From mboxrd@z Thu Jan 1 00:00:00 1970 From: john at keeping.me.uk (John Keeping) Date: Wed, 27 Nov 2013 21:00:36 +0000 Subject: [PATCH 1/1] enable cgit to show gravatar for author, committer and tagger In-Reply-To: <20131127215133.4c81d1df@leda.localdomain> References: <1385565437-15752-1-git-send-email-mail@eworm.de> <20131127163724.GF15033@serenity.lan> <20131127215133.4c81d1df@leda.localdomain> Message-ID: <20131127210036.GG15033@serenity.lan> On Wed, Nov 27, 2013 at 09:51:33PM +0100, Christian Hesse wrote: > John Keeping on Wed, 2013/11/27 16:37: > > On Wed, Nov 27, 2013 at 04:17:17PM +0100, Christian Hesse wrote: > > > diff --git a/parsing.c b/parsing.c > > > index 658621d..a8005f6 100644 > > > --- a/parsing.c > > > +++ b/parsing.c > > > @@ -8,6 +8,9 @@ > > > > > > #include "cgit.h" > > > > > > +/* we need md5 hashing algorithm to calculate Gravatar URL */ > > > +#include > > > > We don't currently depend on OpenSSL, except via Git which can use > > alternative SHA-1 implementations. > > > > At the very least Debian will not distribute GPL'd packages > > linked against OpenSSL [1]. > > > > [1] > > http://lintian.debian.org/tags/possible-gpl-code-linked-with-openssl.html > > Damn licensing stuff... Ok, but cgit is already linked against libcrypt which > belongs to openssl. > > Any ideas what to use instead? Shipping a complete MD5 implementation is a > bad idea I think. I think writing against OpenSSL is fine, everyone else tends to have a compatibility layer for that API anyway. But it would be nice to define a MD5_HEADER variable in a similar way to git.git's SHA1_HEADER. > > > +char * cgit_get_gravatar(const char * email) { > > > + int n, length; > > > + MD5_CTX c; > > > + unsigned char digest[16]; > > > + char hex[33]; > > > + char * gravatar = malloc(67); > > > + > > > + /* skip brackets! */ > > > + email++; > > > + length = strlen(email) - 1; > > > + > > > + MD5_Init(&c); > > > + > > > + while (length > 0) { > > > + if (length > 512) > > > + MD5_Update(&c, email, 512); > > > + else > > > + MD5_Update(&c, email, length); > > > + length -= 512; > > > + email += 512; > > > + } > > > + > > > + MD5_Final(digest, &c); > > > > Would it be possible to extract everything from MD5_Init to MD5_Final to > > a function that just computes the MD5 of a string? That should make it > > easier to add alternative implementations. > > I updated the code to use MD5(...), but that is still openssl. > > > > + for (n = 0; n < 16; ++n) > > > + snprintf(&(hex[n*2]), 16*2, "%02x", (unsigned > > > int)digest[n]); + > > > + sprintf(gravatar, "http://www.gravatar.com/avatar/%s?s=", hex); > > > + > > > + return gravatar; > > > +}