--- sylpheed-2.2.4/config.h.in.orig 2005-11-16 10:12:37.000000000 +0000 +++ sylpheed-2.2.4/config.h.in 2006-04-28 11:36:36.000000000 +0100 @@ -251,6 +251,9 @@ /* Define to 1 if your declares `struct tm'. */ #undef TM_IN_SYS_TIME +/* Define if you use GnuTLS to support SSL. */ +#undef USE_GNUTLS + /* Define if you use GPGME to support OpenPGP. */ #undef USE_GPGME @@ -264,6 +267,9 @@ #undef USE_LDAP /* Define if you use OpenSSL to support SSL. */ +#undef USE_OPENSSL + +/* Define if SSL is supported. */ #undef USE_SSL /* Whether to use multithread or not */ --- sylpheed-2.2.4/configure.in.orig 2006-03-24 04:22:10.000000000 +0000 +++ sylpheed-2.2.4/configure.in 2006-04-28 11:36:36.000000000 +0100 @@ -231,7 +231,8 @@ #include ], [ return OPENSSL_VERSION_NUMBER; ], [ AC_MSG_RESULT(yes) - AC_DEFINE(USE_SSL, 1, Define if you use OpenSSL to support SSL.) ], + AC_DEFINE(USE_SSL, 1, Define if SSL is supported.) + AC_DEFINE(USE_OPENSSL, 1, Define if you use OpenSSL to support SSL.) ], [ AC_MSG_RESULT(no) LIBS="$ac_save_LIBS" ac_cv_enable_ssl=no ]) @@ -240,6 +241,27 @@ AC_MSG_RESULT(no) fi +AC_ARG_ENABLE(gnutls, + [ --enable-gnutls Enable SSL support using GnuTLS [default=no]], + [ac_cv_enable_gnutls=$enableval], [ac_cv_enable_gnutls=no]) +AC_MSG_CHECKING([whether to use GnuTLS]) +if test $ac_cv_enable_gnutls = yes; then + AC_MSG_RESULT(yes) + AC_MSG_CHECKING([if GnuTLS is available]) + LIBS="$LIBS -lgnutls-openssl" + AC_TRY_LINK([ +#include +], [ return OPENSSL_VERSION_NUMBER; ], + [ AC_MSG_RESULT(yes) + AC_DEFINE(USE_SSL, 1, Define if SSL is supported.) + AC_DEFINE(USE_GNUTLS, 1, Define if you use GnuTLS to support SSL.) ], + [ AC_MSG_RESULT(no) + LIBS="$ac_save_LIBS" + ac_cv_enable_gnutls=no ]) +else + AC_MSG_RESULT(no) +fi + dnl Check for X-Face support AC_ARG_ENABLE(compface, [ --disable-compface Do not use compface (X-Face)], @@ -400,6 +422,7 @@ echo "JPilot : $ac_cv_enable_jpilot" echo "LDAP : $ac_cv_enable_ldap" echo "OpenSSL : $ac_cv_enable_ssl" +echo "GnuTLS : $ac_cv_enable_gnutls" echo "iconv : $am_cv_func_iconv" echo "compface : $ac_cv_enable_compface" echo "IPv6 : $ac_cv_enable_ipv6" --- sylpheed-2.2.4/libsylph/ssl.h.old 2006-04-28 11:36:10.000000000 +0100 +++ sylpheed-2.2.4/libsylph/ssl.h 2006-04-28 11:37:03.000000000 +0100 @@ -27,11 +27,20 @@ #if USE_SSL #include +#if USE_OPENSSL #include #include #include #include #include +#else +#if USE_GNUTLS +#include +#define X509_V_OK 0 +#else +#error Must select either GnuTLS or OpenSSL +#endif +#endif #include "socket.h" --- sylpheed-2.2.4/libsylph/ssl.c.orig 2006-04-28 20:38:46.000000000 +0100 +++ sylpheed-2.2.4/libsylph/ssl.c 2006-04-28 20:40:22.000000000 +0100 @@ -54,9 +54,11 @@ debug_print(_("SSLv23 not available\n")); } else { debug_print(_("SSLv23 available\n")); +#if USE_OPENSSL if (certs_dir && !SSL_CTX_load_verify_locations(ssl_ctx_SSLv23, NULL, certs_dir)) +#endif g_warning("SSLv23 SSL_CTX_load_verify_locations failed.\n"); } @@ -65,9 +67,11 @@ debug_print(_("TLSv1 not available\n")); } else { debug_print(_("TLSv1 available\n")); +#if USE_OPENSSL if (certs_dir && !SSL_CTX_load_verify_locations(ssl_ctx_TLSv1, NULL, certs_dir)) +#endif g_warning("TLSv1 SSL_CTX_load_verify_locations failed.\n"); } @@ -151,14 +155,19 @@ g_free(str); } +#if USE_OPENSSL verify_result = SSL_get_verify_result(sockinfo->ssl); if (verify_result == X509_V_OK) debug_print("SSL verify OK\n"); else +#endif g_warning("%s: SSL certificate verify failed (%ld: %s)\n", sockinfo->hostname, verify_result, +#if USE_OPENSSL X509_verify_cert_error_string(verify_result)); - +#else + "Unsupport GnuTLS features"); +#endif X509_free(server_cert); }