Hi, the SHA1_HashBuf function you are using originates from a non-public internal API which gets packaged on Fedora but is not available at least on Debian (Squeeze) and Gentoo.
Could you please use HASH_HashBuf(HASH_AlgSHA1,...) which is available on more platforms? The attached patch would do this. I'm not familiar with Fedora's nss packaging but maybe you can also drop the check for nss-softokn in favor of nss with pkg-config. Regards, Andreas
commit 43c8469eac29fe941d699e8cdd962fc4f0e97cc2 Author: Andreas Niederl <andreas.nied...@iaik.tugraz.at> Date: Fri Aug 12 14:34:47 2011 +0200 Use public NSS API for SHA1 hash diff --git a/configure b/configure index 78571bf..8b696ea 100755 --- a/configure +++ b/configure @@ -2578,22 +2578,31 @@ fi # libtpms probe if test "$tpm" = "yes" ; then - if $pkg_config --atleast-version=3.12.8 nss-softokn >/dev/null 2>&1 ; then - tpmsupport_cflags=$($pkg_config --cflags nss-softokn 2>/dev/null) - tpmsupport_libs="-lfreebl -lnspr4 -lnssutil3" + if $pkg_config --exists nss-softokn ; then + tpmsupport_nss="nss-softokn" + else + tpmsupport_nss="nss" + fi + if $pkg_config --atleast-version=3.12.8 $tpmsupport_nss >/dev/null 2>&1 ; then + tpmsupport_cflags=$($pkg_config --cflags $tpmsupport_nss 2>/dev/null) + if test "$tpmsupport_nss" = "nss-softokn" ; then + tpmsupport_libs="-lfreebl -lnspr4 -lnssutil3" + else + tpmsupport_libs="-lnss3 -lnspr4 -lnssutil3" + fi QEMU_CFLAGS="$QEMU_CFLAGS $tpmsupport_cflags" LIBS="$LIBS $tpmsupport_libs" else - feature_not_found "nss-softokn" + feature_not_found "$tpmsupport_nss" fi # Check for nss-softokn-freebl-devel cat > $TMPC <<EOF -#include <blapi.h> +#include <sechash.h> int main(void) { unsigned char hash[20]; char src[1]; - return (int)SHA1_Hash(hash, src); + return (int)HASH_HashBuf(HASH_AlgSHA1, hash, src, sizeof(src)); } EOF diff --git a/sha1.c b/sha1.c index 51c0f0b..3e6a94a 100644 --- a/sha1.c +++ b/sha1.c @@ -1,5 +1,5 @@ /* - * SHA1 Freebl wrapper + * SHA1 NSS wrapper * * Copyright (C) 2011 IBM Corporation * Copyright (C) 2011 Stefan Berger @@ -11,9 +11,9 @@ #include "sha1.h" -#include <nss3/blapi.h> +#include <sechash.h> int qemu_sha1(unsigned char hash[20], const unsigned char *data, uint32_t len) { - return SHA1_HashBuf(hash, data, len); + return HASH_HashBuf(HASH_AlgSHA1, hash, (unsigned char *)data, len); }
smime.p7s
Description: S/MIME Cryptographic Signature