From nobody Mon Apr 29 13:57:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 152819985950686.36903066264813; Tue, 5 Jun 2018 04:57:39 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4B77130CD382; Tue, 5 Jun 2018 11:57:37 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B78775B680; Tue, 5 Jun 2018 11:57:36 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 360181800C9D; Tue, 5 Jun 2018 11:57:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55Bu2gl003473 for ; Tue, 5 Jun 2018 07:56:02 -0400 Received: by smtp.corp.redhat.com (Postfix) id 41B1D2026DEF; Tue, 5 Jun 2018 11:56:02 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id D9BE42026DFD for ; Tue, 5 Jun 2018 11:56:01 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 13:55:54 +0200 Message-Id: <63d8e0847d6a8425471fa48fb2aca203fd7452b8.1528199511.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 1/5] configure: Require GnuTLS X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 05 Jun 2018 11:57:38 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" We are building with GnuTLS everywhere because GnuTLS is widely available. Also, it is desirable to prefer cryptographically strong PRNG over "/dev/urandom" which is just a fallback. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- configure.ac | 2 -- m4/virt-gnutls.m4 | 4 ---- 2 files changed, 6 deletions(-) diff --git a/configure.ac b/configure.ac index 5378e49c0b..e25bf0a6ec 100644 --- a/configure.ac +++ b/configure.ac @@ -216,7 +216,6 @@ fi # RPC, we don't need several libraries. if test "$with_remote" =3D "no" ; then with_libvirtd=3Dno - with_gnutls=3Dno with_ssh2=3Dno with_sasl=3Dno with_libssh=3Dno @@ -250,7 +249,6 @@ LIBVIRT_ARG_DBUS LIBVIRT_ARG_FIREWALLD LIBVIRT_ARG_FUSE LIBVIRT_ARG_GLUSTER -LIBVIRT_ARG_GNUTLS LIBVIRT_ARG_HAL LIBVIRT_ARG_LIBPCAP LIBVIRT_ARG_LIBSSH diff --git a/m4/virt-gnutls.m4 b/m4/virt-gnutls.m4 index 426a1a0348..6829ca55cf 100644 --- a/m4/virt-gnutls.m4 +++ b/m4/virt-gnutls.m4 @@ -17,10 +17,6 @@ dnl License along with this library. If not, see dnl . dnl =20 -AC_DEFUN([LIBVIRT_ARG_GNUTLS],[ - LIBVIRT_ARG_WITH_FEATURE([GNUTLS], [gnutls], [check], [3.2.0]) -]) - AC_DEFUN([LIBVIRT_CHECK_GNUTLS],[ LIBVIRT_CHECK_PKG([GNUTLS], [gnutls], [3.2.0]) =20 --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon Apr 29 13:57:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528199903620796.9673699241943; Tue, 5 Jun 2018 04:58:23 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A609D308212F; Tue, 5 Jun 2018 11:58:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BD3DA308BDB7; Tue, 5 Jun 2018 11:58:19 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 12DC74CA81; Tue, 5 Jun 2018 11:58:19 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55Bu2xU003478 for ; Tue, 5 Jun 2018 07:56:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id D635C2026DEF; Tue, 5 Jun 2018 11:56:02 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7B76D2026DFD for ; Tue, 5 Jun 2018 11:56:02 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 13:55:55 +0200 Message-Id: <1caddc089e1c666fd398380b775109c4b9086313.1528199511.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 2/5] src: Always build virnettlscontext into libvirt-net-rpc.la X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Tue, 05 Jun 2018 11:58:22 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Since GnuTLS is required there is no way to go with !WITH_GNUTLS branch and just distribute these files. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/libvirt_gnutls.syms | 17 ----------------- src/libvirt_remote.syms | 17 +++++++++++++++++ src/rpc/Makefile.inc.am | 14 ++------------ 3 files changed, 19 insertions(+), 29 deletions(-) diff --git a/src/libvirt_gnutls.syms b/src/libvirt_gnutls.syms index 6eb674101f..1adf3af164 100644 --- a/src/libvirt_gnutls.syms +++ b/src/libvirt_gnutls.syms @@ -25,23 +25,6 @@ virNetServerServiceGetTLSContext; virNetSocketSetTLSSession; =20 =20 -# rpc/virnettlscontext.h -virNetTLSContextCheckCertificate; -virNetTLSContextNewClient; -virNetTLSContextNewClientPath; -virNetTLSContextNewServer; -virNetTLSContextNewServerPath; -virNetTLSInit; -virNetTLSSessionGetHandshakeStatus; -virNetTLSSessionGetKeySize; -virNetTLSSessionGetX509DName; -virNetTLSSessionHandshake; -virNetTLSSessionNew; -virNetTLSSessionRead; -virNetTLSSessionSetIOCallbacks; -virNetTLSSessionWrite; - - # Let emacs know we want case-insensitive sorting # Local Variables: # sort-fold-case: t diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index 97e22275b9..cab93ab27f 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -257,6 +257,23 @@ virNetSocketUpdateIOCallback; virNetSocketWrite; =20 =20 +# rpc/virnettlscontext.h +virNetTLSContextCheckCertificate; +virNetTLSContextNewClient; +virNetTLSContextNewClientPath; +virNetTLSContextNewServer; +virNetTLSContextNewServerPath; +virNetTLSInit; +virNetTLSSessionGetHandshakeStatus; +virNetTLSSessionGetKeySize; +virNetTLSSessionGetX509DName; +virNetTLSSessionHandshake; +virNetTLSSessionNew; +virNetTLSSessionRead; +virNetTLSSessionSetIOCallbacks; +virNetTLSSessionWrite; + + # Let emacs know we want case-insensitive sorting # Local Variables: # sort-fold-case: t diff --git a/src/rpc/Makefile.inc.am b/src/rpc/Makefile.inc.am index 14c798d05d..b8c80528d2 100644 --- a/src/rpc/Makefile.inc.am +++ b/src/rpc/Makefile.inc.am @@ -31,6 +31,8 @@ libvirt_la_BUILT_LIBADD +=3D \ libvirt_net_rpc_la_SOURCES =3D \ rpc/virnetmessage.h \ rpc/virnetmessage.c \ + rpc/virnettlscontext.h \ + rpc/virnettlscontext.c \ rpc/virnetsocket.h \ rpc/virnetsocket.c \ rpc/virkeepalive.h \ @@ -50,18 +52,6 @@ EXTRA_DIST +=3D \ $(NULL) endif ! WITH_SSH2 =20 -if WITH_GNUTLS -libvirt_net_rpc_la_SOURCES +=3D \ - rpc/virnettlscontext.h \ - rpc/virnettlscontext.c \ - $(NULL) -else ! WITH_GNUTLS -EXTRA_DIST +=3D \ - rpc/virnettlscontext.h \ - rpc/virnettlscontext.c \ - $(NULL) -endif ! WITH_GNUTLS - if WITH_SASL libvirt_net_rpc_la_SOURCES +=3D \ rpc/virnetsaslcontext.h \ --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon Apr 29 13:57:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528199877915716.1232768684939; Tue, 5 Jun 2018 04:57:57 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 999723149F30; Tue, 5 Jun 2018 11:57:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DCF485D961; Tue, 5 Jun 2018 11:57:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id ABF8D1800FC1; Tue, 5 Jun 2018 11:57:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55Bu3sj003489 for ; Tue, 5 Jun 2018 07:56:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id 78C852026DEF; Tue, 5 Jun 2018 11:56:03 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1E0B32026DFD for ; Tue, 5 Jun 2018 11:56:02 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 13:55:56 +0200 Message-Id: <6a4c1a6f71e075b17717a7d514ffe491988f8d11.1528199511.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 3/5] src: Dissolve libvirt_gnutls.syms in libvirt_remote.syms X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]); Tue, 05 Jun 2018 11:57:56 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Now that GnuTLS is required these symbols are going to be present all the time. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/Makefile.am | 6 ------ src/libvirt_gnutls.syms | 31 ------------------------------- src/libvirt_remote.syms | 8 ++++++++ 3 files changed, 8 insertions(+), 37 deletions(-) delete mode 100644 src/libvirt_gnutls.syms diff --git a/src/Makefile.am b/src/Makefile.am index b2db1e9db9..db8c8ebd1a 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -453,12 +453,6 @@ else ! WITH_SASL SYM_FILES +=3D $(srcdir)/libvirt_sasl.syms endif ! WITH_SASL =20 -if WITH_GNUTLS -USED_SYM_FILES +=3D $(srcdir)/libvirt_gnutls.syms -else ! WITH_GNUTLS -SYM_FILES +=3D $(srcdir)/libvirt_gnutls.syms -endif ! WITH_GNUTLS - if WITH_SSH2 USED_SYM_FILES +=3D $(srcdir)/libvirt_libssh2.syms else ! WITH_SSH2 diff --git a/src/libvirt_gnutls.syms b/src/libvirt_gnutls.syms deleted file mode 100644 index 1adf3af164..0000000000 --- a/src/libvirt_gnutls.syms +++ /dev/null @@ -1,31 +0,0 @@ -# -# GNUTLS-specific symbols -# - -# rpc/virnetclient.h -virNetClientGetTLSKeySize; -virNetClientSetTLSSession; - - -# rpc/virnetserver.h -virNetServerSetTLSContext; - - -# rpc/virnetserverclient.h -virNetServerClientGetTLSKeySize; -virNetServerClientGetTLSSession; -virNetServerClientHasTLSSession; - - -# rpc/virnetserverservice.h -virNetServerServiceGetTLSContext; - - -# rpc/virnetsocket.h -virNetSocketSetTLSSession; - - -# Let emacs know we want case-insensitive sorting -# Local Variables: -# sort-fold-case: t -# End: diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index cab93ab27f..9a33626ec6 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -20,6 +20,7 @@ virNetClientAddStream; virNetClientClose; virNetClientDupFD; virNetClientGetFD; +virNetClientGetTLSKeySize; virNetClientHasPassFD; virNetClientIsEncrypted; virNetClientIsOpen; @@ -41,6 +42,7 @@ virNetClientSendNoReply; virNetClientSendWithReply; virNetClientSendWithReplyStream; virNetClientSetCloseCallback; +virNetClientSetTLSSession; =20 =20 # rpc/virnetclientprogram.h @@ -130,6 +132,7 @@ virNetServerProcessClients; virNetServerSetClientAuthenticated; virNetServerSetClientLimits; virNetServerSetThreadPoolParameters; +virNetServerSetTLSContext; virNetServerStart; virNetServerUpdateServices; =20 @@ -148,8 +151,11 @@ virNetServerClientGetPrivateData; virNetServerClientGetReadonly; virNetServerClientGetSELinuxContext; virNetServerClientGetTimestamp; +virNetServerClientGetTLSKeySize; +virNetServerClientGetTLSSession; virNetServerClientGetTransport; virNetServerClientGetUNIXIdentity; +virNetServerClientHasTLSSession; virNetServerClientImmediateClose; virNetServerClientInit; virNetServerClientInitKeepAlive; @@ -207,6 +213,7 @@ virNetServerServiceClose; virNetServerServiceGetAuth; virNetServerServiceGetMaxRequests; virNetServerServiceGetPort; +virNetServerServiceGetTLSContext; virNetServerServiceIsReadonly; virNetServerServiceNewFD; virNetServerServiceNewFDOrUNIX; @@ -253,6 +260,7 @@ virNetSocketRemoteAddrStringURI; virNetSocketRemoveIOCallback; virNetSocketSendFD; virNetSocketSetBlocking; +virNetSocketSetTLSSession; virNetSocketUpdateIOCallback; virNetSocketWrite; =20 --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon Apr 29 13:57:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528199893512819.6478188219987; Tue, 5 Jun 2018 04:58:13 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3149030CD393; Tue, 5 Jun 2018 11:58:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 791316092C; Tue, 5 Jun 2018 11:58:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 94FAC180BA81; Tue, 5 Jun 2018 11:58:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55Bu4bn003498 for ; Tue, 5 Jun 2018 07:56:04 -0400 Received: by smtp.corp.redhat.com (Postfix) id 1B5FC2026DEF; Tue, 5 Jun 2018 11:56:04 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id B4F482026DFD for ; Tue, 5 Jun 2018 11:56:03 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 13:55:57 +0200 Message-Id: <0b26b41d017c29362403d070a5171e77abf00e6e.1528199511.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 4/5] tests: Always build TLS related tests X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 05 Jun 2018 11:58:12 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Since GnuTLS is required there is no way to go with !WITH_GNUTLS branch and just distribute these files. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- tests/Makefile.am | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 1ce3dbb50f..99c79e3208 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -227,10 +227,9 @@ test_programs +=3D \ virnetsockettest \ virnetdaemontest \ virnetserverclienttest \ + virnettlscontexttest \ + virnettlssessiontest \ $(NULL) -if WITH_GNUTLS -test_programs +=3D virnettlscontexttest virnettlssessiontest -endif WITH_GNUTLS endif WITH_REMOTE =20 if WITH_LINUX @@ -1027,7 +1026,6 @@ virnetserverclientmock_la_SOURCES =3D \ virnetserverclientmock_la_LDFLAGS =3D $(MOCKLIBS_LDFLAGS) virnetserverclientmock_la_LIBADD =3D $(MOCKLIBS_LIBS) =20 -if WITH_GNUTLS virnettlscontexttest_SOURCES =3D \ virnettlscontexttest.c \ virnettlshelpers.h virnettlshelpers.c \ @@ -1046,12 +1044,6 @@ virnettlssessiontest_LDADD +=3D -ltasn1 else ! HAVE_LIBTASN1 EXTRA_DIST +=3D pkix_asn1_tab.c endif ! HAVE_LIBTASN1 -else ! WITH_GNUTLS -EXTRA_DIST +=3D \ - virnettlscontexttest.c virnettlssessiontest.c \ - virnettlshelpers.h virnettlshelpers.c \ - testutils.h testutils.c pkix_asn1_tab.c -endif ! WITH_GNUTLS =20 virtimetest_SOURCES =3D \ virtimetest.c testutils.h testutils.c --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon Apr 29 13:57:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528199914102954.0751540517124; Tue, 5 Jun 2018 04:58:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E970AD6F1C; Tue, 5 Jun 2018 11:58:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0E15B10694C3; Tue, 5 Jun 2018 11:58:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 415C8180BA81; Tue, 5 Jun 2018 11:58:27 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55Bu51F003506 for ; Tue, 5 Jun 2018 07:56:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id EE0B42026DEF; Tue, 5 Jun 2018 11:56:04 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5865B2026DFD for ; Tue, 5 Jun 2018 11:56:04 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 13:55:58 +0200 Message-Id: <4444f5e38bea9ea871240f873d94c90065759f4b.1528199511.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 5/5] src: Drop most of #ifdef WITH_GNUTLS X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 05 Jun 2018 11:58:32 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Now that GnuTLS is a requirement, we can drop a lot of conditionally built code. However, not all ifdef-s can go because we still want libvirt_setuid to build without gnutls. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/locking/lock_daemon.c | 4 --- src/logging/log_daemon.c | 4 --- src/lxc/lxc_controller.c | 2 -- src/qemu/qemu_migration_cookie.c | 12 +++----- src/remote/remote_daemon.c | 23 --------------- src/remote/remote_daemon_dispatch.c | 2 -- src/rpc/virnetdaemon.h | 4 +-- src/rpc/virnetserver.c | 6 ---- src/rpc/virnetserver.h | 6 +--- src/rpc/virnetserverclient.c | 57 +++------------------------------= ---- src/rpc/virnetserverclient.h | 8 ------ src/rpc/virnetserverservice.c | 24 ---------------- src/rpc/virnetserverservice.h | 10 ------- src/util/vircrypto.c | 43 ++-------------------------- tests/qemuxml2argvtest.c | 15 ---------- tests/vircryptotest.c | 24 +++++----------- tests/virfilecachetest.c | 18 +++--------- tests/virnetdaemontest.c | 8 ------ tests/virnetserverclienttest.c | 2 -- tests/virrandommock.c | 8 ++---- 20 files changed, 27 insertions(+), 253 deletions(-) diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index 78c33bd29c..272d2e3ae9 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -619,9 +619,7 @@ virLockDaemonSetupNetworkingSystemD(virNetServerPtr loc= kSrv, virNetServerPtr adm /* Systemd passes FDs, starting immediately after stderr, * so the first FD we'll get is '3'. */ if (!(svc =3D virNetServerServiceNewFD(3 + i, 0, -#if WITH_GNUTLS NULL, -#endif false, 0, 1))) return -1; =20 @@ -642,9 +640,7 @@ virLockDaemonSetupNetworkingNative(virNetServerPtr srv,= const char *sock_path) VIR_DEBUG("Setting up networking natively"); =20 if (!(svc =3D virNetServerServiceNewUNIX(sock_path, 0700, 0, 0, -#if WITH_GNUTLS NULL, -#endif false, 0, 1))) return -1; =20 diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c index 91bd9d0b90..4415a61d03 100644 --- a/src/logging/log_daemon.c +++ b/src/logging/log_daemon.c @@ -554,9 +554,7 @@ virLogDaemonSetupNetworkingSystemD(virNetServerPtr logS= rv, virNetServerPtr admin /* Systemd passes FDs, starting immediately after stderr, * so the first FD we'll get is '3'. */ if (!(svc =3D virNetServerServiceNewFD(3 + i, 0, -#if WITH_GNUTLS NULL, -#endif false, 0, 1))) return -1; =20 @@ -577,9 +575,7 @@ virLogDaemonSetupNetworkingNative(virNetServerPtr srv, = const char *sock_path) VIR_DEBUG("Setting up networking natively"); =20 if (!(svc =3D virNetServerServiceNewUNIX(sock_path, 0700, 0, 0, -#if WITH_GNUTLS NULL, -#endif false, 0, 1))) return -1; =20 diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index d5636b808c..03077af1ec 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -957,9 +957,7 @@ static int virLXCControllerSetupServer(virLXCController= Ptr ctrl) 0700, 0, 0, -#if WITH_GNUTLS NULL, -#endif false, 0, 5))) diff --git a/src/qemu/qemu_migration_cookie.c b/src/qemu/qemu_migration_coo= kie.c index eca1b74d63..60df449d53 100644 --- a/src/qemu/qemu_migration_cookie.c +++ b/src/qemu/qemu_migration_cookie.c @@ -18,10 +18,8 @@ =20 #include =20 -#ifdef WITH_GNUTLS -# include -# include -#endif +#include +#include =20 #include "locking/domain_lock.h" #include "viralloc.h" @@ -131,7 +129,6 @@ qemuMigrationCookieFree(qemuMigrationCookiePtr mig) } =20 =20 -#ifdef WITH_GNUTLS static char * qemuDomainExtractTLSSubject(const char *certdir) { @@ -188,7 +185,7 @@ qemuDomainExtractTLSSubject(const char *certdir) VIR_FREE(pemdata); return NULL; } -#endif + =20 static qemuMigrationCookieGraphicsPtr qemuMigrationCookieGraphicsSpiceAlloc(virQEMUDriverPtr driver, @@ -212,11 +209,10 @@ qemuMigrationCookieGraphicsSpiceAlloc(virQEMUDriverPt= r driver, if (!glisten || !(listenAddr =3D glisten->address)) listenAddr =3D cfg->spiceListen; =20 -#ifdef WITH_GNUTLS if (cfg->spiceTLS && !(mig->tlsSubject =3D qemuDomainExtractTLSSubject(cfg->spiceTLSx50= 9certdir))) goto error; -#endif + if (VIR_STRDUP(mig->listen, listenAddr) < 0) goto error; =20 diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 27377fe3bc..21ab22499d 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -375,9 +375,7 @@ daemonSetupNetworking(virNetServerPtr srv, virNetServerServicePtr svcAdm =3D NULL; virNetServerServicePtr svcRO =3D NULL; virNetServerServicePtr svcTCP =3D NULL; -#if WITH_GNUTLS virNetServerServicePtr svcTLS =3D NULL; -#endif gid_t unix_sock_gid =3D 0; int unix_sock_ro_mask =3D 0; int unix_sock_rw_mask =3D 0; @@ -416,9 +414,7 @@ daemonSetupNetworking(virNetServerPtr srv, unix_sock_rw_mask, unix_sock_gid, config->auth_unix_rw, -#if WITH_GNUTLS NULL, -#endif false, config->max_queued_clients, config->max_client_requests, @@ -429,9 +425,7 @@ daemonSetupNetworking(virNetServerPtr srv, unix_sock_ro_mask, unix_sock_gid, config->auth_unix_ro, -#if WITH_GNUTLS NULL, -#endif true, config->max_queued_cl= ients, config->max_client_re= quests, @@ -455,9 +449,7 @@ daemonSetupNetworking(virNetServerPtr srv, unix_sock_adm_mask, unix_sock_gid, REMOTE_AUTH_NONE, -#if WITH_GNUTLS NULL, -#endif false, config->admin_max_queued= _clients, config->admin_max_client= _requests))) @@ -475,9 +467,7 @@ daemonSetupNetworking(virNetServerPtr srv, config->tcp_port, AF_UNSPEC, config->auth_tcp, -#if WITH_GNUTLS NULL, -#endif false, config->max_queued_cl= ients, config->max_client_re= quests))) @@ -488,7 +478,6 @@ daemonSetupNetworking(virNetServerPtr srv, goto cleanup; } =20 -#if WITH_GNUTLS if (config->listen_tls) { virNetTLSContextPtr ctxt =3D NULL; =20 @@ -552,22 +541,12 @@ daemonSetupNetworking(virNetServerPtr srv, =20 virObjectUnref(ctxt); } -#else - (void)privileged; - if (config->listen_tls) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("This libvirtd build does not support TLS")); - goto cleanup; - } -#endif } =20 #if WITH_SASL if (config->auth_unix_rw =3D=3D REMOTE_AUTH_SASL || (sock_path_ro && config->auth_unix_ro =3D=3D REMOTE_AUTH_SASL) || -# if WITH_GNUTLS (ipsock && config->listen_tls && config->auth_tls =3D=3D REMOTE_AU= TH_SASL) || -# endif (ipsock && config->listen_tcp && config->auth_tcp =3D=3D REMOTE_AU= TH_SASL)) { saslCtxt =3D virNetSASLContextNewServer( (const char *const*)config->sasl_allowed_username_list); @@ -579,9 +558,7 @@ daemonSetupNetworking(virNetServerPtr srv, ret =3D 0; =20 cleanup: -#if WITH_GNUTLS virObjectUnref(svcTLS); -#endif virObjectUnref(svcTCP); virObjectUnref(svcRO); virObjectUnref(svcAdm); diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon= _dispatch.c index a8a5932d71..81d0445e43 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -3353,7 +3353,6 @@ remoteDispatchAuthSaslInit(virNetServerPtr server ATT= RIBUTE_UNUSED, if (!sasl) goto authfail; =20 -# if WITH_GNUTLS /* Inform SASL that we've got an external SSF layer from TLS */ if (virNetServerClientHasTLSSession(client)) { int ssf; @@ -3367,7 +3366,6 @@ remoteDispatchAuthSaslInit(virNetServerPtr server ATT= RIBUTE_UNUSED, if (virNetSASLSessionExtKeySize(sasl, ssf) < 0) goto authfail; } -# endif =20 if (virNetServerClientIsSecure(client)) /* If we've got TLS or UNIX domain sock, we don't care about SSF */ diff --git a/src/rpc/virnetdaemon.h b/src/rpc/virnetdaemon.h index 6576c463b5..09ed5adf36 100644 --- a/src/rpc/virnetdaemon.h +++ b/src/rpc/virnetdaemon.h @@ -25,9 +25,7 @@ =20 # include =20 -# ifdef WITH_GNUTLS -# include "virnettlscontext.h" -# endif +# include "virnettlscontext.h" # include "virobject.h" # include "virjson.h" # include "virnetserverprogram.h" diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c index 5aeb188900..5c7f7dd08f 100644 --- a/src/rpc/virnetserver.c +++ b/src/rpc/virnetserver.c @@ -73,9 +73,7 @@ struct _virNetServer { int keepaliveInterval; unsigned int keepaliveCount; =20 -#ifdef WITH_GNUTLS virNetTLSContextPtr tls; -#endif =20 virNetServerClientPrivNew clientPrivNew; virNetServerClientPrivPreExecRestart clientPrivPreExecRestart; @@ -320,9 +318,7 @@ static int virNetServerDispatchNewClient(virNetServerSe= rvicePtr svc, virNetServerServiceGetAuth(svc), virNetServerServiceIsReadonly(svc= ), virNetServerServiceGetMaxRequests= (svc), -#if WITH_GNUTLS virNetServerServiceGetTLSContext(= svc), -#endif srv->clientPrivNew, srv->clientPrivPreExecRestart, srv->clientPrivFree, @@ -728,14 +724,12 @@ int virNetServerAddProgram(virNetServerPtr srv, return -1; } =20 -#if WITH_GNUTLS int virNetServerSetTLSContext(virNetServerPtr srv, virNetTLSContextPtr tls) { srv->tls =3D virObjectRef(tls); return 0; } -#endif =20 =20 /** diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h index a79c39fdb2..26cec43c22 100644 --- a/src/rpc/virnetserver.h +++ b/src/rpc/virnetserver.h @@ -24,9 +24,7 @@ #ifndef __VIR_NET_SERVER_H__ # define __VIR_NET_SERVER_H__ =20 -# ifdef WITH_GNUTLS -# include "virnettlscontext.h" -# endif +# include "virnettlscontext.h" # include "virnetserverprogram.h" # include "virnetserverclient.h" # include "virnetserverservice.h" @@ -71,10 +69,8 @@ int virNetServerAddService(virNetServerPtr srv, int virNetServerAddProgram(virNetServerPtr srv, virNetServerProgramPtr prog); =20 -# if WITH_GNUTLS int virNetServerSetTLSContext(virNetServerPtr srv, virNetTLSContextPtr tls); -# endif =20 =20 int virNetServerAddClient(virNetServerPtr srv, diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c index ffd4fbc5e6..97cf126f56 100644 --- a/src/rpc/virnetserverclient.c +++ b/src/rpc/virnetserverclient.c @@ -73,10 +73,8 @@ struct _virNetServerClient int auth; bool auth_pending; bool readonly; -#if WITH_GNUTLS virNetTLSContextPtr tlsCtxt; virNetTLSSessionPtr tls; -#endif #if WITH_SASL virNetSASLSessionPtr sasl; #endif @@ -154,18 +152,13 @@ virNetServerClientCalculateHandleMode(virNetServerCli= entPtr client) =20 =20 VIR_DEBUG("tls=3D%p hs=3D%d, rx=3D%p tx=3D%p", -#ifdef WITH_GNUTLS client->tls, client->tls ? virNetTLSSessionGetHandshakeStatus(client->tls= ) : -1, -#else - NULL, -1, -#endif client->rx, client->tx); if (!client->sock || client->wantClose) return 0; =20 -#if WITH_GNUTLS if (client->tls) { switch (virNetTLSSessionGetHandshakeStatus(client->tls)) { case VIR_NET_TLS_HANDSHAKE_RECVING: @@ -182,7 +175,6 @@ virNetServerClientCalculateHandleMode(virNetServerClien= tPtr client) mode |=3D VIR_EVENT_HANDLE_WRITABLE; } } else { -#endif /* If there is a message on the rx queue, and * we're not in middle of a delayedClose, then * we're wanting more input */ @@ -193,9 +185,7 @@ virNetServerClientCalculateHandleMode(virNetServerClien= tPtr client) then monitor for writability on socket */ if (client->tx) mode |=3D VIR_EVENT_HANDLE_WRITABLE; -#if WITH_GNUTLS } -#endif VIR_DEBUG("mode=3D0%o", mode); return mode; } @@ -300,7 +290,6 @@ void virNetServerClientRemoveFilter(virNetServerClientP= tr client, } =20 =20 -#ifdef WITH_GNUTLS /* Check the client's access. */ static int virNetServerClientCheckAccess(virNetServerClientPtr client) @@ -335,7 +324,7 @@ virNetServerClientCheckAccess(virNetServerClientPtr cli= ent) =20 return 0; } -#endif + =20 static void virNetServerClientDispatchMessage(virNetServerClientPtr client, virNetMessagePtr msg) @@ -396,9 +385,7 @@ virNetServerClientNewInternal(unsigned long long id, virNetSocketPtr sock, int auth, bool auth_pending, -#ifdef WITH_GNUTLS virNetTLSContextPtr tls, -#endif bool readonly, size_t nrequests_max, long long timestamp) @@ -416,9 +403,7 @@ virNetServerClientNewInternal(unsigned long long id, client->auth =3D auth; client->auth_pending =3D auth_pending; client->readonly =3D readonly; -#ifdef WITH_GNUTLS client->tlsCtxt =3D virObjectRef(tls); -#endif client->nrequests_max =3D nrequests_max; client->conn_time =3D timestamp; =20 @@ -452,9 +437,7 @@ virNetServerClientPtr virNetServerClientNew(unsigned lo= ng long id, int auth, bool readonly, size_t nrequests_max, -#ifdef WITH_GNUTLS virNetTLSContextPtr tls, -#endif virNetServerClientPrivNew priv= New, virNetServerClientPrivPreExecR= estart privPreExecRestart, virFreeCallback privFree, @@ -464,13 +447,7 @@ virNetServerClientPtr virNetServerClientNew(unsigned l= ong long id, time_t now; bool auth_pending =3D !virNetServerClientAuthMethodImpliesAuthenticate= d(auth); =20 - VIR_DEBUG("sock=3D%p auth=3D%d tls=3D%p", sock, auth, -#ifdef WITH_GNUTLS - tls -#else - NULL -#endif - ); + VIR_DEBUG("sock=3D%p auth=3D%d tls=3D%p", sock, auth, tls); =20 if ((now =3D time(NULL)) =3D=3D (time_t)-1) { virReportSystemError(errno, "%s", _("failed to get current time")); @@ -478,10 +455,7 @@ virNetServerClientPtr virNetServerClientNew(unsigned l= ong long id, } =20 if (!(client =3D virNetServerClientNewInternal(id, sock, auth, auth_pe= nding, -#ifdef WITH_GNUTLS - tls, -#endif - readonly, nrequests_max, + tls, readonly, nrequests_= max, now))) return NULL; =20 @@ -586,9 +560,7 @@ virNetServerClientPtr virNetServerClientNewPostExecRest= art(virNetServerPtr srv, sock, auth, auth_pending, -#ifdef WITH_GNUTLS NULL, -#endif readonly, nrequests_max, timestamp))) { @@ -720,7 +692,6 @@ long long virNetServerClientGetTimestamp(virNetServerCl= ientPtr client) return client->conn_time; } =20 -#ifdef WITH_GNUTLS bool virNetServerClientHasTLSSession(virNetServerClientPtr client) { bool has; @@ -749,7 +720,6 @@ int virNetServerClientGetTLSKeySize(virNetServerClientP= tr client) virObjectUnlock(client); return size; } -#endif =20 int virNetServerClientGetFD(virNetServerClientPtr client) { @@ -837,13 +807,11 @@ virNetServerClientCreateIdentity(virNetServerClientPt= r client) } #endif =20 -#if WITH_GNUTLS if (client->tls) { const char *identity =3D virNetTLSSessionGetX509DName(client->tls); if (virIdentitySetX509DName(ret, identity) < 0) goto error; } -#endif =20 if (client->sock && virNetSocketGetSELinuxContext(client->sock, &seccontext) < 0) @@ -895,10 +863,8 @@ bool virNetServerClientIsSecure(virNetServerClientPtr = client) { bool secure =3D false; virObjectLock(client); -#if WITH_GNUTLS if (client->tls) secure =3D true; -#endif #if WITH_SASL if (client->sasl) secure =3D true; @@ -1019,10 +985,8 @@ void virNetServerClientDispose(void *obj) #endif if (client->sockTimer > 0) virEventRemoveTimeout(client->sockTimer); -#if WITH_GNUTLS virObjectUnref(client->tls); virObjectUnref(client->tlsCtxt); -#endif virObjectUnref(client->sock); } =20 @@ -1071,12 +1035,10 @@ virNetServerClientCloseLocked(virNetServerClientPtr= client) if (client->sock) virNetSocketRemoveIOCallback(client->sock); =20 -#if WITH_GNUTLS if (client->tls) { virObjectUnref(client->tls); client->tls =3D NULL; } -#endif client->wantClose =3D true; =20 while (client->rx) { @@ -1139,13 +1101,10 @@ int virNetServerClientInit(virNetServerClientPtr cl= ient) { virObjectLock(client); =20 -#if WITH_GNUTLS if (!client->tlsCtxt) { -#endif /* Plain socket, so prepare to read first message */ if (virNetServerClientRegisterEvent(client) < 0) goto error; -#if WITH_GNUTLS } else { int ret; =20 @@ -1174,7 +1133,6 @@ int virNetServerClientInit(virNetServerClientPtr clie= nt) goto error; } } -#endif =20 virObjectUnlock(client); return 0; @@ -1475,7 +1433,6 @@ virNetServerClientDispatchWrite(virNetServerClientPtr= client) } =20 =20 -#if WITH_GNUTLS static void virNetServerClientDispatchHandshake(virNetServerClientPtr client) { @@ -1498,7 +1455,7 @@ virNetServerClientDispatchHandshake(virNetServerClien= tPtr client) client->wantClose =3D true; } } -#endif + =20 static void virNetServerClientDispatchEvent(virNetSocketPtr sock, int events, void *op= aque) @@ -1516,21 +1473,17 @@ virNetServerClientDispatchEvent(virNetSocketPtr soc= k, int events, void *opaque) =20 if (events & (VIR_EVENT_HANDLE_WRITABLE | VIR_EVENT_HANDLE_READABLE)) { -#if WITH_GNUTLS if (client->tls && virNetTLSSessionGetHandshakeStatus(client->tls) !=3D VIR_NET_TLS_HANDSHAKE_COMPLETE) { virNetServerClientDispatchHandshake(client); } else { -#endif if (events & VIR_EVENT_HANDLE_WRITABLE) virNetServerClientDispatchWrite(client); if (events & VIR_EVENT_HANDLE_READABLE && client->rx) msg =3D virNetServerClientDispatchRead(client); -#if WITH_GNUTLS } -#endif } =20 /* NB, will get HANGUP + READABLE at same time upon @@ -1687,10 +1640,8 @@ virNetServerClientGetTransport(virNetServerClientPtr= client) else ret =3D VIR_CLIENT_TRANS_TCP; =20 -#ifdef WITH_GNUTLS if (client->tls) ret =3D VIR_CLIENT_TRANS_TLS; -#endif =20 virObjectUnlock(client); =20 diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h index b21446eeb7..b7ff660eef 100644 --- a/src/rpc/virnetserverclient.h +++ b/src/rpc/virnetserverclient.h @@ -69,18 +69,12 @@ virNetServerClientPtr virNetServerClientNew(unsigned lo= ng long id, int auth, bool readonly, size_t nrequests_max, -# ifdef WITH_GNUTLS virNetTLSContextPtr tls, -# endif virNetServerClientPrivNew priv= New, virNetServerClientPrivPreExecR= estart privPreExecRestart, virFreeCallback privFree, void *privOpaque) -# ifdef WITH_GNUTLS ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(7) ATTRIBUTE_NONNULL(9); -# else - ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6) ATTRIBUTE_NONNULL(8); -# endif =20 virNetServerClientPtr virNetServerClientNewPostExecRestart(virNetServerPtr= srv, virJSONValuePtr= object, @@ -107,11 +101,9 @@ void virNetServerClientSetReadonly(virNetServerClientP= tr client, bool readonly); unsigned long long virNetServerClientGetID(virNetServerClientPtr client); long long virNetServerClientGetTimestamp(virNetServerClientPtr client); =20 -# ifdef WITH_GNUTLS bool virNetServerClientHasTLSSession(virNetServerClientPtr client); virNetTLSSessionPtr virNetServerClientGetTLSSession(virNetServerClientPtr = client); int virNetServerClientGetTLSKeySize(virNetServerClientPtr client); -# endif =20 # ifdef WITH_SASL bool virNetServerClientHasSASLSession(virNetServerClientPtr client); diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c index 23fc23cab4..e6762366ab 100644 --- a/src/rpc/virnetserverservice.c +++ b/src/rpc/virnetserverservice.c @@ -43,9 +43,7 @@ struct _virNetServerService { bool readonly; size_t nrequests_client_max; =20 -#if WITH_GNUTLS virNetTLSContextPtr tls; -#endif =20 virNetServerServiceDispatchFunc dispatchFunc; void *dispatchOpaque; @@ -94,9 +92,7 @@ virNetServerServiceNewFDOrUNIX(const char *path, mode_t mask, gid_t grp, int auth, -#if WITH_GNUTLS virNetTLSContextPtr tls, -#endif bool readonly, size_t max_queued_clients, size_t nrequests_client_max, @@ -112,9 +108,7 @@ virNetServerServiceNewFDOrUNIX(const char *path, mask, grp, auth, -#if WITH_GNUTLS tls, -#endif readonly, max_queued_clients, nrequests_client_max); @@ -128,9 +122,7 @@ virNetServerServiceNewFDOrUNIX(const char *path, */ return virNetServerServiceNewFD((*cur_fd)++, auth, -#if WITH_GNUTLS tls, -#endif readonly, max_queued_clients, nrequests_client_max); @@ -142,9 +134,7 @@ virNetServerServicePtr virNetServerServiceNewTCP(const = char *nodename, const char *service, int family, int auth, -#if WITH_GNUTLS virNetTLSContextPtr tls, -#endif bool readonly, size_t max_queued_clients, size_t nrequests_client_m= ax) @@ -161,9 +151,7 @@ virNetServerServicePtr virNetServerServiceNewTCP(const = char *nodename, svc->auth =3D auth; svc->readonly =3D readonly; svc->nrequests_client_max =3D nrequests_client_max; -#if WITH_GNUTLS svc->tls =3D virObjectRef(tls); -#endif =20 if (virNetSocketNewListenTCP(nodename, service, @@ -202,9 +190,7 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, mode_t mask, gid_t grp, int auth, -#if WITH_GNUTLS virNetTLSContextPtr tls, -#endif bool readonly, size_t max_queued_client= s, size_t nrequests_client_= max) @@ -221,9 +207,7 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, svc->auth =3D auth; svc->readonly =3D readonly; svc->nrequests_client_max =3D nrequests_client_max; -#if WITH_GNUTLS svc->tls =3D virObjectRef(tls); -#endif =20 if (VIR_ALLOC_N(svc->socks, 1) < 0) goto error; @@ -263,9 +247,7 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, =20 virNetServerServicePtr virNetServerServiceNewFD(int fd, int auth, -#if WITH_GNUTLS virNetTLSContextPtr tls, -#endif bool readonly, size_t max_queued_clients, size_t nrequests_client_ma= x) @@ -282,9 +264,7 @@ virNetServerServicePtr virNetServerServiceNewFD(int fd, svc->auth =3D auth; svc->readonly =3D readonly; svc->nrequests_client_max =3D nrequests_client_max; -#if WITH_GNUTLS svc->tls =3D virObjectRef(tls); -#endif =20 if (VIR_ALLOC_N(svc->socks, 1) < 0) goto error; @@ -469,12 +449,10 @@ size_t virNetServerServiceGetMaxRequests(virNetServer= ServicePtr svc) return svc->nrequests_client_max; } =20 -#if WITH_GNUTLS virNetTLSContextPtr virNetServerServiceGetTLSContext(virNetServerServicePt= r svc) { return svc->tls; } -#endif =20 void virNetServerServiceSetDispatcher(virNetServerServicePtr svc, virNetServerServiceDispatchFunc func, @@ -494,9 +472,7 @@ void virNetServerServiceDispose(void *obj) virObjectUnref(svc->socks[i]); VIR_FREE(svc->socks); =20 -#if WITH_GNUTLS virObjectUnref(svc->tls); -#endif } =20 void virNetServerServiceToggle(virNetServerServicePtr svc, diff --git a/src/rpc/virnetserverservice.h b/src/rpc/virnetserverservice.h index 5d8c583db2..a50cb19b6d 100644 --- a/src/rpc/virnetserverservice.h +++ b/src/rpc/virnetserverservice.h @@ -41,9 +41,7 @@ virNetServerServicePtr virNetServerServiceNewFDOrUNIX(con= st char *path, mode_t mask, gid_t grp, int auth, -# if WITH_GNUTLS virNetTLSContextPtr = tls, -# endif bool readonly, size_t max_queued_cl= ients, size_t nrequests_cli= ent_max, @@ -53,9 +51,7 @@ virNetServerServicePtr virNetServerServiceNewTCP(const ch= ar *nodename, const char *service, int family, int auth, -# if WITH_GNUTLS virNetTLSContextPtr tls, -# endif bool readonly, size_t max_queued_clients, size_t nrequests_client_m= ax); @@ -63,17 +59,13 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, mode_t mask, gid_t grp, int auth, -# if WITH_GNUTLS virNetTLSContextPtr tls, -# endif bool readonly, size_t max_queued_client= s, size_t nrequests_client_= max); virNetServerServicePtr virNetServerServiceNewFD(int fd, int auth, -# if WITH_GNUTLS virNetTLSContextPtr tls, -# endif bool readonly, size_t max_queued_clients, size_t nrequests_client_ma= x); @@ -87,9 +79,7 @@ int virNetServerServiceGetPort(virNetServerServicePtr svc= ); int virNetServerServiceGetAuth(virNetServerServicePtr svc); bool virNetServerServiceIsReadonly(virNetServerServicePtr svc); size_t virNetServerServiceGetMaxRequests(virNetServerServicePtr svc); -# ifdef WITH_GNUTLS virNetTLSContextPtr virNetServerServiceGetTLSContext(virNetServerServicePt= r svc); -# endif =20 void virNetServerServiceSetDispatcher(virNetServerServicePtr svc, virNetServerServiceDispatchFunc func, diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c index d734ce6ad7..bdb83c5fd3 100644 --- a/src/util/vircrypto.c +++ b/src/util/vircrypto.c @@ -26,10 +26,8 @@ #include "viralloc.h" #include "virrandom.h" =20 -#ifdef WITH_GNUTLS -# include -# include -#endif +#include +#include =20 VIR_LOG_INIT("util.crypto"); =20 @@ -39,7 +37,6 @@ static const char hex[] =3D "0123456789abcdef"; =20 #define VIR_CRYPTO_LARGEST_DIGEST_SIZE VIR_CRYPTO_HASH_SIZE_SHA256 =20 -#if WITH_GNUTLS =20 struct virHashInfo { gnutls_digest_algorithm_t algorithm; @@ -74,17 +71,7 @@ virCryptoHashBuf(virCryptoHash hash, =20 return hashinfo[hash].hashlen; } -#else -ssize_t -virCryptoHashBuf(virCryptoHash hash, - const char *input ATTRIBUTE_UNUSED, - unsigned char *output ATTRIBUTE_UNUSED) -{ - virReportError(VIR_ERR_INVALID_ARG, - _("algorithm=3D%d is not supported"), hash); - return -1; -} -#endif + =20 int virCryptoHashString(virCryptoHash hash, @@ -129,11 +116,7 @@ virCryptoHaveCipher(virCryptoCipher algorithm) switch (algorithm) { =20 case VIR_CRYPTO_CIPHER_AES256CBC: -#ifdef WITH_GNUTLS return true; -#else - return false; -#endif =20 case VIR_CRYPTO_CIPHER_NONE: case VIR_CRYPTO_CIPHER_LAST: @@ -144,7 +127,6 @@ virCryptoHaveCipher(virCryptoCipher algorithm) } =20 =20 -#ifdef WITH_GNUTLS /* virCryptoEncryptDataAESgntuls: * * Performs the AES gnutls encryption @@ -295,22 +277,3 @@ virCryptoEncryptData(virCryptoCipher algorithm, _("algorithm=3D%d is not supported"), algorithm); return -1; } - -#else - -int -virCryptoEncryptData(virCryptoCipher algorithm, - uint8_t *enckey ATTRIBUTE_UNUSED, - size_t enckeylen ATTRIBUTE_UNUSED, - uint8_t *iv ATTRIBUTE_UNUSED, - size_t ivlen ATTRIBUTE_UNUSED, - uint8_t *data ATTRIBUTE_UNUSED, - size_t datalen ATTRIBUTE_UNUSED, - uint8_t **ciphertext ATTRIBUTE_UNUSED, - size_t *ciphertextlen ATTRIBUTE_UNUSED) -{ - virReportError(VIR_ERR_INVALID_ARG, - _("algorithm=3D%d is not supported"), algorithm); - return -1; -} -#endif diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 14a994523f..36bff26d33 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1043,10 +1043,8 @@ mymain(void) DO_TEST("disk-drive-network-sheepdog", NONE); DO_TEST("disk-drive-network-rbd-auth", NONE); DO_TEST("disk-drive-network-source-auth", NONE); -# ifdef WITH_GNUTLS DO_TEST("disk-drive-network-rbd-auth-AES", QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_VIRTIO_SCSI); -# endif DO_TEST("disk-drive-network-rbd-ipv6", NONE); DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE); DO_TEST("disk-drive-network-vxhs", QEMU_CAPS_VXHS); @@ -1339,17 +1337,10 @@ mymain(void) if (VIR_STRDUP_QUIET(driver.config->chardevTLSx509secretUUID, "6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea") < 0) return EXIT_FAILURE; -# ifdef WITH_GNUTLS DO_TEST("serial-tcp-tlsx509-secret-chardev", QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_DEVICE_ISA_SERIAL, QEMU_CAPS_OBJECT_TLS_CREDS_X509); -# else - DO_TEST_FAILURE("serial-tcp-tlsx509-secret-chardev", - QEMU_CAPS_OBJECT_SECRET, - QEMU_CAPS_DEVICE_ISA_SERIAL, - QEMU_CAPS_OBJECT_TLS_CREDS_X509); -# endif driver.config->chardevTLS =3D 0; VIR_FREE(driver.config->chardevTLSx509certdir); DO_TEST("serial-many-chardev", @@ -1653,14 +1644,10 @@ mymain(void) =20 DO_TEST("encrypted-disk", QEMU_CAPS_QCOW2_LUKS, QEMU_CAPS_OBJECT_SECRE= T); DO_TEST("encrypted-disk-usage", QEMU_CAPS_QCOW2_LUKS, QEMU_CAPS_OBJECT= _SECRET); -# ifdef WITH_GNUTLS DO_TEST("luks-disks", QEMU_CAPS_OBJECT_SECRET); DO_TEST("luks-disks-source", QEMU_CAPS_OBJECT_SECRET); DO_TEST_PARSE_ERROR("luks-disks-source-qcow2", QEMU_CAPS_OBJECT_SECRET= ); DO_TEST("luks-disks-source-qcow2", QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_= QCOW2_LUKS); -# else - DO_TEST_FAILURE("luks-disks", QEMU_CAPS_OBJECT_SECRET); -# endif DO_TEST_PARSE_ERROR("luks-disk-invalid", NONE); DO_TEST_PARSE_ERROR("luks-disks-source-both", QEMU_CAPS_OBJECT_SECRET); =20 @@ -2351,12 +2338,10 @@ mymain(void) DO_TEST("hostdev-scsi-virtio-iscsi-auth", QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_DEVICE_SCSI_GENERIC); -# ifdef WITH_GNUTLS DO_TEST("disk-hostdev-scsi-virtio-iscsi-auth-AES", QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_DEVICE_SCSI_GENERIC, QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_ISCSI_PASSWORD_SECRET); -# endif DO_TEST("hostdev-scsi-vhost-scsi-ccw", QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_DEVICE_VHOST_SCSI, QEMU_CAPS_DEVICE_SCSI_GENERIC, QEMU_CAPS_CCW); diff --git a/tests/vircryptotest.c b/tests/vircryptotest.c index b6313e73ad..6841d74901 100644 --- a/tests/vircryptotest.c +++ b/tests/vircryptotest.c @@ -22,11 +22,10 @@ =20 #include "testutils.h" =20 -#if WITH_GNUTLS -# include "vircrypto.h" -# include "virrandom.h" +#include "vircrypto.h" +#include "virrandom.h" =20 -# define VIR_FROM_THIS VIR_FROM_NONE +#define VIR_FROM_THIS VIR_FROM_NONE =20 struct testCryptoHashData { virCryptoHash hash; @@ -130,7 +129,7 @@ mymain(void) 0x1b, 0x8c, 0x3f, 0x48, 0x27, 0xae, 0xb6, 0x7a}; =20 -# define VIR_CRYPTO_HASH(h, i, o) \ +#define VIR_CRYPTO_HASH(h, i, o) \ do { \ struct testCryptoHashData data =3D { \ .hash =3D h, \ @@ -153,9 +152,9 @@ mymain(void) VIR_CRYPTO_HASH(VIR_CRYPTO_HASH_MD5, "The quick brown fox", "a2004f377= 30b9445670a738fa0fc9ee5"); VIR_CRYPTO_HASH(VIR_CRYPTO_HASH_SHA256, "The quick brown fox", "5cac4f= 980fedc3d3f1f99b4be3472c9b30d56523e632d151237ec9309048bda9"); =20 -# undef VIR_CRYPTO_HASH +#undef VIR_CRYPTO_HASH =20 -# define VIR_CRYPTO_ENCRYPT(a, n, i, il, c, cl) \ +#define VIR_CRYPTO_ENCRYPT(a, n, i, il, c, cl) \ do { \ struct testCryptoEncryptData data =3D { \ .algorithm =3D a, \ @@ -174,19 +173,10 @@ mymain(void) VIR_CRYPTO_ENCRYPT(VIR_CRYPTO_CIPHER_AES256CBC, "aes265cbc", secretdata, 7, expected_ciphertext, 16); =20 -# undef VIR_CRYPTO_ENCRYPT +#undef VIR_CRYPTO_ENCRYPT =20 return ret =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; } =20 /* Forces usage of not so random virRandomBytes */ VIR_TEST_MAIN_PRELOAD(mymain, abs_builddir "/.libs/virrandommock.so") -#else -static int -mymain(void) -{ - return EXIT_AM_SKIP; -} - -VIR_TEST_MAIN(mymain); -#endif /* WITH_GNUTLS */ diff --git a/tests/virfilecachetest.c b/tests/virfilecachetest.c index 44386742e1..82c2286752 100644 --- a/tests/virfilecachetest.c +++ b/tests/virfilecachetest.c @@ -21,12 +21,11 @@ =20 #include "testutils.h" =20 -#if WITH_GNUTLS -# include "virfile.h" -# include "virfilecache.h" +#include "virfile.h" +#include "virfilecache.h" =20 =20 -# define VIR_FROM_THIS VIR_FROM_NONE +#define VIR_FROM_THIS VIR_FROM_NONE =20 =20 struct _testFileCacheObj { @@ -214,7 +213,7 @@ mymain(void) =20 virFileCacheSetPriv(cache, &testPriv); =20 -# define TEST_RUN(name, newData, expectData, expectSave) \ +#define TEST_RUN(name, newData, expectData, expectSave) \ do { \ testFileCacheData data =3D { \ cache, name, newData, expectData, expectSave \ @@ -235,12 +234,3 @@ mymain(void) } =20 VIR_TEST_MAIN_PRELOAD(mymain, abs_builddir "/.libs/virfilecachemock.so") -#else -static int -mymain(void) -{ - return EXIT_AM_SKIP; -} - -VIR_TEST_MAIN(mymain); -#endif /* WITH_GNUTLS */ diff --git a/tests/virnetdaemontest.c b/tests/virnetdaemontest.c index ef869b16e3..6f4957fc4c 100644 --- a/tests/virnetdaemontest.c +++ b/tests/virnetdaemontest.c @@ -117,9 +117,7 @@ testCreateServer(const char *server_name, const char *h= ost, int family) NULL, family, VIR_NET_SERVER_SERVICE_AUTH_NON= E, -# ifdef WITH_GNUTLS NULL, -# endif true, 5, 2))) @@ -129,9 +127,7 @@ testCreateServer(const char *server_name, const char *h= ost, int family) NULL, family, VIR_NET_SERVER_SERVICE_AUTH_POL= KIT, -# ifdef WITH_GNUTLS NULL, -# endif false, 25, 5))) @@ -152,9 +148,7 @@ testCreateServer(const char *server_name, const char *h= ost, int family) VIR_NET_SERVER_SERVICE_AUTH_SASL, true, 15, -# ifdef WITH_GNUTLS NULL, -# endif testClientNew, testClientPreExec, testClientFree, @@ -166,9 +160,7 @@ testCreateServer(const char *server_name, const char *h= ost, int family) VIR_NET_SERVER_SERVICE_AUTH_POLKIT, true, 66, -# ifdef WITH_GNUTLS NULL, -# endif testClientNew, testClientPreExec, testClientFree, diff --git a/tests/virnetserverclienttest.c b/tests/virnetserverclienttest.c index 1759d76630..3f801902ca 100644 --- a/tests/virnetserverclienttest.c +++ b/tests/virnetserverclienttest.c @@ -73,9 +73,7 @@ static int testIdentity(const void *opaque ATTRIBUTE_UNUS= ED) sv[0] =3D -1; =20 if (!(client =3D virNetServerClientNew(1, sock, 0, false, 1, -# ifdef WITH_GNUTLS NULL, -# endif testClientNew, NULL, testClientFree, diff --git a/tests/virrandommock.c b/tests/virrandommock.c index fd1a61f673..99a55a576a 100644 --- a/tests/virrandommock.c +++ b/tests/virrandommock.c @@ -22,6 +22,9 @@ =20 #ifndef WIN32 =20 +# include +# include + # include "internal.h" # include "virstring.h" # include "virrandom.h" @@ -50,10 +53,6 @@ int virRandomGenerateWWN(char **wwn, } =20 =20 -# ifdef WITH_GNUTLS -# include -# include - static int (*real_gnutls_dh_params_generate2)(gnutls_dh_params_t dparams, unsigned int bits); =20 @@ -87,7 +86,6 @@ gnutls_dh_params_generate2(gnutls_dh_params_t dparams, =20 return gnutls_dh_params_cpy(dparams, params_cache); } -# endif #else /* WIN32 */ /* Can't mock on WIN32 */ #endif --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list