Re: [libvirt] [PATCH 1/2] configure: move gnutls check into virt-gnutls.m4

On 10/24/2016 04:40 AM, Pavel Hrdina wrote: > Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com&gt; > --- > configure.ac | 109 +----------------------------------------------------- > m4/virt-gnutls.m4 | 64 ++++++++++++++++++++++++++++++++ > 2 files changed, 66 insertions(+), 107 deletions(-) > create mode 100644 m4/virt-gnutls.m4 > I'm not quite sure what, but something in this change has broken encrypted secret capabilities as the following API is not always returning false... bool virCryptoHaveCipher(virCryptoCipher algorithm) { switch (algorithm) { case VIR_CRYPTO_CIPHER_AES256CBC: #ifdef HAVE_GNUTLS_CIPHER_ENCRYPT return true; #else return false; #endif ... Of course the virCryptoEncryptDataAESgntuls is also undefined. In order to work around short term, if I use HAVE_GNUTLS_CRYPTO_H I can at least get the API needed. Just so you know I have a customer case which I'm trying to resolve/debug that's impacted by this (naturally)! I "hand bisected" back to $ git co c290f216c47afbd4f3d1e082cdb98181675cd31e $ ./autogen.sh --system <lots of gnarly warnings about this omitted> $ grep HAVE_GNUTLS config.log | #define HAVE_GNUTLS_CRYPTO_H 1 | #define HAVE_GNUTLS_RND 1 | #define HAVE_GNUTLS_CIPHER_ENCRYPT 1 | #define HAVE_GNUTLS_CRYPTO_H 1 ... #define HAVE_GNUTLS_CRYPTO_H 1 #define HAVE_GNUTLS_RND 1 #define HAVE_GNUTLS_CIPHER_ENCRYPT 1 ... $ git co 680d2f49dad425395de627a31006cb84848cfa65 $ ./autogen.sh --system <lots of stuff ommitted> $ grep HAVE_GNUTLS config.log | #define HAVE_GNUTLS_CRYPTO_H 1 ... #define HAVE_GNUTLS_CRYPTO_H 1 ... $ Note there's no HAVE_GNUTLS_CIPHER_ENCRYPT or HAVE_GNUTLS_RND doing the similar process for some followup patches that seemed to be related produced the same results $ git co 0c62ccf927c60c9c248db52a23670ec2f9bce2b2 $ git co a55fdc3f251ab1800050505ac1e6158ee7535402 $ git co 943ddcb71205524fe2a34ca7a9b6cb3744a07555 Ironically the test for whether this functionality exists uses SKIP so as to not cause failures for environments without the gnutls_cipher_encrypt