From b81689aa3f0fe035492309bfdd909377c61c7c82 Mon Sep 17 00:00:00 2001 From: Peter Keresztes Schmidt Date: Mon, 24 May 2021 13:36:26 +0200 Subject: [PATCH] Remove libgcrypt as dependency GnuTLS used gcrypt as backend but switched in ~2011 to nettle. Thus we don't need to/shouldn't depend on it. --- .github/workflows/codeql-analysis.yml | 2 +- CMakeLists.txt | 20 +--------------- distros/beowulf/control | 1 - distros/debian/control | 2 +- distros/opensuse/zoneminder.cmake.OS13.spec | 2 +- .../ubuntu1504_cmake_split_packages/control | 2 +- distros/ubuntu1604/control | 1 - distros/ubuntu2004/control | 1 - src/zm_rtsp_auth.cpp | 24 ++++++------------- src/zm_rtsp_auth.h | 10 ++++---- src/zm_user.cpp | 15 ++---------- zoneminder-config.cmake | 2 -- 12 files changed, 18 insertions(+), 64 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8b071a662..f63ef62e8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -53,7 +53,7 @@ jobs: git submodule update --init --recursive sudo apt-get update sudo apt-get install libavdevice-dev libavcodec-dev libavformat-dev libavutil-dev libswresample-dev libswscale-dev libjwt-gnutls-dev - sudo apt-get install libbz2-dev libgcrypt20-dev libcurl4-gnutls-dev libjpeg-turbo8-dev libturbojpeg0-dev + sudo apt-get install libbz2-dev libcurl4-gnutls-dev libjpeg-turbo8-dev libturbojpeg0-dev sudo apt-get install default-libmysqlclient-dev libpcre3-dev libpolkit-gobject-1-dev libv4l-dev libvlc-dev sudo apt-get install libdate-manip-perl libdbd-mysql-perl libphp-serialization-perl libsys-mmap-perl sudo apt-get install libwww-perl libdata-uuid-perl libssl-dev libcrypt-eksblowfish-perl libdata-entropy-perl diff --git a/CMakeLists.txt b/CMakeLists.txt index 700c80a20..99893bbbf 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -411,23 +411,6 @@ else() set(optlibsnotfound "${optlibsnotfound} PCRE") endif() -# gcrypt (using find_library and find_path) -find_library(GCRYPT_LIBRARIES gcrypt) -if(GCRYPT_LIBRARIES) - set(HAVE_LIBGCRYPT 1) - list(APPEND ZM_BIN_LIBS "${GCRYPT_LIBRARIES}") - find_path(GCRYPT_INCLUDE_DIR gcrypt.h) - if(GCRYPT_INCLUDE_DIR) - include_directories("${GCRYPT_INCLUDE_DIR}") - set(CMAKE_REQUIRED_INCLUDES "${GCRYPT_INCLUDE_DIR}") - endif() - mark_as_advanced(FORCE GCRYPT_LIBRARIES GCRYPT_INCLUDE_DIR) - check_include_file("gcrypt.h" HAVE_GCRYPT_H) - set(optlibsfound "${optlibsfound} GCrypt") -else() - set(optlibsnotfound "${optlibsnotfound} GCrypt") -endif() - # mysqlclient (using find_library and find_path) find_library(MYSQLCLIENT_LIBRARIES mysqlclient PATH_SUFFIXES mysql) if(MYSQLCLIENT_LIBRARIES) @@ -708,10 +691,9 @@ if((NOT HAVE_MD5_OPENSSL) AND (NOT HAVE_DECL_GNUTLS_FINGERPRINT)) none were found - hashed authentication will not be available") endif() -# Dirty fix for zm_user only using openssl's md5 if gnutls and gcrypt are not available. +# Dirty fix for zm_user only using openssl's md5 if gnutls is not available. # This needs to be fixed in zm_user.[h,cpp] but such fix will also require changes to configure.ac if(HAVE_LIBCRYPTO AND HAVE_OPENSSL_MD5_H AND HAVE_MD5_OPENSSL) - set(HAVE_GCRYPT_H 0) set(HAVE_GNUTLS_OPENSSL_H 0) endif() diff --git a/distros/beowulf/control b/distros/beowulf/control index 28135f583..ae93080f9 100644 --- a/distros/beowulf/control +++ b/distros/beowulf/control @@ -14,7 +14,6 @@ Build-Depends: debhelper, sphinx-doc, dh-linktree, dh-apache2 ,ffmpeg ,net-tools ,libbz2-dev - ,libgcrypt20-dev ,libcurl4-gnutls-dev ,libturbojpeg0-dev ,default-libmysqlclient-dev | libmysqlclient-dev | libmariadbclient-dev-compat diff --git a/distros/debian/control b/distros/debian/control index 6bb59f206..3ae5c7922 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -17,7 +17,7 @@ Build-Depends: debhelper (>= 9), cmake , libnetpbm10-dev , libvlccore-dev, libvlc-dev , libcurl4-gnutls-dev | libcurl4-nss-dev | libcurl4-openssl-dev - , libgcrypt11-dev, libpolkit-gobject-1-dev + , libpolkit-gobject-1-dev , libphp-serialization-perl , libdate-manip-perl, libmime-lite-perl, libmime-tools-perl, libdbd-mysql-perl , libwww-perl, libarchive-tar-perl, libarchive-zip-perl, libdevice-serialport-perl diff --git a/distros/opensuse/zoneminder.cmake.OS13.spec b/distros/opensuse/zoneminder.cmake.OS13.spec index e1ed14325..416f59662 100644 --- a/distros/opensuse/zoneminder.cmake.OS13.spec +++ b/distros/opensuse/zoneminder.cmake.OS13.spec @@ -27,7 +27,7 @@ Source: ZoneMinder-%{version}.tar.gz BuildRequires: cmake polkit-devel BuildRequires: perl-DBI perl-DBD-mysql perl-Date-Manip perl-Sys-Mmap -BuildRequires: libjpeg62 libjpeg62-devel libmysqld-devel libSDL-devel libgcrypt-devel libgnutls-devel +BuildRequires: libjpeg62 libjpeg62-devel libmysqld-devel libSDL-devel libgnutls-devel BuildRequires: libffmpeg-devel x264 BuildRequires: pcre-devel w32codec-all diff --git a/distros/ubuntu1504_cmake_split_packages/control b/distros/ubuntu1504_cmake_split_packages/control index d4be60413..45b7a3e50 100644 --- a/distros/ubuntu1504_cmake_split_packages/control +++ b/distros/ubuntu1504_cmake_split_packages/control @@ -15,7 +15,7 @@ Build-Depends: debhelper (>= 9), po-debconf (>= 1.0), autoconf, automake, libtoo , libdevice-serialport-perl, libarchive-zip-perl, libmime-lite-perl , libvlccore-dev, libvlc-dev , libcurl4-gnutls-dev | libcurl4-nss-dev | libcurl4-openssl-dev -, libgcrypt11-dev | libgcrypt20-dev, libpolkit-gobject-1-dev +, libpolkit-gobject-1-dev , libdbi-perl, libnet-sftp-foreign-perl, libexpect-perl, libmime-tools-perl Standards-Version: 3.9.6 Homepage: http://www.zoneminder.com/ diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 0def73f60..b98353c9c 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -14,7 +14,6 @@ Build-Depends: debhelper (>= 9), dh-systemd, python3-sphinx, apache2-dev, dh-lin ,ffmpeg | libav-tools ,net-tools ,libbz2-dev - ,libgcrypt-dev | libgcrypt11-dev ,libcurl4-gnutls-dev ,libgnutls-openssl-dev ,libjpeg8-dev | libjpeg9-dev | libjpeg62-turbo-dev diff --git a/distros/ubuntu2004/control b/distros/ubuntu2004/control index 01c3a8472..c853b7d63 100644 --- a/distros/ubuntu2004/control +++ b/distros/ubuntu2004/control @@ -13,7 +13,6 @@ Build-Depends: debhelper (>= 12), sphinx-doc, python3-sphinx, dh-linktree, dh-ap ,ffmpeg ,net-tools ,libbz2-dev - ,libgcrypt20-dev ,libcurl4-gnutls-dev ,libjpeg-turbo8-dev | libjpeg62-turbo-dev | libjpeg8-dev | libjpeg9-dev ,libturbojpeg0-dev diff --git a/src/zm_rtsp_auth.cpp b/src/zm_rtsp_auth.cpp index ae05e1e7d..39b498d81 100644 --- a/src/zm_rtsp_auth.cpp +++ b/src/zm_rtsp_auth.cpp @@ -22,26 +22,16 @@ #include "zm_utils.h" #include #include +#include namespace zm { -Authenticator::Authenticator( const std::string &username, const std::string &password) : - fCnonce("0a4f113b"), - fUsername(username), - fPassword(password) - { -#ifdef HAVE_GCRYPT_H - // Special initialisation for libgcrypt - if ( !gcry_check_version(GCRYPT_VERSION) ) { - Fatal("Unable to initialise libgcrypt"); - } - gcry_control( GCRYCTL_DISABLE_SECMEM, 0 ); - gcry_control( GCRYCTL_INITIALIZATION_FINISHED, 0 ); -#endif // HAVE_GCRYPT_H - - fAuthMethod = AUTH_UNDEFINED; - nc = 1; -} +Authenticator::Authenticator(std::string username, std::string password) + : fAuthMethod(AUTH_UNDEFINED), + fCnonce("0a4f113b"), + fUsername(std::move(username)), + fPassword(std::move(password)), + nc(1) {} Authenticator::~Authenticator() { reset(); diff --git a/src/zm_rtsp_auth.h b/src/zm_rtsp_auth.h index 4ea664989..b5a4959f9 100644 --- a/src/zm_rtsp_auth.h +++ b/src/zm_rtsp_auth.h @@ -26,18 +26,16 @@ #include #endif -#if HAVE_GCRYPT_H -#include -#elif HAVE_LIBCRYPTO +#if HAVE_LIBCRYPTO #include -#endif // HAVE_GCRYPT_H || HAVE_LIBCRYPTO +#endif // HAVE_LIBCRYPTO -namespace zm { +namespace zm { enum AuthMethod { AUTH_UNDEFINED = 0, AUTH_BASIC = 1, AUTH_DIGEST = 2 }; class Authenticator { public: - Authenticator(const std::string &username, const std::string &password); + Authenticator(std::string username, std::string password); virtual ~Authenticator(); void reset(); diff --git a/src/zm_user.cpp b/src/zm_user.cpp index a17db9e0f..8b475ca23 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -29,11 +29,9 @@ #include #endif -#if HAVE_GCRYPT_H -#include -#elif HAVE_LIBCRYPTO +#if HAVE_LIBCRYPTO #include -#endif // HAVE_GCRYPT_H || HAVE_LIBCRYPTO +#endif // HAVE_LIBCRYPTO User::User() { id = 0; @@ -192,15 +190,6 @@ User *zmLoadTokenUser(const std::string &jwt_token_str, bool use_remote_addr) { // Function to validate an authentication string User *zmLoadAuthUser(const char *auth, bool use_remote_addr) { #if HAVE_DECL_MD5 || HAVE_DECL_GNUTLS_FINGERPRINT -#ifdef HAVE_GCRYPT_H - // Special initialisation for libgcrypt - if ( !gcry_check_version(GCRYPT_VERSION) ) { - Fatal("Unable to initialise libgcrypt"); - } - gcry_control(GCRYCTL_DISABLE_SECMEM, 0); - gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); -#endif // HAVE_GCRYPT_H - const char *remote_addr = ""; if ( use_remote_addr ) { remote_addr = getenv("REMOTE_ADDR"); diff --git a/zoneminder-config.cmake b/zoneminder-config.cmake index 473a6be70..b9a446205 100644 --- a/zoneminder-config.cmake +++ b/zoneminder-config.cmake @@ -35,8 +35,6 @@ #cmakedefine HAVE_PTHREAD_H #cmakedefine HAVE_LIBPCRE 1 #cmakedefine HAVE_PCRE_H 1 -#cmakedefine HAVE_LIBGCRYPT 1 -#cmakedefine HAVE_GCRYPT_H 1 #cmakedefine HAVE_LIBGNUTLS 1 #cmakedefine HAVE_GNUTLS_GNUTLS_H 1 #cmakedefine HAVE_LIBMYSQLCLIENT 1