Misc sockets, crypto and VNC fixes

* Fix rare EADDRINUSE failures on OpenBSD platforms seen
   with migration
 * Fix & test overwriting of hash output buffer
 * Close connection instead of returning empty SASL mechlist to
   VNC clients
 * Fix handling of SASL SSF on VNC server UNIX sockets
 * Fix handling of NULL SASL server data in VNC server
 * Validate trailing NUL padding byte from SASL client
 * Fix & test AF_ALG crypto backend build
 * Remove unused code in sockets and crypto subsystems
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmcXscUACgkQvobrtBUQ
 T9+S+Q//W9fywFY42VnsPqIAi7Q+QPDvXrPVVQ1z817hcyxdMVWC+eAg97i3QsE8
 f/+nwrigV9CIv9jqdBdMUIRLm4XhyuDspksgBAQUJ1XYmmVSmFwh2ej31m/qI8fK
 fu0v6N6udkcg+5eoWEOL873hKAA+vjq30tM5Zp74fMHZahnvgjThgaJY6Z6OsCyX
 6Pgxl3Z1gym1IqQFz0nOdTMnzsQrAJbV8z2FWMKgHayg01nVoXlo5FMnNgIdItJC
 v+4qX5sfRJIENJcRKMNY4dQUqbO1004+HXECLbge8pR7vsUli06xjLBkSbt/9M6r
 x3lfDGKavPrKfsPk1H+eTlge/43IjJk+mXMgZxmyvrvgnyVulxRvz7ABKJ+VBUeq
 CDrAuAK4tm5BIxKu6cg4CcmlqsDXwq6Sb+NdsbxTv0Deop73WZR3HCamRNU1JXkA
 eXBY4QSuVA96s5TnlfZWZytIY9NmyjN48ov+ly2fOkbv/xxoUNFBY8TApSJZ/Veo
 4EvGlIfgxjv668n/2eyt67E00dGC3idTbaWYeGjgUKVyNPpxicDOnM3NTwMP3/0k
 DZbvfoJcwfhPVoFMdV7ZvJKA3i8v11HdaEI0urfjm5nJWbyik6+++skan9F/femL
 eRTnH2hr5sUV+eQAl2YhGuBElLmKf/HqTCeNs3lwrUQsnb9bPNc=
 =fK8K
 -----END PGP SIGNATURE-----

Merge tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu into staging

Misc sockets, crypto and VNC fixes

* Fix rare EADDRINUSE failures on OpenBSD platforms seen
  with migration
* Fix & test overwriting of hash output buffer
* Close connection instead of returning empty SASL mechlist to
  VNC clients
* Fix handling of SASL SSF on VNC server UNIX sockets
* Fix handling of NULL SASL server data in VNC server
* Validate trailing NUL padding byte from SASL client
* Fix & test AF_ALG crypto backend build
* Remove unused code in sockets and crypto subsystems

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmcXscUACgkQvobrtBUQ
# T9+S+Q//W9fywFY42VnsPqIAi7Q+QPDvXrPVVQ1z817hcyxdMVWC+eAg97i3QsE8
# f/+nwrigV9CIv9jqdBdMUIRLm4XhyuDspksgBAQUJ1XYmmVSmFwh2ej31m/qI8fK
# fu0v6N6udkcg+5eoWEOL873hKAA+vjq30tM5Zp74fMHZahnvgjThgaJY6Z6OsCyX
# 6Pgxl3Z1gym1IqQFz0nOdTMnzsQrAJbV8z2FWMKgHayg01nVoXlo5FMnNgIdItJC
# v+4qX5sfRJIENJcRKMNY4dQUqbO1004+HXECLbge8pR7vsUli06xjLBkSbt/9M6r
# x3lfDGKavPrKfsPk1H+eTlge/43IjJk+mXMgZxmyvrvgnyVulxRvz7ABKJ+VBUeq
# CDrAuAK4tm5BIxKu6cg4CcmlqsDXwq6Sb+NdsbxTv0Deop73WZR3HCamRNU1JXkA
# eXBY4QSuVA96s5TnlfZWZytIY9NmyjN48ov+ly2fOkbv/xxoUNFBY8TApSJZ/Veo
# 4EvGlIfgxjv668n/2eyt67E00dGC3idTbaWYeGjgUKVyNPpxicDOnM3NTwMP3/0k
# DZbvfoJcwfhPVoFMdV7ZvJKA3i8v11HdaEI0urfjm5nJWbyik6+++skan9F/femL
# eRTnH2hr5sUV+eQAl2YhGuBElLmKf/HqTCeNs3lwrUQsnb9bPNc=
# =fK8K
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 22 Oct 2024 15:08:05 BST
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu:
  gitlab: enable afalg tests in fedora system test
  ui: validate NUL byte padding in SASL client data more strictly
  ui: fix handling of NULL SASL server data
  ui/vnc: don't check for SSF after SASL authentication on UNIX sockets
  ui/vnc: fix skipping SASL SSF on UNIX sockets
  ui/vnc: don't raise error formatting socket address for non-inet
  ui/vnc: don't return an empty SASL mechlist to the client
  crypto/hash-afalg: Fix broken build
  include/crypto: clarify @result/@result_len for hash/hmac APIs
  tests: correctly validate result buffer in hash/hmac tests
  crypto/hash: avoid overwriting user supplied result pointer
  util: don't set SO_REUSEADDR on client sockets
  sockets: Remove deadcode
  crypto: Remove unused DER string functions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests/unit/test-crypto-hash.c

@@ -123,7 +123,7 @@ static void test_hash_prealloc(void)
     size_t i;
 
     for (i = 0; i < G_N_ELEMENTS(expected_outputs) ; i++) {
-        uint8_t *result;
+        uint8_t *result, *origresult;
         size_t resultlen;
         int ret;
         size_t j;
@@ -133,7 +133,7 @@ static void test_hash_prealloc(void)
         }
 
         resultlen = expected_lens[i];
-        result = g_new0(uint8_t, resultlen);
+        origresult = result = g_new0(uint8_t, resultlen);
 
         ret = qcrypto_hash_bytes(i,
                                  INPUT_TEXT,
@@ -142,7 +142,8 @@ static void test_hash_prealloc(void)
                                  &resultlen,
                                  &error_fatal);
         g_assert(ret == 0);
-
+        /* Validate that our pre-allocated pointer was not replaced */
+        g_assert(result == origresult);
         g_assert(resultlen == expected_lens[i]);
         for (j = 0; j < resultlen; j++) {
             g_assert(expected_outputs[i][j * 2] == hex[(result[j] >> 4) & 0xf]);

tests/unit/test-crypto-hmac.c

@@ -126,7 +126,7 @@ static void test_hmac_prealloc(void)
     for (i = 0; i < G_N_ELEMENTS(test_data); i++) {
         QCryptoHmacTestData *data = &test_data[i];
         QCryptoHmac *hmac = NULL;
-        uint8_t *result = NULL;
+        uint8_t *result = NULL, *origresult = NULL;
         size_t resultlen = 0;
         const char *exp_output = NULL;
         int ret;
@@ -139,7 +139,7 @@ static void test_hmac_prealloc(void)
         exp_output = data->hex_digest;
 
         resultlen = strlen(exp_output) / 2;
-        result = g_new0(uint8_t, resultlen);
+        origresult = result = g_new0(uint8_t, resultlen);
 
         hmac = qcrypto_hmac_new(data->alg, (const uint8_t *)KEY,
                                 strlen(KEY), &error_fatal);
@@ -149,6 +149,8 @@ static void test_hmac_prealloc(void)
                                  strlen(INPUT_TEXT), &result,
                                  &resultlen, &error_fatal);
         g_assert(ret == 0);
+        /* Validate that our pre-allocated pointer was not replaced */
+        g_assert(result == origresult);
 
         exp_output = data->hex_digest;
         for (j = 0; j < resultlen; j++) {