Clean up handling of gnutls_pkcs12.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/Makefile.am b/Makefile.am
index 30f49ec..c2d3452 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -17,7 +17,15 @@ openconnect_SOURCES = xml.c main.c dtls.c cstp.c mainloop.c tun.c
 openconnect_CFLAGS = $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS)
 openconnect_LDADD = libopenconnect.la $(SSL_LIBS) $(DTLS_SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(ZLIB_LIBS) $(LIBINTL)
 
-library_srcs = ssl.c http.c auth.c library.c compat.c @SSL_LIBRARY@.c
+library_srcs = ssl.c http.c auth.c library.c compat.c
+lib_srcs_gnutls = gnutls.c gnutls_pkcs12.c
+lib_srcs_openssl = openssl.c
+if OPENCONNECT_GNUTLS
+library_srcs += $(lib_srcs_gnutls)
+endif
+if OPENCONNECT_OPENSSL
+library_srcs += $(lib_srcs_openssl)
+endif
 libopenconnect_la_SOURCES = version.c $(library_srcs)
 libopenconnect_la_CFLAGS = $(SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(P11KIT_CFLAGS) $(TSS_CFLAGS)
 libopenconnect_la_LIBADD = $(SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(LIBINTL) $(P11KIT_LIBS) $(TSS_LIBS)
@@ -31,13 +39,13 @@ endif
 
 pkgconfig_DATA = openconnect.pc
 
-EXTRA_DIST = version.sh COPYING.LGPL gnutls_pkcs12.c gnutls.c openssl.c
+EXTRA_DIST = version.sh COPYING.LGPL $(lib_srcs_openssl) $(lib_srcs_gnutls)
 
 DISTCLEANFILES = $(pkgconfig_DATA)
 
-gnutls.o: gnutls_pkcs12.c
 main.o: version.c
-version.c: $(library_srcs) $(openconnect_SOURCES) Makefile.am configure.ac \
+version.c: $(library_srcs) $(lib_openssl_srcs) $(lib_gnutls_srcs) \
+          $(openconnect_SOURCES) Makefile.am configure.ac \
           openconnect.h openconnect-internal.h version.sh @GITVERSIONDEPS@
        @cd $(srcdir) && ./version.sh $(abs_builddir)/version.c
 

diff --git a/configure.ac b/configure.ac
index 6c5f693..8216fe0 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -328,6 +328,8 @@ case "$ssl_library" in
        AC_MSG_ERROR([Neither OpenSSL nor GnuTLS selected for SSL.])
        ;;
 esac
+AM_CONDITIONAL(OPENCONNECT_GNUTLS,  [ test "$ssl_library" != "openssl" ])
+AM_CONDITIONAL(OPENCONNECT_OPENSSL, [ test "$ssl_library" = "openssl" ])
 
 # Needs to happen after we default to static/shared libraries based on OpenSSL
 AC_PROG_LIBTOOL

diff --git a/gnutls.c b/gnutls.c
index 7e3ab08..be40dda 100644 (file)
--- a/gnutls.c
+++ b/gnutls.c
@@ -64,6 +64,7 @@ static P11KitPin *pin_callback(const char *pin_source, P11KitUri *pin_uri,
                               void *_vpninfo);
 #endif
 
+#include "gnutls.h"
 #include "openconnect-internal.h"
 
 /* Helper functions for reading/writing lines over SSL.
@@ -286,12 +287,6 @@ static int load_datum(struct openconnect_info *vpninfo,
        return 0;
 }
 
-#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
-/* If we're using a version of GnuTLS from before this was 
-   exported, pull in our local copy. */
-#include "gnutls_pkcs12.c"
-#endif
-
 /* A non-zero, non-error return to make load_certificate() continue and
    interpreting the file as other types */
 #define NOT_PKCS12     1

diff --git a/gnutls.h b/gnutls.h
new file mode 100644 (file)
index 0000000..ab34dc5
--- /dev/null
+++ b/gnutls.h
@@ -0,0 +1,45 @@
+/*
+ * OpenConnect (SSL + DTLS) VPN client
+ *
+ * Copyright © 2008-2012 Intel Corporation.
+ *
+ * Author: David Woodhouse <dwmw2@infradead.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * version 2.1, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to:
+ *
+ *   Free Software Foundation, Inc.
+ *   51 Franklin Street, Fifth Floor,
+ *   Boston, MA 02110-1301 USA
+ */
+
+#ifndef __OPENCONNECT_GNUTLS_H__
+#define __OPENCONNECT_GNUTLS_H__
+
+#include <gnutls/gnutls.h>
+#include <gnutls/pkcs12.h>
+
+#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
+/* If we're using a version of GnuTLS from before this was 
+   exported, pull in our local copy. */
+int gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12, const char *password,
+                               gnutls_x509_privkey_t * key,
+                               gnutls_x509_crt_t ** chain,
+                               unsigned int * chain_len,
+                               gnutls_x509_crt_t ** extra_certs,
+                               unsigned int * extra_certs_len,
+                               gnutls_x509_crl_t * crl,
+                               unsigned int flags);
+
+#endif /* !HAVE_GNUTLS_PKCS12_SIMPLE_PARSE */
+
+#endif /* __OPENCONNECT_GNUTLS_H__ */

diff --git a/gnutls_pkcs12.c b/gnutls_pkcs12.c
index 543f4ab..c2e7665 100644 (file)
--- a/gnutls_pkcs12.c
+++ b/gnutls_pkcs12.c
@@ -7,6 +7,11 @@
  * explicit permission.
  */
 
+#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
+
+#include <string.h>
+#include "gnutls.h"
+
 #define opaque unsigned char
 #define gnutls_assert() do {} while(0)
 #define gnutls_assert_val(x) (x)
@@ -124,7 +129,7 @@ unsigned int i;
  *
  * Since: 3.1
  **/
-static int
+int
 gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12,
                      const char *password,
                      gnutls_x509_privkey_t * key,
@@ -519,3 +524,5 @@ done:
 
   return ret;
 }
+
+#endif /* HAVE_GNUTLS_PKCS12_SIMPLE_PARSE */