build: move nm-crypto to separate directory "src/libnm-crypto"

libnm-core currently has a dependency on crypto libraries (either
"gnutls", "nss" or "null"). We need this huge dependency for few cases.

Move the crypto code to a separate static library"src/libnm-crypto/libnm-crypto.la".
The reasoning is that it becomes clearer where we have this dependency,
to use it more consciously, and to be better see how it's used.

We clearly need the crypto functionality in libnm. But do we also need
it in the daemon? Could we ever link the daemon without crypto libraries?

The goal of splitting the crypto part out, to better understand the
crypto dependency.

Makefile.am

@@ -110,11 +110,15 @@ include config-extra.h.mk
 
 DISTCLEANFILES += config-extra.h
 
-$(src_libnm_core_public_mkenums_h):                 config-extra.h
 $(src_libnm_core_public_mkenums_c):                 config-extra.h
-src/libnm-core-impl/.dirstamp:                      config-extra.h
-src/libnm-core-impl/.dirstamp:                      config-extra.h
+$(src_libnm_core_public_mkenums_h):                 config-extra.h
+src/core/dhcp/.dirstamp:                            config-extra.h
 src/libnm-base/.dirstamp:                           config-extra.h
+src/libnm-client-public/.dirstamp:                  config-extra.h
+src/libnm-client-public/.dirstamp:                  config-extra.h
+src/libnm-core-impl/.dirstamp:                      config-extra.h
+src/libnm-core-impl/.dirstamp:                      config-extra.h
+src/libnm-crypto/.dirstamp:                         config-extra.h
 src/libnm-glib-aux/.dirstamp:                       config-extra.h
 src/libnm-glib-aux/tests/.dirstamp:                 config-extra.h
 src/libnm-log-core/.dirstamp:                       config-extra.h
@@ -124,14 +128,11 @@ src/libnm-platform/tests/.dirstamp:                 config-extra.h
 src/libnm-platform/wifi/.dirstamp:                  config-extra.h
 src/libnm-platform/wpan/.dirstamp:                  config-extra.h
 src/libnm-std-aux/.dirstamp:                        config-extra.h
-src/libnm-udev-aux/.dirstamp:                       config-extra.h
 src/libnm-systemd-shared/.dirstamp:                 config-extra.h
 src/libnm-systemd-shared/src/basic/.dirstamp:       config-extra.h
 src/libnm-systemd-shared/src/fundamental/.dirstamp: config-extra.h
 src/libnm-systemd-shared/src/shared/.dirstamp:      config-extra.h
-src/libnm-client-public/.dirstamp:                  config-extra.h
-src/libnm-client-public/.dirstamp:                  config-extra.h
-src/core/dhcp/.dirstamp:                            config-extra.h
+src/libnm-udev-aux/.dirstamp:                       config-extra.h
 
 ###############################################################################
 
@@ -1242,8 +1243,6 @@ src_libnm_core_public_mkenums_h = \
 	$(NULL)
 src_libnm_core_impl_lib_h_priv = \
 	src/libnm-core-impl/nm-connection-private.h \
-	src/libnm-core-impl/nm-crypto-impl.h \
-	src/libnm-core-impl/nm-crypto.h \
 	src/libnm-core-impl/nm-default-libnm-core.h \
 	src/libnm-core-impl/nm-property-compare.h \
 	src/libnm-core-impl/nm-setting-private.h \
@@ -1313,7 +1312,6 @@ src_libnm_core_impl_lib_c_settings_real = \
 src_libnm_core_impl_lib_c_real = \
 	$(src_libnm_core_impl_lib_c_settings_real) \
 	src/libnm-core-impl/nm-connection.c \
-	src/libnm-core-impl/nm-crypto.c \
 	src/libnm-core-impl/nm-dbus-utils.c \
 	src/libnm-core-impl/nm-errors.c \
 	src/libnm-core-impl/nm-keyfile-utils.c \
@@ -1414,8 +1412,6 @@ src_libnm_core_impl_libnm_core_impl_la_LDFLAGS = \
 	$(NULL)
 
 EXTRA_DIST += \
-	src/libnm-core-impl/nm-crypto-gnutls.c \
-	src/libnm-core-impl/nm-crypto-nss.c \
 	src/libnm-core-impl/meson.build \
 	$(NULL)
 
@@ -1437,62 +1433,93 @@ dist_dependencies += \
 
 ###############################################################################
 
+noinst_LTLIBRARIES += src/libnm-crypto/libnm-crypto.la
+
+src_libnm_crypto_libnm_crypto_la_SOURCES = \
+	src/libnm-crypto/nm-crypto-impl.h \
+	src/libnm-crypto/nm-crypto.c \
+	src/libnm-crypto/nm-crypto.h \
+	$(NULL)
+
+src_libnm_crypto_libnm_crypto_la_CPPFLAGS = \
+	$(dflt_cppflags_libnm_core) \
+	$(NULL)
+
+src_libnm_crypto_libnm_crypto_la_LIBADD = \
+	$(GLIB_LIBS) \
+	$(NULL)
+
+src_libnm_crypto_libnm_crypto_la_LDFLAGS = \
+	$(CODE_COVERAGE_LDFLAGS) \
+	$(SANITIZER_LIB_LDFLAGS) \
+	$(NULL)
+
 if HAVE_CRYPTO_GNUTLS
 if WITH_GNUTLS
-libnm_crypto_lib = src/libnm-core-impl/libnm-crypto-gnutls.la
+libnm_crypto_lib = src/libnm-crypto/libnm-crypto-gnutls.la
 else
-check_ltlibraries += src/libnm-core-impl/libnm-crypto-gnutls.la
+check_ltlibraries += src/libnm-crypto/libnm-crypto-gnutls.la
 endif
 
-src_libnm_core_impl_libnm_crypto_gnutls_la_SOURCES = src/libnm-core-impl/nm-crypto-gnutls.c
-src_libnm_core_impl_libnm_crypto_gnutls_la_CPPFLAGS = \
+src_libnm_crypto_libnm_crypto_gnutls_la_SOURCES = src/libnm-crypto/nm-crypto-gnutls.c
+src_libnm_crypto_libnm_crypto_gnutls_la_CPPFLAGS = \
 	$(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) \
 	$(GNUTLS_CFLAGS)
-src_libnm_core_impl_libnm_crypto_gnutls_la_LDFLAGS = \
+src_libnm_crypto_libnm_crypto_gnutls_la_LDFLAGS = \
 	$(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS)
-src_libnm_core_impl_libnm_crypto_gnutls_la_LIBADD = \
+src_libnm_crypto_libnm_crypto_gnutls_la_LIBADD = \
 	$(GLIB_LIBS) \
 	$(GNUTLS_LIBS)
 endif
 
 if HAVE_CRYPTO_NSS
 if WITH_NSS
-libnm_crypto_lib = src/libnm-core-impl/libnm-crypto-nss.la
+libnm_crypto_lib = src/libnm-crypto/libnm-crypto-nss.la
 else
-check_ltlibraries += src/libnm-core-impl/libnm-crypto-nss.la
+check_ltlibraries += src/libnm-crypto/libnm-crypto-nss.la
 endif
 
-src_libnm_core_impl_libnm_crypto_nss_la_SOURCES = src/libnm-core-impl/nm-crypto-nss.c
-src_libnm_core_impl_libnm_crypto_nss_la_CPPFLAGS = \
+src_libnm_crypto_libnm_crypto_nss_la_SOURCES = src/libnm-crypto/nm-crypto-nss.c
+src_libnm_crypto_libnm_crypto_nss_la_CPPFLAGS = \
 	$(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) \
 	$(NSS_CFLAGS)
-src_libnm_core_impl_libnm_crypto_nss_la_LDFLAGS = \
+src_libnm_crypto_libnm_crypto_nss_la_LDFLAGS = \
 	$(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS)
-src_libnm_core_impl_libnm_crypto_nss_la_LIBADD = \
+src_libnm_crypto_libnm_crypto_nss_la_LIBADD = \
 	$(GLIB_LIBS) \
 	$(NSS_LIBS)
 endif
 
 if !WITH_GNUTLS
 if !WITH_NSS
-libnm_crypto_lib = src/libnm-core-impl/libnm-crypto-null.la
+libnm_crypto_lib = src/libnm-crypto/libnm-crypto-null.la
 else
-check_ltlibraries += src/libnm-core-impl/libnm-crypto-null.la
+check_ltlibraries += src/libnm-crypto/libnm-crypto-null.la
 endif
 else
-check_ltlibraries += src/libnm-core-impl/libnm-crypto-null.la
+check_ltlibraries += src/libnm-crypto/libnm-crypto-null.la
 endif
 
-src_libnm_core_impl_libnm_crypto_null_la_SOURCES = src/libnm-core-impl/nm-crypto-null.c
-src_libnm_core_impl_libnm_crypto_null_la_CPPFLAGS = \
-	$(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS)
-src_libnm_core_impl_libnm_crypto_null_la_LDFLAGS = \
-	$(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS)
-src_libnm_core_impl_libnm_crypto_null_la_LIBADD = \
-	$(GLIB_LIBS)
+src_libnm_crypto_libnm_crypto_null_la_SOURCES = src/libnm-crypto/nm-crypto-null.c
+src_libnm_crypto_libnm_crypto_null_la_CPPFLAGS = \
+	$(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) \
+	$(NULL)
+src_libnm_crypto_libnm_crypto_null_la_LDFLAGS = \
+	$(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS) \
+	$(NULL)
+src_libnm_crypto_libnm_crypto_null_la_LIBADD = \
+	$(GLIB_LIBS) \
+	$(NULL)
 
 noinst_LTLIBRARIES += $(libnm_crypto_lib)
 
+EXTRA_DIST += \
+	src/libnm-crypto/README.md \
+	src/libnm-crypto/meson.build \
+	src/libnm-crypto/nm-crypto-gnutls.c \
+	src/libnm-crypto/nm-crypto-nss.c \
+	$(NULL)
+
 ###############################################################################
 
 check_programs += \
@@ -1546,6 +1573,7 @@ nodist_src_libnm_core_impl_tests_test_general_SOURCES = \
 src_libnm_core_impl_tests_ldadd = \
 	src/libnm-core-aux-extern/libnm-core-aux-extern.la \
 	src/libnm-core-impl/libnm-core-impl.la \
+	src/libnm-crypto/libnm-crypto.la \
 	$(libnm_crypto_lib) \
 	src/libnm-core-aux-intern/libnm-core-aux-intern.la \
 	src/libnm-base/libnm-base.la \
@@ -1779,6 +1807,7 @@ nodist_src_libnm_client_impl_libnm_client_impl_la_SOURCES = \
 src_libnm_client_impl_libnm_client_impl_la_LIBADD = \
 	src/libnm-core-aux-extern/libnm-core-aux-extern.la \
 	src/libnm-core-impl/libnm-core-impl.la \
+	src/libnm-crypto/libnm-crypto.la \
 	$(libnm_crypto_lib) \
 	src/libnm-core-aux-intern/libnm-core-aux-intern.la \
 	src/libnm-base/libnm-base.la \
@@ -2627,6 +2656,7 @@ src_core_libNetworkManager_la_LIBADD = \
 	src/core/libNetworkManagerBase.la \
 	src/libnm-core-aux-extern/libnm-core-aux-extern.la \
 	src/libnm-core-impl/libnm-core-impl.la \
+	src/libnm-crypto/libnm-crypto.la \
 	$(libnm_crypto_lib) \
 	src/libnm-core-aux-intern/libnm-core-aux-intern.la \
 	src/libnm-platform/libnm-platform.la \
@@ -2772,6 +2802,7 @@ src_nm_initrd_generator_nm_initrd_generator_CPPFLAGS = \
 src_nm_initrd_generator_nm_initrd_generator_LDADD = \
 	src/nm-initrd-generator/libnmi-core.la \
 	src/libnm-core-impl/libnm-core-impl.la \
+	src/libnm-crypto/libnm-crypto.la \
 	$(libnm_crypto_lib) \
 	src/libnm-core-aux-intern/libnm-core-aux-intern.la \
 	src/libnm-platform/libnm-platform.la \

po/POTFILES.in

@@ -72,10 +72,6 @@ src/libnm-client-impl/nm-vpn-service-plugin.c
 src/libnm-core-aux-extern/nm-libnm-core-aux.c
 src/libnm-core-aux-intern/nm-libnm-core-utils.c
 src/libnm-core-impl/nm-connection.c
-src/libnm-core-impl/nm-crypto-gnutls.c
-src/libnm-core-impl/nm-crypto-nss.c
-src/libnm-core-impl/nm-crypto-null.c
-src/libnm-core-impl/nm-crypto.c
 src/libnm-core-impl/nm-dbus-utils.c
 src/libnm-core-impl/nm-keyfile-utils.c
 src/libnm-core-impl/nm-keyfile.c
@@ -132,6 +128,10 @@ src/libnm-core-impl/nm-team-utils.c
 src/libnm-core-impl/nm-utils.c
 src/libnm-core-impl/nm-vpn-editor-plugin.c
 src/libnm-core-impl/nm-vpn-plugin-info.c
+src/libnm-crypto/nm-crypto-gnutls.c
+src/libnm-crypto/nm-crypto-nss.c
+src/libnm-crypto/nm-crypto-null.c
+src/libnm-crypto/nm-crypto.c
 src/libnm-glib-aux/nm-shared-utils.c
 src/libnm-log-core/nm-logging.c
 src/libnmc-base/nm-client-utils.c

src/libnm-core-impl/meson.build

@@ -2,45 +2,6 @@
 
 libnm_core_impl_inc = include_directories('.')
 
-if crypto_nss_dep.found()
-  libnm_crypto_nss = static_library(
-    'nm-crypto-nss',
-    sources: 'nm-crypto-nss.c',
-    dependencies: [
-      libnm_core_public_dep,
-      crypto_nss_dep,
-    ],
-  )
-endif
-
-if crypto_gnutls_dep.found()
-  libnm_crypto_gnutls = static_library(
-    'nm-crypto-gnutls',
-    sources: 'nm-crypto-gnutls.c',
-    dependencies: [
-      libnm_core_public_dep,
-      crypto_gnutls_dep,
-    ],
-  )
-endif
-
-libnm_crypto_null = static_library(
-  'nm-crypto-null',
-  sources: 'nm-crypto-null.c',
-  dependencies: [
-    libnm_core_public_dep,
-  ],
-)
-
-if crypto == 'nss'
-  libnm_crypto = libnm_crypto_nss
-elif crypto == 'gnutls'
-  libnm_crypto = libnm_crypto_gnutls
-else
-  assert(crypto == 'null', 'Unexpected setting "crypto=' + crypto + '"')
-  libnm_crypto = libnm_crypto_null
-endif
-
 libnm_core_settings_sources = files(
   'nm-setting-6lowpan.c',
   'nm-setting-8021x.c',
@@ -99,7 +60,6 @@ libnm_core_settings_sources = files(
 
 libnm_core_impl_sources = files(
   'nm-connection.c',
-  'nm-crypto.c',
   'nm-dbus-utils.c',
   'nm-errors.c',
   'nm-keyfile-utils.c',

src/libnm-core-impl/nm-setting-8021x.c

@@ -9,8 +9,8 @@
 #include "nm-setting-8021x.h"
 
 #include "libnm-glib-aux/nm-secret-utils.h"
+#include "libnm-crypto/nm-crypto.h"
 #include "nm-utils.h"
-#include "nm-crypto.h"
 #include "nm-utils-private.h"
 #include "nm-setting-private.h"
 #include "nm-core-enum-types.h"

src/libnm-core-impl/nm-utils.c

@@ -17,6 +17,7 @@
 #include <linux/pkt_sched.h>
 #include <linux/if_infiniband.h>
 
+#include "libnm-crypto/nm-crypto.h"
 #include "libnm-glib-aux/nm-uuid.h"
 #include "libnm-glib-aux/nm-json-aux.h"
 #include "libnm-glib-aux/nm-str-buf.h"
@@ -27,7 +28,6 @@
 #include "libnm-core-aux-intern/nm-common-macros.h"
 #include "nm-utils-private.h"
 #include "nm-setting-private.h"
-#include "nm-crypto.h"
 #include "nm-setting-bond.h"
 #include "nm-setting-bond-port.h"
 #include "nm-setting-bridge.h"

src/libnm-core-impl/tests/test-crypto.c

@@ -10,7 +10,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 
-#include "nm-crypto-impl.h"
+#include "libnm-crypto/nm-crypto-impl.h"
 #include "nm-utils.h"
 #include "nm-errors.h"
 #include "libnm-core-intern/nm-core-internal.h"

src/libnm-crypto/README.md

@@ -0,0 +1,7 @@
+libnm-crypto
+============
+
+libnm-core has a dependency on crypto code (either backed by
+"gnutls", "nss" or the "null" dummy implementation).
+
+libnm-core gets then statically linked into the daemon and into libnm.so.

src/libnm-crypto/meson.build

@@ -0,0 +1,69 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+if crypto_nss_dep.found()
+  libnm_crypto_nss = static_library(
+    'nm-crypto-nss',
+    sources: 'nm-crypto-nss.c',
+    include_directories: [
+      top_inc,
+      src_inc,
+    ],
+    dependencies: [
+      glib_dep,
+      crypto_nss_dep,
+    ],
+  )
+endif
+
+if crypto_gnutls_dep.found()
+  libnm_crypto_gnutls = static_library(
+    'nm-crypto-gnutls',
+    sources: 'nm-crypto-gnutls.c',
+    include_directories: [
+      top_inc,
+      src_inc,
+    ],
+    dependencies: [
+      glib_dep,
+      crypto_gnutls_dep,
+    ],
+  )
+endif
+
+libnm_crypto_null = static_library(
+  'nm-crypto-null',
+  sources: 'nm-crypto-null.c',
+  include_directories: [
+    top_inc,
+    src_inc,
+  ],
+  dependencies: [
+    glib_dep,
+  ],
+)
+
+if crypto == 'nss'
+  libnm_crypto_impl = libnm_crypto_nss
+elif crypto == 'gnutls'
+  libnm_crypto_impl = libnm_crypto_gnutls
+else
+  assert(crypto == 'null', 'Unexpected setting "crypto=' + crypto + '"')
+  libnm_crypto_impl = libnm_crypto_null
+endif
+
+libnm_crypto = static_library(
+  'nm-crypto',
+  sources: [
+    'nm-crypto.c',
+  ],
+  include_directories: [
+    top_inc,
+    src_inc,
+  ],
+  link_with: [
+    libnm_crypto_impl,
+  ],
+  dependencies: [
+    glib_dep,
+  ],
+)

src/libnm-crypto/nm-crypto.c

@@ -4,7 +4,7 @@
  * Copyright (C) 2007 - 2018 Red Hat, Inc.
  */
 
-#include "libnm-core-impl/nm-default-libnm-core.h"
+#include "libnm-glib-aux/nm-default-glib-i18n-lib.h"
 
 #include "nm-crypto.h"
 

src/meson.build

@@ -78,6 +78,7 @@ subdir('libnm-systemd-core')
 subdir('libnm-udev-aux')
 subdir('libnm-base')
 subdir('libnm-platform')
+subdir('libnm-crypto')
 subdir('libnm-core-public')
 subdir('libnm-core-intern')
 subdir('libnm-core-aux-intern')