summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-07-15 07:00:12 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:23:08 -0500
commit7b8332369f3664af13bd7760561765a35c312b9e (patch)
tree469f6d5e4de7b8c921f1bfe7fbc1f4b478a4be0e
parent63535f566e2fbe9244fd3e50b9c8d1281b822fc0 (diff)
downloadsamba-7b8332369f3664af13bd7760561765a35c312b9e.tar.gz
samba-7b8332369f3664af13bd7760561765a35c312b9e.tar.xz
samba-7b8332369f3664af13bd7760561765a35c312b9e.zip
r8482: gnutls_x509_crt_set_subject_key_id is not available in some versions
of gnutls. Thanks to ab for spotting this. (This used to be commit 437c4057ae4e89725ddbdd026977510beb33c009)
-rw-r--r--source4/configure.in1
-rw-r--r--source4/lib/tls/config.m416
-rw-r--r--source4/lib/tls/tlscert.c4
-rw-r--r--source4/web_server/config.m411
4 files changed, 21 insertions, 11 deletions
diff --git a/source4/configure.in b/source4/configure.in
index 587f220d191..11bcc1211b0 100644
--- a/source4/configure.in
+++ b/source4/configure.in
@@ -19,6 +19,7 @@ sinclude(lib/talloc/config.m4)
sinclude(lib/tdb/config.m4)
sinclude(lib/ldb/sqlite3.m4)
sinclude(lib/ldb/config.m4)
+sinclude(lib/tls/config.m4)
sinclude(lib/events/config.m4)
sinclude(lib/cmdline/config.m4)
diff --git a/source4/lib/tls/config.m4 b/source4/lib/tls/config.m4
new file mode 100644
index 00000000000..6ad618632e5
--- /dev/null
+++ b/source4/lib/tls/config.m4
@@ -0,0 +1,16 @@
+###############################
+# start SMB_EXT_LIB_GNUTLS
+# check for gnutls/gnutls.h and -lgnutls
+AC_CHECK_HEADERS(gnutls/gnutls.h)
+AC_CHECK_LIB_EXT(gnutls, GNUTLS_LIBS, gnutls_global_init)
+if test x"$ac_cv_header_gnutls_gnutls_h" = x"yes" -a x"$ac_cv_lib_ext_gnutls_gnutls_global_init" = x"yes";then
+ SMB_EXT_LIB_ENABLE(GNUTLS,YES)
+ AC_CHECK_DECL(gnutls_x509_crt_set_subject_key_id,
+ [AC_DEFINE(HAVE_GNUTLS_X509_CRT_SET_SUBJECT_KEY_ID,1,gnutls subject_key)], [], [
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+])
+fi
+SMB_EXT_LIB(GNUTLS, $GNUTLS_LIBS)
+# end SMB_EXT_LIB_GNUTLS
+###############################
diff --git a/source4/lib/tls/tlscert.c b/source4/lib/tls/tlscert.c
index 2cd46ff4329..d1199226029 100644
--- a/source4/lib/tls/tlscert.c
+++ b/source4/lib/tls/tlscert.c
@@ -94,7 +94,9 @@ void tls_cert_generate(TALLOC_CTX *mem_ctx,
#endif
TLSCHECK(gnutls_x509_crt_set_version(cacrt, 3));
TLSCHECK(gnutls_x509_crt_get_key_id(cacrt, 0, keyid, &keyidsize));
+#if HAVE_GNUTLS_X509_CRT_SET_SUBJECT_KEY_ID
TLSCHECK(gnutls_x509_crt_set_subject_key_id(cacrt, keyid, keyidsize));
+#endif
TLSCHECK(gnutls_x509_crt_sign(cacrt, cacrt, cakey));
DEBUG(3,("Generating TLS certificate\n"));
@@ -118,7 +120,9 @@ void tls_cert_generate(TALLOC_CTX *mem_ctx,
#endif
TLSCHECK(gnutls_x509_crt_set_version(crt, 3));
TLSCHECK(gnutls_x509_crt_get_key_id(crt, 0, keyid, &keyidsize));
+#if HAVE_GNUTLS_X509_CRT_SET_SUBJECT_KEY_ID
TLSCHECK(gnutls_x509_crt_set_subject_key_id(crt, keyid, keyidsize));
+#endif
TLSCHECK(gnutls_x509_crt_sign(crt, crt, key));
DEBUG(3,("Exporting TLS keys\n"));
diff --git a/source4/web_server/config.m4 b/source4/web_server/config.m4
index 057f193179d..2dd5e5b823a 100644
--- a/source4/web_server/config.m4
+++ b/source4/web_server/config.m4
@@ -1,13 +1,2 @@
AC_CHECK_HEADERS(setjmp.h)
-###############################
-# start SMB_EXT_LIB_GNUTLS
-# check for gnutls/gnutls.h and -lgnutls
-AC_CHECK_HEADERS(gnutls/gnutls.h)
-AC_CHECK_LIB_EXT(gnutls, GNUTLS_LIBS, gnutls_global_init)
-if test x"$ac_cv_header_gnutls_gnutls_h" = x"yes" -a x"$ac_cv_lib_ext_gnutls_gnutls_global_init" = x"yes";then
- SMB_EXT_LIB_ENABLE(GNUTLS,YES)
-fi
-SMB_EXT_LIB(GNUTLS, $GNUTLS_LIBS)
-# end SMB_EXT_LIB_GNUTLS
-###############################