From patchwork Thu May 2 09:56:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 794106 Delivered-To: patch@linaro.org Received: by 2002:adf:a153:0:b0:34d:5089:5a9e with SMTP id r19csp153663wrr; Thu, 2 May 2024 02:57:27 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVPBGtdKnkX6n/K4V1+sgKW9uCpvGcttEJkpxq5YKiY47xCFAfwngjAWs3p/ml9IMawW9fcUg16jhdY6r8hVXwb X-Google-Smtp-Source: AGHT+IHadoIEhmbP02ZoyI2OI2Dgnh4BVkqhVLS8DcNre50b1vLhoW3qE1jQp26VOEI16vcXp3yF X-Received: by 2002:a05:690c:6312:b0:61a:bdc8:6c90 with SMTP id ho18-20020a05690c631200b0061abdc86c90mr5523541ywb.20.1714643846862; Thu, 02 May 2024 02:57:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1714643846; cv=none; d=google.com; s=arc-20160816; b=rXlqemRniW5A6XYUi4WvjM2jlWhC1icBaHoWBvsvGT5LBmsdyzFdudJbJINSa2INqo JjBhWTZHsUPZWRdrDZl2vFW4zPBQq94XKF2IqOm1pM63qQ9Ag/D+phrXCzVz3+nJC9WK U+BYw5X1QxbrwBKXPC97VkPTJQ9Qo0aHZaIg1ds9eP7hjAkjqSpFMhW9ceo1UPl3yO4O aChR/pwuvwNzrMK4621Ep87xlTRu2BKWevSZCMqBxMfs+kXxpARObr/dpqTSEa85lOul XUxMso26kFrf3qWRGSaybJ2uPlnX6WKX7uEM5YTBEVRWyeMCLssfIEljo9IA+jWrTLPu 9A6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Hscm9KdbM1whIxlQwwTQ6xBil1LPfb+u+PB5hBKBEJA=; fh=Dhpq/bjK0ChgMAY5mUf7XOR2DhtP3cS/r2w/r+nRC1I=; b=DW0fMzMOWgfWhqrE9lL+Cv0A4+EbX4qKoEFa+dhKWJEiXr569SvXcwC9CtVQFpGnLP vk0jTrAslH9rwy/P9G483c+gkHitdkVIJc8q6Gx7gW8ITa7thT/oQaFVGeIqRZPLnsNr aPnp1Ysk1iVRms/s4lFSPmqSSvo/MbiRmWRC9lQT1nJBmPqbmtDjAZCcbCP5Kdlc2TJV c32q71lvMk/nSlp/omXePbK61ZhvMf8bVCty8iBciyzMqgJQxahUz3S8A22nUG1YcBWN bnvCiG7Z60oxxyyafhivSM3nB9gI1HnG62POE2y5r+1zldQJbSyAc7f+YM4AKEEEuMld FB1w==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YwufLK4f; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id hc26-20020a05622a2a1a00b0043ae59d2679si547561qtb.778.2024.05.02.02.57.26 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 May 2024 02:57:26 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YwufLK4f; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s2TBZ-0000dk-F5; Thu, 02 May 2024 05:57:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s2TBV-0000ci-78 for qemu-devel@nongnu.org; Thu, 02 May 2024 05:57:01 -0400 Received: from mail-wr1-x433.google.com ([2a00:1450:4864:20::433]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1s2TBS-00017U-Fp for qemu-devel@nongnu.org; Thu, 02 May 2024 05:57:00 -0400 Received: by mail-wr1-x433.google.com with SMTP id ffacd0b85a97d-34db6a29a1eso1359488f8f.1 for ; Thu, 02 May 2024 02:56:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714643816; x=1715248616; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Hscm9KdbM1whIxlQwwTQ6xBil1LPfb+u+PB5hBKBEJA=; b=YwufLK4fL7WvEkZ5dfh2QoZtWrUFywq45knQTAKvSIhbp+jJ5vm3Iti+DWJsnpbnWE 8t6mYlxMg6MPnAv3qNbcJ8UnqPy7m4H/TF/mhYvdSJZku6IDEruv+nXM/zVjqX8qQvdR cWjUOBsHe3DZmhDZr2Y/YtYHz80OmDxwT2LqbEHlHxXDWXGcdiBMCGi53LvL522zjrDm A+CzPIXjvtZ96pcxj+psCJVeyKWHeVBkv42yUqHYIUIv/Z0ZLF9Rr8tBmngRoTZaD3HN XRsmAd5AVFknLgYUmlEJMzFkh8t9MyH6YpQZk/CkdLuQG34uL3jT0SRqrMWvvuFWToiN Xesw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714643816; x=1715248616; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Hscm9KdbM1whIxlQwwTQ6xBil1LPfb+u+PB5hBKBEJA=; b=RLDTT8L/WzxnzKZS6M/aXbAz1303cU7VF2WpbskHC5RXLGefV6jXLzRmliVfUwlRLB 2RHUFZd9HeNLcF5FQ7iNe4rdyT5O+8m63It6A+ePVOqrlRbwJgvvg44OVrYyGLocpZor 4hshOp9rGs5D7r109ZWoFHJ/S45D5Bm1e2G8BZ+EK05TcblfvLfT/XQy2iSPrPDMQHAK HZycyv22ZO+3w3o0xrV9jM1xNpaYc8HNac4E0/s++uZ4ytCsSzEIr11IqNBpyoS0TUUw 5/DmrJZl2sRlTFloyJZZLf8rTJ1U6ZFUAkPFMUpSWGGg44yaZGGJD16GpMMig7DhVNaS kvIw== X-Gm-Message-State: AOJu0YxcRUMvjor5gR3hRiZGXP9iTsoenDx9AruPNhdshqu36kynBDMY CG+e6tc99Vz2vXlaWgOtENtd5OP+cJSQPKMaXe+55TZucP8XC2gBPgXVo7TE524vM6ECLRXp4i5 + X-Received: by 2002:adf:e508:0:b0:34c:8adf:8fc9 with SMTP id j8-20020adfe508000000b0034c8adf8fc9mr3384338wrm.51.1714643816476; Thu, 02 May 2024 02:56:56 -0700 (PDT) Received: from m1x-phil.lan ([176.187.215.106]) by smtp.gmail.com with ESMTPSA id r8-20020a5d4988000000b0034cceee9051sm853767wrq.105.2024.05.02.02.56.55 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Thu, 02 May 2024 02:56:55 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= , =?utf-8?q?M?= =?utf-8?q?arc-Andr=C3=A9_Lureau?= , Thomas Huth , Paolo Bonzini , Laurent Vivier , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH v2 2/3] crypto: Restrict pkix_asn1_tab[] to crypto-tls-x509-helpers.c Date: Thu, 2 May 2024 11:56:41 +0200 Message-ID: <20240502095642.93368-3-philmd@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240502095642.93368-1-philmd@linaro.org> References: <20240502095642.93368-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::433; envelope-from=philmd@linaro.org; helo=mail-wr1-x433.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org pkix_asn1_tab[] is only accessed by crypto-tls-x509-helpers.c, rename pkix_asn1_tab.c as pkix_asn1_tab.c.inc and include it once. Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Daniel P. Berrangé --- tests/unit/crypto-tls-x509-helpers.h | 3 --- tests/unit/crypto-tls-x509-helpers.c | 6 +++++- tests/unit/{pkix_asn1_tab.c => pkix_asn1_tab.c.inc} | 5 +---- tests/qtest/meson.build | 3 +-- tests/unit/meson.build | 6 +++--- 5 files changed, 10 insertions(+), 13 deletions(-) rename tests/unit/{pkix_asn1_tab.c => pkix_asn1_tab.c.inc} (99%) diff --git a/tests/unit/crypto-tls-x509-helpers.h b/tests/unit/crypto-tls-x509-helpers.h index 247e7160eb..562c160653 100644 --- a/tests/unit/crypto-tls-x509-helpers.h +++ b/tests/unit/crypto-tls-x509-helpers.h @@ -23,7 +23,6 @@ #include #include -#include #define QCRYPTO_TLS_TEST_CLIENT_NAME "ACME QEMU Client" @@ -171,6 +170,4 @@ void test_tls_cleanup(const char *keyfile); }; \ test_tls_generate_cert(&varname, cavarname.crt) -extern const asn1_static_node pkix_asn1_tab[]; - #endif diff --git a/tests/unit/crypto-tls-x509-helpers.c b/tests/unit/crypto-tls-x509-helpers.c index e9937f60d8..3e74ec5b5d 100644 --- a/tests/unit/crypto-tls-x509-helpers.c +++ b/tests/unit/crypto-tls-x509-helpers.c @@ -20,15 +20,19 @@ #include "qemu/osdep.h" +#include + #include "crypto-tls-x509-helpers.h" #include "crypto/init.h" #include "qemu/sockets.h" +#include "pkix_asn1_tab.c.inc" + /* * This stores some static data that is needed when * encoding extensions in the x509 certs */ -asn1_node pkix_asn1; +static asn1_node pkix_asn1; /* * To avoid consuming random entropy to generate keys, diff --git a/tests/unit/pkix_asn1_tab.c b/tests/unit/pkix_asn1_tab.c.inc similarity index 99% rename from tests/unit/pkix_asn1_tab.c rename to tests/unit/pkix_asn1_tab.c.inc index 89521408a1..fe29c4102a 100644 --- a/tests/unit/pkix_asn1_tab.c +++ b/tests/unit/pkix_asn1_tab.c.inc @@ -3,10 +3,7 @@ * and is under copyright of various GNUTLS contributors. */ -#include "qemu/osdep.h" -#include "crypto-tls-x509-helpers.h" - -const asn1_static_node pkix_asn1_tab[] = { +static const asn1_static_node pkix_asn1_tab[] = { {"PKIX1", 536875024, 0}, {0, 1073741836, 0}, {"id-ce", 1879048204, 0}, diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build index b128fa5a4b..f16931f82e 100644 --- a/tests/qtest/meson.build +++ b/tests/qtest/meson.build @@ -314,8 +314,7 @@ if gnutls.found() migration_files += [files('../unit/crypto-tls-psk-helpers.c'), gnutls] if tasn1.found() - migration_files += [files('../unit/crypto-tls-x509-helpers.c', - '../unit/pkix_asn1_tab.c'), tasn1] + migration_files += [files('../unit/crypto-tls-x509-helpers.c'), tasn1] endif endif diff --git a/tests/unit/meson.build b/tests/unit/meson.build index 26c109c968..490ab8182d 100644 --- a/tests/unit/meson.build +++ b/tests/unit/meson.build @@ -99,11 +99,11 @@ if have_block tasn1.found() and \ host_os != 'windows' tests += { - 'test-crypto-tlscredsx509': ['crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', + 'test-crypto-tlscredsx509': ['crypto-tls-x509-helpers.c', tasn1, crypto, gnutls], - 'test-crypto-tlssession': ['crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', 'crypto-tls-psk-helpers.c', + 'test-crypto-tlssession': ['crypto-tls-x509-helpers.c', 'crypto-tls-psk-helpers.c', tasn1, crypto, gnutls], - 'test-io-channel-tls': ['io-channel-helpers.c', 'crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', + 'test-io-channel-tls': ['io-channel-helpers.c', 'crypto-tls-x509-helpers.c', tasn1, io, crypto, gnutls]} endif if pam.found()