split out code that is needed only when tls or dtls is used

git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@445 e88ac4ed-0b26-0410-9574-a7f39faa03bf

Makefile

 CFLAGS = -g -Wall -pedantic -pthread -DRADPROT_UDP -DRADPROT_TCP -DRADPROT_TLS -DRADPROT_DTLS
 LDFLAGS = -lssl
-OBJ = util.o debug.o list.o hash.o gconfig.o tlv11.o radmsg.o udp.o tcp.o tls.o dtls.o radsecproxy.o
+OBJ = util.o debug.o list.o hash.o gconfig.o tlv11.o radmsg.o udp.o tcp.o tls.o dtls.o tlscommon.o radsecproxy.o
 
 all: radsecproxy
 

Makefile.am

@@ -25,7 +25,7 @@ radsecproxy_SOURCES = radsecproxy.c \
 		      tls.h \
 		      dtls.h
 
-radsecproxy_CFLAGS  = -g -Wall -pedantic -pthread @SSL_CFLAGS@ @TARGET_CFLAGS@
+radsecproxy_CFLAGS  = -g -Wall -pedantic -pthread -DRADPROT_UDP -DRADPROT_TCP -DRADPROT_TLS -DRADPROT_DTLS @SSL_CFLAGS@ @TARGET_CFLAGS@
 radsecproxy_LDFLAGS = @SSL_LDFLAGS@ @TARGET_LDFLAGS@
 radsecproxy_LDADD   = @SSL_LIBS@
 

dtls.c

@@ -6,7 +6,6 @@
  * copyright notice and this permission notice appear in all copies.
  */
 
-#ifdef RADPROT_DTLS
 #include <signal.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
@@ -27,12 +26,14 @@
 #include <pthread.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
-#include "debug.h"
 #include "list.h"
 #include "hash.h"
-#include "util.h"
 #include "radsecproxy.h"
 
+#ifdef RADPROT_DTLS
+#include "debug.h"
+#include "util.h"
+
 static void setprotoopts(struct commonprotoopts *opts);
 static char **getlistenerargs();
 void *udpdtlsserverrd(void *arg);

radsecproxy.h

@@ -151,23 +151,6 @@ struct realm {
     struct list *accsrvconfs;
 };
 
-struct tls {
-    char *name;
-    char *cacertfile;
-    char *cacertpath;
-    char *certfile;
-    char *certkeyfile;
-    char *certkeypwd;
-    uint8_t crlcheck;
-    char **policyoids;
-    uint32_t cacheexpiry;
-    uint32_t tlsexpiry;
-    uint32_t dtlsexpiry;
-    X509_VERIFY_PARAM *vpm;
-    SSL_CTX *tlsctx;
-    SSL_CTX *dtlsctx;
-};
-
 struct modattr {
     uint8_t t;
     char *replacement;

tls.c

@@ -6,7 +6,6 @@
  * copyright notice and this permission notice appear in all copies.
  */
 
-#ifdef RADPROT_TLS
 #include <signal.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
@@ -27,11 +26,13 @@
 #include <pthread.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
-#include "debug.h"
 #include "list.h"
-#include "util.h"
 #include "radsecproxy.h"
 
+#ifdef RADPROT_TLS
+#include "debug.h"
+#include "util.h"
+
 static void setprotoopts(struct commonprotoopts *opts);
 static char **getlistenerargs();
 void *tlslistener(void *arg);

tlscommon.h

+/*
+ * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ */
+
+#if defined(RADPROT_TLS) || defined(RADPROT_DTLS)
+struct tls *tlsgettls(char *alt1, char *alt2);
+SSL_CTX *tlsgetctx(uint8_t type, struct tls *t);
+int conftls_cb(struct gconffile **cf, void *arg, char *block, char *opt, char *val);
+#endif