[Toybox] protect against sha*sum misconfiguration?
Rob Landley
rob at landley.net
Fri Aug 23 07:55:47 PDT 2019
On 8/22/19 2:54 PM, enh via Toybox wrote:
> i accidentally ended up with a toybox binary that had the sha*sum
> binaries enabled, but TOYBOX_LIBCRYPTO disabled. this silently output
> md5sums instead. seems like a compile-time error would have been
> ideal, and a run-time error still better than just silently doing the
> wrong thing.
Sigh. My _plan_ was to implement sha*sum in the built-in logic, I just haven't
gotten around to it yet. (In the meantime they default "n" like the rest of the
pending stuff, but of course you don't use that. :)
> runtime's easy enough; something like
>
> if (!CFG_TOYBOX_LIBCRYPTO) error_exit("toybox built without libcrypto");
>
> in sha1sum_main (which implements all the sha*sums). but i feel like a
> build-time check would be better, and i'm not sure about the right way
> to write that?
Well, it already says "depends on TOYBOX_LIBCRYPTO" in the kconfig entries so
you shouldn't be _able_ to select it if you've disabled that. (It shouldn't show
up in menuconfig, you'd have to hand-edit your config file. Is this a kconfig
bug or did you do that?)
If you want to guard against _THAT_, we can put USE_TOYBOX_LIBCRYPTO() around
the NEWTOY lines for those three. (They nest.) Or I can just try to find time to
implement sha3 and friends. :)
Sigh, what are we up to. Let's check the drinking game page...
https://valerieaurora.org/hash.html
Looks like sha3 is still current.
Rob
More information about the Toybox
mailing list