libnvme: reshuffle nvme_generate_tls_key_identity()

hreinecke · hreinecke · commit b43d92177556 · 2023-11-20T07:12:00.000+01:00
Reshuffle nvme_generate_tls_key_identity and move it out of the
'#ifdef CONFIG_KEYUTILS' section to avoid build failures.

Signed-off-by: Hannes Reinecke &lt;hare@suse.de&gt;
diff --git a/src/nvme/linux.c b/src/nvme/linux.c
@@ -1092,7 +1092,6 @@ static int gen_tls_identity(const char *hostnqn, const char *subsysnqn,
 }
 #endif /* !CONFIG_OPENSSL_3 */
 
-#ifdef CONFIG_KEYUTILS
 static int derive_nvme_keys(const char *hostnqn, const char *subsysnqn,
 			    char *identity, int version,
 			    int hmac, unsigned char *configured,
@@ -1101,7 +1100,7 @@ static int derive_nvme_keys(const char *hostnqn, const char *subsysnqn,
 	unsigned char *retained;
 	int ret = -1;
 
-	if (!hostnqn || !subsysnqn || !identity) {
+	if (!hostnqn || !subsysnqn || !identity || !psk) {
 		errno = EINVAL;
 		return -1;
 	}
@@ -1141,6 +1140,40 @@ static size_t nvme_identity_len(int hmac, int version, const char *hostnqn,
 	return len;
 }
 
+char *nvme_generate_tls_key_identity(const char *hostnqn, const char *subsysnqn,
+				     int version, int hmac,
+				     unsigned char *configured_key, int key_len)
+{
+	char *identity;
+	size_t identity_len;
+	unsigned char *psk;
+	int ret = -1;
+
+	identity_len = nvme_identity_len(hmac, version, hostnqn, subsysnqn);
+	if (identity_len < 0)
+		return NULL;
+
+	identity = malloc(identity_len);
+	if (!identity)
+		return NULL;
+
+	psk = malloc(key_len);
+	if (!psk)
+		goto out_free_identity;
+
+	memset(psk, 0, key_len);
+	ret = derive_nvme_keys(hostnqn, subsysnqn, identity, version, hmac,
+			       configured_key, psk, key_len);
+	free(psk);
+out_free_identity:
+	if (ret < 0) {
+		free(identity);
+		identity = NULL;
+	}
+	return identity;
+}
+
+#ifdef CONFIG_KEYUTILS
 long nvme_lookup_keyring(const char *keyring)
 {
 	key_serial_t keyring_id;
@@ -1233,38 +1266,6 @@ long nvme_insert_tls_key_versioned(const char *keyring, const char *key_type,
 	return key;
 }
 
-char *nvme_generate_tls_key_identity(const char *hostnqn, const char *subsysnqn,
-				     int version, int hmac,
-				     unsigned char *configured_key, int key_len)
-{
-	char *identity;
-	size_t identity_len;
-	unsigned char *psk;
-	int ret = -1;
-
-	identity_len = nvme_identity_len(hmac, version, hostnqn, subsysnqn);
-	if (identity_len < 0)
-		return NULL;
-
-	identity = malloc(identity_len);
-	if (!identity)
-		return NULL;
-
-	psk = malloc(key_len);
-	if (!psk)
-		goto out_free_identity;
-
-	memset(psk, 0, key_len);
-	ret = derive_nvme_keys(hostnqn, subsysnqn, identity, version, hmac,
-			       configured_key, psk, key_len);
-	free(psk);
-out_free_identity:
-	if (ret < 0) {
-		free(identity);
-		identity = NULL;
-	}
-	return identity;
-}
 #else
 long nvme_lookup_keyring(const char *keyring)
 {
@@ -1308,16 +1309,6 @@ long nvme_insert_tls_key_versioned(const char *keyring, const char *key_type,
 	errno = ENOTSUP;
 	return -1;
 }
-
-char *nvme_generate_tls_key_identity(const char *hostnqn, const char *subsysnqn,
-				     int version, int hmac,
-				     unsigned char *configured_key, int key_len)
-{
-	nvme_msg(NULL, LOG_ERR, "key operations not supported; "
-		 "recompile with keyutils support.\n");
-	errno = ENOTSUP;
-	return -1;
-}
 #endif
 
 long nvme_insert_tls_key(const char *keyring, const char *key_type,
