[libvirt] [PATCH 1/2] configure: move gnutls check into virt-gnutls.m4
Daniel P. Berrange
berrange at redhat.com
Thu Dec 22 09:20:11 UTC 2016
On Wed, Dec 21, 2016 at 06:34:05PM -0500, John Ferlan wrote:
>
>
> On 10/24/2016 04:40 AM, Pavel Hrdina wrote:
> > Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
> > ---
> > configure.ac | 109 +-----------------------------------------------------
> > m4/virt-gnutls.m4 | 64 ++++++++++++++++++++++++++++++++
> > 2 files changed, 66 insertions(+), 107 deletions(-)
> > create mode 100644 m4/virt-gnutls.m4
> >
>
> I'm not quite sure what, but something in this change has broken
> encrypted secret capabilities as the following API is not always
> returning false...
>
> bool
> virCryptoHaveCipher(virCryptoCipher algorithm)
> {
> switch (algorithm) {
>
> case VIR_CRYPTO_CIPHER_AES256CBC:
>
> #ifdef HAVE_GNUTLS_CIPHER_ENCRYPT
> return true;
> #else
> return false;
> #endif
>
> ...
>
> Of course the virCryptoEncryptDataAESgntuls is also undefined.
>
> In order to work around short term, if I use HAVE_GNUTLS_CRYPTO_H I can
> at least get the API needed.
>
> Just so you know I have a customer case which I'm trying to
> resolve/debug that's impacted by this (naturally)!
>
>
> I "hand bisected" back to
>
> $ git co c290f216c47afbd4f3d1e082cdb98181675cd31e
> $ ./autogen.sh --system
> <lots of gnarly warnings about this omitted>
>
> $ grep HAVE_GNUTLS config.log
> | #define HAVE_GNUTLS_CRYPTO_H 1
> | #define HAVE_GNUTLS_RND 1
> | #define HAVE_GNUTLS_CIPHER_ENCRYPT 1
> | #define HAVE_GNUTLS_CRYPTO_H 1
> ...
> #define HAVE_GNUTLS_CRYPTO_H 1
> #define HAVE_GNUTLS_RND 1
> #define HAVE_GNUTLS_CIPHER_ENCRYPT 1
> ...
>
> $ git co 680d2f49dad425395de627a31006cb84848cfa65
> $ ./autogen.sh --system
> <lots of stuff ommitted>
>
> $ grep HAVE_GNUTLS config.log
> | #define HAVE_GNUTLS_CRYPTO_H 1
> ...
> #define HAVE_GNUTLS_CRYPTO_H 1
> ...
> $
>
> Note there's no HAVE_GNUTLS_CIPHER_ENCRYPT or HAVE_GNUTLS_RND
You'll be wanting this fix:
ommit 943ddcb71205524fe2a34ca7a9b6cb3744a07555
Author: Nikos Mavrogiannopoulos <nmav at redhat.com>
Date: Fri Nov 25 16:51:13 2016 +0100
virt-gnutls.m4: fixed check for gnutls_rnd and gnutls_cipher_encrypt
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
More information about the libvir-list
mailing list