| Message ID | 20210511132641.1022161-4-berrange@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Wave goodbye to RHEL 7 vintage distros | expand |
On 11/05/2021 15.26, Daniel P. Berrangé wrote: > It has been over two years since RHEL-8 was released, and thus per the > platform build policy, we no longer need to support RHEL-7 as a build > target. This lets us increment the minimum required nettle version and > drop a lot of backwards compatibility code for 2.x series of nettle. > > Per repology, current shipping versions are: > > RHEL-8: 3.4.1 > Debian Stretch: 3.3 > Debian Buster: 3.4.1 > openSUSE Leap 15.2: 3.4.1 > Ubuntu LTS 18.04: 3.4 > Ubuntu LTS 20.04: 3.5.1 > FreeBSD: 3.7.2 > Fedora 33: 3.5.1 > Fedora 34: 3.7.2 > OpenBSD: 3.7.2 > macOS HomeBrew: 3.7.2 > > Debian Stretch has the oldest version and so 3.3 is the new minimum. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
On Tue, May 11, 2021 at 10:28 AM Daniel P. Berrangé <berrange@redhat.com> wrote: > > It has been over two years since RHEL-8 was released, and thus per the > platform build policy, we no longer need to support RHEL-7 as a build > target. This lets us increment the minimum required nettle version and > drop a lot of backwards compatibility code for 2.x series of nettle. > > Per repology, current shipping versions are: > > RHEL-8: 3.4.1 > Debian Stretch: 3.3 > Debian Buster: 3.4.1 > openSUSE Leap 15.2: 3.4.1 > Ubuntu LTS 18.04: 3.4 > Ubuntu LTS 20.04: 3.5.1 > FreeBSD: 3.7.2 > Fedora 33: 3.5.1 > Fedora 34: 3.7.2 > OpenBSD: 3.7.2 > macOS HomeBrew: 3.7.2 > > Debian Stretch has the oldest version and so 3.3 is the new minimum. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > .gitlab-ci.yml | 10 ---------- > configure | 4 +--- > crypto/cipher-nettle.c.inc | 31 ------------------------------- > crypto/hash-nettle.c | 4 ---- > crypto/hmac-nettle.c | 4 ---- > 5 files changed, 1 insertion(+), 52 deletions(-) > Reviewed-by: Willian Rampazzo <willianr@redhat.com>
On 5/11/21 8:26 AM, Daniel P. Berrangé wrote: > It has been over two years since RHEL-8 was released, and thus per the > platform build policy, we no longer need to support RHEL-7 as a build > target. This lets us increment the minimum required nettle version and > drop a lot of backwards compatibility code for 2.x series of nettle. > > Per repology, current shipping versions are: > > RHEL-8: 3.4.1 > Debian Stretch: 3.3 > Debian Buster: 3.4.1 > openSUSE Leap 15.2: 3.4.1 > Ubuntu LTS 18.04: 3.4 > Ubuntu LTS 20.04: 3.5.1 > FreeBSD: 3.7.2 > Fedora 33: 3.5.1 > Fedora 34: 3.7.2 > OpenBSD: 3.7.2 > macOS HomeBrew: 3.7.2 > > Debian Stretch has the oldest version and so 3.3 is the new minimum. > > Signed-off-by: Daniel P. Berrangé<berrange@redhat.com> > --- Reviewed-by: Richard Henderson <richard.henderson@linaro.org> r~
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 23917d6d73..aef16515d3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -716,16 +716,6 @@ build-coroutine-sigaltstack: # # These jobs test old gcrypt and nettle from RHEL7 # which had some API differences. -crypto-old-nettle: - <<: *native_build_job_definition - needs: - job: amd64-centos7-container - variables: - IMAGE: centos7 - TARGETS: x86_64-softmmu x86_64-linux-user - CONFIGURE_ARGS: --disable-gcrypt --enable-nettle - MAKE_CHECK_ARGS: check - crypto-old-gcrypt: <<: *native_build_job_definition needs: diff --git a/configure b/configure index 54f8475444..53902d9c02 100755 --- a/configure +++ b/configure @@ -2860,10 +2860,9 @@ has_libgcrypt() { if test "$nettle" != "no"; then pass="no" - if $pkg_config --exists "nettle >= 2.7.1"; then + if $pkg_config --exists "nettle >= 3.3"; then nettle_cflags=$($pkg_config --cflags nettle) nettle_libs=$($pkg_config --libs nettle) - nettle_version=$($pkg_config --modversion nettle) # Link test to make sure the given libraries work (e.g for static). write_c_skeleton if compile_prog "" "$nettle_libs" ; then @@ -5722,7 +5721,6 @@ if test "$gcrypt" = "yes" ; then fi if test "$nettle" = "yes" ; then echo "CONFIG_NETTLE=y" >> $config_host_mak - echo "CONFIG_NETTLE_VERSION_MAJOR=${nettle_version%%.*}" >> $config_host_mak echo "NETTLE_CFLAGS=$nettle_cflags" >> $config_host_mak echo "NETTLE_LIBS=$nettle_libs" >> $config_host_mak fi diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index cac771e4ff..490472656c 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -39,41 +39,10 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, uint8_t *dst, const uint8_t *src); -#if CONFIG_NETTLE_VERSION_MAJOR < 3 -typedef nettle_crypt_func * QCryptoCipherNettleFuncNative; -typedef void * cipher_ctx_t; -typedef unsigned cipher_length_t; -#define CONST_CTX - -#define cast5_set_key cast128_set_key - -#define aes128_ctx aes_ctx -#define aes192_ctx aes_ctx -#define aes256_ctx aes_ctx -#define aes128_set_encrypt_key(c, k) \ - aes_set_encrypt_key(c, 16, k) -#define aes192_set_encrypt_key(c, k) \ - aes_set_encrypt_key(c, 24, k) -#define aes256_set_encrypt_key(c, k) \ - aes_set_encrypt_key(c, 32, k) -#define aes128_set_decrypt_key(c, k) \ - aes_set_decrypt_key(c, 16, k) -#define aes192_set_decrypt_key(c, k) \ - aes_set_decrypt_key(c, 24, k) -#define aes256_set_decrypt_key(c, k) \ - aes_set_decrypt_key(c, 32, k) -#define aes128_encrypt aes_encrypt -#define aes192_encrypt aes_encrypt -#define aes256_encrypt aes_encrypt -#define aes128_decrypt aes_decrypt -#define aes192_decrypt aes_decrypt -#define aes256_decrypt aes_decrypt -#else typedef nettle_cipher_func * QCryptoCipherNettleFuncNative; typedef const void * cipher_ctx_t; typedef size_t cipher_length_t; #define CONST_CTX const -#endif static inline bool qcrypto_length_check(size_t len, size_t blocksize, Error **errp) diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c index 2a6ee7c7d5..5c8977fb80 100644 --- a/crypto/hash-nettle.c +++ b/crypto/hash-nettle.c @@ -26,11 +26,7 @@ #include <nettle/sha.h> #include <nettle/ripemd160.h> -#if CONFIG_NETTLE_VERSION_MAJOR < 3 -typedef unsigned int hash_length_t; -#else typedef size_t hash_length_t; -#endif typedef void (*qcrypto_nettle_init)(void *ctx); typedef void (*qcrypto_nettle_write)(void *ctx, diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c index 1152b741fd..da6b6fa014 100644 --- a/crypto/hmac-nettle.c +++ b/crypto/hmac-nettle.c @@ -18,11 +18,7 @@ #include "hmacpriv.h" #include <nettle/hmac.h> -#if CONFIG_NETTLE_VERSION_MAJOR < 3 -typedef unsigned int hmac_length_t; -#else typedef size_t hmac_length_t; -#endif typedef void (*qcrypto_nettle_hmac_setkey)(void *ctx, hmac_length_t key_length,
It has been over two years since RHEL-8 was released, and thus per the platform build policy, we no longer need to support RHEL-7 as a build target. This lets us increment the minimum required nettle version and drop a lot of backwards compatibility code for 2.x series of nettle. Per repology, current shipping versions are: RHEL-8: 3.4.1 Debian Stretch: 3.3 Debian Buster: 3.4.1 openSUSE Leap 15.2: 3.4.1 Ubuntu LTS 18.04: 3.4 Ubuntu LTS 20.04: 3.5.1 FreeBSD: 3.7.2 Fedora 33: 3.5.1 Fedora 34: 3.7.2 OpenBSD: 3.7.2 macOS HomeBrew: 3.7.2 Debian Stretch has the oldest version and so 3.3 is the new minimum. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitlab-ci.yml | 10 ---------- configure | 4 +--- crypto/cipher-nettle.c.inc | 31 ------------------------------- crypto/hash-nettle.c | 4 ---- crypto/hmac-nettle.c | 4 ---- 5 files changed, 1 insertion(+), 52 deletions(-)