diff options
author | Simon Josefsson <simon@josefsson.org> | 2005-11-15 12:49:47 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2005-11-15 12:49:47 +0000 |
commit | 7a05253969c17facad2e4a9999eed3ab33044c61 (patch) | |
tree | 878bcbe4f5349e9c2bf1898cd15a1622a4886bfb | |
parent | 95d2f681a90df0e72439577721a2b9437211b3ee (diff) | |
download | gnutls-7a05253969c17facad2e4a9999eed3ab33044c61.tar.gz |
Disable more SRP stuff if --disable-srp, tiny patch from Albert Chin <gnutls-dev@mlists.thewrittenword.com> and tiny patch to src/prime.c from RedHat gnutls-1.2.6 RPM.
-rw-r--r-- | configure.in | 1 | ||||
-rw-r--r-- | doc/examples/Makefile.am | 9 | ||||
-rw-r--r-- | doc/manpages/Makefile.am | 18 | ||||
-rw-r--r-- | src/Makefile.am | 7 | ||||
-rw-r--r-- | src/prime.c | 6 |
5 files changed, 32 insertions, 9 deletions
diff --git a/configure.in b/configure.in index 3f4140fc8a..34f9916bad 100644 --- a/configure.in +++ b/configure.in @@ -258,6 +258,7 @@ else ac_full=0 AC_MSG_RESULT(yes) fi +AM_CONDITIONAL(ENABLE_SRP, test "$ac_enable_srp" != "no") AC_MSG_CHECKING([whether to disable anonymous authentication support]) AC_ARG_ENABLE(anon-authentication, diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am index 418029eee4..0b9c54da70 100644 --- a/doc/examples/Makefile.am +++ b/doc/examples/Makefile.am @@ -24,9 +24,12 @@ LDADD = libexamples.la \ ../../lib/libgnutls.la \ ../../libextra/libgnutls-extra.la -noinst_PROGRAMS = ex-cert-select ex-client1 ex-client2 \ - ex-client-resume ex-client-srp ex-crq ex-serv1 ex-serv-anon \ - ex-serv-export ex-serv-pgp ex-serv-srp +if ENABLE_SRP +SRP_PROGRAM_FILES = ex-client-srp ex-serv-srp +endif +noinst_PROGRAMS = ex-cert-select ex-client1 ex-client2 \ + ex-client-resume ex-crq ex-serv1 ex-serv-anon \ + ex-serv-export ex-serv-pgp $(SRP_PROGRAM_FILES) noinst_LTLIBRARIES = libexamples.la diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am index 82e027c91c..ab2d597b49 100644 --- a/doc/manpages/Makefile.am +++ b/doc/manpages/Makefile.am @@ -1,7 +1,11 @@ -dist_man_MANS = gnutls-cli.1 gnutls-cli-debug.1 gnutls-serv.1 srptool.1 \ - certtool.1 psktool.1 +dist_man_MANS = gnutls-cli.1 gnutls-cli-debug.1 gnutls-serv.1 certtool.1 psktool.1 + +if ENABLE_SRP +dist_man_MANS += srptool.1 +endif APIMANS = gnutls_srp_base64_encode.3 gnutls_srp_base64_encode_alloc.3 gnutls_srp_base64_decode.3 gnutls_srp_base64_decode_alloc.3 gnutls_server_name_get.3 gnutls_server_name_set.3 gnutls_alert_get_name.3 gnutls_alert_send.3 gnutls_error_to_alert.3 gnutls_alert_send_appropriate.3 gnutls_alert_get.3 gnutls_mac_get_name.3 gnutls_compression_get_name.3 gnutls_cipher_get_key_size.3 gnutls_cipher_get_name.3 gnutls_kx_get_name.3 gnutls_protocol_get_name.3 gnutls_cipher_suite_get_name.3 gnutls_certificate_type_get_name.3 gnutls_sign_algorithm_get_name.3 gnutls_pk_algorithm_get_name.3 gnutls_anon_free_server_credentials.3 gnutls_anon_allocate_server_credentials.3 gnutls_anon_free_client_credentials.3 gnutls_anon_allocate_client_credentials.3 gnutls_credentials_clear.3 gnutls_credentials_set.3 gnutls_auth_get_type.3 gnutls_auth_server_get_type.3 gnutls_auth_client_get_type.3 gnutls_record_check_pending.3 gnutls_certificate_free_keys.3 gnutls_certificate_free_cas.3 gnutls_certificate_free_ca_names.3 gnutls_certificate_free_credentials.3 gnutls_certificate_allocate_credentials.3 gnutls_certificate_server_set_request.3 gnutls_certificate_client_set_retrieve_function.3 gnutls_certificate_server_set_retrieve_function.3 gnutls_certificate_verify_peers2.3 gnutls_certificate_verify_peers.3 gnutls_certificate_expiration_time_peers.3 gnutls_certificate_activation_time_peers.3 gnutls_db_set_retrieve_function.3 gnutls_db_set_remove_function.3 gnutls_db_set_store_function.3 gnutls_db_set_ptr.3 gnutls_db_get_ptr.3 gnutls_db_set_cache_expiration.3 gnutls_db_check_entry.3 gnutls_db_remove_session.3 gnutls_dh_params_import_raw.3 gnutls_dh_params_init.3 gnutls_dh_params_deinit.3 gnutls_dh_params_cpy.3 gnutls_dh_params_generate2.3 gnutls_dh_params_import_pkcs3.3 gnutls_dh_params_export_pkcs3.3 gnutls_dh_params_export_raw.3 gnutls_error_is_fatal.3 gnutls_perror.3 gnutls_strerror.3 gnutls_global_set_log_function.3 gnutls_global_set_log_level.3 gnutls_global_set_mem_functions.3 gnutls_global_init.3 gnutls_global_deinit.3 gnutls_transport_set_pull_function.3 gnutls_transport_set_push_function.3 gnutls_check_version.3 gnutls_rehandshake.3 gnutls_handshake.3 gnutls_handshake_set_max_packet_length.3 gnutls_handshake_get_last_in.3 gnutls_handshake_get_last_out.3 gnutls_malloc.3 gnutls_free.3 gnutls_cipher_set_priority.3 gnutls_kx_set_priority.3 gnutls_mac_set_priority.3 gnutls_compression_set_priority.3 gnutls_protocol_set_priority.3 gnutls_certificate_type_set_priority.3 gnutls_set_default_priority.3 gnutls_set_default_export_priority.3 gnutls_psk_free_client_credentials.3 gnutls_psk_allocate_client_credentials.3 gnutls_psk_set_client_credentials.3 gnutls_psk_free_server_credentials.3 gnutls_psk_allocate_server_credentials.3 gnutls_psk_set_server_credentials_file.3 gnutls_psk_set_server_credentials_function.3 gnutls_psk_set_client_credentials_function.3 gnutls_psk_server_get_username.3 gnutls_hex_decode.3 gnutls_hex_encode.3 gnutls_protocol_get_version.3 gnutls_transport_set_lowat.3 gnutls_transport_set_ptr.3 gnutls_transport_set_ptr2.3 gnutls_transport_get_ptr.3 gnutls_transport_get_ptr2.3 gnutls_bye.3 gnutls_record_send.3 gnutls_record_recv.3 gnutls_record_get_max_size.3 gnutls_record_set_max_size.3 gnutls_rsa_params_import_raw.3 gnutls_rsa_params_init.3 gnutls_rsa_params_deinit.3 gnutls_rsa_params_cpy.3 gnutls_rsa_params_generate2.3 gnutls_rsa_params_import_pkcs1.3 gnutls_rsa_params_export_pkcs1.3 gnutls_rsa_params_export_raw.3 gnutls_session_get_data.3 gnutls_session_get_data2.3 gnutls_session_get_id.3 gnutls_session_set_data.3 gnutls_srp_free_client_credentials.3 gnutls_srp_allocate_client_credentials.3 gnutls_srp_set_client_credentials.3 gnutls_srp_free_server_credentials.3 gnutls_srp_allocate_server_credentials.3 gnutls_srp_set_server_credentials_file.3 gnutls_srp_set_server_credentials_function.3 gnutls_srp_set_client_credentials_function.3 gnutls_srp_server_get_username.3 gnutls_srp_verifier.3 gnutls_cipher_get.3 gnutls_certificate_type_get.3 gnutls_kx_get.3 gnutls_mac_get.3 gnutls_compression_get.3 gnutls_init.3 gnutls_deinit.3 gnutls_openpgp_send_key.3 gnutls_certificate_send_x509_rdn_sequence.3 gnutls_handshake_set_private_extensions.3 gnutls_session_is_resumed.3 gnutls_session_get_ptr.3 gnutls_session_set_ptr.3 gnutls_record_get_direction.3 gnutls_dh_set_prime_bits.3 gnutls_dh_get_group.3 gnutls_dh_get_pubkey.3 gnutls_rsa_export_get_pubkey.3 gnutls_dh_get_secret_bits.3 gnutls_dh_get_prime_bits.3 gnutls_rsa_export_get_modulus_bits.3 gnutls_dh_get_peers_public_bits.3 gnutls_certificate_get_ours.3 gnutls_certificate_get_peers.3 gnutls_certificate_client_get_request_status.3 gnutls_fingerprint.3 gnutls_anon_set_server_dh_params.3 gnutls_certificate_set_dh_params.3 gnutls_certificate_set_params_function.3 gnutls_anon_set_params_function.3 gnutls_certificate_set_verify_flags.3 gnutls_certificate_set_verify_limits.3 gnutls_certificate_set_rsa_export_params.3 gnutls_certificate_set_x509_key_mem.3 gnutls_certificate_set_x509_key.3 gnutls_certificate_set_x509_key_file.3 gnutls_certificate_set_x509_trust_mem.3 gnutls_certificate_set_x509_trust.3 gnutls_certificate_set_x509_trust_file.3 gnutls_certificate_set_x509_crl_mem.3 gnutls_certificate_set_x509_crl.3 gnutls_certificate_set_x509_crl_file.3 gnutls_certificate_free_crls.3 gnutls_pem_base64_encode.3 gnutls_pem_base64_encode_alloc.3 gnutls_pem_base64_decode.3 gnutls_pem_base64_decode_alloc.3 gnutls_global_init_extra.3 gnutls_extra_check_version.3 gnutls_certificate_set_openpgp_key_mem.3 gnutls_certificate_set_openpgp_key_file.3 gnutls_certificate_set_openpgp_keyring_file.3 gnutls_certificate_set_openpgp_keyring_mem.3 gnutls_certificate_set_openpgp_keyserver.3 gnutls_certificate_set_openpgp_trustdb.3 gnutls_openpgp_set_recv_key_function.3 gnutls_certificate_set_openpgp_key.3 gnutls_x509_dn_oid_known.3 gnutls_x509_crl_init.3 gnutls_x509_crl_deinit.3 gnutls_x509_crl_import.3 gnutls_x509_crl_get_issuer_dn.3 gnutls_x509_crl_get_issuer_dn_by_oid.3 gnutls_x509_crl_get_dn_oid.3 gnutls_x509_crl_get_signature_algorithm.3 gnutls_x509_crl_get_version.3 gnutls_x509_crl_get_this_update.3 gnutls_x509_crl_get_next_update.3 gnutls_x509_crl_get_crt_count.3 gnutls_x509_crl_get_crt_serial.3 gnutls_x509_crl_export.3 gnutls_x509_crl_set_version.3 gnutls_x509_crl_sign2.3 gnutls_x509_crl_sign.3 gnutls_x509_crl_set_this_update.3 gnutls_x509_crl_set_next_update.3 gnutls_x509_crl_set_crt_serial.3 gnutls_x509_crl_set_crt.3 gnutls_x509_crq_init.3 gnutls_x509_crq_deinit.3 gnutls_x509_crq_import.3 gnutls_x509_crq_get_dn.3 gnutls_x509_crq_get_dn_by_oid.3 gnutls_x509_crq_get_dn_oid.3 gnutls_x509_crq_get_challenge_password.3 gnutls_x509_crq_set_attribute_by_oid.3 gnutls_x509_crq_get_attribute_by_oid.3 gnutls_x509_crq_set_dn_by_oid.3 gnutls_x509_crq_set_version.3 gnutls_x509_crq_get_version.3 gnutls_x509_crq_set_key.3 gnutls_x509_crq_set_challenge_password.3 gnutls_x509_crq_sign2.3 gnutls_x509_crq_sign.3 gnutls_x509_crq_export.3 gnutls_x509_crq_get_pk_algorithm.3 gnutls_x509_rdn_get.3 gnutls_x509_rdn_get_by_oid.3 gnutls_x509_rdn_get_oid.3 gnutls_pkcs12_bag_init.3 gnutls_pkcs12_bag_deinit.3 gnutls_pkcs12_bag_get_type.3 gnutls_pkcs12_bag_get_count.3 gnutls_pkcs12_bag_get_data.3 gnutls_pkcs12_bag_set_data.3 gnutls_pkcs12_bag_set_crt.3 gnutls_pkcs12_bag_set_crl.3 gnutls_pkcs12_bag_set_key_id.3 gnutls_pkcs12_bag_get_key_id.3 gnutls_pkcs12_bag_get_friendly_name.3 gnutls_pkcs12_bag_set_friendly_name.3 gnutls_pkcs12_bag_decrypt.3 gnutls_pkcs12_bag_encrypt.3 gnutls_pkcs12_init.3 gnutls_pkcs12_deinit.3 gnutls_pkcs12_import.3 gnutls_pkcs12_export.3 gnutls_pkcs12_get_bag.3 gnutls_pkcs12_set_bag.3 gnutls_pkcs12_generate_mac.3 gnutls_pkcs12_verify_mac.3 gnutls_pkcs7_init.3 gnutls_pkcs7_deinit.3 gnutls_pkcs7_import.3 gnutls_pkcs7_get_crt_raw.3 gnutls_pkcs7_get_crt_count.3 gnutls_pkcs7_export.3 gnutls_pkcs7_set_crt_raw.3 gnutls_pkcs7_set_crt.3 gnutls_pkcs7_delete_crt.3 gnutls_pkcs7_get_crl_raw.3 gnutls_pkcs7_get_crl_count.3 gnutls_pkcs7_set_crl_raw.3 gnutls_pkcs7_set_crl.3 gnutls_pkcs7_delete_crl.3 gnutls_x509_privkey_init.3 gnutls_x509_privkey_deinit.3 gnutls_x509_privkey_cpy.3 gnutls_x509_privkey_import.3 gnutls_x509_privkey_import_rsa_raw.3 gnutls_x509_privkey_import_dsa_raw.3 gnutls_x509_privkey_get_pk_algorithm.3 gnutls_x509_privkey_export.3 gnutls_x509_privkey_export_rsa_raw.3 gnutls_x509_privkey_export_dsa_raw.3 gnutls_x509_privkey_generate.3 gnutls_x509_privkey_get_key_id.3 gnutls_x509_privkey_sign_data.3 gnutls_x509_privkey_verify_data.3 gnutls_x509_privkey_fix.3 gnutls_x509_privkey_export_pkcs8.3 gnutls_x509_privkey_import_pkcs8.3 gnutls_x509_crt_check_hostname.3 gnutls_x509_crt_check_issuer.3 gnutls_x509_crt_list_verify.3 gnutls_x509_crt_verify.3 gnutls_x509_crl_check_issuer.3 gnutls_x509_crl_verify.3 gnutls_x509_crt_init.3 gnutls_x509_crt_deinit.3 gnutls_x509_crt_import.3 gnutls_x509_crt_get_issuer_dn.3 gnutls_x509_crt_get_issuer_dn_by_oid.3 gnutls_x509_crt_get_issuer_dn_oid.3 gnutls_x509_crt_get_dn.3 gnutls_x509_crt_get_dn_by_oid.3 gnutls_x509_crt_get_dn_oid.3 gnutls_x509_crt_get_signature_algorithm.3 gnutls_x509_crt_get_version.3 gnutls_x509_crt_get_activation_time.3 gnutls_x509_crt_get_expiration_time.3 gnutls_x509_crt_get_serial.3 gnutls_x509_crt_get_subject_key_id.3 gnutls_x509_crt_get_authority_key_id.3 gnutls_x509_crt_get_pk_algorithm.3 gnutls_x509_crt_get_subject_alt_name.3 gnutls_x509_crt_get_ca_status.3 gnutls_x509_crt_get_key_usage.3 gnutls_x509_crt_get_extension_by_oid.3 gnutls_x509_crt_get_extension_oid.3 gnutls_x509_crt_get_fingerprint.3 gnutls_x509_crt_export.3 gnutls_x509_crt_get_key_id.3 gnutls_x509_crt_check_revocation.3 gnutls_x509_crt_verify_data.3 gnutls_x509_crt_get_crl_dist_points.3 gnutls_x509_crt_get_key_purpose_oid.3 gnutls_x509_crt_get_pk_rsa_raw.3 gnutls_x509_crt_get_pk_dsa_raw.3 gnutls_x509_crt_list_import.3 gnutls_x509_crt_set_dn_by_oid.3 gnutls_x509_crt_set_issuer_dn_by_oid.3 gnutls_x509_crt_set_version.3 gnutls_x509_crt_set_key.3 gnutls_x509_crt_set_crq.3 gnutls_x509_crt_set_extension_by_oid.3 gnutls_x509_crt_set_ca_status.3 gnutls_x509_crt_set_key_usage.3 gnutls_x509_crt_set_subject_alternative_name.3 gnutls_x509_crt_sign2.3 gnutls_x509_crt_sign.3 gnutls_x509_crt_set_activation_time.3 gnutls_x509_crt_set_expiration_time.3 gnutls_x509_crt_set_serial.3 gnutls_x509_crt_set_crl_dist_points.3 gnutls_x509_crt_cpy_crl_dist_points.3 gnutls_x509_crt_set_subject_key_id.3 gnutls_x509_crt_set_authority_key_id.3 gnutls_x509_crt_set_key_purpose_oid.3 gnutls_x509_crt_to_xml.3 gnutls_openpgp_keyring_init.3 gnutls_openpgp_keyring_deinit.3 gnutls_openpgp_keyring_check_id.3 gnutls_openpgp_keyring_import.3 gnutls_openpgp_trustdb_init.3 gnutls_openpgp_trustdb_deinit.3 gnutls_openpgp_trustdb_import_file.3 gnutls_openpgp_key_init.3 gnutls_openpgp_key_deinit.3 gnutls_openpgp_key_import.3 gnutls_openpgp_key_export.3 gnutls_openpgp_key_get_fingerprint.3 gnutls_openpgp_key_get_name.3 gnutls_openpgp_key_get_pk_algorithm.3 gnutls_openpgp_key_get_version.3 gnutls_openpgp_key_get_creation_time.3 gnutls_openpgp_key_get_expiration_time.3 gnutls_openpgp_key_get_id.3 gnutls_openpgp_key_check_hostname.3 gnutls_openpgp_key_get_key_usage.3 gnutls_openpgp_key_verify_ring.3 gnutls_openpgp_key_verify_self.3 gnutls_openpgp_key_verify_trustdb.3 gnutls_openpgp_privkey_init.3 gnutls_openpgp_privkey_deinit.3 gnutls_openpgp_privkey_import.3 gnutls_openpgp_privkey_get_pk_algorithm.3 gnutls_openpgp_key_to_xml.3 +SRPMANS = gnutls_srp_base64_encode.3 dist_man_MANS += $(APIMANS) @@ -14,10 +18,16 @@ update-makefile: FUNCS=`../scripts/gdoc -listfunc \ $(top_srcdir)/{lib,libextra,lib/x509,libextra/openpgp}/*.c`; \ MANS=""; \ + SRPMANS=""; \ for i in $$FUNCS; do \ - MANS="$$MANS $$i.3"; \ + if echo $$i | grep -q _srp_; then \ + SRPMANS="$$SRPMANS $$i.3"; \ + else + MANS="$$MANS $$i.3"; \ + fi \ done; \ - perl -pi -e "s/^APIMANS =.*/APIMANS =$$MANS/" Makefile.am + perl -pi -e "s/^APIMANS =.*/APIMANS =$$MANS/" Makefile.am; \ + perl -pi -e "s/^SRPMANS =.*/SRPMANS =$$SRPMANS/" Makefile.am doit: @for i in `../scripts/gdoc -listfunc $(top_srcdir)/lib/*.c`; do \ diff --git a/src/Makefile.am b/src/Makefile.am index 1aa64cb87d..3e55101488 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -24,17 +24,22 @@ SUBDIRS = srp x509 openpgp cfg INCLUDES = -I$(top_srcdir)/lib -I../includes -I$(top_srcdir)/includes \ -I$(top_srcdir)/gl -I$(srcdir)/cfg -bin_PROGRAMS = gnutls-serv gnutls-cli psktool srptool gnutls-cli-debug certtool +bin_PROGRAMS = gnutls-serv gnutls-cli psktool gnutls-cli-debug certtool +if ENABLE_SRP +bin_PROGRAMS += srptool +endif gnutls_serv_SOURCES = serv.gaa serv-gaa.h serv-gaa.c list.h serv.c \ common.h common.c gnutls_serv_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la \ $(LIBGCRYPT_LIBS) $(LIBTASN1_LIBS) $(LIBOPENCDK_LIBS) +if ENABLE_SRP srptool_SOURCES = crypt.gaa crypt-gaa.h crypt-gaa.c crypt.c srptool_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la \ $(LIBGCRYPT_LIBS) $(LIBTASN1_LIBS) $(LIBOPENCDK_LIBS) \ ../gl/libgnu.la +endif psktool_SOURCES = psk.gaa psk-gaa.h psk-gaa.c psk.c psktool_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la \ diff --git a/src/prime.c b/src/prime.c index 844b851465..9f93cc61b9 100644 --- a/src/prime.c +++ b/src/prime.c @@ -74,7 +74,8 @@ generate_prime (int bits, int how) } else { - if (bits <= 1024) +#ifdef ENABLE_SRP + if (bits <= 1024) { p = gnutls_srp_1024_group_prime; g = gnutls_srp_1024_group_generator; @@ -97,6 +98,9 @@ generate_prime (int bits, int how) gnutls_strerror (ret)); exit (1); } +#else + fprintf(stderr, "Parameters unavailable as SRP disabled.\n"); +#endif } if (cparams) |