Fix nettle_hash() function to avoid ABI incompatibilities.
The way of accessing the list of available hashes on nettle was
vulnerable to breaking if the version of libnettle in use was
different to the version dnsmasq was compiled against.
Change to a new system if libnettle >= 3.4 is in use.
Older versions if nettle are still OK, once 3.4 is reached,
the ABi problem is fixed. Thanks to Petr Menšík for clues on this.
diff --git a/src/crypto.c b/src/crypto.c
index 16ef1ca..5becfb0 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -114,17 +114,25 @@
if (!name)
return NULL;
+ /* We provide a "null" hash which returns the input data as digest. */
+ if (strcmp(null_hash.name, name) == 0)
+ return &null_hash;
+
+ /* libnettle >= 3.4 provides nettle_lookup_hash() which avoids nasty ABI
+ incompatibilities if sizeof(nettle_hashes) changes between library
+ versions. */
+
+#if (NETTLE_VERSION_MAJOR>3) || ((NETTLE_VERSION_MAJOR==3) && (NETTLE_VERSION_MINOR >=4))
+ return nettle_lookup_hash(name);
+#else
for (i = 0; nettle_hashes[i]; i++)
{
if (strcmp(nettle_hashes[i]->name, name) == 0)
return nettle_hashes[i];
}
- /* We provide a "null" hash which returns the input data as digest. */
- if (strcmp(null_hash.name, name) == 0)
- return &null_hash;
-
- return NULL;
+ return NULL;
+#endif
}
/* expand ctx and digest memory allocations if necessary and init hash function */