dead code elimination

30 files changed, 67 insertions, 2278 deletions

diff --git a/ChangeLog b/ChangeLog
index 309c8bb8..786866da 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+Sat Nov 15 17:34:24 MST 2008
+         Added build support for code coverage analysis. -CG
+
 Sat Nov 15 00:31:33 MST 2008
          Removing (broken) support for HTTPS servers with
          anonymous (aka "no") certificates as well as
diff --git a/configure.ac b/configure.ac
index b2b9d2bc..97a5263a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -335,9 +335,16 @@ AC_DEFINE([ENABLE_PKI],[0],[Include PKI support])
 AC_DEFINE([DEBUG],[1],[Include gnutls debug message support])
 AC_DEFINE([C99_MACROS],[1],[Include gnutls debug message support])
 
-AC_DEFINE([ENABLE_OPENSSL],[0],[Include ENABLE_OPENSSL support])
-AC_DEFINE([HAVE_LD_OUTPUT_DEF],[0],[Include HAVE_LD_OUTPUT_DEF support])
-AC_DEFINE([HAVE_LD_VERSION_SCRIPT],[0],[Include HAVE_LD_VERSION_SCRIPT support])
+
+
+# gcov compilation
+use_gcov=no
+AC_ARG_ENABLE([coverage], AS_HELP_STRING([--enable-coverage],
+                                        [Compile the library with code coverage support (default is NO)]),
+                                        [use_gcov=yes], [use_gcov=no])
+AM_CONDITIONAL([USE_COVERAGE], [test "x$use_gcov" = "xyes"])
+
+
 
 
 AC_SUBST(CPPFLAGS)
diff --git a/contrib/coverage.sh b/contrib/coverage.sh
new file mode 100755
index 00000000..8d5787b2
--- /dev/null
+++ b/contrib/coverage.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# make sure configure was run with coverage enabled...
+lcov --directory . --zerocounters
+make check
+lcov --directory . --capture --output-file app.info
+mkdir /tmp/coverage
+genhtml -o /tmp/coverage app.info
diff --git a/src/daemon/Makefile.am b/src/daemon/Makefile.am
index b26c3df5..c52e2610 100644
--- a/src/daemon/Makefile.am
+++ b/src/daemon/Makefile.am
@@ -1,6 +1,10 @@
 # including '.' mixes up build order when HTTPS is enabled.
 SUBDIRS = 
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 AM_CPPFLAGS = \
 -I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon \
diff --git a/src/daemon/https/Makefile.am b/src/daemon/https/Makefile.am
index e022e45b..8b4c1aa1 100644
--- a/src/daemon/https/Makefile.am
+++ b/src/daemon/https/Makefile.am
@@ -1,2 +1,3 @@
 EXTRA_DIST = gnutls.h
+
 SUBDIRS = minitasn1 lgl x509 tls .
diff --git a/src/daemon/https/lgl/Makefile.am b/src/daemon/https/lgl/Makefile.am
index 6ab8ea25..2caab931 100644
--- a/src/daemon/https/lgl/Makefile.am
+++ b/src/daemon/https/lgl/Makefile.am
@@ -6,6 +6,10 @@ AM_CPPFLAGS = -std=c99 \
 
 # gc-gnulib.c
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 noinst_LTLIBRARIES = liblgl.la
 
 liblgl_la_LDFLAGS = -lgcrypt
diff --git a/src/daemon/https/minitasn1/Makefile.am b/src/daemon/https/minitasn1/Makefile.am
index 34e56d13..16ba08b2 100644
--- a/src/daemon/https/minitasn1/Makefile.am
+++ b/src/daemon/https/minitasn1/Makefile.am
@@ -4,6 +4,10 @@ AM_CPPFLAGS = \
 -I$(top_srcdir)/src/daemon/https/lgl \
 -I$(top_srcdir)/src/daemon/https/tls 
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 noinst_LTLIBRARIES = libasn1.la
 
 libasn1_la_SOURCES = \
diff --git a/src/daemon/https/minitasn1/libtasn1.h b/src/daemon/https/minitasn1/libtasn1.h
index 7cc3672b..fdf0b306 100644
--- a/src/daemon/https/minitasn1/libtasn1.h
+++ b/src/daemon/https/minitasn1/libtasn1.h
@@ -156,9 +156,6 @@ extern "C"
 
   MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure);
 
-  MHD__asn1_retCode MHD__asn1_delete_element (ASN1_TYPE structure,
-                                              const char *element_name);
-
   MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root,
                                            const char *name,
                                            const void *ivalue, int len);
@@ -218,9 +215,6 @@ extern "C"
 
   ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name);
 
-  MHD__asn1_retCode MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name,
-                                         ASN1_TYPE src, const char *src_name);
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/src/daemon/https/minitasn1/structure.c b/src/daemon/https/minitasn1/structure.c
index 7f72661f..e0abe594 100644
--- a/src/daemon/https/minitasn1/structure.c
+++ b/src/daemon/https/minitasn1/structure.c
@@ -267,49 +267,6 @@ MHD__asn1_delete_structure (ASN1_TYPE * structure)
   return ASN1_SUCCESS;
 }
 
-
-
-/**
-  * MHD__asn1_delete_element - Deletes the element of a structure.
-  * @structure: pointer to the structure that contains the element you
-  *   want to delete.
-  * @element_name: element's name you want to delete.
-  *
-  * Deletes the element named *@element_name inside *@structure.
-  *
-  * Returns:
-  *
-  * ASN1_SUCCESS: Everything OK.
-  *
-  * ASN1_ELEMENT_NOT_FOUND: The name element was not found.
-  *
-  **/
-MHD__asn1_retCode
-MHD__asn1_delete_element (ASN1_TYPE structure, const char *element_name)
-{
-  node_asn *p2, *p3, *source_node;
-
-  source_node = MHD__asn1_find_node (structure, element_name);
-
-  if (source_node == ASN1_TYPE_EMPTY)
-    return ASN1_ELEMENT_NOT_FOUND;
-
-  p2 = source_node->right;
-  p3 = MHD__asn1_find_left (source_node);
-  if (!p3)
-    {
-      p3 = MHD__asn1_find_up (source_node);
-      if (p3)
-        MHD__asn1_set_down (p3, p2);
-      else if (source_node->right)
-        source_node->right->left = NULL;
-    }
-  else
-    MHD__asn1_set_right (p3, p2);
-
-  return MHD__asn1_delete_structure (&source_node);
-}
-
 node_asn *
 MHD__asn1_copy_structure3 (node_asn * source_node)
 {
@@ -730,54 +687,3 @@ MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions,
   return NULL;                  /* ASN1_ELEMENT_NOT_FOUND; */
 }
 
-/**
- * MHD__asn1_copy_node:
- * @dst: Destination ASN1_TYPE node.
- * @dst_name: Field name in destination node.
- * @src: Source ASN1_TYPE node.
- * @src_name: Field name in source node.
- *
- * Create a deep copy of a ASN1_TYPE variable.
- *
- * Return value: Return ASN1_SUCCESS on success.
- **/
-MHD__asn1_retCode
-MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name,
-                     ASN1_TYPE src, const char *src_name)
-{
-/* FIXME: rewrite using copy_structure().
- * It seems quite hard to do.
- */
-  int result;
-  ASN1_TYPE dst_node;
-  void *data = NULL;
-  int size = 0;
-
-  result = MHD__asn1_der_coding (src, src_name, NULL, &size, NULL);
-  if (result != ASN1_MEM_ERROR)
-    return result;
-
-  data = MHD__asn1_malloc (size);
-  if (data == NULL)
-    return ASN1_MEM_ERROR;
-
-  result = MHD__asn1_der_coding (src, src_name, data, &size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD__asn1_free (data);
-      return result;
-    }
-
-  dst_node = MHD__asn1_find_node (dst, dst_name);
-  if (dst_node == NULL)
-    {
-      MHD__asn1_free (data);
-      return ASN1_ELEMENT_NOT_FOUND;
-    }
-
-  result = MHD__asn1_der_decoding (&dst_node, data, size, NULL);
-
-  MHD__asn1_free (data);
-
-  return result;
-}
diff --git a/src/daemon/https/tls/Makefile.am b/src/daemon/https/tls/Makefile.am
index 420307fc..23ec8d7b 100644
--- a/src/daemon/https/tls/Makefile.am
+++ b/src/daemon/https/tls/Makefile.am
@@ -1,5 +1,9 @@
 SUBDIRS = .
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 AM_CPPFLAGS = \
 -I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon/ \
diff --git a/src/daemon/https/tls/debug.c b/src/daemon/https/tls/debug.c
index ac657504..a0a4953a 100644
--- a/src/daemon/https/tls/debug.c
+++ b/src/daemon/https/tls/debug.c
@@ -28,30 +28,6 @@
 #include <stdlib.h>
 #include <gcrypt.h>
 
-#ifdef DEBUG
-
-
-void
-MHD__gnutls_print_state (MHD_gtls_session_t session)
-{
-
-  MHD__gnutls_debug_log ("GNUTLS State:\n");
-  MHD__gnutls_debug_log ("Connection End: %d\n",
-                         session->security_parameters.entity);
-  MHD__gnutls_debug_log ("Cipher Algorithm: %d\n",
-                         session->security_parameters.
-                         read_bulk_cipher_algorithm);
-  MHD__gnutls_debug_log ("MAC algorithm: %d\n",
-                         session->security_parameters.read_mac_algorithm);
-  MHD__gnutls_debug_log ("Compression Algorithm: %d\n",
-                         session->security_parameters.
-                         read_compression_algorithm);
-  MHD__gnutls_debug_log ("\n");
-
-}
-
-#endif
-
 const char *
 MHD__gnutls_packet2str (content_type_t packet)
 {
diff --git a/src/daemon/https/tls/debug.h b/src/daemon/https/tls/debug.h
index 69c6a06e..0ecce182 100644
--- a/src/daemon/https/tls/debug.h
+++ b/src/daemon/https/tls/debug.h
@@ -22,9 +22,6 @@
  *
  */
 
-#ifdef DEBUG
-void MHD__gnutls_print_state (MHD_gtls_session_t session);
-#endif
 const char *MHD__gnutls_packet2str (content_type_t packet);
 const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t
                                        handshake);
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c
index 89ca70bc..02be3637 100644
--- a/src/daemon/https/tls/gnutls_algorithms.c
+++ b/src/daemon/https/tls/gnutls_algorithms.c
@@ -1549,15 +1549,6 @@ MHD__gnutls_qsort (MHD_gtls_session_t session,
   char *base = _base;
   size_t snmemb = nmemb;
 
-#ifdef DEBUG
-  if (size > MAX_ELEM_SIZE)
-    {
-      MHD_gnutls_assert ();
-      MHD__gnutls_debug_log ("QSORT BUG\n");
-      exit (1);
-    }
-#endif
-
   if (snmemb <= 1)
     return;
   pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar);
diff --git a/src/daemon/https/tls/gnutls_errors.c b/src/daemon/https/tls/gnutls_errors.c
index 51fdb707..bf6a1d0d 100644
--- a/src/daemon/https/tls/gnutls_errors.c
+++ b/src/daemon/https/tls/gnutls_errors.c
@@ -398,17 +398,3 @@ MHD_gtls_log (int level, const char *fmt, ...)
   log_func (level, str);
 }
 
-#ifndef DEBUG
-# ifndef C99_MACROS
-
-/* Without C99 macros these functions have to
- * be called. This may affect performance.
- */
-void
-MHD__gnutls_null_log (void *x, ...)
-{
-  return;
-}
-
-# endif /* C99_MACROS */
-#endif /* DEBUG */
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c
index 635b01eb..6f7e46bf 100644
--- a/src/daemon/https/tls/gnutls_global.c
+++ b/src/daemon/https/tls/gnutls_global.c
@@ -145,15 +145,6 @@ MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function alloc_func,
 
 }
 
-#ifdef DEBUG
-static void
-MHD__gnutls_gcry_log_handler (void *dummy, int level,
-                              const char *fmt, va_list list)
-{
-  MHD_gtls_log (level, fmt, list);
-}
-#endif
-
 static int MHD__gnutls_init_level = 0;
 
 /**
@@ -254,12 +245,6 @@ MHD__gnutls_global_init (void)
 
       gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
 
-#ifdef DEBUG
-      /* applications may want to override that, so we only use
-       * it in debugging mode.
-       */
-      gcry_set_log_handler (MHD__gnutls_gcry_log_handler, NULL);
-#endif
     }
 
   if (MHD_gc_init () != GC_OK)
@@ -269,10 +254,6 @@ MHD__gnutls_global_init (void)
       return GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY;
     }
 
-#ifdef DEBUG
-  MHD_gtls_global_set_log_function (MHD_tls_log_func);
-#endif
-
   /* initialize parser
    * This should not deal with files in the final
    * version.
diff --git a/src/daemon/https/x509/Makefile.am b/src/daemon/https/x509/Makefile.am
index 4156d2e3..65d9594f 100644
--- a/src/daemon/https/x509/Makefile.am
+++ b/src/daemon/https/x509/Makefile.am
@@ -1,3 +1,8 @@
+SUBDIRS = .
+
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
 
 AM_CPPFLAGS = \
 -I$(top_srcdir)/src/include \
@@ -10,14 +15,11 @@ AM_CPPFLAGS = \
 noinst_LTLIBRARIES = libx509.la
 
 libx509_la_LDFLAGS = -lgcrypt 
-# -l $(top_srcdir)/src/daemon/https/lgl/liblgl.la
 
 libx509_la_SOURCES = \
 common.c common.h \
-crq.c crq.h \
 crl.c \
 dn.c dn.h \
-dsa.c dsa.h \
 extensions.c extensions.h \
 mpi.c mpi.h \
 pkcs12_encr.c pkcs12.h \
diff --git a/src/daemon/https/x509/common.h b/src/daemon/https/x509/common.h
index 7ddb4b08..a35bbc0b 100644
--- a/src/daemon/https/x509/common.h
+++ b/src/daemon/https/x509/common.h
@@ -94,11 +94,6 @@ int MHD__gnutls_x509_read_value (ASN1_TYPE c, const char *root,
 int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root,
                                   const MHD_gnutls_datum_t * data, int str);
 
-int MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
-                                                 ASN1_TYPE MHD__asn1_struct,
-                                                 const char *where,
-                                                 const void *data,
-                                                 int sizeof_data, int multi);
 int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
                                                 const char *where, char *oid,
                                                 int oid_size,
diff --git a/src/daemon/https/x509/crl.c b/src/daemon/https/x509/crl.c
index e023a193..98a9748b 100644
--- a/src/daemon/https/x509/crl.c
+++ b/src/daemon/https/x509/crl.c
@@ -164,113 +164,6 @@ cleanup:
 
 
 /**
-  * MHD_gnutls_x509_crl_get_issuer_dn - This function returns the CRL's issuer distinguished name
-  * @crl: should contain a MHD_gnutls_x509_crl_t structure
-  * @buf: a pointer to a structure to hold the peer's name (may be null)
-  * @sizeof_buf: initially holds the size of @buf
-  *
-  * This function will copy the name of the CRL issuer in the provided buffer. The name
-  * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output
-  * string will be ASCII or UTF-8 encoded, depending on the certificate data.
-  *
-  * If buf is null then only the size will be filled.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and
-  * in that case the sizeof_buf will be updated with the required size, and
-  * 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf,
-                                   size_t * sizeof_buf)
-{
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_parse_dn (crl->crl,
-                                    "tbsCertList.issuer.rdnSequence",
-                                    buf, sizeof_buf);
-}
-
-/**
-  * MHD_gnutls_x509_crl_get_issuer_dn_by_oid - This function returns the CRL's issuer distinguished name
-  * @crl: should contain a MHD_gnutls_x509_crl_t structure
-  * @oid: holds an Object Identified in null terminated string
-  * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one.
-  * @raw_flag: If non zero returns the raw DER data of the DN part.
-  * @buf: a pointer to a structure to hold the peer's name (may be null)
-  * @sizeof_buf: initially holds the size of @buf
-  *
-  * This function will extract the part of the name of the CRL issuer specified
-  * by the given OID. The output will be encoded as described in RFC2253. The output
-  * string will be ASCII or UTF-8 encoded, depending on the certificate data.
-  *
-  * Some helper macros with popular OIDs can be found in gnutls/x509.h
-  * If raw flag is zero, this function will only return known OIDs as text. Other OIDs
-  * will be DER encoded, as described in RFC2253 -- in hex format with a '\#' prefix.
-  * You can check about known OIDs using MHD_gnutls_x509_dn_oid_known().
-  *
-  * If buf is null then only the size will be filled.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and
-  * in that case the sizeof_buf will be updated with the required size,
-  * and 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
-                                          const char *oid, int indx,
-                                          unsigned int raw_flag, void *buf,
-                                          size_t * sizeof_buf)
-{
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_parse_dn_oid (crl->crl,
-                                        "tbsCertList.issuer.rdnSequence",
-                                        oid, indx, raw_flag, buf, sizeof_buf);
-}
-
-/**
-  * MHD_gnutls_x509_crl_get_dn_oid - This function returns the Certificate request issuer's distinguished name OIDs
-  * @crl: should contain a MHD_gnutls_x509_crl_t structure
-  * @indx: Specifies which DN OID to send. Use zero to get the first one.
-  * @oid: a pointer to a structure to hold the name (may be null)
-  * @sizeof_oid: initially holds the size of 'oid'
-  *
-  * This function will extract the requested OID of the name of the CRL issuer, specified
-  * by the given index.
-  *
-  * If oid is null then only the size will be filled.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and
-  * in that case the sizeof_oid will be updated with the required size.
-  * On success 0 is returned.
-  *
-  **/
-int
-MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl,
-                                int indx, void *oid, size_t * sizeof_oid)
-{
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_get_dn_oid (crl->crl,
-                                      "tbsCertList.issuer.rdnSequence", indx,
-                                      oid, sizeof_oid);
-}
-
-
-/**
   * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm
   * @crl: should contain a MHD_gnutls_x509_crl_t structure
   *
@@ -368,82 +261,6 @@ MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl,
   return 0;
 }
 
-/**
-  * MHD_gnutls_x509_crl_get_version - This function returns the CRL's version number
-  * @crl: should contain a MHD_gnutls_x509_crl_t structure
-  *
-  * This function will return the version of the specified CRL.
-  *
-  * Returns a negative value on error.
-  *
-  **/
-int
-MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl)
-{
-  opaque version[5];
-  int len, result;
-
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  len = sizeof (version);
-  if ((result =
-       MHD__asn1_read_value (crl->crl, "tbsCertList.version", version,
-                             &len)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  return (int) version[0] + 1;
-}
-
-/**
-  * MHD_gnutls_x509_crl_get_this_update - This function returns the CRL's thisUpdate time
-  * @crl: should contain a MHD_gnutls_x509_crl_t structure
-  *
-  * This function will return the time this CRL was issued.
-  *
-  * Returns (time_t)-1 on error.
-  *
-  **/
-time_t
-MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl)
-{
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return (time_t) - 1;
-    }
-
-  return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.thisUpdate");
-}
-
-/**
-  * MHD_gnutls_x509_crl_get_next_update - This function returns the CRL's nextUpdate time
-  * @crl: should contain a MHD_gnutls_x509_crl_t structure
-  *
-  * This function will return the time the next CRL will be issued.
-  * This field is optional in a CRL so it might be normal to get
-  * an error instead.
-  *
-  * Returns (time_t)-1 on error.
-  *
-  **/
-time_t
-MHD_gnutls_x509_crl_get_next_update (MHD_gnutls_x509_crl_t crl)
-{
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return (time_t) - 1;
-    }
-
-  return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.nextUpdate");
-}
 
 /**
   * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL
@@ -617,95 +434,4 @@ cleanup:
   return result;
 }
 
-/**
-  * MHD_gnutls_x509_crl_export - This function will export the CRL
-  * @crl: Holds the revocation list
-  * @format: the format of output params. One of PEM or DER.
-  * @output_data: will contain a private key PEM or DER encoded
-  * @output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters)
-  *
-  * This function will export the revocation list to DER or PEM format.
-  *
-  * If the buffer provided is not long enough to hold the output, then
-  * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
-  *
-  * If the structure is PEM encoded, it will have a header
-  * of "BEGIN X509 CRL".
-  *
-  * Returns 0 on success, and a negative value on failure.
-  *
-  **/
-int
-MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
-                            MHD_gnutls_x509_crt_fmt_t format,
-                            void *output_data, size_t * output_data_size)
-{
-  if (crl == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL,
-                                      output_data, output_data_size);
-}
-
-/*-
-  * MHD__gnutls_x509_crl_cpy - This function copies a MHD_gnutls_x509_crl_t structure
-  * @dest: The structure where to copy
-  * @src: The structure to be copied
-  *
-  * This function will copy an X.509 certificate structure.
-  *
-  * Returns 0 on success.
-  *
-  -*/
-int
-MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest,
-                          MHD_gnutls_x509_crl_t src)
-{
-  int ret;
-  size_t der_size;
-  opaque *der;
-  MHD_gnutls_datum_t tmp;
-
-  ret =
-    MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size);
-  if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
-    {
-      MHD_gnutls_assert ();
-      return ret;
-    }
-
-  der = MHD_gnutls_alloca (der_size);
-  if (der == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_MEMORY_ERROR;
-    }
-
-  ret = MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, der, &der_size);
-  if (ret < 0)
-    {
-      MHD_gnutls_assert ();
-      MHD_gnutls_afree (der);
-      return ret;
-    }
-
-  tmp.data = der;
-  tmp.size = der_size;
-  ret = MHD_gnutls_x509_crl_import (dest, &tmp, GNUTLS_X509_FMT_DER);
-
-  MHD_gnutls_afree (der);
-
-  if (ret < 0)
-    {
-      MHD_gnutls_assert ();
-      return ret;
-    }
-
-  return 0;
-
-}
-
 #endif
diff --git a/src/daemon/https/x509/crq.c b/src/daemon/https/x509/crq.c
deleted file mode 100644
index 88ac349d..00000000
--- a/src/daemon/https/x509/crq.c
+++ /dev/null
@@ -1,898 +0,0 @@
-/*
- * Copyright (C) 2003, 2004, 2005 Free Software Foundation
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GNUTLS.
- *
- * The GNUTLS library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
- * USA
- *
- */
-
-/* This file contains functions to handle PKCS #10 certificate requests.
- */
-
-#include <gnutls_int.h>
-
-#ifdef ENABLE_PKI
-
-#include <gnutls_datum.h>
-#include <gnutls_global.h>
-#include <gnutls_errors.h>
-#include <common.h>
-#include <gnutls_x509.h>
-#include <x509_b64.h>
-#include <crq.h>
-#include <dn.h>
-#include <mpi.h>
-#include <sign.h>
-#include <extensions.h>
-#include <libtasn1.h>
-
-/**
-  * MHD_gnutls_x509_crq_init - This function initializes a MHD_gnutls_x509_crq_t structure
-  * @crq: The structure to be initialized
-  *
-  * This function will initialize a PKCS10 certificate request structure.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq)
-{
-  *crq = MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crq_int));
-
-  if (*crq)
-    {
-      int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                             "PKIX1.pkcs-10-CertificationRequest",
-                                             &((*crq)->crq));
-      if (result != ASN1_SUCCESS)
-        {
-          MHD_gnutls_assert ();
-          MHD_gnutls_free (*crq);
-          return MHD_gtls_asn2err (result);
-        }
-      return 0;                 /* success */
-    }
-  return GNUTLS_E_MEMORY_ERROR;
-}
-
-/**
-  * MHD_gnutls_x509_crq_deinit - This function deinitializes memory used by a MHD_gnutls_x509_crq_t structure
-  * @crq: The structure to be initialized
-  *
-  * This function will deinitialize a CRL structure.
-  *
-  **/
-void
-MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq)
-{
-  if (!crq)
-    return;
-
-  if (crq->crq)
-    MHD__asn1_delete_structure (&crq->crq);
-
-  MHD_gnutls_free (crq);
-}
-
-#define PEM_CRQ "NEW CERTIFICATE REQUEST"
-#define PEM_CRQ2 "CERTIFICATE REQUEST"
-
-/**
-  * MHD_gnutls_x509_crq_import - This function will import a DER or PEM encoded Certificate request
-  * @crq: The structure to store the parsed certificate request.
-  * @data: The DER or PEM encoded certificate.
-  * @format: One of DER or PEM
-  *
-  * This function will convert the given DER or PEM encoded Certificate
-  * to the native MHD_gnutls_x509_crq_t format. The output will be stored in @cert.
-  *
-  * If the Certificate is PEM encoded it should have a header of "NEW CERTIFICATE REQUEST".
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq,
-                            const MHD_gnutls_datum_t * data,
-                            MHD_gnutls_x509_crt_fmt_t format)
-{
-  int result = 0, need_free = 0;
-  MHD_gnutls_datum_t _data;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  _data.data = data->data;
-  _data.size = data->size;
-
-  /* If the Certificate is in PEM format then decode it
-   */
-  if (format == GNUTLS_X509_FMT_PEM)
-    {
-      opaque *out;
-
-      /* Try the first header */
-      result =
-        MHD__gnutls_fbase64_decode (PEM_CRQ, data->data, data->size, &out);
-
-      if (result <= 0)          /* Go for the second header */
-        result =
-          MHD__gnutls_fbase64_decode (PEM_CRQ2, data->data, data->size, &out);
-
-      if (result <= 0)
-        {
-          if (result == 0)
-            result = GNUTLS_E_INTERNAL_ERROR;
-          MHD_gnutls_assert ();
-          return result;
-        }
-
-      _data.data = out;
-      _data.size = result;
-
-      need_free = 1;
-    }
-
-  result = MHD__asn1_der_decoding (&crq->crq, _data.data, _data.size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      result = MHD_gtls_asn2err (result);
-      MHD_gnutls_assert ();
-      goto cleanup;
-    }
-
-  result = 0;
-
-cleanup:
-  if (need_free)
-    MHD__gnutls_free_datum (&_data);
-  return result;
-}
-
-
-
-/**
-  * MHD_gnutls_x509_crq_get_dn - This function returns the Certificate request subject's distinguished name
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @buf: a pointer to a structure to hold the name (may be null)
-  * @sizeof_buf: initially holds the size of @buf
-  *
-  * This function will copy the name of the Certificate request
-  * subject in the provided buffer. The name will be in the form
-  * "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output string
-  * will be ASCII or UTF-8 encoded, depending on the certificate data.
-  *
-  * If @buf is null then only the size will be filled.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
-  * long enough, and in that case the *sizeof_buf will be updated with
-  * the required size.  On success 0 is returned.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf,
-                            size_t * sizeof_buf)
-{
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_parse_dn (crq->crq,
-                                    "certificationRequestInfo.subject.rdnSequence",
-                                    buf, sizeof_buf);
-}
-
-/**
-  * MHD_gnutls_x509_crq_get_dn_by_oid - This function returns the Certificate request subject's distinguished name
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @oid: holds an Object Identified in null terminated string
-  * @indx: In case multiple same OIDs exist in the RDN, this specifies
-  *   which to send. Use zero to get the first one.
-  * @raw_flag: If non zero returns the raw DER data of the DN part.
-  * @buf: a pointer to a structure to hold the name (may be null)
-  * @sizeof_buf: initially holds the size of @buf
-  *
-  * This function will extract the part of the name of the Certificate
-  * request subject, specified by the given OID. The output will be
-  * encoded as described in RFC2253. The output string will be ASCII
-  * or UTF-8 encoded, depending on the certificate data.
-  *
-  * Some helper macros with popular OIDs can be found in gnutls/x509.h
-  * If raw flag is zero, this function will only return known OIDs as
-  * text. Other OIDs will be DER encoded, as described in RFC2253 --
-  * in hex format with a '\#' prefix.  You can check about known OIDs
-  * using MHD_gnutls_x509_dn_oid_known().
-  *
-  * If @buf is null then only the size will be filled.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
-  * long enough, and in that case the *sizeof_buf will be updated with
-  * the required size.  On success 0 is returned.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
-                                   int indx, unsigned int raw_flag,
-                                   void *buf, size_t * sizeof_buf)
-{
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_parse_dn_oid (crq->crq,
-                                        "certificationRequestInfo.subject.rdnSequence",
-                                        oid, indx, raw_flag, buf, sizeof_buf);
-}
-
-/**
-  * MHD_gnutls_x509_crq_get_dn_oid - This function returns the Certificate request subject's distinguished name OIDs
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @indx: Specifies which DN OID to send. Use zero to get the first one.
-  * @oid: a pointer to a structure to hold the name (may be null)
-  * @sizeof_oid: initially holds the size of @oid
-  *
-  * This function will extract the requested OID of the name of the
-  * Certificate request subject, specified by the given index.
-  *
-  * If oid is null then only the size will be filled.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
-  * long enough, and in that case the *sizeof_oid will be updated with
-  * the required size.  On success 0 is returned.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq,
-                                int indx, void *oid, size_t * sizeof_oid)
-{
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_get_dn_oid (crq->crq,
-                                      "certificationRequestInfo.subject.rdnSequence",
-                                      indx, oid, sizeof_oid);
-}
-
-/* Parses an Attribute list in the MHD__asn1_struct, and searches for the
- * given OID. The index indicates the attribute value to be returned.
- *
- * If raw==0 only printable data are returned, or GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE.
- *
- * MHD__asn1_attr_name must be a string in the form "certificationRequestInfo.attributes"
- *
- */
-static int
-parse_attribute (ASN1_TYPE MHD__asn1_struct,
-                 const char *attr_name, const char *given_oid, int indx,
-                 int raw, char *buf, size_t * sizeof_buf)
-{
-  int k1, result;
-  char tmpbuffer1[MAX_NAME_SIZE];
-  char tmpbuffer3[MAX_NAME_SIZE];
-  char value[200];
-  char oid[128];
-  int len, printable;
-
-  if (*sizeof_buf == 0)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  buf[0] = 0;
-
-  k1 = 0;
-  do
-    {
-
-      k1++;
-      /* create a string like "attribute.?1"
-       */
-      if (attr_name[0] != 0)
-        snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", attr_name, k1);
-      else
-        snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
-
-      len = sizeof (value) - 1;
-      result =
-        MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
-
-      if (result == ASN1_ELEMENT_NOT_FOUND)
-        {
-          MHD_gnutls_assert ();
-          break;
-        }
-
-      if (result != ASN1_VALUE_NOT_FOUND)
-        {
-          MHD_gnutls_assert ();
-          result = MHD_gtls_asn2err (result);
-          goto cleanup;
-        }
-
-      /* Move to the attibute type and values
-       */
-      /* Read the OID
-       */
-      MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer1);
-      MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
-
-      len = sizeof (oid) - 1;
-      result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
-
-      if (result == ASN1_ELEMENT_NOT_FOUND)
-        break;
-      else if (result != ASN1_SUCCESS)
-        {
-          MHD_gnutls_assert ();
-          result = MHD_gtls_asn2err (result);
-          goto cleanup;
-        }
-
-      if (strcmp (oid, given_oid) == 0)
-        {                       /* Found the OID */
-
-          /* Read the Value
-           */
-          snprintf (tmpbuffer3, sizeof (tmpbuffer3), "%s.values.?%u",
-                    tmpbuffer1, indx + 1);
-
-          len = sizeof (value) - 1;
-          result =
-            MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value, &len);
-
-          if (result != ASN1_SUCCESS)
-            {
-              MHD_gnutls_assert ();
-              result = MHD_gtls_asn2err (result);
-              goto cleanup;
-            }
-
-          if (raw == 0)
-            {
-              printable = MHD__gnutls_x509_oid_data_printable (oid);
-              if (printable == 1)
-                {
-                  if ((result =
-                       MHD__gnutls_x509_oid_data2string
-                       (oid, value, len, buf, sizeof_buf)) < 0)
-                    {
-                      MHD_gnutls_assert ();
-                      goto cleanup;
-                    }
-                  return 0;
-                }
-              else
-                {
-                  MHD_gnutls_assert ();
-                  return GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE;
-                }
-            }
-          else
-            {                   /* raw!=0 */
-              if (*sizeof_buf > (size_t) len)
-                {
-                  *sizeof_buf = len;
-                  memcpy (buf, value, len);
-
-                  return 0;
-                }
-              else
-                {
-                  *sizeof_buf = len;
-                  MHD_gnutls_assert ();
-                  return GNUTLS_E_SHORT_MEMORY_BUFFER;
-                }
-            }
-        }
-
-    }
-  while (1);
-
-  MHD_gnutls_assert ();
-
-  result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
-
-cleanup:
-  return result;
-}
-
-/**
-  * MHD_gnutls_x509_crq_get_challenge_password - This function will get the challenge password
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @pass: will hold a null terminated password
-  * @sizeof_pass: Initially holds the size of @pass.
-  *
-  * This function will return the challenge password in the
-  * request.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq,
-                                            char *pass, size_t * sizeof_pass)
-{
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return parse_attribute (crq->crq, "certificationRequestInfo.attributes",
-                          "1.2.840.113549.1.9.7", 0, 0, pass, sizeof_pass);
-}
-
-/**
-  * MHD_gnutls_x509_crq_set_attribute_by_oid - This function will set an attribute in the request
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @oid: holds an Object Identified in null terminated string
-  * @buf: a pointer to a structure that holds the attribute data
-  * @sizeof_buf: holds the size of @buf
-  *
-  * This function will set the attribute in the certificate request specified
-  * by the given Object ID. The attribute must be be DER encoded.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
-                                          const char *oid, void *buf,
-                                          size_t sizeof_buf)
-{
-  int result;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  /* Add the attribute.
-   */
-  result =
-    MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes",
-                           "NEW", 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  result =
-    MHD__gnutls_x509_encode_and_write_attribute (oid,
-                                                 crq->crq,
-                                                 "certificationRequestInfo.attributes.?LAST",
-                                                 buf, sizeof_buf, 1);
-
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  return 0;
-}
-
-/**
-  * MHD_gnutls_x509_crq_get_attribute_by_oid - This function will get an attribute of the request
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @oid: holds an Object Identified in null terminated string
-  * @indx: In case multiple same OIDs exist in the attribute list, this specifies
-  *   which to send. Use zero to get the first one.
-  * @buf: a pointer to a structure to hold the attribute data (may be null)
-  * @sizeof_buf: initially holds the size of @buf
-  *
-  * This function will return the attribute in the certificate request specified
-  * by the given Object ID. The attribute will be DER encoded.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
-                                          const char *oid, int indx,
-                                          void *buf, size_t * sizeof_buf)
-{
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return parse_attribute (crq->crq, "certificationRequestInfo.attributes",
-                          oid, indx, 1, buf, sizeof_buf);
-}
-
-/**
-  * MHD_gnutls_x509_crq_set_dn_by_oid - This function will set the Certificate request subject's distinguished name
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @oid: holds an Object Identifier in a null terminated string
-  * @raw_flag: must be 0, or 1 if the data are DER encoded
-  * @data: a pointer to the input data
-  * @sizeof_data: holds the size of @data
-  *
-  * This function will set the part of the name of the Certificate request subject, specified
-  * by the given OID. The input string should be ASCII or UTF-8 encoded.
-  *
-  * Some helper macros with popular OIDs can be found in gnutls/x509.h
-  * With this function you can only set the known OIDs. You can test
-  * for known OIDs using MHD_gnutls_x509_dn_oid_known(). For OIDs that are
-  * not known (by gnutls) you should properly DER encode your data, and
-  * call this function with raw_flag set.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
-                                   unsigned int raw_flag, const void *data,
-                                   unsigned int sizeof_data)
-{
-  if (sizeof_data == 0 || data == NULL || crq == NULL)
-    {
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_set_dn_oid (crq->crq,
-                                      "certificationRequestInfo.subject", oid,
-                                      raw_flag, data, sizeof_data);
-}
-
-/**
-  * MHD_gnutls_x509_crq_set_version - This function will set the Certificate request version
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @version: holds the version number. For v1 Requests must be 1.
-  *
-  * This function will set the version of the certificate request. For
-  * version 1 requests this must be one.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq,
-                                 unsigned int version)
-{
-  int result;
-  unsigned char null = version;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  if (null > 0)
-    null--;
-
-  result =
-    MHD__asn1_write_value (crq->crq, "certificationRequestInfo.version",
-                           &null, 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  return 0;
-}
-
-/**
-  * MHD_gnutls_x509_crq_get_version - This function returns the Certificate request's version number
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  *
-  * This function will return the version of the specified Certificate request.
-  *
-  * Returns a negative value on error.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_version (MHD_gnutls_x509_crq_t crq)
-{
-  opaque version[5];
-  int len, result;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  len = sizeof (version);
-  if ((result =
-       MHD__asn1_read_value (crq->crq, "certificationRequestInfo.version",
-                             version, &len)) != ASN1_SUCCESS)
-    {
-
-      if (result == ASN1_ELEMENT_NOT_FOUND)
-        return 1;               /* the DEFAULT version */
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  return (int) version[0] + 1;
-}
-
-/**
-  * MHD_gnutls_x509_crq_set_key - This function will associate the Certificate request with a key
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @key: holds a private key
-  *
-  * This function will set the public parameters from the given private key to the
-  * request. Only RSA keys are currently supported.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq,
-                             MHD_gnutls_x509_privkey_t key)
-{
-  int result;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  result = MHD__gnutls_x509_encode_and_copy_PKI_params (crq->crq,
-                                                        "certificationRequestInfo.subjectPKInfo",
-                                                        key->pk_algorithm,
-                                                        key->params,
-                                                        key->params_size);
-
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  return 0;
-}
-
-/**
-  * MHD_gnutls_x509_crq_set_challenge_password - This function will set a challenge password
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @pass: holds a null terminated password
-  *
-  * This function will set a challenge password to be used when revoking the request.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
-                                            const char *pass)
-{
-  int result;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  /* Add the attribute.
-   */
-  result =
-    MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes",
-                           "NEW", 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  result =
-    MHD__gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7",
-                                                 crq->crq,
-                                                 "certificationRequestInfo.attributes.?LAST",
-                                                 pass, strlen (pass), 1);
-
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  return 0;
-}
-
-/**
-  * MHD_gnutls_x509_crq_sign2 - This function will sign a Certificate request with a key
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @key: holds a private key
-  * @dig: The message digest to use. GNUTLS_DIG_SHA1 is the safe choice unless you know what you're doing.
-  * @flags: must be 0
-  *
-  * This function will sign the certificate request with a private key.
-  * This must be the same key as the one used in MHD_gnutls_x509_crt_set_key() since a
-  * certificate request is self signed.
-  *
-  * This must be the last step in a certificate request generation since all
-  * the previously set parameters are now signed.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq,
-                           MHD_gnutls_x509_privkey_t key,
-                           enum MHD_GNUTLS_HashAlgorithm dig,
-                           unsigned int flags)
-{
-  int result;
-  MHD_gnutls_datum_t signature;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  /* Step 1. Self sign the request.
-   */
-  result =
-    MHD__gnutls_x509_sign_tbs (crq->crq, "certificationRequestInfo",
-                               dig, key, &signature);
-
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  /* Step 2. write the signature (bits)
-   */
-  result =
-    MHD__asn1_write_value (crq->crq, "signature", signature.data,
-                           signature.size * 8);
-
-  MHD__gnutls_free_datum (&signature);
-
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  /* Step 3. Write the signatureAlgorithm field.
-   */
-  result = MHD__gnutls_x509_write_sig_params (crq->crq, "signatureAlgorithm",
-                                              key->pk_algorithm, dig,
-                                              key->params, key->params_size);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  return 0;
-}
-
-/**
-  * MHD_gnutls_x509_crq_sign - This function will sign a Certificate request with a key
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @key: holds a private key
-  *
-  * This function is the same a MHD_gnutls_x509_crq_sign2() with no flags, and
-  * SHA1 as the hash algorithm.
-  *
-  * Returns 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq,
-                          MHD_gnutls_x509_privkey_t key)
-{
-  return MHD_gnutls_x509_crq_sign2 (crq, key, MHD_GNUTLS_MAC_SHA1, 0);
-}
-
-/**
-  * MHD_gnutls_x509_crq_export - Export the generated certificate request
-  * @crq: Holds the request
-  * @format: the format of output params. One of PEM or DER.
-  * @output_data: will contain a certificate request PEM or DER encoded
-  * @output_data_size: holds the size of output_data (and will be
-  *   replaced by the actual size of parameters)
-  *
-  * This function will export the certificate request to a PKCS10
-  *
-  * If the buffer provided is not long enough to hold the output, then
-  * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned and
-  * *output_data_size will be updated.
-  *
-  * If the structure is PEM encoded, it will have a header of "BEGIN
-  * NEW CERTIFICATE REQUEST".
-  *
-  * Return value: In case of failure a negative value will be
-  *   returned, and 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq,
-                            MHD_gnutls_x509_crt_fmt_t format,
-                            void *output_data, size_t * output_data_size)
-{
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return MHD__gnutls_x509_export_int (crq->crq, format, PEM_CRQ,
-                                      output_data, output_data_size);
-}
-
-/**
-  * MHD_gnutls_x509_crq_get_pk_algorithm - This function returns the certificate request's PublicKey algorithm
-  * @crq: should contain a MHD_gnutls_x509_crq_t structure
-  * @bits: if bits is non null it will hold the size of the parameters' in bits
-  *
-  * This function will return the public key algorithm of a PKCS \#10
-  * certificate request.
-  *
-  * If bits is non null, it should have enough size to hold the parameters
-  * size in bits. For RSA the bits returned is the modulus.
-  * For DSA the bits returned are of the public
-  * exponent.
-  *
-  * Returns a member of the enum MHD_GNUTLS_PublicKeyAlgorithm enumeration on success,
-  * or a negative value on error.
-  *
-  **/
-int
-MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq,
-                                      unsigned int *bits)
-{
-  int result;
-
-  if (crq == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  result =
-    MHD__gnutls_x509_get_pk_algorithm (crq->crq,
-                                       "certificationRequestInfo.subjectPKInfo",
-                                       bits);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-    }
-
-  return result;
-}
-
-#endif /* ENABLE_PKI */
diff --git a/src/daemon/https/x509/crq.h b/src/daemon/https/x509/crq.h
deleted file mode 100644
index 661701bd..00000000
--- a/src/daemon/https/x509/crq.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright (C) 2003, 2004, 2005 Free Software Foundation
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GNUTLS.
- *
- * The GNUTLS library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
- * USA
- *
- */
-
-#include <x509.h>
-
-typedef struct MHD_gnutls_x509_crq_int
-{
-  ASN1_TYPE crq;
-} MHD_gnutls_x509_crq_int;
diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c
index 17b4ed76..fb4fa57e 100644
--- a/src/daemon/https/x509/dn.c
+++ b/src/daemon/https/x509/dn.c
@@ -518,618 +518,6 @@ cleanup:
   return result;
 }
 
-
-/* Parses an X509 DN in the MHD__asn1_struct, and returns the requested
- * DN OID.
- *
- * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
- * That is to point in the rndSequence.
- *
- * indx specifies which OID to return. Ie 0 means return the first specified
- * OID found, 1 the second etc.
- */
-int
-MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
-                             const char *MHD__asn1_rdn_name,
-                             int indx, void *_oid, size_t * sizeof_oid)
-{
-  int k2, k1, result;
-  char tmpbuffer1[MAX_NAME_SIZE];
-  char tmpbuffer2[MAX_NAME_SIZE];
-  char tmpbuffer3[MAX_NAME_SIZE];
-  char value[256];
-  char oid[128];
-  int len;
-  int i = 0;
-
-  k1 = 0;
-  do
-    {
-
-      k1++;
-      /* create a string like "tbsCertList.issuer.rdnSequence.?1"
-       */
-      if (MHD__asn1_rdn_name[0] != 0)
-        snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u",
-                  MHD__asn1_rdn_name, k1);
-      else
-        snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
-
-      len = sizeof (value) - 1;
-      result =
-        MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
-
-      if (result == ASN1_ELEMENT_NOT_FOUND)
-        {
-          MHD_gnutls_assert ();
-          break;
-        }
-
-      if (result != ASN1_VALUE_NOT_FOUND)
-        {
-          MHD_gnutls_assert ();
-          result = MHD_gtls_asn2err (result);
-          goto cleanup;
-        }
-
-      k2 = 0;
-
-      do
-        {                       /* Move to the attibute type and values
-                                 */
-          k2++;
-
-          if (tmpbuffer1[0] != 0)
-            snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1,
-                      k2);
-          else
-            snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2);
-
-          /* Try to read the RelativeDistinguishedName attributes.
-           */
-
-          len = sizeof (value) - 1;
-          result =
-            MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len);
-
-          if (result == ASN1_ELEMENT_NOT_FOUND)
-            {
-              break;
-            }
-          if (result != ASN1_VALUE_NOT_FOUND)
-            {
-              MHD_gnutls_assert ();
-              result = MHD_gtls_asn2err (result);
-              goto cleanup;
-            }
-
-          /* Read the OID
-           */
-          MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer2);
-          MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
-
-          len = sizeof (oid) - 1;
-          result =
-            MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
-
-          if (result == ASN1_ELEMENT_NOT_FOUND)
-            break;
-          else if (result != ASN1_SUCCESS)
-            {
-              MHD_gnutls_assert ();
-              result = MHD_gtls_asn2err (result);
-              goto cleanup;
-            }
-
-          if (indx == i++)
-            {                   /* Found the OID */
-
-              len = strlen (oid) + 1;
-
-              if (*sizeof_oid < (unsigned) len)
-                {
-                  *sizeof_oid = len;
-                  MHD_gnutls_assert ();
-                  return GNUTLS_E_SHORT_MEMORY_BUFFER;
-                }
-
-              memcpy (_oid, oid, len);
-              *sizeof_oid = len - 1;
-
-              return 0;
-            }
-        }
-      while (1);
-
-    }
-  while (1);
-
-  MHD_gnutls_assert ();
-
-  result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
-
-cleanup:
-  return result;
-}
-
-/* This will encode and write the AttributeTypeAndValue field.
- * 'multi' must be zero if writing an AttributeTypeAndValue, and 1 if Attribute.
- * In all cases only one value is written.
- */
-int
-MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
-                                             ASN1_TYPE MHD__asn1_struct,
-                                             const char *where,
-                                             const void *_data,
-                                             int sizeof_data, int multi)
-{
-  const char *val_name;
-  const opaque *data = _data;
-  char tmp[128];
-  ASN1_TYPE c2;
-  int result;
-
-
-  /* Find how to encode the data.
-   */
-  val_name =
-    MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid);
-  if (val_name == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_X509_UNSUPPORTED_OID;
-    }
-
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), "PKIX1.");
-  MHD_gtls_str_cat (tmp, sizeof (tmp), val_name);
-
-  result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), tmp, &c2);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  tmp[0] = 0;
-
-  if ((result = MHD__gnutls_x509_oid_data_choice (given_oid)) > 0)
-    {
-      char *string_type;
-      int i;
-
-      string_type = "printableString";
-
-      /* Check if the data is plain ascii, and use
-       * the UTF8 string type if not.
-       */
-      for (i = 0; i < sizeof_data; i++)
-        {
-          if (!isascii (data[i]))
-            {
-              string_type = "utf8String";
-              break;
-            }
-        }
-
-      /* if the type is a CHOICE then write the
-       * type we'll use.
-       */
-      result = MHD__asn1_write_value (c2, "", string_type, 1);
-      if (result != ASN1_SUCCESS)
-        {
-          MHD_gnutls_assert ();
-          MHD__asn1_delete_structure (&c2);
-          return MHD_gtls_asn2err (result);
-        }
-
-      MHD_gtls_str_cpy (tmp, sizeof (tmp), string_type);
-    }
-
-  result = MHD__asn1_write_value (c2, tmp, data, sizeof_data);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&c2);
-      return MHD_gtls_asn2err (result);
-    }
-
-
-  /* write the data (value)
-   */
-
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".value");
-
-  if (multi != 0)
-    {                           /* if not writing an AttributeTypeAndValue, but an Attribute */
-      MHD_gtls_str_cat (tmp, sizeof (tmp), "s");        /* values */
-
-      result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1);
-      if (result != ASN1_SUCCESS)
-        {
-          MHD_gnutls_assert ();
-          return MHD_gtls_asn2err (result);
-        }
-
-      MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST");
-
-    }
-
-  result =
-    MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  /* write the type
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".type");
-
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  return 0;
-}
-
-/* This will write the AttributeTypeAndValue field. The data must be already DER encoded.
- * In all cases only one value is written.
- */
-static int
-MHD__gnutls_x509_write_attribute (const char *given_oid,
-                                  ASN1_TYPE MHD__asn1_struct,
-                                  const char *where, const void *_data,
-                                  int sizeof_data)
-{
-  char tmp[128];
-  int result;
-
-  /* write the data (value)
-   */
-
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".value");
-
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, _data, sizeof_data);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  /* write the type
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".type");
-
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  return 0;
-}
-
-
-/* Decodes an X.509 Attribute (if multi==1) or an AttributeTypeAndValue
- * otherwise.
- *
- * octet_string should be non zero if we are to decode octet strings after
- * decoding.
- *
- * The output is allocated and stored in value.
- */
-int
-MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
-                                            const char *where, char *oid,
-                                            int oid_size,
-                                            MHD_gnutls_datum_t * value,
-                                            int multi, int octet_string)
-{
-  char tmpbuffer[128];
-  int len, result;
-
-  /* Read the OID
-   */
-  MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where);
-  MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".type");
-
-  len = oid_size - 1;
-  result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer, oid, &len);
-
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      result = MHD_gtls_asn2err (result);
-      return result;
-    }
-
-  /* Read the Value
-   */
-
-  MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where);
-  MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".value");
-
-  if (multi)
-    MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1");   /* .values.?1 */
-
-  result =
-    MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value,
-                                 octet_string);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  return 0;
-
-}
-
-/* Sets an X509 DN in the MHD__asn1_struct, and puts the given OID in the DN.
- * The input is assumed to be raw data.
- *
- * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer".
- * That is to point before the rndSequence.
- *
- */
-int
-MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
-                             const char *MHD__asn1_name,
-                             const char *given_oid, int raw_flag,
-                             const char *name, int sizeof_name)
-{
-  int result;
-  char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE];
-
-  if (sizeof_name == 0 || name == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  /* create the rdnSequence
-   */
-  result =
-    MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence",
-                           1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
-                    MHD__asn1_name);
-  MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
-                    ".rdnSequence");
-
-  /* create a new element
-   */
-  result =
-    MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST");
-
-  /* create the set with only one element
-   */
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-
-  /* Encode and write the data
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST.?LAST");
-
-  if (!raw_flag)
-    {
-      result =
-        MHD__gnutls_x509_encode_and_write_attribute (given_oid,
-                                                     MHD__asn1_struct,
-                                                     tmp, name, sizeof_name,
-                                                     0);
-    }
-  else
-    {
-      result =
-        MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct,
-                                          tmp, name, sizeof_name);
-    }
-
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-
-  return 0;
-}
-
-
-/**
-  * MHD_gnutls_x509_rdn_get - This function parses an RDN sequence and returns a string
-  * @idn: should contain a DER encoded RDN sequence
-  * @buf: a pointer to a structure to hold the peer's name
-  * @sizeof_buf: holds the size of @buf
-  *
-  * This function will return the name of the given RDN sequence.  The
-  * name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in
-  * RFC2253.
-  *
-  * If the provided buffer is not long enough, returns
-  * GNUTLS_E_SHORT_MEMORY_BUFFER and *sizeof_buf will be updated.  On
-  * success 0 is returned.
-  *
-  **/
-int
-MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
-                         char *buf, size_t * sizeof_buf)
-{
-  int result;
-  ASN1_TYPE dn = ASN1_TYPE_EMPTY;
-
-  if (sizeof_buf == 0)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  if (buf)
-    buf[0] = 0;
-
-
-  if ((result =
-       MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      /* couldn't decode DER */
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&dn);
-      return MHD_gtls_asn2err (result);
-    }
-
-  result = MHD__gnutls_x509_parse_dn (dn, "rdnSequence", buf, sizeof_buf);
-
-  MHD__asn1_delete_structure (&dn);
-  return result;
-
-}
-
-/**
-  * MHD_gnutls_x509_rdn_get_by_oid - This function parses an RDN sequence and returns a string
-  * @idn: should contain a DER encoded RDN sequence
-  * @oid: an Object Identifier
-  * @indx: In case multiple same OIDs exist in the RDN indicates which
-  *   to send. Use 0 for the first one.
-  * @raw_flag: If non zero then the raw DER data are returned.
-  * @buf: a pointer to a structure to hold the peer's name
-  * @sizeof_buf: holds the size of @buf
-  *
-  * This function will return the name of the given Object identifier,
-  * of the RDN sequence.  The name will be encoded using the rules
-  * from RFC2253.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if
-  * the provided buffer is not long enough, and 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn,
-                                const char *oid, int indx,
-                                unsigned int raw_flag, void *buf,
-                                size_t * sizeof_buf)
-{
-  int result;
-  ASN1_TYPE dn = ASN1_TYPE_EMPTY;
-
-  if (sizeof_buf == 0)
-    {
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  if ((result =
-       MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      /* couldn't decode DER */
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&dn);
-      return MHD_gtls_asn2err (result);
-    }
-
-  result =
-    MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx,
-                                   raw_flag, buf, sizeof_buf);
-
-  MHD__asn1_delete_structure (&dn);
-  return result;
-
-}
-
-/**
-  * MHD_gnutls_x509_rdn_get_oid - This function parses an RDN sequence and returns an OID.
-  * @idn: should contain a DER encoded RDN sequence
-  * @indx: Indicates which OID to return. Use 0 for the first one.
-  * @oid: a pointer to a structure to hold the peer's name OID
-  * @sizeof_oid: holds the size of @oid
-  *
-  * This function will return the specified Object identifier, of the
-  * RDN sequence.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if
-  * the provided buffer is not long enough, and 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
-                             int indx, void *buf, size_t * sizeof_buf)
-{
-  int result;
-  ASN1_TYPE dn = ASN1_TYPE_EMPTY;
-
-  if (sizeof_buf == 0)
-    {
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  if ((result =
-       MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-
-  result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      /* couldn't decode DER */
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&dn);
-      return MHD_gtls_asn2err (result);
-    }
-
-  result =
-    MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf);
-
-  MHD__asn1_delete_structure (&dn);
-  return result;
-
-}
-
 /*
  * Compares the DER encoded part of a DN.
  *
diff --git a/src/daemon/https/x509/dn.h b/src/daemon/https/x509/dn.h
index a0c6ac45..cc226871 100644
--- a/src/daemon/https/x509/dn.h
+++ b/src/daemon/https/x509/dn.h
@@ -47,14 +47,6 @@ int MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
                                    unsigned int raw_flag, void *buf,
                                    size_t * sizeof_buf);
 
-int MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
-                                 const char *MHD__asn1_rdn_name,
-                                 const char *oid, int raw_flag,
-                                 const char *name, int sizeof_name);
-
-int MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
-                                 const char *MHD__asn1_rdn_name,
-                                 int indx, void *_oid, size_t * sizeof_oid);
 
 
 #endif
diff --git a/src/daemon/https/x509/dsa.c b/src/daemon/https/x509/dsa.c
deleted file mode 100644
index d344c38f..00000000
--- a/src/daemon/https/x509/dsa.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/*
- * Copyright (C) 2003, 2004, 2005 Free Software Foundation
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GNUTLS.
- *
- * The GNUTLS library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
- * USA
- *
- */
-
-/* This file contains code for DSA keys.
- */
-
-#include <gnutls_int.h>
-#include <gnutls_errors.h>
-#include <gnutls_datum.h>
-#include <debug.h>
-
-/* resarr will contain: p(0), q(1), g(2), y(3), x(4).
- */
-int
-MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, int bits)
-{
-
-  int ret;
-  gcry_sexp_t parms, key, list;
-
-  /* FIXME: Remove me once we depend on 1.3.1 */
-  if (bits > 1024 && gcry_check_version ("1.3.1") == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  if (bits < 512)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  ret = gcry_sexp_build (&parms, NULL, "(genkey(dsa(nbits %d)))", bits);
-  if (ret != 0)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  /* generate the DSA key
-   */
-  ret = gcry_pk_genkey (&key, parms);
-  gcry_sexp_release (parms);
-
-  if (ret != 0)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  list = gcry_sexp_find_token (key, "p", 0);
-  if (list == NULL)
-    {
-      MHD_gnutls_assert ();
-      gcry_sexp_release (key);
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  resarr[0] = gcry_sexp_nth_mpi (list, 1, 0);
-  gcry_sexp_release (list);
-
-  list = gcry_sexp_find_token (key, "q", 0);
-  if (list == NULL)
-    {
-      MHD_gnutls_assert ();
-      gcry_sexp_release (key);
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  resarr[1] = gcry_sexp_nth_mpi (list, 1, 0);
-  gcry_sexp_release (list);
-
-  list = gcry_sexp_find_token (key, "g", 0);
-  if (list == NULL)
-    {
-      MHD_gnutls_assert ();
-      gcry_sexp_release (key);
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  resarr[2] = gcry_sexp_nth_mpi (list, 1, 0);
-  gcry_sexp_release (list);
-
-  list = gcry_sexp_find_token (key, "y", 0);
-  if (list == NULL)
-    {
-      MHD_gnutls_assert ();
-      gcry_sexp_release (key);
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  resarr[3] = gcry_sexp_nth_mpi (list, 1, 0);
-  gcry_sexp_release (list);
-
-
-  list = gcry_sexp_find_token (key, "x", 0);
-  if (list == NULL)
-    {
-      MHD_gnutls_assert ();
-      gcry_sexp_release (key);
-      return GNUTLS_E_INTERNAL_ERROR;
-    }
-
-  resarr[4] = gcry_sexp_nth_mpi (list, 1, 0);
-  gcry_sexp_release (list);
-
-
-  gcry_sexp_release (key);
-
-  MHD__gnutls_dump_mpi ("p: ", resarr[0]);
-  MHD__gnutls_dump_mpi ("q: ", resarr[1]);
-  MHD__gnutls_dump_mpi ("g: ", resarr[2]);
-  MHD__gnutls_dump_mpi ("y: ", resarr[3]);
-  MHD__gnutls_dump_mpi ("x: ", resarr[4]);
-
-  *resarr_len = 5;
-
-  return 0;
-
-}
diff --git a/src/daemon/https/x509/dsa.h b/src/daemon/https/x509/dsa.h
deleted file mode 100644
index bda01f83..00000000
--- a/src/daemon/https/x509/dsa.h
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (C) 2003, 2004, 2005 Free Software Foundation
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GNUTLS.
- *
- * The GNUTLS library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
- * USA
- *
- */
-
-int MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len,
-                                     int bits);
diff --git a/src/daemon/https/x509/x509.h b/src/daemon/https/x509/x509.h
index 26892fc8..624c7cb6 100644
--- a/src/daemon/https/x509/x509.h
+++ b/src/daemon/https/x509/x509.h
@@ -225,19 +225,6 @@ extern "C"
   int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert,
                                       MHD_gnutls_datum_t * start);
 
-/* RDN handling.
- */
-  int MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
-                               char *buf, size_t * sizeof_buf);
-  int MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
-                                   int indx, void *buf, size_t * sizeof_buf);
-
-  int MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn,
-                                      const char *oid,
-                                      int indx,
-                                      unsigned int raw_flag,
-                                      void *buf, size_t * sizeof_buf);
-
   typedef void *MHD_gnutls_x509_dn_t;
 
   typedef struct MHD_gnutls_x509_ava_st
@@ -254,31 +241,9 @@ extern "C"
   int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl);
   void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl);
 
-  int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl,
-                                  const MHD_gnutls_datum_t * data,
-                                  MHD_gnutls_x509_crt_fmt_t format);
-  int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
-                                  MHD_gnutls_x509_crt_fmt_t format,
-                                  void *output_data,
-                                  size_t * output_data_size);
-
-  int MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
-                                                const char *oid,
-                                                int indx,
-                                                unsigned int raw_flag,
-                                                void *buf,
-                                                size_t * sizeof_buf);
-  int MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, int indx,
-                                      void *oid, size_t * sizeof_oid);
-
   int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl);
   int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl,
                                          char *sig, size_t * sizeof_sig);
-  int MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl);
-
-  time_t MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl);
-  time_t MHD_gnutls_x509_crl_get_next_update (MHD_gnutls_x509_crl_t crl);
-
   int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl);
   int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl,
                                           int indx,
@@ -494,66 +459,6 @@ extern "C"
                                            const MHD_gnutls_datum_t *
                                            signature);
 
-/* Certificate request stuff.
- */
-  struct MHD_gnutls_x509_crq_int;
-  typedef struct MHD_gnutls_x509_crq_int *MHD_gnutls_x509_crq_t;
-
-  int MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq);
-  void MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq);
-  int MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq,
-                                  const MHD_gnutls_datum_t * data,
-                                  MHD_gnutls_x509_crt_fmt_t format);
-  int MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq,
-                                            unsigned int *bits);
-  int MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq,
-                                  char *buf, size_t * sizeof_buf);
-  int MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq,
-                                      int indx, void *oid,
-                                      size_t * sizeof_oid);
-  int MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq,
-                                         const char *oid, int indx,
-                                         unsigned int raw_flag, void *buf,
-                                         size_t * sizeof_buf);
-  int MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq,
-                                         const char *oid,
-                                         unsigned int raw_flag,
-                                         const void *name,
-                                         unsigned int sizeof_name);
-  int MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq,
-                                       unsigned int version);
-  int MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq,
-                                   MHD_gnutls_x509_privkey_t key);
-  int MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq,
-                                 MHD_gnutls_x509_privkey_t key,
-                                 enum MHD_GNUTLS_HashAlgorithm,
-                                 unsigned int flags);
-  int MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq,
-                                MHD_gnutls_x509_privkey_t key);
-
-  int MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
-                                                  const char *pass);
-  int MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq,
-                                                  char *pass,
-                                                  size_t * sizeof_pass);
-
-  int MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
-                                                const char *oid,
-                                                void *buf, size_t sizeof_buf);
-  int MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
-                                                const char *oid,
-                                                int indx,
-                                                void *buf,
-                                                size_t * sizeof_buf);
-
-  int MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq,
-                                  MHD_gnutls_x509_crt_fmt_t format,
-                                  void *output_data,
-                                  size_t * output_data_size);
-
-  int MHD_gnutls_x509_crt_set_crq (MHD_gnutls_x509_crt_t crt,
-                                   MHD_gnutls_x509_crq_t crq);
-
 #ifdef __cplusplus
 }
 #endif
@@ -625,11 +530,6 @@ typedef struct MHD_gtls_x509_privkey_int
   ASN1_TYPE key;
 } MHD_gnutls_x509_privkey_int;
 
-int MHD_gnutls_x509_crt_get_issuer_dn_by_oid (MHD_gnutls_x509_crt_t cert,
-                                              const char *oid,
-                                              int indx,
-                                              unsigned int raw_flag,
-                                              void *buf, size_t * sizeof_buf);
 int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
                                               unsigned int seq,
                                               void *ret,
@@ -655,8 +555,6 @@ int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
                                           const MHD_gnutls_x509_crl_t *
                                           crl_list, int crl_list_length);
 
-int MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest,
-                              MHD_gnutls_x509_crl_t src);
 int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl,
                                             MHD_gnutls_datum_t * dn);
 int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl);
@@ -670,9 +568,6 @@ int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl);
 int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl,
                                 const MHD_gnutls_datum_t * data,
                                 MHD_gnutls_x509_crt_fmt_t format);
-int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
-                                MHD_gnutls_x509_crt_fmt_t format,
-                                void *output_data, size_t * output_data_size);
 
 int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert);
 void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert);
diff --git a/src/daemon/internal.c b/src/daemon/internal.c
index 83b6590d..abf718de 100644
--- a/src/daemon/internal.c
+++ b/src/daemon/internal.c
@@ -106,11 +106,12 @@ MHD_DLOG (const struct MHD_Daemon *daemon, const char *format, ...)
   va_end (va);
 }
 #endif
+
 void
 MHD_tls_log_func (int level, const char *str)
 {
-#ifdef DEBUG
-  FPRINTF (stdout, "|<%d>| %s", level, str);
+#ifdef HAVE_MESSAGES
+  FPRINTF (stderr, "|<%d>| %s", level, str);
 #endif
 }
 
diff --git a/src/testcurl/Makefile.am b/src/testcurl/Makefile.am
index b6cab739..8d18d6dd 100644
--- a/src/testcurl/Makefile.am
+++ b/src/testcurl/Makefile.am
@@ -1,5 +1,9 @@
 SUBDIRS  = .
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 if ENABLE_HTTPS
 SUBDIRS += https
 endif
@@ -24,6 +28,7 @@ check_PROGRAMS = \
   daemontest_put11 \
   daemontest_large_put11 \
   daemontest_long_header \
+  daemontest_long_header11 \
   daemontest_get_chunked \
   daemontest_put_chunked
 noinst_PROGRAMS = \
@@ -131,3 +136,9 @@ daemontest_long_header_LDADD = \
   $(top_builddir)/src/daemon/libmicrohttpd.la \
   @LIBCURL@ 
 
+daemontest_long_header11_SOURCES = \
+  daemontest_long_header.c
+daemontest_long_header11_LDADD = \
+  $(top_builddir)/src/daemon/libmicrohttpd.la \
+  @LIBCURL@ 
+
diff --git a/src/testcurl/https/Makefile.am b/src/testcurl/https/Makefile.am
index c4276711..b929995d 100644
--- a/src/testcurl/https/Makefile.am
+++ b/src/testcurl/https/Makefile.am
@@ -1,5 +1,9 @@
 SUBDIRS = .
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 AM_CPPFLAGS = \
 -I$(top_srcdir)/src/include \
 -I$(top_srcdir)/src/daemon/https \
diff --git a/src/testcurl/https/bug-test.c b/src/testcurl/https/bug-test.c
index 1a700869..3960a323 100644
--- a/src/testcurl/https/bug-test.c
+++ b/src/testcurl/https/bug-test.c
@@ -32,6 +32,8 @@
 #include "gnutls.h"
 #include <curl/curl.h>
 
+#define DEBUG 0
+
 #define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>"
 
 #define MHD_E_MEM "Error: memory error\n"
@@ -172,7 +174,7 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version)
            doc_path, test_file_name);
 
   c = curl_easy_init ();
-#ifdef DEBUG
+#if DEBUG
   curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
 #endif
   curl_easy_setopt (c, CURLOPT_URL, url);
diff --git a/src/testzzuf/Makefile.am b/src/testzzuf/Makefile.am
index 92e5a768..42bc2fdc 100644
--- a/src/testzzuf/Makefile.am
+++ b/src/testzzuf/Makefile.am
@@ -1,5 +1,9 @@
 SUBDIRS  = .
 
+if USE_COVERAGE
+  AM_CFLAGS = -fprofile-arcs -ftest-coverage
+endif
+
 INCLUDES = -I$(top_srcdir)/src/include
 
 EXTRA_DIST = README socat.c