Hi,
I have submitted a patch for review:
https://gerrit.libreoffice.org/3330
To pull it, you can do:
git pull ssh://gerrit.libreoffice.org:29418/core refs/changes/30/3330/1
neon: honor --disable-openssl and use GNUTLS
On --disable-openssl, the bundled neon library
will link against GNUTLS + gcrypt instead of
OpenSSL.
Change-Id: I5b3f09cd1003aefde0478aaab026536c962212c4
---
M config_host.mk.in
M configure.ac
M neon/Library_neon.mk
M neon/UnpackedTarball_neon.mk
M neon/configs/config.h
A neon/neon_with_gnutls.patch
6 files changed, 87 insertions(+), 7 deletions(-)
diff --git a/config_host.mk.in b/config_host.mk.in
index d794d16..a0f4675 100644
--- a/config_host.mk.in
+++ b/config_host.mk.in
@@ -182,6 +182,8 @@
export GIT_NEEDED_SUBMODULES=@GIT_NEEDED_SUBMODULES@
export GNOMEVFS_CFLAGS=$(gb_SPACE)@GNOMEVFS_CFLAGS@
export GNOMEVFS_LIBS=$(gb_SPACE)@GNOMEVFS_LIBS@
+export GNUTLS_CFLAGS=$(gb_SPACE)@GNUTLS_CFLAGS@
+export GNUTLS_LIBS=$(gb_SPACE)@GNUTLS_LIBS@
export PARALLELISM?=@PARALLELISM@
@x_GNUCP@ export GNUCOPY=@GNUCP@
export GNUMAKE=@GNUMAKE@
@@ -289,6 +291,8 @@
export LIBEXTTEXTCAT_LIBS=$(gb_SPACE)@LIBEXTTEXTCAT_LIBS@
export LIBFONTS_JAR=@LIBFONTS_JAR@
export LIBFORMULA_JAR=@LIBFORMULA_JAR@
+export LIBGCRYPT_CFLAGS=@LIBGCRYPT_CFLAGS@
+export LIBGCRYPT_LIBS=@LIBGCRYPT_LIBS@
export LIBLANGTAG_CFLAGS=$(gb_SPACE)@LIBLANGTAG_CFLAGS@
export LIBLANGTAG_LIBS=$(gb_SPACE)@LIBLANGTAG_LIBS@
export LIBLAYOUT_JAR=@LIBLAYOUT_JAR@
diff --git a/configure.ac b/configure.ac
index 9c1f2e9..2c852f2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8562,6 +8562,21 @@
AC_SUBST([DISABLE_OPENSSL])
dnl ===================================================================
+dnl Check for building gnutls
+dnl ===================================================================
+AC_MSG_CHECKING([whether to use gnutls])
+if test "$enable_neon" != "no" && test "$enable_openssl" = "no"; then
+ AC_MSG_RESULT([yes])
+ AM_PATH_LIBGCRYPT()
+ PKG_CHECK_MODULES(GNUTLS, [gnutls],,
+ AC_MSG_ERROR([Disabling OpenSSL was requested, but GNUTLS is not
+ available in the system to use as replacement.]))
+fi
+
+AC_SUBST([LIBGCRYPT_CFLAGS])
+AC_SUBST([LIBGCRYPT_LIBS])
+
+dnl ===================================================================
dnl Check for system redland
dnl ===================================================================
dnl versions before 1.0.8 write RDF/XML that is useless for ODF (@xml:base)
diff --git a/neon/Library_neon.mk b/neon/Library_neon.mk
index bc5fe25..0ea887f 100644
--- a/neon/Library_neon.mk
+++ b/neon/Library_neon.mk
@@ -13,10 +13,15 @@
$(eval $(call gb_Library_use_externals,neon,\
libxml2 \
- openssl \
- openssl_headers \
zlib \
))
+
+ifneq ($(DISABLE_OPENSSL),YES)
+$(eval $(call gb_Library_use_externals,neon,\
+ openssl \
+ openssl_headers \
+))
+endif
$(eval $(call gb_Library_set_visibility_default,neon))
@@ -56,8 +61,28 @@
UnpackedTarball/neon/src/ne_utils \
UnpackedTarball/neon/src/ne_xml \
UnpackedTarball/neon/src/ne_xmlreq \
+))
+
+
+ifneq ($(DISABLE_OPENSSL),YES)
+$(eval $(call gb_Library_add_generated_cobjects,neon,\
UnpackedTarball/neon/src/ne_openssl \
))
+else
+$(eval $(call gb_Library_add_generated_cobjects,neon,\
+ UnpackedTarball/neon/src/ne_gnutls \
+))
+$(eval $(call gb_Library_add_cflags,neon,\
+ -DDISABLE_OPENSSL \
+ $(LIBGCRYPT_CFLAGS) \
+ $(GNUTLS_CFLAGS) \
+))
+$(eval $(call gb_Library_add_libs,neon,\
+ $(LIBGCRYPT_LIBS) \
+ $(GNUTLS_LIBS) \
+))
+endif
+
ifeq ($(OS),WNT)
$(eval $(call gb_Library_use_system_win32_libs,neon,\
@@ -76,9 +101,11 @@
))
else
+ifneq ($(DISABLE_OPENSSL),YES)
$(eval $(call gb_Library_add_generated_cobjects,neon,\
UnpackedTarball/neon/src/ne_ntlm \
))
+endif
endif
diff --git a/neon/UnpackedTarball_neon.mk b/neon/UnpackedTarball_neon.mk
index a099718..a6cb87b 100644
--- a/neon/UnpackedTarball_neon.mk
+++ b/neon/UnpackedTarball_neon.mk
@@ -20,6 +20,7 @@
$(eval $(call gb_UnpackedTarball_add_patches,neon,\
neon/neon.patch \
neon/neon_ne_set_request_flag.patch \
+ neon/neon_with_gnutls.patch \
))
# vim: set noet sw=4 ts=4:
diff --git a/neon/configs/config.h b/neon/configs/config.h
index db68aa2..b0fdf22 100644
--- a/neon/configs/config.h
+++ b/neon/configs/config.h
@@ -79,23 +79,25 @@
#define HAVE_GETSOCKOPT 1
#endif
+#ifdef DISABLE_OPENSSL
/* Define if GnuTLS support is enabled */
-/* #undef HAVE_GNUTLS */
+#define HAVE_GNUTLS
/* Define to 1 if you have the `gnutls_certificate_get_x509_cas' function. */
/* #undef HAVE_GNUTLS_CERTIFICATE_GET_X509_CAS */
/* Define to 1 if you have the `gnutls_certificate_verify_peers2' function. */
-/* #undef HAVE_GNUTLS_CERTIFICATE_VERIFY_PEERS2 */
+#define HAVE_GNUTLS_CERTIFICATE_VERIFY_PEERS2
/* Define to 1 if you have the `gnutls_session_get_data2' function. */
-/* #undef HAVE_GNUTLS_SESSION_GET_DATA2 */
+#define HAVE_GNUTLS_SESSION_GET_DATA2
/* Define to 1 if you have the `gnutls_sign_callback_set' function. */
-/* #undef HAVE_GNUTLS_SIGN_CALLBACK_SET */
+#define HAVE_GNUTLS_SIGN_CALLBACK_SET
/* Define to 1 if you have the `gnutls_x509_dn_get_rdn_ava' function. */
-/* #undef HAVE_GNUTLS_X509_DN_GET_RDN_AVA */
+#define HAVE_GNUTLS_X509_DN_GET_RDN_AVA
+#endif /* DISABLE_OPENSSL */
/* Define if GSSAPI support is enabled */
/* #undef HAVE_GSSAPI */
@@ -179,6 +181,7 @@
#define HAVE_NETINET_TCP_H 1
#endif
+#ifndef DISABLE_OPENSSL
/* Define if NTLM is supported */
#ifndef WIN32
#define HAVE_NTLM 1
@@ -192,6 +195,7 @@
/* Define to 1 if you have the <openssl/ssl.h> header file. */
#define HAVE_OPENSSL_SSL_H 1
+#endif /* !DISABLE_OPENSSL */
/* Define if pakchois library supported */
/* #undef HAVE_PAKCHOIS */
diff --git a/neon/neon_with_gnutls.patch b/neon/neon_with_gnutls.patch
new file mode 100644
index 0000000..ed8b7fa
--- /dev/null
+++ b/neon/neon_with_gnutls.patch
@@ -0,0 +1,29 @@
+--- src/ne_gnutls.c 2009-12-02 23:40:41.000000000 +0200
++++ src/ne_gnutls.c 2013-03-29 13:41:00.429857276 +0200
+@@ -48,6 +48,26 @@
+ #include <iconv.h>
+ #endif
+
++
++/* GnuTLS removed these symbols from 2.99.0.
++ *
++ * This is a dodgy solution to avoid further patching of neon
++ * sources */
++#if LIBGNUTLS_VERSION_NUMBER >= 0x026300
++# define gnutls_pkcs12 gnutls_pkcs12_t
++# define gnutls_pkcs12_bag gnutls_pkcs12_bag_t
++# define gnutls_pkcs12_bag_type gnutls_pkcs12_bag_type_t
++# define gnutls_certificate_verify_peers(_ssl) ({ \
++ int __status_ ## __LINE__ = 0; \
++ gnutls_certificate_verify_peers2((_ssl), &__status_ ## __LINE__) == 0 \
++ ? __status_ ## __LINE__ : -1; \
++ })
++#elif LIBGNUTLS_VERSION_NUMBER >= 0x020303
++/* GnuTLS had these symbols since 2.3.3. */
++# define HAVE_GNUTLS_CERTIFICATE_GET_X509_CAS
++#endif /* LIBGNUTLS_VERSION_NUMBER */
++
++
+ #include "ne_ssl.h"
+ #include "ne_string.h"
+ #include "ne_session.h"
--
To view, visit https://gerrit.libreoffice.org/3330
To unsubscribe, visit https://gerrit.libreoffice.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I5b3f09cd1003aefde0478aaab026536c962212c4
Gerrit-PatchSet: 1
Gerrit-Project: core
Gerrit-Branch: master
Gerrit-Owner: Andres Gomez <agomez@igalia.com>
Context
- [PATCH] neon: honor --disable-openssl and use GNUTLS · Andres Gomez (via Code Review)
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.