From 2cb49bd5137176e1445550399b6e9592607858a3 Mon Sep 17 00:00:00 2001 From: Nokis Mavrogiannopoulos Date: Wed, 5 Mar 2008 17:38:09 +0000 Subject: --- NEWS | 8 +++ autogen.sh | 17 +----- configure.ac | 33 +++++++--- m4/apache.m4 | 151 ++++++++++++++++++++++++++++++++++++++++++++++ m4/apache_test.m4 | 96 +++++++++++++++++++++++++++++ m4/apr_memcache.m4 | 56 +++++++++++++++++ m4/apreq.m4 | 43 +++++++++++++ m4/buildconf.py | 83 +++++++++++++++++++++++++ m4/find_apr.m4 | 166 ++++++++++++++++++++++++++++++++++++++++++++++++++ m4/libgnutls.m4 | 171 ++++++++++++++++++++++++++++++++++++++++++++++++++++ m4/libmemcache.m4 | 46 ++++++++++++++ m4/librsvg.m4 | 29 +++++++++ m4/lua.m4 | 71 ++++++++++++++++++++++ m4/outoforder.m4 | 36 +++++++++++ src/gnutls_cache.c | 9 ++- src/gnutls_config.c | 7 +++ src/gnutls_hooks.c | 6 ++ src/mod_gnutls.c | 3 +- 18 files changed, 1006 insertions(+), 25 deletions(-) create mode 100644 m4/apache.m4 create mode 100644 m4/apache_test.m4 create mode 100644 m4/apr_memcache.m4 create mode 100644 m4/apreq.m4 create mode 100755 m4/buildconf.py create mode 100644 m4/find_apr.m4 create mode 100644 m4/libgnutls.m4 create mode 100644 m4/libmemcache.m4 create mode 100644 m4/librsvg.m4 create mode 100644 m4/lua.m4 create mode 100644 m4/outoforder.m4 diff --git a/NEWS b/NEWS index 49abeda..ae87e5e 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,11 @@ +** Version 0.4.3 (2008-03-05) + +- Added --disable-srp configure option + +- Better check for memcache (patch by Guillaume Rousse) + +- Corrected possible memory leak in DBM support for resuming sessions. + ** Version 0.4.2 (2007-12-10) - Added support for sending a certificate chain. diff --git a/autogen.sh b/autogen.sh index 742b2cc..541e187 100755 --- a/autogen.sh +++ b/autogen.sh @@ -1,25 +1,10 @@ #!/bin/sh -if [ -z $ACLOCAL ]; then - ACLOCAL=aclocal -fi -if [ -z $AUTOCONF ]; then - AUTOCONF=autoconf -fi -if [ -z $AUTOHEADER ]; then - AUTOHEADER=autoheader -fi if [ -z $AUTORECONF ]; then AUTORECONF=autoreconf fi #rm -rf autom4te.cache -$AUTORECONF -f -i +$AUTORECONF -f -v -i #touch stamp-h.in -for x in providers/*; do - if [ -e $x/autogen.sh ]; then - echo Generating Config files in $x - (cd $x; ./autogen.sh $*) - fi -done diff --git a/configure.ac b/configure.ac index 259e289..b95f362 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,5 @@ dnl -AC_INIT(mod_gnutls, 0.4.2.1) +AC_INIT(mod_gnutls, 0.4.3) OOO_CONFIG_NICE(config.nice) MOD_GNUTLS_VERSION=AC_PACKAGE_VERSION AC_PREREQ(2.53) @@ -28,8 +28,14 @@ CHECK_APACHE(,$AP_VERSION, dnl LIBTOOL="`${APR_CONFIG} --apr-libtool`" dnl AC_SUBST(LIBTOOL) -MIN_TLS_VERSION=2.1.7 -CHECK_LIBGNUTLS($MIN_TLS_VERSION) +MIN_TLS_VERSION=2.2.1 +AM_PATH_LIBGNUTLS($MIN_TLS_VERSION,, + AC_MSG_ERROR([[ +*** +*** libgnutls were not found. You may want to get it from +*** http://www.gnutls.org/ +*** +]])) dnl CHECK_LUA() @@ -37,7 +43,19 @@ have_apr_memcache=0 CHECK_APR_MEMCACHE([have_apr_memcache=1], [have_apr_memcache=0]) AC_SUBST(have_apr_memcache) -MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}" +AC_ARG_ENABLE(srp, + AS_HELP_STRING([--disable-srp], + [unconditionally disable the SRP functionality]), + use_srp=$enableval, use_srp=yes) + +SRP_CFLAGS="" +if test "$use_srp" != "no"; then + SRP_CFLAGS="-DENABLE_SRP=1" +fi +AC_MSG_CHECKING([whether to enable SRP functionality]) +AC_MSG_RESULT($use_srp) + +MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${SRP_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}" MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_LIBS}" AC_SUBST(MODULE_CFLAGS) @@ -49,8 +67,9 @@ AC_OUTPUT echo "---" echo "Configuration summary for mod_gnutls:" echo "" -echo " * mod_gnutls version: ${MOD_GNUTLS_VERSION}" -echo " * Apache Modules directory: ${AP_LIBEXECDIR}" -echo " * GnuTLS Library version: ${LIBGNUTLS_VERSION}" +echo " * mod_gnutls version: ${MOD_GNUTLS_VERSION}" +echo " * Apache Modules directory: ${AP_LIBEXECDIR}" +echo " * GnuTLS Library version: ${LIBGNUTLS_VERSION}" +echo " * SRP authentication: ${use_srp}" echo "" echo "---" diff --git a/m4/apache.m4 b/m4/apache.m4 new file mode 100644 index 0000000..6051821 --- /dev/null +++ b/m4/apache.m4 @@ -0,0 +1,151 @@ + +dnl CHECK_APACHE([MINIMUM13-VERSION [, MINIMUM20-VERSION [, +dnl ACTION-IF-FOUND13 [, ACTION-IF-FOUND20 [, ACTION-IF-NOT-FOUND]]]) +dnl Test for Apache apxs, APR, and APU + +AC_DEFUN([CHECK_APACHE], +[dnl +AC_ARG_WITH( + apxs, + [AC_HELP_STRING([--with-apxs=PATH],[Path to apxs])], + apxs_prefix="$withval", + apxs_prefix="/usr" + ) + +AC_ARG_ENABLE( + apachetest, + [AC_HELP_STRING([--disable-apxstest],[Do not try to compile and run apache version test program])], + , + enable_apachetest=yes + ) + + if test -x $apxs_prefix -a ! -d $apxs_prefix; then + APXS_BIN=$apxs_prefix + else + test_paths="$apxs_prefix:$apxs_prefix/bin:$apxs_prefix/sbin" + test_paths="${test_paths}:/usr/bin:/usr/sbin" + test_paths="${test_paths}:/usr/local/bin:/usr/local/sbin:/usr/local/apache2/bin" + AC_PATH_PROG(APXS_BIN, apxs, no, [$test_paths]) + fi + min_apache13_version=ifelse([$1], ,no,$1) + min_apache20_version=ifelse([$2], ,no,$2) + no_apxs="" + if test "$APXS_BIN" = "no"; then + AC_MSG_ERROR([*** The apxs binary installed by apache could not be found!]) + AC_MSG_ERROR([*** Use the --with-apxs option with the full path to apxs]) + else + AP_INCLUDES="-I`$APXS_BIN -q INCLUDEDIR 2>/dev/null`" + AP_INCLUDEDIR="`$APXS_BIN -q INCLUDEDIR 2>/dev/null`" + + AP_PREFIX="`$APXS_BIN -q prefix 2>/dev/null`" + + AP_BINDIR="`$APXS_BIN -q bindir 2>/dev/null`" + AP_SBINDIR="`$APXS_BIN -q sbindir 2>/dev/null`" + AP_SYSCONFDIR="`$APXS_BIN -q sysconfdir 2>/dev/null`" + + APXS_CFLAGS="" + for flag in CFLAGS EXTRA_CFLAGS EXTRA_CPPFLAGS NOTEST_CFLAGS; do + APXS_CFLAGS="$APXS_CFLAGS `$APXS_BIN -q $flag 2>/dev/null`" + done + + AP_CPPFLAGS="$APXS_CPPFLAGS $AP_INCLUDES" + AP_CFLAGS="$APXS_CFLAGS $AP_INCLUDES" + + AP_LIBEXECDIR=`$APXS_BIN -q LIBEXECDIR 2>/dev/null` + + if test "x$enable_apachetest" = "xyes" ; then + if test "$min_apache20_version" != "no"; then + APR_CONFIG="`$APXS_BIN -q APR_BINDIR 2>/dev/null`/apr-1-config" + if test ! -x $APR_CONFIG; then + APR_CONFIG="`$APXS_BIN -q APR_BINDIR 2>/dev/null`/apr-config" + fi + APR_INCLUDES=`$APR_CONFIG --includes 2>/dev/null` + APR_LDFLAGS=`$APR_CONFIG --link-ld 2>/dev/null` + APR_LIBS=`$APR_CONFIG --libs 2>/dev/null` + APR_LIBTOOL=`$APR_CONFIG --link-libtool 2>/dev/null` + APR_CPPFLAGS=`$APR_CONFIG --cppflags 2>/dev/null` + APR_CFLAGS=`$APR_CONFIG --cflags 2>/dev/null` + APR_VERSION=`$APR_CONFIG --version 2>/dev/null` + APU_CONFIG="`$APXS_BIN -q APU_BINDIR 2>/dev/null`/apu-1-config" + if test ! -x $APU_CONFIG; then + APU_CONFIG="`$APXS_BIN -q APU_BINDIR 2>/dev/null`/apu-config" + fi + APU_INCLUDES=`$APU_CONFIG --includes 2>/dev/null` + APU_LDFLAGS=`$APU_CONFIG --link-ld 2>/dev/null` + APU_LIBS=`$APU_CONFIG --libs 2>/dev/null` + APU_LIBTOOL=`$APU_CONFIG --link-libtool 2>/dev/null` + APU_VERSION=`$APU_CONFIG --version 2>/dev/null` + + AC_MSG_CHECKING(for Apache 2.0 version >= $min_apache20_version) + TEST_APACHE_VERSION(20,$min_apache20_version, + AC_MSG_RESULT(yes) + AC_DEFINE(WITH_APACHE20,1,[Define to 1 if we are compiling with Apache 2.0.x]) + AP_VERSION="2.0" + APXS_EXTENSION=.la + if test -f `$APXS_BIN -q INCLUDEDIR`/mod_status.h; then + AC_DEFINE(HAVE_MOD_STATUS_H,1,[Define to 1 if mod_status.h and the mod_Status hook are available]) + fi + AP_CFLAGS="$AP_CFLAGS $APU_INCLUDES $APR_INCLUDES" + AP_CPPFLAGS="$AP_CPPFLAGS $APU_INCLUDES $APR_INCLUDES" + AP_DEFS="-DWITH_APACHE20" + ifelse([$4], , , $4), + AC_MSG_RESULT(no) + if test "x$min_apache13_version" = "xno"; then + ifelse([$5], , , $5) + fi + ) + fi + if test "$min_apache13_version" != "no" -a "x$AP_VERSION" = "x"; then + APR_INCLUDES="" + APR_VERSION="" + APR_LDFLAGS="" + APR_LIBS="" + APR_LIBTOOL="" + APR_CFLAGS="" + APR_CPPFLAGS="" + APU_INCLUDES="" + APU_VERSION="" + APU_LDFLAGS="" + APU_LIBS="" + APU_LIBTOOL="" + AC_MSG_CHECKING(for Apache 1.3 version >= $min_apache13_version) + TEST_APACHE_VERSION(13,$min_apache13_version, + AC_MSG_RESULT(yes) + AC_DEFINE(WITH_APACHE13,1,[Define to 1 if we are compiling with Apache 1.3.x]) + AP_VERSION="1.3" + APXS_EXTENSION=.so + AP_CFLAGS="-g $AP_CFLAGS" + AP_DEFS="-DWITH_APACHE13" + ifelse([$3], , , $3), + AC_MSG_RESULT(no) + ifelse([$5], , , $5) + ) + fi + fi + AC_CHECK_DECL([DEFAULT_EXP_LIBEXECDIR],,[AC_DEFINE_UNQUOTED([DEFAULT_EXP_LIBEXECDIR],["$AP_LIBEXECDIR"],[Default Module LibExec directory])]) + AC_SUBST(AP_DEFS) + AC_SUBST(AP_PREFIX) + AC_SUBST(AP_CFLAGS) + AC_SUBST(AP_CPPFLAGS) + AC_SUBST(AP_INCLUDES) + AC_SUBST(AP_INCLUDEDIR) + AC_SUBST(AP_LIBEXECDIR) + AC_SUBST(AP_VERSION) + AC_SUBST(AP_SYSCONFDIR) + AC_SUBST(AP_BINDIR) + AC_SUBST(AP_SBINDIR) + AC_SUBST(APR_INCLUDES) + AC_SUBST(APR_LDFLAGS) + AC_SUBST(APR_LIBS) + AC_SUBST(APR_LIBTOOL) + AC_SUBST(APR_CPPFLAGS) + AC_SUBST(APR_CFLAGS) + AC_SUBST(APU_INCLUDES) + AC_SUBST(APU_LDFLAGS) + AC_SUBST(APU_LIBS) + AC_SUBST(APU_LIBTOOL) + AC_SUBST(APXS_EXTENSION) + AC_SUBST(APXS_BIN) + AC_SUBST(APXS_CFLAGS) + fi +]) diff --git a/m4/apache_test.m4 b/m4/apache_test.m4 new file mode 100644 index 0000000..8c91adf --- /dev/null +++ b/m4/apache_test.m4 @@ -0,0 +1,96 @@ +dnl TEST_APACHE_VERSION(RELEASE, [MINIMUM-VERSION [, ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]]) +dnl Test for Apache +dnl +AC_DEFUN([TEST_APACHE_VERSION], +[dnl + AC_REQUIRE([AC_CANONICAL_TARGET]) + releasetest=$1 + min_apache_version="$2" + no_apache="" + ac_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $AP_CFLAGS" + if test $releasetest -eq 20; then + CFLAGS="$CFLAGS $APU_INCLUDES $APR_INCLUDES" + fi + AC_TRY_RUN([ +#include +#include +#include +#include "httpd.h" + +#ifndef AP_SERVER_BASEREVISION + #define AP_SERVER_BASEREVISION SERVER_BASEREVISION +#endif + +char* my_strdup (char *str) +{ + char *new_str; + + if (str) { + new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char)); + strcpy (new_str, str); + } else + new_str = NULL; + + return new_str; +} + +int main (int argc, char *argv[]) +{ + int major1, minor1, micro1; + int major2, minor2, micro2; + char *tmp_version; + + { FILE *fp = fopen("conf.apachetest", "a"); if ( fp ) fclose(fp); } + + tmp_version = my_strdup("$min_apache_version"); + if (sscanf(tmp_version, "%d.%d.%d", &major1, &minor1, µ1) != 3) { + printf("%s, bad version string\n", "$min_apache_version"); + exit(1); + } + tmp_version = my_strdup(AP_SERVER_BASEREVISION); + if (sscanf(tmp_version, "%d.%d.%d", &major2, &minor2, µ2) != 3) { + printf("%s, bad version string\n", AP_SERVER_BASEREVISION); + exit(1); + } + + if ( (major2 == major1) && + ( (minor2 > minor1) || + ((minor2 == minor1) && (micro2 >= micro1)) ) ) { + exit(0); + } else { + exit(1); + } +} + +],, no_apache=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) + CFLAGS="$ac_save_CFLAGS" + + if test "x$no_apache" = x ; then + ifelse([$3], , :, [$3]) + else + if test -f conf.apachetest ; then + : + else + echo "*** Could not run Apache test program, checking why..." + CFLAGS="$CFLAGS $AP_CFLAGS" + if test $releasetest -eq 20; then + CFLAGS="$CFLAGS $APU_INCLUDES $APR_INCLUDES" + fi + AC_TRY_LINK([ +#include +#include "httpd.h" + +int main(int argc, char *argv[]) +{ return 0; } +#undef main +#define main K_and_R_C_main +], [ return 0; ], + [ echo "*** The test program compiled, but failed to run. Check config.log" ], + [ echo "*** The test program failed to compile or link. Check config.log" ]) + CFLAGS="$ac_save_CFLAGS" + fi + ifelse([$4], , :, [$4]) + fi + rm -f conf.apachetest +]) diff --git a/m4/apr_memcache.m4 b/m4/apr_memcache.m4 new file mode 100644 index 0000000..71ab2b6 --- /dev/null +++ b/m4/apr_memcache.m4 @@ -0,0 +1,56 @@ +dnl Check for memcache client libraries +dnl CHECK_APR_MEMCACHE(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]) +dnl Sets: +dnl APR_MEMCACHE_LIBS +AC_DEFUN([CHECK_APR_MEMCACHE], +[dnl + +AC_ARG_WITH( + apr-memcache-prefix, + [AC_HELP_STRING([--with-apr-memcache-prefix=PATH],[Install prefix for apr_memcache])], + apr_memcache_prefix="$withval", + apr_memcache_prefix="/usr", + :) +AC_ARG_WITH( + apr-memcache-libs, + [AC_HELP_STRING([--with-apr-memcache-libs=PATH],[Path to apr_memcache libs])], + apr_memcache_libs="$withval", + apr_memcache_libs="$apr_memcache_prefix/lib" + :) +AC_ARG_WITH( + apr-memcache-includes, + [AC_HELP_STRING([--with-apr-memcache-includes=PATH],[Path to apr_memcache includes])], + apr_memcache_includes="$withval", + apr_memcache_includes="$apr_memcache_prefix/include/apr_memcache-0" + :) + + +AC_LIBTOOL_SYS_DYNAMIC_LINKER + +dnl # Determine memcache lib directory +save_CFLAGS=$CFLAGS +save_LDFLAGS=$LDFLAGS +CFLAGS="-I$apr_memcache_includes $APR_INCLUDES $CFLAGS" +LDFLAGS="-L$apr_memcache_libs $LDFLAGS" +AC_CHECK_LIB( + apr_memcache, + apr_memcache_create, + [ + APR_MEMCACHE_LIBS="-R$apr_memcache_libs -L$apr_memcache_libs -lapr_memcache" + APR_MEMCACHE_CFLAGS="-I$apr_memcache_includes" + ] +) +CFLAGS=$save_CFLAGS +LDFLAGS=$save_LDFLAGS + +AC_SUBST(APR_MEMCACHE_LIBS) +AC_SUBST(APR_MEMCACHE_CFLAGS) + +if test -z "${APR_MEMCACHE_LIBS}"; then + AC_MSG_NOTICE([*** memcache library not found.]) + ifelse([$2], , AC_MSG_ERROR([memcache library is required]), $2) +else + AC_MSG_NOTICE([using '${APR_MEMCACHE_LIBS}' for memcache]) + ifelse([$1], , , $1) +fi +]) diff --git a/m4/apreq.m4 b/m4/apreq.m4 new file mode 100644 index 0000000..b457e02 --- /dev/null +++ b/m4/apreq.m4 @@ -0,0 +1,43 @@ +dnl Check for apreq2 libraries +dnl CHECK_APREQ2(MINIMUM-VERSION, ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]) +AC_DEFUN([CHECK_APREQ2], +[dnl + +AC_ARG_WITH( + apreq2, + [AC_HELP_STRING([--with-apreq2=PATH],[Path to your apreq2-config])], + ap_path="$withval", + ap_path="/usr" + ) + + if test -x $ap_path -a ! -d $ap_path; then + AP_BIN=$ap_path + else + test_paths="$ap_path:$ap_path/bin:$ap_path/sbin" + + dnl Search the Apache Binary Directories too. Since we should set these in apache.m4 + if test -d $AP_BINDIR; then + test_paths="${test_paths}:${AP_BINDIR}" + fi + if test -d $AP_SBINDIR; then + test_paths="${test_paths}:${AP_SBINDIR}" + fi + + test_paths="${test_paths}:/usr/bin:/usr/sbin" + test_paths="${test_paths}:/usr/local/bin:/usr/local/sbin" + AC_PATH_PROG(AP_BIN, apreq2-config, no, [$test_paths]) + fi + + if test "$AP_BIN" = "no"; then + AC_MSG_ERROR([*** The apreq2-config binary installed by apreq2 could not be found!]) + AC_MSG_ERROR([*** Use the --with-apreq2 option with the full path to apreq2-config]) + ifelse([$3], , AC_MSG_ERROR([apreq2 >=$1 is not installed.]), $3) + else + dnl TODO: Do a apreq2-config Version check here... + APREQ_LIBS="`$AP_BIN --link-ld --ldflags --libs 2>/dev/null`" + APREQ_CFLAGS="`$AP_BIN --includes 2>/dev/null`" + AC_SUBST(APREQ_LIBS) + AC_SUBST(APREQ_CFLAGS) + ifelse([$2], , AC_MSG_RESULT([yes]), $2) + fi +]) diff --git a/m4/buildconf.py b/m4/buildconf.py new file mode 100755 index 0000000..9ba621f --- /dev/null +++ b/m4/buildconf.py @@ -0,0 +1,83 @@ +#!/usr/bin/env python +# +# buildconf.py: Runs Autotools on a project. +# +# Copyright 2004 Edward Rudd and Paul Querna +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +import os +import sys +import popen2 +from optparse import OptionParser + +cmd = {} + +def run_cmd(command, args=""): + global cmd + rp = popen2.Popen4("%s %s" % (cmd[command], args)) + sout = rp.fromchild.readlines() + for line in sout: + sys.stdout.write(line) + rv = rp.wait() + if rv != 0: + print "Error: '%s %s' returned %d" % (cmd[command], args, rv) + sys.exit(-1) + +def select_cmd(command, list, args = "--version"): + global cmd + cmd[command] = None + for x in list: + # rv = os.spawnlp(os.P_WAIT, x, args) + rp = popen2.Popen4("%s %s" % (x, args)) + rv = rp.wait() + if rv == 0: + cmd[command] = x + break + if cmd[command] == None: + print "Errpr: Could not find suitable version for '%s', tried running: %s" % (command, list) + sys.exit(-1) + +parser = OptionParser() + +parser.add_option("--libtoolize", action="store_true", dest="libtoolize", default=False) +parser.add_option("--aclocal", action="store_true", dest="aclocal", default=False) +parser.add_option("--automake", action="store_true", dest="automake", default=False) +parser.add_option("--autoconf", action="store_true", dest="autoconf", default=False) +parser.add_option("--autoheader", action="store_true", dest="autoheader", default=False) + +(options, args) = parser.parse_args() + +if options.libtoolize: + select_cmd("libtoolize", ['libtoolize14','glibtoolize','libtoolize']) +if options.aclocal: + select_cmd("aclocal", ['aclocal-1.9','aclocal-1.8','aclocal-1.7','aclocal-1.6','aclocal']) +if options.autoheader: + select_cmd("autoheader", ['autoheader259','autoheader257','autoheader']) +if options.automake: + select_cmd("automake", ['automake-1.9','automake-1.8','automake-1.7','automake-1.6','automake']) +if options.autoconf: + select_cmd("autoconf", ['autoconf259','autoconf257','autoconf']) + +if options.libtoolize: + run_cmd("libtoolize", "--force --copy") +if options.aclocal: + run_cmd("aclocal", "-I m4") +if options.autoheader: + run_cmd("autoheader") +if options.automake: + run_cmd("automake", "--add-missing --copy --foreign") +if options.autoconf: + run_cmd("autoconf") + diff --git a/m4/find_apr.m4 b/m4/find_apr.m4 new file mode 100644 index 0000000..9228c76 --- /dev/null +++ b/m4/find_apr.m4 @@ -0,0 +1,166 @@ +dnl -------------------------------------------------------- -*- autoconf -*- +dnl Copyright 2000-2005 The Apache Software Foundation +dnl +dnl Licensed under the Apache License, Version 2.0 (the "License"); +dnl you may not use this file except in compliance with the License. +dnl You may obtain a copy of the License at +dnl +dnl http://www.apache.org/licenses/LICENSE-2.0 +dnl +dnl Unless required by applicable law or agreed to in writing, software +dnl distributed under the License is distributed on an "AS IS" BASIS, +dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +dnl See the License for the specific language governing permissions and +dnl limitations under the License. + +dnl +dnl find_apr.m4 : locate the APR include files and libraries +dnl +dnl This macro file can be used by applications to find and use the APR +dnl library. It provides a standardized mechanism for using APR. It supports +dnl embedding APR into the application source, or locating an installed +dnl copy of APR. +dnl +dnl APR_FIND_APR(srcdir, builddir, implicit-install-check, acceptable-majors) +dnl +dnl where srcdir is the location of the bundled APR source directory, or +dnl empty if source is not bundled. +dnl +dnl where builddir is the location where the bundled APR will will be built, +dnl or empty if the build will occur in the srcdir. +dnl +dnl where implicit-install-check set to 1 indicates if there is no +dnl --with-apr option specified, we will look for installed copies. +dnl +dnl where acceptable-majors is a space separated list of acceptable major +dnl version numbers. Often only a single major version will be acceptable. +dnl If multiple versions are specified, and --with-apr=PREFIX or the +dnl implicit installed search are used, then the first (leftmost) version +dnl in the list that is found will be used. Currently defaults to [0 1]. +dnl +dnl Sets the following variables on exit: +dnl +dnl apr_found : "yes", "no", "reconfig" +dnl +dnl apr_config : If the apr-config tool exists, this refers to it. If +dnl apr_found is "reconfig", then the bundled directory +dnl should be reconfigured *before* using apr_config. +dnl +dnl Note: this macro file assumes that apr-config has been installed; it +dnl is normally considered a required part of an APR installation. +dnl +dnl If a bundled source directory is available and needs to be (re)configured, +dnl then apr_found is set to "reconfig". The caller should reconfigure the +dnl (passed-in) source directory, placing the result in the build directory, +dnl as appropriate. +dnl +dnl If apr_found is "yes" or "reconfig", then the caller should use the +dnl value of apr_config to fetch any necessary build/link information. +dnl + +AC_DEFUN([APR_FIND_APR], [ + apr_found="no" + + if test "$ac_cv_emxos2" = "yes"; then + # Scripts don't pass test -x on OS/2 + TEST_X="test -f" + else + TEST_X="test -x" + fi + + ifelse([$4], [], [ + ifdef(AC_WARNING,AC_WARNING([$0: missing argument 4 (acceptable-majors): Defaulting to APR 0.x then APR 1.x])) + acceptable_majors="0 1"], + [acceptable_majors="$4"]) + + apr_temp_acceptable_apr_config="" + for apr_temp_major in $acceptable_majors + do + case $apr_temp_major in + 0) + apr_temp_acceptable_apr_config="$apr_temp_acceptable_apr_config apr-config" + ;; + *) + apr_temp_acceptable_apr_config="$apr_temp_acceptable_apr_config apr-$apr_temp_major-config" + ;; + esac + done + + AC_MSG_CHECKING(for APR) + AC_ARG_WITH(apr, + [ --with-apr=PATH prefix for installed APR, path to APR build tree, + or the full path to apr-config], + [ + if test "$withval" = "no" || test "$withval" = "yes"; then + AC_MSG_ERROR([--with-apr requires a directory or file to be provided]) + fi + + for apr_temp_apr_config_file in $apr_temp_acceptable_apr_config + do + for lookdir in "$withval/bin" "$withval" + do + if $TEST_X "$lookdir/$apr_temp_apr_config_file"; then + apr_found="yes" + apr_config="$lookdir/$apr_temp_apr_config_file" + break 2 + fi + done + done + + if test "$apr_found" != "yes" && $TEST_X "$withval" && $withval --help > /dev/null 2>&1 ; then + apr_found="yes" + apr_config="$withval" + fi + + dnl if --with-apr is used, it is a fatal error for its argument + dnl to be invalid + if test "$apr_found" != "yes"; then + AC_MSG_ERROR([the --with-apr parameter is incorrect. It must specify an install prefix, a build directory, or an apr-config file.]) + fi + ],[ + dnl If we allow installed copies, check those before using bundled copy. + if test -n "$3" && test "$3" = "1"; then + for apr_temp_apr_config_file in $apr_temp_acceptable_apr_config + do + if $apr_temp_apr_config_file --help > /dev/null 2>&1 ; then + apr_found="yes" + apr_config="$apr_temp_apr_config_file" + break + else + dnl look in some standard places + for lookdir in /usr /usr/local /usr/local/apr /opt/apr /usr/local/apache2; do + if $TEST_X "$lookdir/bin/$apr_temp_apr_config_file"; then + apr_found="yes" + apr_config="$lookdir/bin/$apr_temp_apr_config_file" + break 2 + fi + done + fi + done + fi + dnl if we have not found anything yet and have bundled source, use that + if test "$apr_found" = "no" && test -d "$1"; then + apr_temp_abs_srcdir="`cd $1 && pwd`" + apr_found="reconfig" + apr_bundled_major="`sed -n '/#define.*APR_MAJOR_VERSION/s/^[^0-9]*\([0-9]*\).*$/\1/p' \"$1/include/apr_version.h\"`" + case $apr_bundled_major in + "") + AC_MSG_ERROR([failed to find major version of bundled APR]) + ;; + 0) + apr_temp_apr_config_file="apr-config" + ;; + *) + apr_temp_apr_config_file="apr-$apr_bundled_major-config" + ;; + esac + if test -n "$2"; then + apr_config="$2/$apr_temp_apr_config_file" + else + apr_config="$1/$apr_temp_apr_config_file" + fi + fi + ]) + + AC_MSG_RESULT($apr_found) +]) diff --git a/m4/libgnutls.m4 b/m4/libgnutls.m4 new file mode 100644 index 0000000..3e714fc --- /dev/null +++ b/m4/libgnutls.m4 @@ -0,0 +1,171 @@ +dnl Autoconf macros for libgnutls +dnl $id$ + +# Modified for LIBGNUTLS -- nmav +# Configure paths for LIBGCRYPT +# Shamelessly stolen from the one of XDELTA by Owen Taylor +# Werner Koch 99-12-09 + +dnl AM_PATH_LIBGNUTLS([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) +dnl Test for libgnutls, and define LIBGNUTLS_CFLAGS and LIBGNUTLS_LIBS +dnl +AC_DEFUN([AM_PATH_LIBGNUTLS], +[dnl +dnl Get the cflags and libraries from the libgnutls-config script +dnl +AC_ARG_WITH(libgnutls-prefix, + [ --with-libgnutls-prefix=PFX Prefix where libgnutls is installed (optional)], + libgnutls_config_prefix="$withval", libgnutls_config_prefix="") + + if test x$libgnutls_config_prefix != x ; then + if test x${LIBGNUTLS_CONFIG+set} != xset ; then + LIBGNUTLS_CONFIG=$libgnutls_config_prefix/bin/libgnutls-config + fi + fi + + AC_PATH_PROG(LIBGNUTLS_CONFIG, libgnutls-config, no) + min_libgnutls_version=ifelse([$1], ,0.1.0,$1) + AC_MSG_CHECKING(for libgnutls - version >= $min_libgnutls_version) + no_libgnutls="" + if test "$LIBGNUTLS_CONFIG" = "no" ; then + no_libgnutls=yes + else + LIBGNUTLS_CFLAGS=`$LIBGNUTLS_CONFIG $libgnutls_config_args --cflags` + LIBGNUTLS_LIBS=`$LIBGNUTLS_CONFIG $libgnutls_config_args --libs` + libgnutls_config_version=`$LIBGNUTLS_CONFIG $libgnutls_config_args --version` + + + ac_save_CFLAGS="$CFLAGS" + ac_save_LIBS="$LIBS" + CFLAGS="$CFLAGS $LIBGNUTLS_CFLAGS" + LIBS="$LIBS $LIBGNUTLS_LIBS" +dnl +dnl Now check if the installed libgnutls is sufficiently new. Also sanity +dnl checks the results of libgnutls-config to some extent +dnl + rm -f conf.libgnutlstest + AC_TRY_RUN([ +#include +#include +#include +#include + +int +main () +{ + system ("touch conf.libgnutlstest"); + + if( strcmp( gnutls_check_version(NULL), "$libgnutls_config_version" ) ) + { + printf("\n*** 'libgnutls-config --version' returned %s, but LIBGNUTLS (%s)\n", + "$libgnutls_config_version", gnutls_check_version(NULL) ); + printf("*** was found! If libgnutls-config was correct, then it is best\n"); + printf("*** to remove the old version of LIBGNUTLS. You may also be able to fix the error\n"); + printf("*** by modifying your LD_LIBRARY_PATH enviroment variable, or by editing\n"); + printf("*** /etc/ld.so.conf. Make sure you have run ldconfig if that is\n"); + printf("*** required on your system.\n"); + printf("*** If libgnutls-config was wrong, set the environment variable LIBGNUTLS_CONFIG\n"); + printf("*** to point to the correct copy of libgnutls-config, and remove the file config.cache\n"); + printf("*** before re-running configure\n"); + } + else if ( strcmp(gnutls_check_version(NULL), LIBGNUTLS_VERSION ) ) + { + printf("\n*** LIBGNUTLS header file (version %s) does not match\n", LIBGNUTLS_VERSION); + printf("*** library (version %s)\n", gnutls_check_version(NULL) ); + } + else + { + if ( gnutls_check_version( "$min_libgnutls_version" ) ) + { + return 0; + } + else + { + printf("no\n*** An old version of LIBGNUTLS (%s) was found.\n", + gnutls_check_version(NULL) ); + printf("*** You need a version of LIBGNUTLS newer than %s. The latest version of\n", + "$min_libgnutls_version" ); + printf("*** LIBGNUTLS is always available from ftp://gnutls.hellug.gr/pub/gnutls.\n"); + printf("*** \n"); + printf("*** If you have already installed a sufficiently new version, this error\n"); + printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n"); + printf("*** being found. The easiest way to fix this is to remove the old version\n"); + printf("*** of LIBGNUTLS, but you can also set the LIBGNUTLS_CONFIG environment to point to the\n"); + printf("*** correct copy of libgnutls-config. (In this case, you will have to\n"); + printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n"); + printf("*** so that the correct libraries are found at run-time))\n"); + } + } + return 1; +} +],, no_libgnutls=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) + CFLAGS="$ac_save_CFLAGS" + LIBS="$ac_save_LIBS" + fi + + if test "x$no_libgnutls" = x ; then + AC_MSG_RESULT(yes) + ifelse([$2], , :, [$2]) + else + if test -f conf.libgnutlstest ; then + : + else + AC_MSG_RESULT(no) + fi + if test "$LIBGNUTLS_CONFIG" = "no" ; then + echo "*** The libgnutls-config script installed by LIBGNUTLS could not be found" + echo "*** If LIBGNUTLS was installed in PREFIX, make sure PREFIX/bin is in" + echo "*** your path, or set the LIBGNUTLS_CONFIG environment variable to the" + echo "*** full path to libgnutls-config." + else + if test -f conf.libgnutlstest ; then + : + else + echo "*** Could not run libgnutls test program, checking why..." + CFLAGS="$CFLAGS $LIBGNUTLS_CFLAGS" + LIBS="$LIBS $LIBGNUTLS_LIBS" + AC_TRY_LINK([ +#include +#include +#include +#include +], [ return !!gnutls_check_version(NULL); ], + [ echo "*** The test program compiled, but did not run. This usually means" + echo "*** that the run-time linker is not finding LIBGNUTLS or finding the wrong" + echo "*** version of LIBGNUTLS. If it is not finding LIBGNUTLS, you'll need to set your" + echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" + echo "*** to the installed location Also, make sure you have run ldconfig if that" + echo "*** is required on your system" + echo "***" + echo "*** If you have an old version installed, it is best to remove it, although" + echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" + echo "***" ], + [ echo "*** The test program failed to compile or link. See the file config.log for the" + echo "*** exact error that occured. This usually means LIBGNUTLS was incorrectly installed" + echo "*** or that you have moved LIBGNUTLS since it was installed. In the latter case, you" + echo "*** may want to edit the libgnutls-config script: $LIBGNUTLS_CONFIG" ]) + CFLAGS="$ac_save_CFLAGS" + LIBS="$ac_save_LIBS" + fi + fi + LIBGNUTLS_CFLAGS="" + LIBGNUTLS_LIBS="" + ifelse([$3], , :, [$3]) + fi + rm -f conf.libgnutlstest + AC_SUBST(LIBGNUTLS_CFLAGS) + AC_SUBST(LIBGNUTLS_LIBS) + + LIBGNUTLS_VERSION=`$LIBGNUTLS_CONFIG $libgnutls_config_args --version` + LIBGNUTLS_PREFIX="`$LIBGNUTLS_CONFIG $libgnutls_config_args --prefix`" + GNUTLS_CERTTOOL="${LIBGNUTLS_PREFIX}/bin/certtool" + + AC_SUBST(LIBGNUTLS_CFLAGS) + AC_SUBST(LIBGNUTLS_LIBS) + AC_SUBST(LIBGNUTLS_VERSION) + AC_SUBST(LIBGNUTLS_PREFIX) + AC_SUBST(LIBGNUTLS_CERTTOOL) + +]) + +dnl *-*wedit:notab*-* Please keep this as the last line. diff --git a/m4/libmemcache.m4 b/m4/libmemcache.m4 new file mode 100644 index 0000000..95e630b --- /dev/null +++ b/m4/libmemcache.m4 @@ -0,0 +1,46 @@ +dnl Check for memcache client libraries +dnl CHECK_MEMCACHE(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]) +AC_DEFUN([CHECK_MEMCACHE], +[dnl + +AC_ARG_WITH( + memcache, + [AC_HELP_STRING([--with-memcache=PATH],[Path memcache libraries])], + mc_path="$withval", + :) + +dnl # Determine memcache lib directory +if test -z $mc_path; then + test_paths="/usr/lib /usr/local/lib" +else + test_paths="${mc_path}/lib" +fi + +for x in $test_paths ; do + AC_MSG_CHECKING([for memcache library in ${x}]) + if test -f ${x}/libmemcache.so.1.0; then + AC_MSG_RESULT([yes]) + save_CFLAGS=$CFLAGS + save_LDFLAGS=$LDFLAGS + CFLAGS="$CFLAGS" + LDFLAGS="-L$x $LDFLAGS" + AC_CHECK_LIB(memcache, mc_server_add, + LIBMEMCACHE_LIBS="-L$x -lmemcache") + CFLAGS=$save_CFLAGS + LDFLAGS=$save_LDFLAGS + break + else + AC_MSG_RESULT([no]) + fi +done + +AC_SUBST(LIBMEMCACHE_LIBS) + +if test -z "${LIBMEMCACHE_LIBS}"; then + AC_MSG_NOTICE([*** memcache library not found.]) + ifelse([$2], , AC_MSG_ERROR([memcache library is required]), $2) +else + AC_MSG_NOTICE([using '${LIBMEMCACHE_LIBS}' for memcache]) + ifelse([$1], , , $1) +fi +]) diff --git a/m4/librsvg.m4 b/m4/librsvg.m4 new file mode 100644 index 0000000..c8d2bf0 --- /dev/null +++ b/m4/librsvg.m4 @@ -0,0 +1,29 @@ +dnl Check for librsvg libraries +dnl CHECK_RSVG(MINIMUM-VERSION, ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]) +AC_DEFUN([CHECK_RSVG], +[dnl + +pname=librsvg-2.0 + +AC_PATH_PROG(PKG_CONFIG, pkg-config, no) + +if test x$PKG_CONFIG = xno ; then + ifelse([$3], , AC_MSG_ERROR([pkg-config not found. pkg-config is required for librsvg]), $3) +fi + +AC_MSG_CHECKING(for librsvg - version >= $1) + +if $PKG_CONFIG --atleast-version=$1 $pname; then + RSVG_LDFLAGS=`$PKG_CONFIG $pname --libs-only-L` + RSVG_LIBS=`$PKG_CONFIG $pname --libs-only-l --libs-only-other` + RSVG_CFLAGS=`$PKG_CONFIG $pname --cflags` + RSVG_VERSION=`$PKG_CONFIG $pname --modversion` + AC_SUBST(RSVG_LDFLAGS) + AC_SUBST(RSVG_LIBS) + AC_SUBST(RSVG_CFLAGS) + AC_SUBST(RSVG_VERSION) + ifelse([$2], , AC_MSG_RESULT([yes]), $2) +else + ifelse([$3], , AC_MSG_ERROR([librsvg >=$1 is not installed.]), $3) +fi +]) diff --git a/m4/lua.m4 b/m4/lua.m4 new file mode 100644 index 0000000..beae980 --- /dev/null +++ b/m4/lua.m4 @@ -0,0 +1,71 @@ +dnl Check for Lua 5.0 Libraries +dnl CHECK_LUA(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]) +dnl Sets: +dnl LUA_CFLAGS +dnl LUA_LIBS +AC_DEFUN([CHECK_LUA], +[dnl + +AC_ARG_WITH( + lua, + [AC_HELP_STRING([--with-lua=PATH],[Path to the Lua 5.0 prefix])], + lua_path="$withval", + :) + +dnl # Determine memcache lib directory +if test -z $mc_path; then + test_paths="/usr/local /usr" +else + test_paths="${lua_path}" +fi + +for x in $test_paths ; do + AC_MSG_CHECKING([for lua.h in ${x}/include/lua50]) + if test -f ${x}/include/lua50/lua.h; then + AC_MSG_RESULT([yes]) + save_CFLAGS=$CFLAGS + save_LDFLAGS=$LDFLAGS + CFLAGS="$CFLAGS" + LDFLAGS="-L$x/lib $LDFLAGS" + AC_CHECK_LIB(lua50, lua_open, + [ + LUA_LIBS="-L$x/lib -llua50 -llualib50" + LUA_CFLAGS="-I$x/include/lua50" + ]) + CFLAGS=$save_CFLAGS + LDFLAGS=$save_LDFLAGS + break + else + AC_MSG_RESULT([no]) + fi + AC_MSG_CHECKING([for lua.h in ${x}/include]) + if test -f ${x}/include/lua.h; then + AC_MSG_RESULT([yes]) + save_CFLAGS=$CFLAGS + save_LDFLAGS=$LDFLAGS + CFLAGS="$CFLAGS" + LDFLAGS="-L$x/lib $LDFLAGS" + AC_CHECK_LIB(lua, lua_open, + [ + LUA_LIBS="-L$x/lib -llua -llualib" + LUA_CFLAGS="-I$x/include/lua50" + ]) + CFLAGS=$save_CFLAGS + LDFLAGS=$save_LDFLAGS + break + else + AC_MSG_RESULT([no]) + fi +done + +AC_SUBST(LUA_LIBS) +AC_SUBST(LUA_CFLAGS) + +if test -z "${LUA_LIBS}"; then + AC_MSG_NOTICE([*** Lua 5.0 library not found.]) + ifelse([$2], , AC_MSG_ERROR([Lua 5.0 library is required]), $2) +else + AC_MSG_NOTICE([using '${LUA_LIBS}' for Lua Library]) + ifelse([$1], , , $1) +fi +]) diff --git a/m4/outoforder.m4 b/m4/outoforder.m4 new file mode 100644 index 0000000..7add221 --- /dev/null +++ b/m4/outoforder.m4 @@ -0,0 +1,36 @@ +dnl m4 for utility macros used by all out of order projects + +dnl this writes a "config.nice" file which reinvokes ./configure with all +dnl of the arguments. this is different from config.status which simply +dnl regenerates the output files. config.nice is useful after you rebuild +dnl ./configure (via autoconf or autogen.sh) +AC_DEFUN([OOO_CONFIG_NICE],[ + echo configure: creating $1 + rm -f $1 + cat >$1<> $1 + fi + done + echo '"[$]@"' >> $1 + chmod +x $1 +]) + +dnl this macro adds a maintainer mode option to enable programmer specific +dnl code in makefiles +AC_DEFUN([OOO_MAINTAIN_MODE],[ + AC_ARG_ENABLE( + maintainer, + [AC_HELP_STRING([--enable-maintainer],[Enable maintainer mode for this project])], + AC_MSG_RESULT([Enabling Maintainer Mode!!]) + OOO_MAINTAIN=1, + OOO_MAINTAIN=0) + AC_SUBST(OOO_MAINTAIN) +]) diff --git a/src/gnutls_cache.c b/src/gnutls_cache.c index 83e7bb5..90f5a86 100644 --- a/src/gnutls_cache.c +++ b/src/gnutls_cache.c @@ -1,5 +1,6 @@ /** * Copyright 2004-2005 Paul Querna + * Portions Copyright 2008 Nikos Mavrogiannopoulos * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -345,6 +346,7 @@ static int dbm_cache_expire(mgs_handle_t *ctxt) break; } } + apr_dbm_freedatum( dbm, dbmval); } apr_dbm_nextkey(dbm, &dbmkey); @@ -401,20 +403,25 @@ static gnutls_datum_t dbm_cache_fetch(void* baton, gnutls_datum_t key) } if (dbmval.dptr == NULL || dbmval.dsize <= sizeof(apr_time_t)) { + apr_dbm_freedatum( dbm, dbmval); apr_dbm_close(dbm); return data; } - apr_dbm_close(dbm); data.size = dbmval.dsize - sizeof(apr_time_t); data.data = gnutls_malloc(data.size); if (data.data == NULL) { + apr_dbm_freedatum( dbm, dbmval); + apr_dbm_close(dbm); return data; } memcpy(data.data, dbmval.dptr+sizeof(apr_time_t), data.size); + apr_dbm_freedatum( dbm, dbmval); + apr_dbm_close(dbm); + return data; } diff --git a/src/gnutls_config.c b/src/gnutls_config.c index 8d6308a..4786f6d 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c @@ -202,6 +202,8 @@ const char *mgs_set_key_file(cmd_parms * parms, void *dummy, return NULL; } +#ifdef ENABLE_SRP + const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy, const char *arg) { @@ -228,6 +230,8 @@ const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy, return NULL; } +#endif + const char *mgs_set_cache(cmd_parms * parms, void *dummy, const char *type, const char *arg) { @@ -426,6 +430,7 @@ void *mgs_config_server_create(apr_pool_t * p, server_rec * s) ": (%d) %s", ret, gnutls_strerror(ret)); } +#ifdef ENABLE_SRP ret = gnutls_srp_allocate_server_credentials(&sc->srp_creds); if (ret < 0) { return apr_psprintf(p, "GnuTLS: Failed to initialize" @@ -434,6 +439,8 @@ void *mgs_config_server_create(apr_pool_t * p, server_rec * s) sc->srp_tpasswd_conf_file = NULL; sc->srp_tpasswd_file = NULL; +#endif + sc->privkey_x509 = NULL; memset( sc->certs_x509, 0, sizeof(sc->certs_x509)); sc->certs_x509_num = 0; diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 55a1120..0483602 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c @@ -115,11 +115,13 @@ static int mgs_select_virtual_server_cb(gnutls_session_t session) gnutls_credentials_set(session, GNUTLS_CRD_ANON, ctxt->sc->anon_creds); +#ifdef ENABLE_SRP if (ctxt->sc->srp_tpasswd_conf_file != NULL && ctxt->sc->srp_tpasswd_file != NULL) { gnutls_credentials_set(session, GNUTLS_CRD_SRP, ctxt->sc->srp_creds); } +#endif /* update the priorities - to avoid negotiating a ciphersuite that is not * enabled on this virtual server. Note that here we ignore the version @@ -313,6 +315,7 @@ mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog, gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn); +#ifdef ENABLE_SRP if (sc->srp_tpasswd_conf_file != NULL && sc->srp_tpasswd_file != NULL) { rv = gnutls_srp_set_server_credentials_file(sc->srp_creds, @@ -329,6 +332,7 @@ mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog, exit(-1); } } +#endif if (sc->certs_x509[0] == NULL && sc->enabled == GNUTLS_ENABLED_TRUE) { @@ -662,8 +666,10 @@ int mgs_hook_fixups(request_rec * r) gnutls_compression_get_name(gnutls_compression_get (ctxt->session))); +#ifdef ENABLE_SRP apr_table_setn(env, "SSL_SRP_USER", gnutls_srp_server_get_username(ctxt->session)); +#endif if (apr_table_get(env, "SSL_CLIENT_VERIFY") == NULL) apr_table_setn(env, "SSL_CLIENT_VERIFY", "NONE"); diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c index a6e5528..cc760e6 100644 --- a/src/mod_gnutls.c +++ b/src/mod_gnutls.c @@ -17,7 +17,6 @@ #include "mod_gnutls.h" - static void gnutls_hooks(apr_pool_t * p) { ap_hook_pre_connection(mgs_hook_pre_connection, NULL, NULL, @@ -80,6 +79,7 @@ static const command_rec mgs_config_cmds[] = { NULL, RSRC_CONF, "SSL Server SRP Password file"), +#ifdef ENABLE_SRP AP_INIT_TAKE1("GnuTLSSRPPasswdFile", mgs_set_srp_tpasswd_file, NULL, RSRC_CONF, @@ -88,6 +88,7 @@ static const command_rec mgs_config_cmds[] = { NULL, RSRC_CONF, "SSL Server SRP Parameters file"), +#endif AP_INIT_TAKE1("GnuTLSCacheTimeout", mgs_set_cache_timeout, NULL, RSRC_CONF, -- cgit