[PATCH] Clean up gnutls warnings.

Kevin J. McCarthy Tue, 27 Jan 2015 16:27:00 -0800

This patch cleans up the gnutls type warnings, along with one
int to pointer warning for gnutls_transport_set_ptr().


More details are in the patch file below.

-Kevin

# HG changeset patch
# User Kevin McCarthy <[email protected]>
# Date 1422404131 28800
#      Tue Jan 27 16:15:31 2015 -0800
# Node ID 73b97b986e0d53cf09dee25ca2bc6cff61bd2fa3
# Parent  df55f14f45858193a4cc506065ae2c6989138c2e
Clean up gnutls warnings.

Most of the warning were caused by deprecated types:
  gnutls_certificate_credentials
  gnutls_certificate_status
  gnutls_datum
  gnutls_digest_algorithm
  gnutls_session
  gnutls_transport_ptr
  gnutls_x509_crt
Even though I believe the replacements have been around for a while, the
patch adds autoconf checks and fallback typedefs.

One warning was caused by casting an int to a pointer for the second
parameter to gnutls_transport_set_ptr().  Recent gnutls has a
replacement gnutls_transport_set_int() macro, but this macro simply
(eventually) casts the parameter using "(gnutls_transport_ptr_t)(long)".
So this patch just does the same.

diff --git a/configure.ac b/configure.ac
--- a/configure.ac
+++ b/configure.ac
@@ -704,16 +704,23 @@
 
     AC_CHECK_LIB(gnutls, gnutls_check_version,
       [dnl GNUTLS found
       AC_CHECK_DECLS([GNUTLS_VERIFY_DISABLE_TIME_CHECKS], [], [],
                     [[#include <gnutls/x509.h>]])
 
       LIBS="$LIBS -lgnutls"
       AC_CHECK_FUNCS(gnutls_priority_set_direct)
+      AC_CHECK_TYPES([gnutls_certificate_credentials_t,
+                      gnutls_certificate_status_t,
+                      gnutls_datum_t,
+                      gnutls_digest_algorithm_t,
+                      gnutls_session_t,
+                      gnutls_transport_ptr_t,
+                      gnutls_x509_crt_t], [], [], [[#include 
<gnutls/gnutls.h>]])
 
       LIBS="$saved_LIBS"
       MUTTLIBS="$MUTTLIBS -lgnutls"
 
       AC_DEFINE(USE_SSL, 1, [ Define if you want support for SSL. ])
       AC_DEFINE(USE_SSL_GNUTLS, 1, [ Define if you want support for SSL via 
GNUTLS. ])
 
       MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS mutt_ssl_gnutls.o"
diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
--- a/mutt_ssl_gnutls.c
+++ b/mutt_ssl_gnutls.c
@@ -38,20 +38,51 @@
 #define CERTERR_EXPIRED     1
 #define CERTERR_NOTYETVALID 2
 #define CERTERR_REVOKED     4
 #define CERTERR_NOTTRUSTED  8
 #define CERTERR_HOSTNAME    16
 #define CERTERR_SIGNERNOTCA 32
 #define CERTERR_INSECUREALG 64
 
+/* deprecated types compatibility */
+
+#ifndef HAVE_GNUTLS_CERTIFICATE_CREDENTIALS_T
+typedef gnutls_certificate_credentials gnutls_certificate_credentials_t;
+#endif
+
+#ifndef HAVE_GNUTLS_CERTIFICATE_STATUS_T
+typedef gnutls_certificate_status gnutls_certificate_status_t;
+#endif
+
+#ifndef HAVE_GNUTLS_DATUM_T
+typedef gnutls_datum gnutls_datum_t;
+#endif
+
+#ifndef HAVE_GNUTLS_DIGEST_ALGORITHM_T
+typedef gnutls_digest_algorithm gnutls_digest_algorithm_t;
+#endif
+
+#ifndef HAVE_GNUTLS_SESSION_T
+typedef gnutls_session gnutls_session_t;
+#endif
+
+#ifndef HAVE_GNUTLS_TRANSPORT_PTR_T
+typedef gnutls_transport_ptr gnutls_transport_ptr_t;
+#endif
+
+#ifndef HAVE_GNUTLS_X509_CRT_T
+typedef gnutls_x509_crt gnutls_x509_crt_t;
+#endif
+
+
 typedef struct _tlssockdata
 {
-  gnutls_session state;
-  gnutls_certificate_credentials xcred;
+  gnutls_session_t state;
+  gnutls_certificate_credentials_t xcred;
 }
 tlssockdata;
 
 /* local prototypes */
 static int tls_socket_read (CONNECTION* conn, char* buf, size_t len);
 static int tls_socket_write (CONNECTION* conn, const char* buf, size_t len);
 static int tls_socket_open (CONNECTION* conn);
 static int tls_socket_close (CONNECTION* conn);
@@ -363,17 +394,17 @@
   if ((err = gnutls_init(&data->state, GNUTLS_CLIENT)))
   {
     mutt_error ("gnutls_handshake: %s", gnutls_strerror(err));
     mutt_sleep (2);
     goto fail;
   }
 
   /* set socket */
-  gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr)conn->fd);
+  gnutls_transport_set_ptr (data->state, 
(gnutls_transport_ptr_t)(long)conn->fd);
 
   if (tls_set_priority(data) < 0) {
     goto fail;
   }
 
   if (SslDHPrimeBits > 0)
   {
     gnutls_dh_set_prime_bits (data->state, SslDHPrimeBits);
@@ -465,23 +496,23 @@
   conn->conn_close = raw_socket_close;
 
   return rc;
 }
 
 #define CERT_SEP "-----BEGIN"
 
 /* this bit is based on read_ca_file() in gnutls */
-static int tls_compare_certificates (const gnutls_datum *peercert)
+static int tls_compare_certificates (const gnutls_datum_t *peercert)
 {
-  gnutls_datum cert;
+  gnutls_datum_t cert;
   unsigned char *ptr;
   FILE *fd1;
   int ret;
-  gnutls_datum b64_data;
+  gnutls_datum_t b64_data;
   unsigned char *b64_data_data;
   struct stat filestat;
 
   if (stat(SslCertFile, &filestat) == -1)
     return 0;
 
   b64_data.size = filestat.st_size+1;
   b64_data_data = (unsigned char *) safe_calloc (1, b64_data.size);
@@ -532,18 +563,18 @@
     gnutls_free(cert.data);
   } while (ptr != NULL);
 
   /* no match found */
   FREE (&b64_data_data);
   return 0;
 }
 
-static void tls_fingerprint (gnutls_digest_algorithm algo,
-                             char* s, int l, const gnutls_datum* data)
+static void tls_fingerprint (gnutls_digest_algorithm_t algo,
+                             char* s, int l, const gnutls_datum_t* data)
 {
   unsigned char md[36];
   size_t n;
   int j;
 
   n = 36;
 
   if (gnutls_fingerprint (algo, data, (char *)md, &n) < 0)
@@ -571,17 +602,17 @@
              Weekdays[l->tm_wday], l->tm_mday, Months[l->tm_mon],
              l->tm_year + 1900, l->tm_hour, l->tm_min, l->tm_sec);
   else
     strfcpy (s, _("[invalid date]"), len);
 
   return (s);
 }
 
-static int tls_check_stored_hostname (const gnutls_datum *cert,
+static int tls_check_stored_hostname (const gnutls_datum_t *cert,
                                       const char *hostname)
 {
   char buf[80];
   FILE *fp;
   char *linestr = NULL;
   size_t linestrsize;
   int linenum = 0;
   regex_t preg;
@@ -622,21 +653,21 @@
     safe_fclose (&fp);
   }
 
   /* not found a matching name */
   return 0;
 }
 
 static int tls_check_preauth (const gnutls_datum_t *certdata,
-                              gnutls_certificate_status certstat,
+                              gnutls_certificate_status_t certstat,
                               const char *hostname, int chainidx, int* certerr,
                               int* savedcert)
 {
-  gnutls_x509_crt cert;
+  gnutls_x509_crt_t cert;
 
   *certerr = CERTERR_VALID;
   *savedcert = 0;
 
   if (gnutls_x509_crt_init (&cert) < 0)
   {
     mutt_error (_("Error initialising gnutls certificate data"));
     mutt_sleep (2);
@@ -743,38 +774,38 @@
 
   return -1;
 }
 
 /*
  * Returns 0 on failure, nonzero on success.
  */
 static int tls_check_one_certificate (const gnutls_datum_t *certdata,
-                                      gnutls_certificate_status certstat,
+                                      gnutls_certificate_status_t certstat,
                                       const char* hostname, int idx, int len)
 {
   int certerr, savedcert;
-  gnutls_x509_crt cert;
+  gnutls_x509_crt_t cert;
   char buf[SHORT_STRING];
   char fpbuf[SHORT_STRING];
   size_t buflen;
   char dn_common_name[SHORT_STRING];
   char dn_email[SHORT_STRING];
   char dn_organization[SHORT_STRING];
   char dn_organizational_unit[SHORT_STRING];
   char dn_locality[SHORT_STRING];
   char dn_province[SHORT_STRING];
   char dn_country[SHORT_STRING];
   time_t t;
   char datestr[30];
   MUTTMENU *menu;
   char helpstr[LONG_STRING];
   char title[STRING];
   FILE *fp;
-  gnutls_datum pemdata;
+  gnutls_datum_t pemdata;
   int i, row, done, ret;
 
   if (!tls_check_preauth (certdata, certstat, hostname, idx, &certerr,
       &savedcert))
     return 1;
 
   /* skip signers if insecure algorithm was used */
   if (idx && (certerr & CERTERR_INSECUREALG))
@@ -1013,17 +1044,17 @@
   unset_option (OPTUNBUFFEREDINPUT);
   mutt_menuDestroy (&menu);
   gnutls_x509_crt_deinit (cert);
 
   return (done == 2);
 }
 
 /* sanity-checking wrapper for gnutls_certificate_verify_peers */
-static gnutls_certificate_status tls_verify_peers (gnutls_session tlsstate)
+static gnutls_certificate_status_t tls_verify_peers (gnutls_session_t tlsstate)
 {
   int verify_ret;
   unsigned int status;
 
   verify_ret = gnutls_certificate_verify_peers2 (tlsstate, &status);
   if (!verify_ret)
     return status;
 
@@ -1050,20 +1081,20 @@
   }
 
   return status;
 }
 
 static int tls_check_certificate (CONNECTION* conn)
 {
   tlssockdata *data = conn->sockdata;
-  gnutls_session state = data->state;
-  const gnutls_datum *cert_list;
+  gnutls_session_t state = data->state;
+  const gnutls_datum_t *cert_list;
   unsigned int cert_list_size = 0;
-  gnutls_certificate_status certstat;
+  gnutls_certificate_status_t certstat;
   int certerr, i, preauthrc, savedcert, rc = 0;
   int rcpeer = -1; /* the result of tls_check_preauth() on the peer's EE cert 
*/
 
   if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
   {
     mutt_error (_("Unable to get certificate from peer"));
     mutt_sleep (2);
     return 0;

signature.asc
Description: PGP signature

[PATCH] Clean up gnutls warnings.

Reply via email to