From 34cecc6810a99b940757b5f5d4640c1c0c79f964 Mon Sep 17 00:00:00 2001
From: Sebastian Dransfeld <sd@tango.flipp.net>
Date: Wed, 27 Oct 2010 07:09:16 +0000
Subject: [PATCH] We always require gnutls >= 2.10

SVN revision: 53911
---
 legacy/ecore/m4/ecore_check_options.m4         |  6 ------
 legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c | 18 ------------------
 2 files changed, 24 deletions(-)

diff --git a/legacy/ecore/m4/ecore_check_options.m4 b/legacy/ecore/m4/ecore_check_options.m4
index e57e796787..fb7031a182 100644
--- a/legacy/ecore/m4/ecore_check_options.m4
+++ b/legacy/ecore/m4/ecore_check_options.m4
@@ -175,12 +175,6 @@ if test "x${_ecore_want_gnutls}" = "xyes" -o "x${_ecore_want_gnutls}" = "xauto"
    PKG_CHECK_MODULES([TLS2], [gnutls >= 2.10.2],
       [AC_DEFINE(USE_GNUTLS2, 1, [Use GnuTLS 2 or higher])],
       [dummy="no"])
-   PKG_CHECK_MODULES([TLSTICKET], [gnutls >= 2.10.2],
-      [AC_DEFINE(USE_GNUTLS2_10, 1, [Use GnuTLS 2.10])],
-      [dummy="no"])
-   PKG_CHECK_MODULES([TLSSTRERROR], [gnutls >= 2.10.2],
-      [AC_DEFINE(USE_GNUTLS2_6, 1, [Use GnuTLS 2.6])],
-      [dummy="no"])
    if test "x$_ecore_have_gnutls" = "xyes";then
      AC_PATH_GENERIC([libgcrypt], [], [_ecore_have_gnutls="yes"], [_ecore_have_gnutls="no"])
         if test "x${_ecore_have_gnutls}" = "xyes" ; then
diff --git a/legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c b/legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c
index 7914690718..ebc70ad3ba 100644
--- a/legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c
+++ b/legacy/ecore/src/lib/ecore_con/ecore_con_ssl.c
@@ -48,10 +48,8 @@ static int _client_connected = 0;
 static void
 _gnutls_print_errors(int ret)
 {
-#ifdef USE_GNUTLS2_6
   if (ret)
     ERR("gnutls returned with error: %s - %s", gnutls_strerror_name(ret), gnutls_strerror(ret));
-#endif
 }
 
 
@@ -66,10 +64,8 @@ SSL_GNUTLS_PRINT_HANDSHAKE_STATUS(gnutls_handshake_description_t status)
         return "Client hello";
       case GNUTLS_HANDSHAKE_SERVER_HELLO:
         return "Server hello";
-#ifdef USE_GNUTLS2_10
       case GNUTLS_HANDSHAKE_NEW_SESSION_TICKET:
         return "New session ticket";
-#endif
       case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:
         return "Certificate packet";
       case GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE:
@@ -450,11 +446,7 @@ _ecore_con_ssl_server_init_gnutls(Ecore_Con_Server *svr)
    const gnutls_datum_t *cert_list;
    unsigned int iter, cert_list_size;
    gnutls_x509_crt_t cert = NULL;
-#ifdef USE_GNUTLS2_10
    const char *priority = "NONE:%VERIFY_ALLOW_X509_V1_CA_CRT:+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+COMP-DEFLATE:+COMP-NULL:+CTYPE-X509:+SHA1:+SHA256:+SHA384:+SHA512:+AES-256-CBC:+AES-128-CBC:+3DES-CBC:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0";
-#else
-   const char *priority = "NONE:%VERIFY_ALLOW_X509_V1_CA_CRT:+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+COMP-DEFLATE:+COMP-NULL:+CTYPE-X509:+SHA1:+SHA256:+SHA384:+SHA512:+AES-256-CBC:+AES-128-CBC:+3DES-CBC:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0";
-#endif
    int ret = 0;
 
    switch (svr->ssl_state)
@@ -486,9 +478,7 @@ _ecore_con_ssl_server_init_gnutls(Ecore_Con_Server *svr)
           }
 
         SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_init(&svr->session, GNUTLS_CLIENT));
-#ifdef USE_GNUTLS2_10
         SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_session_ticket_enable_client(svr->session));
-#endif
         SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_server_name_set(svr->session, GNUTLS_NAME_DNS, svr->name, strlen(svr->name)));
         SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_priority_set_direct(svr->session, priority, NULL));
         SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(svr->session, GNUTLS_CRD_CERTIFICATE, svr->cert));
@@ -500,9 +490,7 @@ _ecore_con_ssl_server_init_gnutls(Ecore_Con_Server *svr)
         svr->ssl_state = ECORE_CON_SSL_STATE_HANDSHAKING;
       case ECORE_CON_SSL_STATE_HANDSHAKING:
         ret = gnutls_handshake(svr->session);
-#ifdef USE_GNUTLS2_6
         DBG("calling gnutls_handshake(): returned with '%s'", gnutls_strerror_name(ret));
-#endif
         SSL_ERROR_CHECK_GOTO_ERROR(gnutls_error_is_fatal(ret));
         if (!ret)
           {
@@ -533,12 +521,10 @@ _ecore_con_ssl_server_init_gnutls(Ecore_Con_Server *svr)
      ERR("The certificate hasn't got a known issuer.");
    else if (iter & GNUTLS_CERT_REVOKED)
      ERR("The certificate has been revoked.");
-#ifdef USE_GNUTLS2_10
    else if (iter & GNUTLS_CERT_EXPIRED)
      ERR("The certificate has expired");
    else if (iter & GNUTLS_CERT_NOT_ACTIVATED)
      ERR("The certificate is not yet activated");
-#endif
 
    if (iter)
      goto error;
@@ -745,11 +731,7 @@ _ecore_con_ssl_server_write_gnutls(Ecore_Con_Server *svr, unsigned char *buf,
 static Ecore_Con_Ssl_Error
 _ecore_con_ssl_client_init_gnutls(Ecore_Con_Client *cl)
 {
-#ifdef USE_GNUTLS2_10
    const char *priority = "NONE:%VERIFY_ALLOW_X509_V1_CA_CRT:+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+COMP-DEFLATE:+COMP-NULL:+CTYPE-X509:+SHA1:+SHA256:+SHA384:+SHA512:+AES-256-CBC:+AES-128-CBC:+3DES-CBC:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0";
-#else
-   const char *priority = "NONE:%VERIFY_ALLOW_X509_V1_CA_CRT:+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+COMP-DEFLATE:+COMP-NULL:+CTYPE-X509:+SHA1:+SHA256:+SHA384:+SHA512:+AES-256-CBC:+AES-128-CBC:+3DES-CBC:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0";
-#endif
    int ret = 0;
 
    switch (cl->ssl_state)