Commit adaa36bf authored by Jan Včelák's avatar Jan Včelák 🚀

dnssec: conditional PKCS 11 crypto initialization

parent 1ce8d660
......@@ -115,7 +115,10 @@ PKG_CHECK_MODULES([gnutls], [gnutls >= 3.0 nettle], [
LDFLAGS_save=$LDFLAGS
LDFLAGS="$LDFLAGS $gnutls_LIBS"
AC_CHECK_FUNCS([gnutls_pkcs11_privkey_generate3], [enable_pkcs11=yes], [enable_pkcs11=no])
AC_CHECK_FUNC([gnutls_pkcs11_privkey_generate3], [enable_pkcs11=yes], [enable_pkcs11=no])
AS_IF([test "$enable_pkcs11" = yes],
[AC_DEFINE([ENABLE_PKCS11], [1], [PKCS 11 support available])])
LDFLAGS=$LDFLAGS_save
])
......
......@@ -23,7 +23,9 @@
_public_
void dnssec_crypto_init(void)
{
#ifdef ENABLE_PKCS11
gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL);
#endif
gnutls_global_init();
}
......@@ -31,11 +33,15 @@ _public_
void dnssec_crypto_cleanup(void)
{
gnutls_global_deinit();
#ifdef ENABLE_PKCS11
gnutls_pkcs11_deinit();
#endif
}
_public_
void dnssec_crypto_reinit(void)
{
#ifdef ENABLE_PKCS11
gnutls_pkcs11_reinit();
#endif
}
......@@ -24,13 +24,7 @@
#include "keystore/internal.h"
#include "shared.h"
#ifdef HAVE_GNUTLS_PKCS11_PRIVKEY_GENERATE3
# define PKCS11_ENABLED
#else
# undef PKCS11_ENABLED
#endif
#ifdef PKCS11_ENABLED
#ifdef ENABLE_PKCS11
struct pkcs11_ctx {
char *url;
......@@ -328,7 +322,7 @@ int dnssec_keystore_init_pkcs11(dnssec_keystore_t **store_ptr)
return keystore_create(store_ptr, &IMPLEMENTATION, NULL);
}
#else // !PKCS11_ENABLED
#else // !ENABLE_PKCS11
_public_
int dnssec_keystore_init_pkcs11(dnssec_keystore_t **store_ptr)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment