Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-next-2016-06-13-v1' into staging

Merge qcrypto-next 2016/06/13 v1 # gpg: Signature made Mon 13 Jun 2016 12:43:22 BST # gpg: using RSA key 0xBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * remotes/berrange/tags/qcrypto-next-2016-06-13-v1: crypto: aes: always rename internal symbols crypto: assert that qcrypto_hash_digest_len is in range crypto: remove temp files on completion of secrets test TLS: provide slightly more information when TLS certificate loading fails Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
author: Peter Maydell 2016-06-13 14:05:02 +0200
committer: Peter Maydell 2016-06-13 14:05:02 +0200
commit: 55e5c3a2d2433bd2e1e635a7ba395f1c70341794 (patch)
tree: cfb8799987f9e2b1d26441cd985fe8d11df4a910
parent: Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20160613-tag' into... (diff)
parent: crypto: aes: always rename internal symbols (diff)
download: qemu-55e5c3a2d2433bd2e1e635a7ba395f1c70341794.tar.gz
qemu-55e5c3a2d2433bd2e1e635a7ba395f1c70341794.tar.xz
qemu-55e5c3a2d2433bd2e1e635a7ba395f1c70341794.zip
4 files changed, 18 insertions, 14 deletions
diff --git a/crypto/hash.c b/crypto/hash.c
index b90af3495a..2907bffd2e 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -36,9 +36,7 @@ static size_t qcrypto_hash_alg_size[QCRYPTO_HASH_ALG__MAX] = {
 
 size_t qcrypto_hash_digest_len(QCryptoHashAlgorithm alg)
 {
-    if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_size)) {
-        return 0;
-    }
+    assert(alg < G_N_ELEMENTS(qcrypto_hash_alg_size));
     return qcrypto_hash_alg_size[alg];
 }
 
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index 6a0179c2e1..520d34d77e 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -392,11 +392,14 @@ qcrypto_tls_creds_load_cert(QCryptoTLSCredsX509 *creds,
     gsize buflen;
     GError *gerr;
     int ret = -1;
+    int err;
 
     trace_qcrypto_tls_creds_x509_load_cert(creds, isServer, certFile);
 
-    if (gnutls_x509_crt_init(&cert) < 0) {
-        error_setg(errp, "Unable to initialize certificate");
+    err = gnutls_x509_crt_init(&cert);
+    if (err < 0) {
+        error_setg(errp, "Unable to initialize certificate: %s",
+                   gnutls_strerror(err));
         goto cleanup;
     }
 
@@ -410,11 +413,13 @@ qcrypto_tls_creds_load_cert(QCryptoTLSCredsX509 *creds,
     data.data = (unsigned char *)buf;
     data.size = strlen(buf);
 
-    if (gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM) < 0) {
+    err = gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM);
+    if (err < 0) {
         error_setg(errp, isServer ?
-                   "Unable to import server certificate %s" :
-                   "Unable to import client certificate %s",
-                   certFile);
+                   "Unable to import server certificate %s: %s" :
+                   "Unable to import client certificate %s: %s",
+                   certFile,
+                   gnutls_strerror(err));
         goto cleanup;
     }
 
diff --git a/include/crypto/aes.h b/include/crypto/aes.h
index a006da2224..12fb321b89 100644
--- a/include/crypto/aes.h
+++ b/include/crypto/aes.h
@@ -10,14 +10,13 @@ struct aes_key_st {
 };
 typedef struct aes_key_st AES_KEY;
 
-/* FreeBSD has its own AES_set_decrypt_key in -lcrypto, avoid conflicts */
-#ifdef __FreeBSD__
+/* FreeBSD/OpenSSL have their own AES functions with the same names in -lcrypto
+ * (which might be pulled in via curl), so redefine to avoid conflicts. */
 #define AES_set_encrypt_key QEMU_AES_set_encrypt_key
 #define AES_set_decrypt_key QEMU_AES_set_decrypt_key
 #define AES_encrypt QEMU_AES_encrypt
 #define AES_decrypt QEMU_AES_decrypt
 #define AES_cbc_encrypt QEMU_AES_cbc_encrypt
-#endif
 
 int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 	AES_KEY *key);
diff --git a/tests/test-crypto-secret.c b/tests/test-crypto-secret.c
index 0b1fe8dd37..13fc6c4c75 100644
--- a/tests/test-crypto-secret.c
+++ b/tests/test-crypto-secret.c
@@ -49,7 +49,7 @@ static void test_secret_indirect_good(void)
 {
     Object *sec;
     char *fname = NULL;
-    int fd = g_file_open_tmp("secretXXXXXX",
+    int fd = g_file_open_tmp("qemu-test-crypto-secret-XXXXXX",
                              &fname,
                              NULL);
 
@@ -74,6 +74,7 @@ static void test_secret_indirect_good(void)
     object_unparent(sec);
     g_free(pw);
     close(fd);
+    unlink(fname);
     g_free(fname);
 }
 
@@ -96,7 +97,7 @@ static void test_secret_indirect_emptyfile(void)
 {
     Object *sec;
     char *fname = NULL;
-    int fd = g_file_open_tmp("secretXXXXXX",
+    int fd = g_file_open_tmp("qemu-test-crypto-secretXXXXXX",
                              &fname,
                              NULL);
 
@@ -119,6 +120,7 @@ static void test_secret_indirect_emptyfile(void)
     object_unparent(sec);
     g_free(pw);
     close(fd);
+    unlink(fname);
     g_free(fname);
 }
author	Peter Maydell	2016-06-13 14:05:02 +0200
committer	Peter Maydell	2016-06-13 14:05:02 +0200
commit	55e5c3a2d2433bd2e1e635a7ba395f1c70341794 (patch)
tree	cfb8799987f9e2b1d26441cd985fe8d11df4a910
parent	Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20160613-tag' into... (diff)
parent	crypto: aes: always rename internal symbols (diff)
download	qemu-55e5c3a2d2433bd2e1e635a7ba395f1c70341794.tar.gz qemu-55e5c3a2d2433bd2e1e635a7ba395f1c70341794.tar.xz qemu-55e5c3a2d2433bd2e1e635a7ba395f1c70341794.zip