Bug 641

Summary: Add ability to link with system sha2 library instead of custom implementation
Product: Sudo Reporter: vladimir.marek
Component: SudoersAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: enhancement    
Priority: low    
Version: 1.8.9   
Hardware: Sun   
OS: Solaris 2.x   
Attachments: First implementation, works on solaris, should not break anything else

Description vladimir.marek 2014-04-09 03:26:03 MDT 
Created attachment 401 [details]
First implementation, works on solaris, should not break anything else

Hi,

Since 1.8.7 sudo supports sha2 digest to check command checksum before
executing it. Sudo sources ships with custom sha2 implementation. I would like
to enhance sudo to make it use of system wide library providing sha2 services
where available. System wide library can make use of crypto hardware to speed
up the computations.

The patch I'm attaching makes sudo use libmd.so (lib message digest) on
Solaris. I was trying to make the change so that it's easily extensible to be
used on other platforms too.

The patch contains these changes:

gram.y, toke.l - The tokens are named so that they clash with macros form
   /usr/include/sha2.h , so I changed them

configure.ac - On solaris we try whether there's libmd available, and if yes,
   link it with libmd instead of with the internal sha2 implementattion.

Makefile.in - conditionaly compile and link the internal sha2 implementation

sha2.h - unfortunatelly the name of the header is the same of the header we
   want to use. I haven't found any reliable way to force C compiler to use
   /usr/include/sha2.h instead of the local one. So instead I am keeping the
   local sha2.h, but from there include /usr/include/sha2.h directly.

match.c - unfortunatelly the sha2 function definitions don't match 100% which
   makes the compiler complain.


The patch may not be 100% polished to be included in the sources, but I believe
that it is in the state to start discussion about it. I'm happy to work on it
more to make the change into the official source tree.

The downsides I can see
 - it's patch agains 1.8.9p5 and not latest sources (it's against sudo version
   we upgrade to at the moment). But it should not be hard to adapt it to
   latest mercurial version.

 - the including of /usr/include/sha2.h is a dirty trick (using full path) but
   I haven't found any other way of how to force the compiler to use
   /usr/include file instead of one from directory specified by -I. The way
   around would be renaming sha2.h to sha2_internal.h or something similar, but
   I wanted to discuss it with you first.

 - the ifdef in match.c is not particulary nice too. It might be possible to
   change the internal sha2 implemetation to match the libmd one, but that's
   not I change I dare to propose :) The differences are small though ...

Thank you
__ 
  Vlad
Comment 1 Todd C. Miller 2014-04-09 16:36:39 MDT 
I just committed http://www.sudo.ws/repos/sudo/rev/cd02732f0704 which moves sudo's sha2 code into libreplace so it is only used when needed.  I've tested that it uses the libc sha2 functions in OpenBSD and the libmd ones in Solaris 11.
Comment 2 vladimir.marek 2014-04-10 07:50:24 MDT 
Works perfectly!

Thank you
-- 
  Vlad
Comment 3 Todd C. Miller 2014-09-24 09:29:49 MDT 
Fixed in sudo 1.8.11.