From e72e394106dd25d6a8a8c7c2fa677f40ef5e7eb6 Mon Sep 17 00:00:00 2001 From: Adam Dickmeiss Date: Wed, 28 Apr 2004 22:44:58 +0000 Subject: [PATCH] ZOOM now allows inspection of X509 peer certificate for verification. The X509 buffer is retrived by reading ZOOM option "sslPeerCert". Removed libyazssl.la. When SSL is enabled, libyaz.la has SSL support and all programs have too (yaz-ztest, yaz-client, zoom..). May not be as "modular" but it simplifies things. Added cs_get_peer_certificate to that returns peer X509 PEM. --- NEWS | 9 +++++++++ client/Makefile.am | 20 ++++++-------------- client/client.c | 3 +-- configure.in | 3 +-- debian/changelog | 6 ++++++ debian/yaz.install | 4 ---- doc/Makefile.am | 12 +++--------- doc/yaz-client-man.xml | 12 +----------- doc/yaz-config-man.xml | 8 +------- doc/yaz-ztest-man.xml | 14 ++------------ include/yaz/comstack.h | 5 +++-- include/yaz/zoom.h | 6 +++++- src/Makefile.am | 21 +++------------------ src/comstack.c | 9 ++++++++- src/tcpip.c | 33 +++++++++++++++++++++++++++++++-- src/zoom-c.c | 29 +++++++++++++++++++++++++---- util/Makefile.am | 18 +++++++++--------- yaz-config.in | 21 +++------------------ yaz.spec.in | 2 -- zoom/Makefile.am | 6 +++--- zoom/zoomsh.c | 17 ++++++++++++++++- ztest/Makefile.am | 15 +++------------ 22 files changed, 139 insertions(+), 134 deletions(-) diff --git a/NEWS b/NEWS index f989740..5c953ac 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,14 @@ Possible compatibility problems with earlier versions marked with '*'. +ZOOM now allows inspection of X509 peer certificate for verification. +The X509 buffer is retrived by reading ZOOM option "sslPeerCert". + +Removed libyazssl.la. When SSL is enabled, libyaz.la has SSL support and +all programs have too (yaz-ztest, yaz-client, zoom..). May not be +as "modular" but it simplifies things. + +Added cs_get_peer_certificate to that returns peer X509 PEM. + Added cs_get_ssl that returns SSL handle (SSL *) for SSL comstack; returns NULL if SSL is unavailable. diff --git a/client/Makefile.am b/client/Makefile.am index bfb2091..7ed3a24 100644 --- a/client/Makefile.am +++ b/client/Makefile.am @@ -1,27 +1,19 @@ -## Copyright (C) 1995-2003, Index Data +## Copyright (C) 1995-2004, Index Data ## All rights reserved. -## $Id: Makefile.am,v 1.21 2004-04-28 12:10:51 adam Exp $ +## $Id: Makefile.am,v 1.22 2004-04-28 22:44:58 adam Exp $ -if ISSSL -extra=yaz-client-ssl -endif - -bin_PROGRAMS=yaz-client $(extra) +bin_PROGRAMS=yaz-client EXTRA_PROGRAMS=bertorture EXTRA_DIST = default.bib COMMON=admin.c admin.h tabcomplete.c tabcomplete.h yaz_client_SOURCES=client.c $(COMMON) -yaz_client_ssl_SOURCES=$(COMMON) -yaz_client_LDADD = ../src/libyaz.la $(READLINE_LIBS) -yaz_client_ssl_LDADD = ssl-client.lo ../src/libyazssl.la ../src/libyaz.la $(READLINE_LIBS) $(SSL_LIBS) -bertorture_LDADD = ../src/libyaz.la +yaz_client_LDADD = ../src/libyaz.la $(READLINE_LIBS) $(SSL_LIBS) +bertorture_LDADD = ../src/libyaz.la $(SSL_LIBS) bertorture_SOURCES=bertorture.c -AM_CPPFLAGS=-I$(top_srcdir)/include +AM_CPPFLAGS=-I$(top_srcdir)/include $(SSL_CFLAGS) $(SSL_DEFS) -ssl-client.lo: client.c - $(LTCOMPILE) $(SSL_CFLAGS) $(SSL_DEFS) -c $(srcdir)/client.c -o ssl-client.lo diff --git a/client/client.c b/client/client.c index fd2d592..b113f78 100644 --- a/client/client.c +++ b/client/client.c @@ -2,7 +2,7 @@ * Copyright (c) 1995-2004, Index Data * See the file LICENSE for details. * - * $Id: client.c,v 1.240 2004-04-28 13:25:57 adam Exp $ + * $Id: client.c,v 1.241 2004-04-28 22:44:58 adam Exp $ */ #include @@ -602,7 +602,6 @@ int session_connect(const char *arg) if ((ssl = (SSL *) cs_get_ssl(conn))) { X509 *server_cert = SSL_get_peer_certificate (ssl); - char *str; if (server_cert) { diff --git a/configure.in b/configure.in index 5f5d9d6..084c528 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl YAZ Toolkit, Index Data 1994-2004 dnl See the file LICENSE for details. -dnl $Id: configure.in,v 1.136 2004-04-17 08:24:03 adam Exp $ +dnl $Id: configure.in,v 1.137 2004-04-28 22:44:58 adam Exp $ AC_INIT(include/yaz/yaz-version.h) AM_INIT_AUTOMAKE(yaz, 2.0.19) AM_MAINTAINER_MODE @@ -151,7 +151,6 @@ if test "$openssl" != "no"; then LIBS="$xLIBS" CFLAGS="$xCFLAGS" fi -AM_CONDITIONAL(ISSSL, test $USE_SSL = "1") dnl dnl ------ GNU Readline READLINE_SHARED_LIBADD="" diff --git a/debian/changelog b/debian/changelog index c4f4cbf..67c6e1e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +yaz (2.0.19-3) unstable; urgency=low + + * Upstream. + + -- Adam Dickmeiss Thu, 29 Apr 2004 00:27:35 +0200 + yaz (2.0.19-2) unstable; urgency=low * Upstream. diff --git a/debian/yaz.install b/debian/yaz.install index 77078ae..02bf4c4 100644 --- a/debian/yaz.install +++ b/debian/yaz.install @@ -1,14 +1,10 @@ debian/tmp/usr/bin/yaz-client -debian/tmp/usr/bin/yaz-client-ssl debian/tmp/usr/bin/yaz-ztest -debian/tmp/usr/bin/yaz-ztest-ssl debian/tmp/usr/bin/zoomsh debian/tmp/usr/bin/yaz-marcdump debian/tmp/usr/bin/yaz-iconv debian/tmp/usr/share/man/man1/yaz-client.1 -debian/tmp/usr/share/man/man1/yaz-client-ssl.1 debian/tmp/usr/share/man/man8/yaz-ztest.8 -debian/tmp/usr/share/man/man8/yaz-ztest-ssl.8 debian/tmp/usr/share/man/man1/zoomsh.1 debian/tmp/usr/share/man/man1/yaz-marcdump.1 debian/tmp/usr/share/man/man1/yaz-iconv.1 diff --git a/doc/Makefile.am b/doc/Makefile.am index 80b49dc..2d20be5 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,4 +1,4 @@ -## $Id: Makefile.am,v 1.53 2004-04-22 18:44:40 adam Exp $ +## $Id: Makefile.am,v 1.54 2004-04-28 22:44:59 adam Exp $ docdir=$(datadir)/doc/@PACKAGE@ @@ -23,8 +23,8 @@ HTMLFILES = \ zoom.events.html zoom.html zoom.options.html zoom.query.html \ zoom.records.html zoom.resultsets.html zoom.scan.html -MANFILES=yaz-client.1 yaz-client-ssl.1 yaz-ztest.8 \ - yaz-ztest-ssl.8 yaz-config.8 yaz.7 zoomsh.1 yaz-asncomp.1 \ +MANFILES=yaz-client.1 yaz-ztest.8 \ + yaz-config.8 yaz.7 zoomsh.1 yaz-asncomp.1 \ yaz-marcdump.1 yaz-iconv.1 REFFILES=yaz-client-man.xml yaz-ztest-man.xml yaz-config-man.xml \ yaz-man.xml zoomsh-man.xml yaz-asncomp-man.xml \ @@ -54,12 +54,6 @@ yaz.7: yaz-man.xml zoomsh.1: zoomsh-man.xml docbook2man $(srcdir)/zoomsh-man.xml -yaz-ztest-ssl.8: - ln -s yaz-ztest.8 yaz-ztest-ssl.8 - -yaz-client-ssl.1: - ln -s yaz-client.1 yaz-client-ssl.1 - yaz-asncomp.1: yaz-asncomp-man.xml docbook2man $(srcdir)/yaz-asncomp-man.xml diff --git a/doc/yaz-client-man.xml b/doc/yaz-client-man.xml index ba3b9bb..d66f263 100644 --- a/doc/yaz-client-man.xml +++ b/doc/yaz-client-man.xml @@ -1,7 +1,7 @@ ]> - + @@ -28,12 +28,6 @@ addr - - yaz-client-ssl - - addr - - DESCRIPTION @@ -43,10 +37,6 @@ performance of Z39.50 targets and SRW servers. - yaz-client-ssl is identical to - yaz-client except that it supports SSL transport. - - If the addr is specified, the client creates a connection to the Z39.50/SRW target at the address. diff --git a/doc/yaz-config-man.xml b/doc/yaz-config-man.xml index c5bc8ee..38106c5 100644 --- a/doc/yaz-config-man.xml +++ b/doc/yaz-config-man.xml @@ -1,5 +1,5 @@ - + yaz-config @@ -41,12 +41,6 @@ Use the threaded version of YAZ. - - ssl - - Use YAZ with SSL support. - - diff --git a/doc/yaz-ztest-man.xml b/doc/yaz-ztest-man.xml index 6d13518..3bc42cf 100644 --- a/doc/yaz-ztest-man.xml +++ b/doc/yaz-ztest-man.xml @@ -1,7 +1,7 @@ ]> - + @@ -34,12 +34,6 @@ listener-spec - - yaz-ztest-ssl - - addr - - DESCRIPTION @@ -50,14 +44,10 @@ records. - yaz-ztest-ssl is identical to - yaz-ztest except that it supports SSL transport. - - The listener-spec consists of a transport mode followed by a colon, followed by a listener address. The transport mode is either tcp, unix, - or ssl (yaz-ztest-ssl only). + or ssl. For TCP and SSL, an address has the form: diff --git a/include/yaz/comstack.h b/include/yaz/comstack.h index 1ab1878..5215a06 100644 --- a/include/yaz/comstack.h +++ b/include/yaz/comstack.h @@ -23,7 +23,7 @@ * LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE * OF THIS SOFTWARE. * - * $Id: comstack.h,v 1.12 2004-04-28 12:10:52 adam Exp $ + * $Id: comstack.h,v 1.13 2004-04-28 22:44:59 adam Exp $ */ #ifndef COMSTACK_H @@ -141,7 +141,7 @@ struct comstack #define CS_WANT_READ 1 #define CS_WANT_WRITE 2 - + YAZ_EXPORT int cs_look (COMSTACK); YAZ_EXPORT const char *cs_strerror(COMSTACK h); YAZ_EXPORT const char *cs_errmsg(int n); @@ -150,6 +150,7 @@ YAZ_EXPORT COMSTACK cs_create_host(const char *type_and_host, YAZ_EXPORT void cs_get_host_args(const char *type_and_host, const char **args); YAZ_EXPORT int cs_complete_auto(const unsigned char *buf, int len); YAZ_EXPORT void *cs_get_ssl(COMSTACK cs); +YAZ_EXPORT int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len); /* * error management. diff --git a/include/yaz/zoom.h b/include/yaz/zoom.h index 7b09867..199eeb0 100644 --- a/include/yaz/zoom.h +++ b/include/yaz/zoom.h @@ -1,6 +1,6 @@ /* * Public header for ZOOM C. - * $Id: zoom.h,v 1.22 2004-02-23 09:26:11 adam Exp $ + * $Id: zoom.h,v 1.23 2004-04-28 22:44:59 adam Exp $ */ #include @@ -60,6 +60,10 @@ ZOOM_API(void) ZOOM_connection_option_set (ZOOM_connection c, const char *key, const char *val); +ZOOM_API(void) +ZOOM_connection_option_setl (ZOOM_connection c, const char *key, + const char *val, int len); + /* return error code (0 == success, failure otherwise). cp holds error string on failure, addinfo holds addititional info (if any) */ diff --git a/src/Makefile.am b/src/Makefile.am index 9f8962e..d373ad6 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,18 +1,14 @@ ## Copyright (C) 1994-2004, Index Data ## All rights reserved. -## $Id: Makefile.am,v 1.11 2004-03-17 11:00:04 adam Exp $ +## $Id: Makefile.am,v 1.12 2004-04-28 22:44:59 adam Exp $ if ISTHR thrlib=libyazthread.la endif -if ISSSL -ssllib=libyazssl.la -endif - YAZ_VERSION_INFO=2:0:0 -lib_LTLIBRARIES = libyaz.la $(thrlib) $(ssllib) +lib_LTLIBRARIES = libyaz.la $(thrlib) TESTS = $(check_PROGRAMS) @@ -29,7 +25,7 @@ EXTRA_DIST=$(tabdata_DATA) $(illdata_DATA) \ YAZCOMP = $(top_srcdir)/util/yaz-asncomp YAZCOMPLINE = $(YAZCOMP) -d z.tcl -i yaz -I../include $(YCFLAGS) -AM_CPPFLAGS=-I$(top_srcdir)/include $(XML2_CFLAGS) +AM_CPPFLAGS=-I$(top_srcdir)/include $(XML2_CFLAGS) $(SSL_CFLAGS) $(SSL_DEFS) AM_YFLAGS=-p cql_ THREADED_FLAGS = @CFLAGSTHREADS@ @@ -69,10 +65,6 @@ libyazthread_la_SOURCES= libyazthread_la_LIBADD=thr-nmem.lo thr-statserv.lo thr-eventl.lo libyazthread_la_LDFLAGS=-version-info $(YAZ_VERSION_INFO) -libyazssl_la_SOURCES= -libyazssl_la_LIBADD=ssl-comstack.lo ssl-tcpip.lo -libyazssl_la_LDFLAGS=-version-info $(YAZ_VERSION_INFO) - # Rules for Z39.50 V3 $(srcdir)/z-accdes1.c \ $(srcdir)/z-accform1.c \ @@ -157,11 +149,4 @@ thr-statserv.lo: statserv.c thr-eventl.lo: eventl.c $(LTCOMPILE) $(THREADED_FLAGS) -c $(srcdir)/eventl.c -o thr-eventl.lo -# SSL versions of objects. -ssl-comstack.lo: comstack.c - $(LTCOMPILE) $(SSL_CFLAGS) $(SSL_DEFS) -c $(srcdir)/comstack.c -o ssl-comstack.lo - -ssl-tcpip.lo: tcpip.c - $(LTCOMPILE) $(SSL_CFLAGS) $(SSL_DEFS) -c $(srcdir)/tcpip.c -o ssl-tcpip.lo - diff --git a/src/comstack.c b/src/comstack.c index db7ea2a..7ee51fe 100644 --- a/src/comstack.c +++ b/src/comstack.c @@ -2,7 +2,7 @@ * Copyright (c) 1995-2004, Index Data * See the file LICENSE for details. * - * $Id: comstack.c,v 1.6 2004-02-25 12:59:56 adam Exp $ + * $Id: comstack.c,v 1.7 2004-04-28 22:44:59 adam Exp $ */ #include @@ -74,6 +74,13 @@ COMSTACK cs_create_host(const char *type_and_host, int blocking, void **vp) COMSTACK cs; CS_TYPE t; + printf ( +#if HAVE_OPENSSL_SSL_H + "cs_create_host SSL\n" +#else + "cs_create_host\n" +#endif + ); if (strncmp (type_and_host, "tcp:", 4) == 0) { t = tcpip_type; diff --git a/src/tcpip.c b/src/tcpip.c index 92b3100..5f46f3e 100644 --- a/src/tcpip.c +++ b/src/tcpip.c @@ -1,8 +1,8 @@ /* - * Copyright (c) 1995-2003, Index Data + * Copyright (c) 1995-2004, Index Data * See the file LICENSE for details. * - * $Id: tcpip.c,v 1.2 2004-04-28 12:10:53 adam Exp $ + * $Id: tcpip.c,v 1.3 2004-04-28 22:44:59 adam Exp $ */ #include @@ -1108,9 +1108,38 @@ void *cs_get_ssl(COMSTACK cs) state = (struct tcpip_state *) cs->cprivate; return state->ssl; } + +int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len) +{ + SSL *ssl = cs_get_ssl(cs); + if (ssl) + { + X509 *server_cert = SSL_get_peer_certificate (ssl); + if (server_cert) + { + BIO *bio = BIO_new(BIO_s_mem()); + char *pem_buf; + /* get PEM buffer in memory */ + PEM_write_bio_X509(bio, server_cert); + *len = BIO_get_mem_data(bio, &pem_buf); + *buf = xmalloc(*len); + memcpy(*buf, pem_buf, *len); + BIO_free(bio); + return 1; + } + } + return 0; +} #else void *cs_get_ssl(COMSTACK cs) { return 0; } + +int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len) +{ + return 0; +} + #endif + diff --git a/src/zoom-c.c b/src/zoom-c.c index b5241f3..c28eca7 100644 --- a/src/zoom-c.c +++ b/src/zoom-c.c @@ -2,7 +2,7 @@ * Copyright (c) 2000-2004, Index Data * See the file LICENSE for details. * - * $Id: zoom-c.c,v 1.26 2004-04-06 17:47:24 adam Exp $ + * $Id: zoom-c.c,v 1.27 2004-04-28 22:44:59 adam Exp $ * * ZOOM layer for C, connections, result sets, queries. */ @@ -185,7 +185,6 @@ void ZOOM_connection_remove_task (ZOOM_connection c) switch (task->which) { case ZOOM_TASK_SEARCH: - ZOOM_resultset_destroy (task->u.search.resultset); break; case ZOOM_TASK_RETRIEVE: @@ -783,6 +782,19 @@ ZOOM_resultset_records (ZOOM_resultset r, ZOOM_record *recs, } } +static void get_cert(ZOOM_connection c) +{ + char *cert_buf; + int cert_len; + + if (cs_get_peer_certificate_x509(c->cs, &cert_buf, &cert_len)) + { + ZOOM_connection_option_setl(c, "sslPeerCert", + cert_buf, cert_len); + xfree(cert_buf); + } +} + static zoom_ret do_connect (ZOOM_connection c) { void *add; @@ -822,6 +834,7 @@ static zoom_ret do_connect (ZOOM_connection c) { ZOOM_Event event = ZOOM_Event_create(ZOOM_EVENT_CONNECT); ZOOM_connection_put_event(c, event); + get_cert(c); if (c->proto == PROTO_Z3950) ZOOM_connection_send_init(c); else @@ -987,7 +1000,7 @@ static zoom_ret ZOOM_connection_send_init (ZOOM_connection c) ZOOM_options_get(c->options, "implementationName"), odr_prepend(c->odr_out, "ZOOM-C", ireq->implementationName)); - version = odr_strdup(c->odr_out, "$Revision: 1.26 $"); + version = odr_strdup(c->odr_out, "$Revision: 1.27 $"); if (strlen(version) > 10) /* check for unexpanded CVS strings */ version[strlen(version)-2] = '\0'; ireq->implementationVersion = odr_prepend(c->odr_out, @@ -3227,11 +3240,18 @@ ZOOM_connection_option_get (ZOOM_connection c, const char *key) ZOOM_API(void) ZOOM_connection_option_set (ZOOM_connection c, const char *key, - const char *val) + const char *val) { ZOOM_options_set (c->options, key, val); } +ZOOM_API(void) +ZOOM_connection_option_setl (ZOOM_connection c, const char *key, + const char *val, int len) +{ + ZOOM_options_setl (c->options, key, val, len); +} + ZOOM_API(const char *) ZOOM_resultset_option_get (ZOOM_resultset r, const char *key) { @@ -3367,6 +3387,7 @@ static int ZOOM_connection_do_io(ZOOM_connection c, int mask) else if (ret == 0) { ZOOM_connection_put_event (c, event); + get_cert(c); if (c->proto == PROTO_Z3950) ZOOM_connection_send_init(c); else diff --git a/util/Makefile.am b/util/Makefile.am index 3dfaba1..e72ae1c 100644 --- a/util/Makefile.am +++ b/util/Makefile.am @@ -1,6 +1,6 @@ -## Copyright (C) 1994-2003, Index Data +## Copyright (C) 1994-2004, Index Data ## All rights reserved. -## $Id: Makefile.am,v 1.25 2004-03-10 17:18:08 adam Exp $ +## $Id: Makefile.am,v 1.26 2004-04-28 22:45:00 adam Exp $ TESTS = $(check_PROGRAMS) @@ -16,25 +16,25 @@ bin_PROGRAMS = yaz-marcdump yaz-iconv noinst_PROGRAMS = cclsh cql2pqf cql2xcql srwtst yaz-benchmark # MARC dumper utility -yaz_marcdump_LDADD = ../src/libyaz.la yaz_marcdump_SOURCES = marcdump.c +yaz_marcdump_LDADD = ../src/libyaz.la $(SSL_LIBS) # YAZ Iconv utility -yaz_iconv_LDADD = ../src/libyaz.la yaz_iconv_SOURCES = yaziconv.c +yaz_iconv_LDADD = ../src/libyaz.la $(SSL_LIBS) srwtst_SOURCES=srwtst.c -srwtst_LDADD = ../src/libyaz.la +srwtst_LDADD = ../src/libyaz.la $(SSL_LIBS) cclsh_SOURCES=cclsh.c -cclsh_LDADD = ../src/libyaz.la $(READLINE_LIBS) +cclsh_LDADD = ../src/libyaz.la $(READLINE_LIBS) $(SSL_LIBS) cql2pqf_SOURCES = cql2pqf.c -cql2pqf_LDADD = ../src/libyaz.la +cql2pqf_LDADD = ../src/libyaz.la $(SSL_LIBS) cql2xcql_SOURCES = cql2xcql.c -cql2xcql_LDADD = ../src/libyaz.la +cql2xcql_LDADD = ../src/libyaz.la $(SSL_LIBS) -yaz_benchmark_LDADD = ../src/libyaz.la yaz_benchmark_SOURCES = benchmark.c +yaz_benchmark_LDADD = ../src/libyaz.la $(SSL_LIBS) diff --git a/yaz-config.in b/yaz-config.in index ee94710..e8fb979 100644 --- a/yaz-config.in +++ b/yaz-config.in @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: yaz-config.in,v 1.19 2004-01-05 09:45:49 adam Exp $ +# $Id: yaz-config.in,v 1.20 2004-04-28 22:44:58 adam Exp $ yazprefix=@prefix@ yaz_echo_cflags=no yaz_echo_libs=no @@ -10,7 +10,7 @@ yaz_echo_comp=no yaz_src_root=@YAZ_SRC_ROOT@ yaz_build_root=@YAZ_BUILD_ROOT@ -yazextralibs="@LIBS@" +yazextralibs="@SSL_LIBS@ @LIBS@" YAZVERSION=@VERSION@ usage() @@ -26,8 +26,6 @@ Options: [--comp] Libraries: threads - malloc - ssl EOF exit $1 } @@ -72,9 +70,6 @@ while test $# -gt 0; do malloc) lib_malloc=yes ;; - ssl) - lib_ssl=yes - ;; -*) yaz_echo_help=yes ;; @@ -89,18 +84,10 @@ if test "$lib_thread" = "yes" -a -n "@CFLAGSTHREADS@"; then lyaz="-lyazthread $lyaz" fi -if test "$lib_ssl" = "yes" -a -n "@SSL_LIBS@"; then - yazextralibs="@SSL_LIBS@ $yazextralibs" - lyaz="-lyazssl $lyaz" -fi - if test "$yaz_echo_source" = "yes"; then YAZBIN=${yaz_build_root}/bin YAZLIB="-L${yaz_build_root}/src/.libs $lyaz $yazextralibs" YAZLALIB="${yaz_build_root}/src/libyaz.la $yazextralibs" - if test "$lib_ssl" = "yes" -a -n "$SSL_LIBS@"; then - YAZLALIB="${yaz_build_root}/src/libyazssl.la" - fi if test "$lib_thread" = "yes" -a -n "@CFLAGSTHREADS@"; then YAZLALIB="${yaz_build_root}/src/libyazthread.la $YAZLALIB" fi @@ -129,9 +116,7 @@ if test "$lib_thread" = "yes"; then YAZINC="$YAZINC @CFLAGSTHREADS@" fi -if test "$lib_ssl" = "yes"; then - YAZINC="$YAZINC @SSL_CFLAGS@" -fi +YAZINC="$YAZINC @SSL_CFLAGS@" if test "$yaz_echo_help" = "yes"; then usage 1 1>&2 diff --git a/yaz.spec.in b/yaz.spec.in index 6fe45fc..6416068 100644 --- a/yaz.spec.in +++ b/yaz.spec.in @@ -57,12 +57,10 @@ rm -fr ${RPM_BUILD_ROOT} /usr/bin/zoomsh* /usr/bin/yaz-marcdump /usr/bin/yaz-iconv -/usr/share/man/man1/yaz-client-ssl.* /usr/share/man/man1/yaz-client.* /usr/share/man/man1/zoomsh.* /usr/share/man/man1/yaz-marcdump.* /usr/share/man/man1/yaz-iconv.* -/usr/share/man/man8/yaz-ztest-ssl.* /usr/share/man/man8/yaz-ztest.* %files -n lib%{name} diff --git a/zoom/Makefile.am b/zoom/Makefile.am index 5304e72..a19a16c 100644 --- a/zoom/Makefile.am +++ b/zoom/Makefile.am @@ -1,12 +1,12 @@ -## $Id: Makefile.am,v 1.12 2003-10-27 12:21:45 adam Exp $ +## $Id: Makefile.am,v 1.13 2004-04-28 22:45:00 adam Exp $ ## Copyright (C) 2001, Index Data AM_CPPFLAGS = -I$(top_srcdir)/include EXTRA_PROGRAMS = zoomtst1 zoomtst2 zoomtst3 zoomtst4 zoomtst5 zoomtst6 zoomtst7 zoomtst8 -bin_PROGRAMS = zoomsh +bin_PROGRAMS = zoomsh -LDADD = ../src/libyaz.la $(READLINE_LIBS) +LDADD = ../src/libyaz.la $(READLINE_LIBS) $(SSL_LIBS) zoomtst1_SOURCES = zoomtst1.c zoomtst2_SOURCES = zoomtst2.c diff --git a/zoom/zoomsh.c b/zoom/zoomsh.c index af47ecd..74cb313 100644 --- a/zoom/zoomsh.c +++ b/zoom/zoomsh.c @@ -2,7 +2,7 @@ * Copyright (c) 2002-2004, Index Data. * See the file LICENSE for details. * - * $Id: zoomsh.c,v 1.27 2004-02-23 09:26:11 adam Exp $ + * $Id: zoomsh.c,v 1.28 2004-04-28 22:45:00 adam Exp $ */ /* ZOOM-C Shell */ @@ -12,6 +12,8 @@ #include #include +#include + #if HAVE_READLINE_READLINE_H #include #endif @@ -28,6 +30,13 @@ #define MAX_CON 100 +#if 0 +static void dummy() +{ + cs_get_ssl(0); +} +#endif + static int next_token (const char **cpp, const char **t_start) { int len = 0; @@ -547,6 +556,12 @@ int main (int argc, char **argv) ZOOM_connection z39_con[MAX_CON]; ZOOM_resultset z39_res[MAX_CON]; + if (0) + { + COMSTACK cs = 0; + cs_get_ssl(cs); + cs_create_host(0, 0, 0); + } nmem_init(); for (i = 0; i