*
* Copyright (C) 1996 Andrew Tridgell
* Copyright (C) 1996 Paul Mackerras
- * Copyright (C) 2004-2020 Wayne Davison
+ * Copyright (C) 2004-2022 Wayne Davison
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
*/
#include "rsync.h"
+
#ifdef SUPPORT_XXHASH
-#include "xxhash.h"
-#endif
-#ifdef USE_OPENSSL
-#include "openssl/md5.h"
+#include <xxhash.h>
+# if XXH_VERSION_NUMBER >= 800
+# define SUPPORT_XXH3 1
+# endif
#endif
extern int am_server;
-extern int local_server;
extern int whole_file;
-extern int read_batch;
extern int checksum_seed;
extern int protocol_version;
extern int proper_seed_order;
-extern char *checksum_choice;
-
-#define CSUM_NONE 0
-#define CSUM_MD4_ARCHAIC 1
-#define CSUM_MD4_BUSTED 2
-#define CSUM_MD4_OLD 3
-#define CSUM_MD4 4
-#define CSUM_MD5 5
-#define CSUM_XXHASH 6
-
-#define CSUM_SAW_BUFLEN 10
-
-struct csum_struct {
- int num;
- const char *name;
-} valid_checksums[] = {
+extern const char *checksum_choice;
+
+#define NNI_BUILTIN (1<<0)
+#define NNI_EVP (1<<1)
+#define NNI_EVP_OK (1<<2)
+
+struct name_num_item valid_checksums_items[] = {
+#ifdef SUPPORT_XXH3
+ { CSUM_XXH3_128, 0, "xxh128", NULL },
+ { CSUM_XXH3_64, 0, "xxh3", NULL },
+#endif
#ifdef SUPPORT_XXHASH
- { CSUM_XXHASH, "xxhash" },
+ { CSUM_XXH64, 0, "xxh64", NULL },
+ { CSUM_XXH64, 0, "xxhash", NULL },
#endif
- { CSUM_MD5, "md5" },
- { CSUM_MD4, "md4" },
- { CSUM_NONE, "none" },
- { -1, NULL }
+ { CSUM_MD5, NNI_BUILTIN|NNI_EVP, "md5", NULL },
+ { CSUM_MD4, NNI_BUILTIN|NNI_EVP, "md4", NULL },
+#ifdef SHA_DIGEST_LENGTH
+ { CSUM_SHA1, NNI_EVP, "sha1", NULL },
+#endif
+ { CSUM_NONE, 0, "none", NULL },
+ { 0, 0, NULL, NULL }
};
-#define MAX_CHECKSUM_LIST 1024
+struct name_num_obj valid_checksums = {
+ "checksum", NULL, 0, 0, valid_checksums_items
+};
-#ifndef USE_OPENSSL
-#define MD5_CTX md_context
-#define MD5_Init md5_begin
-#define MD5_Update md5_update
-#define MD5_Final(digest, cptr) md5_result(cptr, digest)
+struct name_num_item valid_auth_checksums_items[] = {
+#ifdef SHA512_DIGEST_LENGTH
+ { CSUM_SHA512, NNI_EVP, "sha512", NULL },
#endif
+#ifdef SHA256_DIGEST_LENGTH
+ { CSUM_SHA256, NNI_EVP, "sha256", NULL },
+#endif
+#ifdef SHA_DIGEST_LENGTH
+ { CSUM_SHA1, NNI_EVP, "sha1", NULL },
+#endif
+ { CSUM_MD5, NNI_BUILTIN|NNI_EVP, "md5", NULL },
+ { CSUM_MD4, NNI_BUILTIN|NNI_EVP, "md4", NULL },
+ { 0, 0, NULL, NULL }
+};
-int xfersum_type = 0; /* used for the file transfer checksums */
-int checksum_type = 0; /* used for the pre-transfer (--checksum) checksums */
-const char *negotiated_csum_name = NULL;
+struct name_num_obj valid_auth_checksums = {
+ "daemon auth checksum", NULL, 0, 0, valid_auth_checksums_items
+};
-static int parse_csum_name(const char *name, int len, int allow_auto)
+/* These cannot make use of openssl, so they're marked just as built-in */
+struct name_num_item implied_checksum_md4 =
+ { CSUM_MD4, NNI_BUILTIN, "md4", NULL };
+struct name_num_item implied_checksum_md5 =
+ { CSUM_MD5, NNI_BUILTIN, "md5", NULL };
+
+struct name_num_item *xfer_sum_nni; /* used for the transfer checksum2 computations */
+int xfer_sum_len;
+struct name_num_item *file_sum_nni; /* used for the pre-transfer --checksum computations */
+int file_sum_len, file_sum_extra_cnt;
+
+#ifdef USE_OPENSSL
+const EVP_MD *xfer_sum_evp_md;
+const EVP_MD *file_sum_evp_md;
+EVP_MD_CTX *ctx_evp = NULL;
+#endif
+
+static int initialized_choices = 0;
+
+struct name_num_item *parse_csum_name(const char *name, int len)
{
- struct csum_struct *cs;
+ struct name_num_item *nni;
if (len < 0 && name)
len = strlen(name);
- if (!name || (allow_auto && len == 4 && strncasecmp(name, "auto", 4) == 0)) {
- if (protocol_version >= 30)
- return CSUM_MD5;
- if (protocol_version >= 27)
- return CSUM_MD4_OLD;
- if (protocol_version >= 21)
- return CSUM_MD4_BUSTED;
- return CSUM_MD4_ARCHAIC;
- }
+ init_checksum_choices();
- for (cs = valid_checksums; cs->name; cs++) {
- if (strncasecmp(name, cs->name, len) == 0 && cs->name[len] == '\0')
- return cs->num;
+ if (!name || (len == 4 && strncasecmp(name, "auto", 4) == 0)) {
+ if (protocol_version >= 30) {
+ if (!proper_seed_order)
+ return &implied_checksum_md5;
+ name = "md5";
+ len = 3;
+ } else {
+ if (protocol_version >= 27)
+ implied_checksum_md4.num = CSUM_MD4_OLD;
+ else if (protocol_version >= 21)
+ implied_checksum_md4.num = CSUM_MD4_BUSTED;
+ else
+ implied_checksum_md4.num = CSUM_MD4_ARCHAIC;
+ return &implied_checksum_md4;
+ }
}
- if (allow_auto) {
+ nni = get_nni_by_name(&valid_checksums, name, len);
+
+ if (!nni) {
rprintf(FERROR, "unknown checksum name: %s\n", name);
exit_cleanup(RERR_UNSUPPORTED);
}
- return -1;
+ return nni;
}
-static const char *checksum_name(int num)
+#ifdef USE_OPENSSL
+static const EVP_MD *csum_evp_md(struct name_num_item *nni)
{
- struct csum_struct *cs;
-
- for (cs = valid_checksums; cs->name; cs++) {
- if (num == cs->num)
- return cs->name;
+ const EVP_MD *emd;
+ if (!(nni->flags & NNI_EVP))
+ return NULL;
+
+#ifdef USE_MD5_ASM
+ if (nni->num == CSUM_MD5)
+ emd = NULL;
+ else
+#endif
+ emd = EVP_get_digestbyname(nni->name);
+ if (emd && !(nni->flags & NNI_EVP_OK)) { /* Make sure it works before we advertise it */
+ if (!ctx_evp && !(ctx_evp = EVP_MD_CTX_create()))
+ out_of_memory("csum_evp_md");
+ /* Some routines are marked as legacy and are not enabled in the openssl.cnf file.
+ * If we can't init the emd, we'll fall back to our built-in code. */
+ if (EVP_DigestInit_ex(ctx_evp, emd, NULL) == 0)
+ emd = NULL;
+ else
+ nni->flags = (nni->flags & ~NNI_BUILTIN) | NNI_EVP_OK;
}
-
- if (num < CSUM_MD4)
- return "MD4";
-
- return "UNKNOWN";
+ if (!emd)
+ nni->flags &= ~NNI_EVP;
+ return emd;
}
+#endif
void parse_checksum_choice(int final_call)
{
- if (!negotiated_csum_name) {
+ if (valid_checksums.negotiated_nni)
+ xfer_sum_nni = file_sum_nni = valid_checksums.negotiated_nni;
+ else {
char *cp = checksum_choice ? strchr(checksum_choice, ',') : NULL;
if (cp) {
- xfersum_type = parse_csum_name(checksum_choice, cp - checksum_choice, 1);
- checksum_type = parse_csum_name(cp+1, -1, 1);
+ xfer_sum_nni = parse_csum_name(checksum_choice, cp - checksum_choice);
+ file_sum_nni = parse_csum_name(cp+1, -1);
} else
- xfersum_type = checksum_type = parse_csum_name(checksum_choice, -1, 1);
+ xfer_sum_nni = file_sum_nni = parse_csum_name(checksum_choice, -1);
+ if (am_server && checksum_choice)
+ validate_choice_vs_env(NSTR_CHECKSUM, xfer_sum_nni->num, file_sum_nni->num);
}
+ xfer_sum_len = csum_len_for_type(xfer_sum_nni->num, 0);
+ file_sum_len = csum_len_for_type(file_sum_nni->num, 0);
+#ifdef USE_OPENSSL
+ xfer_sum_evp_md = csum_evp_md(xfer_sum_nni);
+ file_sum_evp_md = csum_evp_md(file_sum_nni);
+#endif
- if (xfersum_type == CSUM_NONE)
- whole_file = 1;
-
- if (final_call && DEBUG_GTE(CSUM, 1)) {
- if (negotiated_csum_name)
- rprintf(FINFO, "[%s] negotiated checksum: %s\n", who_am_i(), negotiated_csum_name);
- else if (xfersum_type == checksum_type) {
- rprintf(FINFO, "[%s] %s checksum: %s\n", who_am_i(),
- checksum_choice ? "chosen" : "protocol-based",
- checksum_name(xfersum_type));
- } else {
- rprintf(FINFO, "[%s] chosen transfer checksum: %s\n",
- who_am_i(), checksum_name(xfersum_type));
- rprintf(FINFO, "[%s] chosen pre-transfer checksum: %s\n",
- who_am_i(), checksum_name(checksum_type));
- }
- }
-}
-
-static int parse_checksum_list(const char *from, char *sumbuf, int sumbuf_len, char *saw)
-{
- char *to = sumbuf, *tok = NULL;
- int cnt = 0;
-
- memset(saw, 0, CSUM_SAW_BUFLEN);
-
- while (1) {
- if (*from == ' ' || !*from) {
- if (tok) {
- int sum_type = parse_csum_name(tok, to - tok, 0);
- if (sum_type >= 0 && !saw[sum_type])
- saw[sum_type] = ++cnt;
- else
- to = tok - (tok != sumbuf);
- tok = NULL;
- }
- if (!*from++)
- break;
- continue;
- }
- if (!tok) {
- if (to != sumbuf)
- *to++ = ' ';
- tok = to;
- }
- if (to - sumbuf >= sumbuf_len - 1) {
- to = tok - (tok != sumbuf);
- break;
- }
- *to++ = *from++;
- }
- *to = '\0';
-
- return to - sumbuf;
-}
+ file_sum_extra_cnt = (file_sum_len + EXTRA_LEN - 1) / EXTRA_LEN;
-void negotiate_checksum(int f_in, int f_out, const char *csum_list, int saw_fail)
-{
- char *tok, sumbuf[MAX_CHECKSUM_LIST], saw[CSUM_SAW_BUFLEN];
- int sum_type, len;
-
- /* Simplify the user-provided string so that it contains valid
- * checksum names without any duplicates. The client side also
- * makes use of the saw values when scanning the server's list. */
- if (csum_list && *csum_list && (!am_server || local_server)) {
- len = parse_checksum_list(csum_list, sumbuf, sizeof sumbuf, saw);
- if (saw_fail && !len)
- len = strlcpy(sumbuf, "FAIL", sizeof sumbuf);
- csum_list = sumbuf;
- } else {
- memset(saw, 0, CSUM_SAW_BUFLEN);
- csum_list = NULL;
- }
-
- if (!csum_list || !*csum_list) {
- struct csum_struct *cs;
- int cnt = 0;
- for (cs = valid_checksums, len = 0; cs->name; cs++) {
- if (cs->num == CSUM_NONE)
- continue;
- if (len)
- sumbuf[len++]= ' ';
- len += strlcpy(sumbuf+len, cs->name, sizeof sumbuf - len);
- if (len >= (int)sizeof sumbuf - 1)
- exit_cleanup(RERR_UNSUPPORTED); /* IMPOSSIBLE... */
- saw[cs->num] = ++cnt;
- }
- }
+ if (xfer_sum_nni->num == CSUM_NONE)
+ whole_file = 1;
- /* Each side sends their list of valid checksum names to the other side and
- * then both sides pick the first name in the client's list that is also in
- * the server's list. */
- if (!local_server)
- write_vstring(f_out, sumbuf, len);
-
- if (!local_server || read_batch)
- len = read_vstring(f_in, sumbuf, sizeof sumbuf);
-
- if (len > 0) {
- int best = CSUM_SAW_BUFLEN; /* We want best == 1 from the client list */
- if (am_server)
- memset(saw, 1, CSUM_SAW_BUFLEN); /* The first client's choice is the best choice */
- for (tok = strtok(sumbuf, " \t"); tok; tok = strtok(NULL, " \t")) {
- sum_type = parse_csum_name(tok, -1, 0);
- if (sum_type < 0 || !saw[sum_type] || best < saw[sum_type])
- continue;
- xfersum_type = checksum_type = sum_type;
- negotiated_csum_name = tok;
- best = saw[sum_type];
- if (best == 1)
- break;
- }
- if (negotiated_csum_name) {
- negotiated_csum_name = strdup(negotiated_csum_name);
- return;
- }
+ /* Snag the checksum name for both write_batch's option output & the following debug output. */
+ if (valid_checksums.negotiated_nni)
+ checksum_choice = valid_checksums.negotiated_nni->name;
+ else if (checksum_choice == NULL)
+ checksum_choice = xfer_sum_nni->name;
+
+ if (final_call && DEBUG_GTE(NSTR, am_server ? 3 : 1)) {
+ rprintf(FINFO, "%s%s checksum: %s\n",
+ am_server ? "Server" : "Client",
+ valid_checksums.negotiated_nni ? " negotiated" : "",
+ checksum_choice);
}
-
- if (!am_server)
- msleep(20);
- rprintf(FERROR, "Failed to negotiate a common checksum\n");
- exit_cleanup(RERR_UNSUPPORTED);
}
int csum_len_for_type(int cst, BOOL flist_csum)
return MD4_DIGEST_LEN;
case CSUM_MD5:
return MD5_DIGEST_LEN;
-#ifdef SUPPORT_XXHASH
- case CSUM_XXHASH:
- return sizeof (XXH64_hash_t);
+#ifdef SHA_DIGEST_LENGTH
+ case CSUM_SHA1:
+ return SHA_DIGEST_LENGTH;
+#endif
+#ifdef SHA256_DIGEST_LENGTH
+ case CSUM_SHA256:
+ return SHA256_DIGEST_LENGTH;
#endif
+#ifdef SHA512_DIGEST_LENGTH
+ case CSUM_SHA512:
+ return SHA512_DIGEST_LENGTH;
+#endif
+ case CSUM_XXH64:
+ case CSUM_XXH3_64:
+ return 64/8;
+ case CSUM_XXH3_128:
+ return 128/8;
default: /* paranoia to prevent missing case values */
exit_cleanup(RERR_UNSUPPORTED);
}
return 0;
}
+/* Returns 0 if the checksum is not canonical (i.e. it includes a seed value).
+ * Returns 1 if the public sum order matches our internal sum order.
+ * Returns -1 if the public sum order is the reverse of our internal sum order.
+ */
int canonical_checksum(int csum_type)
{
- return csum_type >= CSUM_MD4 ? 1 : 0;
+ switch (csum_type) {
+ case CSUM_NONE:
+ case CSUM_MD4_ARCHAIC:
+ case CSUM_MD4_OLD:
+ case CSUM_MD4_BUSTED:
+ break;
+ case CSUM_MD4:
+ case CSUM_MD5:
+ case CSUM_SHA1:
+ case CSUM_SHA256:
+ case CSUM_SHA512:
+ return -1;
+ case CSUM_XXH64:
+ case CSUM_XXH3_64:
+ case CSUM_XXH3_128:
+ return 1;
+ default: /* paranoia to prevent missing case values */
+ exit_cleanup(RERR_UNSUPPORTED);
+ }
+ return 0;
}
-#ifndef HAVE_SIMD /* See simd-checksum-*.cpp. */
+#ifndef USE_ROLL_SIMD /* See simd-checksum-*.cpp. */
/*
a simple 32 bit checksum that can be updated from either end
(inspired by Mark Adler's Adler-32 checksum)
void get_checksum2(char *buf, int32 len, char *sum)
{
- md_context m;
- MD5_CTX m5;
-
- switch (xfersum_type) {
+#ifdef USE_OPENSSL
+ if (xfer_sum_evp_md) {
+ static EVP_MD_CTX *evp = NULL;
+ uchar seedbuf[4];
+ if (!evp && !(evp = EVP_MD_CTX_create()))
+ out_of_memory("get_checksum2");
+ EVP_DigestInit_ex(evp, xfer_sum_evp_md, NULL);
+ if (checksum_seed) {
+ SIVALu(seedbuf, 0, checksum_seed);
+ EVP_DigestUpdate(evp, seedbuf, 4);
+ }
+ EVP_DigestUpdate(evp, (uchar *)buf, len);
+ EVP_DigestFinal_ex(evp, (uchar *)sum, NULL);
+ } else
+#endif
+ switch (xfer_sum_nni->num) {
+#ifdef SUPPORT_XXHASH
+ case CSUM_XXH64:
+ SIVAL64(sum, 0, XXH64(buf, len, checksum_seed));
+ break;
+#endif
+#ifdef SUPPORT_XXH3
+ case CSUM_XXH3_64:
+ SIVAL64(sum, 0, XXH3_64bits_withSeed(buf, len, checksum_seed));
+ break;
+ case CSUM_XXH3_128: {
+ XXH128_hash_t digest = XXH3_128bits_withSeed(buf, len, checksum_seed);
+ SIVAL64(sum, 0, digest.low64);
+ SIVAL64(sum, 8, digest.high64);
+ break;
+ }
+#endif
case CSUM_MD5: {
+ md_context m5;
uchar seedbuf[4];
- MD5_Init(&m5);
+ md5_begin(&m5);
if (proper_seed_order) {
if (checksum_seed) {
SIVALu(seedbuf, 0, checksum_seed);
- MD5_Update(&m5, seedbuf, 4);
+ md5_update(&m5, seedbuf, 4);
}
- MD5_Update(&m5, (uchar *)buf, len);
+ md5_update(&m5, (uchar *)buf, len);
} else {
- MD5_Update(&m5, (uchar *)buf, len);
+ md5_update(&m5, (uchar *)buf, len);
if (checksum_seed) {
SIVALu(seedbuf, 0, checksum_seed);
- MD5_Update(&m5, seedbuf, 4);
+ md5_update(&m5, seedbuf, 4);
}
}
- MD5_Final((uchar *)sum, &m5);
+ md5_result(&m5, (uchar *)sum);
break;
}
case CSUM_MD4:
case CSUM_MD4_OLD:
case CSUM_MD4_BUSTED:
case CSUM_MD4_ARCHAIC: {
+ md_context m;
int32 i;
static char *buf1;
static int32 len1;
free(buf1);
buf1 = new_array(char, len+4);
len1 = len;
- if (!buf1)
- out_of_memory("get_checksum2");
}
memcpy(buf1, buf, len);
* are multiples of 64. This is fixed by calling mdfour_update()
* even when there are no more bytes.
*/
- if (len - i > 0 || xfersum_type > CSUM_MD4_BUSTED)
+ if (len - i > 0 || xfer_sum_nni->num > CSUM_MD4_BUSTED)
mdfour_update(&m, (uchar *)(buf1+i), len-i);
mdfour_result(&m, (uchar *)sum);
break;
}
-#ifdef SUPPORT_XXHASH
- case CSUM_XXHASH:
- SIVAL64(sum, 0, XXH64(buf, len, checksum_seed));
- break;
-#endif
default: /* paranoia to prevent missing case values */
exit_cleanup(RERR_UNSUPPORTED);
}
{
struct map_struct *buf;
OFF_T i, len = st_p->st_size;
- md_context m;
- MD5_CTX m5;
int32 remainder;
int fd;
- memset(sum, 0, MAX_DIGEST_LEN);
-
fd = do_open(fname, O_RDONLY, 0);
- if (fd == -1)
+ if (fd == -1) {
+ memset(sum, 0, file_sum_len);
return;
+ }
- buf = map_file(fd, len, MAX_MAP_SIZE, CSUM_CHUNK);
+ buf = map_file(fd, len, MAX_MAP_SIZE, CHUNK_SIZE);
- switch (checksum_type) {
- case CSUM_MD5:
- MD5_Init(&m5);
+#ifdef USE_OPENSSL
+ if (file_sum_evp_md) {
+ static EVP_MD_CTX *evp = NULL;
+ if (!evp && !(evp = EVP_MD_CTX_create()))
+ out_of_memory("file_checksum");
- for (i = 0; i + CSUM_CHUNK <= len; i += CSUM_CHUNK) {
- MD5_Update(&m5, (uchar *)map_ptr(buf, i, CSUM_CHUNK),
- CSUM_CHUNK);
- }
+ EVP_DigestInit_ex(evp, file_sum_evp_md, NULL);
+
+ for (i = 0; i + CHUNK_SIZE <= len; i += CHUNK_SIZE)
+ EVP_DigestUpdate(evp, (uchar *)map_ptr(buf, i, CHUNK_SIZE), CHUNK_SIZE);
+
+ remainder = (int32)(len - i);
+ if (remainder > 0)
+ EVP_DigestUpdate(evp, (uchar *)map_ptr(buf, i, remainder), remainder);
+
+ EVP_DigestFinal_ex(evp, (uchar *)sum, NULL);
+ } else
+#endif
+ switch (file_sum_nni->num) {
+#ifdef SUPPORT_XXHASH
+ case CSUM_XXH64: {
+ static XXH64_state_t* state = NULL;
+ if (!state && !(state = XXH64_createState()))
+ out_of_memory("file_checksum");
+
+ XXH64_reset(state, 0);
+
+ for (i = 0; i + CHUNK_SIZE <= len; i += CHUNK_SIZE)
+ XXH64_update(state, (uchar *)map_ptr(buf, i, CHUNK_SIZE), CHUNK_SIZE);
+
+ remainder = (int32)(len - i);
+ if (remainder > 0)
+ XXH64_update(state, (uchar *)map_ptr(buf, i, remainder), remainder);
+
+ SIVAL64(sum, 0, XXH64_digest(state));
+ break;
+ }
+#endif
+#ifdef SUPPORT_XXH3
+ case CSUM_XXH3_64: {
+ static XXH3_state_t* state = NULL;
+ if (!state && !(state = XXH3_createState()))
+ out_of_memory("file_checksum");
+
+ XXH3_64bits_reset(state);
+
+ for (i = 0; i + CHUNK_SIZE <= len; i += CHUNK_SIZE)
+ XXH3_64bits_update(state, (uchar *)map_ptr(buf, i, CHUNK_SIZE), CHUNK_SIZE);
remainder = (int32)(len - i);
if (remainder > 0)
- MD5_Update(&m5, (uchar *)map_ptr(buf, i, remainder), remainder);
+ XXH3_64bits_update(state, (uchar *)map_ptr(buf, i, remainder), remainder);
- MD5_Final((uchar *)sum, &m5);
+ SIVAL64(sum, 0, XXH3_64bits_digest(state));
break;
+ }
+ case CSUM_XXH3_128: {
+ XXH128_hash_t digest;
+ static XXH3_state_t* state = NULL;
+ if (!state && !(state = XXH3_createState()))
+ out_of_memory("file_checksum");
+
+ XXH3_128bits_reset(state);
+
+ for (i = 0; i + CHUNK_SIZE <= len; i += CHUNK_SIZE)
+ XXH3_128bits_update(state, (uchar *)map_ptr(buf, i, CHUNK_SIZE), CHUNK_SIZE);
+
+ remainder = (int32)(len - i);
+ if (remainder > 0)
+ XXH3_128bits_update(state, (uchar *)map_ptr(buf, i, remainder), remainder);
+
+ digest = XXH3_128bits_digest(state);
+ SIVAL64(sum, 0, digest.low64);
+ SIVAL64(sum, 8, digest.high64);
+ break;
+ }
+#endif
+ case CSUM_MD5: {
+ md_context m5;
+
+ md5_begin(&m5);
+
+ for (i = 0; i + CHUNK_SIZE <= len; i += CHUNK_SIZE)
+ md5_update(&m5, (uchar *)map_ptr(buf, i, CHUNK_SIZE), CHUNK_SIZE);
+
+ remainder = (int32)(len - i);
+ if (remainder > 0)
+ md5_update(&m5, (uchar *)map_ptr(buf, i, remainder), remainder);
+
+ md5_result(&m5, (uchar *)sum);
+ break;
+ }
case CSUM_MD4:
case CSUM_MD4_OLD:
case CSUM_MD4_BUSTED:
- case CSUM_MD4_ARCHAIC:
+ case CSUM_MD4_ARCHAIC: {
+ md_context m;
+
mdfour_begin(&m);
- for (i = 0; i + CSUM_CHUNK <= len; i += CSUM_CHUNK) {
+ for (i = 0; i + CSUM_CHUNK <= len; i += CSUM_CHUNK)
mdfour_update(&m, (uchar *)map_ptr(buf, i, CSUM_CHUNK), CSUM_CHUNK);
- }
/* Prior to version 27 an incorrect MD4 checksum was computed
* by failing to call mdfour_tail() for block sizes that
* are multiples of 64. This is fixed by calling mdfour_update()
* even when there are no more bytes. */
remainder = (int32)(len - i);
- if (remainder > 0 || checksum_type > CSUM_MD4_BUSTED)
+ if (remainder > 0 || file_sum_nni->num > CSUM_MD4_BUSTED)
mdfour_update(&m, (uchar *)map_ptr(buf, i, remainder), remainder);
mdfour_result(&m, (uchar *)sum);
break;
-#ifdef SUPPORT_XXHASH
- case CSUM_XXHASH: {
- XXH64_state_t* state = XXH64_createState();
- if (state == NULL)
- out_of_memory("file_checksum xx64");
-
- if (XXH64_reset(state, 0) == XXH_ERROR) {
- rprintf(FERROR, "error resetting XXH64 seed");
- exit_cleanup(RERR_STREAMIO);
- }
-
- for (i = 0; i + CSUM_CHUNK <= len; i += CSUM_CHUNK) {
- XXH_errorcode const updateResult =
- XXH64_update(state, (uchar *)map_ptr(buf, i, CSUM_CHUNK), CSUM_CHUNK);
- if (updateResult == XXH_ERROR) {
- rprintf(FERROR, "error computing XX64 hash");
- exit_cleanup(RERR_STREAMIO);
- }
- }
- remainder = (int32)(len - i);
- if (remainder > 0)
- XXH64_update(state, (uchar *)map_ptr(buf, i, CSUM_CHUNK), remainder);
- SIVAL64(sum, 0, XXH64_digest(state));
-
- XXH64_freeState(state);
- break;
}
-#endif
default:
- rprintf(FERROR, "invalid checksum-choice for the --checksum option (%d)\n", checksum_type);
+ rprintf(FERROR, "Invalid checksum-choice for --checksum: %s (%d)\n",
+ file_sum_nni->name, file_sum_nni->num);
exit_cleanup(RERR_UNSUPPORTED);
}
}
static int32 sumresidue;
-static md_context md;
-static MD5_CTX m5;
-static int cursum_type;
+static md_context ctx_md;
#ifdef SUPPORT_XXHASH
-XXH64_state_t* xxh64_state = NULL;
+static XXH64_state_t* xxh64_state;
+#endif
+#ifdef SUPPORT_XXH3
+static XXH3_state_t* xxh3_state;
+#endif
+static struct name_num_item *cur_sum_nni;
+int cur_sum_len;
+
+#ifdef USE_OPENSSL
+static const EVP_MD *cur_sum_evp_md;
#endif
-void sum_init(int csum_type, int seed)
+/* Initialize a hash digest accumulator. Data is supplied via
+ * sum_update() and the resulting binary digest is retrieved via
+ * sum_end(). This only supports one active sum at a time. */
+int sum_init(struct name_num_item *nni, int seed)
{
char s[4];
- if (csum_type < 0)
- csum_type = parse_csum_name(NULL, 0, 1);
- cursum_type = csum_type;
+ if (!nni)
+ nni = parse_csum_name(NULL, 0);
+ cur_sum_nni = nni;
+ cur_sum_len = csum_len_for_type(nni->num, 0);
+#ifdef USE_OPENSSL
+ cur_sum_evp_md = csum_evp_md(nni);
+#endif
- switch (csum_type) {
+#ifdef USE_OPENSSL
+ if (cur_sum_evp_md) {
+ if (!ctx_evp && !(ctx_evp = EVP_MD_CTX_create()))
+ out_of_memory("file_checksum");
+ EVP_DigestInit_ex(ctx_evp, cur_sum_evp_md, NULL);
+ } else
+#endif
+ switch (cur_sum_nni->num) {
+#ifdef SUPPORT_XXHASH
+ case CSUM_XXH64:
+ if (!xxh64_state && !(xxh64_state = XXH64_createState()))
+ out_of_memory("sum_init");
+ XXH64_reset(xxh64_state, 0);
+ break;
+#endif
+#ifdef SUPPORT_XXH3
+ case CSUM_XXH3_64:
+ if (!xxh3_state && !(xxh3_state = XXH3_createState()))
+ out_of_memory("sum_init");
+ XXH3_64bits_reset(xxh3_state);
+ break;
+ case CSUM_XXH3_128:
+ if (!xxh3_state && !(xxh3_state = XXH3_createState()))
+ out_of_memory("sum_init");
+ XXH3_128bits_reset(xxh3_state);
+ break;
+#endif
case CSUM_MD5:
- MD5_Init(&m5);
+ md5_begin(&ctx_md);
break;
case CSUM_MD4:
- mdfour_begin(&md);
+ mdfour_begin(&ctx_md);
sumresidue = 0;
break;
case CSUM_MD4_OLD:
case CSUM_MD4_BUSTED:
case CSUM_MD4_ARCHAIC:
- mdfour_begin(&md);
+ mdfour_begin(&ctx_md);
sumresidue = 0;
SIVAL(s, 0, seed);
sum_update(s, 4);
break;
-#ifdef SUPPORT_XXHASH
- case CSUM_XXHASH:
- if (xxh64_state == NULL) {
- xxh64_state = XXH64_createState();
- if (xxh64_state == NULL)
- out_of_memory("sum_init xxh64");
- }
- if (XXH64_reset(xxh64_state, 0) == XXH_ERROR) {
- rprintf(FERROR, "error resetting XXH64 state");
- exit_cleanup(RERR_STREAMIO);
- }
- break;
-#endif
case CSUM_NONE:
break;
default: /* paranoia to prevent missing case values */
exit_cleanup(RERR_UNSUPPORTED);
}
+
+ return cur_sum_len;
}
-/**
- * Feed data into an MD4 accumulator, md. The results may be
- * retrieved using sum_end(). md is used for different purposes at
- * different points during execution.
- *
- * @todo Perhaps get rid of md and just pass in the address each time.
- * Very slightly clearer and slower.
- **/
+/* Feed data into a hash digest accumulator. */
void sum_update(const char *p, int32 len)
{
- switch (cursum_type) {
+#ifdef USE_OPENSSL
+ if (cur_sum_evp_md) {
+ EVP_DigestUpdate(ctx_evp, (uchar *)p, len);
+ } else
+#endif
+ switch (cur_sum_nni->num) {
+#ifdef SUPPORT_XXHASH
+ case CSUM_XXH64:
+ XXH64_update(xxh64_state, p, len);
+ break;
+#endif
+#ifdef SUPPORT_XXH3
+ case CSUM_XXH3_64:
+ XXH3_64bits_update(xxh3_state, p, len);
+ break;
+ case CSUM_XXH3_128:
+ XXH3_128bits_update(xxh3_state, p, len);
+ break;
+#endif
case CSUM_MD5:
- MD5_Update(&m5, (uchar *)p, len);
+ md5_update(&ctx_md, (uchar *)p, len);
break;
case CSUM_MD4:
case CSUM_MD4_OLD:
case CSUM_MD4_BUSTED:
case CSUM_MD4_ARCHAIC:
if (len + sumresidue < CSUM_CHUNK) {
- memcpy(md.buffer + sumresidue, p, len);
+ memcpy(ctx_md.buffer + sumresidue, p, len);
sumresidue += len;
break;
}
if (sumresidue) {
int32 i = CSUM_CHUNK - sumresidue;
- memcpy(md.buffer + sumresidue, p, i);
- mdfour_update(&md, (uchar *)md.buffer, CSUM_CHUNK);
+ memcpy(ctx_md.buffer + sumresidue, p, i);
+ mdfour_update(&ctx_md, (uchar *)ctx_md.buffer, CSUM_CHUNK);
len -= i;
p += i;
}
while (len >= CSUM_CHUNK) {
- mdfour_update(&md, (uchar *)p, CSUM_CHUNK);
+ mdfour_update(&ctx_md, (uchar *)p, CSUM_CHUNK);
len -= CSUM_CHUNK;
p += CSUM_CHUNK;
}
sumresidue = len;
if (sumresidue)
- memcpy(md.buffer, p, sumresidue);
+ memcpy(ctx_md.buffer, p, sumresidue);
break;
-#ifdef SUPPORT_XXHASH
- case CSUM_XXHASH:
- if (XXH64_update(xxh64_state, p, len) == XXH_ERROR) {
- rprintf(FERROR, "error computing XX64 hash");
- exit_cleanup(RERR_STREAMIO);
- }
- break;
-#endif
case CSUM_NONE:
break;
default: /* paranoia to prevent missing case values */
}
}
-/* NOTE: all the callers of sum_end() pass in a pointer to a buffer that is
- * MAX_DIGEST_LEN in size, so even if the csum-len is shorter that that (i.e.
- * CSUM_MD4_ARCHAIC), we don't have to worry about limiting the data we write
- * into the "sum" buffer. */
-int sum_end(char *sum)
+/* The sum buffer only needs to be as long as the current checksum's digest
+ * len, not MAX_DIGEST_LEN. Note that for CSUM_MD4_ARCHAIC that is the full
+ * MD4_DIGEST_LEN even if the file-list code is going to ignore all but the
+ * first 2 bytes of it. */
+void sum_end(char *sum)
{
- switch (cursum_type) {
+#ifdef USE_OPENSSL
+ if (cur_sum_evp_md) {
+ EVP_DigestFinal_ex(ctx_evp, (uchar *)sum, NULL);
+ } else
+#endif
+ switch (cur_sum_nni->num) {
+#ifdef SUPPORT_XXHASH
+ case CSUM_XXH64:
+ SIVAL64(sum, 0, XXH64_digest(xxh64_state));
+ break;
+#endif
+#ifdef SUPPORT_XXH3
+ case CSUM_XXH3_64:
+ SIVAL64(sum, 0, XXH3_64bits_digest(xxh3_state));
+ break;
+ case CSUM_XXH3_128: {
+ XXH128_hash_t digest = XXH3_128bits_digest(xxh3_state);
+ SIVAL64(sum, 0, digest.low64);
+ SIVAL64(sum, 8, digest.high64);
+ break;
+ }
+#endif
case CSUM_MD5:
- MD5_Final((uchar *)sum, &m5);
+ md5_result(&ctx_md, (uchar *)sum);
break;
case CSUM_MD4:
case CSUM_MD4_OLD:
- mdfour_update(&md, (uchar *)md.buffer, sumresidue);
- mdfour_result(&md, (uchar *)sum);
+ mdfour_update(&ctx_md, (uchar *)ctx_md.buffer, sumresidue);
+ mdfour_result(&ctx_md, (uchar *)sum);
break;
case CSUM_MD4_BUSTED:
case CSUM_MD4_ARCHAIC:
if (sumresidue)
- mdfour_update(&md, (uchar *)md.buffer, sumresidue);
- mdfour_result(&md, (uchar *)sum);
+ mdfour_update(&ctx_md, (uchar *)ctx_md.buffer, sumresidue);
+ mdfour_result(&ctx_md, (uchar *)sum);
break;
-#ifdef SUPPORT_XXHASH
- case CSUM_XXHASH:
- SIVAL64(sum, 0, XXH64_digest(xxh64_state));
- break;
-#endif
case CSUM_NONE:
*sum = '\0';
break;
default: /* paranoia to prevent missing case values */
exit_cleanup(RERR_UNSUPPORTED);
}
+}
+
+#if defined SUPPORT_XXH3 || defined USE_OPENSSL
+static void verify_digest(struct name_num_item *nni, BOOL check_auth_list)
+{
+#ifdef SUPPORT_XXH3
+ static int xxh3_result = 0;
+#endif
+#ifdef USE_OPENSSL
+ static int prior_num = 0, prior_flags = 0, prior_result = 0;
+#endif
+
+#ifdef SUPPORT_XXH3
+ if (nni->num == CSUM_XXH3_64 || nni->num == CSUM_XXH3_128) {
+ if (!xxh3_result) {
+ char buf[32816];
+ int j;
+ for (j = 0; j < (int)sizeof buf; j++)
+ buf[j] = ' ' + (j % 96);
+ sum_init(nni, 0);
+ sum_update(buf, 32816);
+ sum_update(buf, 31152);
+ sum_update(buf, 32474);
+ sum_update(buf, 9322);
+ xxh3_result = XXH3_64bits_digest(xxh3_state) != 0xadbcf16d4678d1de ? -1 : 1;
+ }
+ if (xxh3_result < 0)
+ nni->num = CSUM_gone;
+ return;
+ }
+#endif
+
+#ifdef USE_OPENSSL
+ if (BITS_SETnUNSET(nni->flags, NNI_EVP, NNI_BUILTIN|NNI_EVP_OK)) {
+ if (nni->num == prior_num && nni->flags == prior_flags) {
+ nni->flags = prior_result;
+ if (!(nni->flags & NNI_EVP))
+ nni->num = CSUM_gone;
+ } else {
+ prior_num = nni->num;
+ prior_flags = nni->flags;
+ if (!csum_evp_md(nni))
+ nni->num = CSUM_gone;
+ prior_result = nni->flags;
+ if (check_auth_list && (nni = get_nni_by_num(&valid_auth_checksums, prior_num)) != NULL)
+ verify_digest(nni, False);
+ }
+ }
+#endif
+}
+#endif
+
+void init_checksum_choices()
+{
+#if defined SUPPORT_XXH3 || defined USE_OPENSSL
+ struct name_num_item *nni;
+#endif
+
+ if (initialized_choices)
+ return;
+
+#if defined USE_OPENSSL && OPENSSL_VERSION_NUMBER < 0x10100000L
+ OpenSSL_add_all_algorithms();
+#endif
+
+#if defined SUPPORT_XXH3 || defined USE_OPENSSL
+ for (nni = valid_checksums.list; nni->name; nni++)
+ verify_digest(nni, True);
+
+ for (nni = valid_auth_checksums.list; nni->name; nni++)
+ verify_digest(nni, False);
+#endif
- return csum_len_for_type(cursum_type, 0);
+ initialized_choices = 1;
}