From 5aca4cf569f19d235662c4fbaa04df21e5fd46c2 Mon Sep 17 00:00:00 2001 From: Kotresh HR Date: Tue, 19 Dec 2017 00:05:05 -0500 Subject: fips: Replace md5sum usage to enable fips support md5sum is not fips compliant. Using xxhash64 instead of md5sum for socket file generation in glusterd and changelog to enable fips support. NOTE: md5sum is 128 bit hash. xxhash used is 64 bit. Updates: #230 Change-Id: I1bf2ea05905b9151cd29fa951f903685ab0dc84c Signed-off-by: Kotresh HR --- libglusterfs/src/common-utils.c | 11 ----------- libglusterfs/src/common-utils.h | 1 - 2 files changed, 12 deletions(-) (limited to 'libglusterfs/src') diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c index ad0359d7cb2..ef76bdfe750 100644 --- a/libglusterfs/src/common-utils.c +++ b/libglusterfs/src/common-utils.c @@ -73,17 +73,6 @@ char *vol_type_str[] = {"Distribute", typedef int32_t (*rw_op_t)(int32_t fd, char *buf, int32_t size); typedef int32_t (*rwv_op_t)(int32_t fd, const struct iovec *buf, int32_t size); -void -md5_wrapper(const unsigned char *data, size_t len, char *md5) -{ - unsigned short i = 0; - unsigned short lim = MD5_DIGEST_LENGTH*2+1; - unsigned char scratch[MD5_DIGEST_LENGTH] = {0,}; - MD5(data, len, scratch); - for (; i < MD5_DIGEST_LENGTH; i++) - snprintf(md5 + i * 2, lim-i*2, "%02x", scratch[i]); -} - void gf_xxh64_wrapper(const unsigned char *data, size_t len, unsigned long long seed, char *xxh64) diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h index 1954892ff8f..8df96c338f5 100644 --- a/libglusterfs/src/common-utils.h +++ b/libglusterfs/src/common-utils.h @@ -841,7 +841,6 @@ gf_ports_reserved (char *blocked_port, unsigned char *ports, uint32_t ceiling); int gf_get_hostname_from_ip (char *client_ip, char **hostname); gf_boolean_t gf_is_local_addr (char *hostname); gf_boolean_t gf_is_same_address (char *host1, char *host2); -void md5_wrapper(const unsigned char *data, size_t len, char *md5); void gf_xxh64_wrapper(const unsigned char *data, size_t len, unsigned long long seed, char *xxh64); int gf_set_timestamp (const char *src, const char* dest); -- cgit