Commit 253ed9ecff (hash.h: scaffolding for _unsafe hashing variants, 2024-09-26) introduced the concept of having two hash algorithms: a safe and an unsafe one. When the Makefile knobs do not explicitly request an unsafe one, we fall back to using the safe algorithm. However, the fallback to do so forgot one case: we should inherit the NEEDS_CLONE_HELPER flag from the safe variant. Failing to do so means that we'll end up defining two clone functions (the algorithm specific one, and the generic one that just calls memcpy). You'll see an error like this: $ make OPENSSL_SHA1=1 [...] sha1/openssl.h:46:29: error: redefinition of ‘openssl_SHA1_Clone’ 46 | #define platform_SHA1_Clone openssl_SHA1_Clone | ^~~~~~~~~~~~~~~~~~ hash.h:83:40: note: in expansion of macro ‘platform_SHA1_Clone’ 83 | # define platform_SHA1_Clone_unsafe platform_SHA1_Clone | ^~~~~~~~~~~~~~~~~~~ hash.h:101:33: note: in expansion of macro ‘platform_SHA1_Clone_unsafe’ 101 | # define git_SHA1_Clone_unsafe platform_SHA1_Clone_unsafe | ^~~~~~~~~~~~~~~~~~~~~~~~~~ hash.h:133:20: note: in expansion of macro ‘git_SHA1_Clone_unsafe’ 133 | static inline void git_SHA1_Clone_unsafe(git_SHA_CTX_unsafe *dst, | ^~~~~~~~~~~~~~~~~~~~~ sha1/openssl.h:37:20: note: previous definition of ‘openssl_SHA1_Clone’ with type ‘void(struct openssl_SHA1_CTX *, const struct openssl_SHA1_CTX *)’ 37 | static inline void openssl_SHA1_Clone(struct openssl_SHA1_CTX *dst, | ^~~~~~~~~~~~~~~~~~ This only matters when compiling with openssl as the "safe" variant, since it's the only algorithm that requires a clone helper (and even then, only if you are using openssl 3.0+). And you should never do that, because it's not safe. But still, the invocation above used to work and should continue to do so until we decide to require a collision-detecting variant for the safe algorithm entirely. Signed-off-by: Jeff King <peff@xxxxxxxx> --- This is a regression in v2.47.0-rc0. As mentioned above, I kind of doubt anybody will hit it in practice (I only did because I was trying to do some timing tests between the fast and dc variants). And it is almost tempting to leave it as a wake-up call for anybody who is still not using a collision-detecting sha1. ;) hash.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hash.h b/hash.h index f97f858307..756166ce5e 100644 --- a/hash.h +++ b/hash.h @@ -82,6 +82,9 @@ # ifdef platform_SHA1_Clone # define platform_SHA1_Clone_unsafe platform_SHA1_Clone # endif +# ifdef SHA1_NEEDS_CLONE_HELPER +# define SHA1_NEEDS_CLONE_HELPER_UNSAFE +# endif #endif #define git_SHA_CTX platform_SHA_CTX -- 2.47.0.rc1.376.gb58337ca88