We are building with GnuTLS everywhere because GnuTLS is widely
available. In addition after recent patches Libvirt relies on
GnuTLS' PRNG.
This second sentance isn't true AFAIK - we still have fallback
to /dev/urandom - GNUTLS is merely the first choice.
None the less I think its desirable to make GNUTLS mandatory
since it is on all the platforms we care about and I prefer
that we can assume a good crypto impl all the time. This mostly
frees us from worrying about fallback impls which have higher
risk of security problems.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
configure.ac | 2 --
m4/virt-gnutls.m4 | 4 ----
2 files changed, 6 deletions(-)
diff --git a/configure.ac b/configure.ac
index 5378e49c0b..e25bf0a6ec 100644
--- a/configure.ac
+++ b/configure.ac
@@ -216,7 +216,6 @@ fi
# RPC, we don't need several libraries.
if test "$with_remote" = "no" ; then
with_libvirtd=no
- with_gnutls=no
with_ssh2=no
with_sasl=no
with_libssh=no
@@ -250,7 +249,6 @@ LIBVIRT_ARG_DBUS
LIBVIRT_ARG_FIREWALLD
LIBVIRT_ARG_FUSE
LIBVIRT_ARG_GLUSTER
-LIBVIRT_ARG_GNUTLS
LIBVIRT_ARG_HAL
LIBVIRT_ARG_LIBPCAP
LIBVIRT_ARG_LIBSSH
diff --git a/m4/virt-gnutls.m4 b/m4/virt-gnutls.m4
index 426a1a0348..6829ca55cf 100644
--- a/m4/virt-gnutls.m4
+++ b/m4/virt-gnutls.m4
@@ -17,10 +17,6 @@ dnl License along with this library. If not, see
dnl <
http://www.gnu.org/licenses/>.
dnl
-AC_DEFUN([LIBVIRT_ARG_GNUTLS],[
- LIBVIRT_ARG_WITH_FEATURE([GNUTLS], [gnutls], [check], [3.2.0])
-])
-
AC_DEFUN([LIBVIRT_CHECK_GNUTLS],[
LIBVIRT_CHECK_PKG([GNUTLS], [gnutls], [3.2.0])
--
2.16.4
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list