From: Mayank Prasad Date: May 21 2012 12:43pm Subject: bzr push into mysql-trunk branch (mayank.prasad:3897 to 3898) Bug#13784804 List-Archive: http://lists.mysql.com/commits/143873 X-Bug: 13784804 Message-Id: <201205211243.q4LChMH5005409@acsmt357.oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit 3898 Mayank Prasad 2012-05-21 BUG#13784804 : REMOVE THE LEGACY SHA1 AND MD5 CODE FROM THE SERVER Details: - Removing MySQL implementation of MD5 and SHA1. - Removed -DWITH_SSL=no compile option for SSL. NOTE: As per include/my_global.h, HAVE_OPENSSL is undefined in embedded library: #ifdef EMBEDDED_LIBRARY /* Things we don't need in the embedded version of MySQL */ /* TODO HF add #undef HAVE_VIO if we don't want client in embedded library */ #undef HAVE_OPENSSL #undef HAVE_SMEM /* No shared memory */ #endif /* EMBEDDED_LIBRARY */ If embedded library is built with -DWITH_SSL=system option, earlier (before this bug) it was suppose to go into MySQL implementation of SSL but now this has been removed, so it wouldn't have SSL support. removed: mysys/md5.c mysys/sha1.c modified: CMakeLists.txt cmake/ssl.cmake include/my_md5.h include/sha1.h mysql-test/t/disabled.def mysys/CMakeLists.txt sql/md5.cc sql/sha1.cc 3897 Annamalai Gurusami 2012-05-21 [merge] Merge from mysql-5.5 to mysql-trunk. modified: sql/handler.cc === modified file 'CMakeLists.txt' --- a/CMakeLists.txt 2012-05-09 07:13:25 +0000 +++ b/CMakeLists.txt 2012-05-21 12:38:40 +0000 @@ -312,7 +312,7 @@ INCLUDE_DIRECTORIES(${CMAKE_CURRENT_BINA # Add bundled or system zlib. MYSQL_CHECK_ZLIB_WITH_COMPRESS() -# Optionally add bundled yassl/taocrypt or system openssl. +# Add bundled yassl/taocrypt or system openssl. MYSQL_CHECK_SSL() # Add readline or libedit. MYSQL_CHECK_READLINE() === modified file 'cmake/ssl.cmake' --- a/cmake/ssl.cmake 2012-03-22 15:15:32 +0000 +++ b/cmake/ssl.cmake 2012-05-21 12:38:40 +0000 @@ -14,7 +14,7 @@ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA MACRO (CHANGE_SSL_SETTINGS string) - SET(WITH_SSL ${string} CACHE STRING "Options are : no, bundled, yes (prefer os library if present otherwise use bundled), system (use os library)" FORCE) + SET(WITH_SSL ${string} CACHE STRING "Options are : bundled, yes (prefer os library if present otherwise use bundled), system (use os library)" FORCE) ENDMACRO() MACRO (MYSQL_USE_BUNDLED_SSL) @@ -42,13 +42,11 @@ ENDMACRO() # MYSQL_CHECK_SSL # # Provides the following configure options: -# WITH_SSL=[yes|no|bundled] +# WITH_SSL=[yes|bundled|system] MACRO (MYSQL_CHECK_SSL) IF(NOT WITH_SSL) IF(WIN32) CHANGE_SSL_SETTINGS("bundled") - ELSE() - CHANGE_SSL_SETTINGS("no") ENDIF() ENDIF() @@ -76,7 +74,7 @@ MACRO (MYSQL_CHECK_SSL) ENDIF() MYSQL_USE_BUNDLED_SSL() ENDIF() - ELSEIF(NOT WITH_SSL STREQUAL "no") - MESSAGE(SEND_ERROR "Wrong option for WITH_SSL. Valid values are : yes, no, bundled") + ELSE() + MESSAGE(SEND_ERROR "Wrong option for WITH_SSL. Valid values are : yes, bundled, system") ENDIF() ENDMACRO() === modified file 'include/my_md5.h' --- a/include/my_md5.h 2012-03-27 08:25:06 +0000 +++ b/include/my_md5.h 2012-05-21 12:38:40 +0000 @@ -1,7 +1,7 @@ #ifndef MY_MD5_INCLUDED #define MY_MD5_INCLUDED -/* Copyright (C) 2000 MySQL AB +/* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -16,87 +16,9 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* See md5.c for explanation and copyright information. */ - -/* - * $FreeBSD: src/contrib/cvs/lib/md5.h,v 1.2 1999/12/11 15:10:02 peter Exp $ - */ - -#if defined(HAVE_YASSL) || defined(HAVE_OPENSSL) /* - Use MD5 implementation provided by the SSL libraries. + Wrapper function for MD5 implementation. */ - -#if defined(HAVE_YASSL) - -#ifdef __cplusplus -extern "C" { -#endif - -void my_md5_hash(char *digest, const char *buf, int len); - -#ifdef __cplusplus -} -#endif - - -#else /* HAVE_YASSL */ - -#include - -#define MY_MD5_HASH(digest, buf, len) \ -do { \ - MD5_CTX ctx; \ - MD5_Init (&ctx); \ - MD5_Update (&ctx, buf, len); \ - MD5_Final (digest, &ctx); \ -} while (0) - -#endif /* HAVE_YASSL */ - -#else /* HAVE_YASSL || HAVE_OPENSSL */ -/* Fallback to the MySQL's implementation. */ - -/* Unlike previous versions of this code, uint32 need not be exactly - 32 bits, merely 32 bits or more. Choosing a data type which is 32 - bits instead of 64 is not important; speed is considerably more - important. ANSI guarantees that "unsigned long" will be big enough, - and always using it seems to have few disadvantages. */ - -#include "my_global.h" -typedef uint32 cvs_uint32; - -typedef struct { - cvs_uint32 buf[4]; - cvs_uint32 bits[2]; - unsigned char in[64]; -} my_MD5Context; - -#ifdef __cplusplus -extern "C" { -#endif - -void my_MD5Init (my_MD5Context *context); -void my_MD5Update (my_MD5Context *context, - unsigned char const *buf, unsigned len); -void my_MD5Final (unsigned char digest[16], - my_MD5Context *context); - -#ifdef __cplusplus -} -#endif - - -#define MY_MD5_HASH(digest,buf,len) \ -do { \ - my_MD5Context ctx; \ - my_MD5Init (&ctx); \ - my_MD5Update (&ctx, buf, len); \ - my_MD5Final (digest, &ctx); \ -} while (0) - -#endif /* defined(HAVE_YASSL) || defined(HAVE_OPENSSL) */ - #ifdef __cplusplus extern "C" { #endif === modified file 'include/sha1.h' --- a/include/sha1.h 2012-03-06 14:29:42 +0000 +++ b/include/sha1.h 2012-05-21 12:38:40 +0000 @@ -18,115 +18,8 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ -/* - This is the header file for code which implements the Secure - Hashing Algorithm 1 as defined in FIPS PUB 180-1 published - April 17, 1995. - - Many of the variable names in this code, especially the - single character names, were used because those were the names - used in the publication. - - Please read the file sha1.c for more information. - - Modified 2002 by Peter Zaitsev to better follow MySQL standards - - Original Source from: http://www.faqs.org/rfcs/rfc3174.html - - Copyright (C) The Internet Society (2001). All Rights Reserved. - - This document and translations of it may be copied and furnished to - others, and derivative works that comment on or otherwise explain it - or assist in its implementation may be prepared, copied, published - and distributed, in whole or in part, without restriction of any - kind, provided that the above copyright notice and this paragraph are - included on all such copies and derivative works. However, this - document itself may not be modified in any way, such as by removing - the copyright notice or references to the Internet Society or other - Internet organizations, except as needed for the purpose of - developing Internet standards in which case the procedures for - copyrights defined in the Internet Standards process must be - followed, or as required to translate it into languages other than - English. - - The limited permissions granted above are perpetual and will not be - revoked by the Internet Society or its successors or assigns. - - This document and the information contained herein is provided on an - "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING - TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING - BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION - HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF - MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - - Acknowledgement - Funding for the RFC Editor function is currently provided by the - Internet Society. -*/ - #define SHA1_HASH_SIZE 20 /* Hash size in bytes */ -/* - Use SHA1 implementation provided by the SSL libraries if available. -*/ - -#if defined(HAVE_YASSL) - -C_MODE_START - -void mysql_sha1_yassl(uint8 *digest, const char *buf, int len); -void mysql_sha1_multi_yassl(uint8 *digest, const char *buf1, int len1, - const char *buf2, int len2); - -C_MODE_END - -#elif defined(HAVE_OPENSSL) - -#include -#define SHA1_CONTEXT SHA_CTX - -# else - -enum sha_result_codes -{ - SHA_SUCCESS = 0, - SHA_NULL, /* Null pointer parameter */ - SHA_INPUT_TOO_LONG, /* input data too long */ - SHA_STATE_ERROR /* called Input after Result */ -}; - -/* - This structure will hold context information for the SHA-1 - hashing operation -*/ - -typedef struct SHA1_CONTEXT -{ - ulonglong Length; /* Message length in bits */ - uint32 Intermediate_Hash[SHA1_HASH_SIZE/4]; /* Message Digest */ - int Computed; /* Is the digest computed? */ - int Corrupted; /* Is the message digest corrupted? */ - int16 Message_Block_Index; /* Index into message block array */ - uint8 Message_Block[64]; /* 512-bit message blocks */ -} SHA1_CONTEXT; - -#endif /* HAVE_YASSL */ - -#ifndef HAVE_YASSL -/* - Function Prototypes (shared by MySQL & OpenSSL's SHA1 implementation ) -*/ - -C_MODE_START - -int mysql_sha1_reset(SHA1_CONTEXT*); -int mysql_sha1_input(SHA1_CONTEXT*, const uint8 *, unsigned int); -int mysql_sha1_result(SHA1_CONTEXT* , uint8 Message_Digest[SHA1_HASH_SIZE]); - -C_MODE_END - -#endif /* HAVE_YASSL */ - C_MODE_START void compute_sha1_hash(uint8 *digest, const char *buf, int len); === modified file 'mysql-test/t/disabled.def' --- a/mysql-test/t/disabled.def 2012-04-17 10:07:36 +0000 +++ b/mysql-test/t/disabled.def 2012-05-21 12:38:40 +0000 @@ -17,3 +17,4 @@ log_tables-big : Bug#11756699 ds_mrr-big @solaris : Hemant disabled since this leads to timeout on Solaris on slow sparc servers partition_locking_4 : Bug#13924750 2012-04-04 lost connection. mysql_embedded_client_test : Bug#13964673 2012-04-16 amitbha since most of the test cases are failing +openssl_1 : Bug#13784804, Mayank: Error no is same but message is messed up. === modified file 'mysys/CMakeLists.txt' --- a/mysys/CMakeLists.txt 2012-03-06 14:29:42 +0000 +++ b/mysys/CMakeLists.txt 2012-05-21 12:38:40 +0000 @@ -20,7 +20,7 @@ ADD_DEFINITIONS(${SSL_DEFINES}) ENDIF() SET(MYSYS_SOURCES array.c charset-def.c charset.c checksum.c default.c - errors.c hash.c list.c md5.c mf_cache.c mf_dirname.c mf_fn_ext.c + errors.c hash.c list.c mf_cache.c mf_dirname.c mf_fn_ext.c mf_format.c mf_getdate.c mf_iocache.c mf_iocache2.c mf_keycache.c mf_keycaches.c mf_loadpath.c mf_pack.c mf_path.c mf_qsort.c mf_qsort2.c mf_radix.c mf_same.c mf_sort.c mf_soundex.c mf_arr_appstr.c mf_tempdir.c @@ -35,7 +35,7 @@ SET(MYSYS_SOURCES array.c charset-def.c my_quick.c my_read.c my_redel.c my_rename.c my_seek.c my_sleep.c my_static.c my_symlink.c my_symlink2.c my_sync.c my_thr_init.c my_write.c ptr_cmp.c queues.c stacktrace.c - rijndael.c sha1.c string.c thr_alarm.c thr_lock.c thr_mutex.c + rijndael.c string.c thr_alarm.c thr_lock.c thr_mutex.c thr_rwlock.c tree.c typelib.c base64.c my_memmem.c my_getpagesize.c lf_alloc-pin.c lf_dynarray.c lf_hash.c my_atomic.c my_getncpus.c === removed file 'mysys/md5.c' --- a/mysys/md5.c 2012-03-06 14:29:42 +0000 +++ b/mysys/md5.c 1970-01-01 00:00:00 +0000 @@ -1,332 +0,0 @@ -/* Copyright (C) 2000 MySQL AB - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ - -/* - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - */ - -/* This code was modified in 1997 by Jim Kingdon of Cyclic Software to - not require an integer type which is exactly 32 bits. This work - draws on the changes for the same purpose by Tatu Ylonen - as part of SSH, but since I didn't actually use - that code, there is no copyright issue. I hereby disclaim - copyright in any changes I have made; this code remains in the - public domain. */ - -/* - Skip entirely if built with OpenSSL/YaSSL support. -*/ -#if !defined(HAVE_OPENSSL) && !defined(HAVE_YASSL) - -#include -#include -#include "my_md5.h" - -#include /* for memcpy() and memset() */ - - -static void -my_MD5Transform (cvs_uint32 buf[4], const unsigned char in[64]); - -/* Little-endian byte-swapping routines. Note that these do not - depend on the size of datatypes such as uint32, nor do they require - us to detect the endianness of the machine we are running on. It - is possible they should be macros for speed, but I would be - surprised if they were a performance bottleneck for MD5. */ - -static uint32 getu32 (const unsigned char *addr) -{ - return (((((unsigned long)addr[3] << 8) | addr[2]) << 8) - | addr[1]) << 8 | addr[0]; -} - -static void -putu32 (uint32 data, unsigned char *addr) -{ - addr[0] = (unsigned char)data; - addr[1] = (unsigned char)(data >> 8); - addr[2] = (unsigned char)(data >> 16); - addr[3] = (unsigned char)(data >> 24); -} - -/* - Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - initialization constants. -*/ -void -my_MD5Init (my_MD5Context *ctx) -{ - ctx->buf[0] = 0x67452301; - ctx->buf[1] = 0xefcdab89; - ctx->buf[2] = 0x98badcfe; - ctx->buf[3] = 0x10325476; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - Update context to reflect the concatenation of another buffer full - of bytes. -*/ -void -my_MD5Update (my_MD5Context *ctx, unsigned char const *buf, unsigned len) -{ - uint32 t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = (t + ((uint32)len << 3)) & 0xffffffff) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if ( t ) { - unsigned char *p = ctx->in + t; - - t = 64-t; - if (len < t) { - memcpy(p, buf, len); - return; - } - memcpy(p, buf, t); - my_MD5Transform (ctx->buf, ctx->in); - buf += t; - len -= t; - } - - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memcpy(ctx->in, buf, 64); - my_MD5Transform (ctx->buf, ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memcpy(ctx->in, buf, len); -} - -/* - Final wrapup - pad to 64-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) -*/ -void -my_MD5Final (unsigned char digest[16], my_MD5Context *ctx) -{ - unsigned count; - unsigned char *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset(p, 0, count); - my_MD5Transform (ctx->buf, ctx->in); - - /* Now fill the next block with 56 bytes */ - memset(ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset(p, 0, count-8); - } - - /* Append length in bits and transform */ - putu32(ctx->bits[0], ctx->in + 56); - putu32(ctx->bits[1], ctx->in + 60); - - my_MD5Transform (ctx->buf, ctx->in); - putu32(ctx->buf[0], digest); - putu32(ctx->buf[1], digest + 4); - putu32(ctx->buf[2], digest + 8); - putu32(ctx->buf[3], digest + 12); - memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ -} - -#ifndef ASM_MD5 - -/* The four core functions - F1 is optimized somewhat */ - -/* #define F1(x, y, z) (x & y | ~x & z) */ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define MD5STEP(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w &= 0xffffffff, w = w<>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. MD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -static void -my_MD5Transform (uint32 buf[4], const unsigned char inraw[64]) -{ - register uint32 a, b, c, d; - uint32 in[16]; - int i; - - for (i = 0; i < 16; ++i) - in[i] = getu32 (inraw + 4 * i); - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[ 0]+0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, in[ 1]+0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, in[ 2]+0x242070db, 17); - MD5STEP(F1, b, c, d, a, in[ 3]+0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, in[ 4]+0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, in[ 5]+0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, in[ 6]+0xa8304613, 17); - MD5STEP(F1, b, c, d, a, in[ 7]+0xfd469501, 22); - MD5STEP(F1, a, b, c, d, in[ 8]+0x698098d8, 7); - MD5STEP(F1, d, a, b, c, in[ 9]+0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, in[10]+0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, in[11]+0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, in[12]+0x6b901122, 7); - MD5STEP(F1, d, a, b, c, in[13]+0xfd987193, 12); - MD5STEP(F1, c, d, a, b, in[14]+0xa679438e, 17); - MD5STEP(F1, b, c, d, a, in[15]+0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, in[ 1]+0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, in[ 6]+0xc040b340, 9); - MD5STEP(F2, c, d, a, b, in[11]+0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, in[ 0]+0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, in[ 5]+0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, in[10]+0x02441453, 9); - MD5STEP(F2, c, d, a, b, in[15]+0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, in[ 4]+0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, in[ 9]+0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, in[14]+0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, in[ 3]+0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, in[ 8]+0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, in[13]+0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, in[ 2]+0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, in[ 7]+0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, in[12]+0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, in[ 5]+0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, in[ 8]+0x8771f681, 11); - MD5STEP(F3, c, d, a, b, in[11]+0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, in[14]+0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, in[ 1]+0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, in[ 4]+0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, in[ 7]+0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, in[10]+0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, in[13]+0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, in[ 0]+0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, in[ 3]+0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, in[ 6]+0x04881d05, 23); - MD5STEP(F3, a, b, c, d, in[ 9]+0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, in[12]+0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, in[15]+0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, in[ 2]+0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, in[ 0]+0xf4292244, 6); - MD5STEP(F4, d, a, b, c, in[ 7]+0x432aff97, 10); - MD5STEP(F4, c, d, a, b, in[14]+0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, in[ 5]+0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, in[12]+0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, in[ 3]+0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, in[10]+0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, in[ 1]+0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, in[ 8]+0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, in[15]+0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, in[ 6]+0xa3014314, 15); - MD5STEP(F4, b, c, d, a, in[13]+0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, in[ 4]+0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, in[11]+0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, in[ 2]+0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, in[ 9]+0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} -#endif - -#ifdef TEST -/* - Simple test program. Can use it to manually run the tests from - RFC1321 for example. -*/ -#include - -int -main (int argc, char **argv) -{ - my_MD5Context context; - unsigned char checksum[16]; - int i; - int j; - - if (argc < 2) - { - fprintf (stderr, "usage: %s string-to-hash\n", argv[0]); - exit (1); - } - for (j = 1; j < argc; ++j) - { - printf ("MD5 (\"%s\") = ", argv[j]); - my_MD5Init (&context); - my_MD5Update (&context, argv[j], strlen (argv[j])); - my_MD5Final (checksum, &context); - for (i = 0; i < 16; i++) - { - printf ("%02x", (unsigned int) checksum[i]); - } - printf ("\n"); - } - return 0; -} -#endif /* TEST */ - -#endif /* !defined(HAVE_OPENSSL) && !defined(HAVE_YASSL) */ === removed file 'mysys/sha1.c' --- a/mysys/sha1.c 2012-03-06 14:29:42 +0000 +++ b/mysys/sha1.c 1970-01-01 00:00:00 +0000 @@ -1,460 +0,0 @@ -/* Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -/* - Original Source from: http://www.faqs.org/rfcs/rfc3174.html - - Copyright (C) The Internet Society (2001). All Rights Reserved. - - This document and translations of it may be copied and furnished to - others, and derivative works that comment on or otherwise explain it - or assist in its implementation may be prepared, copied, published - and distributed, in whole or in part, without restriction of any - kind, provided that the above copyright notice and this paragraph are - included on all such copies and derivative works. However, this - document itself may not be modified in any way, such as by removing - the copyright notice or references to the Internet Society or other - Internet organizations, except as needed for the purpose of - developing Internet standards in which case the procedures for - copyrights defined in the Internet Standards process must be - followed, or as required to translate it into languages other than - English. - - The limited permissions granted above are perpetual and will not be - revoked by the Internet Society or its successors or assigns. - - This document and the information contained herein is provided on an - "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING - TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING - BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION - HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF - MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - - Acknowledgement - Funding for the RFC Editor function is currently provided by the - Internet Society. - - DESCRIPTION - This file implements the Secure Hashing Algorithm 1 as - defined in FIPS PUB 180-1 published April 17, 1995. - - The SHA-1, produces a 160-bit message digest for a given data - stream. It should take about 2**n steps to find a message with the - same digest as a given message and 2**(n/2) to find any two - messages with the same digest, when n is the digest size in bits. - Therefore, this algorithm can serve as a means of providing a - "fingerprint" for a message. - - PORTABILITY ISSUES - SHA-1 is defined in terms of 32-bit "words". This code uses - (included via "sha1.h" to define 32 and 8 bit unsigned - integer types. If your C compiler does not support 32 bit unsigned - integers, this code is not appropriate. - - CAVEATS - SHA-1 is designed to work with messages less than 2^64 bits long. - Although SHA-1 allows a message digest to be generated for messages - of any number of bits less than 2^64, this implementation only - works with messages with a length that is a multiple of the size of - an 8-bit character. - - CHANGES - 2002 by Peter Zaitsev to - - fit to new prototypes according to MySQL standard - - Some optimizations - - All checking is now done in debug only mode - - More comments -*/ - -#include "my_global.h" -#include "m_string.h" -#include "sha1.h" - -/* - Skip entire file if built with YaSSL. -*/ -#ifndef HAVE_YASSL - -#ifdef HAVE_OPENSSL - -/* - Wrapper for OpenSSL SH1 methods. -*/ - -int mysql_sha1_reset(SHA1_CONTEXT *context) -{ - return SHA1_Init(context); -} - - -int mysql_sha1_input(SHA1_CONTEXT *context, const uint8 *message_array, - unsigned length) -{ - return SHA1_Update(context, message_array, length); -} - - -int mysql_sha1_result(SHA1_CONTEXT *context, - uint8 Message_Digest[SHA1_HASH_SIZE]) -{ - return SHA1_Final(Message_Digest, context); -} - -#else /* HAVE_OPENSSL */ -/* - Native MySQL SHA1 implementation. -*/ - -/* - Define the SHA1 circular left shift macro -*/ - -#define SHA1CircularShift(bits,word) \ - (((word) << (bits)) | ((word) >> (32-(bits)))) - -/* Local Function Prototyptes */ -static void SHA1PadMessage(SHA1_CONTEXT*); -static void SHA1ProcessMessageBlock(SHA1_CONTEXT*); - - -/* - Initialize SHA1Context - - SYNOPSIS - mysql_sha1_reset() - context [in/out] The context to reset. - - DESCRIPTION - This function will initialize the SHA1Context in preparation - for computing a new SHA1 message digest. - - RETURN - SHA_SUCCESS ok - != SHA_SUCCESS sha Error Code. -*/ - - -const uint32 sha_const_key[5]= -{ - 0x67452301, - 0xEFCDAB89, - 0x98BADCFE, - 0x10325476, - 0xC3D2E1F0 -}; - - -int mysql_sha1_reset(SHA1_CONTEXT *context) -{ -#ifndef DBUG_OFF - if (!context) - return SHA_NULL; -#endif - - context->Length = 0; - context->Message_Block_Index = 0; - - context->Intermediate_Hash[0] = sha_const_key[0]; - context->Intermediate_Hash[1] = sha_const_key[1]; - context->Intermediate_Hash[2] = sha_const_key[2]; - context->Intermediate_Hash[3] = sha_const_key[3]; - context->Intermediate_Hash[4] = sha_const_key[4]; - - context->Computed = 0; - context->Corrupted = 0; - - return SHA_SUCCESS; -} - - -/* - Return the 160-bit message digest into the array provided by the caller - - SYNOPSIS - mysql_sha1_result() - context [in/out] The context to use to calculate the SHA-1 hash. - Message_Digest: [out] Where the digest is returned. - - DESCRIPTION - NOTE: The first octet of hash is stored in the 0th element, - the last octet of hash in the 19th element. - - RETURN - SHA_SUCCESS ok - != SHA_SUCCESS sha Error Code. -*/ - -int mysql_sha1_result(SHA1_CONTEXT *context, - uint8 Message_Digest[SHA1_HASH_SIZE]) -{ - int i; - -#ifndef DBUG_OFF - if (!context || !Message_Digest) - return SHA_NULL; - - if (context->Corrupted) - return context->Corrupted; -#endif - - if (!context->Computed) - { - SHA1PadMessage(context); - /* message may be sensitive, clear it out */ - memset(context->Message_Block, 0, 64); - context->Length = 0; /* and clear length */ - context->Computed = 1; - } - - for (i = 0; i < SHA1_HASH_SIZE; i++) - Message_Digest[i] = (int8)((context->Intermediate_Hash[i>>2] >> 8 - * ( 3 - ( i & 0x03 ) ))); - return SHA_SUCCESS; -} - - -/* - Accepts an array of octets as the next portion of the message. - - SYNOPSIS - mysql_sha1_input() - context [in/out] The SHA context to update - message_array An array of characters representing the next portion - of the message. - length The length of the message in message_array - - RETURN - SHA_SUCCESS ok - != SHA_SUCCESS sha Error Code. -*/ - -int mysql_sha1_input(SHA1_CONTEXT *context, const uint8 *message_array, - unsigned length) -{ - if (!length) - return SHA_SUCCESS; - -#ifndef DBUG_OFF - /* We assume client konows what it is doing in non-debug mode */ - if (!context || !message_array) - return SHA_NULL; - if (context->Computed) - return (context->Corrupted= SHA_STATE_ERROR); - if (context->Corrupted) - return context->Corrupted; -#endif - - while (length--) - { - context->Message_Block[context->Message_Block_Index++]= - (*message_array & 0xFF); - context->Length += 8; /* Length is in bits */ - -#ifndef DBUG_OFF - /* - Then we're not debugging we assume we never will get message longer - 2^64 bits. - */ - if (context->Length == 0) - return (context->Corrupted= 1); /* Message is too long */ -#endif - - if (context->Message_Block_Index == 64) - { - SHA1ProcessMessageBlock(context); - } - message_array++; - } - return SHA_SUCCESS; -} - - -/* - Process the next 512 bits of the message stored in the Message_Block array. - - SYNOPSIS - SHA1ProcessMessageBlock() - - DESCRIPTION - Many of the variable names in this code, especially the single - character names, were used because those were the names used in - the publication. -*/ - -/* Constants defined in SHA-1 */ -static const uint32 K[]= -{ - 0x5A827999, - 0x6ED9EBA1, - 0x8F1BBCDC, - 0xCA62C1D6 -}; - - -static void SHA1ProcessMessageBlock(SHA1_CONTEXT *context) -{ - int t; /* Loop counter */ - uint32 temp; /* Temporary word value */ - uint32 W[80]; /* Word sequence */ - uint32 A, B, C, D, E; /* Word buffers */ - int idx; - - /* - Initialize the first 16 words in the array W - */ - - for (t = 0; t < 16; t++) - { - idx=t*4; - W[t] = context->Message_Block[idx] << 24; - W[t] |= context->Message_Block[idx + 1] << 16; - W[t] |= context->Message_Block[idx + 2] << 8; - W[t] |= context->Message_Block[idx + 3]; - } - - - for (t = 16; t < 80; t++) - { - W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]); - } - - A = context->Intermediate_Hash[0]; - B = context->Intermediate_Hash[1]; - C = context->Intermediate_Hash[2]; - D = context->Intermediate_Hash[3]; - E = context->Intermediate_Hash[4]; - - for (t = 0; t < 20; t++) - { - temp= SHA1CircularShift(5,A) + ((B & C) | ((~B) & D)) + E + W[t] + K[0]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - for (t = 20; t < 40; t++) - { - temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - for (t = 40; t < 60; t++) - { - temp= (SHA1CircularShift(5,A) + ((B & C) | (B & D) | (C & D)) + E + W[t] + - K[2]); - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - for (t = 60; t < 80; t++) - { - temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - context->Intermediate_Hash[0] += A; - context->Intermediate_Hash[1] += B; - context->Intermediate_Hash[2] += C; - context->Intermediate_Hash[3] += D; - context->Intermediate_Hash[4] += E; - - context->Message_Block_Index = 0; -} - - -/* - Pad message - - SYNOPSIS - SHA1PadMessage() - context: [in/out] The context to pad - - DESCRIPTION - According to the standard, the message must be padded to an even - 512 bits. The first padding bit must be a '1'. The last 64 bits - represent the length of the original message. All bits in between - should be 0. This function will pad the message according to - those rules by filling the Message_Block array accordingly. It - will also call the ProcessMessageBlock function provided - appropriately. When it returns, it can be assumed that the message - digest has been computed. - -*/ - -static void SHA1PadMessage(SHA1_CONTEXT *context) -{ - /* - Check to see if the current message block is too small to hold - the initial padding bits and length. If so, we will pad the - block, process it, and then continue padding into a second - block. - */ - - int i=context->Message_Block_Index; - - if (i > 55) - { - context->Message_Block[i++] = 0x80; - memset(&context->Message_Block[i], 0, - sizeof(context->Message_Block[0])*(64-i)); - context->Message_Block_Index=64; - - /* This function sets context->Message_Block_Index to zero */ - SHA1ProcessMessageBlock(context); - - memset(&context->Message_Block[0], 0, - sizeof(context->Message_Block[0])*56); - context->Message_Block_Index=56; - } - else - { - context->Message_Block[i++] = 0x80; - memset(&context->Message_Block[i], 0, - sizeof(context->Message_Block[0])*(56-i)); - context->Message_Block_Index=56; - } - - /* - Store the message length as the last 8 octets - */ - - context->Message_Block[56] = (int8) (context->Length >> 56); - context->Message_Block[57] = (int8) (context->Length >> 48); - context->Message_Block[58] = (int8) (context->Length >> 40); - context->Message_Block[59] = (int8) (context->Length >> 32); - context->Message_Block[60] = (int8) (context->Length >> 24); - context->Message_Block[61] = (int8) (context->Length >> 16); - context->Message_Block[62] = (int8) (context->Length >> 8); - context->Message_Block[63] = (int8) (context->Length); - - SHA1ProcessMessageBlock(context); -} -#endif /* HAVE_OPENSSL */ - -#endif /* HAVE_YASSL */ === modified file 'sql/md5.cc' --- a/sql/md5.cc 2012-04-02 14:31:07 +0000 +++ b/sql/md5.cc 2012-05-21 12:38:40 +0000 @@ -18,35 +18,36 @@ @file @brief - Wrapper functions for OpenSSL, YaSSL and MySQL's MD5 - implementations. Also provides a Compatibility layer + Wrapper functions for OpenSSL and YaSSL. Also provides a Compatibility layer to make available YaSSL's MD5 implementation. */ +#include #include -#ifdef HAVE_YASSL - +#if defined(HAVE_YASSL) #include "my_config.h" #include "md5.hpp" -/** - Compute MD5 message digest. - - @param digest [out] Computed MD5 digest - @param buf [in] Message to be computed - @param len [in] Length of the message - - @return void -*/ -void my_md5_hash(char *digest, const char *buf, int len) +static void my_md5_hash(char *digest, const char *buf, int len) { TaoCrypt::MD5 hasher; hasher.Update((TaoCrypt::byte *) buf, len); hasher.Final((TaoCrypt::byte *) digest); } -#endif /* HAVE_YASSL */ +#elif defined(HAVE_OPENSSL) +#include + +static void my_md5_hash(unsigned char* digest, unsigned const char *buf, int len) +{ + MD5_CTX ctx; + MD5_Init (&ctx); + MD5_Update (&ctx, buf, len); + MD5_Final (digest, &ctx); +} + +#endif /* HAVE_YASSL */ /** Wrapper function to compute MD5 message digest. @@ -59,10 +60,9 @@ void my_md5_hash(char *digest, const cha */ void compute_md5_hash(char *digest, const char *buf, int len) { -#ifdef HAVE_YASSL +#if defined(HAVE_YASSL) my_md5_hash(digest, buf, len); -#else - MY_MD5_HASH((unsigned char *) digest, (unsigned char const *) buf, len); +#elif defined(HAVE_OPENSSL) + my_md5_hash((unsigned char*)digest, (unsigned const char*)buf, len); #endif /* HAVE_YASSL */ } - === modified file 'sql/sha1.cc' --- a/sql/sha1.cc 2012-02-17 10:30:31 +0000 +++ b/sql/sha1.cc 2012-05-21 12:38:40 +0000 @@ -18,15 +18,14 @@ @file @brief - Wrapper functions for OpenSSL, YaSSL and MySQL's SHA1 - implementations. Also provides a Compatibility layer - to make available YaSSL's SHA1 implementation. + Wrapper functions for OpenSSL, YaSSL implementations. Also provides a + Compatibility layer to make available YaSSL's SHA1 implementation. */ #include #include -#ifdef HAVE_YASSL +#if defined(HAVE_YASSL) #include "sha.hpp" /** @@ -66,9 +65,30 @@ void mysql_sha1_multi_yassl(uint8 *diges hasher.Final((TaoCrypt::byte *) digest); } -#endif /* HAVE_YASSL */ +#elif defined(HAVE_OPENSSL) +#include + +int mysql_sha1_reset(SHA_CTX *context) +{ + return SHA1_Init(context); +} +int mysql_sha1_input(SHA_CTX *context, const uint8 *message_array, + unsigned length) +{ + return SHA1_Update(context, message_array, length); +} + + +int mysql_sha1_result(SHA_CTX *context, + uint8 Message_Digest[SHA1_HASH_SIZE]) +{ + return SHA1_Final(Message_Digest, context); +} + +#endif /* HAVE_YASSL */ + /** Wrapper function to compute SHA1 message digest. @@ -80,10 +100,10 @@ void mysql_sha1_multi_yassl(uint8 *diges */ void compute_sha1_hash(uint8 *digest, const char *buf, int len) { -#ifdef HAVE_YASSL +#if defined(HAVE_YASSL) mysql_sha1_yassl(digest, buf, len); -#else - SHA1_CONTEXT sha1_context; +#elif defined(HAVE_OPENSSL) + SHA_CTX sha1_context; mysql_sha1_reset(&sha1_context); mysql_sha1_input(&sha1_context, (const uint8 *) buf, len); @@ -107,10 +127,10 @@ void compute_sha1_hash(uint8 *digest, co void compute_sha1_hash_multi(uint8 *digest, const char *buf1, int len1, const char *buf2, int len2) { -#ifdef HAVE_YASSL +#if defined(HAVE_YASSL) mysql_sha1_multi_yassl(digest, buf1, len1, buf2, len2); -#else - SHA1_CONTEXT sha1_context; +#elif defined(HAVE_OPENSSL) + SHA_CTX sha1_context; mysql_sha1_reset(&sha1_context); mysql_sha1_input(&sha1_context, (const uint8 *) buf1, len1); No bundle (reason: useless for push emails).