Junio C Hamano <gitster@xxxxxxxxx> writes: > Here are three patches to replace the last two patches from your > series. > > - The Makefile knob is named DC_SHA1, not USE_SHA1DC; this is to > keep it consistent with existing BLK_SHA1 and PPC_SHA1. > > - The CPP macro is called SHA1_DC, not SHA1_SHA1DC; again this is > for consistency with SHA1_BLK and SHA1_PPC. > > - Switch the default from OpenSSL's implementation to DC_SHA1. > Those who want OpenSSL's one can ask with OPENSSL_SHA1. > > Jeff King (2): > Makefile: add DC_SHA1 knob > t0013: add a basic sha1 collision detection test > > Junio C Hamano (1): > Makefile: make DC_SHA1 the default > > Makefile | 19 +++++++++++++++++-- > hash.h | 2 ++ > sha1dc/sha1.c | 20 ++++++++++++++++++++ > sha1dc/sha1.h | 15 +++++++++++++++ > t/t0013-sha1dc.sh | 19 +++++++++++++++++++ > t/t0013/shattered-1.pdf | Bin 0 -> 422435 bytes > 6 files changed, 73 insertions(+), 2 deletions(-) > create mode 100755 t/t0013-sha1dc.sh > create mode 100644 t/t0013/shattered-1.pdf For a rather obvious reason, patch 2/3 cannot be seen on the list. The "interdiff" between jk/sha1dc topic and applying patches 1 and 2 (but not 3) looks like this. diff --git a/Makefile b/Makefile index b01111c581..fc9d89498b 100644 --- a/Makefile +++ b/Makefile @@ -142,7 +142,7 @@ all:: # Define PPC_SHA1 environment variable when running make to make use of # a bundled SHA1 routine optimized for PowerPC. # -# Define USE_SHA1DC to unconditionally enable the collision-detecting sha1 +# Define DC_SHA1 to unconditionally enable the collision-detecting sha1 # algorithm. This is slower, but may detect attempted collision attacks. # Takes priority over other *_SHA1 knobs. # @@ -1390,10 +1390,10 @@ ifdef APPLE_COMMON_CRYPTO SHA1_MAX_BLOCK_SIZE = 1024L*1024L*1024L endif -ifdef USE_SHA1DC +ifdef DC_SHA1 LIB_OBJS += sha1dc/sha1.o LIB_OBJS += sha1dc/ubc_check.o - BASIC_CFLAGS += -DSHA1_SHA1DC + BASIC_CFLAGS += -DSHA1_DC else ifdef BLK_SHA1 LIB_OBJS += block-sha1/sha1.o @@ -2236,7 +2236,7 @@ GIT-BUILD-OPTIONS: FORCE @echo NO_PYTHON=\''$(subst ','\'',$(subst ','\'',$(NO_PYTHON)))'\' >>$@+ @echo NO_UNIX_SOCKETS=\''$(subst ','\'',$(subst ','\'',$(NO_UNIX_SOCKETS)))'\' >>$@+ @echo PAGER_ENV=\''$(subst ','\'',$(subst ','\'',$(PAGER_ENV)))'\' >>$@+ - @echo USE_SHA1DC=\''$(subst ','\'',$(subst ','\'',$(USE_SHA1DC)))'\' >>$@+ + @echo DC_SHA1=\''$(subst ','\'',$(subst ','\'',$(DC_SHA1)))'\' >>$@+ ifdef TEST_OUTPUT_DIRECTORY @echo TEST_OUTPUT_DIRECTORY=\''$(subst ','\'',$(subst ','\'',$(TEST_OUTPUT_DIRECTORY)))'\' >>$@+ endif diff --git a/hash.h b/hash.h index 3760f436ec..a11fc9233f 100644 --- a/hash.h +++ b/hash.h @@ -7,7 +7,7 @@ #include <CommonCrypto/CommonDigest.h> #elif defined(SHA1_OPENSSL) #include <openssl/sha.h> -#elif defined(SHA1_SHA1DC) +#elif defined(SHA1_DC) #include "sha1dc/sha1.h" #else /* SHA1_BLK */ #include "block-sha1/sha1.h" diff --git a/t/t0013-sha1dc.sh b/t/t0013-sha1dc.sh index 4d43f7bf64..6d655cb161 100755 --- a/t/t0013-sha1dc.sh +++ b/t/t0013-sha1dc.sh @@ -4,9 +4,9 @@ test_description='test sha1 collision detection' . ./test-lib.sh TEST_DATA="$TEST_DIRECTORY/t0013" -if test -z "$USE_SHA1DC" +if test -z "$DC_SHA1" then - skip_all='skipping sha1 collision tests, USE_SHA1DC not set' + skip_all='skipping sha1 collision tests, DC_SHA1 not set' test_done fi