- compile libunbound with libnss on Suse, passes regression tests.

git-svn-id: file:///svn/unbound/trunk@2710 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/daemon/unbound.c b/daemon/unbound.c
index 4e647c7657749159de51326d450b6197622120c7..d64751ab57a4755f92268718906d8050bd29b563 100644 (file)
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -454,6 +454,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
         * given to unbound on the commandline. */
 
        /* read ssl keys while superuser and outside chroot */
+#ifdef HAVE_SSL
        if(!(daemon->rc = daemon_remote_create(cfg)))
                fatal_exit("could not set up remote-control");
        if(cfg->ssl_service_key && cfg->ssl_service_key[0]) {
@@ -463,6 +464,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
        }
        if(!(daemon->connect_sslctx = connect_sslctx_create(NULL, NULL, NULL)))
                fatal_exit("could not set up connect SSL_CTX");
+#endif
 
 #ifdef HAVE_KILL
        /* check old pid file before forking */

diff --git a/doc/Changelog b/doc/Changelog
index 543a113d91e8af2c4df169b4cd3472f3b4ee8145..58e6e7608d9e3b889652ec5bf21b054a9d582803 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+4 July 2012: Wouter
+       - compile libunbound with libnss on Suse, passes regression tests.
+
 3 July 2012: Wouter
        - FIPS_mode openssl does not use arc4random but RAND_pseudo_bytes.
 

diff --git a/util/net_help.c b/util/net_help.c
index 964ecf2e681242cf8a1b62162b48f65da41a25d3..d8c624fd6657a93849e3391eb665da827db0d821 100644 (file)
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -579,6 +579,8 @@ log_crypto_err(const char* str)
                ERR_error_string_n(e, buf, sizeof(buf));
                log_err("and additionally crypto %s", buf);
        }
+#else
+       (void)str;
 #endif /* HAVE_SSL */
 }
 
@@ -626,6 +628,9 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem)
                SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
        }
        return ctx;
+#else
+       (void)key; (void)pem; (void)verifypem;
+       return NULL;
 #endif
 }
 
@@ -671,6 +676,9 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem)
                SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
        }
        return ctx;
+#else
+       (void)key; (void)pem; (void)verifypem;
+       return NULL;
 #endif
 }
 
@@ -690,6 +698,9 @@ void* incoming_ssl_fd(void* sslctx, int fd)
                return NULL;
        }
        return ssl;
+#else
+       (void)sslctx; (void)fd;
+       return NULL;
 #endif
 }
 
@@ -709,5 +720,8 @@ void* outgoing_ssl_fd(void* sslctx, int fd)
                return NULL;
        }
        return ssl;
+#else
+       (void)sslctx; (void)fd;
+       return NULL;
 #endif
 }

diff --git a/util/netevent.c b/util/netevent.c
index 1998d646ae664cb3405f6ddf1d37d77bba840b51..3c1c69d7e1b837861550466510b04f7ced0ce8ea 100644 (file)
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -899,10 +899,10 @@ tcp_callback_reader(struct comm_point* c)
 }
 
 /** continue ssl handshake */
+#ifdef HAVE_SSL
 static int
 ssl_handshake(struct comm_point* c)
 {
-#ifdef HAVE_SSL
        int r;
        if(c->ssl_shake_state == comm_ssl_shake_hs_read) {
                /* read condition satisfied back to writing */
@@ -961,8 +961,8 @@ ssl_handshake(struct comm_point* c)
        }
        c->ssl_shake_state = comm_ssl_shake_none;
        return 1;
-#endif /* HAVE_SSL */
 }
+#endif /* HAVE_SSL */
 
 /** ssl read callback on TCP */
 static int
@@ -1045,6 +1045,9 @@ ssl_handle_read(struct comm_point* c)
                tcp_callback_reader(c);
        }
        return 1;
+#else
+       (void)c;
+       return 0;
 #endif /* HAVE_SSL */
 }
 
@@ -1126,6 +1129,9 @@ ssl_handle_write(struct comm_point* c)
                tcp_callback_writer(c);
        }
        return 1;
+#else
+       (void)c;
+       return 0;
 #endif /* HAVE_SSL */
 }