aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrangé <berrange@redhat.com>2021-07-02 17:38:33 +0100
committerDaniel P. Berrangé <berrange@redhat.com>2021-07-14 14:15:52 +0100
commit8bd0931f63008b1d50c8df75a611323a93c052bf (patch)
treed2ae2c3f09bed5b1d958a95b5ee0730de21517f1
parent8c1d3dc772352284e7f8757131f2ed3f483dd922 (diff)
crypto: prefer gnutls as the crypto backend if new enough
If we have gnutls >= 3.6.13, then it has enough functionality and performance that we can use it as the preferred crypto backend. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
-rw-r--r--meson.build59
1 files changed, 35 insertions, 24 deletions
diff --git a/meson.build b/meson.build
index 38b89d424b..073269c59f 100644
--- a/meson.build
+++ b/meson.build
@@ -846,39 +846,50 @@ if not get_option('gnutls').auto() or have_system
endif
endif
-# Gcrypt has priority over nettle
+# We prefer use of gnutls for crypto, unless the options
+# explicitly asked for nettle or gcrypt.
+#
+# If gnutls isn't available for crypto, then we'll prefer
+# gcrypt over nettle for performance reasons.
gcrypt = not_found
nettle = not_found
xts = 'none'
+
if get_option('nettle').enabled() and get_option('gcrypt').enabled()
error('Only one of gcrypt & nettle can be enabled')
-elif (not get_option('gcrypt').auto() or have_system) and not get_option('nettle').enabled()
- gcrypt = dependency('libgcrypt', version: '>=1.8',
- method: 'config-tool',
- required: get_option('gcrypt'),
- kwargs: static_kwargs)
- # Debian has removed -lgpg-error from libgcrypt-config
- # as it "spreads unnecessary dependencies" which in
- # turn breaks static builds...
- if gcrypt.found() and enable_static
- gcrypt = declare_dependency(dependencies: [
- gcrypt,
- cc.find_library('gpg-error', required: true, kwargs: static_kwargs)])
- endif
-endif
-if (not get_option('nettle').auto() or have_system) and not gcrypt.found()
- nettle = dependency('nettle', version: '>=3.4',
- method: 'pkg-config',
- required: get_option('nettle'),
- kwargs: static_kwargs)
- if nettle.found() and not cc.has_header('nettle/xts.h', dependencies: nettle)
- xts = 'private'
- endif
endif
-if gcrypt.found() or nettle.found()
+
+# Explicit nettle/gcrypt request, so ignore gnutls for crypto
+if get_option('nettle').enabled() or get_option('gcrypt').enabled()
gnutls_crypto = not_found
endif
+if not gnutls_crypto.found()
+ if (not get_option('gcrypt').auto() or have_system) and not get_option('nettle').enabled()
+ gcrypt = dependency('libgcrypt', version: '>=1.8',
+ method: 'config-tool',
+ required: get_option('gcrypt'),
+ kwargs: static_kwargs)
+ # Debian has removed -lgpg-error from libgcrypt-config
+ # as it "spreads unnecessary dependencies" which in
+ # turn breaks static builds...
+ if gcrypt.found() and enable_static
+ gcrypt = declare_dependency(dependencies: [
+ gcrypt,
+ cc.find_library('gpg-error', required: true, kwargs: static_kwargs)])
+ endif
+ endif
+ if (not get_option('nettle').auto() or have_system) and not gcrypt.found()
+ nettle = dependency('nettle', version: '>=3.4',
+ method: 'pkg-config',
+ required: get_option('nettle'),
+ kwargs: static_kwargs)
+ if nettle.found() and not cc.has_header('nettle/xts.h', dependencies: nettle)
+ xts = 'private'
+ endif
+ endif
+endif
+
gtk = not_found
gtkx11 = not_found
vte = not_found