diff options
| author | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2015-09-02 12:45:56 +0000 |
|---|---|---|
| committer | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2015-09-02 12:45:56 +0000 |
| commit | 978a9ebf2e6bede35c11cec2c7d17e2a8ff88bf3 (patch) | |
| tree | e6718707b37e2ae46220042ceae4523eb7650a3e /macros | |
| parent | b6fe6e6968f8b5e4f64448804f3765cb5eb3107f (diff) | |
| download | neon-978a9ebf2e6bede35c11cec2c7d17e2a8ff88bf3.tar.gz | |
Rewrite GnuTLS PKCS#11 support to work (exclusively) with the new
GnuTLS 3.x API.
* src/ne_privssl.h: Drop session-wide signing callback in favour of
per-clicert signing callback API.
* src/ne_socket.c (ne_sock_connect_ssl): Likewise.
* src/ne_gnutls.c: Store a signing function in the ccert object.
(dup_client_cert): Dupe the above.
(provide_client_cert): Support new retrieve API and new signing
callback.
(ne__ssl_clicert_exkey_import): Take callback & userdata.
* src/ne_pkcs11.c (pk11_sign_callback): Adjust for privkey-based
signing API.
(ne_ssl_set_pkcs11_provider): Drop session-global callback.
* macros/neon.m4 (NEON_SSL): Check for new retrieve API,
gnutls_privkey_import_ext. Enable PKCS#11 if latter present.
git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1964 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
Diffstat (limited to 'macros')
| -rw-r--r-- | macros/neon.m4 | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/macros/neon.m4 b/macros/neon.m4 index 5f878ba..51b62c8 100644 --- a/macros/neon.m4 +++ b/macros/neon.m4 @@ -982,10 +982,11 @@ gnutls) # Check for functions in later releases NE_CHECK_FUNCS([gnutls_session_get_data2 gnutls_x509_dn_get_rdn_ava \ - gnutls_sign_callback_set \ gnutls_certificate_get_issuer \ gnutls_certificate_get_x509_cas \ - gnutls_x509_crt_sign2]) + gnutls_x509_crt_sign2 \ + gnutls_certificate_set_retrieve_function2 \ + gnutls_privkey_import_ext]) # fail if gnutls_x509_crt_sign2 is not found (it was introduced in 1.2.0, which is required) if test x${ac_cv_func_gnutls_x509_crt_sign2} != xyes; then @@ -1039,7 +1040,7 @@ posix|yes) ;; esac -case ${with_pakchois}X${ac_cv_func_gnutls_sign_callback_set}Y${ne_cv_lib_ssl097} in +case ${with_pakchois}X${ac_cv_func_gnutls_privkey_import_ext}Y${ne_cv_lib_ssl097} in noX*Y*) ;; *X*Yyes|*XyesY*) # PKCS#11... ho! |