* [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 @ 2016-03-30 14:01 Daniel P. Berrange 2016-03-30 14:01 ` [Qemu-devel] [PULL v1] crypto: do an explicit check for nettle pbkdf functions Daniel P. Berrange 2016-03-30 15:06 ` [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 Peter Maydell 0 siblings, 2 replies; 3+ messages in thread From: Daniel P. Berrange @ 2016-03-30 14:01 UTC (permalink / raw) To: qemu-devel; +Cc: Peter Maydell The following changes since commit 8850dcbfd7664fab86ab49d9c27b6fa700d71618: Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging (2016-03-30 12:30:38 +0100) are available in the git repository at: git://github.com/berrange/qemu.git tags/pull-qcrypto-2016-03-30-1 for you to fetch changes up to fff2f982ab6ac0dd2b641d30303f72270a019f28: crypto: do an explicit check for nettle pbkdf functions (2016-03-30 14:55:11 +0100) ---------------------------------------------------------------- Merge qcrypto fixes 2016/03/30 v1 ---------------------------------------------------------------- Daniel P. Berrange (1): crypto: do an explicit check for nettle pbkdf functions configure | 16 ++++++++++++++++ crypto/Makefile.objs | 4 ++-- 2 files changed, 18 insertions(+), 2 deletions(-) -- 2.5.5 ^ permalink raw reply [flat|nested] 3+ messages in thread
* [Qemu-devel] [PULL v1] crypto: do an explicit check for nettle pbkdf functions 2016-03-30 14:01 [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 Daniel P. Berrange @ 2016-03-30 14:01 ` Daniel P. Berrange 2016-03-30 15:06 ` [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 Peter Maydell 1 sibling, 0 replies; 3+ messages in thread From: Daniel P. Berrange @ 2016-03-30 14:01 UTC (permalink / raw) To: qemu-devel; +Cc: Peter Maydell Support for the PBKDF functions in nettle was not introduced until version 2.6. Some distros QEMU targets have older versions and thus lack PBKDF support. Address this by doing a check in configure for the desired function and then skipping compilation of the nettle-pbkdf.o module Reported-by: Wen Congyang <wency@cn.fujitsu.com> Tested-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- configure | 16 ++++++++++++++++ crypto/Makefile.objs | 4 ++-- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/configure b/configure index 2832ff6..5db29f0 100755 --- a/configure +++ b/configure @@ -308,6 +308,7 @@ gnutls="" gnutls_hash="" gnutls_rnd="" nettle="" +nettle_kdf="no" gcrypt="" gcrypt_kdf="no" vte="" @@ -2335,6 +2336,17 @@ if test "$nettle" != "no"; then libs_tools="$nettle_libs $libs_tools" QEMU_CFLAGS="$QEMU_CFLAGS $nettle_cflags" nettle="yes" + + cat > $TMPC << EOF +#include <nettle/pbkdf2.h> +int main(void) { + pbkdf2_hmac_sha256(8, NULL, 1000, 8, NULL, 8, NULL); + return 0; +} +EOF + if compile_prog "$nettle_cflags" "$nettle_libs" ; then + nettle_kdf=yes + fi else if test "$nettle" = "yes"; then feature_not_found "nettle" "Install nettle devel" @@ -4746,6 +4758,7 @@ if test "$nettle" = "yes"; then else echo "nettle $nettle" fi +echo "nettle kdf $nettle_kdf" echo "libtasn1 $tasn1" echo "VTE support $vte" echo "curses support $curses" @@ -5130,6 +5143,9 @@ fi if test "$nettle" = "yes" ; then echo "CONFIG_NETTLE=y" >> $config_host_mak echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak + if test "$nettle_kdf" = "yes" ; then + echo "CONFIG_NETTLE_KDF=y" >> $config_host_mak + fi fi if test "$tasn1" = "yes" ; then echo "CONFIG_TASN1=y" >> $config_host_mak diff --git a/crypto/Makefile.objs b/crypto/Makefile.objs index 9f2c87e..0737f48 100644 --- a/crypto/Makefile.objs +++ b/crypto/Makefile.objs @@ -11,8 +11,8 @@ crypto-obj-y += secret.o crypto-obj-$(CONFIG_GCRYPT) += random-gcrypt.o crypto-obj-$(if $(CONFIG_GCRYPT),n,$(CONFIG_GNUTLS_RND)) += random-gnutls.o crypto-obj-y += pbkdf.o -crypto-obj-$(CONFIG_NETTLE) += pbkdf-nettle.o -crypto-obj-$(if $(CONFIG_NETTLE),n,$(CONFIG_GCRYPT_KDF)) += pbkdf-gcrypt.o +crypto-obj-$(CONFIG_NETTLE_KDF) += pbkdf-nettle.o +crypto-obj-$(if $(CONFIG_NETTLE_KDF),n,$(CONFIG_GCRYPT_KDF)) += pbkdf-gcrypt.o crypto-obj-y += ivgen.o crypto-obj-y += ivgen-essiv.o crypto-obj-y += ivgen-plain.o -- 2.5.5 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 2016-03-30 14:01 [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 Daniel P. Berrange 2016-03-30 14:01 ` [Qemu-devel] [PULL v1] crypto: do an explicit check for nettle pbkdf functions Daniel P. Berrange @ 2016-03-30 15:06 ` Peter Maydell 1 sibling, 0 replies; 3+ messages in thread From: Peter Maydell @ 2016-03-30 15:06 UTC (permalink / raw) To: Daniel P. Berrange; +Cc: QEMU Developers On 30 March 2016 at 15:01, Daniel P. Berrange <berrange@redhat.com> wrote: > The following changes since commit 8850dcbfd7664fab86ab49d9c27b6fa700d71618: > > Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging (2016-03-30 12:30:38 +0100) > > are available in the git repository at: > > git://github.com/berrange/qemu.git tags/pull-qcrypto-2016-03-30-1 > > for you to fetch changes up to fff2f982ab6ac0dd2b641d30303f72270a019f28: > > crypto: do an explicit check for nettle pbkdf functions (2016-03-30 14:55:11 +0100) > > ---------------------------------------------------------------- > Merge qcrypto fixes 2016/03/30 v1 Applied, thanks. -- PMM ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-03-30 15:06 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2016-03-30 14:01 [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 Daniel P. Berrange 2016-03-30 14:01 ` [Qemu-devel] [PULL v1] crypto: do an explicit check for nettle pbkdf functions Daniel P. Berrange 2016-03-30 15:06 ` [Qemu-devel] [PULL v1] Merge qcrypto fixes 2016/03/30 Peter Maydell
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).