@@ -86,6 +86,8 @@ openvpn_SOURCES = \

 	common.h \

 	config-win32.h \

 	crypto.c crypto.h crypto_backend.h \

+	crypto_openssl.c crypto_openssl.h \

+	crypto_polarssl.c crypto_polarssl.h \

 	dhcp.c dhcp.h \

 	errlevel.h \

 	error.c error.h \

@@ -115,6 +117,8 @@ openvpn_SOURCES = \

         ntlm.c ntlm.h \

 	occ.c occ.h occ-inline.h \

 	pkcs11.c pkcs11.h pkcs11_backend.h \

+	pkcs11_openssl.c \

+	pkcs11_polarssl.c \

 	openvpn.c openvpn.h \

 	openvpn-plugin.h \

 	options.c options.h \

@@ -139,7 +143,11 @@ openvpn_SOURCES = \

 	socket.c socket.h \

 	socks.c socks.h \

 	ssl.c ssl.h  ssl_backend.h \

+	ssl_openssl.c ssl_openssl.h \

+	ssl_polarssl.c ssl_polarssl.h \

 	ssl_verify.c ssl_verify.h ssl_verify_backend.h \

+	ssl_verify_openssl.c ssl_verify_openssl.h \

+	ssl_verify_polarssl.c ssl_verify_polarssl.h \

 	status.c status.h \

 	syshead.h \

 	tun.c tun.h \

@@ -153,21 +161,6 @@ configure.h: Makefile

 	awk -f $(srcdir)/configure_h.awk config.h > $@

 	awk -f $(srcdir)/configure_log.awk config.log >> $@

-if USE_OPENSSL

-openvpn_SOURCES += \

-	crypto_openssl.c crypto_openssl.h \

-	pkcs11_openssl.c \

-	ssl_openssl.c ssl_openssl.h \

-	ssl_verify_openssl.c ssl_verify_openssl.h

-endif

-if USE_POLARSSL

-openvpn_SOURCES += \

-	crypto_polarssl.c crypto_polarssl.h \

-	pkcs11_polarssl.c \

-	ssl_polarssl.c ssl_polarssl.h \

-	ssl_verify_polarssl.c ssl_verify_polarssl.h

-endif

-

 dist-hook:

 	cd $(distdir) && for i in $(EXTRA_DIST) $(SUBDIRS) ; do find $$i -name .svn -type d -prune -exec rm -rf '{}' ';' ; rm -f `find $$i -type f | grep -E '(^|\/)\.?\#|\~$$|\.s?o$$'` ; done

@@ -299,8 +299,6 @@ AC_ARG_WITH([ssl-type],

    esac],

    [SSL_LIB="openssl"]

 )

-AM_CONDITIONAL([USE_OPENSSL], [test x$SSL_LIB = xopenssl])

-AM_CONDITIONAL([USE_POLARSSL], [test x$SSL_LIB = xpolarssl])

 dnl fix search path, to allow compilers to find syshead.h

 CPPFLAGS="$CPPFLAGS -I${srcdir}"

@@ -29,6 +29,8 @@

 #include "syshead.h"

+#if defined(USE_CRYPTO) && defined(USE_OPENSSL)

+

 #include "basic.h"

 #include "buffer.h"

 #include "integer.h"

@@ -789,3 +791,5 @@ hmac_ctx_final (HMAC_CTX *ctx, uint8_t *dst)

   HMAC_Final (ctx, dst, &in_hmac_len);

 }

+

+#endif /* USE_CRYPTO && USE_OPENSSL */

@@ -29,6 +29,8 @@

 #include "syshead.h"

+#if defined(USE_CRYPTO) && defined(USE_POLARSSL)

+

 #include "errlevel.h"

 #include "basic.h"

 #include "buffer.h"

@@ -555,3 +557,5 @@ hmac_ctx_final (md_context_t *ctx, uint8_t *dst)

 {

   ASSERT(0 == md_hmac_finish(ctx, dst));

 }

+

+#endif /* USE_CRYPTO && USE_POLARSSL */

@@ -77,7 +77,7 @@ struct options_pre_pull

 };

 #endif

-#if !defined(USE_OPENSSL) && !defined(USE_POLARSSL)

+#if defined(USE_CRYPTO) && !defined(USE_OPENSSL) && !defined(USE_POLARSSL)

 # error "At least one of OpenSSL or PolarSSL needs to be defined."

 #endif

@@ -29,7 +29,7 @@

 #include "syshead.h"

-#ifdef ENABLE_PKCS11

+#if defined(ENABLE_PKCS11) && defined(USE_OPENSSL)

 #include "errlevel.h"

 #include "pkcs11_backend.h"

@@ -185,4 +185,4 @@ cleanup:

     }

   return ret;

 }

-#endif /* ENABLE_PKCS11 */

+#endif /* defined(ENABLE_PKCS11) && defined(ENABLE_OPENSSL) */

@@ -29,7 +29,7 @@

 #include "syshead.h"

-#if defined(ENABLE_PKCS11)

+#if defined(ENABLE_PKCS11) && defined(USE_POLARSSL)

 #include "errlevel.h"

 #include "pkcs11_backend.h"

@@ -118,4 +118,4 @@ cleanup:

   return ret;

 }

-#endif /* defined(ENABLE_PKCS11) */

+#endif /* defined(ENABLE_PKCS11) && defined(USE_POLARSSL) */

@@ -28,6 +28,9 @@

  */

 #include "syshead.h"

+

+#if defined(USE_SSL) && defined(USE_OPENSSL)

+

 #include "errlevel.h"

 #include "buffer.h"

 #include "misc.h"

@@ -1286,3 +1289,5 @@ get_highest_preference_tls_cipher (char *buf, int size)

   SSL_free (ssl);

   SSL_CTX_free (ctx);

 }

+

+#endif /* defined(USE_SSL) && defined(USE_OPENSSL) */

@@ -28,6 +28,9 @@

  */

 #include "syshead.h"

+

+#if defined(USE_SSL) && defined(USE_POLARSSL)

+

 #include "errlevel.h"

 #include "ssl_backend.h"

 #include "buffer.h"

@@ -857,3 +860,5 @@ get_highest_preference_tls_cipher (char *buf, int size)

   cipher_name = ssl_get_ciphersuite_name(*ciphers);

   strncpynt (buf, cipher_name, size);

 }

+

+#endif /* defined(USE_SSL) && defined(USE_POLARSSL) */

@@ -28,6 +28,9 @@

  */

 #include "syshead.h"

+

+#if defined(USE_CRYPTO) && defined(USE_SSL)

+

 #include "misc.h"

 #include "manage.h"

 #include "ssl_verify.h"

@@ -1237,3 +1240,4 @@ verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)

       gc_free (&gc);

     }

 }

+#endif /* defined(USE_CRYPTO) && defined(USE_SSL) */

@@ -27,6 +27,10 @@

  * @file Control Channel Verification Module OpenSSL implementation

  */

+#include "syshead.h"

+

+#if defined(USE_SSL) && defined(USE_OPENSSL)

+

 #include "ssl_verify.h"

 #include "ssl_verify_backend.h"

 #include "ssl_openssl.h"

@@ -584,3 +588,5 @@ end:

   return retval;

 }

+

+#endif /* defined(USE_SSL) && defined(USE_OPENSSL) */

@@ -27,6 +27,10 @@

  * @file Control Channel Verification Module PolarSSL backend

  */

+#include "syshead.h"

+

+#if defined(USE_SSL) && defined(USE_POLARSSL)

+

 #include "ssl_verify.h"

 #include <polarssl/sha1.h>

@@ -417,3 +421,5 @@ end:

   x509_crl_free(&crl);

   return retval;

 }

+

+#endif /* #if defined(USE_SSL) && defined(USE_POLARSSL) */