Implemented x509-track for PolarSSL.

This patch is a variant of the patch to implement x509-track for
PolarSSL that was sent to openvpn-devel@ by James Yonan
(<1456993146-63968-7-git-send-email-james@openvpn.net>).  It still uses
some of the original code from James, but proposes a different
implementation.

This patch does the following things differently:
 * Do not introduce NID_* defines that need to be maintained.  Instead,
   just use the short name of the attribute for identification.  This
   has the advantage that we automatically support everything that
   PolarSSL supports, it is less code and we do not have maintain the
   list.  But the disadvantage is that this approach will not error out
   when an unknown attribute name is supplied.  PolarSSL (at least 1.3,
   I didn't check 2.x) does not provide the functions required to do
   that.  Instead of erroring out, this implementation will just
   silently ignore the unknown --x509-track attribute name.
 * Remove the ENABLE_X509_TRACK define completely - it depended just on
   ENABLE_CRYPTO anyway.
 * Move the --x509-track option parsing out of ENABLE_MANAGEMENT, since
   it does not depend on management functionality.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <CAA1AbxL1w8e_o-GjS2jETZWxYdMbS2iKABPc6OZBA8bOVycjtA@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11350
Signed-off-by: Gert Doering <gert@greenie.muc.de>

1 files changed, 0 insertions, 7 deletions

diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h
index 7e77b6c..1c9248f 100644
--- a/src/openvpn/syshead.h
+++ b/src/openvpn/syshead.h
@@ -632,13 +632,6 @@ socket_defined (const socket_descriptor_t sd)
 #endif
 
 /*
- * Enable x509-track feature?
- */
-#if defined(ENABLE_CRYPTO) && defined (ENABLE_CRYPTO_OPENSSL)
-#define ENABLE_X509_TRACK
-#endif
-
-/*
  * Is poll available on this platform?
  */
 #if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H)