86 lines
2.4 KiB
Diff
86 lines
2.4 KiB
Diff
From 17acaf144b882d7312b147ac4a1d39158a82534d Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= <opohorel@redhat.com>
|
|
Date: Fri, 9 Jan 2026 14:49:51 +0100
|
|
Subject: [PATCH] git-2.52.0-core-crypto-hmac.patch
|
|
|
|
---
|
|
Makefile | 2 ++
|
|
builtin/receive-pack.c | 38 ++++----------------------------------
|
|
2 files changed, 6 insertions(+), 34 deletions(-)
|
|
|
|
diff --git a/Makefile b/Makefile
|
|
index 7e0f77e298..a106eaa79d 100644
|
|
--- a/Makefile
|
|
+++ b/Makefile
|
|
@@ -2278,6 +2278,8 @@ ifneq ($(findstring openssl,$(CSPRNG_METHOD)),)
|
|
EXTLIBS += -lcrypto -lssl
|
|
endif
|
|
|
|
+EXTLIBS += -lcrypto
|
|
+
|
|
ifndef HAVE_PLATFORM_PROCINFO
|
|
COMPAT_OBJS += compat/stub/procinfo.o
|
|
endif
|
|
diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
|
|
index c9288a9c7e..48ad30fb0a 100644
|
|
--- a/builtin/receive-pack.c
|
|
+++ b/builtin/receive-pack.c
|
|
@@ -43,6 +43,8 @@
|
|
#include "worktree.h"
|
|
#include "shallow.h"
|
|
#include "parse-options.h"
|
|
+#include <openssl/hmac.h>
|
|
+#include <openssl/evp.h>
|
|
|
|
static const char * const receive_pack_usage[] = {
|
|
N_("git receive-pack <git-dir>"),
|
|
@@ -561,43 +563,11 @@ static int copy_to_sideband(int in, int out UNUSED, void *arg UNUSED)
|
|
return 0;
|
|
}
|
|
|
|
-static void hmac_hash(unsigned char *out,
|
|
+static inline void hmac_hash(unsigned char *out,
|
|
const char *key_in, size_t key_len,
|
|
const char *text, size_t text_len)
|
|
{
|
|
- unsigned char key[GIT_MAX_BLKSZ];
|
|
- unsigned char k_ipad[GIT_MAX_BLKSZ];
|
|
- unsigned char k_opad[GIT_MAX_BLKSZ];
|
|
- int i;
|
|
- struct git_hash_ctx ctx;
|
|
-
|
|
- /* RFC 2104 2. (1) */
|
|
- memset(key, '\0', GIT_MAX_BLKSZ);
|
|
- if (the_hash_algo->blksz < key_len) {
|
|
- the_hash_algo->init_fn(&ctx);
|
|
- git_hash_update(&ctx, key_in, key_len);
|
|
- git_hash_final(key, &ctx);
|
|
- } else {
|
|
- memcpy(key, key_in, key_len);
|
|
- }
|
|
-
|
|
- /* RFC 2104 2. (2) & (5) */
|
|
- for (i = 0; i < sizeof(key); i++) {
|
|
- k_ipad[i] = key[i] ^ 0x36;
|
|
- k_opad[i] = key[i] ^ 0x5c;
|
|
- }
|
|
-
|
|
- /* RFC 2104 2. (3) & (4) */
|
|
- the_hash_algo->init_fn(&ctx);
|
|
- git_hash_update(&ctx, k_ipad, sizeof(k_ipad));
|
|
- git_hash_update(&ctx, text, text_len);
|
|
- git_hash_final(out, &ctx);
|
|
-
|
|
- /* RFC 2104 2. (6) & (7) */
|
|
- the_hash_algo->init_fn(&ctx);
|
|
- git_hash_update(&ctx, k_opad, sizeof(k_opad));
|
|
- git_hash_update(&ctx, out, the_hash_algo->rawsz);
|
|
- git_hash_final(out, &ctx);
|
|
+ HMAC(EVP_sha1(), key_in, key_len, text, text_len, out, NULL);
|
|
}
|
|
|
|
static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
|
|
--
|
|
2.52.0
|
|
|