Merge branch 'ps/meson-weak-sha1-build'
meson-based build now supports the unsafe-sha1 build knob. * ps/meson-weak-sha1-build: meson: provide a summary of configured backends meson: wire up unsafe SHA1 backend meson: add missing dots for build options meson: simplify conditions for HTTPS and SHA1 dependencies meson: require SecurityFramework when it's used as SHA1 backend meson: deduplicate access to SHA1/SHA256 backend options meson: consistenlty spell 'CommonCrypto'maint
Junio C Hamano
commit
3902b083e7
51
meson.build
51
meson.build
|
|
@ -1326,14 +1326,17 @@ if not meson.is_cross_build() and fs.exists('/dev/tty')
|
|||
endif
|
||||
|
||||
https_backend = get_option('https_backend')
|
||||
sha1_backend = get_option('sha1_backend')
|
||||
sha1_unsafe_backend = get_option('sha1_unsafe_backend')
|
||||
sha256_backend = get_option('sha256_backend')
|
||||
|
||||
security_framework = dependency('Security', required: https_backend == 'CommonCrypto')
|
||||
security_framework = dependency('Security', required: 'CommonCrypto' in [https_backend, sha1_backend, sha1_unsafe_backend])
|
||||
core_foundation_framework = dependency('CoreFoundation', required: security_framework.found())
|
||||
if https_backend == 'auto' and security_framework.found()
|
||||
https_backend = 'CommonCrypto'
|
||||
endif
|
||||
|
||||
openssl_required = https_backend == 'openssl' or get_option('sha1_backend') == 'openssl' or get_option('sha256_backend') == 'openssl'
|
||||
openssl_required = 'openssl' in [https_backend, sha1_backend, sha1_unsafe_backend, sha256_backend]
|
||||
openssl = dependency('openssl', required: openssl_required, default_options: ['default_library=static'])
|
||||
if https_backend == 'auto' and openssl.found()
|
||||
https_backend = 'openssl'
|
||||
|
|
@ -1354,7 +1357,6 @@ if https_backend != 'openssl'
|
|||
libgit_c_args += '-DNO_OPENSSL'
|
||||
endif
|
||||
|
||||
sha1_backend = get_option('sha1_backend')
|
||||
if sha1_backend == 'sha1dc'
|
||||
libgit_c_args += '-DSHA1_DC'
|
||||
libgit_c_args += '-DSHA1DC_NO_STANDARD_INCLUDES=1'
|
||||
|
|
@ -1367,22 +1369,40 @@ if sha1_backend == 'sha1dc'
|
|||
'sha1dc/sha1.c',
|
||||
'sha1dc/ubc_check.c',
|
||||
]
|
||||
elif sha1_backend == 'common-crypto'
|
||||
endif
|
||||
if sha1_backend == 'CommonCrypto' or sha1_unsafe_backend == 'CommonCrypto'
|
||||
if sha1_backend == 'CommonCrypto'
|
||||
libgit_c_args += '-DSHA1_APPLE'
|
||||
endif
|
||||
if sha1_unsafe_backend == 'CommonCrypto'
|
||||
libgit_c_args += '-DSHA1_APPLE_UNSAFE'
|
||||
endif
|
||||
|
||||
libgit_c_args += '-DCOMMON_DIGEST_FOR_OPENSSL'
|
||||
libgit_c_args += '-DSHA1_APPLE'
|
||||
# Apple CommonCrypto requires chunking
|
||||
libgit_c_args += '-DSHA1_MAX_BLOCK_SIZE=1024L*1024L*1024L'
|
||||
elif sha1_backend == 'openssl'
|
||||
libgit_c_args += '-DSHA1_OPENSSL'
|
||||
endif
|
||||
if sha1_backend == 'openssl' or sha1_unsafe_backend == 'openssl'
|
||||
if sha1_backend == 'openssl'
|
||||
libgit_c_args += '-DSHA1_OPENSSL'
|
||||
endif
|
||||
if sha1_unsafe_backend == 'openssl'
|
||||
libgit_c_args += '-DSHA1_OPENSSL_UNSAFE'
|
||||
endif
|
||||
|
||||
libgit_dependencies += openssl
|
||||
elif sha1_backend == 'block'
|
||||
libgit_c_args += '-DSHA1_BLK'
|
||||
endif
|
||||
if sha1_backend == 'block' or sha1_unsafe_backend == 'block'
|
||||
if sha1_backend == 'block'
|
||||
libgit_c_args += '-DSHA1_BLK'
|
||||
endif
|
||||
if sha1_unsafe_backend == 'block'
|
||||
libgit_c_args += '-DSHA1_BLK_UNSAFE'
|
||||
endif
|
||||
|
||||
libgit_sources += 'block-sha1/sha1.c'
|
||||
else
|
||||
error('Unhandled SHA1 backend ' + sha1_backend)
|
||||
endif
|
||||
|
||||
sha256_backend = get_option('sha256_backend')
|
||||
if sha256_backend == 'openssl'
|
||||
libgit_c_args += '-DSHA256_OPENSSL'
|
||||
libgit_dependencies += openssl
|
||||
|
|
@ -1923,3 +1943,10 @@ summary({
|
|||
'perl': perl_features_enabled,
|
||||
'python': python.found(),
|
||||
}, section: 'Auto-detected features')
|
||||
|
||||
summary({
|
||||
'https': https_backend,
|
||||
'sha1': sha1_backend,
|
||||
'sha1_unsafe': sha1_unsafe_backend,
|
||||
'sha256': sha256_backend,
|
||||
}, section: 'Backends')
|
||||
|
|
|
|||
|
|
@ -49,10 +49,12 @@ option('regex', type: 'feature', value: 'auto',
|
|||
# Backends.
|
||||
option('https_backend', type: 'combo', value: 'auto', choices: ['auto', 'openssl', 'CommonCrypto', 'none'],
|
||||
description: 'The HTTPS backend to use when connecting to remotes.')
|
||||
option('sha1_backend', type: 'combo', choices: ['openssl', 'block', 'sha1dc', 'common-crypto'], value: 'sha1dc',
|
||||
description: 'The backend used for hashing objects with the SHA1 object format')
|
||||
option('sha1_backend', type: 'combo', choices: ['openssl', 'block', 'sha1dc', 'CommonCrypto'], value: 'sha1dc',
|
||||
description: 'The backend used for hashing objects with the SHA1 object format.')
|
||||
option('sha1_unsafe_backend', type: 'combo', choices: ['openssl', 'block', 'CommonCrypto', 'none'], value: 'none',
|
||||
description: 'The backend used for hashing data with the SHA1 object format in case no cryptographic security is needed.')
|
||||
option('sha256_backend', type: 'combo', choices: ['openssl', 'nettle', 'gcrypt', 'block'], value: 'block',
|
||||
description: 'The backend used for hashing objects with the SHA256 object format')
|
||||
description: 'The backend used for hashing objects with the SHA256 object format.')
|
||||
|
||||
# Build tweaks.
|
||||
option('macos_use_homebrew_gettext', type: 'boolean', value: true,
|
||||
|
|
|
|||
Loading…
Reference in New Issue