openpgp can be disabled

author: Nikos <nmav@crystal.(none)> 2007-12-20 21:13:38 +0200
committer: Nikos <nmav@crystal.(none)> 2007-12-20 21:13:38 +0200
commit: 76833d183538bc4d3ab444c3614da2654986d540 (patch)
tree: a02760002567077a5869454aad9e065a6435d1fb
parent: 522f343516dd2e88bde4b06b3d0fe7ee77797d8f (diff)
download: gnutls-76833d183538bc4d3ab444c3614da2654986d540.tar.gz
3 files changed, 48 insertions, 10 deletions
diff --git a/lib/auth_cert.c b/lib/auth_cert.c
index cb7eca9bbd..24ea0a5d63 100644
--- a/lib/auth_cert.c
+++ b/lib/auth_cert.c
@@ -44,14 +44,19 @@
 #include <gnutls_pk.h>
 #include <gnutls_x509.h>
 #include "debug.h"
-#include "openpgp/gnutls_openpgp.h"
 
-static gnutls_cert *alloc_and_load_x509_certs (gnutls_x509_crt_t * certs,
-					       unsigned);
-static gnutls_privkey *alloc_and_load_x509_key (gnutls_x509_privkey_t key);
+#ifdef ENABLE_OPENPGP
+# include "openpgp/gnutls_openpgp.h"
+
 static gnutls_cert *alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert);
 static gnutls_privkey *alloc_and_load_pgp_key (const gnutls_openpgp_privkey_t
 					       key);
+#endif
+
+static gnutls_cert *alloc_and_load_x509_certs (gnutls_x509_crt_t * certs,
+					       unsigned);
+static gnutls_privkey *alloc_and_load_x509_key (gnutls_x509_privkey_t key);
+
 
 
 /* Copies data from a internal certificate struct (gnutls_cert) to 
@@ -255,6 +260,7 @@ _find_x509_cert (const gnutls_certificate_credentials_t cred,
 
 }
 
+#ifdef ENABLE_OPENPGP
 /* Locates the most appropriate openpgp cert
  */
 static int
@@ -289,6 +295,7 @@ _find_openpgp_cert (const gnutls_certificate_credentials_t cred,
 
   return 0;
 }
+#endif
 
 /* Returns the number of issuers in the server's
  * certificate request packet.
@@ -479,11 +486,13 @@ cleanup:
     }
   else
     {
+#ifdef ENABLE_OPENPGP
       if (st.deinit_all)
 	{
 	  gnutls_openpgp_crt_deinit (st.cert.pgp);
 	  gnutls_openpgp_privkey_deinit (st.key.pgp);
 	}
+#endif
     }
 
   return ret;
@@ -571,9 +580,10 @@ _select_client_cert (gnutls_session_t session,
 	  _find_x509_cert (cred, _data, _data_size,
 			   pk_algos, pk_algos_length, &indx);
 
+#ifdef ENABLE_OPENPGP
       if (session->security_parameters.cert_type == GNUTLS_CRT_OPENPGP)
 	result = _find_openpgp_cert (cred, pk_algos, pk_algos_length, &indx);
-
+#endif
 
       if (result < 0)
 	{
@@ -663,6 +673,7 @@ _gnutls_gen_x509_crt (gnutls_session_t session, opaque ** data)
 enum PGPKeyDescriptorType
 { PGP_KEY_FINGERPRINT, PGP_KEY };
 
+#ifdef ENABLE_OPENPGP
 int
 _gnutls_gen_openpgp_certificate (gnutls_session_t session, opaque ** data)
 {
@@ -770,7 +781,7 @@ _gnutls_gen_openpgp_certificate_fpr (gnutls_session_t session, opaque ** data)
 
   return packet_size;
 }
-
+#endif
 
 
 int
@@ -778,12 +789,13 @@ _gnutls_gen_cert_client_certificate (gnutls_session_t session, opaque ** data)
 {
   switch (session->security_parameters.cert_type)
     {
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       if (_gnutls_openpgp_send_fingerprint (session) == 0)
 	return _gnutls_gen_openpgp_certificate (session, data);
       else
 	return _gnutls_gen_openpgp_certificate_fpr (session, data);
-
+#endif
     case GNUTLS_CRT_X509:
       return _gnutls_gen_x509_crt (session, data);
 
@@ -798,8 +810,10 @@ _gnutls_gen_cert_server_certificate (gnutls_session_t session, opaque ** data)
 {
   switch (session->security_parameters.cert_type)
     {
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_gen_openpgp_certificate (session, data);
+#endif
     case GNUTLS_CRT_X509:
       return _gnutls_gen_x509_crt (session, data);
     default:
@@ -954,6 +968,7 @@ cleanup:
 }
 
 #define CLEAR_CERTS for(x=0;x<peer_certificate_list_size;x++) _gnutls_gcert_deinit(&peer_certificate_list[x])
+#ifdef ENABLE_OPENPGP
 int
 _gnutls_proc_openpgp_server_certificate (gnutls_session_t session,
 					 opaque * data, size_t data_size)
@@ -1120,6 +1135,7 @@ cleanup:
   return ret;
 
 }
+#endif
 
 int
 _gnutls_proc_cert_server_certificate (gnutls_session_t session,
@@ -1127,9 +1143,11 @@ _gnutls_proc_cert_server_certificate (gnutls_session_t session,
 {
   switch (session->security_parameters.cert_type)
     {
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_proc_openpgp_server_certificate (session,
 						      data, data_size);
+#endif
     case GNUTLS_CRT_X509:
       return _gnutls_proc_x509_server_certificate (session, data, data_size);
     default:
@@ -1557,6 +1575,7 @@ alloc_and_load_x509_key (gnutls_x509_privkey_t key)
 /* converts the given pgp certificate to gnutls_cert* and allocates
  * space for them.
  */
+#ifdef ENABLE_OPENPGP
 static gnutls_cert *
 alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert)
 {
@@ -1619,7 +1638,7 @@ alloc_and_load_pgp_key (const gnutls_openpgp_privkey_t key)
 
   return local_key;
 }
-
+#endif
 
 void
 _gnutls_selected_certs_deinit (gnutls_session_t session)
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index dbaf6b27fb..f0378f4fbb 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -42,7 +42,9 @@
 #include <gnutls_x509.h>
 #include "x509/x509.h"
 #include "x509/mpi.h"
-#include "openpgp/gnutls_openpgp.h"
+#ifdef ENABLE_OPENPGP
+# include "openpgp/gnutls_openpgp.h"
+#endif
 
 /**
   * gnutls_certificate_free_keys - Used to free all the keys from a gnutls_certificate_credentials_t structure
@@ -191,12 +193,14 @@ gnutls_certificate_free_credentials (gnutls_certificate_credentials_t sc)
   gnutls_certificate_free_crls (sc);
 #endif
 
+#ifdef ENABLE_OPENPGP
 #ifndef KEYRING_HACK
   if (_E_gnutls_openpgp_keyring_deinit)
     _E_gnutls_openpgp_keyring_deinit( sc->keyring);
 #else
   _gnutls_free_datum( &sc->keyring);
 #endif
+#endif
 
   gnutls_free (sc);
 }
@@ -436,6 +440,7 @@ _gnutls_x509_get_raw_crt_expiration_time (const gnutls_datum_t * cert)
   return result;
 }
 
+#ifdef ENABLE_OPENPGP
 /*-
   * _gnutls_openpgp_crt_verify_peers - This function returns the peer's certificate status
   * @session: is a gnutls session
@@ -497,7 +502,7 @@ _gnutls_openpgp_crt_verify_peers (gnutls_session_t session,
 
   return 0;
 }
-
+#endif
 
 /**
   * gnutls_certificate_verify_peers2 - This function returns the peer's certificate verification status
@@ -546,8 +551,10 @@ gnutls_certificate_verify_peers2 (gnutls_session_t session,
     {
     case GNUTLS_CRT_X509:
       return _gnutls_x509_cert_verify_peers (session, status);
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_openpgp_crt_verify_peers (session, status);
+#endif
     default:
       return GNUTLS_E_INVALID_REQUEST;
     }
@@ -620,10 +627,12 @@ gnutls_certificate_expiration_time_peers (gnutls_session_t session)
       return _gnutls_x509_get_raw_crt_expiration_time (&info->
 						       raw_certificate_list
 						       [0]);
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_openpgp_get_raw_key_expiration_time (&info->
 							    raw_certificate_list
 							    [0]);
+#endif
     default:
       return (time_t) - 1;
     }
@@ -663,10 +672,12 @@ gnutls_certificate_activation_time_peers (gnutls_session_t session)
       return _gnutls_x509_get_raw_crt_activation_time (&info->
 						       raw_certificate_list
 						       [0]);
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_openpgp_get_raw_key_creation_time (&info->
 							  raw_certificate_list
 							  [0]);
+#endif
     default:
       return (time_t) - 1;
     }
@@ -682,8 +693,10 @@ _gnutls_raw_cert_to_gcert (gnutls_cert * gcert,
     {
     case GNUTLS_CRT_X509:
       return _gnutls_x509_raw_cert_to_gcert (gcert, raw_cert, flags);
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_openpgp_raw_key_to_gcert (gcert, raw_cert);
+#endif
     default:
       gnutls_assert ();
       return GNUTLS_E_INTERNAL_ERROR;
@@ -700,10 +713,12 @@ _gnutls_raw_privkey_to_gkey (gnutls_privkey * key,
     {
     case GNUTLS_CRT_X509:
       return _gnutls_x509_raw_privkey_to_gkey (key, raw_key, key_enc);
+#ifdef ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       return _gnutls_openpgp_raw_privkey_to_gkey (key, raw_key,
 						    (gnutls_openpgp_crt_fmt_t)
 						    key_enc);
+#endif
     default:
       gnutls_assert ();
       return GNUTLS_E_INTERNAL_ERROR;
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 4058dbcf9d..a8ad52ad55 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -624,6 +624,7 @@ _gnutls_dh_set_group (gnutls_session_t session, mpi_t gen, mpi_t prime)
   return 0;
 }
 
+#ifdef ENABLE_OPENPGP
 /**
   * gnutls_openpgp_send_cert - This function will order gnutls to send the openpgp fingerprint instead of the key
   * @session: is a pointer to a #gnutls_session_t structure.
@@ -640,6 +641,7 @@ gnutls_openpgp_send_cert (gnutls_session_t session,
 {
   session->internals.pgp_fingerprint = status;
 }
+#endif
 
 /**
   * gnutls_certificate_send_x509_rdn_sequence - This function will order gnutls to send or not the x.509 rdn sequence
@@ -662,11 +664,13 @@ gnutls_certificate_send_x509_rdn_sequence (gnutls_session_t session,
   session->internals.ignore_rdn_sequence = status;
 }
 
+#ifdef ENABLE_OPENPGP
 int
 _gnutls_openpgp_send_fingerprint (gnutls_session_t session)
 {
   return session->internals.pgp_fingerprint;
 }
+#endif
 
 /*-
   * _gnutls_record_set_default_version - Used to set the default version for the first record packet
author	Nikos <nmav@crystal.(none)>	2007-12-20 21:13:38 +0200
committer	Nikos <nmav@crystal.(none)>	2007-12-20 21:13:38 +0200
commit	76833d183538bc4d3ab444c3614da2654986d540 (patch)
tree	a02760002567077a5869454aad9e065a6435d1fb
parent	522f343516dd2e88bde4b06b3d0fe7ee77797d8f (diff)
download	gnutls-76833d183538bc4d3ab444c3614da2654986d540.tar.gz