From c4a65c34c298c314da5feafed808e49aea12cd12 Mon Sep 17 00:00:00 2001
From: Edward Thomson <ethomson@edwardthomson.com>
Date: Sat, 28 Dec 2024 15:34:04 +0000
Subject: [PATCH] cmake: standardize builtin sha1dc selection

All `USE_*` options are now `builtin`. Use that for the builtin sha1dc
implementation, keeping `CollisionDetection` for backward compatibility.
---
 CMakeLists.txt                |  2 +-
 cmake/SelectHashes.cmake      | 13 +++++++++----
 src/libgit2/libgit2.c         |  2 +-
 src/util/CMakeLists.txt       |  4 +++-
 src/util/git2_features.h.in   |  2 +-
 src/util/hash/sha.h           |  8 ++++----
 tests/libgit2/core/features.c |  2 +-
 tests/util/sha1.c             |  2 +-
 8 files changed, 21 insertions(+), 14 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 31da49a88..bc9369baf 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -32,7 +32,7 @@ option(USE_NSEC                "Support nanosecond precision file mtimes and cti
 # Backend selection
    set(USE_SSH                 "" CACHE STRING "Enables SSH support and optionally selects provider. One of ON, OFF, or a specific provider: libssh2 or exec. (Defaults to OFF.)")
    set(USE_HTTPS               "" CACHE STRING "Enable HTTPS support and optionally selects the provider. One of ON, OFF, or a specific provider: OpenSSL, OpenSSL-FIPS, OpenSSL-Dynamic, mbedTLS, SecureTransport, Schannel, or WinHTTP. (Defaults to ON.)")
-   set(USE_SHA1                "" CACHE STRING "Selects SHA1 provider. One of CollisionDetection, HTTPS, or a specific provider. (Defaults to CollisionDetection.)")
+   set(USE_SHA1                "" CACHE STRING "Selects SHA1 provider. One of builtin, HTTPS, or a specific provider. (Defaults to builtin.)")
    set(USE_SHA256              "" CACHE STRING "Selects SHA256 provider. One of Builtin, HTTPS, or a specific provider. (Defaults to HTTPS.)")
 option(USE_GSSAPI              "Enable SPNEGO authentication using GSSAPI" OFF)
    set(USE_HTTP_PARSER         "" CACHE STRING "Selects HTTP Parser support: http-parser, llhttp, or builtin. (Defaults to builtin.)")
diff --git a/cmake/SelectHashes.cmake b/cmake/SelectHashes.cmake
index 35fea3ece..6f6e0f056 100644
--- a/cmake/SelectHashes.cmake
+++ b/cmake/SelectHashes.cmake
@@ -8,7 +8,7 @@ sanitizebool(USE_SHA256)
 # sha1
 
 if(USE_SHA1 STREQUAL "" OR USE_SHA1 STREQUAL ON)
-	SET(USE_SHA1 "CollisionDetection")
+	SET(USE_SHA1 "builtin")
 elseif(USE_SHA1 STREQUAL "HTTPS")
 	if(USE_HTTPS STREQUAL "SecureTransport")
 		set(USE_SHA1 "CommonCrypto")
@@ -23,8 +23,12 @@ elseif(USE_SHA1 STREQUAL "HTTPS")
 	endif()
 endif()
 
-if(USE_SHA1 STREQUAL "CollisionDetection")
-	set(GIT_SHA1_COLLISIONDETECT 1)
+if(USE_SHA1 STREQUAL "Builtin" OR USE_SHA1 STREQUAL "CollisionDetection")
+	set(USE_SHA1 "builtin")
+endif()
+
+if(USE_SHA1 STREQUAL "builtin")
+	set(GIT_SHA1_BUILTIN 1)
 elseif(USE_SHA1 STREQUAL "OpenSSL")
 	set(GIT_SHA1_OPENSSL 1)
 elseif(USE_SHA1 STREQUAL "OpenSSL-FIPS")
@@ -90,6 +94,7 @@ else()
 endif()
 
 # add library requirements
+
 if(USE_SHA1 STREQUAL "OpenSSL" OR USE_SHA256 STREQUAL "OpenSSL" OR
    USE_SHA1 STREQUAL "OpenSSL-FIPS" OR USE_SHA256 STREQUAL "OpenSSL-FIPS")
 	if(CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
@@ -115,7 +120,7 @@ add_feature_info(SHA256 ON "using ${USE_SHA256}")
 
 # warn for users who do not use sha1dc
 
-if(NOT "${USE_SHA1}" STREQUAL "CollisionDetection")
+if(NOT "${USE_SHA1}" STREQUAL "builtin")
 	list(APPEND WARNINGS "SHA1 support is set to ${USE_SHA1} which is not recommended - git's hash algorithm is sha1dc, it is *not* SHA1. Using SHA1 may leave you and your users susceptible to SHAttered-style attacks.")
 	set(WARNINGS ${WARNINGS} PARENT_SCOPE)
 endif()
diff --git a/src/libgit2/libgit2.c b/src/libgit2/libgit2.c
index de72cfe7d..a75fb0f91 100644
--- a/src/libgit2/libgit2.c
+++ b/src/libgit2/libgit2.c
@@ -224,7 +224,7 @@ const char *git_libgit2_feature_backend(git_feature_t feature)
 		break;
 
 	case GIT_FEATURE_SHA1:
-#if defined(GIT_SHA1_COLLISIONDETECT)
+#if defined(GIT_SHA1_BUILTIN)
 		return "builtin";
 #elif defined(GIT_SHA1_OPENSSL)
 		return "openssl";
diff --git a/src/util/CMakeLists.txt b/src/util/CMakeLists.txt
index 3692dc3d3..5831c213b 100644
--- a/src/util/CMakeLists.txt
+++ b/src/util/CMakeLists.txt
@@ -29,11 +29,13 @@ endif()
 # Hash backend selection
 #
 
-if(USE_SHA1 STREQUAL "CollisionDetection")
+if(USE_SHA1 STREQUAL "builtin")
 	file(GLOB UTIL_SRC_SHA1 hash/collisiondetect.* hash/sha1dc/*)
 	target_compile_definitions(util PRIVATE SHA1DC_NO_STANDARD_INCLUDES=1)
         target_compile_definitions(util PRIVATE SHA1DC_CUSTOM_INCLUDE_SHA1_C=\"git2_util.h\")
         target_compile_definitions(util PRIVATE SHA1DC_CUSTOM_INCLUDE_UBC_CHECK_C=\"git2_util.h\")
+elseif(USE_SHA1 STREQUAL "SHA1CollisionDetection")
+	file(GLOB UTIL_SRC_SHA1 hash/collisiondetect.*)
 elseif(USE_SHA1 STREQUAL "OpenSSL" OR USE_SHA1 STREQUAL "OpenSSL-Dynamic" OR USE_SHA1 STREQUAL "OpenSSL-FIPS")
 	add_definitions(-DOPENSSL_API_COMPAT=0x10100000L)
 	file(GLOB UTIL_SRC_SHA1 hash/openssl.*)
diff --git a/src/util/git2_features.h.in b/src/util/git2_features.h.in
index cd14cc234..c889202d7 100644
--- a/src/util/git2_features.h.in
+++ b/src/util/git2_features.h.in
@@ -50,7 +50,7 @@
 #cmakedefine GIT_HTTPPARSER_LLHTTP 1
 #cmakedefine GIT_HTTPPARSER_BUILTIN 1
 
-#cmakedefine GIT_SHA1_COLLISIONDETECT 1
+#cmakedefine GIT_SHA1_BUILTIN 1
 #cmakedefine GIT_SHA1_WIN32 1
 #cmakedefine GIT_SHA1_COMMON_CRYPTO 1
 #cmakedefine GIT_SHA1_OPENSSL 1
diff --git a/src/util/hash/sha.h b/src/util/hash/sha.h
index 8e7eeae8c..eb418c0d6 100644
--- a/src/util/hash/sha.h
+++ b/src/util/hash/sha.h
@@ -13,6 +13,10 @@
 typedef struct git_hash_sha1_ctx git_hash_sha1_ctx;
 typedef struct git_hash_sha256_ctx git_hash_sha256_ctx;
 
+#if defined(GIT_SHA1_BUILTIN)
+# include "collisiondetect.h"
+#endif
+
 #if defined(GIT_SHA1_COMMON_CRYPTO) || defined(GIT_SHA256_COMMON_CRYPTO)
 # include "common_crypto.h"
 #endif
@@ -32,10 +36,6 @@ typedef struct git_hash_sha256_ctx git_hash_sha256_ctx;
 # include "mbedtls.h"
 #endif
 
-#if defined(GIT_SHA1_COLLISIONDETECT)
-# include "collisiondetect.h"
-#endif
-
 #if defined(GIT_SHA256_BUILTIN)
 # include "builtin.h"
 #endif
diff --git a/tests/libgit2/core/features.c b/tests/libgit2/core/features.c
index b7cd6014a..8dba8e1a9 100644
--- a/tests/libgit2/core/features.c
+++ b/tests/libgit2/core/features.c
@@ -186,7 +186,7 @@ void test_core_features__backends(void)
 	cl_assert(0);
 #endif
 
-#if defined(GIT_SHA1_COLLISIONDETECT)
+#if defined(GIT_SHA1_BUILTIN)
 	cl_assert_equal_s("builtin", sha1);
 #elif defined(GIT_SHA1_OPENSSL)
 	cl_assert_equal_s("openssl", sha1);
diff --git a/tests/util/sha1.c b/tests/util/sha1.c
index fe4032c13..c144def71 100644
--- a/tests/util/sha1.c
+++ b/tests/util/sha1.c
@@ -70,7 +70,7 @@ void test_sha1__detect_collision_attack(void)
 		0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a
 	};
 
-#ifdef GIT_SHA1_COLLISIONDETECT
+#ifdef GIT_SHA1_BUILTIN
 	GIT_UNUSED(&expected);
 	cl_git_fail(sha1_file(actual, FIXTURE_DIR "/shattered-1.pdf"));
 	cl_assert_equal_s("SHA1 collision attack detected", git_error_last()->message);