From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Thomas Huth" <thuth@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Stefan Weil" <sw@weilnetz.de>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
"Wainer dos Santos Moschetta" <wainersm@redhat.com>,
"Willian Rampazzo" <willianr@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>
Subject: [PATCH 03/12] crypto: bump min nettle to 3.3, dropping RHEL-7 support
Date: Tue, 11 May 2021 14:26:32 +0100 [thread overview]
Message-ID: <20210511132641.1022161-4-berrange@redhat.com> (raw)
In-Reply-To: <20210511132641.1022161-1-berrange@redhat.com>
It has been over two years since RHEL-8 was released, and thus per the
platform build policy, we no longer need to support RHEL-7 as a build
target. This lets us increment the minimum required nettle version and
drop a lot of backwards compatibility code for 2.x series of nettle.
Per repology, current shipping versions are:
RHEL-8: 3.4.1
Debian Stretch: 3.3
Debian Buster: 3.4.1
openSUSE Leap 15.2: 3.4.1
Ubuntu LTS 18.04: 3.4
Ubuntu LTS 20.04: 3.5.1
FreeBSD: 3.7.2
Fedora 33: 3.5.1
Fedora 34: 3.7.2
OpenBSD: 3.7.2
macOS HomeBrew: 3.7.2
Debian Stretch has the oldest version and so 3.3 is the new minimum.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
.gitlab-ci.yml | 10 ----------
configure | 4 +---
crypto/cipher-nettle.c.inc | 31 -------------------------------
crypto/hash-nettle.c | 4 ----
crypto/hmac-nettle.c | 4 ----
5 files changed, 1 insertion(+), 52 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 23917d6d73..aef16515d3 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -716,16 +716,6 @@ build-coroutine-sigaltstack:
#
# These jobs test old gcrypt and nettle from RHEL7
# which had some API differences.
-crypto-old-nettle:
- <<: *native_build_job_definition
- needs:
- job: amd64-centos7-container
- variables:
- IMAGE: centos7
- TARGETS: x86_64-softmmu x86_64-linux-user
- CONFIGURE_ARGS: --disable-gcrypt --enable-nettle
- MAKE_CHECK_ARGS: check
-
crypto-old-gcrypt:
<<: *native_build_job_definition
needs:
diff --git a/configure b/configure
index 54f8475444..53902d9c02 100755
--- a/configure
+++ b/configure
@@ -2860,10 +2860,9 @@ has_libgcrypt() {
if test "$nettle" != "no"; then
pass="no"
- if $pkg_config --exists "nettle >= 2.7.1"; then
+ if $pkg_config --exists "nettle >= 3.3"; then
nettle_cflags=$($pkg_config --cflags nettle)
nettle_libs=$($pkg_config --libs nettle)
- nettle_version=$($pkg_config --modversion nettle)
# Link test to make sure the given libraries work (e.g for static).
write_c_skeleton
if compile_prog "" "$nettle_libs" ; then
@@ -5722,7 +5721,6 @@ if test "$gcrypt" = "yes" ; then
fi
if test "$nettle" = "yes" ; then
echo "CONFIG_NETTLE=y" >> $config_host_mak
- echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak
echo "NETTLE_CFLAGS=$nettle_cflags" >> $config_host_mak
echo "NETTLE_LIBS=$nettle_libs" >> $config_host_mak
fi
diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc
index cac771e4ff..490472656c 100644
--- a/crypto/cipher-nettle.c.inc
+++ b/crypto/cipher-nettle.c.inc
@@ -39,41 +39,10 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
uint8_t *dst,
const uint8_t *src);
-#if CONFIG_NETTLE_VERSION_MAJOR < 3
-typedef nettle_crypt_func * QCryptoCipherNettleFuncNative;
-typedef void * cipher_ctx_t;
-typedef unsigned cipher_length_t;
-#define CONST_CTX
-
-#define cast5_set_key cast128_set_key
-
-#define aes128_ctx aes_ctx
-#define aes192_ctx aes_ctx
-#define aes256_ctx aes_ctx
-#define aes128_set_encrypt_key(c, k) \
- aes_set_encrypt_key(c, 16, k)
-#define aes192_set_encrypt_key(c, k) \
- aes_set_encrypt_key(c, 24, k)
-#define aes256_set_encrypt_key(c, k) \
- aes_set_encrypt_key(c, 32, k)
-#define aes128_set_decrypt_key(c, k) \
- aes_set_decrypt_key(c, 16, k)
-#define aes192_set_decrypt_key(c, k) \
- aes_set_decrypt_key(c, 24, k)
-#define aes256_set_decrypt_key(c, k) \
- aes_set_decrypt_key(c, 32, k)
-#define aes128_encrypt aes_encrypt
-#define aes192_encrypt aes_encrypt
-#define aes256_encrypt aes_encrypt
-#define aes128_decrypt aes_decrypt
-#define aes192_decrypt aes_decrypt
-#define aes256_decrypt aes_decrypt
-#else
typedef nettle_cipher_func * QCryptoCipherNettleFuncNative;
typedef const void * cipher_ctx_t;
typedef size_t cipher_length_t;
#define CONST_CTX const
-#endif
static inline bool qcrypto_length_check(size_t len, size_t blocksize,
Error **errp)
diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c
index 2a6ee7c7d5..5c8977fb80 100644
--- a/crypto/hash-nettle.c
+++ b/crypto/hash-nettle.c
@@ -26,11 +26,7 @@
#include <nettle/sha.h>
#include <nettle/ripemd160.h>
-#if CONFIG_NETTLE_VERSION_MAJOR < 3
-typedef unsigned int hash_length_t;
-#else
typedef size_t hash_length_t;
-#endif
typedef void (*qcrypto_nettle_init)(void *ctx);
typedef void (*qcrypto_nettle_write)(void *ctx,
diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c
index 1152b741fd..da6b6fa014 100644
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@@ -18,11 +18,7 @@
#include "hmacpriv.h"
#include <nettle/hmac.h>
-#if CONFIG_NETTLE_VERSION_MAJOR < 3
-typedef unsigned int hmac_length_t;
-#else
typedef size_t hmac_length_t;
-#endif
typedef void (*qcrypto_nettle_hmac_setkey)(void *ctx,
hmac_length_t key_length,
--
2.31.1
next prev parent reply other threads:[~2021-05-11 13:32 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-11 13:26 [PATCH 00/12] Wave goodbye to RHEL 7 vintage distros Daniel P. Berrangé
2021-05-11 13:26 ` [PATCH 01/12] gitlab: move linux user build job from CentOS 7 to CentOS 8 Daniel P. Berrangé
2021-05-11 13:54 ` Thomas Huth
2021-05-11 14:04 ` Daniel P. Berrangé
2021-05-12 16:19 ` Philippe Mathieu-Daudé
2021-05-12 16:28 ` Peter Maydell
2021-05-11 13:26 ` [PATCH 02/12] patchew: move quick build job from CentOS 7 to CentOS 8 container Daniel P. Berrangé
2021-05-11 13:57 ` Thomas Huth
2021-05-11 13:26 ` Daniel P. Berrangé [this message]
2021-05-11 14:01 ` [PATCH 03/12] crypto: bump min nettle to 3.3, dropping RHEL-7 support Thomas Huth
2021-05-11 20:56 ` Willian Rampazzo
2021-05-12 0:40 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 04/12] crypto: drop back compatibility typedefs for nettle Daniel P. Berrangé
2021-05-11 14:03 ` Thomas Huth
2021-05-12 0:40 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 05/12] crypto: bump min gcrypt to 1.7.6, dropping RHEL-7 support Daniel P. Berrangé
2021-05-11 14:06 ` Thomas Huth
2021-05-11 20:58 ` Willian Rampazzo
2021-05-12 0:40 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 06/12] crypto: bump min gnutls to 3.5.8, " Daniel P. Berrangé
2021-05-11 14:07 ` Thomas Huth
2021-05-11 20:59 ` Willian Rampazzo
2021-05-12 0:39 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 07/12] crypto: drop used conditional check Daniel P. Berrangé
2021-05-11 21:01 ` Willian Rampazzo
2021-05-12 0:41 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 08/12] tests/vm: convert centos VM recipe to CentOS 8 Daniel P. Berrangé
2021-05-11 15:04 ` Daniel P. Berrangé
2021-05-11 13:26 ` [PATCH 09/12] tests/docker: drop CentOS 7 container Daniel P. Berrangé
2021-05-11 14:09 ` Thomas Huth
2021-05-11 14:25 ` Alex Bennée
2021-05-11 20:52 ` Willian Rampazzo
2021-05-11 13:26 ` [PATCH 10/12] bump min required glib version to 2.50 Daniel P. Berrangé
2021-05-11 14:11 ` Thomas Huth
2021-05-11 21:03 ` Willian Rampazzo
2021-05-11 13:26 ` [PATCH 11/12] configure: bump min required GCC to 6.3.0 Daniel P. Berrangé
2021-05-11 14:15 ` Thomas Huth
2021-05-11 14:31 ` Daniel P. Berrangé
2021-05-11 21:04 ` Willian Rampazzo
2021-05-12 0:43 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 12/12] configure: bump min required CLang to 7.0.0 / XCode 10.2 Daniel P. Berrangé
2021-05-11 14:18 ` Thomas Huth
2021-05-11 14:32 ` Daniel P. Berrangé
2021-05-11 21:05 ` Willian Rampazzo
2021-05-12 0:44 ` Richard Henderson
2021-05-12 11:44 ` Philippe Mathieu-Daudé
2021-05-12 11:53 ` non-x86 runners in the Gitlab-CI (was: Re: [PATCH 12/12] configure: bump min required CLang to 7.0.0 / XCode 10.2) Thomas Huth
2021-05-12 13:47 ` Willian Rampazzo
2021-05-12 13:55 ` Thomas Huth
2021-05-12 13:59 ` Willian Rampazzo
2021-05-12 14:33 ` Thomas Huth
2021-05-12 14:00 ` Daniel P. Berrangé
2021-05-12 14:51 ` Philippe Mathieu-Daudé
2021-05-12 15:29 ` Daniel P. Berrangé
2021-05-12 12:25 ` [PATCH 12/12] configure: bump min required CLang to 7.0.0 / XCode 10.2 Daniel P. Berrangé
2021-05-12 14:10 ` Philippe Mathieu-Daudé
2021-05-12 14:43 ` Daniel P. Berrangé
2021-05-11 14:33 ` [PATCH 00/12] Wave goodbye to RHEL 7 vintage distros Thomas Huth
2021-05-13 10:05 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210511132641.1022161-4-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=f4bug@amsat.org \
--cc=qemu-devel@nongnu.org \
--cc=sw@weilnetz.de \
--cc=thuth@redhat.com \
--cc=wainersm@redhat.com \
--cc=willianr@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.