[pisa-src] r1558 - in trunk: Makefile.am community-operator/co_server.c community-operator/hipl.c community-operator/hipl.h community-operator/pisa_cert.c community-operator/pisa_cert.h configure.ac
- From: Thomas Jansen <mithi@xxxxxxxxx>
- To: pisa-src@xxxxxxxxxxxxx
- Date: Fri, 06 Nov 2009 18:06:48 +0100
Author: tjansen
Date: Fri Nov 6 18:06:48 2009
New Revision: 1558
Log:
Removed HIPL dependency.
Once upon a time we decided to link to against HIPL code and include the
related headers. These times are finally over, rejoice! And they lived happily
ever after...
We no longer include or link HIPL code. This patch introduces replacement
code to offer the needed functionality to co_server in hipl.c. Most of it is
a specialized implementation of libinet6/{builder,certtools,message}.c
functions for the one and only purpose of getting the default HIT from hipl
and handing in a SPKI certificate that needs to be signed. It is NOT a general
purpose lib to build arbitrary HIP packets (unlike builder.c). Maybe even
simple things like adding a second parameter to a message are broken.
Fortunately, we don't need that functionality.
Benefits:
- no need to handle the HIPL case in configure.ac, Makefile.am
- co_server is always built now
- we have full control on how to build a certificate in
community-operator/hipl.c rather than having to modify libinet6
Modified:
trunk/Makefile.am
trunk/community-operator/co_server.c
trunk/community-operator/hipl.c
trunk/community-operator/hipl.h
trunk/community-operator/pisa_cert.c
trunk/community-operator/pisa_cert.h
trunk/configure.ac
Modified: trunk/Makefile.am
==============================================================================
--- trunk/Makefile.am Fri Nov 6 15:48:32 2009 (r1557)
+++ trunk/Makefile.am Fri Nov 6 18:06:48 2009 (r1558)
@@ -34,6 +34,7 @@
pisasd/users.conf
bin_PROGRAMS = community-operator/co_client \
+ community-operator/co_server \
pairing/accept \
pairing/management \
pairing/passgen \
@@ -185,27 +186,6 @@
pisacd/pisacd pisasd/pisasd: performance/libperformance.la
endif
-if PISA_WITH_HIPL
-bin_PROGRAMS += community-operator/co_server
-community_operator_co_server_LDFLAGS += -lm
-
-# Ugly hacks due to dependencies on internal HIPL stuff.
-community_operator_co_server_CPPFLAGS = -I@PISA_HIPL_SRCDIR@
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/libinet6/include
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/libinet6
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/libhiptool
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/libdht
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/opendht
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/hipd
-community_operator_co_server_CPPFLAGS += -I@PISA_HIPL_SRCDIR@/i3/i3_client
-community_operator_co_server_CPPFLAGS +=
-I@PISA_HIPL_SRCDIR@/pjproject/pjnath/include
-community_operator_co_server_CPPFLAGS +=
-I@PISA_HIPL_SRCDIR@/pjproject/pjlib/include
-community_operator_co_server_CPPFLAGS +=
-I@PISA_HIPL_SRCDIR@/pjproject/pjlib-util/include
-endif
-
-community_operator_co_server_LDADD =
@PISA_HIPL_SRCDIR@/libinet6/.libs/libinet6.a
-community_operator_co_server_LDADD +=
@PISA_HIPL_SRCDIR@/libhiptool/.libs/libhiptool.a
-
# Make sure that libpisa is built first. The dependency is partially fake,
# but should do no harm apart from potentially slowing down parallel builds.
$(bin_PROGRAMS) $(sbin_PROGRAMS): libpisa/libpisa.la
Modified: trunk/community-operator/co_server.c
==============================================================================
--- trunk/community-operator/co_server.c Fri Nov 6 15:48:32 2009
(r1557)
+++ trunk/community-operator/co_server.c Fri Nov 6 18:06:48 2009
(r1558)
@@ -18,10 +18,6 @@
#include "libpisa/hitlist.h"
#include "hipl.h"
-#ifdef CONFIG_PISA_WITH_HIPL
-#include "libinet6/debug.h"
-#endif
-
#define CERT_BUF_SIZE 10240
#define DEFAULT_NUMBER_OF_PARALLEL_USERS 3
@@ -36,9 +32,6 @@
static char *get_certificate_for_hit(struct in6_addr *hit, int *reason);
static int handle_packet(struct sockaddr_in6 *socket_addr,
co_packet *co_packet);
-#ifdef HIPL_CERTIFICATE_CHANGES
-static int get_number_of_parallel_users(pisa_hitlist_entry *entry);
-#endif /* HIPL_CERTIFICATE_CHANGES */
/**
* Create a socket and port specified in the config file.
@@ -113,9 +106,6 @@
char *cert;
time_t not_before, not_after;
pisa_hitlist_entry *conn;
-#ifdef HIPL_CERTIFICATE_CHANGES
- int parallel_users;
-#endif /* HIPL_CERTIFICATE_CHANGES */
time(¬_before);
time(¬_after);
@@ -135,18 +125,9 @@
not_after = conn->expiration;
}
-#ifdef HIPL_CERTIFICATE_CHANGES
- parallel_users = get_number_of_parallel_users(conn);
-#endif /* HIPL_CERTIFICATE_CHANGES */
-
cert = malloc(CERT_BUF_SIZE);
-#ifndef HIPL_CERTIFICATE_CHANGES
- if (createCertificate(¬_before, ¬_after, hit, &issuer_hit, cert,
- CERT_BUF_SIZE) != 0) {
-#else
- if (createCertificate(¬_before, ¬_after, hit, &issuer_hit,
- parallel_users, cert, CERT_BUF_SIZE) != 0) {
-#endif /* HIPL_CERTIFICATE_CHANGES */
+ if (create_certificate(¬_before, ¬_after, hit, &issuer_hit, cert,
+ CERT_BUF_SIZE) != 0) {
free(cert);
*reason = DENY_UNKNOWN_ERROR;
@@ -155,26 +136,6 @@
return cert;
}
-#ifdef HIPL_CERTIFICATE_CHANGES
-/**
- * Reads the number of allowed parallel users from the configuration file
- * for the given HIT
- * @param entry The pisa_hitlist_entry for which the number should be read out
- * @return Either the number which is entered in the configuration file
- * or DEFAULT_NUMBER_OF_PARALLEL_USERS
- */
-static int get_number_of_parallel_users(pisa_hitlist_entry *entry)
-{
- config_setting_t *users;
- users = config_setting_get_member(entry->group, "parallel_users");
- if (users != NULL) {
- return config_setting_get_int(users);
- } else {
- return DEFAULT_NUMBER_OF_PARALLEL_USERS;
- }
-}
-#endif /* HIPL_CERTIFICATE_CHANGES */
-
/**
* Process a request from a specified client and send back the result
*
@@ -225,7 +186,6 @@
int main(void)
{
-
signal(SIGTERM, co_quit);
signal(SIGINT, co_quit);
signal(SIGQUIT, co_quit);
@@ -253,13 +213,12 @@
pisa_cfg_setup_file("co_server.cfg");
allowed = pisa_hitlist_build("allowed_hosts");
-#ifdef CONFIG_PISA_WITH_HIPL
- hip_set_logdebug(1); /* disable the debug output from HIPL code */
-#endif /* CONFIG_PISA_WITH_HIPL */
sock = create_server_socket();
- getDefaultHIT(&issuer_hit);
+ if (get_default_hit(&issuer_hit) != 0)
+ return 1;
- PISA_INFO("community operator server ready\n");
+ inet_ntop(AF_INET6, &issuer_hit, addr_string, INET6_ADDRSTRLEN);
+ PISA_INFO("community operator server ready, HIT: %s\n", addr_string);
PISA_INFO("\nwaiting for incoming packet...\n");
while (running) {
Modified: trunk/community-operator/hipl.c
==============================================================================
--- trunk/community-operator/hipl.c Fri Nov 6 15:48:32 2009 (r1557)
+++ trunk/community-operator/hipl.c Fri Nov 6 18:06:48 2009 (r1558)
@@ -5,24 +5,314 @@
#include "hipl.h"
#include "config.h"
-#include "certtools.h" /* in libinet6 under the hipl source tree */
+#include "libpisa/global.h"
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <unistd.h>
#include <netinet/in.h>
-#ifndef HIPL_CERTIFICATE_CHANGES
-int createCertificate(time_t *not_before, time_t *not_after,
- struct in6_addr *hit, struct in6_addr *issuer_hit,
- char *certificate, size_t size)
-#else
-int createCertificate(time_t *not_before, time_t *not_after,
- struct in6_addr *hit, struct in6_addr *issuer_hit,
- int parallel_users, char *certificate, size_t size)
-#endif /* HIPL_CERTIFICATE_CHANGES */
+#define HIP_MAX_PACKET 4096
+
+typedef struct {
+ uint8_t payload_proto;
+ uint8_t payload_len;
+ uint8_t type_hdr;
+ uint8_t ver_res;
+ uint16_t checksum;
+ uint16_t control;
+ struct in6_addr hits;
+ struct in6_addr hitr;
+} __attribute__ ((packed)) hip_common;
+
+typedef struct {
+ uint16_t type;
+ uint16_t length;
+} __attribute__ ((packed)) hip_tlv_common;
+
+static hip_common *hip_msg_alloc(void)
+{
+ hip_common *msg = malloc(HIP_MAX_PACKET);
+ if (msg)
+ memset(msg, 0, HIP_MAX_PACKET);
+ return msg;
+}
+
+static void hip_msg_free(hip_common *msg)
+{
+ free(msg);
+}
+
+static void hip_set_msg_total_len(hip_common *msg, uint16_t len)
+{
+ msg->payload_len = (len < 8) ? 0 : ((len >> 3) - 1);
+}
+
+static int hip_build_user_hdr(hip_common *msg, uint8_t base_type, uint16_t
err_val)
+{
+ if (!msg)
+ return -1;
+
+ msg->type_hdr = base_type;
+ msg->checksum = err_val;
+ hip_set_msg_total_len(msg, sizeof(hip_common));
+
+ return 0;
+}
+
+static int hip_get_msg_total_len(hip_common *msg)
+{
+ return (msg->payload_len == 0) ? 0 : ((msg->payload_len + 1) << 3);
+}
+
+#define HIP_LEN_PAD(len) \
+ ((((len) & 0x07) == 0) ? (len) : ((((len) >> 3) << 3) + 8))
+
+static uint16_t hip_get_param_total_len(const hip_tlv_common *tlv)
+{
+ return HIP_LEN_PAD(sizeof(hip_tlv_common) + ntohs(tlv->length));
+}
+
+static int hip_check_param_contents_len(hip_common *msg, hip_tlv_common *param)
+{
+ int len = hip_get_param_total_len(param);
+ char *p = (char *)param;
+
+ if (p == (char *)msg)
+ return 0;
+ if (p + len > ((char *)msg) + HIP_MAX_PACKET)
+ return 0;
+ if (len > hip_get_msg_total_len(msg))
+ return 0;
+
+ return 1;
+}
+
+static int hip_get_param_contents_len(hip_tlv_common *param)
+{
+ return ntohs(param->length);
+}
+
+static hip_tlv_common *hip_get_next_param(hip_common *msg, hip_tlv_common *cur)
{
- struct hip_cert_spki_info cert;
+ hip_tlv_common *next = NULL;
+
+ if (!msg)
+ return NULL;
+
+ /* Start after the HIP header if cur == NULL */
+ if (!cur)
+ next = (hip_tlv_common *)(msg + 1);
+ else
+ next = (hip_tlv_common *)(((char *)cur) +
hip_get_param_total_len(cur));
+
+ if ((char *)next - (char *)msg >= hip_get_msg_total_len(msg)
+ || !hip_check_param_contents_len(msg, next)
+ || hip_get_param_contents_len(next) == 0)
+ next = NULL;
+
+ return next;
+}
+
+static hip_tlv_common *hip_get_param(hip_common *msg, uint16_t type)
+{
+ hip_tlv_common *cur = NULL;
+
+ while ((cur = hip_get_next_param(msg, cur)) != NULL) {
+ if (type == ntohs(cur->type))
+ return cur;
+ }
+
+ return NULL;
+}
+
+static void *hip_get_param_contents_direct(hip_tlv_common *param)
+{
+ return (void*)(param + 1);
+}
+
+static int hip_bind(int sock, struct sockaddr_in6 *addr)
+{
+ int port = 1000;
+
+ while (port++ < 61000) {
+ addr->sin6_port = htons(port);
+ if (bind(sock, (struct sockaddr*)addr, sizeof(struct
sockaddr_in6)) == -1) {
+ switch(errno) {
+ case EACCES:
+ port = 32768;
+ break;
+ case EADDRINUSE:
+ break;
+ default:
+ return -1;
+ }
+ } else
+ return 0;
+ }
+
+ return -1;
+}
+
+#define HIP_DAEMON_LOCAL_PORT 973
+
+static int hip_send_recv(hip_common *msg)
+{
+ int sock = 0, on = 1, len, result = -1;
+ struct sockaddr_in6 addr;
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sin6_family = AF_INET6;
+ addr.sin6_addr = in6addr_loopback;
+
+ if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
+ goto err;
+
+ if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1)
+ goto err;
+
+ if (hip_bind(sock, &addr))
+ goto err;
+
+ if ((len = hip_get_msg_total_len(msg)) == 0)
+ goto err;
+
+ /* Demand an answer from HIPD */
+ msg->payload_proto = 1;
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sin6_family = AF_INET6;
+ addr.sin6_addr = in6addr_loopback;
+ addr.sin6_port = htons(HIP_DAEMON_LOCAL_PORT);
+ if (connect(sock, (struct sockaddr*)&addr, sizeof(struct sockaddr_in6))
== -1)
+ goto err;
+
+ if (send(sock, msg, len, 0) < len)
+ goto err;
+ if (recv(sock, msg, HIP_MAX_PACKET, 0) < 0)
+ goto err;
+
+ result = 0;
+
+err:
+ if (sock)
+ close(sock);
+ return result;
+}
+
+typedef struct {
+ hip_tlv_common tlv;
+ char public_key[768];
+ char cert[224];
+ char signature[768];
+ struct in6_addr issuer_hit;
+ /* 0 if succesfully verified otherwise negative */
+ uint32_t success;
+} hip_cert_spki_info;
+
+#define SO_HIP_CERT_SPKI_SIGN 141
+#define HIP_PARAM_CERT_SPKI_INFO 32794
+
+static int hip_param_append(hip_common *msg, hip_tlv_common *param)
+{
+ hip_tlv_common *cur = NULL, *append = NULL;
+ uint16_t len;
+
+ if (!msg || !param)
+ return -1;
+
+ while ((cur = hip_get_next_param(msg, cur)))
+ append = cur;
+
+ /* TODO check bounds */
+ if (!append)
+ append = (hip_tlv_common *)(msg + 1);
+ else
+ append = (hip_tlv_common *)(((char *)append) +
hip_get_param_total_len(append));
+ len = hip_get_param_total_len(param);
+ memcpy(append, param, len);
+ len += hip_get_msg_total_len(msg);
+ hip_set_msg_total_len(msg, len);
+
+ return 0;
+}
+
+static int hip_build_param_cert_spki_info(hip_common *msg,
+ hip_cert_spki_info *cert_info)
+{
+ hip_cert_spki_info local;
+ memcpy(&local, cert_info, sizeof(hip_cert_spki_info));
+ local.tlv.type = htons(HIP_PARAM_CERT_SPKI_INFO);
+ local.tlv.length = htons(sizeof(hip_cert_spki_info) -
sizeof(hip_tlv_common));
+ hip_param_append(msg, (hip_tlv_common *)&local);
+
+ return 0;
+}
+
+static int hip_cert_spki_create_cert(hip_cert_spki_info *content,
+ const char * issuer_type,
+ struct in6_addr * issuer,
+ const char * subject_type,
+ struct in6_addr * subject,
+ time_t * not_before, time_t * not_after)
+{
+ struct tm *ts;
+ char buf_before[80];
+ char buf_after[80];
+ char present_issuer[41];
+ char present_subject[41];
+ hip_common *msg = NULL;
+ hip_tlv_common *param = NULL;
+ int result = -1;
+
+ ts = localtime(not_before);
+ strftime(buf_before, sizeof(buf_before), "%Y-%m-%d_%H:%M:%S", ts);
+ ts = localtime(not_after);
+ strftime(buf_after, sizeof(buf_after), "%Y-%m-%d_%H:%M:%S", ts);
+
+ memset(content, 0, sizeof(hip_cert_spki_info));
+ pisa_ipv6_copy(&content->issuer_hit, issuer);
+ inet_ntop(AF_INET6, issuer, present_issuer, sizeof(present_issuer));
+ inet_ntop(AF_INET6, subject, present_subject, sizeof(present_subject));
+
+ snprintf(content->cert, sizeof(content->cert),
+ "(cert (issuer (hash %s %s))(subject (hash %s %s))"
+ "(not-before \"%s\")(not-after \"%s\"))", issuer_type,
+ present_issuer, subject_type, present_subject, buf_before,
+ buf_after);
+
+ /* Build the message we send to hipd */
+ if (!(msg = hip_msg_alloc()))
+ goto err;
+ if (hip_build_user_hdr(msg, SO_HIP_CERT_SPKI_SIGN, 0) != 0)
+ goto err;
+ if (hip_build_param_cert_spki_info(msg, content) != 0)
+ goto err;
+ if (hip_send_recv(msg) != 0)
+ goto err;
+
+ /* extract the result parameter */
+ if (!(param = hip_get_param(msg, HIP_PARAM_CERT_SPKI_INFO)))
+ goto err;
+
+ memcpy(content, param, sizeof(hip_cert_spki_info));
+ result = 0;
+
+err:
+ if (result)
+ memset(content, 0, sizeof(hip_cert_spki_info));
+ if (msg)
+ free(msg);
+ return result;
+}
+
+int create_certificate(time_t *not_before, time_t *not_after,
+ struct in6_addr *hit, struct in6_addr *issuer_hit,
+ char *certificate, size_t size)
+{
+ hip_cert_spki_info cert;
if (!not_before || !not_after || !hit || !certificate) {
printf("Invalid parameter in create_certificate.\n");
@@ -31,45 +321,48 @@
memset(&cert, 0, sizeof(cert));
-#ifndef HIPL_CERTIFICATE_CHANGES
hip_cert_spki_create_cert(&cert, "hit", issuer_hit, "hit", hit,
not_before, not_after);
-#else
- hip_cert_spki_create_cert(&cert, "hit", issuer_hit, "hit", hit,
- not_before, not_after, parallel_users);
-#endif /* HIPL_CERTIFICATE_CHANGES */
snprintf(certificate, size, "(sequence %s%s%s)", cert.public_key,
cert.cert, cert.signature);
-
return 0;
}
-int getDefaultHIT(struct in6_addr *result)
+#define SO_HIP_DEFAULT_HIT 16
+#define HIP_PARAM_HIT 32768
+
+int get_default_hit(struct in6_addr *result)
{
- struct hip_common *msg = NULL;
- struct hip_tlv_common *param = NULL;
+ hip_common *msg = NULL;
+ hip_tlv_common *param = NULL;
struct in6_addr *hit = NULL;
+ memset(result, 0, sizeof(struct in6_addr));
+
msg = hip_msg_alloc();
if (!msg)
return -1;
- /* get the default HIT from hipd, 16 is SO_HIP_DEFAULT_HIT */
- if (hip_build_user_hdr(msg, 16, 0) != 0) {
- free(msg);
+ /* get the default HIT from hipd */
+ if (hip_build_user_hdr(msg, SO_HIP_DEFAULT_HIT, 0) != 0) {
+ hip_msg_free(msg);
return -1;
}
- if (hip_send_recv_daemon_info(msg, 0, 0) != 0) {
- free(msg);
+ if (hip_send_recv(msg) != 0) {
+ hip_msg_free(msg);
return -1;
}
- /* extract the HIT parameter, HIP_PARAM_HIT is 32768 */
- param = hip_get_param(msg, 32768);
+ /* extract the HIT parameter */
+ param = hip_get_param(msg, HIP_PARAM_HIT);
hit = (struct in6_addr *) hip_get_param_contents_direct(param);
- memcpy(result, hit, sizeof(struct in6_addr));
+ if (hit) {
+ memcpy(result, hit, sizeof(struct in6_addr));
+ hip_msg_free(msg);
+ return 0;
+ }
- free(msg);
- return 0;
+ hip_msg_free(msg);
+ return -1;
}
Modified: trunk/community-operator/hipl.h
==============================================================================
--- trunk/community-operator/hipl.h Fri Nov 6 15:48:32 2009 (r1557)
+++ trunk/community-operator/hipl.h Fri Nov 6 18:06:48 2009 (r1558)
@@ -10,7 +10,6 @@
#include <string.h>
#include <netinet/in.h>
-#ifndef HIPL_CERTIFICATE_CHANGES
/**
* Create the certificate with the given parameters. This is a wrapper
* function for hip_cert_spki_create_cert. It requires a running hipd on
@@ -24,28 +23,9 @@
* @param size size of the certificate buffer
* @return 0 on success
*/
-int createCertificate(time_t *not_before, time_t *not_after,
- struct in6_addr *hit, struct in6_addr *issuer_hit,
- char *certificate, size_t size);
-#else
-/**
- * Create the certificate with the given parameters. This is a wrapper
- * function for hip_cert_spki_create_cert. It requires a running hipd on
- * the same machine and superuser privileges.
- *
- * @param not_before start of certificate lifetime
- * @param not_after end of certificate lifetime
- * @param hit HIT of subject (the home router HIT)
- * @param issuer_hit HIT of issuer (the community operator HIT)
- * @param certificate buffer to store the resulting certificate in
- * @param size size of the certificate buffer
- * @param parallel_users The number of allowed parallel users
- * @return 0 on success
- */
-int createCertificate(time_t *not_before, time_t *not_after,
- struct in6_addr *hit, struct in6_addr *issuer_hit,
- int parallel_users, char *certificate, size_t size);
-#endif /* HIPL_CERTIFICATE_CHANGES */
+int create_certificate(time_t *not_before, time_t *not_after,
+ struct in6_addr *hit, struct in6_addr *issuer_hit,
+ char *certificate, size_t size);
/**
* Get the default hit of the local HIPD. Requires a running hipd on the same
@@ -55,6 +35,6 @@
* @param result location to store the result in
* @return 0 on success
*/
-int getDefaultHIT(struct in6_addr *result);
+int get_default_hit(struct in6_addr *result);
#endif /* PISA_HIPL_H */
Modified: trunk/community-operator/pisa_cert.c
==============================================================================
--- trunk/community-operator/pisa_cert.c Fri Nov 6 15:48:32 2009
(r1557)
+++ trunk/community-operator/pisa_cert.c Fri Nov 6 18:06:48 2009
(r1558)
@@ -160,13 +160,4 @@
pisa_cert_get_content(buffer2, "hash hit", buffer1, sizeof(buffer1));
inet_pton(AF_INET6, buffer1, &addr);
memcpy(&pc->hit_subject, &addr, sizeof(struct in6_addr));
-
-#ifdef HIPL_CERTIFICATE_CHANGES
- int tmp_no;
- pisa_cert_get_part(cert,"parallel-users",buffer1,sizeof(buffer1));
- pisa_cert_get_content(buffer1,"parallel-users",buffer2,sizeof(buffer2));
- tmp_no = atoi(buffer2);
- // Allow 3 users as default
- pc->parallel_users = (tmp_no == 0) ? 3 : tmp_no;
-#endif /* HIPL_CERTIFICATE_CHANGES */
}
Modified: trunk/community-operator/pisa_cert.h
==============================================================================
--- trunk/community-operator/pisa_cert.h Fri Nov 6 15:48:32 2009
(r1557)
+++ trunk/community-operator/pisa_cert.h Fri Nov 6 18:06:48 2009
(r1558)
@@ -20,9 +20,7 @@
struct in6_addr hit_subject;
time_t not_before;
time_t not_after;
-#ifdef HIPL_CERTIFICATE_CHANGES
int parallel_users;
-#endif /* HIPL_CERTIFICATE_CHANGES */
};
/**
Modified: trunk/configure.ac
==============================================================================
--- trunk/configure.ac Fri Nov 6 15:48:32 2009 (r1557)
+++ trunk/configure.ac Fri Nov 6 18:06:48 2009 (r1558)
@@ -79,13 +79,6 @@
fi
AM_CONDITIONAL(PISA_LOGGING, test x"$ac_cv_use_logging" = x"yes")
-AC_ARG_WITH(hipl,
- AC_HELP_STRING([--with-hipl=path],
- [Default path to hipl source tree
(default=../../../hipl--midauth--2.6)]),
- [ac_cv_hipl_dir="${withval}"],
- [ac_cv_hipl_dir=""]
-)
-
AC_ARG_ENABLE(force-shlib,
AC_HELP_STRING([--enable-force-shlib],
[force linking to shared libraries (default=no)]),
@@ -115,28 +108,10 @@
AC_PREFIX_DEFAULT("/usr/local")
AC_SUBST(TOPSRC, `pwd`)
-if test x"$ac_cv_hipl_dir" = x; then
-AC_SUBST(PISA_HIPL_SRCDIR, "$TOPSRC/../../hipl--midauth--2.6")
-else
-AC_SUBST(PISA_HIPL_SRCDIR, "$ac_cv_hipl_dir")
-fi
# Set default AM_CFLAGS for the complete project.
AC_SUBST(AM_CFLAGS, "-std=gnu99 -Wall -Wextra -Wredundant-decls
-Wstrict-prototypes -Wdisabled-optimization -Wpointer-arith -Wundef -Winline
-Wno-deprecated-declarations -Wmissing-prototypes -Wwrite-strings -Wcast-qual
-Wshadow")
-if test -d "$PISA_HIPL_SRCDIR"; then
- AC_DEFINE(CONFIG_PISA_WITH_HIPL, AC_PREREQ(2.53))
- AH_TEMPLATE(CONFIG_PISA_WITH_HIPL)
- pisa_with_hipl=yes
-else
- # HIPL generates many warnings, so we cannot enable -Werror with it.
- AC_SUBST(AM_CFLAGS, "$AM_CFLAGS -Werror")
- AC_MSG_WARN("HIPL source tree cannot be found. So you could encounter
some problems when hipl-related parts of codes are executed.")
- AC_MSG_WARN("Try giving a correct path to the hipl source tree with the
--with-hipl option. You can see usage with ./configure -h.")
- pisa_with_hipl=no
-fi
-AM_CONDITIONAL(PISA_WITH_HIPL, test x"$pisa_with_hipl" = x"yes")
-
AC_SUBST(PISA_LIBPISA_LIB_STATIC, "$TOPSRC/libpisa/.libs/libpisa.a")
AC_SUBST(PISA_LIBPISA_LIB_DYNAMIC, "$TOPSRC/libpisa/.libs/libpisa.so")
Other related posts:
