From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Thomas Huth" <thuth@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Stefan Weil" <sw@weilnetz.de>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
"Wainer dos Santos Moschetta" <wainersm@redhat.com>,
"Willian Rampazzo" <willianr@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>
Subject: [PATCH 05/12] crypto: bump min gcrypt to 1.7.6, dropping RHEL-7 support
Date: Tue, 11 May 2021 14:26:34 +0100 [thread overview]
Message-ID: <20210511132641.1022161-6-berrange@redhat.com> (raw)
In-Reply-To: <20210511132641.1022161-1-berrange@redhat.com>
It has been over two years since RHEL-8 was released, and thus per the
platform build policy, we no longer need to support RHEL-7 as a build
target. This lets us increment the minimum required gcrypt version and
assume that HMAC is always supported
Per repology, current shipping versions are:
RHEL-8: 1.8.5
Debian Stretch: 1.7.6
Debian Buster: 1.8.4
openSUSE Leap 15.2: 1.8.2
Ubuntu LTS 18.04: 1.8.1
Ubuntu LTS 20.04: 1.8.5
FreeBSD: 1.9.2
Fedora 33: 1.8.6
Fedora 34: 1.9.3
OpenBSD: 1.9.3
macOS HomeBrew: 1.9.3
Debian Stretch has the oldest version and so 1.7.6 is the new minimum.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
.gitlab-ci.yml | 10 ----------
configure | 18 +-----------------
crypto/meson.build | 6 +-----
3 files changed, 2 insertions(+), 32 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index aef16515d3..0fefda2674 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -716,16 +716,6 @@ build-coroutine-sigaltstack:
#
# These jobs test old gcrypt and nettle from RHEL7
# which had some API differences.
-crypto-old-gcrypt:
- <<: *native_build_job_definition
- needs:
- job: amd64-centos7-container
- variables:
- IMAGE: centos7
- TARGETS: x86_64-softmmu x86_64-linux-user
- CONFIGURE_ARGS: --disable-nettle --enable-gcrypt
- MAKE_CHECK_ARGS: check
-
crypto-only-gnutls:
<<: *native_build_job_definition
needs:
diff --git a/configure b/configure
index 53902d9c02..d5569f9252 100755
--- a/configure
+++ b/configure
@@ -426,7 +426,6 @@ gnutls="$default_feature"
nettle="$default_feature"
nettle_xts="no"
gcrypt="$default_feature"
-gcrypt_hmac="no"
gcrypt_xts="no"
qemu_private_xts="yes"
auth_pam="$default_feature"
@@ -2849,7 +2848,7 @@ has_libgcrypt() {
maj=`libgcrypt-config --version | awk -F . '{print $1}'`
min=`libgcrypt-config --version | awk -F . '{print $2}'`
- if test $maj != 1 || test $min -lt 5
+ if test $maj != 1 || test $min -lt 7
then
return 1
fi
@@ -2915,18 +2914,6 @@ if test "$gcrypt" != "no"; then
gcrypt="yes"
cat > $TMPC << EOF
#include <gcrypt.h>
-int main(void) {
- gcry_mac_hd_t handle;
- gcry_mac_open(&handle, GCRY_MAC_HMAC_MD5,
- GCRY_MAC_FLAG_SECURE, NULL);
- return 0;
-}
-EOF
- if compile_prog "$gcrypt_cflags" "$gcrypt_libs" ; then
- gcrypt_hmac=yes
- fi
- cat > $TMPC << EOF
-#include <gcrypt.h>
int main(void) {
gcry_cipher_hd_t handle;
gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_XTS, 0);
@@ -5713,9 +5700,6 @@ if test "$gnutls" = "yes" ; then
fi
if test "$gcrypt" = "yes" ; then
echo "CONFIG_GCRYPT=y" >> $config_host_mak
- if test "$gcrypt_hmac" = "yes" ; then
- echo "CONFIG_GCRYPT_HMAC=y" >> $config_host_mak
- fi
echo "GCRYPT_CFLAGS=$gcrypt_cflags" >> $config_host_mak
echo "GCRYPT_LIBS=$gcrypt_libs" >> $config_host_mak
fi
diff --git a/crypto/meson.build b/crypto/meson.build
index 7f37b5d335..af7e80c6f6 100644
--- a/crypto/meson.build
+++ b/crypto/meson.build
@@ -26,11 +26,7 @@ if 'CONFIG_NETTLE' in config_host
crypto_ss.add(files('hash-nettle.c', 'hmac-nettle.c', 'pbkdf-nettle.c'))
elif 'CONFIG_GCRYPT' in config_host
crypto_ss.add(files('hash-gcrypt.c', 'pbkdf-gcrypt.c'))
- if 'CONFIG_GCRYPT_HMAC' in config_host
- crypto_ss.add(files('hmac-gcrypt.c'))
- else
- crypto_ss.add(files('hmac-glib.c'))
- endif
+ crypto_ss.add(files('hmac-gcrypt.c'))
else
crypto_ss.add(files('hash-glib.c', 'hmac-glib.c', 'pbkdf-stub.c'))
endif
--
2.31.1
next prev parent reply other threads:[~2021-05-11 13:29 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-11 13:26 [PATCH 00/12] Wave goodbye to RHEL 7 vintage distros Daniel P. Berrangé
2021-05-11 13:26 ` [PATCH 01/12] gitlab: move linux user build job from CentOS 7 to CentOS 8 Daniel P. Berrangé
2021-05-11 13:54 ` Thomas Huth
2021-05-11 14:04 ` Daniel P. Berrangé
2021-05-12 16:19 ` Philippe Mathieu-Daudé
2021-05-12 16:28 ` Peter Maydell
2021-05-11 13:26 ` [PATCH 02/12] patchew: move quick build job from CentOS 7 to CentOS 8 container Daniel P. Berrangé
2021-05-11 13:57 ` Thomas Huth
2021-05-11 13:26 ` [PATCH 03/12] crypto: bump min nettle to 3.3, dropping RHEL-7 support Daniel P. Berrangé
2021-05-11 14:01 ` Thomas Huth
2021-05-11 20:56 ` Willian Rampazzo
2021-05-12 0:40 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 04/12] crypto: drop back compatibility typedefs for nettle Daniel P. Berrangé
2021-05-11 14:03 ` Thomas Huth
2021-05-12 0:40 ` Richard Henderson
2021-05-11 13:26 ` Daniel P. Berrangé [this message]
2021-05-11 14:06 ` [PATCH 05/12] crypto: bump min gcrypt to 1.7.6, dropping RHEL-7 support Thomas Huth
2021-05-11 20:58 ` Willian Rampazzo
2021-05-12 0:40 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 06/12] crypto: bump min gnutls to 3.5.8, " Daniel P. Berrangé
2021-05-11 14:07 ` Thomas Huth
2021-05-11 20:59 ` Willian Rampazzo
2021-05-12 0:39 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 07/12] crypto: drop used conditional check Daniel P. Berrangé
2021-05-11 21:01 ` Willian Rampazzo
2021-05-12 0:41 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 08/12] tests/vm: convert centos VM recipe to CentOS 8 Daniel P. Berrangé
2021-05-11 15:04 ` Daniel P. Berrangé
2021-05-11 13:26 ` [PATCH 09/12] tests/docker: drop CentOS 7 container Daniel P. Berrangé
2021-05-11 14:09 ` Thomas Huth
2021-05-11 14:25 ` Alex Bennée
2021-05-11 20:52 ` Willian Rampazzo
2021-05-11 13:26 ` [PATCH 10/12] bump min required glib version to 2.50 Daniel P. Berrangé
2021-05-11 14:11 ` Thomas Huth
2021-05-11 21:03 ` Willian Rampazzo
2021-05-11 13:26 ` [PATCH 11/12] configure: bump min required GCC to 6.3.0 Daniel P. Berrangé
2021-05-11 14:15 ` Thomas Huth
2021-05-11 14:31 ` Daniel P. Berrangé
2021-05-11 21:04 ` Willian Rampazzo
2021-05-12 0:43 ` Richard Henderson
2021-05-11 13:26 ` [PATCH 12/12] configure: bump min required CLang to 7.0.0 / XCode 10.2 Daniel P. Berrangé
2021-05-11 14:18 ` Thomas Huth
2021-05-11 14:32 ` Daniel P. Berrangé
2021-05-11 21:05 ` Willian Rampazzo
2021-05-12 0:44 ` Richard Henderson
2021-05-12 11:44 ` Philippe Mathieu-Daudé
2021-05-12 11:53 ` non-x86 runners in the Gitlab-CI (was: Re: [PATCH 12/12] configure: bump min required CLang to 7.0.0 / XCode 10.2) Thomas Huth
2021-05-12 13:47 ` Willian Rampazzo
2021-05-12 13:55 ` Thomas Huth
2021-05-12 13:59 ` Willian Rampazzo
2021-05-12 14:33 ` Thomas Huth
2021-05-12 14:00 ` Daniel P. Berrangé
2021-05-12 14:51 ` Philippe Mathieu-Daudé
2021-05-12 15:29 ` Daniel P. Berrangé
2021-05-12 12:25 ` [PATCH 12/12] configure: bump min required CLang to 7.0.0 / XCode 10.2 Daniel P. Berrangé
2021-05-12 14:10 ` Philippe Mathieu-Daudé
2021-05-12 14:43 ` Daniel P. Berrangé
2021-05-11 14:33 ` [PATCH 00/12] Wave goodbye to RHEL 7 vintage distros Thomas Huth
2021-05-13 10:05 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210511132641.1022161-6-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=f4bug@amsat.org \
--cc=qemu-devel@nongnu.org \
--cc=sw@weilnetz.de \
--cc=thuth@redhat.com \
--cc=wainersm@redhat.com \
--cc=willianr@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.