diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2018-10-23 12:19:44 +0100 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2018-10-23 12:19:44 +0100 |
| commit | 7acd80e82d9332dfdaedc60c91eb3ec5195738bb (patch) | |
| tree | eee59246bc7e3f899ed7daa830b46dc9dfa77d01 /tests | |
| parent | 3ebee3b191e755d3f7311a6a62eea5c9628b221b (diff) | |
| parent | 64dd2f3b5b090c21c3e82142de3fe7b4793ce6c8 (diff) | |
| download | qemu-7acd80e82d9332dfdaedc60c91eb3ec5195738bb.zip qemu-7acd80e82d9332dfdaedc60c91eb3ec5195738bb.tar.gz qemu-7acd80e82d9332dfdaedc60c91eb3ec5195738bb.tar.bz2 | |
Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-next-pull-request' into staging
Update min required crypto library versions
The min required versions for crypto libraries are now
- gnutls >= 3.1.18
- nettle >= 2.7.1
- gcrypt >= 1.5.0
# gpg: Signature made Fri 19 Oct 2018 14:42:35 BST
# gpg: using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange/tags/qcrypto-next-pull-request:
crypto: require nettle >= 2.7.1 for building QEMU
crypto: require libgcrypt >= 1.5.0 for building QEMU
crypto: require gnutls >= 3.1.18 for building QEMU
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/Makefile.include | 2 | ||||
| -rw-r--r-- | tests/crypto-tls-x509-helpers.h | 3 | ||||
| -rw-r--r-- | tests/test-crypto-block.c | 2 | ||||
| -rw-r--r-- | tests/test-crypto-tlscredsx509.c | 8 |
4 files changed, 4 insertions, 11 deletions
diff --git a/tests/Makefile.include b/tests/Makefile.include index 7fe8578..f77a495 100644 --- a/tests/Makefile.include +++ b/tests/Makefile.include @@ -115,7 +115,7 @@ check-unit-$(CONFIG_GNUTLS) += tests/test-io-channel-tls$(EXESUF) check-unit-y += tests/test-io-channel-command$(EXESUF) check-unit-y += tests/test-io-channel-buffer$(EXESUF) check-unit-y += tests/test-base64$(EXESUF) -check-unit-$(if $(CONFIG_NETTLE_KDF),y,$(CONFIG_GCRYPT_KDF)) += tests/test-crypto-pbkdf$(EXESUF) +check-unit-$(if $(CONFIG_NETTLE),y,$(CONFIG_GCRYPT)) += tests/test-crypto-pbkdf$(EXESUF) check-unit-y += tests/test-crypto-ivgen$(EXESUF) check-unit-y += tests/test-crypto-afsplit$(EXESUF) check-unit-y += tests/test-crypto-xts$(EXESUF) diff --git a/tests/crypto-tls-x509-helpers.h b/tests/crypto-tls-x509-helpers.h index 921341c..88c30d7 100644 --- a/tests/crypto-tls-x509-helpers.h +++ b/tests/crypto-tls-x509-helpers.h @@ -22,8 +22,7 @@ #include <gnutls/x509.h> #if !(defined WIN32) && \ - defined(CONFIG_TASN1) && \ - (LIBGNUTLS_VERSION_NUMBER >= 0x020600) + defined(CONFIG_TASN1) # define QCRYPTO_HAVE_TLS_TEST_SUPPORT #endif diff --git a/tests/test-crypto-block.c b/tests/test-crypto-block.c index fd29a04..fae4ffc 100644 --- a/tests/test-crypto-block.c +++ b/tests/test-crypto-block.c @@ -29,7 +29,7 @@ #endif #if (defined(_WIN32) || defined RUSAGE_THREAD) && \ - (defined(CONFIG_NETTLE_KDF) || defined(CONFIG_GCRYPT_KDF)) + (defined(CONFIG_NETTLE) || defined(CONFIG_GCRYPT)) #define TEST_LUKS #else #undef TEST_LUKS diff --git a/tests/test-crypto-tlscredsx509.c b/tests/test-crypto-tlscredsx509.c index 30f9ac4..940a026 100644 --- a/tests/test-crypto-tlscredsx509.c +++ b/tests/test-crypto-tlscredsx509.c @@ -283,14 +283,8 @@ int main(int argc, char **argv) true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL, 0, 0); - /* Technically a CA cert with basic constraints - * key purpose == key signing + non-critical should - * be rejected. GNUTLS < 3.1 does not reject it and - * we don't anticipate them changing this behaviour - */ TLS_TEST_REG(badca1, true, cacert4req.filename, servercert4req.filename, - (GNUTLS_VERSION_MAJOR == 3 && GNUTLS_VERSION_MINOR >= 1) || - GNUTLS_VERSION_MAJOR > 3); + true); TLS_TEST_REG(badca2, true, cacert5req.filename, servercert5req.filename, true); TLS_TEST_REG(badca3, true, |