/common/crypto_included.c b/common/crypto_included.c +index b359336f..cf8d43c2 100644 +--- a/common/crypto_included.c ++++ b/common/crypto_included.c +@@ -33,6 +33,7 @@ int hash_md5(void *out, const void *in, const size_t in_len) + return 0; + } + ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len) + { + SHA1Context sha1; +@@ -45,6 +46,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len) + + return 1; + } ++#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */ + + void random_bytes(void *out, size_t len) + { +diff --git a/common/crypto_libgcrypt.c b/common/crypto_libgcrypt.c +index 34d845b4..f62bdaf8 100644 +--- a/common/crypto_libgcrypt.c ++++ b/common/crypto_libgcrypt.c +@@ -74,6 +74,7 @@ int hash_md5(void *out, const void *in, const size_t in_len) + return result; + } + ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len) + { + int result = 0; +@@ -98,6 +99,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len) + gcry_md_close(sha1); + return result; + } ++#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */ + + void random_bytes(void *out, size_t len) + { +diff --git a/common/crypto_openssl.c b/common/crypto_openssl.c +index 60d4bd4d..9816eb04 100644 +--- a/common/crypto_openssl.c ++++ b/common/crypto_openssl.c +@@ -49,6 +49,7 @@ int hash_md5(void *out, const void *in, const size_t in_len) + return 1; + } + ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len) + { + SHA_CTX sha1; +@@ -60,6 +61,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len) + return 0; + return 1; + } ++#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */ + + void random_bytes(void *out, size_t len) + { +-- +2.31.1 + |