[gtk-vnc] Fix initialization of gcrypt threading dependant on gnutls

[Daniel P. Berrange <dberrange src gnome org>]

commit 61cf2ff379edf3daeec135a68ff54bf8f3767cc1
Author: Daniel P. Berrange <berrange redhat com>
Date:   Fri Feb 6 12:43:01 2015 +0000

    Fix initialization of gcrypt threading dependant on gnutls
    
    For GNUTLS 2.12, if it uses gcrypt, we must not initialize
    gcrypt threading ourselves.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=734858
    
    Signed-off-by: Daniel P. Berrange <berrange redhat com>

 configure.ac        |   16 ++++++++++++++++
 src/vncconnection.c |   43 +++++++++++++++++++++++++++++++++++++++----
 2 files changed, 55 insertions(+), 4 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index bd4bb4e..5d73351 100644
--- a/configure.ac
+++ b/configure.ac
@@ -250,6 +250,22 @@ PKG_CHECK_MODULES(GNUTLS, gnutls >= $GNUTLS_REQUIRED)
 AC_SUBST(GNUTLS_CFLAGS)
 AC_SUBST(GNUTLS_LIBS)
 
+if $PKG_CONFIG --exists 'gnutls >= 3.0'; then
+    GNUTLS_GCRYPT=no
+elif $PKG_CONFIG --exists 'gnutls >= 2.12'; then
+    case `$PKG_CONFIG --libs --static gnutls` in
+      *gcrypt*) GNUTLS_GCRYPT=yes     ;;
+      *nettle*) GNUTLS_GCRYPT=no      ;;
+      *)        GNUTLS_GCRYPT=yes     ;;
+    esac
+else
+    GNUTLS_GCRYPT=yes
+fi
+if test "x$GNUTLS_GCRYPT" = "xyes"; then
+  AC_DEFINE_UNQUOTED([HAVE_GNUTLS_GCRYPT], [1], [whether gnutls uses gcrypt])
+fi
+
+
 dnl Cyrus SASL
 AC_ARG_WITH([sasl],
   [AS_HELP_STRING([--with-sasl],
diff --git a/src/vncconnection.c b/src/vncconnection.c
index ca4d239..72dea89 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -61,6 +61,41 @@
 #define g_mutex_free(m) g_free(m)
 #endif
 
+/*
+ * When GNUTLS >= 2.12, we must not initialize gcrypt threading
+ * because GNUTLS will do that itself, *provided* it is built
+ * against gcrypt, and not nettle.
+ * When GNUTLS < 2.12 we must always initialize gcrypt threading
+ * When GNUTLS > 3.0 we must always initialize gcrypt threading
+ *
+ * But....
+ *
+ * When gcrypt >= 1.6.0 we must not initialize gcrypt threading
+ * because gcrypt will do that itself.
+ *
+ * So we need to init grypt threading if
+ *
+ *   - gcrypt < 1.6.0
+ *
+ *   and either
+ *
+ *   - gnutls does not use gcrypt
+ *
+ *   or
+ *
+ *   - gnutls < 2.12
+ */
+#if ((!defined(HAVE_GNUTLS_GCRYPT) ||            \
+      !defined(GNUTLS_VERSION_NUMBER) ||         \
+      (GNUTLS_VERSION_NUMBER < 0x020c00)) &&     \
+     (!defined(GCRYPT_VERSION_NUMBER) ||         \
+      (GCRYPT_VERSION_NUMBER < 0x010600)))
+#define VNC_INIT_GCRYPT_THREADING
+#else
+#undef VNC_INIT_GCRYPT_THREADING
+#endif
+
+
 struct wait_queue
 {
     gboolean waiting;
@@ -1171,7 +1206,7 @@ static void vnc_connection_debug_gnutls_log(int level, const char* str) {
 }
 #endif
 
-#if !defined(GCRYPT_VERSION_NUMBER) || (GCRYPT_VERSION_NUMBER < 0x010600)
+#ifdef VNC_INIT_GCRYPT_THREADING
 static int gvnc_tls_mutex_init (void **priv)
 {                                                                             \
     GMutex *lock = NULL;
@@ -1210,7 +1245,7 @@ static struct gcry_thread_cbs gvnc_thread_impl = {
     gvnc_tls_mutex_unlock,
     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
-#endif
+#endif /* VNC_INIT_GCRYPT_THREADING */
 
 
 static gboolean vnc_connection_tls_initialize(void)
@@ -1221,9 +1256,9 @@ static gboolean vnc_connection_tls_initialize(void)
         return TRUE;
 
     if (g_thread_supported()) {
-#if !defined(GCRYPT_VERSION_NUMBER) || (GCRYPT_VERSION_NUMBER < 0x010600)
+#ifdef VNC_INIT_GCRYPT_THREADING
         gcry_control(GCRYCTL_SET_THREAD_CBS, &gvnc_thread_impl);
-#endif
+#endif /* VNC_INIT_GCRYPT_THREADING */
         gcry_check_version(NULL);
     }