try ing to get XXHash working.

Currently the hash is being generated but I'm getting an
odd 'hash not delimited' error and I'm not sure what's causing it.

Makefile.in

@@ -50,7 +50,7 @@ CFLAGS= @CFLAGS@
 CFLAGS_NOPIE=@CFLAGS_NOPIE@
 CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
 PICFLAG=@PICFLAG@
-LIBS=@LIBS@ -lpthread
+LIBS=@LIBS@ -lpthread -lxxhash
 CHANNELLIBS=@CHANNELLIBS@
 K5LIBS=@K5LIBS@
 GSSLIBS=@GSSLIBS@

config.h.in

@@ -1775,6 +1775,9 @@
 /* libcrypto has NID_secp521r1 */
 #undef OPENSSL_HAS_NISTP521
 
+/* Libcrypto supports Poly1305 MAC EVP */
+#undef OPENSSL_HAVE_POLY_EVP
+
 /* libcrypto is missing AES 192 and 256 bit functions */
 #undef OPENSSL_LOBOTOMISED_AES
 
@@ -2005,6 +2008,9 @@
 /* use libcrypto for cryptography */
 #undef WITH_OPENSSL
 
+/* With OpenSSL3 */
+#undef WITH_OPENSSL3
+
 /* Define if you want SELinux support. */
 #undef WITH_SELINUX
 

configure

@@ -1527,7 +1527,7 @@ Optional Packages:
   --with-superuser-path=  Specify different path for super-user
   --with-4in6             Check for and convert IPv4 in IPv6 mapped addresses
   --with-bsd-auth         Enable BSD auth support
-  --with-pid-dir=PATH     Specify location of sshd.pid file
+  --with-pid-dir=PATH     Specify location of hpnsshd.pid file
   --with-lastlog=FILE|DIR specify lastlog location common locations
 
 Some influential environment variables:
@@ -18783,8 +18783,8 @@ then :
 			200*)   # LibreSSL
 				lver=`echo "$sslver" | sed 's/.*libressl-//'`
 				case "$lver" in
-				2*|300*) # 2.x, 3.0.0
-					as_fn_error $? "LibreSSL >= 3.1.0 required (have \"$ssl_showver\")" "$LINENO" 5
+				2*|300*|301*|302*|303*|304*|306*) # 2.x, 3.0.0
+					as_fn_error $? "LibreSSL >= 3.7.0 required (have \"$ssl_showver\")" "$LINENO" 5
 					;;
 				*) ;;	# Assume all other versions are good.
 				esac
@@ -18793,6 +18793,9 @@ then :
 				# OpenSSL 3; we use the 1.1x API
 				# https://openssl.org/policies/general/versioning-policy.html
 				CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L"
+
+printf "%s\n" "#define WITH_OPENSSL3 1" >>confdefs.h
+
 				;;
 		        *)
 				as_fn_error $? "Unknown/unsupported OpenSSL version (\"$ssl_showver\")" "$LINENO" 5
@@ -19076,6 +19079,58 @@ then :
 fi
 
 
+	# OpenSSL 3.0 API
+	# Does OpenSSL support the EVP_MAC functions for Poly1305?
+	{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL supports Poly1305 MAC EVP" >&5
+printf %s "checking whether OpenSSL supports Poly1305 MAC EVP... " >&6; }
+	if test "$cross_compiling" = yes
+then :
+  { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run test program while cross compiling
+See \`config.log' for more details" "$LINENO" 5; }
+else $as_nop
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+	#include <stdlib.h>
+	#include <stdio.h>
+	#include <openssl/evp.h>
+
+int
+main (void)
+{
+
+		EVP_MAC *mac = EVP_MAC_fetch(NULL, "poly1305", NULL);
+		if (mac == NULL)
+		   exit(1);
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"
+then :
+
+			{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+printf "%s\n" "yes" >&6; }
+
+printf "%s\n" "#define OPENSSL_HAVE_POLY_EVP 1" >>confdefs.h
+
+
+else $as_nop
+
+			{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
+printf "%s\n" "no" >&6; }
+
+
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+
+
 	if test "x$openssl_engine" = "xyes" ; then
 		{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5
 printf %s "checking for OpenSSL ENGINE support... " >&6; }
@@ -19110,6 +19165,8 @@ fi
 rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
 	fi
 
+
+
 	# Check for OpenSSL without EVP_aes_{192,256}_cbc
 	{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL lacks support for AES 192/256" >&5
 printf %s "checking whether OpenSSL lacks support for AES 192/256... " >&6; }
@@ -20228,7 +20285,7 @@ case "$host" in
 	SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER
 	;;
 *)
-	SSH_PRIVSEP_USER=sshd
+	SSH_PRIVSEP_USER=hpnsshd
 	;;
 esac
 
@@ -25159,11 +25216,11 @@ then :
 fi
 
 if test -z "$MANTYPE"; then
-	if ${MANDOC} ${srcdir}/ssh.1 >/dev/null 2>&1; then
+	if ${MANDOC} ${srcdir}/hpnssh.1 >/dev/null 2>&1; then
 		MANTYPE=doc
-	elif ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
+	elif ${NROFF} -mdoc ${srcdir}/hpnssh.1 >/dev/null 2>&1; then
 		MANTYPE=doc
-	elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
+	elif ${NROFF} -man ${srcdir}/hpnssh.1 >/dev/null 2>&1; then
 		MANTYPE=man
 	else
 		MANTYPE=cat
@@ -25514,7 +25571,7 @@ printf "%s\n" "#define BSD_AUTH 1" >>confdefs.h
 fi
 
 
-# Where to place sshd.pid
+# Where to place hpnsshd.pid
 piddir=/var/run
 # make sure the directory exists
 if test ! -d $piddir ; then
@@ -27716,3 +27773,4 @@ if test "$AUDIT_MODULE" = "bsm" ; then
 	echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
 	echo "See the Solaris section in README.platform for details."
 fi
+

scp.c

@@ -140,6 +140,13 @@
 #if (defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER)
 #include <openssl/evp.h>
 #endif
+/* trying to incorporate xxhash it's self contained 
+ * so it will work with libressl and it's faster than 
+ * blake512. However, we have other versions of hpn-ssh
+ * that use the blake512 hash so we need to have both for now
+ * CJR 11/5/2024
+ */
+#include "xxhash.h"
 #include "sftp.h"
 
 #include "sftp-common.h"
@@ -148,6 +155,7 @@
 extern char *__progname;
 
 #define COPY_BUFLEN	16384
+#define DEBUG
 
 int do_cmd(char *, char *, char *, int, int, char *, int *, int *, pid_t *);
 int do_cmd2(char *, char *, int, char *, int, int);
@@ -1382,7 +1390,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
  * The question we need to answer is do we make it a dependency or do we
  * build it locally and install the library ourselves? -CJR */
 
-#if (defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+#if !(defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER)
 void calculate_hash(char *filename, char *output, off_t length)
 {
 	int n, md_len;
@@ -1410,7 +1418,6 @@ void calculate_hash(char *filename, char *output, off_t length)
 	md = EVP_get_digestbyname("blake2b512");
 	c = EVP_MD_CTX_new();
 	EVP_DigestInit_ex(c, md, NULL);
-
 	while (length > 0) {
 		if (length > HASH_BUFLEN)
 			/* fread returns the number of elements read.
@@ -1434,9 +1441,85 @@ void calculate_hash(char *filename, char *output, off_t length)
 	fclose(file_ptr);
 }
 #else
+#include <assert.h>
 void calculate_hash(char *filename, char *output, off_t length)
 {
   /* empty function for builds without openssl or are using libressl */
+  /* this was an empty function but for now we are going to use it to 
+   * test xxhash. Once we have it working we can figure out the compatibility 
+   * tests and fallback methods. cjr 11/5/2024
+   */
+ 	size_t n, xxhash_len;
+	/* XXH3_state_t* state; /\* hash context *\/ */
+	/* XXH128_hash_t hash; /\* hash results *\/ */
+	XXH64_canonical_t canonical;
+	char buf[HASH_BUFLEN];
+	ssize_t bytes;
+	char tmp[3];
+	FILE *file_ptr;
+	*output = '\0';
+
+	/* open file for calculating hash */
+	file_ptr = fopen(filename, "r");
+	if (file_ptr==NULL)
+	{
+		if (verbose_mode) {
+			fprintf(stderr, "%s: error opening file %s\n", hostname, filename);
+			/* file the expected output with spaces */
+			snprintf(output, HASH_LEN, "%s",  " ");
+		}
+		return;
+	}
+
+	/* state = XXH3_createState(); */
+
+	/* while (length > 0) { */
+	/* 	if (length > HASH_BUFLEN) */
+	/* 		bytes=fread(buf, 1,  HASH_BUFLEN, file_ptr); */
+	/* 	else */
+	/* 		bytes=fread(buf, 1, length, file_ptr); */
+	/* 	fprintf(stderr, "%s: length is '%ld' of HASH_BUFLEN  %d for bytes %d\n", hostname, length, HASH_BUFLEN, bytes); */
+	/* 	XXH3_128bits_update(state, buf, bytes); */
+	/* 	length -= HASH_BUFLEN; */
+	/* } */
+	/* hash = XXH3_128bits_digest(state); */
+	/* XXH3_freeState(state); */
+
+	/* /\* this uses the canonical version of the hash to improve */
+	/*  * portability by standarizing an endianess. */
+	/*  * See the xxhash.h documentation */
+	/*  *\/ */
+
+	    // Allocate a state struct. Do not just use malloc() or new.
+	XXH3_state_t* state = XXH3_createState();
+	assert(state != NULL && "Out of memory!");
+	// Reset the state to start a new hashing session.
+	XXH3_64bits_reset(state);
+	char buffer[4096];
+	size_t count;
+	// Read the file in chunks
+	while ((count = fread(buffer, 1, sizeof(buffer), file_ptr)) != 0) {
+		// Run update() as many times as necessary to process the data
+		XXH3_64bits_update(state, buffer, count);
+	}
+	// Retrieve the finalized hash. This will not change the state.
+	XXH64_hash_t result = XXH3_64bits_digest(state);
+	// Free the state. Do not use free().
+	XXH3_freeState(state);
+        XXH64_canonicalFromHash(&canonical, result);
+	xxhash_len = sizeof(canonical.digest);
+	fprintf (stderr, "hash length is %d\n", xxhash_len);
+	/* convert the hash into a string */
+	for(n=0; n < xxhash_len; n++) {
+		snprintf(tmp, 3, "%02x", canonical.digest[n]);
+		strncat(output, tmp, 3);
+	}
+	strncat(output, " ", 1);
+
+#ifdef DEBUG
+	fprintf(stderr, "%s: HASH IS '%s' of length %ld\n", hostname, output, strlen(output));
+#endif
+	fclose(file_ptr); 
 }
 #endif /* WITH_OPENSSL */
 
@@ -2148,8 +2231,8 @@ sink(int argc, char **argv, const char *src)
 #ifdef DEBUG
 			fprintf (stderr, "%s: '%s'\n", hostname, remote_hashsum);
 #endif
-			if (!cp || *cp++ != ' ')
-				SCREWUP("hash not delimited");
+//			if (!cp || *cp++ != ' ')
+//				SCREWUP("hash not delimited");
 		}
 #ifdef DEBUG
 		fprintf(stderr, "%s: cp is %s\n", hostname, cp);