From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 17 Jul 2014 19:20:53 +0000 (-0400)
Subject: Rename --with-proxy-tls-impl to --with-tls-impl
X-Git-Tag: krb5-1.13-alpha1~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=788e70c7c77b0c1f4a79e3f1b6c96a0cf99e0327;p=thirdparty%2Fkrb5.git

Rename --with-proxy-tls-impl to --with-tls-impl

Make the configure option for TLS implementation more generic, in case
we use the k5tls module for something other than KDC proxy support.
Rename all of the associated symbols for consistency.

ticket: 7929
---

diff --git a/src/Makefile.in b/src/Makefile.in
index 92bb60a63e..522f21d44f 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -554,7 +554,7 @@ pyrunenv.vals: Makefile
 	for i in $(RUN_VARS); do \
 		eval echo 'env['\\\'$$i\\\''] = '\\\'\$$$$i\\\'; \
 	done > $@
-	echo "proxy_tls_impl = '$(PROXY_TLS_IMPL)'" >> $@
+	echo "tls_impl = '$(TLS_IMPL)'" >> $@
 
 runenv.py: pyrunenv.vals
 	echo 'env = {}' > $@
diff --git a/src/config/pre.in b/src/config/pre.in
index fd8ee56eaf..002c2f7a56 100644
--- a/src/config/pre.in
+++ b/src/config/pre.in
@@ -429,10 +429,10 @@ PKINIT_CRYPTO_IMPL		= @PKINIT_CRYPTO_IMPL@
 PKINIT_CRYPTO_IMPL_CFLAGS	= @PKINIT_CRYPTO_IMPL_CFLAGS@
 PKINIT_CRYPTO_IMPL_LIBS		= @PKINIT_CRYPTO_IMPL_LIBS@
 
-# TLS implementation selection for HTTPS proxy support
-PROXY_TLS_IMPL                  = @PROXY_TLS_IMPL@
-PROXY_TLS_IMPL_CFLAGS           = @PROXY_TLS_IMPL_CFLAGS@
-PROXY_TLS_IMPL_LIBS             = @PROXY_TLS_IMPL_LIBS@
+# TLS implementation selection
+TLS_IMPL	= @TLS_IMPL@
+TLS_IMPL_CFLAGS = @TLS_IMPL_CFLAGS@
+TLS_IMPL_LIBS	= @TLS_IMPL_LIBS@
 
 # error table rules
 #
diff --git a/src/configure.in b/src/configure.in
index 43509ab354..2e22470155 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -272,50 +272,48 @@ AC_SUBST(PKINIT_CRYPTO_IMPL)
 AC_SUBST(PKINIT_CRYPTO_IMPL_CFLAGS)
 AC_SUBST(PKINIT_CRYPTO_IMPL_LIBS)
 
-# WITH_PROXY_TLS_IMPL
+# WITH_TLS_IMPL
 
-AC_ARG_WITH([proxy-tls-impl],
-AC_HELP_STRING([--with-proxy-tls-impl=IMPL],
-               [use specified TLS implementation for HTTPS @<:@auto@:>@]),
-[PROXY_TLS_IMPL=$withval],[PROXY_TLS_IMPL=auto])
-case "$PROXY_TLS_IMPL" in
+AC_ARG_WITH([tls-impl],
+AC_HELP_STRING([--with-tls-impl=IMPL],
+               [use specified TLS implementation @<:@auto@:>@]),
+[TLS_IMPL=$withval],[TLS_IMPL=auto])
+case "$TLS_IMPL" in
 openssl|auto)
   AC_CHECK_LIB(ssl,SSL_CTX_new,[have_lib_ssl=true],[have_lib_ssl=false],
                -lcrypto)
   AC_MSG_CHECKING([for OpenSSL])
   if test x$have_lib_ssl = xtrue ; then
-    AC_DEFINE(PROXY_TLS_IMPL_OPENSSL,1,
-              [Define if HTTPS TLS implementation is OpenSSL])
+    AC_DEFINE(TLS_IMPL_OPENSSL,1,[Define if TLS implementation is OpenSSL])
     AC_MSG_RESULT([yes])
-    PROXY_TLS_IMPL_LIBS="-lssl -lcrypto"
-    PROXY_TLS_IMPL=openssl
-    AC_MSG_NOTICE(HTTPS support will use TLS from '$PROXY_TLS_IMPL')
+    TLS_IMPL_LIBS="-lssl -lcrypto"
+    TLS_IMPL=openssl
+    AC_MSG_NOTICE([TLS module will use OpenSSL])
   else
-    if test "$PROXY_TLS_IMPL" = openssl ; then
+    if test "$TLS_IMPL" = openssl ; then
       AC_MSG_ERROR([OpenSSL not found!])
     else
       AC_MSG_WARN([OpenSSL not found!])
     fi
-    PROXY_TLS_IMPL=no
-    AC_MSG_NOTICE(building without HTTPS support)
+    TLS_IMPL=no
+    AC_MSG_NOTICE(building without TLS support)
   fi
   ;;
 no)
-  AC_MSG_NOTICE(building without HTTPS support)
+  AC_MSG_NOTICE(building without TLS support)
   ;;
 *)
-  AC_MSG_ERROR([Unsupported HTTPS proxy TLS implementation $withval])
+  AC_MSG_ERROR([Unsupported TLS implementation $withval])
   ;;
 esac
 
-if test "$PROXY_TLS_IMPL" = no; then
-   AC_DEFINE(PROXY_TLS_IMPL_NONE,1,
-             [Define if no HTTP TLS implementation is selected])
+if test "$TLS_IMPL" = no; then
+   AC_DEFINE(TLS_IMPL_NONE,1,[Define if no TLS implementation is selected])
 fi
 
-AC_SUBST(PROXY_TLS_IMPL)
-AC_SUBST(PROXY_TLS_IMPL_CFLAGS)
-AC_SUBST(PROXY_TLS_IMPL_LIBS)
+AC_SUBST(TLS_IMPL)
+AC_SUBST(TLS_IMPL_CFLAGS)
+AC_SUBST(TLS_IMPL_LIBS)
 
 AC_ARG_ENABLE([aesni],
 AC_HELP_STRING([--disable-aesni],[Do not build with AES-NI support]), ,
diff --git a/src/plugins/tls/k5tls/Makefile.in b/src/plugins/tls/k5tls/Makefile.in
index 4d58df0dc4..e5ae830e83 100644
--- a/src/plugins/tls/k5tls/Makefile.in
+++ b/src/plugins/tls/k5tls/Makefile.in
@@ -1,14 +1,14 @@
 mydir=plugins$(S)tls$(S)k5tls
 BUILDTOP=$(REL)..$(S)..$(S)..
 MODULE_INSTALL_DIR = $(KRB5_TLS_MODULE_DIR)
-LOCALINCLUDES= $(PROXY_TLS_IMPL_CFLAGS)
+LOCALINCLUDES= $(TLS_IMPL_CFLAGS)
 
 LIBBASE=k5tls
 LIBMAJOR=0
 LIBMINOR=0
 RELDIR=../plugins/tls/k5tls
 SHLIB_EXPDEPS= $(KRB5_DEPLIB) $(SUPPORT_DEPLIB)
-SHLIB_EXPLIBS= $(KRB5_LIB) $(SUPPORT_LIB) $(PROXY_TLS_IMPL_LIBS)
+SHLIB_EXPLIBS= $(KRB5_LIB) $(SUPPORT_LIB) $(TLS_IMPL_LIBS)
 
 STLIBOBJS=openssl.o notls.o
 
diff --git a/src/plugins/tls/k5tls/notls.c b/src/plugins/tls/k5tls/notls.c
index 7be0a4abb2..357af81158 100644
--- a/src/plugins/tls/k5tls/notls.c
+++ b/src/plugins/tls/k5tls/notls.c
@@ -36,7 +36,7 @@
 #include "k5-utf8.h"
 #include "k5-tls.h"
 
-#ifdef PROXY_TLS_IMPL_NONE
+#ifdef TLS_IMPL_NONE
 
 krb5_error_code
 tls_k5tls_initvt(krb5_context context, int maj_ver, int min_ver,
@@ -50,4 +50,4 @@ tls_k5tls_initvt(krb5_context context, int maj_ver, int min_ver,
     return 0;
 }
 
-#endif /* PROXY_TLS_IMPL_NONE */
+#endif /* TLS_IMPL_NONE */
diff --git a/src/plugins/tls/k5tls/openssl.c b/src/plugins/tls/k5tls/openssl.c
index 0691a34a87..41917c4c6f 100644
--- a/src/plugins/tls/k5tls/openssl.c
+++ b/src/plugins/tls/k5tls/openssl.c
@@ -31,7 +31,7 @@
 #include "k5-utf8.h"
 #include "k5-tls.h"
 
-#ifdef PROXY_TLS_IMPL_OPENSSL
+#ifdef TLS_IMPL_OPENSSL
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 #include <openssl/x509.h>
@@ -567,4 +567,4 @@ tls_k5tls_initvt(krb5_context context, int maj_ver, int min_ver,
     return 0;
 }
 
-#endif /* PROXY_TLS_IMPL_OPENSSL */
+#endif /* TLS_IMPL_OPENSSL */
diff --git a/src/tests/t_proxy.py b/src/tests/t_proxy.py
index e4e3d482c8..a9ba67e2c0 100644
--- a/src/tests/t_proxy.py
+++ b/src/tests/t_proxy.py
@@ -2,9 +2,8 @@
 from k5test import *
 
 # Skip this test if we're missing proxy functionality or parts of the proxy.
-if runenv.proxy_tls_impl == 'no':
-    success('Warning: not testing proxy support because feature ' +
-            'was not enabled')
+if runenv.tls_impl == 'no':
+    success('Warning: not testing proxy support because TLS was not enabled')
     exit(0)
 try:
     from paste import httpserver
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 8cb477d85c..4a10974cef 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -179,8 +179,8 @@ Scripts may use the following functions and variables:
 
 * runenv: The contents of $srctop/runenv.py, containing a dictionary
   'env' which specifies additional variables to be added to the realm
-  environment, and a variable 'proxy_tls_impl', which indicates which
-  SSL implementation (if any) is being used by libkrb5's support for
+  environment, and a variable 'tls_impl', which indicates which TLS
+  implementation (if any) is being used by libkrb5's support for
   contacting KDCs and kpasswd servers over HTTPS.
 
 * verbose: Whether the script is running verbosely.