mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-24 06:35:24 +00:00
72b4139700
Recent discussions have illustrated the potential for DOS attacks with the hash table implementations used by most languages and libraries. https://lwn.net/Articles/474912/ libvirt has an internal hash table impl, and uses hash tables for a variety of purposes. The hash key generation code is pretty simple and thus not strongly collision resistant. This patch replaces the current libvirt hash key generator with the (public domain) Murmurhash3 code. In addition every hash table now gets a random seed value which is used to perturb the hashing code. This should make it impossible to mount any practical attack against libvirt hashing code. * bootstrap.conf: Import bitrotate module * src/Makefile.am: Add virhashcode.[ch] * src/util/util.c: Make virRandom() return a fixed 32 bit integer value. * src/util/hash.c, src/util/hash.h, src/util/cgroup.c: Replace hash code generation with a call to virHashCodeGen() * src/util/virhashcode.h, src/util/virhashcode.c: Add a new virHashCodeGen() API using the Murmurhash3 algorithm.
240 lines
5.1 KiB
Plaintext
240 lines
5.1 KiB
Plaintext
# Bootstrap configuration.
|
|
|
|
# Copyright (C) 2010-2012 Red Hat, Inc.
|
|
|
|
# This library is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
# License as published by the Free Software Foundation; either
|
|
# version 2.1 of the License, or (at your option) any later version.
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
# License along with this library; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
|
# gnulib modules used by this package.
|
|
gnulib_modules='
|
|
accept
|
|
areadlink
|
|
base64
|
|
bind
|
|
bitrotate
|
|
byteswap
|
|
c-ctype
|
|
c-strcase
|
|
c-strcasestr
|
|
calloc-posix
|
|
canonicalize-lgpl
|
|
chown
|
|
close
|
|
connect
|
|
configmake
|
|
count-one-bits
|
|
crypto/md5
|
|
dirname-lgpl
|
|
environ
|
|
fclose
|
|
fcntl
|
|
fcntl-h
|
|
fdatasync
|
|
ffs
|
|
fnmatch
|
|
fsync
|
|
func
|
|
getaddrinfo
|
|
getcwd-lgpl
|
|
gethostname
|
|
getpass
|
|
getpeername
|
|
getsockname
|
|
gettext-h
|
|
gettimeofday
|
|
gitlog-to-changelog
|
|
gnumakefile
|
|
ignore-value
|
|
inet_pton
|
|
intprops
|
|
ioctl
|
|
largefile
|
|
listen
|
|
maintainer-makefile
|
|
manywarnings
|
|
mkstemp
|
|
mkstemps
|
|
mktempd
|
|
netdb
|
|
nonblocking
|
|
openpty
|
|
passfd
|
|
perror
|
|
physmem
|
|
pipe-posix
|
|
pipe2
|
|
poll
|
|
posix-shell
|
|
pthread
|
|
pthread_sigmask
|
|
recv
|
|
random_r
|
|
sched
|
|
send
|
|
setsockopt
|
|
sigaction
|
|
sigpipe
|
|
snprintf
|
|
socket
|
|
stdarg
|
|
stpcpy
|
|
strchrnul
|
|
strdup-posix
|
|
strndup
|
|
strerror
|
|
strerror_r-posix
|
|
strptime
|
|
strsep
|
|
strtok_r
|
|
sys_stat
|
|
sys_wait
|
|
termios
|
|
time_r
|
|
timegm
|
|
ttyname_r
|
|
uname
|
|
useless-if-before-free
|
|
usleep
|
|
vasprintf
|
|
verify
|
|
vc-list-files
|
|
vsnprintf
|
|
waitpid
|
|
warnings
|
|
'
|
|
|
|
# Additional xgettext options to use. Use "\\\newline" to break lines.
|
|
XGETTEXT_OPTIONS=$XGETTEXT_OPTIONS'\\\
|
|
--flag=virAsprintf:2:c-format\\\
|
|
--from-code=UTF-8\\\
|
|
'
|
|
|
|
# This is not a GNU package, so the default bug address is invalid,
|
|
# and the translation project is not in use.
|
|
MSGID_BUGS_ADDRESS=libvir-list@redhat.com
|
|
COPYRIGHT_HOLDER='Red Hat, Inc.'
|
|
SKIP_PO=true
|
|
|
|
# Enable copy-mode for MSYS/MinGW. MSYS' ln doesn't work well in the way
|
|
# bootstrap uses it with relative paths.
|
|
if test -n "$MSYSTEM"; then
|
|
copy=true
|
|
fi
|
|
|
|
# If "AM_GNU_GETTEXT(external" or "AM_GNU_GETTEXT([external]"
|
|
# appears in configure.ac, exclude some unnecessary files.
|
|
# Without grep's -E option (not portable enough, pre-configure),
|
|
# the following test is ugly. Also, this depends on the existence
|
|
# of configure.ac, not the obsolescent-named configure.in. But if
|
|
# you're using this infrastructure, you should care about such things.
|
|
|
|
gettext_external=0
|
|
grep '^[ ]*AM_GNU_GETTEXT(external\>' configure.ac > /dev/null &&
|
|
gettext_external=1
|
|
grep '^[ ]*AM_GNU_GETTEXT(\[external\]' configure.ac > /dev/null &&
|
|
gettext_external=1
|
|
|
|
if test $gettext_external = 1; then
|
|
# Gettext supplies these files, but we don't need them since
|
|
# we don't have an intl subdirectory.
|
|
excluded_files='
|
|
m4/glibc2.m4
|
|
m4/intdiv0.m4
|
|
m4/lcmessage.m4
|
|
m4/uintmax_t.m4
|
|
m4/ulonglong.m4
|
|
m4/visibility.m4
|
|
'
|
|
fi
|
|
|
|
# Tell gnulib to:
|
|
# require LGPLv2+
|
|
# apply any local diffs in gnulib/local/ dir
|
|
# put *.m4 files in new gnulib/m4/ dir
|
|
# put *.[ch] files in new gnulib/lib/ dir
|
|
# import gnulib tests in new gnulib/tests/ dir
|
|
gnulib_name=libgnu
|
|
m4_base=gnulib/m4
|
|
source_base=gnulib/lib
|
|
tests_base=gnulib/tests
|
|
gnulib_tool_option_extras="\
|
|
--lgpl=2\
|
|
--with-tests\
|
|
--makefile-name=gnulib.mk\
|
|
--avoid=pt_chown\
|
|
"
|
|
local_gl_dir=gnulib/local
|
|
|
|
# Convince bootstrap to use multiple m4 directories.
|
|
: ${ACLOCAL=aclocal}
|
|
ACLOCAL="$ACLOCAL -I m4"
|
|
export ACLOCAL
|
|
|
|
# Build prerequisites
|
|
# Note that some of these programs are only required for 'make dist' to
|
|
# succeed from a fresh git checkout; not all of these programs are
|
|
# required to run 'make dist' on a tarball. As a special case, we want
|
|
# to require the equivalent of the Fedora python-devel package, but
|
|
# RHEL 5 lacks the witness python-config package; we hack around that
|
|
# old environment below.
|
|
buildreq="\
|
|
autoconf 2.59
|
|
automake 1.9.6
|
|
autopoint -
|
|
gettext 0.17
|
|
git 1.5.5
|
|
gzip -
|
|
libtool -
|
|
patch -
|
|
perl 5.5
|
|
pkg-config -
|
|
python-config -
|
|
rpcgen -
|
|
tar -
|
|
xmllint -
|
|
xsltproc -
|
|
"
|
|
# Use rpm as a fallback to bypass the bootstrap probe for python-config,
|
|
# for the sake of RHEL 5; without requiring it on newer systems that
|
|
# have python-config to begin with.
|
|
if `(${PYTHON_CONFIG-python-config} --version;
|
|
test $? -lt 126 || rpm -q python-devel) >/dev/null 2>&1`; then
|
|
PYTHON_CONFIG=true
|
|
fi
|
|
|
|
# Automake requires that ChangeLog exist.
|
|
touch ChangeLog || exit 1
|
|
|
|
# Override bootstrap's list - we don't use mdate-sh or texinfo.tex.
|
|
gnulib_extra_files="
|
|
$build_aux/install-sh
|
|
$build_aux/missing
|
|
$build_aux/depcomp
|
|
$build_aux/config.guess
|
|
$build_aux/config.sub
|
|
doc/INSTALL
|
|
"
|
|
|
|
|
|
bootstrap_epilogue()
|
|
{
|
|
# Change paths in gnulib/tests/gnulib.mk from "../../.." to "../..",
|
|
# then ensure that gnulib/tests/Makefile.in is up-to-date.
|
|
m=gnulib/tests/gnulib.mk
|
|
sed 's,\.\./\.\./\.\.,../..,g' $m > $m-t
|
|
mv -f $m-t $m
|
|
${AUTOMAKE-automake} gnulib/tests/Makefile
|
|
}
|