From patchwork Wed Oct 26 14:56:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020735 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3AADBFA373E for ; Wed, 26 Oct 2022 14:57:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234396AbiJZO47 (ORCPT ); Wed, 26 Oct 2022 10:56:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57024 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234398AbiJZO4y (ORCPT ); Wed, 26 Oct 2022 10:56:54 -0400 Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 611DF105349 for ; Wed, 26 Oct 2022 07:56:53 -0700 (PDT) Received: by mail-wm1-x32b.google.com with SMTP id c3-20020a1c3503000000b003bd21e3dd7aso1726559wma.1 for ; Wed, 26 Oct 2022 07:56:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Swt+MOs31FvqgWRyhn+9o3+Ad1nvEaqzb/Of8gQbUA4=; b=A4xKqRFz5DvNVpKXl031oGJo+K6fbTMk+Bh0Pr70J5yshMzBuRrqSqFd1flF5DBfqP 21s299U1NGknjhb6/OSdS/a23Gk8OCFq21qqUeMSTowGp45o/F5GGWyHOnJYK4Y9PTkW cE2JflUFuHYBUVHwK2jlQZe7H4Rw6pdp4MZO6pKjfzUJ7bAyWKjWCjTXh8riw0Wl/ejn q139fw43/St5zzcPt2esbYkllhp9EBmAUMjDnmIPxefKBIbi4Y2ac+IB3H2Oi4+614Gi WAgcs8YXjtrqw4QHW+dqTWD5kT2EvBBjf+cgpbuhyiXgYYyNUb4ZhhzZzEWRGQHzQm/F Vv4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Swt+MOs31FvqgWRyhn+9o3+Ad1nvEaqzb/Of8gQbUA4=; b=ZV9SHm4TkKGivIp36IssAnhBsuVW/OMTwc9tJu4u9i6JszJlhfWkG4W4inx8Ec6bvH UNmkKwSWfQq+8ZWI5vs04QdFoEmDeisIyRLHeHTIId1FHgixtO7z0wXOKBHyFXowN4/q swiekj1hiDK0xVhn0Z6B1ETAayaSOC+TA5KtDccxF1IIqc/uNVBxUs9nN8MsPzhWhUgN hODtNXQabFX5Y62ECUrc0Iiis2uK44Y9nbg0g4fd/OWzueJsCbQQI+ki1ieZ8CasZCgI 6K/cSg+SQ6Gi5nZBQfFH1wZ70TtqK7FoMtZtKIQadRbPlmMMNFjAAUcdAXxXogHeZrrJ giMQ== X-Gm-Message-State: ACrzQf0fXxSzNVPx761vbrO2NM0Goz7KGc4zmJNkMC+JZpDLzFN4xJPZ SxT4tbZrwn2Ty4qudzgHD1R7tZr5/RyTAg== X-Google-Smtp-Source: AMsMyM7hkf3Mf/cW2SIE/ftQ/E+4nJcUu/0pkRWt1mBt7nen1FqjsTRZ/cNz2za2z1LPA7qu0GWJrg== X-Received: by 2002:a05:600c:3d18:b0:3cf:4c1e:5812 with SMTP id bh24-20020a05600c3d1800b003cf4c1e5812mr2352918wmb.192.1666796211327; Wed, 26 Oct 2022 07:56:51 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:50 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 1/9] Makefile: always (re)set DC_SHA1 on fallback Date: Wed, 26 Oct 2022 16:56:39 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Fix an edge case introduced in in e6b07da2780 (Makefile: make DC_SHA1 the default, 2017-03-17), when DC_SHA1 was made the default fallback we started unconditionally adding to BASIC_CFLAGS and LIB_OBJS, so we'd use the sha1collisiondetection by default. But the "DC_SHA1" variable remained unset, so e.g.: make test DC_SHA1= T=t0013*.sh Would skip the sha1collisiondetection tests, as we'd write "DC_SHA1=''" to "GIT-BUILD-OPTIONS", but if we manually removed that test prerequisite we'd pass the test (which we couldn't if we weren't using sha1collisiondetection). So let's have the fallback assignment use the 'override' directive instead of the ":=" simply expanded variable introduced in e6b07da2780. In this case we explicitly want to override the user's choice. Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 85f03c6aed1..744bd4344f4 100644 --- a/Makefile +++ b/Makefile @@ -1823,7 +1823,7 @@ ifdef APPLE_COMMON_CRYPTO COMPAT_CFLAGS += -DCOMMON_DIGEST_FOR_OPENSSL BASIC_CFLAGS += -DSHA1_APPLE else - DC_SHA1 := YesPlease + override DC_SHA1 = YesPlease BASIC_CFLAGS += -DSHA1_DC LIB_OBJS += sha1dc_git.o ifdef DC_SHA1_EXTERNAL From patchwork Wed Oct 26 14:56:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020736 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6061BC38A2D for ; Wed, 26 Oct 2022 14:57:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234400AbiJZO5B (ORCPT ); Wed, 26 Oct 2022 10:57:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57132 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234390AbiJZO4z (ORCPT ); Wed, 26 Oct 2022 10:56:55 -0400 Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 70276FF8E2 for ; Wed, 26 Oct 2022 07:56:54 -0700 (PDT) Received: by mail-wm1-x32b.google.com with SMTP id c7-20020a05600c0ac700b003c6cad86f38so1719807wmr.2 for ; Wed, 26 Oct 2022 07:56:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Pf6O//4dVRpGaDvAxuSK9y56rQ/6FNWtjqvSoedG12s=; b=VsRijWAqDiKh2OU1PJpq++wcsWJolesgxw5GfWn3Pxq4VM6nl7A6LSHsovrnq3XCgH 0vPqW+phivQ2Gq15xYZaTBcexprOPG4/GYfICkTH7DOjJOlAv+oPjBs9Fbe/Owl+CUIC Gyxne3G5SS7HD0MluBJx/UWYmDq+IS/47f0rfhejtmamEJA/4Nl8QqmW5nsE7jnWL/P7 q7mkIalQW9I3KB0bmF/YzprifGS3Trw+5bwcNEZQgo+Qj8elH0RnXkCp80uR+auud3ke IeW4yLA81cccOQyB0NrSNHiQiap+dUi+TOgoTIm05DGvhAiTTVWer8ua1qOcNgghmxqX iVgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Pf6O//4dVRpGaDvAxuSK9y56rQ/6FNWtjqvSoedG12s=; b=pxt4jxZd5aOBgjI8OFEHL5VD6d4wsX2KVxtd8H34Y4m2EjgyNngjt70KqgzY6Za/Va b4cuRcKM+v7nnw/LPHcZ0vLR6wRJeEPncKY6YlDJV4e7ODaazryAk+xTpQd0vwHFCGb1 KmRWua4Zt8RiABWsc0ZkPSEzzKUeRgjCjxU7QCJFK660KWlLJaXOrZuRNh3qmqjhMedJ ar8ODZ5sWe+cVdRht4DkAmYCNfWpH75tdtYyirmWdG68wuA7RPpClrYKFToHRHEsywuC OBLUCBHOXwrQaTwhfl0D+nuYKZeNU/hnVJSAk0ctyaEVClmyUeHPClbb5xdRuZR6H8q+ HFCw== X-Gm-Message-State: ACrzQf3G3ywIdK1xmdatoIFlb4r/6H2AvwNt4fPn7ApWqI3ww9nS6wqL 1iFgf/m5NAeW8soWtGVFksk3Nzj2tP2alw== X-Google-Smtp-Source: AMsMyM7/BL5eMVs70RFzMa+IPtUsM6+uiQdTOM4NGRtE+azQt+cxDkxJiYNB0oDRjcfzj0w5NhjZRA== X-Received: by 2002:a05:600c:3594:b0:3ca:f978:5b97 with SMTP id p20-20020a05600c359400b003caf9785b97mr2885537wmq.64.1666796212665; Wed, 26 Oct 2022 07:56:52 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:51 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 2/9] INSTALL: remove discussion of SHA-1 backends Date: Wed, 26 Oct 2022 16:56:40 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org The claim that OpenSSL is the default SHA-1 backend hasn't been true since e6b07da2780 (Makefile: make DC_SHA1 the default, 2017-03-17), but more importantly tweaking the SHA-1 backend isn't something that's common enough to warrant discussing in the INSTALL document, so let's remove this paragraph. This discussion was originally added in c538d2d34ab (Add some installation notes in INSTALL, 2005-06-17) when tweaking the default backend was more common. The current wording was added in 5beb577db8c (INSTALL: Describe dependency knobs from Makefile, 2009-09-10). Signed-off-by: Ævar Arnfjörð Bjarmason --- INSTALL | 4 ---- 1 file changed, 4 deletions(-) diff --git a/INSTALL b/INSTALL index 89b15d71df5..33447883974 100644 --- a/INSTALL +++ b/INSTALL @@ -133,10 +133,6 @@ Issues of note: you are using libcurl older than 7.34.0. Otherwise you can use NO_OPENSSL without losing git-imap-send. - By default, git uses OpenSSL for SHA1 but it will use its own - library (inspired by Mozilla's) with either NO_OPENSSL or - BLK_SHA1. - - "libcurl" library is used for fetching and pushing repositories over http:// or https://, as well as by git-imap-send if the curl version is >= 7.34.0. If you do From patchwork Wed Oct 26 14:56:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020737 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D51C8FA373E for ; Wed, 26 Oct 2022 14:57:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234419AbiJZO5E (ORCPT ); Wed, 26 Oct 2022 10:57:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57014 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234393AbiJZO45 (ORCPT ); Wed, 26 Oct 2022 10:56:57 -0400 Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com [IPv6:2a00:1450:4864:20::32a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D1B6103259 for ; Wed, 26 Oct 2022 07:56:56 -0700 (PDT) Received: by mail-wm1-x32a.google.com with SMTP id l32so10397580wms.2 for ; Wed, 26 Oct 2022 07:56:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Mq7wUWmn/uG/DfdjZOEAf2kWJmOjaYWw/TQl4JIq99Q=; b=BAS5FvIzKjnpfH5aj1NHLyZDL2SmtZsXDgxuW6er1V5Dwrxhgoly0x3Q9y9KkmIiUa 7WtukFiO4iNIeVUPzf3gpKjrYBVe+4sEI2l+mDGNT2T7wniElImL+dg/GNdFPkYVDFhJ oxp/8b9gn5SKAKudfBUlGYGnH1Y6QkEYmD63wah5b94YW5qu3OHJRT7LEyTX8MrFBH7A nt/AprzXiSUT8VppaMTuUlDqY2QlMQJtIAMtJuELfY6TfRI6xNh9ZHqXoCakxBbmM3PF oqgGEn1z9hcpKVMEmymzAbfuof/ejsf3bMu2yLmSwDwUp59rzscTh5rwD2EPUTjeCvg8 U2BA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mq7wUWmn/uG/DfdjZOEAf2kWJmOjaYWw/TQl4JIq99Q=; b=SCcLltBGt8wWnu5LNdsv+S+o9bSnPFCbUvunylWTMb+aLkFn8q7hJYsE+dnIFle5J6 LCoTNYFshj/f1dpN+1t/Mx0Tj9pn9N7SDF2XrHdwxFuV3T/aLw66KWENQdxlJGja+Siv bvuutNv8zcPrcoI+ltHTw94v96ZUgIyULBEe6XGt/y96l3k4bJF1zqprHTHGNul++Q17 xHujvheJ6HJ9L5JDSZte11eVOuWBGdD71f6VBcmuily2LNf4AtBbDmdmHLf9CSv7DVec UmrxyUyc9GmmUe5ylqjUpl+qIQt41NYiZ/nw/nH/gs5Guj/XcURHzbrCrPvA557gtbzi knRg== X-Gm-Message-State: ACrzQf1sCjdV5fhBUAyLIs4j5aGVyR7cqyrKjhh+nXaE/m/SmyfFQuLO mNhX+9ytqFQLWtJXOY8DclFZNVBBuzWbKA== X-Google-Smtp-Source: AMsMyM5Czgh4Qt/nzFom8SeN0IVO4hhRRg2TTIaUkUYFrcdwbe+amCCvYPNdt9iaVSfPeQxT7FjCUA== X-Received: by 2002:a05:600c:310b:b0:3cf:33c4:bc7 with SMTP id g11-20020a05600c310b00b003cf33c40bc7mr2820707wmo.25.1666796214237; Wed, 26 Oct 2022 07:56:54 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:53 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 3/9] Makefile: correct DC_SHA1 documentation Date: Wed, 26 Oct 2022 16:56:41 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org The claim that DC_SHA1 takes priority over other *_SHA1 knobs was true when it was added in [1], But that hasn't been the case since it was made the fallback default in [2]. We should be making it not only the default, but something that takes priority over other *_SHA1 knobs, but that's outside the scope of this change. For now let's correct the documentation to match reality. Let's also remove the "unconditionally enable" wording, per the above the enabling of "DC_SHA1" is conditional on these other flags. 1. 8325e43b82d (Makefile: add DC_SHA1 knob, 2017-03-16) 2. e6b07da2780 (Makefile: make DC_SHA1 the default, 2017-03-17) Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 744bd4344f4..a2762e583a1 100644 --- a/Makefile +++ b/Makefile @@ -155,9 +155,8 @@ include shared.mak # Define BLK_SHA1 environment variable to make use of the bundled # optimized C SHA1 routine. # -# Define DC_SHA1 to unconditionally enable the collision-detecting sha1 +# Define DC_SHA1 to enable the collision-detecting sha1 # algorithm. This is slower, but may detect attempted collision attacks. -# Takes priority over other *_SHA1 knobs. # # Define DC_SHA1_EXTERNAL in addition to DC_SHA1 if you want to build / link # git with the external SHA1 collision-detect library. From patchwork Wed Oct 26 14:56:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020741 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99960C38A2D for ; Wed, 26 Oct 2022 14:57:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234428AbiJZO5W (ORCPT ); Wed, 26 Oct 2022 10:57:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58336 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234426AbiJZO5N (ORCPT ); Wed, 26 Oct 2022 10:57:13 -0400 Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 77AA510326F for ; Wed, 26 Oct 2022 07:56:57 -0700 (PDT) Received: by mail-wr1-x431.google.com with SMTP id v1so26774916wrt.11 for ; Wed, 26 Oct 2022 07:56:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=A0LS3uG/v5rBCtdcLP8vvNMIA7FzTsmwzP2wtVFU++k=; b=HVizTZ1lDRP9R7ezjaE+rN68r5j+z9XZ5v4AjKPrcMczvLJiAp93yRYlr4MZ2hTBQ0 XZvBt8gPo939q4yzwV4pCFEufu5n6Bw5veRNcxvk4RBbRFrPnQZI3NneRlK7k363zT73 oUMxTTuc/apw6usvDVxQnj3WwA0zzwY1RtxYrH7vskTg+M8i/zRxnXXLfnnBmpmt0dN6 76QDfpec3/IiABkAQ4PkCLVUb6HBMkCsAsm/SAUl5U3tYc7A0oUbp6JIbGMU2pFaJPOX PDuBjTRHQeWKJQmiLeki0Xx9nCY+MG0Lsqjrh0opH4iJ4g9ZW+fgk0n8WuHS/6Gp2L8s Asew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=A0LS3uG/v5rBCtdcLP8vvNMIA7FzTsmwzP2wtVFU++k=; b=6KVokG818ARfl9v/5pPqTjPdx55ZgQj+lyKpITFmY2CByfxWHkcY5iDuUieLPFX2Vo f4zJCN/86ZYySx+TPUt5hSurVweaB/4Ntr3YCQEu2PH7/GpZg+PxyvBPXCCAbEcgLmkI 7gygVGQO9+eaXvLAFr06dFvau1azuX5kjXUgTx4xDh9J/saP4pYMG3/gxAr0KDIpuqxJ bcgYlSe31HNisv6uuhjDOrY2V0Con1twmgZ1EbkP1jVVHHxtGSG4IvT/kIpx0Ix2ZOUg zgG9rq06TINQrnVOw7wmSEcB0y+p+8yk65I4zmOKQRxGH/xyTrtsSoOivCcapxM2jo+X AX7A== X-Gm-Message-State: ACrzQf0E9oWj7tycWYEfYdSzY9ro0KMgN1sjtsAUXf4duGmiXTp+qzfF SAlH2fLRNJ+u0KvyTwfmvJzkjbkbKlxoDw== X-Google-Smtp-Source: AMsMyM62y5yOO0T0leOyny6WJf0rDjXuk+xtFhO47/MUyFhm7mrheYL4IC9e9asaUTsnfea33gfGkg== X-Received: by 2002:adf:d0c7:0:b0:236:78b8:942a with SMTP id z7-20020adfd0c7000000b0023678b8942amr9249203wrh.348.1666796215379; Wed, 26 Oct 2022 07:56:55 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:54 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 4/9] Makefile: create and use sections for "define" flag listing Date: Wed, 26 Oct 2022 16:56:42 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Since the "Define ..." template of comments at the top of the Makefile was started in 5bdac8b3269 ([PATCH] Improve the compilation-time settings interface, 2005-07-29) we've had a lot more flags added, including flags that come in "groups". Not having any obvious structure to the >500 line comment at the top of the Makefile has made it hard to follow. This change is almost entirely a move-only change, the two paragraphs at the start of the first two sections are new, and so are the added sections themselves, but other than that no lines are changed, only moved. We now list Makefile-only flags at the start, followed by stand-alone flags, and then cover "optional library" flags in their respective groups, followed by SHA-1 and SHA-256 flags, and finally DEVELOPER-specific flags. Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 218 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 126 insertions(+), 92 deletions(-) diff --git a/Makefile b/Makefile index a2762e583a1..a983a57fb51 100644 --- a/Makefile +++ b/Makefile @@ -4,8 +4,20 @@ all:: # Import tree-wide shared Makefile behavior and libraries include shared.mak +# == Makefile defines == +# +# These defines change the behavior of the Makefile itself, but have +# no impact on what it builds: +# # Define V=1 to have a more verbose compile. # +# == Portability and optional library defines == +# +# These defines indicate what Git can expect from the OS, what +# libraries are available etc. Much of this is auto-detected in +# config.mak.uname, or in configure.ac when using the optional "make +# configure && ./configure" (see INSTALL). +# # Define SHELL_PATH to a POSIX shell if your /bin/sh is broken. # # Define SANE_TOOL_PATH to a colon-separated list of paths to prepend @@ -30,68 +42,8 @@ include shared.mak # # Define NO_OPENSSL environment variable if you do not have OpenSSL. # -# Define USE_LIBPCRE if you have and want to use libpcre. Various -# commands such as log and grep offer runtime options to use -# Perl-compatible regular expressions instead of standard or extended -# POSIX regular expressions. -# -# Only libpcre version 2 is supported. USE_LIBPCRE2 is a synonym for -# USE_LIBPCRE, support for the old USE_LIBPCRE1 has been removed. -# -# Define LIBPCREDIR=/foo/bar if your PCRE header and library files are -# in /foo/bar/include and /foo/bar/lib directories. -# # Define HAVE_ALLOCA_H if you have working alloca(3) defined in that header. # -# Define NO_CURL if you do not have libcurl installed. git-http-fetch and -# git-http-push are not built, and you cannot use http:// and https:// -# transports (neither smart nor dumb). -# -# Define CURLDIR=/foo/bar if your curl header and library files are in -# /foo/bar/include and /foo/bar/lib directories. -# -# Define CURL_CONFIG to curl's configuration program that prints information -# about the library (e.g., its version number). The default is 'curl-config'. -# -# Define CURL_LDFLAGS to specify flags that you need to link when using libcurl, -# if you do not want to rely on the libraries provided by CURL_CONFIG. The -# default value is a result of `curl-config --libs`. An example value for -# CURL_LDFLAGS is as follows: -# -# CURL_LDFLAGS=-lcurl -# -# Define NO_EXPAT if you do not have expat installed. git-http-push is -# not built, and you cannot push using http:// and https:// transports (dumb). -# -# Define EXPATDIR=/foo/bar if your expat header and library files are in -# /foo/bar/include and /foo/bar/lib directories. -# -# Define EXPAT_NEEDS_XMLPARSE_H if you have an old version of expat (e.g., -# 1.1 or 1.2) that provides xmlparse.h instead of expat.h. -# -# Define NO_GETTEXT if you don't want Git output to be translated. -# A translated Git requires GNU libintl or another gettext implementation, -# plus libintl-perl at runtime. -# -# Define USE_GETTEXT_SCHEME and set it to 'fallthrough', if you don't trust -# the installed gettext translation of the shell scripts output. -# -# Define HAVE_LIBCHARSET_H if you haven't set NO_GETTEXT and you can't -# trust the langinfo.h's nl_langinfo(CODESET) function to return the -# current character set. GNU and Solaris have a nl_langinfo(CODESET), -# FreeBSD can use either, but MinGW and some others need to use -# libcharset.h's locale_charset() instead. -# -# Define CHARSET_LIB to the library you need to link with in order to -# use locale_charset() function. On some platforms this needs to set to -# -lcharset, on others to -liconv . -# -# Define LIBC_CONTAINS_LIBINTL if your gettext implementation doesn't -# need -lintl when linking. -# -# Define NO_MSGFMT_EXTENDED_OPTIONS if your implementation of msgfmt -# doesn't support GNU extensions like --check and --statistics -# # Define HAVE_PATHS_H if you have paths.h and want to use the default PATH # it specifies. # @@ -152,38 +104,6 @@ include shared.mak # and do not want to use Apple's CommonCrypto library. This allows you # to provide your own OpenSSL library, for example from MacPorts. # -# Define BLK_SHA1 environment variable to make use of the bundled -# optimized C SHA1 routine. -# -# Define DC_SHA1 to enable the collision-detecting sha1 -# algorithm. This is slower, but may detect attempted collision attacks. -# -# Define DC_SHA1_EXTERNAL in addition to DC_SHA1 if you want to build / link -# git with the external SHA1 collision-detect library. -# Without this option, i.e. the default behavior is to build git with its -# own built-in code (or submodule). -# -# Define DC_SHA1_SUBMODULE in addition to DC_SHA1 to use the -# sha1collisiondetection shipped as a submodule instead of the -# non-submodule copy in sha1dc/. This is an experimental option used -# by the git project to migrate to using sha1collisiondetection as a -# submodule. -# -# Define OPENSSL_SHA1 environment variable when running make to link -# with the SHA1 routine from openssl library. -# -# Define SHA1_MAX_BLOCK_SIZE to limit the amount of data that will be hashed -# in one call to the platform's SHA1_Update(). e.g. APPLE_COMMON_CRYPTO -# wants 'SHA1_MAX_BLOCK_SIZE=1024L*1024L*1024L' defined. -# -# Define BLK_SHA256 to use the built-in SHA-256 routines. -# -# Define NETTLE_SHA256 to use the SHA-256 routines in libnettle. -# -# Define GCRYPT_SHA256 to use the SHA-256 routines in libgcrypt. -# -# Define OPENSSL_SHA256 to use the SHA-256 routines in OpenSSL. -# # Define NEEDS_CRYPTO_WITH_SSL if you need -lcrypto when using -lssl (Darwin). # # Define NEEDS_SSL_WITH_CRYPTO if you need -lssl when using -lcrypto (Darwin). @@ -489,6 +409,120 @@ include shared.mak # to the "" of the corresponding `compat/fsmonitor/fsm-settings-.c` # that implements the `fsm_os_settings__*()` routines. # +# === Optional library: libintl === +# +# Define NO_GETTEXT if you don't want Git output to be translated. +# A translated Git requires GNU libintl or another gettext implementation, +# plus libintl-perl at runtime. +# +# Define USE_GETTEXT_SCHEME and set it to 'fallthrough', if you don't trust +# the installed gettext translation of the shell scripts output. +# +# Define HAVE_LIBCHARSET_H if you haven't set NO_GETTEXT and you can't +# trust the langinfo.h's nl_langinfo(CODESET) function to return the +# current character set. GNU and Solaris have a nl_langinfo(CODESET), +# FreeBSD can use either, but MinGW and some others need to use +# libcharset.h's locale_charset() instead. +# +# Define CHARSET_LIB to the library you need to link with in order to +# use locale_charset() function. On some platforms this needs to set to +# -lcharset, on others to -liconv . +# +# Define LIBC_CONTAINS_LIBINTL if your gettext implementation doesn't +# need -lintl when linking. +# +# Define NO_MSGFMT_EXTENDED_OPTIONS if your implementation of msgfmt +# doesn't support GNU extensions like --check and --statistics +# +# === Optional library: libexpat === +# +# Define NO_EXPAT if you do not have expat installed. git-http-push is +# not built, and you cannot push using http:// and https:// transports (dumb). +# +# Define EXPATDIR=/foo/bar if your expat header and library files are in +# /foo/bar/include and /foo/bar/lib directories. +# +# Define EXPAT_NEEDS_XMLPARSE_H if you have an old version of expat (e.g., +# 1.1 or 1.2) that provides xmlparse.h instead of expat.h. + +# === Optional library: libcurl === +# +# Define NO_CURL if you do not have libcurl installed. git-http-fetch and +# git-http-push are not built, and you cannot use http:// and https:// +# transports (neither smart nor dumb). +# +# Define CURLDIR=/foo/bar if your curl header and library files are in +# /foo/bar/include and /foo/bar/lib directories. +# +# Define CURL_CONFIG to curl's configuration program that prints information +# about the library (e.g., its version number). The default is 'curl-config'. +# +# Define CURL_LDFLAGS to specify flags that you need to link when using libcurl, +# if you do not want to rely on the libraries provided by CURL_CONFIG. The +# default value is a result of `curl-config --libs`. An example value for +# CURL_LDFLAGS is as follows: +# +# CURL_LDFLAGS=-lcurl +# +# === Optional library: libpcre2 === +# +# Define USE_LIBPCRE if you have and want to use libpcre. Various +# commands such as log and grep offer runtime options to use +# Perl-compatible regular expressions instead of standard or extended +# POSIX regular expressions. +# +# Only libpcre version 2 is supported. USE_LIBPCRE2 is a synonym for +# USE_LIBPCRE, support for the old USE_LIBPCRE1 has been removed. +# +# Define LIBPCREDIR=/foo/bar if your PCRE header and library files are +# in /foo/bar/include and /foo/bar/lib directories. +# +# == SHA-1 and SHA-256 defines == +# +# === SHA-1 backend === +# +# ==== Options common to all SHA-1 implementations ==== +# +# Define SHA1_MAX_BLOCK_SIZE to limit the amount of data that will be hashed +# in one call to the platform's SHA1_Update(). e.g. APPLE_COMMON_CRYPTO +# wants 'SHA1_MAX_BLOCK_SIZE=1024L*1024L*1024L' defined. +# +# ==== Options for the sha1collisiondetection implementation ==== +# +# Define DC_SHA1 to enable the collision-detecting sha1 +# algorithm. This is slower, but may detect attempted collision attacks. +# +# Define DC_SHA1_EXTERNAL in addition to DC_SHA1 if you want to build / link +# git with the external SHA1 collision-detect library. +# Without this option, i.e. the default behavior is to build git with its +# own built-in code (or submodule). +# +# Define DC_SHA1_SUBMODULE in addition to DC_SHA1 to use the +# sha1collisiondetection shipped as a submodule instead of the +# non-submodule copy in sha1dc/. This is an experimental option used +# by the git project to migrate to using sha1collisiondetection as a +# submodule. +# +# ==== Other SHA-1 implementations ==== +# +# Define BLK_SHA1 environment variable to make use of the bundled +# optimized C SHA1 routine. +# +# Define OPENSSL_SHA1 environment variable when running make to link +# with the SHA1 routine from openssl library. +# +# === SHA-256 backend === +# +# Define BLK_SHA256 to use the built-in SHA-256 routines. +# +# Define NETTLE_SHA256 to use the SHA-256 routines in libnettle. +# +# Define GCRYPT_SHA256 to use the SHA-256 routines in libgcrypt. +# +# Define OPENSSL_SHA256 to use the SHA-256 routines in OpenSSL. +# +# == DEVELOPER defines == +# # Define DEVELOPER to enable more compiler warnings. Compiler version # and family are auto detected, but could be overridden by defining # COMPILER_FEATURES (see config.mak.dev). You can still set From patchwork Wed Oct 26 14:56:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020738 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E6F1C433FE for ; Wed, 26 Oct 2022 14:57:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234402AbiJZO5R (ORCPT ); Wed, 26 Oct 2022 10:57:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57132 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234398AbiJZO5A (ORCPT ); Wed, 26 Oct 2022 10:57:00 -0400 Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90D51103255 for ; Wed, 26 Oct 2022 07:56:58 -0700 (PDT) Received: by mail-wm1-x32b.google.com with SMTP id l16-20020a05600c4f1000b003c6c0d2a445so1776152wmq.4 for ; Wed, 26 Oct 2022 07:56:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/Ipflk+X6Ery3onA+/410yNIkgz5nSEwQIf2FtpFcgc=; b=ctPGUWR0OG7rBsKQBLnDVk4UvB8gTVkHOsEke2kkWIP9vU8QWvw8oqvv72T+o8/xjG Yq+9B+AomYDNoVXDq8K6DlFtasLm1MW0ZcRbxgaIpaumwB4zX2j3pus5CEKkLn7f8kjF UkRRyHthT2z/BB7Q60x+nd9TxdYOW3yKGKnA8CbYoRKdvdzBi2RLL6mWeu4ezAXdD+SJ x0gqS5x0CFJeC0op/1zxnS7VWFHCsJOavxQqZIKPaXLJKhHQ9jYiJoMvgAvam/Xqb3Gj h1b5PU1RvmkAJt2c1/j7hp/TVitLQtiQVa4nYOj/NpTUZO403b58DbnkU9pfJIQ9sZvn 56VA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/Ipflk+X6Ery3onA+/410yNIkgz5nSEwQIf2FtpFcgc=; b=vHVBvAreA34IqLXN6+wox/+v949iqjSMDV0CG8tQOfpsOUxVoqhVagrIUekyXoOQEm 2SFuvTbNk8v8WO8yI1M6IylSbdMglxm7tMZdXUXPKWuyZWhM7fh8A+ZjrsY77LgaeK3H tlumkxG4zQKPDP1g+088rrfHPTwBR7arKJfFinmV8tnPLzWPPlzlS6QkkS+HcMXwt2uO 74UGW0Im/9NyIsfjJxOIxnkSgaVZESDluGLsd+ke/ikQ/57a1n0kQ+hfG+xgm92CpE15 uVMkr77ybwK4uBhbeIX+ouRMebEoARobPvMhJifvX0hAYcb+Lqf9MbYdxX36PHGQdvDQ BOdw== X-Gm-Message-State: ACrzQf1qGy9d7JtZKPnY+FS5Fxf0nVEA5s9cMXdR6HM+bmCwI4VmfvXC R3+TrRLE1ZJoUJ0mCH9FbvfXqAz1XynI4Q== X-Google-Smtp-Source: AMsMyM5H9A11TGDbVwIB2ctpU4gM0P3kilvWl5mq9ho//rxiZVYzmoTGDQ1zuYUw8Ne3aEPB1ARCbg== X-Received: by 2002:a1c:f20b:0:b0:3cf:4eca:900c with SMTP id s11-20020a1cf20b000000b003cf4eca900cmr700297wmc.102.1666796216634; Wed, 26 Oct 2022 07:56:56 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:55 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 5/9] Makefile: rephrase the discussion of *_SHA1 knobs Date: Wed, 26 Oct 2022 16:56:43 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org In the preceding commit the discussion of the *_SHA1 knobs was left as-is to benefit from a smaller diff, but since we're changing these let's use the same phrasing we use for most other knobs. E.g. "define X", not "define X environment variable", and get rid of the "when running make to link with" entirely. Furthermore the discussion of DC_SHA1* options is now under a "Options for the sha1collisiondetection implementation" heading, so we don't need to clarify that these options go along with DC_SHA1=Y, so let's rephrase them accordingly. Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index a983a57fb51..870ecdb0d85 100644 --- a/Makefile +++ b/Makefile @@ -492,12 +492,12 @@ include shared.mak # Define DC_SHA1 to enable the collision-detecting sha1 # algorithm. This is slower, but may detect attempted collision attacks. # -# Define DC_SHA1_EXTERNAL in addition to DC_SHA1 if you want to build / link +# Define DC_SHA1_EXTERNAL if you want to build / link # git with the external SHA1 collision-detect library. # Without this option, i.e. the default behavior is to build git with its # own built-in code (or submodule). # -# Define DC_SHA1_SUBMODULE in addition to DC_SHA1 to use the +# Define DC_SHA1_SUBMODULE to use the # sha1collisiondetection shipped as a submodule instead of the # non-submodule copy in sha1dc/. This is an experimental option used # by the git project to migrate to using sha1collisiondetection as a @@ -505,11 +505,11 @@ include shared.mak # # ==== Other SHA-1 implementations ==== # -# Define BLK_SHA1 environment variable to make use of the bundled -# optimized C SHA1 routine. +# Define BLK_SHA1 to make use of optimized C SHA-1 routines bundled +# with git (in the block-sha1/ directory). # -# Define OPENSSL_SHA1 environment variable when running make to link -# with the SHA1 routine from openssl library. +# Define OPENSSL_SHA1 to link to the SHA-1 routines from the OpenSSL +# library. # # === SHA-256 backend === # From patchwork Wed Oct 26 14:56:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020739 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9275C38A2D for ; Wed, 26 Oct 2022 14:57:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234459AbiJZO5T (ORCPT ); Wed, 26 Oct 2022 10:57:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58202 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234420AbiJZO5J (ORCPT ); Wed, 26 Oct 2022 10:57:09 -0400 Received: from mail-wm1-x336.google.com (mail-wm1-x336.google.com [IPv6:2a00:1450:4864:20::336]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C533A105372 for ; Wed, 26 Oct 2022 07:56:59 -0700 (PDT) Received: by mail-wm1-x336.google.com with SMTP id fn7-20020a05600c688700b003b4fb113b86so1807710wmb.0 for ; Wed, 26 Oct 2022 07:56:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yNmBiOiXxfokbe6Hh/IWlqf/FXlb1NwIsJx6uOmQDxs=; b=hqSYz6Z4SgQ9lc/rv8UP5ND6xU1UmIeDgAZiEw9OObWBc12aqSkzKioUi8GsSfzXKn yigMZzZaofg1jSV2FCJVQFGtq2/2UxZfOA4NGW9f+7jOuj8cLQps6aBt2TfgykseRDSw tImVQPBfH6FmwL8ZSZOAQDamc6Cc9ZNJabtZw+lIJj0GvMxs2azkcYiooNTlbU/X55zA vaTwb4Ht/7/m8BKzx6L3Swu0j0EXm/HWE+SEX1XL8jfNCa1NQr3xHDVWMhh6Lhy1bkyO Ih6hmcaJ1/qXdoZu7ffyjXhtISc6U7VeAB5UL4NCi4m1BKHRyi72VhG2fmm3ix6WzrpC YqiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yNmBiOiXxfokbe6Hh/IWlqf/FXlb1NwIsJx6uOmQDxs=; b=Ulio/1HR0UjpJXZ6WmSpyTbghujkMx6m6lJ464yWIu+d6v6iW2mkgKhEzKAU0jQQeO e9o1fi+4L4x3miNcggLE0cHPYIRF//ae7W+nQDBh1bExOoQobj3RKr7BALp6Xntx/zxX 1KJTP4ZxZmTqFpfzie3Qi1nesvSfORn5vJz8NzH8qAqYk48u5dA5FLV94ZhAFq++Ob7G xwIDTl//xmXG31X83x75ksnufqHxdO3vN1s+8MahtoxM1lpJ9ztlUBMijxVB39jn3plc HGu8acoaoToVmrzNa9LDQIv0sHYQkUl7AMDrCaEtSXxDluZhfkaj+oiNI9DzJsoMgZX2 VigA== X-Gm-Message-State: ACrzQf3QdTDEp3UCq2cEjSrIlYNQ+e2lnKzk1cEjKOU6k2e9QacvtWIO YQn+VIBIppxaCDFukeQrnuD1vgWru4VZtA== X-Google-Smtp-Source: AMsMyM4SCoXrYo3cB/z1qT/jlBxpIcO1Y09k4biXM31DSl01skGfNtDBnYQ+4eABDDkIUbUAfFxJMw== X-Received: by 2002:a05:600c:1c1f:b0:3c6:bfda:d485 with SMTP id j31-20020a05600c1c1f00b003c6bfdad485mr2670644wms.59.1666796218068; Wed, 26 Oct 2022 07:56:58 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:57 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 6/9] Makefile: document default SHA-256 backend Date: Wed, 26 Oct 2022 16:56:44 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Since 27dc04c5450 (sha256: add an SHA-256 implementation using libgcrypt, 2018-11-14) we've claimed to support a BLK_SHA256 flag, but there's no such SHA-256 backend. Instead we fall back on adding "sha256/block/sha256.o" to "LIB_OBJS" and adding "-DSHA256_BLK" to BASIC_CFLAGS. Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 870ecdb0d85..992eba9e0c8 100644 --- a/Makefile +++ b/Makefile @@ -513,7 +513,15 @@ include shared.mak # # === SHA-256 backend === # -# Define BLK_SHA256 to use the built-in SHA-256 routines. +# ==== Default SHA-256 backend ==== +# +# If no *_SHA256 backend is picked we'll fall fall back on using the +# default. +# +# The default SHA-256 backend is shipped with Git. No flag is required +# to enable it. To select it don't define any other *_SHA256 flag. +# +# ==== Other SHA-256 implementations ==== # # Define NETTLE_SHA256 to use the SHA-256 routines in libnettle. # From patchwork Wed Oct 26 14:56:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020740 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8B10AFA373E for ; Wed, 26 Oct 2022 14:57:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234410AbiJZO5U (ORCPT ); Wed, 26 Oct 2022 10:57:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234425AbiJZO5N (ORCPT ); Wed, 26 Oct 2022 10:57:13 -0400 Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E01BE10F894 for ; Wed, 26 Oct 2022 07:57:00 -0700 (PDT) Received: by mail-wr1-x42b.google.com with SMTP id y16so16334720wrt.12 for ; Wed, 26 Oct 2022 07:57:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=AiWGpc9fc6h+QS9UXTGiHG17+pqeh2gM2zgDlcDq+vY=; b=p+c1Krvh+0S8AgDWsNl7l+4gH+jQPMoMA5zmo69sQChBRHWp/3jdzeSdYJ9HIO1VLz ZAiaV2p5zGlVVAz3MmK7W1pjvRJgKU+cDBWrK6V3XDkBb8IeH7e/zv5ifjyiElDVRUY+ /f0tDmMKcVDS8ONBmrkbubAEHgk/ymHL6/A/ZnGqs3sTaYzoiFpkbgEH64fRSOgwtAmS hqctNFfl/gCbSXUpsobLd/hdv5j8eIbV2qz8m4MFhniEXcZjRD7M06LYG2x+MD8iWa2z XfDD2utHj4BNM6U+N/HATMuKAZ+HF8a6SnqQQtHuAk/9skdR1ajs5o4CxSHaCCCPZ620 k3Gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AiWGpc9fc6h+QS9UXTGiHG17+pqeh2gM2zgDlcDq+vY=; b=SeBV8cMWLT+0QN8StFa872oyoyY4escElAkf98mw/EPa5KGC1Rnk90+CgjkAEmKtW6 Xy+V2IN+63hF8I2lXFXOy0Qh0XjT6LclKzzrZ+WoTq+2EiisH5LwQ/cA+W8M/9duk10L DUhHNaWRe1YgaOYmVxi7EkCR5xNZErM/5PKSyk4WOkO0ZhZnLx1T2mWDvIJhEN3LNapl TjUD3fitmdM4VdJjD3cbP+ZU/2m8bNMnv9gOdPPfo95wyuff5ZeTcoO0SVKT4bEppvea jKARdgFf9DuLV/1Go+9/QgaxxhkMLQ6Ekn1VZb+ueFSZ4u7tF5M3Ke2V4duQQsidwO15 nTSg== X-Gm-Message-State: ACrzQf20nhZtkWxtOpsLHRE9ujWvZXoVT+0pLWbggsMjKiLPnWLlhE4f 428ROVVyo9tSmuJM7ags103ZhmUiRcRiyQ== X-Google-Smtp-Source: AMsMyM7T+1KSwwYf/UUZKc7tRXIxddzIGwYTfzf2KJvcEFEJ2uEeaM5JFx7iODvn1RzCIVcbY36xKA== X-Received: by 2002:a05:6000:1f18:b0:236:8e08:68e1 with SMTP id bv24-20020a0560001f1800b002368e0868e1mr1996509wrb.67.1666796219143; Wed, 26 Oct 2022 07:56:59 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:58 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 7/9] Makefile: document SHA-1 and SHA-256 default and selection order Date: Wed, 26 Oct 2022 16:56:45 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org For the *_SHA1 and *_SHA256 flags we've discussed the various flags, but not the fact that when you define multiple flags we'll pick one. Which one we pick depends on the order they're listed in the Makefile, which differed from the order we discussed them in this documentation. Let's be explicit about how we select these, and re-arrange the listings so that they're listed in the priority order we've picked. I'd personally prefer that the selection was more explicit, and that we'd error out if conflicting flags were provided, but per the discussion downhtread of[1] the consensus was to keep theses semantics. This behavior makes it easier to e.g. integrate with autoconf-like systems, where the configuration can provide everything it can support, and Git is tasked with picking the first one it prefers. 1. https://lore.kernel.org/git/220710.86mtdh81ty.gmgdl@evledraar.gmail.com/ Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 992eba9e0c8..9f7cf1f22d4 100644 --- a/Makefile +++ b/Makefile @@ -481,6 +481,13 @@ include shared.mak # # === SHA-1 backend === # +# ==== Default SHA-1 backend ==== +# +# If no *_SHA1 backend is picked we'll fall back on using the default. +# +# Multiple *_SHA1 backends can be selected, the first supported one +# listed in "Other SHA-1 implementations" will be picked. +# # ==== Options common to all SHA-1 implementations ==== # # Define SHA1_MAX_BLOCK_SIZE to limit the amount of data that will be hashed @@ -505,12 +512,12 @@ include shared.mak # # ==== Other SHA-1 implementations ==== # -# Define BLK_SHA1 to make use of optimized C SHA-1 routines bundled -# with git (in the block-sha1/ directory). -# # Define OPENSSL_SHA1 to link to the SHA-1 routines from the OpenSSL # library. # +# Define BLK_SHA1 to make use of optimized C SHA-1 routines bundled +# with git (in the block-sha1/ directory). +# # === SHA-256 backend === # # ==== Default SHA-256 backend ==== @@ -521,14 +528,17 @@ include shared.mak # The default SHA-256 backend is shipped with Git. No flag is required # to enable it. To select it don't define any other *_SHA256 flag. # +# Multiple *_SHA256 backends can be selected, the first supported one +# listed in "Other SHA-256 implementations" below will be picked. +# # ==== Other SHA-256 implementations ==== # +# Define OPENSSL_SHA256 to use the SHA-256 routines in OpenSSL. +# # Define NETTLE_SHA256 to use the SHA-256 routines in libnettle. # # Define GCRYPT_SHA256 to use the SHA-256 routines in libgcrypt. # -# Define OPENSSL_SHA256 to use the SHA-256 routines in OpenSSL. -# # == DEVELOPER defines == # # Define DEVELOPER to enable more compiler warnings. Compiler version From patchwork Wed Oct 26 14:56:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020742 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 03D22C433FE for ; Wed, 26 Oct 2022 14:57:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234473AbiJZO5f (ORCPT ); Wed, 26 Oct 2022 10:57:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57412 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234432AbiJZO5O (ORCPT ); Wed, 26 Oct 2022 10:57:14 -0400 Received: from mail-wr1-x42a.google.com (mail-wr1-x42a.google.com [IPv6:2a00:1450:4864:20::42a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DEF971187A8 for ; Wed, 26 Oct 2022 07:57:01 -0700 (PDT) Received: by mail-wr1-x42a.google.com with SMTP id bk15so26776761wrb.13 for ; Wed, 26 Oct 2022 07:57:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dIhtgsEWUaF6zJLygOibmnb0xGyPAEO6/J5sSA/TuKg=; b=Yk2Pgi4BnG+1wdXDsOtTbi2PwY8uGYncWDflyIavh9AUo+K1pVskSSs8XsGgZ1Vf5f VJa2Dje9TFqA263LJa0Rdt+eEfW5MhwObkaB2aLKkOuTP7nNphwozvRHqxsksSWLAf3B uaUCfgdCaR9eGrO9ClDcnsG7pc0jB3E6L6iO6q2zlfmHIitcGZUVOasQ/SyDOOaS361m j41WrHdyo7VtSs2V3A5PWxbzey0jCcnLKDZco+lUJnxTCOsO3Fccsh3IUJoeGhaPih9P vZmx3A69xLosmV99uiClAeH87K7PhO2OPK3cQUS96VK5NzslVsFTwKSE+awusEgEsLGI 4Emg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dIhtgsEWUaF6zJLygOibmnb0xGyPAEO6/J5sSA/TuKg=; b=wUiyHfEeEshRIHBZ1FTrQ3T+OlIQIJPqQUW6u8KUlK4HNxZtjJEhkbdHu+UwHOwhwn zpLI4y1RKztjxhzT8spmY+ZvXpi/lKBGTm2Urje21sNN08QoSa69b+U87QsG5hChS7V3 hfgpE/u+7FZrVvJPBSK0UewEdnwKvXIu6JgphMRyaefMOd5hwQ1AlYeAC/xz9q2YMT/n AmbEwYuds+tFGwkEHJgwzokeaee2d0+5c2FZ9Nau7QeMkkKcQ3SoY6A5Njv3qmCrHnTP m3kPNVqDsNJw97b1y8LuO3/bXMhIG31BdvGpVZGShQ2xGuZ3H0gTG2PDqDBGhijh5Lg2 T88g== X-Gm-Message-State: ACrzQf2hCgo442ECgNPFldWIWrAFnYc/kOgGabU/REEW5CTGqvwcER4k cHI7+TnO4QatSTvd+jY4poqHSRwwnEzNQg== X-Google-Smtp-Source: AMsMyM4Qt+RfXSLm9ZSchkhKWH8rWgJAeq1cQevLmh12yBPjTvpQ/jW5UYCG2YYiMnHivuGfdMU9Kg== X-Received: by 2002:a05:6000:60d:b0:236:660f:fd78 with SMTP id bn13-20020a056000060d00b00236660ffd78mr14171201wrb.388.1666796220135; Wed, 26 Oct 2022 07:57:00 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.56.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:56:59 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 8/9] Makefile: document default SHA-1 backend on OSX Date: Wed, 26 Oct 2022 16:56:46 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Since [1] the default SHA-1 backend on OSX has been APPLE_COMMON_CRYPTO. Per [2] we'll skip using it on anything older than Mac OS X 10.4 "Tiger"[3]. When "DC_SHA1" was made the default in [4] this interaction between it and APPLE_COMMON_CRYPTO seems to have been missed in. Ever since DC_SHA1 was "made the default" we've still used Apple's CommonCrypto instead of sha1collisiondetection on modern versions of Darwin and OSX. 1. 61067954ce1 (cache.h: eliminate SHA-1 deprecation warnings on Mac OS X, 2013-05-19) 2. 9c7a0beee09 (config.mak.uname: set NO_APPLE_COMMON_CRYPTO on older systems, 2014-08-15) 3. We could probably drop "NO_APPLE_COMMON_CRYPTO", as nobody's likely to care about such on old version of OSX anymore. But let's leave that for now. 4. e6b07da2780 (Makefile: make DC_SHA1 the default, 2017-03-17) Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Makefile b/Makefile index 9f7cf1f22d4..a0ca6456b85 100644 --- a/Makefile +++ b/Makefile @@ -518,6 +518,11 @@ include shared.mak # Define BLK_SHA1 to make use of optimized C SHA-1 routines bundled # with git (in the block-sha1/ directory). # +# Define NO_APPLE_COMMON_CRYPTO on OSX to opt-out of using the +# "APPLE_COMMON_CRYPTO" backend for SHA-1, which is currently the +# default on that OS. On macOS 01.4 (Tiger) or older, +# NO_APPLE_COMMON_CRYPTO is defined by default. +# # === SHA-256 backend === # # ==== Default SHA-256 backend ==== From patchwork Wed Oct 26 14:56:47 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= X-Patchwork-Id: 13020743 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 493D9C433FE for ; Wed, 26 Oct 2022 14:57:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234440AbiJZO5h (ORCPT ); Wed, 26 Oct 2022 10:57:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58382 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234438AbiJZO5P (ORCPT ); Wed, 26 Oct 2022 10:57:15 -0400 Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 421DB915EA for ; Wed, 26 Oct 2022 07:57:03 -0700 (PDT) Received: by mail-wr1-x435.google.com with SMTP id v1so26775443wrt.11 for ; Wed, 26 Oct 2022 07:57:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=nLGBnao98U2XU+whEDXV4L3xqjUvQE7lEuTJMFWwHFw=; b=DwTJzDvepG7zTJhwN9uKoU1+PKM0uEa544wQTxHleuJvf+JSt+GQefP2vQ0apRKrHF Cq2brP2OeikGBKzEafjU4VgLLv5lSTVN3u1D45I3nVUXgdr+hgr1ddXMVFSeA8ucqjXa kyajds6lfUStGPlhi0LvbNzjVRelj+jyUCUAe4uh1Ba/3VqLTG9/3LAtFdrxlfVSXmj5 +i1D//jIe3p/CUrzf+zz+TdyL4aVuPKs3zkyUcXQROmGDBC+KskrdPbbIYMMQgNbQ7Bh bp+7lnxCI8DMunJKdcozOncTw9xJ62/1fiKpBDARfB+wTa8mmzl207bkGGM5fx8EHQTM JluA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nLGBnao98U2XU+whEDXV4L3xqjUvQE7lEuTJMFWwHFw=; b=rINV29tj+jcKCqNSW1bnzuyvxWvKV0XzaA9+kjAMRp3NQPMqvVGwKAdQrA1UrHnuhb iiMQz8dg7pF6uoGViqn6oxOnrREiYOmgdhkY9A4dEUD1KEFRvpVO84Eex/TAfq8steQu LxFxcqiwlaSFQqr04VMxnKmq8kg6QT0sTYcaLPiRItZh9HWF3aSIzqOs3LqaEumz6PWk 1JQPnrTbCCI7xdbdGnK7jjXWvoQG6d0WvJCqwl6NO4YofdlPQDFx4oGBQWb2mDWXXDfh uJqTdlrSvfuGODrMew4keuh1kWO6C1FJRegAE3VLz0otfmjWL2lpiNJ1GzQ0Pbix/Hab oPRQ== X-Gm-Message-State: ACrzQf3kmwjVsLTictIimVaPB+azlIPK76iwZEwHrlfF5v/p31DfRFd3 BCxfS45OeS0BK3rSMRrbt4hSXdXXjxWG7g== X-Google-Smtp-Source: AMsMyM6nyxLspiEsV6v3lmTDWi3ngwbLcHHS9v3DBaTU8WRAYu4zcmhDcQt27KoIOJ76uwhUfCqPew== X-Received: by 2002:a5d:5270:0:b0:236:60c6:6e80 with SMTP id l16-20020a5d5270000000b0023660c66e80mr14752279wrc.140.1666796221387; Wed, 26 Oct 2022 07:57:01 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id i25-20020a1c5419000000b003c7084d072csm2180351wmb.28.2022.10.26.07.57.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 07:57:00 -0700 (PDT) From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?= To: git@vger.kernel.org Cc: Junio C Hamano , Mike Hommey , "brian m . carlson" , =?utf-8?q?Carlo_Marcelo?= =?utf-8?q?_Arenas_Bel=C3=B3n?= , Eric Sunshine , Glen Choo , Eric DeCosta , =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBC?= =?utf-8?b?amFybWFzb24=?= Subject: [PATCH v4 9/9] Makefile: discuss SHAttered in *_SHA{1,256} discussion Date: Wed, 26 Oct 2022 16:56:47 +0200 Message-Id: X-Mailer: git-send-email 2.38.0.1251.g3eefdfb5e7a In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Let's mention the SHAttered attack and more generally why we use the sha1collisiondetection backend by default, and note that for SHA-256 the user should feel free to pick any of the supported backends as far as hashing security is concerned. Signed-off-by: Ævar Arnfjörð Bjarmason --- Makefile | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/Makefile b/Makefile index a0ca6456b85..805e88ed5fd 100644 --- a/Makefile +++ b/Makefile @@ -481,6 +481,16 @@ include shared.mak # # === SHA-1 backend === # +# ==== Security ==== +# +# Due to the SHAttered (https://shattered.io) attack vector on SHA-1 +# it's strongly recommended to use the sha1collisiondetection +# counter-cryptanalysis library for SHA-1 hashing (DC_SHA1). +# +# If you know that you can trust the repository contents, or where +# potential SHA-1 attacks are otherwise mitigated the backends listed +# in "Other SHA-1 implementations" are faster than DC_SHA1. +# # ==== Default SHA-1 backend ==== # # If no *_SHA1 backend is picked we'll fall back on using the default. @@ -525,6 +535,11 @@ include shared.mak # # === SHA-256 backend === # +# ==== Security ==== +# +# Unlike SHA-1 the SHA-256 algorithm does not suffer from any known +# vulnerabilities, so any implementation will do. +# # ==== Default SHA-256 backend ==== # # If no *_SHA256 backend is picked we'll fall fall back on using the