Skip to content

Add the rehash utility to the openssl CLI tool#2258

Merged
smittals2 merged 30 commits intoaws:mainfrom
smittals2:rehash
Mar 19, 2025
Merged

Add the rehash utility to the openssl CLI tool#2258
smittals2 merged 30 commits intoaws:mainfrom
smittals2:rehash

Conversation

@smittals2
Copy link
Copy Markdown
Contributor

@smittals2 smittals2 commented Mar 8, 2025
edited
Loading

Description of changes:

Adding the rehash utility to the OpenSSL CLI tool. This design makes a number of different design choices from OpenSSL. Namely:

  1. Multiple directory paths are not supported, therefore duplicate filenames are not supported
  2. Like OpenSSL, any existing symlinks matching the hash regex are removed from the given directory. We do not provide an option to preserve these.
  3. We return a binary true or false to indicate status. OpenSSL counts and returns the number of errors.
  4. Simplified the general processing logic and hash table structures.
  5. Removed windows filesystem support, we only need this tool for unix based systems.
  6. We don't support the legacy hash format (MD5)

A wrapper bash script was created to call the openssl rehash functionality. This script is made executable and placed in the install folder via cmake. We also copy a test for this bash script to the build dir.

Testing:

Unit tests for the two tier hashtable and integration tests with symlink generation. Added another test to verify the functionality of the produced c_rehash script.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Mar 10, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 76.15894% with 72 lines in your changes missing coverage. Please review.

Project coverage is 79.04%. Comparing base (ab7375f) to head (8a9752a).
Report is 144 commits behind head on main.

Files with missing lines Patch % Lines
tool-openssl/rehash.cc 65.34% 70 Missing ⚠️
crypto/test/test_util.cc 60.00% 1 Missing and 1 partial ⚠️
Additional details and impacted files 
@@           Coverage Diff            @@
##             main    #2258    +/-   ##
========================================
  Coverage   79.03%   79.04%            
========================================
  Files         612      614     +2     
  Lines      106630   106934   +304     
  Branches    15097    15143    +46     
========================================
+ Hits        84271    84521   +250     
- Misses      21707    21761    +54     
  Partials      652      652

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@smittals2 smittals2 marked this pull request as ready for review March 12, 2025 17:12
@smittals2 smittals2 requested a review from a team as a code owner March 12, 2025 17:12
@smittals2 smittals2 requested review from justsmth and skmcgrail March 12, 2025 18:52
justsmth
justsmth reviewed Mar 17, 2025
View reviewed changes
tool-openssl/c_rehash_test.sh Outdated
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

# Run c_rehash with -help
output=$("${SCRIPT_DIR}/c_rehash" -help 2>&1)
Copy link
Copy Markdown
Contributor

@justsmth justsmth Mar 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be ${SCRIPT_DIR}/c_rehash.sh?

Copy link
Copy Markdown
Contributor Author

@smittals2 smittals2 Mar 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

File is renamed when placed into build and install dirs:
https://github.com/aws/aws-lc/pull/2258/files#diff-770a4bd1d030385193d7470f7eef5fead79d759b05f9bd3a9da5a3801fd196b7R49

skmcgrail
skmcgrail reviewed Mar 17, 2025
View reviewed changes
justsmth
justsmth reviewed Mar 18, 2025
View reviewed changes
@smittals2 smittals2 requested review from justsmth and skmcgrail March 18, 2025 21:01
justsmth
justsmth previously approved these changes Mar 19, 2025
View reviewed changes
@smittals2 smittals2 merged commit 652f7a9 into aws:main Mar 19, 2025
105 of 108 checks passed
@skmcgrail skmcgrail mentioned this pull request Mar 28, 2025
Merged
skmcgrail added a commit that referenced this pull request Mar 28, 2025
@skmcgrail
Prepare for v1.49.0 (#2297)
1e7565c 
## What's Changed
* Revert "Allow constructed strings in BER parsing (#2015)" by
@samuel40791765 in #2278
* Add the rehash utility to the openssl CLI tool by @smittals2 in
#2258
* Documentation on service indicator by @justsmth in
#2281
* Update patches in Ruby CI by @samuel40791765 in
#2233
* Reject DSA trailing garbage in EVP layer, add test cases by @skmcgrail
in #2289
* Add support for verifying PKCS7 signed attributes by @samuel40791765
in #2264
* Add support for more SSL BIO functions by @samuel40791765 in
#2273
* Wire-up rust-openssl into GitHub CI (for the time being) by @skmcgrail
in #2291
* Adding detection of out-of-bound pre-bound memory read to AES-XTS
tests. by @nebeid in #2286
* AES: Add function pointer trampoline to avoid delocator issue by
@hanno-becker in #2294
* Bump mysql CI to 9.2.0 by @samuel40791765 in
#2161
* Cherrypick hardening DSA param checks from BoringSSL by @smittals2 in
#2293

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skmcgrail skmcgrail skmcgrail approved these changes

@justsmth justsmth justsmth approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@smittals2 @codecov-commenter @skmcgrail @justsmth