dnl and also use nettle, because it's >= 3.0
if test "$with_gnutls" = "yes" ; then
- dnl Double probe: gnutls >= 2.12 had a configure option for gcrypt and
- dnl gnutls >= 3.0 uses only nettle. Our goal is to avoid gcrypt if we
- dnl can prove gnutls uses nettle, but it is a safe fallback to use gcrypt
- dnl if we can't prove anything.
-
- GNUTLS_GCRYPT=
- if $PKG_CONFIG --exists 'gnutls >= 3.0'; then
- GNUTLS_GCRYPT="no"
- else
- GNUTLS_GCRYPT="probe"
- fi
-
- if test "$GNUTLS_GCRYPT" = "probe"; then
- case $($PKG_CONFIG --libs --static gnutls) in
- *gcrypt*) GNUTLS_GCRYPT=yes ;;
- *nettle*) GNUTLS_GCRYPT=no ;;
- *) GNUTLS_GCRYPT=unknown ;;
- esac
- fi
-
- if test "$GNUTLS_GCRYPT" = "yes" || test "$GNUTLS_GCRYPT" = "unknown"; then
- GNUTLS_LIBS="$GNUTLS_LIBS -lgcrypt"
- dnl We're not using gcrypt deprecated features so define
- dnl GCRYPT_NO_DEPRECATED to avoid deprecated warnings
- GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DGCRYPT_NO_DEPRECATED"
- AC_DEFINE_UNQUOTED([WITH_GNUTLS_GCRYPT], 1,
- [set to 1 if it is known or assumed that GNUTLS uses gcrypt])
- fi
-
OLD_CFLAGS="$CFLAGS"
OLD_LIBS="$LIBS"
CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
#include "configmake.h"
#include "virconf.h"
#if WITH_GNUTLS
-# if WITH_GNUTLS_GCRYPT
-# include <gcrypt.h>
-# endif
# include "rpc/virnettlscontext.h"
#endif
#include "vircommand.h"
#endif
-#ifdef WITH_GNUTLS_GCRYPT
-static int
-virTLSMutexInit(void **priv)
-{
- virMutexPtr lock = NULL;
-
- if (VIR_ALLOC_QUIET(lock) < 0)
- return ENOMEM;
-
- if (virMutexInit(lock) < 0) {
- VIR_FREE(lock);
- return errno;
- }
-
- *priv = lock;
- return 0;
-}
-
-
-static int
-virTLSMutexDestroy(void **priv)
-{
- virMutexPtr lock = *priv;
- virMutexDestroy(lock);
- VIR_FREE(lock);
- return 0;
-}
-
-
-static int
-virTLSMutexLock(void **priv)
-{
- virMutexPtr lock = *priv;
- virMutexLock(lock);
- return 0;
-}
-
-
-static int
-virTLSMutexUnlock(void **priv)
-{
- virMutexPtr lock = *priv;
- virMutexUnlock(lock);
- return 0;
-}
-
-
-static struct gcry_thread_cbs virTLSThreadImpl = {
- /* GCRY_THREAD_OPTION_VERSION was added in gcrypt 1.4.2 */
-# ifdef GCRY_THREAD_OPTION_VERSION
- (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)),
-# else
- GCRY_THREAD_OPTION_PTHREAD,
-# endif
- NULL,
- virTLSMutexInit,
- virTLSMutexDestroy,
- virTLSMutexLock,
- virTLSMutexUnlock,
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-#endif /* WITH_GNUTLS_GCRYPT */
-
-
static bool virGlobalError;
static virOnceControl virGlobalOnce = VIR_ONCE_CONTROL_INITIALIZER;
}
#endif
-#ifdef WITH_GNUTLS_GCRYPT
- /*
- * This sequence of API calls it copied exactly from
- * gnutls 2.12.23 source lib/gcrypt/init.c, with
- * exception that GCRYCTL_ENABLE_QUICK_RANDOM, is
- * dropped
- */
- if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0) {
- gcry_control(GCRYCTL_SET_THREAD_CBS, &virTLSThreadImpl);
- gcry_check_version(NULL);
-
- gcry_control(GCRYCTL_DISABLE_SECMEM, NULL, 0);
- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
- }
-#endif
-
virLogSetFromEnv();
#ifdef WITH_GNUTLS
projects / libvirt.git / commitdiff