From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Thomas Huth" <thuth@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Stefan Weil" <sw@weilnetz.de>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
"Wainer dos Santos Moschetta" <wainersm@redhat.com>,
"Willian Rampazzo" <willianr@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>
Subject: [PATCH v2 03/12] crypto: bump min nettle to 3.4, dropping RHEL-7 support
Date: Fri, 14 May 2021 13:04:06 +0100 [thread overview]
Message-ID: <20210514120415.1368922-4-berrange@redhat.com> (raw)
In-Reply-To: <20210514120415.1368922-1-berrange@redhat.com>
It has been over two years since RHEL-8 was released, and thus per the
platform build policy, we no longer need to support RHEL-7 as a build
target. This lets us increment the minimum required nettle version and
drop a lot of backwards compatibility code for 2.x series of nettle.
Per repology, current shipping versions are:
RHEL-8: 3.4.1
Debian Buster: 3.4.1
openSUSE Leap 15.2: 3.4.1
Ubuntu LTS 18.04: 3.4
Ubuntu LTS 20.04: 3.5.1
FreeBSD: 3.7.2
Fedora 33: 3.5.1
Fedora 34: 3.7.2
OpenBSD: 3.7.2
macOS HomeBrew: 3.7.2
Ubuntu LTS 18.04 has the oldest version and so 3.4 is the new minimum.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
.gitlab-ci.yml | 10 ----------
configure | 4 +---
crypto/cipher-nettle.c.inc | 31 -------------------------------
crypto/hash-nettle.c | 4 ----
crypto/hmac-nettle.c | 4 ----
5 files changed, 1 insertion(+), 52 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 726450a46d..f012b16b79 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -707,16 +707,6 @@ build-coroutine-sigaltstack:
#
# These jobs test old gcrypt and nettle from RHEL7
# which had some API differences.
-crypto-old-nettle:
- <<: *native_build_job_definition
- needs:
- job: amd64-centos7-container
- variables:
- IMAGE: centos7
- TARGETS: x86_64-softmmu x86_64-linux-user
- CONFIGURE_ARGS: --disable-gcrypt --enable-nettle
- MAKE_CHECK_ARGS: check
-
crypto-old-gcrypt:
<<: *native_build_job_definition
needs:
diff --git a/configure b/configure
index 6fea3210bd..050299290d 100755
--- a/configure
+++ b/configure
@@ -2860,10 +2860,9 @@ has_libgcrypt() {
if test "$nettle" != "no"; then
pass="no"
- if $pkg_config --exists "nettle >= 2.7.1"; then
+ if $pkg_config --exists "nettle >= 3.4"; then
nettle_cflags=$($pkg_config --cflags nettle)
nettle_libs=$($pkg_config --libs nettle)
- nettle_version=$($pkg_config --modversion nettle)
# Link test to make sure the given libraries work (e.g for static).
write_c_skeleton
if compile_prog "" "$nettle_libs" ; then
@@ -5731,7 +5730,6 @@ if test "$gcrypt" = "yes" ; then
fi
if test "$nettle" = "yes" ; then
echo "CONFIG_NETTLE=y" >> $config_host_mak
- echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak
echo "NETTLE_CFLAGS=$nettle_cflags" >> $config_host_mak
echo "NETTLE_LIBS=$nettle_libs" >> $config_host_mak
fi
diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc
index cac771e4ff..490472656c 100644
--- a/crypto/cipher-nettle.c.inc
+++ b/crypto/cipher-nettle.c.inc
@@ -39,41 +39,10 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
uint8_t *dst,
const uint8_t *src);
-#if CONFIG_NETTLE_VERSION_MAJOR < 3
-typedef nettle_crypt_func * QCryptoCipherNettleFuncNative;
-typedef void * cipher_ctx_t;
-typedef unsigned cipher_length_t;
-#define CONST_CTX
-
-#define cast5_set_key cast128_set_key
-
-#define aes128_ctx aes_ctx
-#define aes192_ctx aes_ctx
-#define aes256_ctx aes_ctx
-#define aes128_set_encrypt_key(c, k) \
- aes_set_encrypt_key(c, 16, k)
-#define aes192_set_encrypt_key(c, k) \
- aes_set_encrypt_key(c, 24, k)
-#define aes256_set_encrypt_key(c, k) \
- aes_set_encrypt_key(c, 32, k)
-#define aes128_set_decrypt_key(c, k) \
- aes_set_decrypt_key(c, 16, k)
-#define aes192_set_decrypt_key(c, k) \
- aes_set_decrypt_key(c, 24, k)
-#define aes256_set_decrypt_key(c, k) \
- aes_set_decrypt_key(c, 32, k)
-#define aes128_encrypt aes_encrypt
-#define aes192_encrypt aes_encrypt
-#define aes256_encrypt aes_encrypt
-#define aes128_decrypt aes_decrypt
-#define aes192_decrypt aes_decrypt
-#define aes256_decrypt aes_decrypt
-#else
typedef nettle_cipher_func * QCryptoCipherNettleFuncNative;
typedef const void * cipher_ctx_t;
typedef size_t cipher_length_t;
#define CONST_CTX const
-#endif
static inline bool qcrypto_length_check(size_t len, size_t blocksize,
Error **errp)
diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c
index 2a6ee7c7d5..5c8977fb80 100644
--- a/crypto/hash-nettle.c
+++ b/crypto/hash-nettle.c
@@ -26,11 +26,7 @@
#include <nettle/sha.h>
#include <nettle/ripemd160.h>
-#if CONFIG_NETTLE_VERSION_MAJOR < 3
-typedef unsigned int hash_length_t;
-#else
typedef size_t hash_length_t;
-#endif
typedef void (*qcrypto_nettle_init)(void *ctx);
typedef void (*qcrypto_nettle_write)(void *ctx,
diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c
index 1152b741fd..da6b6fa014 100644
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@@ -18,11 +18,7 @@
#include "hmacpriv.h"
#include <nettle/hmac.h>
-#if CONFIG_NETTLE_VERSION_MAJOR < 3
-typedef unsigned int hmac_length_t;
-#else
typedef size_t hmac_length_t;
-#endif
typedef void (*qcrypto_nettle_hmac_setkey)(void *ctx,
hmac_length_t key_length,
--
2.31.1
next prev parent reply other threads:[~2021-05-14 12:09 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-14 12:04 [PATCH v2 00/12] Wave goodbye to RHEL 7 vintage distros Daniel P. Berrangé
2021-05-14 12:04 ` [PATCH v2 01/12] gitlab: drop linux user build job for CentOS 7 Daniel P. Berrangé
2021-05-14 12:13 ` Thomas Huth
2021-05-14 16:47 ` Willian Rampazzo
2021-05-27 15:58 ` Philippe Mathieu-Daudé
2021-05-14 12:04 ` [PATCH v2 02/12] patchew: move quick build job from CentOS 7 to CentOS 8 container Daniel P. Berrangé
2021-05-14 12:18 ` Thomas Huth
2021-05-14 16:46 ` Willian Rampazzo
2021-05-14 12:04 ` Daniel P. Berrangé [this message]
2021-05-14 12:19 ` [PATCH v2 03/12] crypto: bump min nettle to 3.4, dropping RHEL-7 support Thomas Huth
2021-05-14 16:48 ` Willian Rampazzo
2021-05-14 12:04 ` [PATCH v2 04/12] crypto: drop back compatibility typedefs for nettle Daniel P. Berrangé
2021-05-14 16:51 ` Willian Rampazzo
2021-05-14 12:04 ` [PATCH v2 05/12] crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 support Daniel P. Berrangé
2021-05-14 12:23 ` Thomas Huth
2021-05-14 12:04 ` [PATCH v2 06/12] crypto: bump min gnutls to 3.5.18, " Daniel P. Berrangé
2021-05-14 12:27 ` Thomas Huth
2021-05-14 16:52 ` Willian Rampazzo
2021-05-14 12:04 ` [PATCH v2 07/12] crypto: drop used conditional check Daniel P. Berrangé
2021-05-14 12:04 ` [PATCH v2 08/12] tests/vm: convert centos VM recipe to CentOS 8 Daniel P. Berrangé
2021-05-14 17:31 ` Willian Rampazzo
2021-05-17 9:03 ` Daniel P. Berrangé
2021-05-14 12:04 ` [PATCH v2 09/12] tests/docker: drop CentOS 7 container Daniel P. Berrangé
2021-05-14 12:04 ` [PATCH v2 10/12] configure: bump min required glib version to 2.56 Daniel P. Berrangé
2021-05-14 12:29 ` Thomas Huth
2021-05-14 17:34 ` Willian Rampazzo
2021-05-14 12:04 ` [PATCH v2 11/12] configure: bump min required GCC to 7.5.0 Daniel P. Berrangé
2021-05-14 12:29 ` Thomas Huth
2021-05-14 17:35 ` Willian Rampazzo
2021-05-14 12:04 ` [PATCH v2 12/12] configure: bump min required CLang to 6.0 / XCode 10.0 Daniel P. Berrangé
2021-05-14 12:29 ` Philippe Mathieu-Daudé
2021-05-14 17:36 ` Willian Rampazzo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210514120415.1368922-4-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=f4bug@amsat.org \
--cc=qemu-devel@nongnu.org \
--cc=sw@weilnetz.de \
--cc=thuth@redhat.com \
--cc=wainersm@redhat.com \
--cc=willianr@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).