From nobody Mon Feb  9 01:20:04 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 207.211.31.81 as permitted sender) client-ip=207.211.31.81;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1579710808; cv=none;
	d=zohomail.com; s=zohoarc;
	b=fpt5A05XEOVl4wz/h9CQWXAQ0Ni+K7YUgUtOOIwlwUBuABnhfmt8zeSQnSJQjFOW+vmtL73hdPVaLzC2oWl+OAn8f97/Rdj6ojpjBOVYNXRjl95qTm5C9yRjOVtTucUJmPbegRCGmOBIJKRpcvhng7tUXpFyqzJmAGMGRe9L1nQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1579710808;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=TLfoMlsHjQL4dxI4GHXO5QQo/yteWMjj+NYnajMVgwc=;
	b=CBnihtkF86vGY6nnOG1FDdiQerqpbxEFg+NY+RmauhvUtYdXJC1xgmxtmij7yVBouUP54LfUeckgYQV6M2jd2y3JVs54/6Wagogj9r+I7Z1HD9Tw1G2JTLq8Mz/8P8lfojbjCTO1vcXgodAxzLnYdl3lluyd+3tlqhc1Qn+vO7E=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<phrdina@redhat.com> (p=none dis=none)
 header.from=<phrdina@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com
 [207.211.31.81]) by mx.zohomail.com
	with SMTPS id 1579710808612684.449945478416;
 Wed, 22 Jan 2020 08:33:28 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-47-nqShg78NPrivCEfHcKlisA-1; Wed, 22 Jan 2020 11:33:24 -0500
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B29E98017CC;
	Wed, 22 Jan 2020 16:33:17 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 83C565C28D;
	Wed, 22 Jan 2020 16:33:14 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6B14F1809567;
	Wed, 22 Jan 2020 16:33:08 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 00MGX6H2015053 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 22 Jan 2020 11:33:06 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 8E36A8643C; Wed, 22 Jan 2020 16:33:06 +0000 (UTC)
Received: from antique-work.redhat.com (unknown [10.43.2.149])
	by smtp.corp.redhat.com (Postfix) with ESMTP id E2CE27C35A
	for <libvir-list@redhat.com>; Wed, 22 Jan 2020 16:33:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1579710807;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=TLfoMlsHjQL4dxI4GHXO5QQo/yteWMjj+NYnajMVgwc=;
	b=av19vkgJeGtFoTGScHVSNA2Y0aa8Z2V2Qg+jkBAUm6sNF+lLsHATdzSwMRB7kE9ZzLyCQC
	yKeZCqdSVijCxOkPgA6z9aKxQJ/AogCViSVXPahSsmfomoCuu9SH5dw2kcJIbLT7E6HzOG
	WvVMcqIFBHXFRBulCCrgyhFjwOPL1Kw=
From: Pavel Hrdina <phrdina@redhat.com>
To: libvir-list@redhat.com
Subject: [libvirt PATCH] src: remove WITH_GNUTLS usage
Date: Wed, 22 Jan 2020 17:33:02 +0100
Message-Id: 
 <4987b2ca48df391ece69f5c87f5c91c3541a1051.1579710763.git.phrdina@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-MC-Unique: nqShg78NPrivCEfHcKlisA-1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

Since commit <60d9ad6f1e42618fce10baeb0f02c35e5ebd5b24> we require
GnuTLS so it doesn't make sense to ifdef the code.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>=20
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/libvirt.c              |  6 +-----
 src/remote/remote_driver.c | 19 -------------------
 src/rpc/virnetclient.c     | 20 ++++----------------
 src/rpc/virnetclient.h     |  8 +-------
 src/rpc/virnetsocket.c     | 16 ----------------
 src/rpc/virnetsocket.h     |  6 +-----
 src/util/virrandom.c       | 36 ++----------------------------------
 7 files changed, 9 insertions(+), 102 deletions(-)

diff --git a/src/libvirt.c b/src/libvirt.c
index f1ffc97261..86bb6551ed 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -45,9 +45,7 @@
 #include "viralloc.h"
 #include "configmake.h"
 #include "virconf.h"
-#if WITH_GNUTLS
-# include "rpc/virnettlscontext.h"
-#endif
+#include "rpc/virnettlscontext.h"
 #include "vircommand.h"
 #include "virfile.h"
 #include "virrandom.h"
@@ -233,9 +231,7 @@ virGlobalInit(void)
=20
     virLogSetFromEnv();
=20
-#ifdef WITH_GNUTLS
     virNetTLSInit();
-#endif
=20
 #if WITH_CURL
     curl_global_init(CURL_GLOBAL_DEFAULT);
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 66472a6cc1..f6e725dcbf 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -124,9 +124,7 @@ struct private_data {
=20
     int counter; /* Serial number for RPC */
=20
-#ifdef WITH_GNUTLS
     virNetTLSContextPtr tls;
-#endif
=20
     int is_secure;              /* Secure if TLS or SASL or UNIX sockets */
     char *type;                 /* Cached return from remoteType. */
@@ -1132,7 +1130,6 @@ doRemoteOpen(virConnectPtr conn,
             virConfGetValueString(conf, "tls_priority", &tls_priority) < 0)
             goto failed;
=20
-#ifdef WITH_GNUTLS
         priv->tls =3D virNetTLSContextNewClientPath(pkipath,
                                                   geteuid() !=3D 0 ? true =
: false,
                                                   tls_priority,
@@ -1141,27 +1138,17 @@ doRemoteOpen(virConnectPtr conn,
             goto failed;
         priv->is_secure =3D 1;
         G_GNUC_FALLTHROUGH;
-#else
-        (void)tls_priority;
-        (void)sanity;
-        (void)verify;
-        virReportError(VIR_ERR_INVALID_ARG, "%s",
-                       _("GNUTLS support not available in this build"));
-        goto failed;
-#endif
=20
     case REMOTE_DRIVER_TRANSPORT_TCP:
         priv->client =3D virNetClientNewTCP(priv->hostname, port, AF_UNSPE=
C);
         if (!priv->client)
             goto failed;
=20
-#ifdef WITH_GNUTLS
         if (priv->tls) {
             VIR_DEBUG("Starting TLS session");
             if (virNetClientSetTLSSession(priv->client, priv->tls) < 0)
                 goto failed;
         }
-#endif
=20
         break;
=20
@@ -1388,10 +1375,8 @@ doRemoteOpen(virConnectPtr conn,
     priv->client =3D NULL;
     virObjectUnref(priv->closeCallback);
     priv->closeCallback =3D NULL;
-#ifdef WITH_GNUTLS
     virObjectUnref(priv->tls);
     priv->tls =3D NULL;
-#endif
=20
     VIR_FREE(priv->hostname);
     return VIR_DRV_OPEN_ERROR;
@@ -1533,10 +1518,8 @@ doRemoteClose(virConnectPtr conn, struct private_dat=
a *priv)
              (xdrproc_t) xdr_void, (char *) NULL) =3D=3D -1)
         ret =3D -1;
=20
-#ifdef WITH_GNUTLS
     virObjectUnref(priv->tls);
     priv->tls =3D NULL;
-#endif
=20
     virNetClientSetCloseCallback(priv->client,
                                  NULL,
@@ -4271,7 +4254,6 @@ remoteAuthSASL(virConnectPtr conn, struct private_dat=
a *priv,
     /* saslcb is now owned by sasl */
     saslcb =3D NULL;
=20
-# ifdef WITH_GNUTLS
     /* Initialize some connection props we care about */
     if (priv->tls) {
         if ((ssf =3D virNetClientGetTLSKeySize(priv->client)) < 0)
@@ -4283,7 +4265,6 @@ remoteAuthSASL(virConnectPtr conn, struct private_dat=
a *priv,
         if (virNetSASLSessionExtKeySize(sasl, ssf) < 0)
             goto cleanup;
     }
-# endif
=20
     /* If we've got a secure channel (TLS or UNIX sock), we don't care abo=
ut SSF */
     /* If we're not secure, then forbid any anonymous or trivially crackab=
le auth */
diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index 50489b754c..000b937cdd 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -70,9 +70,7 @@ struct _virNetClient {
     virNetSocketPtr sock;
     bool asyncIO;
=20
-#if WITH_GNUTLS
     virNetTLSSessionPtr tls;
-#endif
     char *hostname;
=20
     virNetClientProgramPtr *programs;
@@ -708,9 +706,7 @@ void virNetClientDispose(void *obj)
     if (client->sock)
         virNetSocketRemoveIOCallback(client->sock);
     virObjectUnref(client->sock);
-#if WITH_GNUTLS
     virObjectUnref(client->tls);
-#endif
 #if WITH_SASL
     virObjectUnref(client->sasl);
 #endif
@@ -750,10 +746,8 @@ virNetClientCloseLocked(virNetClientPtr client)
=20
     virObjectUnref(client->sock);
     client->sock =3D NULL;
-#if WITH_GNUTLS
     virObjectUnref(client->tls);
     client->tls =3D NULL;
-#endif
 #if WITH_SASL
     virObjectUnref(client->sasl);
     client->sasl =3D NULL;
@@ -837,7 +831,6 @@ void virNetClientSetSASLSession(virNetClientPtr client,
 #endif
=20
=20
-#if WITH_GNUTLS
 int virNetClientSetTLSSession(virNetClientPtr client,
                               virNetTLSContextPtr tls)
 {
@@ -848,12 +841,12 @@ int virNetClientSetTLSSession(virNetClientPtr client,
     sigset_t oldmask, blockedsigs;
=20
     sigemptyset(&blockedsigs);
-# ifdef SIGWINCH
+#ifdef SIGWINCH
     sigaddset(&blockedsigs, SIGWINCH);
-# endif
-# ifdef SIGCHLD
+#endif
+#ifdef SIGCHLD
     sigaddset(&blockedsigs, SIGCHLD);
-# endif
+#endif
     sigaddset(&blockedsigs, SIGPIPE);
=20
     virObjectLock(client);
@@ -940,16 +933,13 @@ int virNetClientSetTLSSession(virNetClientPtr client,
     virObjectUnlock(client);
     return -1;
 }
-#endif
=20
 bool virNetClientIsEncrypted(virNetClientPtr client)
 {
     bool ret =3D false;
     virObjectLock(client);
-#if WITH_GNUTLS
     if (client->tls)
         ret =3D true;
-#endif
 #if WITH_SASL
     if (client->sasl)
         ret =3D true;
@@ -1041,7 +1031,6 @@ const char *virNetClientRemoteAddrStringSASL(virNetCl=
ientPtr client)
     return virNetSocketRemoteAddrStringSASL(client->sock);
 }
=20
-#if WITH_GNUTLS
 int virNetClientGetTLSKeySize(virNetClientPtr client)
 {
     int ret =3D 0;
@@ -1051,7 +1040,6 @@ int virNetClientGetTLSKeySize(virNetClientPtr client)
     virObjectUnlock(client);
     return ret;
 }
-#endif
=20
 static int
 virNetClientCallDispatchReply(virNetClientPtr client)
diff --git a/src/rpc/virnetclient.h b/src/rpc/virnetclient.h
index 07b399c1a9..778910b575 100644
--- a/src/rpc/virnetclient.h
+++ b/src/rpc/virnetclient.h
@@ -20,9 +20,7 @@
=20
 #pragma once
=20
-#ifdef WITH_GNUTLS
-# include "virnettlscontext.h"
-#endif
+#include "virnettlscontext.h"
 #include "virnetmessage.h"
 #ifdef WITH_SASL
 # include "virnetsaslcontext.h"
@@ -120,10 +118,8 @@ void virNetClientSetSASLSession(virNetClientPtr client,
                                 virNetSASLSessionPtr sasl);
 #endif
=20
-#ifdef WITH_GNUTLS
 int virNetClientSetTLSSession(virNetClientPtr client,
                               virNetTLSContextPtr tls);
-#endif
=20
 bool virNetClientIsEncrypted(virNetClientPtr client);
 bool virNetClientIsOpen(virNetClientPtr client);
@@ -131,9 +127,7 @@ bool virNetClientIsOpen(virNetClientPtr client);
 const char *virNetClientLocalAddrStringSASL(virNetClientPtr client);
 const char *virNetClientRemoteAddrStringSASL(virNetClientPtr client);
=20
-#ifdef WITH_GNUTLS
 int virNetClientGetTLSKeySize(virNetClientPtr client);
-#endif
=20
 void virNetClientClose(virNetClientPtr client);
=20
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 973827ebde..23384e5250 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -93,9 +93,7 @@ struct _virNetSocket {
     char *remoteAddrStrSASL;
     char *remoteAddrStrURI;
=20
-#if WITH_GNUTLS
     virNetTLSSessionPtr tlsSession;
-#endif
 #if WITH_SASL
     virNetSASLSessionPtr saslSession;
=20
@@ -1288,13 +1286,11 @@ virJSONValuePtr virNetSocketPreExecRestart(virNetSo=
cketPtr sock)
         goto error;
     }
 #endif
-#if WITH_GNUTLS
     if (sock->tlsSession) {
         virReportError(VIR_ERR_OPERATION_INVALID, "%s",
                        _("Unable to save socket state when TLS session is =
active"));
         goto error;
     }
-#endif
=20
     if (!(object =3D virJSONValueNewObject()))
         goto error;
@@ -1358,12 +1354,10 @@ void virNetSocketDispose(void *obj)
         unlink(sock->localAddr.data.un.sun_path);
 #endif
=20
-#if WITH_GNUTLS
     /* Make sure it can't send any more I/O during shutdown */
     if (sock->tlsSession)
         virNetTLSSessionSetIOCallbacks(sock->tlsSession, NULL, NULL, NULL);
     virObjectUnref(sock->tlsSession);
-#endif
 #if WITH_SASL
     virObjectUnref(sock->saslSession);
 #endif
@@ -1660,7 +1654,6 @@ const char *virNetSocketRemoteAddrStringURI(virNetSoc=
ketPtr sock)
     return sock->remoteAddrStrURI;
 }
=20
-#if WITH_GNUTLS
 static ssize_t virNetSocketTLSSessionWrite(const char *buf,
                                            size_t len,
                                            void *opaque)
@@ -1691,7 +1684,6 @@ void virNetSocketSetTLSSession(virNetSocketPtr sock,
                                    sock);
     virObjectUnlock(sock);
 }
-#endif
=20
 #if WITH_SASL
 void virNetSocketSetSASLSession(virNetSocketPtr sock,
@@ -1789,17 +1781,13 @@ static ssize_t virNetSocketReadWire(virNetSocketPtr=
 sock, char *buf, size_t len)
 #endif
=20
  reread:
-#if WITH_GNUTLS
     if (sock->tlsSession &&
         virNetTLSSessionGetHandshakeStatus(sock->tlsSession) =3D=3D
         VIR_NET_TLS_HANDSHAKE_COMPLETE) {
         ret =3D virNetTLSSessionRead(sock->tlsSession, buf, len);
     } else {
-#endif
         ret =3D read(sock->fd, buf, len);
-#if WITH_GNUTLS
     }
-#endif
=20
     if ((ret < 0) && (errno =3D=3D EINTR))
         goto reread;
@@ -1862,17 +1850,13 @@ static ssize_t virNetSocketWriteWire(virNetSocketPt=
r sock, const char *buf, size
 #endif
=20
  rewrite:
-#if WITH_GNUTLS
     if (sock->tlsSession &&
         virNetTLSSessionGetHandshakeStatus(sock->tlsSession) =3D=3D
         VIR_NET_TLS_HANDSHAKE_COMPLETE) {
         ret =3D virNetTLSSessionWrite(sock->tlsSession, buf, len);
     } else {
-#endif
         ret =3D write(sock->fd, buf, len);
-#if WITH_GNUTLS
     }
-#endif
=20
     if (ret < 0) {
         if (errno =3D=3D EINTR)
diff --git a/src/rpc/virnetsocket.h b/src/rpc/virnetsocket.h
index 8d075464cb..f2b74f3ccb 100644
--- a/src/rpc/virnetsocket.h
+++ b/src/rpc/virnetsocket.h
@@ -23,9 +23,7 @@
=20
 #include "virsocketaddr.h"
 #include "vircommand.h"
-#ifdef WITH_GNUTLS
-# include "virnettlscontext.h"
-#endif
+#include "virnettlscontext.h"
 #include "virobject.h"
 #ifdef WITH_SASL
 # include "virnetsaslcontext.h"
@@ -152,10 +150,8 @@ ssize_t virNetSocketWrite(virNetSocketPtr sock, const =
char *buf, size_t len);
 int virNetSocketSendFD(virNetSocketPtr sock, int fd);
 int virNetSocketRecvFD(virNetSocketPtr sock, int *fd);
=20
-#ifdef WITH_GNUTLS
 void virNetSocketSetTLSSession(virNetSocketPtr sock,
                                virNetTLSSessionPtr sess);
-#endif
=20
 #ifdef WITH_SASL
 void virNetSocketSetSASLSession(virNetSocketPtr sock,
diff --git a/src/util/virrandom.c b/src/util/virrandom.c
index 39ac36a76e..eae7f3db3c 100644
--- a/src/util/virrandom.c
+++ b/src/util/virrandom.c
@@ -24,10 +24,8 @@
 #include <fcntl.h>
 #include <sys/stat.h>
 #include <sys/types.h>
-#ifdef WITH_GNUTLS
-# include <gnutls/gnutls.h>
-# include <gnutls/crypto.h>
-#endif
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
=20
 #include "virrandom.h"
 #include "virthread.h"
@@ -116,7 +114,6 @@ int
 virRandomBytes(unsigned char *buf,
                size_t buflen)
 {
-#if WITH_GNUTLS
     int rv;
=20
     /* Generate the byte stream using gnutls_rnd() if possible */
@@ -127,35 +124,6 @@ virRandomBytes(unsigned char *buf,
         return -1;
     }
=20
-#else /* !WITH_GNUTLS */
-
-    int fd;
-
-    if ((fd =3D open(RANDOM_SOURCE, O_RDONLY)) < 0) {
-        virReportSystemError(errno,
-                             _("unable to open %s"),
-                             RANDOM_SOURCE);
-        return -1;
-    }
-
-    while (buflen > 0) {
-        ssize_t n;
-
-        if ((n =3D saferead(fd, buf, buflen)) <=3D 0) {
-            virReportSystemError(errno,
-                                 _("unable to read from %s"),
-                                 RANDOM_SOURCE);
-            VIR_FORCE_CLOSE(fd);
-            return n < 0 ? -errno : -ENODATA;
-        }
-
-        buf +=3D n;
-        buflen -=3D n;
-    }
-
-    VIR_FORCE_CLOSE(fd);
-#endif /* !WITH_GNUTLS */
-
     return 0;
 }
=20
--=20
2.24.1