xserver dependency on crypto library because of a hashmap

Mon Jun 9 04:04:16 PDT 2014

Hello Remi,

Rémi Cardona remi at gentoo.org wrote:
> Le dimanche 08 juin 2014 à 15:46 +0200, Marek Behun a écrit :
> > 300 lines of code only to
> > wrap external library calls. In those 300 lines one could write some
> > simpler, faster hashmap hash function (isn't crc32 or something simpler
> > good enough for this?), 
> 
> Back in our bugzilla, your only concern seemed to be about our package
> depending on OpenSSL. While I understand that concern with all the
> recent security flaws in that lib, do you have any numbers to back your
> new-found concern regarding speed?
> 

I think that security flaws found in openssl/gnutls last days/months is 
very good reason to not use it - when it is not needed.

> As for using something else, SHA1 was introduced nearly 7 years ago,
> precisely to replace a custom XOR hash:
> 
> commit 19b3b1fd8feb343a690331cafe88ef10b34b9d98
> Author: Carl Worth <cworth at cworth.org>
> Date:   Tue Jul 31 17:04:13 2007 -0700
> 
> See this thread for some reasoning
> http://lists.x.org/archives/xorg/2007-August/026730.html
> 

I still do not understand what cryptographic safe hash function solving in 
hash map of glyphs. Why there is need to use sha1 hash function for hash 
map? I have never seen use of sha1 hash function for implementing hash map. 
For me this is really overkill.

CCing Carl, please can you explain your decision for sha1? Maybe I did not 
catch something important.

> > or one could copy the entire code for sha1 from another library.
> 
> commit a39377cbcbd3091095efbeab25bec18ae520147e
> Author: Keith Packard <keithp at keithp.com>
> Date:   Tue Sep 23 09:22:07 2008 -0700
> 
>     Revert "Render: Use built-in SHA1 library"
>     
>     This reverts commit d3bd31fddff7894f89ba80a3cdddff49aff08db8.
>     
>     X.org should not be providing a custom SHA1 implementation.
> 
> Bundled libraries are distributions' worst nightmares and this
> particular debate has been settled.
> 

And using external buggy and insecure libraries is nightmare for admins... 
And specially for programs which run under root (and iopl too). I 
understand that distributions want to use dynamic linking and avoiding 
duplicate code...

But now xserver has big #ifdef for more crypto libraries. Why not to add 
another #ifdef for using bundled sha1 implementation? This will not affect 
any distributions and solve problem of dynamic linking with some ssl 
library (which is itself not needed for xserver).

CCing Keith, what do you think about it?

> > Depending on external crypto library because of a hashmap is insane for
> > Christ's sake.
> 
> I fail to see the insanity of depending on other libraries when they fit
> the bill.
> 

I think this is ridiculous. Xserver using only sha1 functions from openssl 
library, no encryption/decryption...

> Rémi

PS: Please add me to CC, I'm not subscribed to this list.

-- 
Pali Rohár
pali.rohar at gmail.com