help: include unsafe SHA-1 build info in version
In 06c92dafb8 (Makefile: allow specifying a SHA-1 for non-cryptographic
uses, 2024-09-26), support for unsafe SHA-1 is added. Add the unsafe
SHA-1 build info to `git version --build-info` and update corresponding
documentation.
Signed-off-by: Justin Tobler <jltobler@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Justin Tobler
committed by
Junio C Hamano
Junio C Hamano
parent
16fd6c85e4
commit
6cf65440d3
@@ -27,7 +27,9 @@ The libraries used to implement the SHA-1 and SHA-256 algorithms are displayed
|
||||
in the form `SHA-1: <option>` and `SHA-256: <option>`. Note that the SHA-1
|
||||
options `SHA1_APPLE`, `SHA1_OPENSSL`, and `SHA1_BLK` do not use a collision
|
||||
detection algorithm and thus may be vulnerable to known SHA-1 collision
|
||||
attacks.
|
||||
attacks. When a faster SHA-1 implementation without collision detection is used
|
||||
for only non-cryptographic purposes, the algorithm is displayed in the form
|
||||
`non-collision-detecting-SHA-1: <option>`.
|
||||
|
||||
GIT
|
||||
---
|
||||
|
||||
3
hash.h
3
hash.h
@@ -20,12 +20,14 @@
|
||||
#endif
|
||||
|
||||
#if defined(SHA1_APPLE_UNSAFE)
|
||||
# define SHA1_UNSAFE_BACKEND "SHA1_APPLE_UNSAFE"
|
||||
# include <CommonCrypto/CommonDigest.h>
|
||||
# define platform_SHA_CTX_unsafe CC_SHA1_CTX
|
||||
# define platform_SHA1_Init_unsafe CC_SHA1_Init
|
||||
# define platform_SHA1_Update_unsafe CC_SHA1_Update
|
||||
# define platform_SHA1_Final_unsafe CC_SHA1_Final
|
||||
#elif defined(SHA1_OPENSSL_UNSAFE)
|
||||
# define SHA1_UNSAFE_BACKEND "SHA1_OPENSSL_UNSAFE"
|
||||
# include <openssl/sha.h>
|
||||
# if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3
|
||||
# define SHA1_NEEDS_CLONE_HELPER_UNSAFE
|
||||
@@ -42,6 +44,7 @@
|
||||
# define platform_SHA1_Final_unsafe SHA1_Final
|
||||
# endif
|
||||
#elif defined(SHA1_BLK_UNSAFE)
|
||||
# define SHA1_UNSAFE_BACKEND "SHA1_BLK_UNSAFE"
|
||||
# include "block-sha1/sha1.h"
|
||||
# define platform_SHA_CTX_unsafe blk_SHA_CTX
|
||||
# define platform_SHA1_Init_unsafe blk_SHA1_Init
|
||||
|
||||
4
help.c
4
help.c
@@ -805,6 +805,10 @@ void get_version_info(struct strbuf *buf, int show_build_options)
|
||||
strbuf_addf(buf, "zlib: %s\n", ZLIB_VERSION);
|
||||
#endif
|
||||
strbuf_addf(buf, "SHA-1: %s\n", SHA1_BACKEND);
|
||||
#if defined SHA1_UNSAFE_BACKEND
|
||||
strbuf_addf(buf, "non-collision-detecting-SHA-1: %s\n",
|
||||
SHA1_UNSAFE_BACKEND);
|
||||
#endif
|
||||
strbuf_addf(buf, "SHA-256: %s\n", SHA256_BACKEND);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user