From 901787e06fe35bbcd8dfbb622a9e4c9b97a37698 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 18 Mar 2022 18:12:54 +0100 Subject: [PATCH] build: move nm-crypto to separate directory "src/libnm-crypto" libnm-core currently has a dependency on crypto libraries (either "gnutls", "nss" or "null"). We need this huge dependency for few cases. Move the crypto code to a separate static library"src/libnm-crypto/libnm-crypto.la". The reasoning is that it becomes clearer where we have this dependency, to use it more consciously, and to be better see how it's used. We clearly need the crypto functionality in libnm. But do we also need it in the daemon? Could we ever link the daemon without crypto libraries? The goal of splitting the crypto part out, to better understand the crypto dependency. --- Makefile.am | 99 ++++++++++++------- po/POTFILES.in | 8 +- src/libnm-core-impl/meson.build | 40 -------- src/libnm-core-impl/nm-setting-8021x.c | 2 +- src/libnm-core-impl/nm-utils.c | 2 +- src/libnm-core-impl/tests/test-crypto.c | 2 +- src/libnm-crypto/README.md | 7 ++ src/libnm-crypto/meson.build | 69 +++++++++++++ .../nm-crypto-gnutls.c | 0 .../nm-crypto-impl.h | 0 .../nm-crypto-nss.c | 0 .../nm-crypto-null.c | 0 .../nm-crypto.c | 2 +- .../nm-crypto.h | 0 src/meson.build | 1 + 15 files changed, 150 insertions(+), 82 deletions(-) create mode 100644 src/libnm-crypto/README.md create mode 100644 src/libnm-crypto/meson.build rename src/{libnm-core-impl => libnm-crypto}/nm-crypto-gnutls.c (100%) rename src/{libnm-core-impl => libnm-crypto}/nm-crypto-impl.h (100%) rename src/{libnm-core-impl => libnm-crypto}/nm-crypto-nss.c (100%) rename src/{libnm-core-impl => libnm-crypto}/nm-crypto-null.c (100%) rename src/{libnm-core-impl => libnm-crypto}/nm-crypto.c (99%) rename src/{libnm-core-impl => libnm-crypto}/nm-crypto.h (100%) diff --git a/Makefile.am b/Makefile.am index c5469b62cd..c7d5c934e3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -110,11 +110,15 @@ include config-extra.h.mk DISTCLEANFILES += config-extra.h -$(src_libnm_core_public_mkenums_h): config-extra.h $(src_libnm_core_public_mkenums_c): config-extra.h -src/libnm-core-impl/.dirstamp: config-extra.h -src/libnm-core-impl/.dirstamp: config-extra.h +$(src_libnm_core_public_mkenums_h): config-extra.h +src/core/dhcp/.dirstamp: config-extra.h src/libnm-base/.dirstamp: config-extra.h +src/libnm-client-public/.dirstamp: config-extra.h +src/libnm-client-public/.dirstamp: config-extra.h +src/libnm-core-impl/.dirstamp: config-extra.h +src/libnm-core-impl/.dirstamp: config-extra.h +src/libnm-crypto/.dirstamp: config-extra.h src/libnm-glib-aux/.dirstamp: config-extra.h src/libnm-glib-aux/tests/.dirstamp: config-extra.h src/libnm-log-core/.dirstamp: config-extra.h @@ -124,14 +128,11 @@ src/libnm-platform/tests/.dirstamp: config-extra.h src/libnm-platform/wifi/.dirstamp: config-extra.h src/libnm-platform/wpan/.dirstamp: config-extra.h src/libnm-std-aux/.dirstamp: config-extra.h -src/libnm-udev-aux/.dirstamp: config-extra.h src/libnm-systemd-shared/.dirstamp: config-extra.h src/libnm-systemd-shared/src/basic/.dirstamp: config-extra.h src/libnm-systemd-shared/src/fundamental/.dirstamp: config-extra.h src/libnm-systemd-shared/src/shared/.dirstamp: config-extra.h -src/libnm-client-public/.dirstamp: config-extra.h -src/libnm-client-public/.dirstamp: config-extra.h -src/core/dhcp/.dirstamp: config-extra.h +src/libnm-udev-aux/.dirstamp: config-extra.h ############################################################################### @@ -1242,8 +1243,6 @@ src_libnm_core_public_mkenums_h = \ $(NULL) src_libnm_core_impl_lib_h_priv = \ src/libnm-core-impl/nm-connection-private.h \ - src/libnm-core-impl/nm-crypto-impl.h \ - src/libnm-core-impl/nm-crypto.h \ src/libnm-core-impl/nm-default-libnm-core.h \ src/libnm-core-impl/nm-property-compare.h \ src/libnm-core-impl/nm-setting-private.h \ @@ -1313,7 +1312,6 @@ src_libnm_core_impl_lib_c_settings_real = \ src_libnm_core_impl_lib_c_real = \ $(src_libnm_core_impl_lib_c_settings_real) \ src/libnm-core-impl/nm-connection.c \ - src/libnm-core-impl/nm-crypto.c \ src/libnm-core-impl/nm-dbus-utils.c \ src/libnm-core-impl/nm-errors.c \ src/libnm-core-impl/nm-keyfile-utils.c \ @@ -1414,8 +1412,6 @@ src_libnm_core_impl_libnm_core_impl_la_LDFLAGS = \ $(NULL) EXTRA_DIST += \ - src/libnm-core-impl/nm-crypto-gnutls.c \ - src/libnm-core-impl/nm-crypto-nss.c \ src/libnm-core-impl/meson.build \ $(NULL) @@ -1437,62 +1433,93 @@ dist_dependencies += \ ############################################################################### +noinst_LTLIBRARIES += src/libnm-crypto/libnm-crypto.la + +src_libnm_crypto_libnm_crypto_la_SOURCES = \ + src/libnm-crypto/nm-crypto-impl.h \ + src/libnm-crypto/nm-crypto.c \ + src/libnm-crypto/nm-crypto.h \ + $(NULL) + +src_libnm_crypto_libnm_crypto_la_CPPFLAGS = \ + $(dflt_cppflags_libnm_core) \ + $(NULL) + +src_libnm_crypto_libnm_crypto_la_LIBADD = \ + $(GLIB_LIBS) \ + $(NULL) + +src_libnm_crypto_libnm_crypto_la_LDFLAGS = \ + $(CODE_COVERAGE_LDFLAGS) \ + $(SANITIZER_LIB_LDFLAGS) \ + $(NULL) + if HAVE_CRYPTO_GNUTLS if WITH_GNUTLS -libnm_crypto_lib = src/libnm-core-impl/libnm-crypto-gnutls.la +libnm_crypto_lib = src/libnm-crypto/libnm-crypto-gnutls.la else -check_ltlibraries += src/libnm-core-impl/libnm-crypto-gnutls.la +check_ltlibraries += src/libnm-crypto/libnm-crypto-gnutls.la endif -src_libnm_core_impl_libnm_crypto_gnutls_la_SOURCES = src/libnm-core-impl/nm-crypto-gnutls.c -src_libnm_core_impl_libnm_crypto_gnutls_la_CPPFLAGS = \ +src_libnm_crypto_libnm_crypto_gnutls_la_SOURCES = src/libnm-crypto/nm-crypto-gnutls.c +src_libnm_crypto_libnm_crypto_gnutls_la_CPPFLAGS = \ $(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) \ $(GNUTLS_CFLAGS) -src_libnm_core_impl_libnm_crypto_gnutls_la_LDFLAGS = \ +src_libnm_crypto_libnm_crypto_gnutls_la_LDFLAGS = \ $(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS) -src_libnm_core_impl_libnm_crypto_gnutls_la_LIBADD = \ +src_libnm_crypto_libnm_crypto_gnutls_la_LIBADD = \ $(GLIB_LIBS) \ $(GNUTLS_LIBS) endif if HAVE_CRYPTO_NSS if WITH_NSS -libnm_crypto_lib = src/libnm-core-impl/libnm-crypto-nss.la +libnm_crypto_lib = src/libnm-crypto/libnm-crypto-nss.la else -check_ltlibraries += src/libnm-core-impl/libnm-crypto-nss.la +check_ltlibraries += src/libnm-crypto/libnm-crypto-nss.la endif -src_libnm_core_impl_libnm_crypto_nss_la_SOURCES = src/libnm-core-impl/nm-crypto-nss.c -src_libnm_core_impl_libnm_crypto_nss_la_CPPFLAGS = \ +src_libnm_crypto_libnm_crypto_nss_la_SOURCES = src/libnm-crypto/nm-crypto-nss.c +src_libnm_crypto_libnm_crypto_nss_la_CPPFLAGS = \ $(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) \ $(NSS_CFLAGS) -src_libnm_core_impl_libnm_crypto_nss_la_LDFLAGS = \ +src_libnm_crypto_libnm_crypto_nss_la_LDFLAGS = \ $(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS) -src_libnm_core_impl_libnm_crypto_nss_la_LIBADD = \ +src_libnm_crypto_libnm_crypto_nss_la_LIBADD = \ $(GLIB_LIBS) \ $(NSS_LIBS) endif if !WITH_GNUTLS if !WITH_NSS -libnm_crypto_lib = src/libnm-core-impl/libnm-crypto-null.la +libnm_crypto_lib = src/libnm-crypto/libnm-crypto-null.la else -check_ltlibraries += src/libnm-core-impl/libnm-crypto-null.la +check_ltlibraries += src/libnm-crypto/libnm-crypto-null.la endif else -check_ltlibraries += src/libnm-core-impl/libnm-crypto-null.la +check_ltlibraries += src/libnm-crypto/libnm-crypto-null.la endif -src_libnm_core_impl_libnm_crypto_null_la_SOURCES = src/libnm-core-impl/nm-crypto-null.c -src_libnm_core_impl_libnm_crypto_null_la_CPPFLAGS = \ - $(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) -src_libnm_core_impl_libnm_crypto_null_la_LDFLAGS = \ - $(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS) -src_libnm_core_impl_libnm_crypto_null_la_LIBADD = \ - $(GLIB_LIBS) +src_libnm_crypto_libnm_crypto_null_la_SOURCES = src/libnm-crypto/nm-crypto-null.c +src_libnm_crypto_libnm_crypto_null_la_CPPFLAGS = \ + $(src_libnm_core_impl_libnm_core_impl_la_CPPFLAGS) \ + $(NULL) +src_libnm_crypto_libnm_crypto_null_la_LDFLAGS = \ + $(src_libnm_core_impl_libnm_core_impl_la_LDFLAGS) \ + $(NULL) +src_libnm_crypto_libnm_crypto_null_la_LIBADD = \ + $(GLIB_LIBS) \ + $(NULL) noinst_LTLIBRARIES += $(libnm_crypto_lib) +EXTRA_DIST += \ + src/libnm-crypto/README.md \ + src/libnm-crypto/meson.build \ + src/libnm-crypto/nm-crypto-gnutls.c \ + src/libnm-crypto/nm-crypto-nss.c \ + $(NULL) + ############################################################################### check_programs += \ @@ -1546,6 +1573,7 @@ nodist_src_libnm_core_impl_tests_test_general_SOURCES = \ src_libnm_core_impl_tests_ldadd = \ src/libnm-core-aux-extern/libnm-core-aux-extern.la \ src/libnm-core-impl/libnm-core-impl.la \ + src/libnm-crypto/libnm-crypto.la \ $(libnm_crypto_lib) \ src/libnm-core-aux-intern/libnm-core-aux-intern.la \ src/libnm-base/libnm-base.la \ @@ -1779,6 +1807,7 @@ nodist_src_libnm_client_impl_libnm_client_impl_la_SOURCES = \ src_libnm_client_impl_libnm_client_impl_la_LIBADD = \ src/libnm-core-aux-extern/libnm-core-aux-extern.la \ src/libnm-core-impl/libnm-core-impl.la \ + src/libnm-crypto/libnm-crypto.la \ $(libnm_crypto_lib) \ src/libnm-core-aux-intern/libnm-core-aux-intern.la \ src/libnm-base/libnm-base.la \ @@ -2627,6 +2656,7 @@ src_core_libNetworkManager_la_LIBADD = \ src/core/libNetworkManagerBase.la \ src/libnm-core-aux-extern/libnm-core-aux-extern.la \ src/libnm-core-impl/libnm-core-impl.la \ + src/libnm-crypto/libnm-crypto.la \ $(libnm_crypto_lib) \ src/libnm-core-aux-intern/libnm-core-aux-intern.la \ src/libnm-platform/libnm-platform.la \ @@ -2772,6 +2802,7 @@ src_nm_initrd_generator_nm_initrd_generator_CPPFLAGS = \ src_nm_initrd_generator_nm_initrd_generator_LDADD = \ src/nm-initrd-generator/libnmi-core.la \ src/libnm-core-impl/libnm-core-impl.la \ + src/libnm-crypto/libnm-crypto.la \ $(libnm_crypto_lib) \ src/libnm-core-aux-intern/libnm-core-aux-intern.la \ src/libnm-platform/libnm-platform.la \ diff --git a/po/POTFILES.in b/po/POTFILES.in index 548ae5a1e7..151f58fca9 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -72,10 +72,6 @@ src/libnm-client-impl/nm-vpn-service-plugin.c src/libnm-core-aux-extern/nm-libnm-core-aux.c src/libnm-core-aux-intern/nm-libnm-core-utils.c src/libnm-core-impl/nm-connection.c -src/libnm-core-impl/nm-crypto-gnutls.c -src/libnm-core-impl/nm-crypto-nss.c -src/libnm-core-impl/nm-crypto-null.c -src/libnm-core-impl/nm-crypto.c src/libnm-core-impl/nm-dbus-utils.c src/libnm-core-impl/nm-keyfile-utils.c src/libnm-core-impl/nm-keyfile.c @@ -132,6 +128,10 @@ src/libnm-core-impl/nm-team-utils.c src/libnm-core-impl/nm-utils.c src/libnm-core-impl/nm-vpn-editor-plugin.c src/libnm-core-impl/nm-vpn-plugin-info.c +src/libnm-crypto/nm-crypto-gnutls.c +src/libnm-crypto/nm-crypto-nss.c +src/libnm-crypto/nm-crypto-null.c +src/libnm-crypto/nm-crypto.c src/libnm-glib-aux/nm-shared-utils.c src/libnm-log-core/nm-logging.c src/libnmc-base/nm-client-utils.c diff --git a/src/libnm-core-impl/meson.build b/src/libnm-core-impl/meson.build index 3ee044fe10..83c290857c 100644 --- a/src/libnm-core-impl/meson.build +++ b/src/libnm-core-impl/meson.build @@ -2,45 +2,6 @@ libnm_core_impl_inc = include_directories('.') -if crypto_nss_dep.found() - libnm_crypto_nss = static_library( - 'nm-crypto-nss', - sources: 'nm-crypto-nss.c', - dependencies: [ - libnm_core_public_dep, - crypto_nss_dep, - ], - ) -endif - -if crypto_gnutls_dep.found() - libnm_crypto_gnutls = static_library( - 'nm-crypto-gnutls', - sources: 'nm-crypto-gnutls.c', - dependencies: [ - libnm_core_public_dep, - crypto_gnutls_dep, - ], - ) -endif - -libnm_crypto_null = static_library( - 'nm-crypto-null', - sources: 'nm-crypto-null.c', - dependencies: [ - libnm_core_public_dep, - ], -) - -if crypto == 'nss' - libnm_crypto = libnm_crypto_nss -elif crypto == 'gnutls' - libnm_crypto = libnm_crypto_gnutls -else - assert(crypto == 'null', 'Unexpected setting "crypto=' + crypto + '"') - libnm_crypto = libnm_crypto_null -endif - libnm_core_settings_sources = files( 'nm-setting-6lowpan.c', 'nm-setting-8021x.c', @@ -99,7 +60,6 @@ libnm_core_settings_sources = files( libnm_core_impl_sources = files( 'nm-connection.c', - 'nm-crypto.c', 'nm-dbus-utils.c', 'nm-errors.c', 'nm-keyfile-utils.c', diff --git a/src/libnm-core-impl/nm-setting-8021x.c b/src/libnm-core-impl/nm-setting-8021x.c index fa0a3057fe..70cb2b56ab 100644 --- a/src/libnm-core-impl/nm-setting-8021x.c +++ b/src/libnm-core-impl/nm-setting-8021x.c @@ -9,8 +9,8 @@ #include "nm-setting-8021x.h" #include "libnm-glib-aux/nm-secret-utils.h" +#include "libnm-crypto/nm-crypto.h" #include "nm-utils.h" -#include "nm-crypto.h" #include "nm-utils-private.h" #include "nm-setting-private.h" #include "nm-core-enum-types.h" diff --git a/src/libnm-core-impl/nm-utils.c b/src/libnm-core-impl/nm-utils.c index 7135b04325..444476f651 100644 --- a/src/libnm-core-impl/nm-utils.c +++ b/src/libnm-core-impl/nm-utils.c @@ -17,6 +17,7 @@ #include #include +#include "libnm-crypto/nm-crypto.h" #include "libnm-glib-aux/nm-uuid.h" #include "libnm-glib-aux/nm-json-aux.h" #include "libnm-glib-aux/nm-str-buf.h" @@ -27,7 +28,6 @@ #include "libnm-core-aux-intern/nm-common-macros.h" #include "nm-utils-private.h" #include "nm-setting-private.h" -#include "nm-crypto.h" #include "nm-setting-bond.h" #include "nm-setting-bond-port.h" #include "nm-setting-bridge.h" diff --git a/src/libnm-core-impl/tests/test-crypto.c b/src/libnm-core-impl/tests/test-crypto.c index 8ff250cdce..cd2a2c0fdf 100644 --- a/src/libnm-core-impl/tests/test-crypto.c +++ b/src/libnm-core-impl/tests/test-crypto.c @@ -10,7 +10,7 @@ #include #include -#include "nm-crypto-impl.h" +#include "libnm-crypto/nm-crypto-impl.h" #include "nm-utils.h" #include "nm-errors.h" #include "libnm-core-intern/nm-core-internal.h" diff --git a/src/libnm-crypto/README.md b/src/libnm-crypto/README.md new file mode 100644 index 0000000000..5e83eb0188 --- /dev/null +++ b/src/libnm-crypto/README.md @@ -0,0 +1,7 @@ +libnm-crypto +============ + +libnm-core has a dependency on crypto code (either backed by +"gnutls", "nss" or the "null" dummy implementation). + +libnm-core gets then statically linked into the daemon and into libnm.so. diff --git a/src/libnm-crypto/meson.build b/src/libnm-crypto/meson.build new file mode 100644 index 0000000000..9134c929f1 --- /dev/null +++ b/src/libnm-crypto/meson.build @@ -0,0 +1,69 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +if crypto_nss_dep.found() + libnm_crypto_nss = static_library( + 'nm-crypto-nss', + sources: 'nm-crypto-nss.c', + include_directories: [ + top_inc, + src_inc, + ], + dependencies: [ + glib_dep, + crypto_nss_dep, + ], + ) +endif + +if crypto_gnutls_dep.found() + libnm_crypto_gnutls = static_library( + 'nm-crypto-gnutls', + sources: 'nm-crypto-gnutls.c', + include_directories: [ + top_inc, + src_inc, + ], + dependencies: [ + glib_dep, + crypto_gnutls_dep, + ], + ) +endif + +libnm_crypto_null = static_library( + 'nm-crypto-null', + sources: 'nm-crypto-null.c', + include_directories: [ + top_inc, + src_inc, + ], + dependencies: [ + glib_dep, + ], +) + +if crypto == 'nss' + libnm_crypto_impl = libnm_crypto_nss +elif crypto == 'gnutls' + libnm_crypto_impl = libnm_crypto_gnutls +else + assert(crypto == 'null', 'Unexpected setting "crypto=' + crypto + '"') + libnm_crypto_impl = libnm_crypto_null +endif + +libnm_crypto = static_library( + 'nm-crypto', + sources: [ + 'nm-crypto.c', + ], + include_directories: [ + top_inc, + src_inc, + ], + link_with: [ + libnm_crypto_impl, + ], + dependencies: [ + glib_dep, + ], +) diff --git a/src/libnm-core-impl/nm-crypto-gnutls.c b/src/libnm-crypto/nm-crypto-gnutls.c similarity index 100% rename from src/libnm-core-impl/nm-crypto-gnutls.c rename to src/libnm-crypto/nm-crypto-gnutls.c diff --git a/src/libnm-core-impl/nm-crypto-impl.h b/src/libnm-crypto/nm-crypto-impl.h similarity index 100% rename from src/libnm-core-impl/nm-crypto-impl.h rename to src/libnm-crypto/nm-crypto-impl.h diff --git a/src/libnm-core-impl/nm-crypto-nss.c b/src/libnm-crypto/nm-crypto-nss.c similarity index 100% rename from src/libnm-core-impl/nm-crypto-nss.c rename to src/libnm-crypto/nm-crypto-nss.c diff --git a/src/libnm-core-impl/nm-crypto-null.c b/src/libnm-crypto/nm-crypto-null.c similarity index 100% rename from src/libnm-core-impl/nm-crypto-null.c rename to src/libnm-crypto/nm-crypto-null.c diff --git a/src/libnm-core-impl/nm-crypto.c b/src/libnm-crypto/nm-crypto.c similarity index 99% rename from src/libnm-core-impl/nm-crypto.c rename to src/libnm-crypto/nm-crypto.c index f612b5f3fe..56f297e605 100644 --- a/src/libnm-core-impl/nm-crypto.c +++ b/src/libnm-crypto/nm-crypto.c @@ -4,7 +4,7 @@ * Copyright (C) 2007 - 2018 Red Hat, Inc. */ -#include "libnm-core-impl/nm-default-libnm-core.h" +#include "libnm-glib-aux/nm-default-glib-i18n-lib.h" #include "nm-crypto.h" diff --git a/src/libnm-core-impl/nm-crypto.h b/src/libnm-crypto/nm-crypto.h similarity index 100% rename from src/libnm-core-impl/nm-crypto.h rename to src/libnm-crypto/nm-crypto.h diff --git a/src/meson.build b/src/meson.build index ab69691566..f3c87f1af3 100644 --- a/src/meson.build +++ b/src/meson.build @@ -78,6 +78,7 @@ subdir('libnm-systemd-core') subdir('libnm-udev-aux') subdir('libnm-base') subdir('libnm-platform') +subdir('libnm-crypto') subdir('libnm-core-public') subdir('libnm-core-intern') subdir('libnm-core-aux-intern')