Remove liboath dependency

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Makefile.am

@@ -20,7 +20,7 @@ noinst_PROGRAMS = lzstest
 endif
 
 openconnect_SOURCES = xml.c main.c
-openconnect_CFLAGS = $(AM_CFLAGS) $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS) $(LIBSTOKEN_CFLAGS) $(LIBOATH_CFLAGS) $(LIBPSKC_CFLAGS) $(GSSAPI_CFLAGS) $(INTL_CFLAGS) $(ICONV_CFLAGS) $(LIBPCSCLITE_CFLAGS)
+openconnect_CFLAGS = $(AM_CFLAGS) $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS) $(LIBSTOKEN_CFLAGS) $(LIBPSKC_CFLAGS) $(GSSAPI_CFLAGS) $(INTL_CFLAGS) $(ICONV_CFLAGS) $(LIBPCSCLITE_CFLAGS)
 openconnect_LDADD = libopenconnect.la $(SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(INTL_LIBS) $(ICONV_LIBS)
 
 library_srcs = ssl.c http.c auth-common.c library.c compat.c lzs.c mainloop.c script.c ntlm.c digest.c
@@ -42,16 +42,13 @@ POTFILES = $(openconnect_SOURCES) $(lib_srcs_cisco) $(lib_srcs_juniper) \
 	   $(lib_srcs_win32) $(lib_srcs_posix) $(lib_srcs_gssapi) $(lib_srcs_iconv) \
 	   $(lib_srcs_oath) $(lib_srcs_yubikey) $(lib_srcs_stoken) openconnect-internal.h
 
-library_srcs += $(lib_srcs_juniper) $(lib_srcs_cisco)
+library_srcs += $(lib_srcs_juniper) $(lib_srcs_cisco) $(lib_srcs_oath)
 if OPENCONNECT_LIBPCSCLITE
 library_srcs += $(lib_srcs_yubikey)
 endif
 if OPENCONNECT_STOKEN
 library_srcs += $(lib_srcs_stoken)
 endif
-if OPENCONNECT_OATH
-library_srcs += $(lib_srcs_oath)
-endif
 if OPENCONNECT_GSSAPI
 library_srcs += $(lib_srcs_gssapi)
 endif
@@ -77,8 +74,8 @@ library_srcs += $(lib_srcs_posix)
 endif
 
 libopenconnect_la_SOURCES = version.c $(library_srcs)
-libopenconnect_la_CFLAGS = $(AM_CFLAGS) $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS) $(P11KIT_CFLAGS) $(TSS_CFLAGS) $(LIBSTOKEN_CFLAGS) $(LIBOATH_CFLAGS) $(LIBPSKC_CFLAGS) $(GSSAPI_CFLAGS) $(INTL_CFLAGS) $(ICONV_CFLAGS) $(LIBPCSCLITE_CFLAGS) $(LIBP11_CFLAGS) $(LIBLZ4_CFLAGS)
-libopenconnect_la_LIBADD = $(SSL_LIBS) $(DTLS_SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(ZLIB_LIBS) $(P11KIT_LIBS) $(TSS_LIBS) $(LIBSTOKEN_LIBS) $(LIBOATH_LIBS) $(LIBPSKC_LIBS) $(GSSAPI_LIBS) $(INTL_LIBS) $(ICONV_LIBS) $(LIBPCSCLITE_LIBS) $(LIBP11_LIBS) $(LIBLZ4_LIBS)
+libopenconnect_la_CFLAGS = $(AM_CFLAGS) $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS) $(P11KIT_CFLAGS) $(TSS_CFLAGS) $(LIBSTOKEN_CFLAGS) $(LIBPSKC_CFLAGS) $(GSSAPI_CFLAGS) $(INTL_CFLAGS) $(ICONV_CFLAGS) $(LIBPCSCLITE_CFLAGS) $(LIBP11_CFLAGS) $(LIBLZ4_CFLAGS)
+libopenconnect_la_LIBADD = $(SSL_LIBS) $(DTLS_SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(ZLIB_LIBS) $(P11KIT_LIBS) $(TSS_LIBS) $(LIBSTOKEN_LIBS) $(LIBPSKC_LIBS) $(GSSAPI_LIBS) $(INTL_LIBS) $(ICONV_LIBS) $(LIBPCSCLITE_LIBS) $(LIBP11_LIBS) $(LIBLZ4_LIBS)
 if OPENBSD_LIBTOOL
 # OpenBSD's libtool doesn't have -version-number, but its -version-info arg
 # does what GNU libtool's -version-number does. Which arguably is what the

auth-common.c

@@ -156,13 +156,11 @@ int do_gen_tokencode(struct openconnect_info *vpninfo,
 	case OC_TOKEN_MODE_STOKEN:
 		return do_gen_stoken_code(vpninfo, form, opt);
 #endif
-#ifdef HAVE_LIBOATH
 	case OC_TOKEN_MODE_TOTP:
 		return do_gen_totp_code(vpninfo, form, opt);
 
 	case OC_TOKEN_MODE_HOTP:
 		return do_gen_hotp_code(vpninfo, form, opt);
-#endif
 #ifdef HAVE_LIBPCSCLITE
 	case OC_TOKEN_MODE_YUBIOATH:
 		return do_gen_yubikey_code(vpninfo, form, opt);
@@ -181,13 +179,11 @@ int can_gen_tokencode(struct openconnect_info *vpninfo,
 	case OC_TOKEN_MODE_STOKEN:
 		return can_gen_stoken_code(vpninfo, form, opt);
 #endif
-#ifdef HAVE_LIBOATH
 	case OC_TOKEN_MODE_TOTP:
 		return can_gen_totp_code(vpninfo, form, opt);
 
 	case OC_TOKEN_MODE_HOTP:
 		return can_gen_hotp_code(vpninfo, form, opt);
-#endif
 #ifdef HAVE_LIBPCSCLITE
 	case OC_TOKEN_MODE_YUBIOATH:
 		return can_gen_yubikey_code(vpninfo, form, opt);

auth.c

@@ -31,10 +31,6 @@
 #include <pwd.h>
 #endif
 
-#ifdef HAVE_LIBOATH
-#include <liboath/oath.h>
-#endif
-
 #include <libxml/parser.h>
 #include <libxml/tree.h>
 

configure.ac

@@ -658,24 +658,15 @@ AS_IF([test "x$with_libpcsclite" != "xno"], [
 ], [libpcsclite_pkg=disabled])
 AM_CONDITIONAL(OPENCONNECT_LIBPCSCLITE, [test "$libpcsclite_pkg" = "yes"])
 
-AC_ARG_WITH([liboath],
-	AS_HELP_STRING([--without-liboath],
-	[Build without liboath library [default=auto]]))
-AS_IF([test "x$with_liboath" != "xno"], [
-	PKG_CHECK_MODULES(LIBOATH, [liboath >= 1.12.0],
-		[AC_SUBST(LIBOATH_PC, liboath)
-		 AC_DEFINE([HAVE_LIBOATH], 1, [Have liboath])
-		 liboath_pkg=yes],
-		 liboath_pkg=no)
-	if test "$liboath_pkg" = "yes"; then
-	    PKG_CHECK_MODULES(LIBPSKC, [libpskc >= 2.2.0],
+AC_ARG_WITH([libpskc],
+	AS_HELP_STRING([--without-libpskc],
+	[Build without libpskc library [default=auto]]))
+AS_IF([test "x$with_libpskc" != "xno"], [
+	PKG_CHECK_MODULES(LIBPSKC, [libpskc >= 2.2.0],
 		[AC_SUBST(LIBPSKC_PC, libpskc)
 		 AC_DEFINE([HAVE_LIBPSKC], 1, [Have libpskc])
 		 libpskc_pkg=yes],
-		 libpskc_pkg=no)
-	fi
-])
-AM_CONDITIONAL(OPENCONNECT_OATH, [test "$liboath_pkg" = "yes"])
+		 libpskc_pkg=no)])
 
 linked_gssapi=no
 AC_ARG_WITH([gssapi],

library.c

@@ -29,10 +29,6 @@
 #include <stoken.h>
 #endif
 
-#ifdef HAVE_LIBOATH
-#include <liboath/oath.h>
-#endif
-
 #include <libxml/tree.h>
 #include <zlib.h>
 
@@ -316,17 +312,14 @@ void openconnect_vpninfo_free(struct openconnect_info *vpninfo)
 	if (vpninfo->stoken_ctx)
 		stoken_destroy(vpninfo->stoken_ctx);
 #endif
-#ifdef HAVE_LIBOATH
 	if (vpninfo->oath_secret) {
 #ifdef HAVE_LIBPSKC
 		if (vpninfo->pskc)
 			pskc_done(vpninfo->pskc);
 		else
 #endif /* HAVE_LIBPSKC */
 		free(vpninfo->oath_secret);
-		oath_done();
 	}
-#endif /* HAVE_LIBOATH */
 #ifdef HAVE_LIBPCSCLITE
 	if (vpninfo->token_mode == OC_TOKEN_MODE_YUBIOATH) {
 		SCardDisconnect(vpninfo->pcsc_card, SCARD_LEAVE_CARD);
@@ -629,11 +622,7 @@ int openconnect_has_stoken_support(void)
 
 int openconnect_has_oath_support(void)
 {
-#ifdef HAVE_LIBOATH
 	return 2;
-#else
-	return 0;
-#endif
 }
 
 int openconnect_has_yubioath_support(void)
@@ -698,13 +687,11 @@ int openconnect_set_token_mode(struct openconnect_info *vpninfo,
 	case OC_TOKEN_MODE_STOKEN:
 		return set_libstoken_mode(vpninfo, token_str);
 #endif
-#ifdef HAVE_LIBOATH
 	case OC_TOKEN_MODE_TOTP:
 		return set_totp_mode(vpninfo, token_str);
 
 	case OC_TOKEN_MODE_HOTP:
 		return set_hotp_mode(vpninfo, token_str);
-#endif
 #ifdef HAVE_LIBPCSCLITE
 	case OC_TOKEN_MODE_YUBIOATH:
 		return set_yubikey_mode(vpninfo, token_str);

main.c

@@ -772,9 +772,6 @@ static void usage(void)
 #ifndef HAVE_LIBSTOKEN
 	printf("                                  %s\n", _("(NOTE: libstoken (RSA SecurID) disabled in this build)"));
 #endif
-#ifndef HAVE_LIBOATH
-	printf("                                  %s\n", _("(NOTE: liboath (TOTP,HOTP) disabled in this build)"));
-#endif
 #ifndef HAVE_LIBPCSCLITE
 	printf("                                  %s\n", _("(NOTE: Yubikey OATH disabled in this build)"));
 #endif

oath.c

@@ -23,8 +23,6 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <liboath/oath.h>
-
 #include "openconnect-internal.h"
 
 static int b32_char(char in)
@@ -216,10 +214,6 @@ int set_totp_mode(struct openconnect_info *vpninfo, const char *token_str)
 {
 	int ret, toklen;
 
-	ret = oath_init();
-	if (ret != OATH_OK)
-		return -EIO;
-
 	if (!token_str)
 		return -EINVAL;
 
@@ -256,10 +250,6 @@ int set_hotp_mode(struct openconnect_info *vpninfo, const char *token_str)
 	int ret, toklen;
 	char *p;
 
-	ret = oath_init();
-	if (ret != OATH_OK)
-		return -EIO;
-
 	if (!token_str)
 		return -EINVAL;
 

openconnect-internal.h

@@ -404,7 +404,6 @@ struct openconnect_info {
 	pskc_t *pskc;
 	pskc_key_t *pskc_key;
 #endif
-#ifdef HAVE_LIBOATH
 	char *oath_secret;
 	size_t oath_secret_len;
 	enum {
@@ -413,7 +412,6 @@ struct openconnect_info {
 		HOTP_SECRET_HEX,
 		HOTP_SECRET_PSKC,
 	} hotp_secret_format; /* We need to give it back in the same form */
-#endif
 #ifdef HAVE_LIBPCSCLITE
 	SCARDHANDLE pcsc_ctx, pcsc_card;
 	char *yubikey_objname;