summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2010-09-02 12:05:23 -0500
committerDan McGee <dan@archlinux.org>2010-09-02 12:05:23 -0500
commiteba521913d68da16cdd18d5e996c00c554408272 (patch)
tree9520a62f5b5dccf6e370030bb5a46074295744d6
parent24d8a1530877f8e5fe36675954e1137ff89e17d4 (diff)
Use OpenSSL MD5 crypto functions if available
I've noticed my Atom-powered laptop is dog-slow when doing integrity checks on packages, and it turns out our MD5 implementation isn't near as good as that provided by OpenSSL. Using their routines instead provided anywhere from a 1.4x up to a 1.8x performance benefit over our built-in MD5 function. This does not remove the MD5 code from our codebase, but it does enable linking against OpenSSL to get their much faster implementation if it is available on whatever platform you are using. At configure-time, we will default to using it if it is available, but this can be easily changed by using the `--with-openssl` or `--without-openssl` arguments to configure. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--configure.ac19
-rw-r--r--lib/libalpm/Makefile.am6
-rw-r--r--lib/libalpm/util.c44
3 files changed, 66 insertions, 3 deletions
diff --git a/configure.ac b/configure.ac
index b845f9ca..e0aafba6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -70,7 +70,7 @@ AC_DEFINE_UNQUOTED([LIB_VERSION], ["$LIB_VERSION"], [libalpm version number])
# Help line for root directory
AC_ARG_WITH(root-dir,
- AS_HELP_STRING([--with-root-dir=path], [set the location of pacman's root operating directory]),
+ AS_HELP_STRING([--with-root-dir=path], [set the location of the root operating directory]),
[ROOTDIR=$withval], [ROOTDIR=/])
# Help line for package extension
@@ -88,6 +88,11 @@ AC_ARG_WITH(buildscript,
AS_HELP_STRING([--with-buildscript=name], [set the build script name used by makepkg]),
[BUILDSCRIPT=$withval], [BUILDSCRIPT=PKGBUILD])
+# Help line for using OpenSSL
+AC_ARG_WITH(openssl,
+ AS_HELP_STRING([--with-openssl], [use OpenSSL crypto implementations instead of internal routines]),
+ [], [with_openssl=check])
+
# Help line for libfetch
AC_ARG_ENABLE(internal-download,
AS_HELP_STRING([--disable-internal-download], [do not build with libfetch support]),
@@ -131,6 +136,18 @@ AM_GNU_GETTEXT_VERSION(0.13.1)
AC_CHECK_LIB([archive], [archive_read_data], ,
AC_MSG_ERROR([libarchive is needed to compile pacman!]))
+# Check for OpenSSL
+AC_MSG_CHECKING(whether to link with libssl)
+AS_IF([test "x$with_openssl" != "xno"],
+ [AC_MSG_RESULT(yes)
+ AC_CHECK_LIB([ssl], [MD5_Final], ,
+ [if test "x$with_openssl" != "xcheck"; then
+ AC_MSG_FAILURE([--with-openssl was given, but -lssl was not found])
+ fi],
+ [-lcrypto])],
+ AC_MSG_RESULT(no))
+AM_CONDITIONAL([HAVE_LIBSSL], [test "x$ac_cv_lib_ssl_MD5_Final" = "xyes"])
+
# Enable or disable usage of libfetch
AC_MSG_CHECKING(whether to link with libfetch)
if test "x$internaldownload" = "xyes" ; then
diff --git a/lib/libalpm/Makefile.am b/lib/libalpm/Makefile.am
index 3473a73a..e136b548 100644
--- a/lib/libalpm/Makefile.am
+++ b/lib/libalpm/Makefile.am
@@ -38,7 +38,6 @@ libalpm_la_SOURCES = \
group.h group.c \
handle.h handle.c \
log.h log.c \
- md5.h md5.c \
package.h package.c \
remove.h remove.c \
sync.h sync.c \
@@ -46,6 +45,11 @@ libalpm_la_SOURCES = \
util.h util.c \
version.c
+if !HAVE_LIBSSL
+libalpm_la_SOURCES += \
+ md5.h md5.c
+endif
+
libalpm_la_LDFLAGS = -no-undefined -version-info $(LIB_VERSION_INFO)
libalpm_la_LIBADD = $(LTLIBINTL)
diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c
index 8a1f3924..5bf4ef12 100644
--- a/lib/libalpm/util.c
+++ b/lib/libalpm/util.c
@@ -43,13 +43,18 @@
#include <archive.h>
#include <archive_entry.h>
+#ifdef HAVE_LIBSSL
+#include <openssl/md5.h>
+#else
+#include "md5.h"
+#endif
+
/* libalpm */
#include "util.h"
#include "log.h"
#include "package.h"
#include "alpm.h"
#include "alpm_list.h"
-#include "md5.h"
#include "handle.h"
#ifndef HAVE_STRSEP
@@ -676,6 +681,42 @@ int _alpm_lstat(const char *path, struct stat *buf)
return(ret);
}
+#ifdef HAVE_LIBSSL
+static int md5_file(const char *path, unsigned char output[16])
+{
+ FILE *f;
+ size_t n;
+ MD5_CTX ctx;
+ unsigned char *buf;
+
+ CALLOC(buf, 8192, sizeof(unsigned char), return(1));
+
+ if((f = fopen(path, "rb")) == NULL) {
+ free(buf);
+ return(1);
+ }
+
+ MD5_Init(&ctx);
+
+ while((n = fread(buf, 1, sizeof(buf), f)) > 0) {
+ MD5_Update(&ctx, buf, n);
+ }
+
+ MD5_Final(output, &ctx);
+
+ memset(&ctx, 0, sizeof(MD5_CTX));
+ free(buf);
+
+ if(ferror(f) != 0) {
+ fclose(f);
+ return(2);
+ }
+
+ fclose(f);
+ return(0);
+}
+#endif
+
/** Get the md5 sum of file.
* @param filename name of the file
* @return the checksum on success, NULL on error
@@ -693,6 +734,7 @@ char SYMEXPORT *alpm_compute_md5sum(const char *filename)
/* allocate 32 chars plus 1 for null */
md5sum = calloc(33, sizeof(char));
+ /* defined above for OpenSSL, otherwise defined in md5.h */
ret = md5_file(filename, output);
if (ret > 0) {