crypto: bump min nettle to 3.4, dropping RHEL-7 support
It has been over two years since RHEL-8 was released, and thus per the
platform build policy, we no longer need to support RHEL-7 as a build
target. This lets us increment the minimum required nettle version and
drop a lot of backwards compatibility code for 2.x series of nettle.
Per repology, current shipping versions are:
RHEL-8: 3.4.1
Debian Buster: 3.4.1
openSUSE Leap 15.2: 3.4.1
Ubuntu LTS 18.04: 3.4
Ubuntu LTS 20.04: 3.5.1
FreeBSD: 3.7.2
Fedora 33: 3.5.1
Fedora 34: 3.7.2
OpenBSD: 3.7.2
macOS HomeBrew: 3.7.2
Ubuntu LTS 18.04 has the oldest version and so 3.4 is the new minimum.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210514120415.1368922-4-berrange@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
[thuth: rebased to use .gitlab-ci.d/buildtest.yml]
Signed-off-by: Thomas Huth <thuth@redhat.com>
stable-6.1
Daniel P. Berrangé
Thomas Huth
parent
f4d4be8212
commit
20ba7a4a34
|
|
@ -630,16 +630,6 @@ build-coroutine-sigaltstack:
|
|||
#
|
||||
# These jobs test old gcrypt and nettle from RHEL7
|
||||
# which had some API differences.
|
||||
crypto-old-nettle:
|
||||
extends: .native_build_job_template
|
||||
needs:
|
||||
job: amd64-centos7-container
|
||||
variables:
|
||||
IMAGE: centos7
|
||||
TARGETS: x86_64-softmmu x86_64-linux-user
|
||||
CONFIGURE_ARGS: --disable-gcrypt --enable-nettle
|
||||
MAKE_CHECK_ARGS: check
|
||||
|
||||
crypto-old-gcrypt:
|
||||
extends: .native_build_job_template
|
||||
needs:
|
||||
|
|
|
|||
|
|
@ -2871,10 +2871,9 @@ has_libgcrypt() {
|
|||
|
||||
if test "$nettle" != "no"; then
|
||||
pass="no"
|
||||
if $pkg_config --exists "nettle >= 2.7.1"; then
|
||||
if $pkg_config --exists "nettle >= 3.4"; then
|
||||
nettle_cflags=$($pkg_config --cflags nettle)
|
||||
nettle_libs=$($pkg_config --libs nettle)
|
||||
nettle_version=$($pkg_config --modversion nettle)
|
||||
# Link test to make sure the given libraries work (e.g for static).
|
||||
write_c_skeleton
|
||||
if compile_prog "" "$nettle_libs" ; then
|
||||
|
|
@ -5730,7 +5729,6 @@ if test "$gcrypt" = "yes" ; then
|
|||
fi
|
||||
if test "$nettle" = "yes" ; then
|
||||
echo "CONFIG_NETTLE=y" >> $config_host_mak
|
||||
echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak
|
||||
echo "NETTLE_CFLAGS=$nettle_cflags" >> $config_host_mak
|
||||
echo "NETTLE_LIBS=$nettle_libs" >> $config_host_mak
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -39,41 +39,10 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
|
|||
uint8_t *dst,
|
||||
const uint8_t *src);
|
||||
|
||||
#if CONFIG_NETTLE_VERSION_MAJOR < 3
|
||||
typedef nettle_crypt_func * QCryptoCipherNettleFuncNative;
|
||||
typedef void * cipher_ctx_t;
|
||||
typedef unsigned cipher_length_t;
|
||||
#define CONST_CTX
|
||||
|
||||
#define cast5_set_key cast128_set_key
|
||||
|
||||
#define aes128_ctx aes_ctx
|
||||
#define aes192_ctx aes_ctx
|
||||
#define aes256_ctx aes_ctx
|
||||
#define aes128_set_encrypt_key(c, k) \
|
||||
aes_set_encrypt_key(c, 16, k)
|
||||
#define aes192_set_encrypt_key(c, k) \
|
||||
aes_set_encrypt_key(c, 24, k)
|
||||
#define aes256_set_encrypt_key(c, k) \
|
||||
aes_set_encrypt_key(c, 32, k)
|
||||
#define aes128_set_decrypt_key(c, k) \
|
||||
aes_set_decrypt_key(c, 16, k)
|
||||
#define aes192_set_decrypt_key(c, k) \
|
||||
aes_set_decrypt_key(c, 24, k)
|
||||
#define aes256_set_decrypt_key(c, k) \
|
||||
aes_set_decrypt_key(c, 32, k)
|
||||
#define aes128_encrypt aes_encrypt
|
||||
#define aes192_encrypt aes_encrypt
|
||||
#define aes256_encrypt aes_encrypt
|
||||
#define aes128_decrypt aes_decrypt
|
||||
#define aes192_decrypt aes_decrypt
|
||||
#define aes256_decrypt aes_decrypt
|
||||
#else
|
||||
typedef nettle_cipher_func * QCryptoCipherNettleFuncNative;
|
||||
typedef const void * cipher_ctx_t;
|
||||
typedef size_t cipher_length_t;
|
||||
#define CONST_CTX const
|
||||
#endif
|
||||
|
||||
static inline bool qcrypto_length_check(size_t len, size_t blocksize,
|
||||
Error **errp)
|
||||
|
|
|
|||
|
|
@ -26,11 +26,7 @@
|
|||
#include <nettle/sha.h>
|
||||
#include <nettle/ripemd160.h>
|
||||
|
||||
#if CONFIG_NETTLE_VERSION_MAJOR < 3
|
||||
typedef unsigned int hash_length_t;
|
||||
#else
|
||||
typedef size_t hash_length_t;
|
||||
#endif
|
||||
|
||||
typedef void (*qcrypto_nettle_init)(void *ctx);
|
||||
typedef void (*qcrypto_nettle_write)(void *ctx,
|
||||
|
|
|
|||
|
|
@ -18,11 +18,7 @@
|
|||
#include "hmacpriv.h"
|
||||
#include <nettle/hmac.h>
|
||||
|
||||
#if CONFIG_NETTLE_VERSION_MAJOR < 3
|
||||
typedef unsigned int hmac_length_t;
|
||||
#else
|
||||
typedef size_t hmac_length_t;
|
||||
#endif
|
||||
|
||||
typedef void (*qcrypto_nettle_hmac_setkey)(void *ctx,
|
||||
hmac_length_t key_length,
|
||||
|
|
|
|||
Loading…
Reference in New Issue