From 91e023d896dd5ca49dd440276f2241570acffd96 Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Thu, 28 Jan 2016 18:24:27 -0500
Subject: Move initialize_libgcrypt to separate file

It's annoying to have the exact same function in three places.
It's stored in src/shared, but it's not added to the library to
avoid the dependency on libgcrypt.
---
 src/resolve/resolved-dns-dnssec.c | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

(limited to 'src/resolve/resolved-dns-dnssec.c')

diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c
index 21cf161494..f799379efd 100644
--- a/src/resolve/resolved-dns-dnssec.c
+++ b/src/resolve/resolved-dns-dnssec.c
@@ -25,6 +25,7 @@
 
 #include "alloc-util.h"
 #include "dns-domain.h"
+#include "gcrypt-util.h"
 #include "hexdecoct.h"
 #include "resolved-dns-dnssec.h"
 #include "resolved-dns-packet.h"
@@ -128,19 +129,6 @@ int dnssec_canonicalize(const char *n, char *buffer, size_t buffer_max) {
 
 #ifdef HAVE_GCRYPT
 
-static void initialize_libgcrypt(void) {
-        const char *p;
-
-        if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
-                return;
-
-        p = gcry_check_version("1.4.5");
-        assert(p);
-
-        gcry_control(GCRYCTL_DISABLE_SECMEM);
-        gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
-}
-
 static int rr_compare(const void *a, const void *b) {
         DnsResourceRecord **x = (DnsResourceRecord**) a, **y = (DnsResourceRecord**) b;
         size_t m;
@@ -739,7 +727,7 @@ int dnssec_verify_rrset(
         qsort_safe(list, n, sizeof(DnsResourceRecord*), rr_compare);
 
         /* OK, the RRs are now in canonical order. Let's calculate the digest */
-        initialize_libgcrypt();
+        initialize_libgcrypt(false);
 
         hash_size = gcry_md_get_algo_dlen(md_algorithm);
         assert(hash_size > 0);
@@ -1072,7 +1060,7 @@ int dnssec_verify_dnskey_by_ds(DnsResourceRecord *dnskey, DnsResourceRecord *ds,
         if (dnssec_keytag(dnskey, mask_revoke) != ds->ds.key_tag)
                 return 0;
 
-        initialize_libgcrypt();
+        initialize_libgcrypt(false);
 
         md_algorithm = digest_to_gcrypt_md(ds->ds.digest_type);
         if (md_algorithm < 0)
@@ -1191,7 +1179,7 @@ int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) {
         if (algorithm < 0)
                 return algorithm;
 
-        initialize_libgcrypt();
+        initialize_libgcrypt(false);
 
         hash_size = gcry_md_get_algo_dlen(algorithm);
         assert(hash_size > 0);
-- 
cgit v1.2.3-54-g00ecf