Clean up handling of gnutls_pkcs12.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Clean up handling of gnutls_pkcs12.c
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
aaf71be1 · David Woodhouse · 456de5ff · aaf71be1 · aaf71be1 · aaf71be1
Commit aaf71be1 authored Jun 14, 2012 by David Woodhouse
Hide whitespace changes
Inline Side-by-side

Showing with 68 additions and 11 deletions

Makefile.am Makefile.am +12 -4

configure.ac configure.ac +2 -0

gnutls.c gnutls.c +1 -6

gnutls.h gnutls.h +45 -0

gnutls_pkcs12.c gnutls_pkcs12.c +8 -1

No files found.
--- a/Makefile.am
+++ b/Makefile.am
@@ -17,7 +17,15 @@ openconnect_SOURCES = xml.c main.c dtls.c cstp.c mainloop.c tun.c
 openconnect_CFLAGS = $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS)
 openconnect_LDADD = libopenconnect.la $(SSL_LIBS) $(DTLS_SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(ZLIB_LIBS) $(LIBINTL)

-library_srcs = ssl.c http.c auth.c library.c compat.c @SSL_LIBRARY@.c
+library_srcs = ssl.c http.c auth.c library.c compat.c
+lib_srcs_gnutls = gnutls.c gnutls_pkcs12.c
+lib_srcs_openssl = openssl.c
+if OPENCONNECT_GNUTLS
+library_srcs += $(lib_srcs_gnutls)
+endif
+if OPENCONNECT_OPENSSL
+library_srcs += $(lib_srcs_openssl)
+endif
 libopenconnect_la_SOURCES = version.c $(library_srcs)
 libopenconnect_la_CFLAGS = $(SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(P11KIT_CFLAGS) $(TSS_CFLAGS)
 libopenconnect_la_LIBADD = $(SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(LIBINTL) $(P11KIT_LIBS) $(TSS_LIBS)
@@ -31,13 +39,13 @@ endif

 pkgconfig_DATA = openconnect.pc

-EXTRA_DIST = version.sh COPYING.LGPL gnutls_pkcs12.c gnutls.c openssl.c
+EXTRA_DIST = version.sh COPYING.LGPL $(lib_srcs_openssl) $(lib_srcs_gnutls)

 DISTCLEANFILES = $(pkgconfig_DATA)

-gnutls.o: gnutls_pkcs12.c
 main.o: version.c
-version.c: $(library_srcs) $(openconnect_SOURCES) Makefile.am configure.ac \
+version.c: $(library_srcs) $(lib_openssl_srcs) $(lib_gnutls_srcs) \
+	   $(openconnect_SOURCES) Makefile.am configure.ac \
 	   openconnect.h openconnect-internal.h version.sh @GITVERSIONDEPS@
 	@cd $(srcdir) && ./version.sh $(abs_builddir)/version.c


--- a/configure.ac
+++ b/configure.ac
@@ -328,6 +328,8 @@ case "$ssl_library" in
 	AC_MSG_ERROR([Neither OpenSSL nor GnuTLS selected for SSL.])
 	;;
 esac
+AM_CONDITIONAL(OPENCONNECT_GNUTLS,  [ test "$ssl_library" != "openssl" ])
+AM_CONDITIONAL(OPENCONNECT_OPENSSL, [ test "$ssl_library" = "openssl" ])

 # Needs to happen after we default to static/shared libraries based on OpenSSL
 AC_PROG_LIBTOOL

--- a/gnutls.c
+++ b/gnutls.c
@@ -64,6 +64,7 @@ static P11KitPin *pin_callback(const char *pin_source, P11KitUri *pin_uri,
 			       void *_vpninfo);
 #endif

+#include "gnutls.h"
 #include "openconnect-internal.h"

 /* Helper functions for reading/writing lines over SSL.
@@ -286,12 +287,6 @@ static int load_datum(struct openconnect_info *vpninfo,
 	return 0;
 }

-#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
-/* If we're using a version of GnuTLS from before this was 
-   exported, pull in our local copy. */
-#include "gnutls_pkcs12.c"
-#endif
-
 /* A non-zero, non-error return to make load_certificate() continue and
   interpreting the file as other types */
 #define NOT_PKCS12	1

--- a/gnutls.h
+++ b/gnutls.h
+/*
+ * OpenConnect (SSL + DTLS) VPN client
+ *
+ * Copyright © 2008-2012 Intel Corporation.
+ *
+ * Author: David Woodhouse <dwmw2@infradead.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * version 2.1, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to:
+ *
+ *   Free Software Foundation, Inc.
+ *   51 Franklin Street, Fifth Floor,
+ *   Boston, MA 02110-1301 USA
+ */
+
+#ifndef __OPENCONNECT_GNUTLS_H__
+#define __OPENCONNECT_GNUTLS_H__
+
+#include <gnutls/gnutls.h>
+#include <gnutls/pkcs12.h>
+
+#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
+/* If we're using a version of GnuTLS from before this was 
+   exported, pull in our local copy. */
+int gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12, const char *password,
+				gnutls_x509_privkey_t * key,
+				gnutls_x509_crt_t ** chain,
+				unsigned int * chain_len,
+				gnutls_x509_crt_t ** extra_certs,
+				unsigned int * extra_certs_len,
+				gnutls_x509_crl_t * crl,
+				unsigned int flags);
+
+#endif /* !HAVE_GNUTLS_PKCS12_SIMPLE_PARSE */
+
+#endif /* __OPENCONNECT_GNUTLS_H__ */
--- a/gnutls_pkcs12.c
+++ b/gnutls_pkcs12.c
@@ -7,6 +7,11 @@
 * explicit permission.
 */

+#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
+
+#include <string.h>
+#include "gnutls.h"
+
 #define opaque unsigned char
 #define gnutls_assert() do {} while(0)
 #define gnutls_assert_val(x) (x)
@@ -124,7 +129,7 @@ unsigned int i;
 *
 * Since: 3.1
 **/
-static int
+int
 gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12,
                     const char *password,
                     gnutls_x509_privkey_t * key,
@@ -519,3 +524,5 @@ done:

  return ret;
 }
+
+#endif /* HAVE_GNUTLS_PKCS12_SIMPLE_PARSE */