[libvirt] [PATCH 4/8] Deprecate GNUTLS_GCRYPT

[Ján Tomko]

Now that we assume GnuTLS >= 3.0, we can ditch gcrypt support.
Introduced by <commit 6094b1f>.

Signed-off-by: Ján Tomko <jtomko at redhat.com>
---
 config-post.h     |  2 --
 m4/virt-gnutls.m4 | 29 -------------------
 src/libvirt.c     | 83 -------------------------------------------------------
 3 files changed, 114 deletions(-)

diff --git a/config-post.h b/config-post.h
index f7eba0d7ca..063e30fa37 100644
--- a/config-post.h
+++ b/config-post.h
@@ -36,7 +36,6 @@
 # undef WITH_DEVMAPPER
 # undef WITH_DTRACE_PROBES
 # undef WITH_GNUTLS
-# undef WITH_GNUTLS_GCRYPT
 # undef WITH_LIBSSH
 # undef WITH_MACVTAP
 # undef WITH_NUMACTL
@@ -62,7 +61,6 @@
 # undef WITH_DEVMAPPER
 # undef WITH_DTRACE_PROBES
 # undef WITH_GNUTLS
-# undef WITH_GNUTLS_GCRYPT
 # undef WITH_LIBSSH
 # undef WITH_MACVTAP
 # undef WITH_NUMACTL
diff --git a/m4/virt-gnutls.m4 b/m4/virt-gnutls.m4
index 13399ac766..35792c060f 100644
--- a/m4/virt-gnutls.m4
+++ b/m4/virt-gnutls.m4
@@ -29,35 +29,6 @@ AC_DEFUN([LIBVIRT_CHECK_GNUTLS],[
   dnl and also use nettle, because it's >= 3.0
 
   if test "$with_gnutls" = "yes" ; then
-    dnl Double probe: gnutls >= 2.12 had a configure option for gcrypt and
-    dnl gnutls >= 3.0 uses only nettle.  Our goal is to avoid gcrypt if we
-    dnl can prove gnutls uses nettle, but it is a safe fallback to use gcrypt
-    dnl if we can't prove anything.
-
-    GNUTLS_GCRYPT=
-    if $PKG_CONFIG --exists 'gnutls >= 3.0'; then
-      GNUTLS_GCRYPT="no"
-    else
-      GNUTLS_GCRYPT="probe"
-    fi
-
-    if test "$GNUTLS_GCRYPT" = "probe"; then
-      case $($PKG_CONFIG --libs --static gnutls) in
-        *gcrypt*) GNUTLS_GCRYPT=yes       ;;
-        *nettle*) GNUTLS_GCRYPT=no        ;;
-        *)        GNUTLS_GCRYPT=unknown   ;;
-      esac
-    fi
-
-    if test "$GNUTLS_GCRYPT" = "yes" || test "$GNUTLS_GCRYPT" = "unknown"; then
-      GNUTLS_LIBS="$GNUTLS_LIBS -lgcrypt"
-      dnl We're not using gcrypt deprecated features so define
-      dnl GCRYPT_NO_DEPRECATED to avoid deprecated warnings
-      GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DGCRYPT_NO_DEPRECATED"
-      AC_DEFINE_UNQUOTED([WITH_GNUTLS_GCRYPT], 1,
-                         [set to 1 if it is known or assumed that GNUTLS uses gcrypt])
-    fi
-
     OLD_CFLAGS="$CFLAGS"
     OLD_LIBS="$LIBS"
     CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
diff --git a/src/libvirt.c b/src/libvirt.c
index 0a81cbfb99..ffb002f4e1 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -54,9 +54,6 @@
 #include "configmake.h"
 #include "virconf.h"
 #if WITH_GNUTLS
-# if WITH_GNUTLS_GCRYPT
-#  include <gcrypt.h>
-# endif
 # include "rpc/virnettlscontext.h"
 #endif
 #include "vircommand.h"
@@ -243,70 +240,6 @@ virWinsockInit(void)
 #endif
 
 
-#ifdef WITH_GNUTLS_GCRYPT
-static int
-virTLSMutexInit(void **priv)
-{
-    virMutexPtr lock = NULL;
-
-    if (VIR_ALLOC_QUIET(lock) < 0)
-        return ENOMEM;
-
-    if (virMutexInit(lock) < 0) {
-        VIR_FREE(lock);
-        return errno;
-    }
-
-    *priv = lock;
-    return 0;
-}
-
-
-static int
-virTLSMutexDestroy(void **priv)
-{
-    virMutexPtr lock = *priv;
-    virMutexDestroy(lock);
-    VIR_FREE(lock);
-    return 0;
-}
-
-
-static int
-virTLSMutexLock(void **priv)
-{
-    virMutexPtr lock = *priv;
-    virMutexLock(lock);
-    return 0;
-}
-
-
-static int
-virTLSMutexUnlock(void **priv)
-{
-    virMutexPtr lock = *priv;
-    virMutexUnlock(lock);
-    return 0;
-}
-
-
-static struct gcry_thread_cbs virTLSThreadImpl = {
-    /* GCRY_THREAD_OPTION_VERSION was added in gcrypt 1.4.2 */
-# ifdef GCRY_THREAD_OPTION_VERSION
-    (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)),
-# else
-    GCRY_THREAD_OPTION_PTHREAD,
-# endif
-    NULL,
-    virTLSMutexInit,
-    virTLSMutexDestroy,
-    virTLSMutexLock,
-    virTLSMutexUnlock,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-#endif /* WITH_GNUTLS_GCRYPT */
-
-
 static bool virGlobalError;
 static virOnceControl virGlobalOnce = VIR_ONCE_CONTROL_INITIALIZER;
 
@@ -330,22 +263,6 @@ virGlobalInit(void)
     }
 #endif
 
-#ifdef WITH_GNUTLS_GCRYPT
-    /*
-     * This sequence of API calls it copied exactly from
-     * gnutls 2.12.23 source lib/gcrypt/init.c, with
-     * exception that GCRYCTL_ENABLE_QUICK_RANDOM, is
-     * dropped
-     */
-    if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0) {
-        gcry_control(GCRYCTL_SET_THREAD_CBS, &virTLSThreadImpl);
-        gcry_check_version(NULL);
-
-        gcry_control(GCRYCTL_DISABLE_SECMEM, NULL, 0);
-        gcry_control(GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
-    }
-#endif
-
     virLogSetFromEnv();
 
 #ifdef WITH_GNUTLS
-- 
2.16.1