From 5370e6ffd381f77daad2485479d610f4590e9726 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 14 Aug 2017 12:43:05 +0100 Subject: [PATCH] Kill HAVE_GNUTLS_PUBKEY_EXPORT2 Signed-off-by: David Woodhouse --- configure.ac | 2 -- gnutls.c | 34 ++++------------------------------ 2 files changed, 4 insertions(+), 32 deletions(-) diff --git a/configure.ac b/configure.ac index 138875a0..d3c0eaf4 100644 --- a/configure.ac +++ b/configure.ac @@ -452,8 +452,6 @@ case "$ssl_library" in CFLAGS="$CFLAGS $GNUTLS_CFLAGS" esp=yes dtls=yes - AC_CHECK_FUNC(gnutls_pubkey_export2, - [AC_DEFINE(HAVE_GNUTLS_PUBKEY_EXPORT2, 1, [From GnuTLS 3.1.3])], []) AC_CHECK_FUNC(gnutls_x509_crt_set_pin_function, [AC_DEFINE(HAVE_GNUTLS_X509_CRT_SET_PIN_FUNCTION, 1, [From GnuTLS 3.1.0])], []) AC_CHECK_FUNC(gnutls_url_is_supported, diff --git a/gnutls.c b/gnutls.c index 78232e8c..6ee1c1f1 100644 --- a/gnutls.c +++ b/gnutls.c @@ -1838,37 +1838,11 @@ static int set_peer_cert_hash(struct openconnect_info *vpninfo) return err; err = gnutls_pubkey_import_x509(pkey, vpninfo->peer_cert, 0); - if (err) { - gnutls_pubkey_deinit(pkey); - return err; - } -#ifdef HAVE_GNUTLS_PUBKEY_EXPORT2 - err = gnutls_pubkey_export2(pkey, GNUTLS_X509_FMT_DER, &d); - if (err) { - gnutls_pubkey_deinit(pkey); - return err; - } -#else - shalen = 0; - err = gnutls_pubkey_export(pkey, GNUTLS_X509_FMT_DER, NULL, &shalen); - if (err != GNUTLS_E_SHORT_MEMORY_BUFFER) { - gnutls_pubkey_deinit(pkey); - return err; - } - d.size = shalen; - d.data = gnutls_malloc(d.size); - if (!d.data) { - gnutls_pubkey_deinit(pkey); - return -ENOMEM; - } - err = gnutls_pubkey_export(pkey, GNUTLS_X509_FMT_DER, d.data, &shalen); - if (err) { - gnutls_free(d.data); - gnutls_pubkey_deinit(pkey); - return err; - } -#endif + if (!err) + err = gnutls_pubkey_export2(pkey, GNUTLS_X509_FMT_DER, &d); gnutls_pubkey_deinit(pkey); + if (err) + return err; shalen = sizeof(vpninfo->peer_cert_sha256_raw); err = gnutls_fingerprint(GNUTLS_DIG_SHA256, &d, vpninfo->peer_cert_sha256_raw, &shalen); -- 2.49.0