From: mcgrof@do-not-panic.com (Luis R. Rodriguez) To: cocci@systeme.lip6.fr Subject: [Cocci] [PATCH 2/9] Use gnutls_priority_set_direct() to deprecate gnutls_*_set() Date: Fri, 20 Nov 2015 09:47:45 -0800 [thread overview] Message-ID: <1448041672-3986-3-git-send-email-mcgrof@do-not-panic.com> (raw) In-Reply-To: <1448041672-3986-1-git-send-email-mcgrof@do-not-panic.com> From: "Luis R. Rodriguez" <mcgrof@suse.com> Using deprecate gnutls_*_set() triggers a failure to compile with gnutls30-3.4.4, used on OpenSUSE factory: ../libqemu_common.a(vnc.o): In function `vnc_start_tls': ~/devel/xen/tools/qemu-xen-traditional-dir/vnc.c:2164: undefined reference to `gnutls_kx_set_priority' ~/devel/xen/tools/qemu-xen-traditional-dir/vnc.c:2171: undefined reference to `gnutls_certificate_type_set_priority' ~/devel/xen/tools/qemu-xen-traditional-dir/vnc.c:2178: undefined reference to `gnutls_protocol_set_priority' This compilation issue can be fixed by using the new routine gnutls_priority_set_direct() which replaces the deprecated calls which also simplifies the code considerably. The following Coccinelle rule expresses the change in a general grammar form, this could be used should the code be rebased, or to do the transformation in other projects using the same gnutls library. @ vars @ identifier kx_x509, kx_anon, cert_type_priority, protocol_priority; declarer name NEED_X509_AUTH; @@ -int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; -int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; -int kx_anon[] = { GNUTLS_KX_ANON_DH, 0}; -int kx_x509[] = { GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0}; @ calls_kx_set_priority @ identifier vars.kx_x509, vars.kx_anon; expression need_x509; struct VncState *vs; @@ -if (gnutls_kx_set_priority(vs->tls_session, need_x509 ? kx_x509 : kx_anon) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; -} @ calls_certificate_type_set_priority depends on calls_kx_set_priority @ identifier vars.cert_type_priority; struct VncState *calls_kx_set_priority.vs; @@ -if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; -} @ calls_protocol_set_priority depends on calls_certificate_type_set_priority @ identifier vars.protocol_priority; struct VncState *calls_kx_set_priority.vs; expression calls_kx_set_priority.need_x509; @@ -if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; -} +if (gnutls_priority_set_direct(vs->tls_session, need_x509 ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) { + gnutls_deinit(vs->tls_session); + vs->tls_session = NULL; + vnc_client_error(vs); + return -1; +} Generated-by: Coccinelle SmPL Cc: cocci at systeme.lip6.fr Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> --- vnc.c | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/vnc.c b/vnc.c index 7629dfa18645..32c604084a5b 100644 --- a/vnc.c +++ b/vnc.c @@ -2137,11 +2137,6 @@ static void vnc_handshake_io(void *opaque) { static int vnc_start_tls(struct VncState *vs) { - static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; - static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; - static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0}; - static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0}; - VNC_DEBUG("Do TLS setup\n"); if (vnc_tls_initialize() < 0) { VNC_DEBUG("Failed to init TLS\n"); @@ -2161,21 +2156,7 @@ static int vnc_start_tls(struct VncState *vs) { return -1; } - if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; - } - - if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; - } - - if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) { + if (gnutls_priority_set_direct(vs->tls_session, NEED_X509_AUTH(vs) ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) { gnutls_deinit(vs->tls_session); vs->tls_session = NULL; vnc_client_error(vs); -- 2.6.2
WARNING: multiple messages have this Message-ID (diff)
From: "Luis R. Rodriguez" <mcgrof@do-not-panic.com> To: xen-devel@lists.xensource.com, ian.campbell@citrix.com, JBeulich@suse.com Cc: samuel.thibault@ens-lyon.org, pryorm09@gmail.com, cfergeau@redhat.com, cocci@systeme.lip6.fr Subject: [PATCH 2/9] Use gnutls_priority_set_direct() to deprecate gnutls_*_set() Date: Fri, 20 Nov 2015 09:47:45 -0800 [thread overview] Message-ID: <1448041672-3986-3-git-send-email-mcgrof@do-not-panic.com> (raw) In-Reply-To: <1448041672-3986-1-git-send-email-mcgrof@do-not-panic.com> From: "Luis R. Rodriguez" <mcgrof@suse.com> Using deprecate gnutls_*_set() triggers a failure to compile with gnutls30-3.4.4, used on OpenSUSE factory: ../libqemu_common.a(vnc.o): In function `vnc_start_tls': ~/devel/xen/tools/qemu-xen-traditional-dir/vnc.c:2164: undefined reference to `gnutls_kx_set_priority' ~/devel/xen/tools/qemu-xen-traditional-dir/vnc.c:2171: undefined reference to `gnutls_certificate_type_set_priority' ~/devel/xen/tools/qemu-xen-traditional-dir/vnc.c:2178: undefined reference to `gnutls_protocol_set_priority' This compilation issue can be fixed by using the new routine gnutls_priority_set_direct() which replaces the deprecated calls which also simplifies the code considerably. The following Coccinelle rule expresses the change in a general grammar form, this could be used should the code be rebased, or to do the transformation in other projects using the same gnutls library. @ vars @ identifier kx_x509, kx_anon, cert_type_priority, protocol_priority; declarer name NEED_X509_AUTH; @@ -int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; -int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; -int kx_anon[] = { GNUTLS_KX_ANON_DH, 0}; -int kx_x509[] = { GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0}; @ calls_kx_set_priority @ identifier vars.kx_x509, vars.kx_anon; expression need_x509; struct VncState *vs; @@ -if (gnutls_kx_set_priority(vs->tls_session, need_x509 ? kx_x509 : kx_anon) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; -} @ calls_certificate_type_set_priority depends on calls_kx_set_priority @ identifier vars.cert_type_priority; struct VncState *calls_kx_set_priority.vs; @@ -if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; -} @ calls_protocol_set_priority depends on calls_certificate_type_set_priority @ identifier vars.protocol_priority; struct VncState *calls_kx_set_priority.vs; expression calls_kx_set_priority.need_x509; @@ -if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; -} +if (gnutls_priority_set_direct(vs->tls_session, need_x509 ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) { + gnutls_deinit(vs->tls_session); + vs->tls_session = NULL; + vnc_client_error(vs); + return -1; +} Generated-by: Coccinelle SmPL Cc: cocci@systeme.lip6.fr Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> --- vnc.c | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/vnc.c b/vnc.c index 7629dfa18645..32c604084a5b 100644 --- a/vnc.c +++ b/vnc.c @@ -2137,11 +2137,6 @@ static void vnc_handshake_io(void *opaque) { static int vnc_start_tls(struct VncState *vs) { - static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; - static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; - static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0}; - static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0}; - VNC_DEBUG("Do TLS setup\n"); if (vnc_tls_initialize() < 0) { VNC_DEBUG("Failed to init TLS\n"); @@ -2161,21 +2156,7 @@ static int vnc_start_tls(struct VncState *vs) { return -1; } - if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; - } - - if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) { - gnutls_deinit(vs->tls_session); - vs->tls_session = NULL; - vnc_client_error(vs); - return -1; - } - - if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) { + if (gnutls_priority_set_direct(vs->tls_session, NEED_X509_AUTH(vs) ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) { gnutls_deinit(vs->tls_session); vs->tls_session = NULL; vnc_client_error(vs); -- 2.6.2
next prev parent reply other threads:[~2015-11-20 17:47 UTC|newest] Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top 2015-11-20 17:47 [PATCH 0/9] xen: build fixes with gcc5 and binutils 2.25.0 Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 1/9] Revert "Use the extra stack for 16bit USB and PS2 keyboard/mouse commands." Luis R. Rodriguez 2015-11-20 17:47 ` Luis R. Rodriguez [this message] 2015-11-20 17:47 ` [PATCH 2/9] Use gnutls_priority_set_direct() to deprecate gnutls_*_set() Luis R. Rodriguez 2015-11-25 14:53 ` [Cocci] [Xen-devel] " Konrad Rzeszutek Wilk 2015-11-25 14:53 ` Konrad Rzeszutek Wilk 2015-11-25 19:36 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2015-11-25 19:36 ` Luis R. Rodriguez 2015-11-25 20:44 ` [Cocci] " Konrad Rzeszutek Wilk 2015-11-25 20:44 ` Konrad Rzeszutek Wilk 2016-02-06 1:44 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-06 1:44 ` Luis R. Rodriguez 2016-02-06 3:45 ` [Cocci] " Konrad Rzeszutek Wilk 2016-02-06 3:45 ` Konrad Rzeszutek Wilk 2016-02-06 4:03 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-06 4:03 ` Luis R. Rodriguez 2016-02-06 4:12 ` [Cocci] [Xen-devel] " Konrad Rzeszutek Wilk 2016-02-06 4:12 ` Konrad Rzeszutek Wilk 2016-02-06 4:36 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-06 4:36 ` Luis R. Rodriguez 2016-02-06 20:18 ` [Cocci] [Xen-devel] " Doug Goldstein 2016-02-06 20:18 ` Doug Goldstein 2016-02-09 10:54 ` Jan Beulich 2016-02-09 15:46 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-09 15:46 ` Luis R. Rodriguez 2016-02-09 16:06 ` Jan Beulich 2016-02-09 16:36 ` Olaf Hering 2016-02-09 16:42 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-09 16:42 ` Luis R. Rodriguez 2016-02-09 18:23 ` Olaf Hering 2016-02-10 3:04 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-10 3:04 ` Luis R. Rodriguez 2016-02-10 9:46 ` Ian Campbell 2016-02-10 15:41 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-10 15:41 ` Luis R. Rodriguez 2016-02-10 15:44 ` Olaf Hering 2016-02-10 15:55 ` [Cocci] [Xen-devel] " Luis R. Rodriguez 2016-02-10 15:55 ` Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 3/9] hw/usb-net.c: fix state check Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 4/9] qemu-xen-dir: spice: remove spice-experimental.h include Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 5/9] qemu-xen-dir: virtio-rng: fix check for period_ms validity Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 6/9] mini-os: fix linker warning with app.lds Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 7/9] stubdom: fix unfound libgmp library issues Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 8/9] vtpm: fix vtpmblk.c compilation warning Luis R. Rodriguez 2015-11-20 17:47 ` [PATCH 9/9] vtpm: guard against redefining TPM_VENDOR_COMMAND Luis R. Rodriguez 2016-02-06 1:48 ` [PATCH 0/9] xen: build fixes with gcc5 and binutils 2.25.0 Luis R. Rodriguez 2016-02-06 3:52 ` Konrad Rzeszutek Wilk 2016-02-06 4:07 ` Luis R. Rodriguez 2016-02-06 20:22 ` Doug Goldstein 2016-02-07 5:34 ` Fengguang Wu 2016-02-08 9:58 ` Ian Campbell 2016-02-09 15:56 ` Luis R. Rodriguez 2016-02-09 16:26 ` Ian Campbell 2016-02-09 16:39 ` Luis R. Rodriguez 2016-02-10 9:34 ` Ian Campbell 2016-02-09 8:08 ` Jan Beulich 2016-02-09 16:09 ` Luis R. Rodriguez 2016-02-09 16:22 ` Ian Campbell 2016-02-09 16:30 ` Luis R. Rodriguez 2016-02-09 16:39 ` Ian Campbell 2016-02-09 16:53 ` Luis R. Rodriguez 2016-02-10 5:21 ` Luis R. Rodriguez 2016-02-10 9:38 ` Ian Campbell 2016-02-10 5:44 ` Luis R. Rodriguez 2016-02-10 9:47 ` Ian Campbell 2016-02-11 8:08 ` Olaf Hering 2016-02-10 0:24 ` Dario Faggioli [not found] <1447975341-32070-1-git-send-email-mcgrof@do-not-panic.com> 2015-11-19 23:22 ` [Cocci] [PATCH 2/9] Use gnutls_priority_set_direct() to deprecate gnutls_*_set() Luis R. Rodriguez
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1448041672-3986-3-git-send-email-mcgrof@do-not-panic.com \ --to=mcgrof@do-not-panic.com \ --cc=cocci@systeme.lip6.fr \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.