From e1f9f9e3d8abc2ce9ce9cb7fc89222ca6e3f3baa Mon Sep 17 00:00:00 2001
From: Ted Zlatanov <tzz@lifelogs.com>
Date: Fri, 11 Oct 2013 09:47:35 -0400
Subject: [PATCH] Support GnuTLS v3 and set up its audit logging properly.

* configure.ac: Define HAVE_GNUTLS3 if GnuTLS v3 is found.

* src/gnutls.c (gnutls_audit_log_function): Add function for GnuTLS
audit logging (only used with GnuTLS 3.x) and enable it.
---
 ChangeLog     |  4 ++++
 configure.ac  |  6 ++++++
 src/ChangeLog |  5 +++++
 src/gnutls.c  | 23 +++++++++++++++++++++++
 4 files changed, 38 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 6b783060bf..bb16aea8cc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2013-10-11  Teodor Zlatanov  <tzz@lifelogs.com>
+
+	* configure.ac: Define HAVE_GNUTLS3 if GnuTLS v3 is found.
+
 2013-10-10  Barry Fishman  <barry_fishman@acm.org>  (tiny change)
 
 	* configure.ac: Update for giflib 5.  (Bug#15531)
diff --git a/configure.ac b/configure.ac
index 3bb1ee1e95..fd0c2d9b92 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2422,12 +2422,18 @@ fi
 AC_SUBST(LIBSELINUX_LIBS)
 
 HAVE_GNUTLS=no
+HAVE_GNUTLS3=no
 if test "${with_gnutls}" = "yes" ; then
   PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 2.6.6], HAVE_GNUTLS=yes, HAVE_GNUTLS=no)
+  PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 3.0.0], HAVE_GNUTLS3=yes, HAVE_GNUTLS3=no)
   if test "${HAVE_GNUTLS}" = "yes"; then
     AC_DEFINE(HAVE_GNUTLS, 1, [Define if using GnuTLS.])
   fi
 
+  if test "${HAVE_GNUTLS3}" = "yes"; then
+    AC_DEFINE(HAVE_GNUTLS3, 1, [Define if using GnuTLS v3.])
+  fi
+
   # Windows loads GnuTLS dynamically
   if test "${opsys}" = "mingw32"; then
     LIBGNUTLS_LIBS=
diff --git a/src/ChangeLog b/src/ChangeLog
index 74bb2a06cb..3d92420e7c 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2013-10-11  Teodor Zlatanov  <tzz@lifelogs.com>
+
+	* gnutls.c (gnutls_audit_log_function): Add function for GnuTLS
+	audit logging (only used with GnuTLS 3.x) and enable it.
+
 2013-10-11  Dmitry Antipov  <dmantipov@yandex.ru>
 
 	* dispnew.c (redraw_frame): Remove useless #ifdef because
diff --git a/src/gnutls.c b/src/gnutls.c
index db0a6dac01..2157d55505 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -55,6 +55,7 @@ static Lisp_Object QCgnutls_bootprop_verify_hostname_error;
 static Lisp_Object QCgnutls_bootprop_callbacks_verify;
 
 static void gnutls_log_function (int, const char *);
+static void gnutls_audit_log_function (gnutls_session_t, const char *);
 static void gnutls_log_function2 (int, const char*, const char*);
 
 
@@ -108,6 +109,9 @@ DEF_GNUTLS_FN (void, gnutls_dh_set_prime_bits,
 DEF_GNUTLS_FN (int, gnutls_error_is_fatal, (int));
 DEF_GNUTLS_FN (int, gnutls_global_init, (void));
 DEF_GNUTLS_FN (void, gnutls_global_set_log_function, (gnutls_log_func));
+#ifdef HAVE_GNUTLS3
+DEF_GNUTLS_FN (void, gnutls_global_set_audit_log_function, (gnutls_audit_log_func));
+#endif
 DEF_GNUTLS_FN (void, gnutls_global_set_log_level, (int));
 DEF_GNUTLS_FN (void, gnutls_global_set_mem_functions,
 	       (gnutls_alloc_function, gnutls_alloc_function,
@@ -173,6 +177,9 @@ init_gnutls_functions (void)
   LOAD_GNUTLS_FN (library, gnutls_error_is_fatal);
   LOAD_GNUTLS_FN (library, gnutls_global_init);
   LOAD_GNUTLS_FN (library, gnutls_global_set_log_function);
+#ifdef HAVE_GNUTLS3
+  LOAD_GNUTLS_FN (library, gnutls_global_set_audit_log_function);
+#endif
   LOAD_GNUTLS_FN (library, gnutls_global_set_log_level);
   LOAD_GNUTLS_FN (library, gnutls_global_set_mem_functions);
   LOAD_GNUTLS_FN (library, gnutls_handshake);
@@ -230,6 +237,9 @@ init_gnutls_functions (void)
 #define fn_gnutls_error_is_fatal		gnutls_error_is_fatal
 #define fn_gnutls_global_init			gnutls_global_init
 #define fn_gnutls_global_set_log_function	gnutls_global_set_log_function
+#ifdef HAVE_GNUTLS3
+#define fn_gnutls_global_set_audit_log_function	gnutls_global_set_audit_log_function
+#endif
 #define fn_gnutls_global_set_log_level		gnutls_global_set_log_level
 #define fn_gnutls_global_set_mem_functions	gnutls_global_set_mem_functions
 #define fn_gnutls_handshake			gnutls_handshake
@@ -249,6 +259,16 @@ init_gnutls_functions (void)
 #endif /* !WINDOWSNT */
 
 
+/* Function to log a simple audit message.  */
+static void
+gnutls_audit_log_function (gnutls_session_t session, const char* string)
+{
+  if (global_gnutls_log_level >= 1)
+    {
+      message ("gnutls.c: [audit] %s", string);
+    }
+}
+
 /* Function to log a simple message.  */
 static void
 gnutls_log_function (int level, const char* string)
@@ -797,6 +817,9 @@ one trustfile (usually a CA bundle).  */)
   if (TYPE_RANGED_INTEGERP (int, loglevel))
     {
       fn_gnutls_global_set_log_function (gnutls_log_function);
+#ifdef HAVE_GNUTLS3
+      fn_gnutls_global_set_audit_log_function (gnutls_audit_log_function);
+#endif
       fn_gnutls_global_set_log_level (XINT (loglevel));
       max_log_level = XINT (loglevel);
       XPROCESS (proc)->gnutls_log_level = max_log_level;
-- 
2.20.1