meson.build | 1 + tests/unit/crypto-tls-x509-helpers.h | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-)
We only use Libtasn1 in unit tests. As noted in commit d47b83b118
("tests: add migration tests of TLS with x509 credentials"), having
GnuTLS without Libtasn1 is a valid configuration, so do not require
Libtasn1, to avoid:
Dependency gnutls found: YES 3.7.1 (cached)
Run-time dependency libtasn1 found: NO (tried pkgconfig)
../meson.build:1914:10: ERROR: Dependency "libtasn1" not found, tried pkgconfig
Restrict the unit test pkix_asn1_tab[] variable to CONFIG_TASN1.
Fixes: ba7ed407e6 ("configure, meson: convert libtasn1 detection to meson")
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
meson.build | 1 +
tests/unit/crypto-tls-x509-helpers.h | 4 +++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/meson.build b/meson.build
index 5db2dbc12e..837a2bdb56 100644
--- a/meson.build
+++ b/meson.build
@@ -1912,6 +1912,7 @@ endif
tasn1 = not_found
if gnutls.found()
tasn1 = dependency('libtasn1',
+ required: false,
method: 'pkg-config')
endif
keyutils = not_found
diff --git a/tests/unit/crypto-tls-x509-helpers.h b/tests/unit/crypto-tls-x509-helpers.h
index 247e7160eb..bddf00d392 100644
--- a/tests/unit/crypto-tls-x509-helpers.h
+++ b/tests/unit/crypto-tls-x509-helpers.h
@@ -23,7 +23,6 @@
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
-#include <libtasn1.h>
#define QCRYPTO_TLS_TEST_CLIENT_NAME "ACME QEMU Client"
@@ -171,6 +170,9 @@ void test_tls_cleanup(const char *keyfile);
}; \
test_tls_generate_cert(&varname, cavarname.crt)
+#ifdef CONFIG_TASN1
+#include <libtasn1.h>
extern const asn1_static_node pkix_asn1_tab[];
+#endif
#endif
--
2.41.0
On 2/5/24 10:11, Philippe Mathieu-Daudé wrote:
> We only use Libtasn1 in unit tests. As noted in commit d47b83b118
> ("tests: add migration tests of TLS with x509 credentials"), having
> GnuTLS without Libtasn1 is a valid configuration, so do not require
> Libtasn1, to avoid:
>
> Dependency gnutls found: YES 3.7.1 (cached)
> Run-time dependency libtasn1 found: NO (tried pkgconfig)
>
> ../meson.build:1914:10: ERROR: Dependency "libtasn1" not found, tried pkgconfig
>
> Restrict the unit test pkix_asn1_tab[] variable to CONFIG_TASN1.
Otherwise we get:
In file included from tests/unit/crypto-tls-psk-helpers.c:23:
tests/unit/crypto-tls-x509-helpers.h:26:10: fatal error:
libtasn1.h: No such file or directory
26 | #include <libtasn1.h>
| ^~~~~~~~~~~~
compilation terminated.
> Fixes: ba7ed407e6 ("configure, meson: convert libtasn1 detection to meson")
> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> ---
> meson.build | 1 +
> tests/unit/crypto-tls-x509-helpers.h | 4 +++-
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/meson.build b/meson.build
> index 5db2dbc12e..837a2bdb56 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -1912,6 +1912,7 @@ endif
> tasn1 = not_found
> if gnutls.found()
> tasn1 = dependency('libtasn1',
> + required: false,
> method: 'pkg-config')
> endif
> keyutils = not_found
> diff --git a/tests/unit/crypto-tls-x509-helpers.h b/tests/unit/crypto-tls-x509-helpers.h
> index 247e7160eb..bddf00d392 100644
> --- a/tests/unit/crypto-tls-x509-helpers.h
> +++ b/tests/unit/crypto-tls-x509-helpers.h
> @@ -23,7 +23,6 @@
>
> #include <gnutls/gnutls.h>
> #include <gnutls/x509.h>
> -#include <libtasn1.h>
>
>
> #define QCRYPTO_TLS_TEST_CLIENT_NAME "ACME QEMU Client"
> @@ -171,6 +170,9 @@ void test_tls_cleanup(const char *keyfile);
> }; \
> test_tls_generate_cert(&varname, cavarname.crt)
>
> +#ifdef CONFIG_TASN1
> +#include <libtasn1.h>
> extern const asn1_static_node pkix_asn1_tab[];
> +#endif
>
> #endif
On Thu, May 02, 2024 at 10:22:02AM +0200, Philippe Mathieu-Daudé wrote:
> On 2/5/24 10:11, Philippe Mathieu-Daudé wrote:
> > We only use Libtasn1 in unit tests. As noted in commit d47b83b118
> > ("tests: add migration tests of TLS with x509 credentials"), having
> > GnuTLS without Libtasn1 is a valid configuration, so do not require
> > Libtasn1, to avoid:
> >
> > Dependency gnutls found: YES 3.7.1 (cached)
> > Run-time dependency libtasn1 found: NO (tried pkgconfig)
> >
> > ../meson.build:1914:10: ERROR: Dependency "libtasn1" not found, tried pkgconfig
> >
> > Restrict the unit test pkix_asn1_tab[] variable to CONFIG_TASN1.
>
> Otherwise we get:
>
> In file included from tests/unit/crypto-tls-psk-helpers.c:23:
> tests/unit/crypto-tls-x509-helpers.h:26:10: fatal error:
> libtasn1.h: No such file or directory
> 26 | #include <libtasn1.h>
> | ^~~~~~~~~~~~
> compilation terminated.
I'd say that crypto-tls-psk-helpers.c shouldn't be including
crypto-tls-x509-helpers.h at all, as PSK auth does not depend
on X509 code
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On 2/5/24 10:26, Daniel P. Berrangé wrote:
> On Thu, May 02, 2024 at 10:22:02AM +0200, Philippe Mathieu-Daudé wrote:
>> On 2/5/24 10:11, Philippe Mathieu-Daudé wrote:
>>> We only use Libtasn1 in unit tests. As noted in commit d47b83b118
>>> ("tests: add migration tests of TLS with x509 credentials"), having
>>> GnuTLS without Libtasn1 is a valid configuration, so do not require
>>> Libtasn1, to avoid:
>>>
>>> Dependency gnutls found: YES 3.7.1 (cached)
>>> Run-time dependency libtasn1 found: NO (tried pkgconfig)
>>>
>>> ../meson.build:1914:10: ERROR: Dependency "libtasn1" not found, tried pkgconfig
>>>
>>> Restrict the unit test pkix_asn1_tab[] variable to CONFIG_TASN1.
>>
>> Otherwise we get:
>>
>> In file included from tests/unit/crypto-tls-psk-helpers.c:23:
>> tests/unit/crypto-tls-x509-helpers.h:26:10: fatal error:
>> libtasn1.h: No such file or directory
>> 26 | #include <libtasn1.h>
>> | ^~~~~~~~~~~~
>> compilation terminated.
>
> I'd say that crypto-tls-psk-helpers.c shouldn't be including
> crypto-tls-x509-helpers.h at all, as PSK auth does not depend
> on X509 code
I agree, I tried the "less code churn" path first :)
On 2/5/24 11:26, Philippe Mathieu-Daudé wrote:
> On 2/5/24 10:26, Daniel P. Berrangé wrote:
>> On Thu, May 02, 2024 at 10:22:02AM +0200, Philippe Mathieu-Daudé wrote:
>>> On 2/5/24 10:11, Philippe Mathieu-Daudé wrote:
>>>> We only use Libtasn1 in unit tests. As noted in commit d47b83b118
>>>> ("tests: add migration tests of TLS with x509 credentials"), having
>>>> GnuTLS without Libtasn1 is a valid configuration, so do not require
>>>> Libtasn1, to avoid:
>>>>
>>>> Dependency gnutls found: YES 3.7.1 (cached)
>>>> Run-time dependency libtasn1 found: NO (tried pkgconfig)
>>>>
>>>> ../meson.build:1914:10: ERROR: Dependency "libtasn1" not found,
>>>> tried pkgconfig
>>>>
>>>> Restrict the unit test pkix_asn1_tab[] variable to CONFIG_TASN1.
>>>
>>> Otherwise we get:
>>>
>>> In file included from tests/unit/crypto-tls-psk-helpers.c:23:
>>> tests/unit/crypto-tls-x509-helpers.h:26:10: fatal error:
>>> libtasn1.h: No such file or directory
>>> 26 | #include <libtasn1.h>
>>> | ^~~~~~~~~~~~
>>> compilation terminated.
>>
>> I'd say that crypto-tls-psk-helpers.c shouldn't be including
>> crypto-tls-x509-helpers.h at all, as PSK auth does not depend
>> on X509 code
>
> I agree, I tried the "less code churn" path first :)
test_tls_init() calls asn1_array2tree(),
test_tls_cleanup() calls asn1_delete_structure() and
test_tls_generate_cert() calls:
asn1_create_element(pkix_asn1, "PKIX1.BasicConstraints", ...
asn1_write_value(ext, "cA", ...
asn1_write_value(ext, "pathLenConstraint", ...
© 2016 - 2026 Red Hat, Inc.