From bca3b64b49524b5adfe582031b7537f9671abc73 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 14 Jun 2012 00:55:54 +0100 Subject: [PATCH] Fix GnuTLS 2.12 library still referencing OpenSSL ERR_print_errors_cb() Signed-off-by: David Woodhouse --- configure.ac | 2 ++ libopenconnect.map.in | 2 +- openconnect-internal.h | 5 ++--- ssl.c | 8 +------- www/changelog.xml | 2 +- 5 files changed, 7 insertions(+), 12 deletions(-) diff --git a/configure.ac b/configure.ac index 4cb33b1c..9feef4d3 100644 --- a/configure.ac +++ b/configure.ac @@ -316,6 +316,7 @@ case "$ssl_library" in AC_SUBST(SSL_LIBRARY, [openssl]) AC_SUBST(SSL_LIBS, ['$(OPENSSL_LIBS)']) AC_SUBST(SSL_CFLAGS, ['$(OPENSSL_CFLAGS)']) + AC_SUBST(SYMVER_PRINT_ERR, ["openconnect_print_err_cb;"]) ;; both) # GnuTLS for TCP, OpenSSL for DTLS @@ -326,6 +327,7 @@ case "$ssl_library" in AC_SUBST(SSL_CFLAGS, ['$(GNUTLS_CFLAGS)']) AC_SUBST(DTLS_SSL_LIBS, ['$(OPENSSL_LIBS)']) AC_SUBST(DTLS_SSL_CFLAGS, ['$(OPENSSL_CFLAGS)']) + AC_SUBST(SYMVER_PRINT_ERR, ["openconnect_print_err_cb;"]) ;; *) AC_MSG_ERROR([Neither OpenSSL nor GnuTLS selected for SSL.]) diff --git a/libopenconnect.map.in b/libopenconnect.map.in index b6dc8427..9e3a47ad 100644 --- a/libopenconnect.map.in +++ b/libopenconnect.map.in @@ -31,7 +31,7 @@ OPENCONNECT_2.0 { }; OPENCONNECT_PRIVATE { - global: @SYMVER_TIME@ @SYMVER_ASPRINTF@ @SYMVER_GETLINE@ + global: @SYMVER_TIME@ @SYMVER_ASPRINTF@ @SYMVER_GETLINE@ @SYMVER_PRINT_ERR@ openconnect_SSL_gets; openconnect_close_https; openconnect_open_https; diff --git a/openconnect-internal.h b/openconnect-internal.h index 37c64005..d67e601e 100644 --- a/openconnect-internal.h +++ b/openconnect-internal.h @@ -337,9 +337,8 @@ int request_passphrase(struct openconnect_info *vpninfo, const char *label, char **response, const char *fmt, ...); int __attribute__ ((format (printf, 2, 3))) openconnect_SSL_printf(struct openconnect_info *vpninfo, const char *fmt, ...); -#if defined(OPENCONNECT_OPENSSL) || defined (DTLS_OPENSSL) -void openconnect_report_ssl_errors(struct openconnect_info *vpninfo); -#endif +int openconnect_print_err_cb(const char *str, size_t len, void *ptr); +#define openconnect_report_ssl_errors(v) ERR_print_errors_cb(openconnect_print_err_cb, (v)) /* ${SSL_LIBRARY}.c */ int openconnect_SSL_gets(struct openconnect_info *vpninfo, char *buf, size_t len); diff --git a/ssl.c b/ssl.c index de16ec49..2303b6f8 100644 --- a/ssl.c +++ b/ssl.c @@ -357,17 +357,11 @@ int openconnect_passphrase_from_fsid(struct openconnect_info *vpninfo) #if defined(OPENCONNECT_OPENSSL) || defined (DTLS_OPENSSL) /* We put this here rather than in openssl.c because it might be needed for OpenSSL DTLS support even when GnuTLS is being used for HTTPS */ -#include -static int print_err(const char *str, size_t len, void *ptr) +int openconnect_print_err_cb(const char *str, size_t len, void *ptr) { struct openconnect_info *vpninfo = ptr; vpn_progress(vpninfo, PRG_ERR, "%s", str); return 0; } - -void openconnect_report_ssl_errors(struct openconnect_info *vpninfo) -{ - ERR_print_errors_cb(print_err, vpninfo); -} #endif diff --git a/www/changelog.xml b/www/changelog.xml index bfa99bae..14adb3eb 100644 --- a/www/changelog.xml +++ b/www/changelog.xml @@ -17,7 +17,7 @@
  • OpenConnect HEAD
      -
    • No changelog entries yet
      • +
    • Fix library references to OpenSSL's ERR_print_errors_cb() when built against GnuTLS v2.12

  • OpenConnect v3.99