dfaggioli/qemu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

crypto: do an explicit check for nettle pbkdf functions

Browse Source 
Support for the PBKDF functions in nettle was not introduced
until version 2.6. Some distros QEMU targets have older
versions and thus lack PBKDF support. Address this by doing
a check in configure for the desired function and then skipping
compilation of the nettle-pbkdf.o module

Reported-by: Wen Congyang <wency@cn.fujitsu.com>
Tested-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange
2016-03-29 15:47:51 +01:00
parent 8850dcbfd7
commit fff2f982ab
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
configure vendored
View File

@@ -308,6 +308,7 @@ gnutls=""
gnutls_hash="" gnutls_hash=""
gnutls_rnd="" gnutls_rnd=""
nettle="" nettle=""
nettle_kdf="no"
gcrypt="" gcrypt=""
gcrypt_kdf="no" gcrypt_kdf="no"
vte="" vte=""
@@ -2335,6 +2336,17 @@ if test "$nettle" != "no"; then
libs_tools="$nettle_libs $libs_tools" libs_tools="$nettle_libs $libs_tools"
QEMU_CFLAGS="$QEMU_CFLAGS $nettle_cflags" QEMU_CFLAGS="$QEMU_CFLAGS $nettle_cflags"
nettle="yes" nettle="yes"
cat > $TMPC << EOF
#include <nettle/pbkdf2.h>
int main(void) {
pbkdf2_hmac_sha256(8, NULL, 1000, 8, NULL, 8, NULL);
return 0;
}
EOF
if compile_prog "$nettle_cflags" "$nettle_libs" ; then
nettle_kdf=yes
fi
else else
if test "$nettle" = "yes"; then if test "$nettle" = "yes"; then
feature_not_found "nettle" "Install nettle devel" feature_not_found "nettle" "Install nettle devel"
@@ -4746,6 +4758,7 @@ if test "$nettle" = "yes"; then
else else
echo "nettle $nettle" echo "nettle $nettle"
fi fi
echo "nettle kdf $nettle_kdf"
echo "libtasn1 $tasn1" echo "libtasn1 $tasn1"
echo "VTE support $vte" echo "VTE support $vte"
echo "curses support $curses" echo "curses support $curses"
@@ -5130,6 +5143,9 @@ fi
if test "$nettle" = "yes" ; then if test "$nettle" = "yes" ; then
echo "CONFIG_NETTLE=y" >> $config_host_mak echo "CONFIG_NETTLE=y" >> $config_host_mak
echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak
if test "$nettle_kdf" = "yes" ; then
echo "CONFIG_NETTLE_KDF=y" >> $config_host_mak
fi
fi fi
if test "$tasn1" = "yes" ; then if test "$tasn1" = "yes" ; then
echo "CONFIG_TASN1=y" >> $config_host_mak echo "CONFIG_TASN1=y" >> $config_host_mak

4
crypto/Makefile.objs
View File

@@ -11,8 +11,8 @@ crypto-obj-y += secret.o
crypto-obj-$(CONFIG_GCRYPT) += random-gcrypt.o crypto-obj-$(CONFIG_GCRYPT) += random-gcrypt.o
crypto-obj-$(if $(CONFIG_GCRYPT),n,$(CONFIG_GNUTLS_RND)) += random-gnutls.o crypto-obj-$(if $(CONFIG_GCRYPT),n,$(CONFIG_GNUTLS_RND)) += random-gnutls.o
crypto-obj-y += pbkdf.o crypto-obj-y += pbkdf.o
crypto-obj-$(CONFIG_NETTLE) += pbkdf-nettle.o crypto-obj-$(CONFIG_NETTLE_KDF) += pbkdf-nettle.o
crypto-obj-$(if $(CONFIG_NETTLE),n,$(CONFIG_GCRYPT_KDF)) += pbkdf-gcrypt.o crypto-obj-$(if $(CONFIG_NETTLE_KDF),n,$(CONFIG_GCRYPT_KDF)) += pbkdf-gcrypt.o
crypto-obj-y += ivgen.o crypto-obj-y += ivgen.o
crypto-obj-y += ivgen-essiv.o crypto-obj-y += ivgen-essiv.o
crypto-obj-y += ivgen-plain.o crypto-obj-y += ivgen-plain.o