crypto: Restrict pkix_asn1_tab[] to crypto-tls-x509-helpers.c

pkix_asn1_tab[] is only accessed by crypto-tls-x509-helpers.c,
rename pkix_asn1_tab.c as pkix_asn1_tab.c.inc and include it once.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
[berrange: updated MAINTAINERS for changed filename]
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Philippe Mathieu-Daudé 2024-05-02 11:56:41 +02:00 committed by Daniel P. Berrangé
parent e8ad8b9987
commit 0e9bb8ad4d
6 changed files with 11 additions and 14 deletions

View File

@ -3484,7 +3484,7 @@ F: qapi/crypto.json
F: tests/unit/test-crypto-* F: tests/unit/test-crypto-*
F: tests/bench/benchmark-crypto-* F: tests/bench/benchmark-crypto-*
F: tests/unit/crypto-tls-* F: tests/unit/crypto-tls-*
F: tests/unit/pkix_asn1_tab.c F: tests/unit/pkix_asn1_tab.c.inc
F: qemu.sasl F: qemu.sasl
Coroutines Coroutines

View File

@ -322,8 +322,7 @@ if gnutls.found()
migration_files += [files('../unit/crypto-tls-psk-helpers.c'), gnutls] migration_files += [files('../unit/crypto-tls-psk-helpers.c'), gnutls]
if tasn1.found() if tasn1.found()
migration_files += [files('../unit/crypto-tls-x509-helpers.c', migration_files += [files('../unit/crypto-tls-x509-helpers.c'), tasn1]
'../unit/pkix_asn1_tab.c'), tasn1]
endif endif
endif endif

View File

@ -20,15 +20,19 @@
#include "qemu/osdep.h" #include "qemu/osdep.h"
#include <libtasn1.h>
#include "crypto-tls-x509-helpers.h" #include "crypto-tls-x509-helpers.h"
#include "crypto/init.h" #include "crypto/init.h"
#include "qemu/sockets.h" #include "qemu/sockets.h"
#include "pkix_asn1_tab.c.inc"
/* /*
* This stores some static data that is needed when * This stores some static data that is needed when
* encoding extensions in the x509 certs * encoding extensions in the x509 certs
*/ */
asn1_node pkix_asn1; static asn1_node pkix_asn1;
/* /*
* To avoid consuming random entropy to generate keys, * To avoid consuming random entropy to generate keys,

View File

@ -23,7 +23,6 @@
#include <gnutls/gnutls.h> #include <gnutls/gnutls.h>
#include <gnutls/x509.h> #include <gnutls/x509.h>
#include <libtasn1.h>
#define QCRYPTO_TLS_TEST_CLIENT_NAME "ACME QEMU Client" #define QCRYPTO_TLS_TEST_CLIENT_NAME "ACME QEMU Client"
@ -171,6 +170,4 @@ void test_tls_cleanup(const char *keyfile);
}; \ }; \
test_tls_generate_cert(&varname, cavarname.crt) test_tls_generate_cert(&varname, cavarname.crt)
extern const asn1_static_node pkix_asn1_tab[];
#endif #endif

View File

@ -99,11 +99,11 @@ if have_block
tasn1.found() and \ tasn1.found() and \
host_os != 'windows' host_os != 'windows'
tests += { tests += {
'test-crypto-tlscredsx509': ['crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', 'test-crypto-tlscredsx509': ['crypto-tls-x509-helpers.c',
tasn1, crypto, gnutls], tasn1, crypto, gnutls],
'test-crypto-tlssession': ['crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', 'crypto-tls-psk-helpers.c', 'test-crypto-tlssession': ['crypto-tls-x509-helpers.c', 'crypto-tls-psk-helpers.c',
tasn1, crypto, gnutls], tasn1, crypto, gnutls],
'test-io-channel-tls': ['io-channel-helpers.c', 'crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', 'test-io-channel-tls': ['io-channel-helpers.c', 'crypto-tls-x509-helpers.c',
tasn1, io, crypto, gnutls]} tasn1, io, crypto, gnutls]}
endif endif
if pam.found() if pam.found()

View File

@ -3,10 +3,7 @@
* and is under copyright of various GNUTLS contributors. * and is under copyright of various GNUTLS contributors.
*/ */
#include "qemu/osdep.h" static const asn1_static_node pkix_asn1_tab[] = {
#include "crypto-tls-x509-helpers.h"
const asn1_static_node pkix_asn1_tab[] = {
{"PKIX1", 536875024, 0}, {"PKIX1", 536875024, 0},
{0, 1073741836, 0}, {0, 1073741836, 0},
{"id-ce", 1879048204, 0}, {"id-ce", 1879048204, 0},