- allow building with current headers and libs

[packages/xorg-xserver-server.git] / xorg-xserver-server-builtin-SHA1.patch

This patch is a backport of the following:

From 3fbec7d4db59bbd24a9a768182000a1d004c5bc5 Mon Sep 17 00:00:00 2001
From: Tiago Vignatti <tiago.vignatti@nokia.com>
Date: Wed, 24 Mar 2010 17:27:43 +0200
Subject: [PATCH] Revert "Revert "Render: Use built-in SHA1 library""

This reverts commit a39377cbcbd3091095efbeab25bec18ae520147e.

Conflicts:

	configure.ac
	include/dix-config.h.in
	render/glyph.c


Ok ok ok, it's the revert of a revert! Buhhh... 

Once upon a time, back in 2007, Carl Worth was trying to boost render
(4c6abe1c). He prefered to use a "strong hash" to compare glyphs (19b3b1fd)
and used openssl library for this. Further, for the same purpose, people
started to set other SHA1 implementations in autoconf. And a lot of
alternatives appeared - six, to be precise. In the mean time, John Tapsell
commit a builtin implementation of SHA1. In the same day, Keith Packard
reverted, stating "X.org should not be providing a custom SHA1
implementation." (a39377cb). Now, users ended up with Xorg setting the default
as the openssl's one (libcrypto), which takes 88 kB of xserver's private RSS.
Besides that, we have a ridiculous "configure dot fucking ac stanza to work
out which lib to use is almost as long as sha1.c was", to quote daniels.

My simple argument against Keith's decision is simple: we can save 316 kB of
RSS in a standalone Xorg call. Therefore, I'm in favor to keep our own very
simple and shiny SHA1 implementation.

---
I'm not comfortable yet to send this patch around without see if there's any
regressions on render or eventually get some ack from Carl.


diff -urN xorg-server-1.6.5/configure.ac xorg-server-1.6.5-sha1/configure.ac
--- xorg-server-1.6.5/configure.ac	2010-04-29 12:45:59.279129860 +0200
+++ xorg-server-1.6.5-sha1/configure.ac	2010-04-29 12:41:28.611190310 +0200
@@ -1098,27 +1098,6 @@
 MIEXT_SHADOW_LIB='$(top_builddir)/miext/shadow/libshadow.la'
 CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
 
-# OpenSSL used for SHA1 hashing in render/glyph.c, but we don't need all of
-# the OpenSSL libraries, just libcrypto
-# Some systems have matching functionality in the smaller/simpler libmd
-# Builders who want to force a choice can set SHA1_LIB and SHA1_CFLAGS
-if test "x$SHA1_LIB" = "x" ; then
-  AC_CHECK_LIB([md], [SHA1Init], [SHA1_LIB="-lmd"
-            AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1],
-            [Use libmd SHA1 functions instead of OpenSSL libcrypto])])
-fi
-
-if test "x$SHA1_LIB" = "x" ; then
-  PKG_CHECK_EXISTS([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes],
-                    [HAVE_OPENSSL_PKC=no])
-  if test "x$HAVE_OPENSSL_PKC" = xyes; then
-    REQUIRED_LIBS="$REQUIRED_LIBS openssl"
-  else
-    AC_CHECK_LIB([crypto], [SHA1_Init], [SHA1_LIB="-lcrypto"],
-                 [AC_MSG_ERROR([OpenSSL must be installed in order to build the X server.])])
-  fi
-fi
-
 PKG_CHECK_MODULES([XSERVERCFLAGS], [$REQUIRED_MODULES $REQUIRED_LIBS])
 PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS])
 
@@ -1137,9 +1116,9 @@
 # XSERVER_SYS_LIBS is the set of out-of-tree libraries which all servers
 # require.
 #
-XSERVER_CFLAGS="${XSERVERCFLAGS_CFLAGS} ${SHA1_CFLAGS}"
+XSERVER_CFLAGS="${XSERVERCFLAGS_CFLAGS}"
 XSERVER_LIBS="$DIX_LIB $CONFIG_LIB $MI_LIB $OS_LIB"
-XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS} ${SHA1_LIB}"
+XSERVER_SYS_LIBS="${XSERVERLIBS_LIBS} ${SYS_LIBS} ${LIBS}"
 AC_SUBST([XSERVER_LIBS])
 AC_SUBST([XSERVER_SYS_LIBS])
 
diff -urN xorg-server-1.6.5/include/dix-config.h.in xorg-server-1.6.5-sha1/include/dix-config.h.in
--- xorg-server-1.6.5/include/dix-config.h.in	2009-10-12 04:52:40.000000000 +0200
+++ xorg-server-1.6.5-sha1/include/dix-config.h.in	2010-04-29 12:43:23.344249866 +0200
@@ -154,9 +154,6 @@
 /* Define to 1 if you have the <rpcsvc/dbm.h> header file. */
 #undef HAVE_RPCSVC_DBM_H
 
-/* Define to use libmd SHA1 functions instead of OpenSSL libcrypto */
-#undef HAVE_SHA1_IN_LIBMD
-
 /* Define to 1 if you have the `shmctl64' function. */
 #undef HAVE_SHMCTL64
 
diff -urN xorg-server-1.6.5/render/glyph.c xorg-server-1.6.5-sha1/render/glyph.c
--- xorg-server-1.6.5/render/glyph.c	2009-10-12 04:52:40.000000000 +0200
+++ xorg-server-1.6.5-sha1/render/glyph.c	2010-04-29 12:45:06.342124084 +0200
@@ -26,13 +26,7 @@
 #include <dix-config.h>
 #endif
 
-#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
-# include <sha1.h>
-#else /* Use OpenSSL's libcrypto */
-# include <stddef.h>  /* buggy openssl/sha.h wants size_t */
-# include <openssl/sha.h>
-#endif
-
+#include "sha1.h"
 #include "misc.h"
 #include "scrnintstr.h"
 #include "os.h"
@@ -198,33 +192,12 @@
 	   unsigned long size,
 	   unsigned char sha1[20])
 {
-#ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
     SHA1_CTX ctx;
 
     SHA1Init (&ctx);
     SHA1Update (&ctx, gi, sizeof (xGlyphInfo));
     SHA1Update (&ctx, bits, size);
     SHA1Final (sha1, &ctx);
-#else /* Use OpenSSL's libcrypto */
-    SHA_CTX ctx;
-    int success;
-
-    success = SHA1_Init (&ctx);
-    if (! success)
-	return BadAlloc;
-
-    success = SHA1_Update (&ctx, gi, sizeof (xGlyphInfo));
-    if (! success)
-	return BadAlloc;
-
-    success = SHA1_Update (&ctx, bits, size);
-    if (! success)
-	return BadAlloc;
-
-    success = SHA1_Final (sha1, &ctx);
-    if (! success)
-	return BadAlloc;
-#endif
 
     return Success;
 }
diff -urN xorg-server-1.6.5/render/Makefile.am xorg-server-1.6.5-sha1/render/Makefile.am
--- xorg-server-1.6.5/render/Makefile.am	2008-11-24 22:24:35.000000000 +0100
+++ xorg-server-1.6.5-sha1/render/Makefile.am	2010-04-29 12:39:49.187124726 +0200
@@ -14,8 +14,11 @@
 	mitri.c		\
 	picture.c	\
 	render.c	\
+	sha1.c		\
 	renderedge.c
 
 if XORG
 sdk_HEADERS = picture.h mipict.h glyphstr.h picturestr.h renderedge.h
 endif
+
+EXTRA_DIST = sha1.h
diff -urN xorg-server-1.6.5/render/sha1.c xorg-server-1.6.5-sha1/render/sha1.c
--- xorg-server-1.6.5/render/sha1.c	1970-01-01 01:00:00.000000000 +0100
+++ xorg-server-1.6.5-sha1/render/sha1.c	2010-04-29 12:39:49.191124529 +0200
@@ -0,0 +1,173 @@
+/*
+ * SHA-1 in C
+ * By Steve Reid <steve@edmweb.com>
+ * 100% Public Domain
+ *
+ * Test Vectors (from FIPS PUB 180-1)
+ * "abc"
+ *   A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ *   84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+ * A million repetitions of "a"
+ *   34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
+ */
+
+#include <sys/param.h>
+#include <string.h>
+#include <sha1.h>
+
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+
+/*
+ * blk0() and blk() perform the initial expand.
+ * I got the idea of expanding during the round function from SSLeay
+ */
+#if BYTE_ORDER == LITTLE_ENDIAN
+# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
+    |(rol(block->l[i],8)&0x00FF00FF))
+#else
+# define blk0(i) block->l[i]
+#endif
+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
+    ^block->l[(i+2)&15]^block->l[i&15],1))
+
+/*
+ * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
+ */
+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
+
+/*
+ * Hash a single 512-bit block. This is the core of the algorithm.
+ */
+void
+SHA1Transform(uint32_t state[5], const uint8_t buffer[SHA1_BLOCK_LENGTH])
+{
+	uint32_t a, b, c, d, e;
+	uint8_t workspace[SHA1_BLOCK_LENGTH];
+	typedef union {
+		uint8_t c[64];
+		uint32_t l[16];
+	} CHAR64LONG16;
+	CHAR64LONG16 *block = (CHAR64LONG16 *)workspace;
+
+	(void)memcpy(block, buffer, SHA1_BLOCK_LENGTH);
+
+	/* Copy context->state[] to working vars */
+	a = state[0];
+	b = state[1];
+	c = state[2];
+	d = state[3];
+	e = state[4];
+
+	/* 4 rounds of 20 operations each. Loop unrolled. */
+	R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+	R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+	R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+	R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+	R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+	R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+	R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+	R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+	R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+	R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+	R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+	R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+	R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+	R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+	R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+	R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+	R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+	R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+	R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+	R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+
+	/* Add the working vars back into context.state[] */
+	state[0] += a;
+	state[1] += b;
+	state[2] += c;
+	state[3] += d;
+	state[4] += e;
+
+	/* Wipe variables */
+	a = b = c = d = e = 0;
+}
+
+
+/*
+ * SHA1Init - Initialize new context
+ */
+void
+SHA1Init(SHA1_CTX *context)
+{
+
+	/* SHA1 initialization constants */
+	context->count = 0;
+	context->state[0] = 0x67452301;
+	context->state[1] = 0xEFCDAB89;
+	context->state[2] = 0x98BADCFE;
+	context->state[3] = 0x10325476;
+	context->state[4] = 0xC3D2E1F0;
+}
+
+
+/*
+ * Run your data through this.
+ */
+void
+SHA1Update(SHA1_CTX *context, const uint8_t *data, size_t len)
+{
+	size_t i, j;
+
+	j = (size_t)((context->count >> 3) & 63);
+	context->count += (len << 3);
+	if ((j + len) > 63) {
+		(void)memcpy(&context->buffer[j], data, (i = 64-j));
+		SHA1Transform(context->state, context->buffer);
+		for ( ; i + 63 < len; i += 64)
+			SHA1Transform(context->state, (uint8_t *)&data[i]);
+		j = 0;
+	} else {
+		i = 0;
+	}
+	(void)memcpy(&context->buffer[j], &data[i], len - i);
+}
+
+
+/*
+ * Add padding and return the message digest.
+ */
+void
+SHA1Pad(SHA1_CTX *context)
+{
+	uint8_t finalcount[8];
+	uint i;
+
+	for (i = 0; i < 8; i++) {
+		finalcount[i] = (uint8_t)((context->count >>
+		    ((7 - (i & 7)) * 8)) & 255);	/* Endian independent */
+	}
+	SHA1Update(context, (uint8_t *)"\200", 1);
+	while ((context->count & 504) != 448)
+		SHA1Update(context, (uint8_t *)"\0", 1);
+	SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
+}
+
+void
+SHA1Final(uint8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
+{
+	uint i;
+
+	SHA1Pad(context);
+	if (digest) {
+		for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
+			digest[i] = (uint8_t)
+			   ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+		}
+		memset(context, 0, sizeof(*context));
+	}
+}
+
diff -urN xorg-server-1.6.5/render/sha1.h xorg-server-1.6.5-sha1/render/sha1.h
--- xorg-server-1.6.5/render/sha1.h	1970-01-01 01:00:00.000000000 +0100
+++ xorg-server-1.6.5-sha1/render/sha1.h	2010-04-29 12:39:49.195125150 +0200
@@ -0,0 +1,63 @@
+/*
+ * SHA-1 in C
+ * By Steve Reid <steve@edmweb.com>
+ * 100% Public Domain
+ */
+
+#ifndef _SHA1_H
+#define _SHA1_H
+
+#include <stdint.h>
+#include <stddef.h>
+#include <unistd.h>
+
+
+#define	SHA1_BLOCK_LENGTH		64
+#define	SHA1_DIGEST_LENGTH		20
+#define	SHA1_DIGEST_STRING_LENGTH	(SHA1_DIGEST_LENGTH * 2 + 1)
+
+typedef struct {
+    uint32_t state[5];
+    uint64_t count;
+    uint8_t buffer[SHA1_BLOCK_LENGTH];
+} SHA1_CTX;
+
+#include <sys/cdefs.h>
+
+__BEGIN_DECLS
+void SHA1Init(SHA1_CTX *);
+void SHA1Pad(SHA1_CTX *);
+void SHA1Transform(uint32_t [5], const uint8_t [SHA1_BLOCK_LENGTH])
+	__attribute__((__bounded__(__minbytes__,1,5)))
+	__attribute__((__bounded__(__minbytes__,2,SHA1_BLOCK_LENGTH)));
+void SHA1Update(SHA1_CTX *, const uint8_t *, size_t)
+	__attribute__((__bounded__(__string__,2,3)));
+void SHA1Final(uint8_t [SHA1_DIGEST_LENGTH], SHA1_CTX *)
+	__attribute__((__bounded__(__minbytes__,1,SHA1_DIGEST_LENGTH)));
+char *SHA1End(SHA1_CTX *, char *)
+	__attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
+char *SHA1File(const char *, char *)
+	__attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
+char *SHA1FileChunk(const char *, char *, off_t, off_t)
+	__attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
+char *SHA1Data(const uint8_t *, size_t, char *)
+	__attribute__((__bounded__(__string__,1,2)))
+	__attribute__((__bounded__(__minbytes__,3,SHA1_DIGEST_STRING_LENGTH)));
+__END_DECLS
+
+#define HTONDIGEST(x) do {                                              \
+        x[0] = htonl(x[0]);                                             \
+        x[1] = htonl(x[1]);                                             \
+        x[2] = htonl(x[2]);                                             \
+        x[3] = htonl(x[3]);                                             \
+        x[4] = htonl(x[4]); } while (0)
+
+#define NTOHDIGEST(x) do {                                              \
+        x[0] = ntohl(x[0]);                                             \
+        x[1] = ntohl(x[1]);                                             \
+        x[2] = ntohl(x[2]);                                             \
+        x[3] = ntohl(x[3]);                                             \
+        x[4] = ntohl(x[4]); } while (0)
+
+#endif /* _SHA1_H */
+