diff options
author | Gustavo Sverzut Barbieri <barbieri@gmail.com> | 2012-10-10 19:26:56 +0000 |
---|---|---|
committer | Gustavo Sverzut Barbieri <barbieri@gmail.com> | 2012-10-10 19:26:56 +0000 |
commit | cca6952abf9e3dbe27434f1b10e626b582c7f8d2 (patch) | |
tree | 1b4bc2248d1d1a8798184b9c8c826145e8840a37 /configure.ac | |
parent | 17fa1d77567d2919bff87176bdd671cc86dbd447 (diff) |
efl: simplify crypto options.
Introduce a new --with-crypto={openssl,gnutls,none} that will allow
one to choose the EFL cryptographic system.
If set to gnutls or openssl, cipher and signature will be
enabled. Otherwise it's disabled.
NOTE: gnutls is trying to cope with old API and that sucks. Should we
just drop the support for old gnutls and bump the required version?
SVN revision: 77789
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 272 |
1 files changed, 72 insertions, 200 deletions
diff --git a/configure.ac b/configure.ac index 543e7f8b95..9b65062150 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -655,67 +655,21 @@ else | |||
655 | AC_DEFINE(EET_OLD_EET_FILE_FORMAT, 0, [support old eet file format]) | 655 | AC_DEFINE(EET_OLD_EET_FILE_FORMAT, 0, [support old eet file format]) |
656 | fi | 656 | fi |
657 | 657 | ||
658 | # Openssl support | 658 | AC_ARG_WITH([crypto], |
659 | 659 | [AC_HELP_STRING([--with-crypto=CRYPTO], | |
660 | AC_ARG_ENABLE([openssl], | 660 | [use the predefined build crypto, one of: |
661 | [AC_HELP_STRING([--disable-openssl], [disable openssl eet support @<:@default=auto@:>@])], | 661 | openssl, gnutls or none. |
662 | [ | 662 | @<:@default=openssl@:>@])], |
663 | if test "x${enableval}" = "xyes" ; then | 663 | [build_crypto=${withval}], |
664 | want_openssl="yes" | 664 | [build_crypto=openssl]) |
665 | else | 665 | |
666 | want_openssl="no" | 666 | case "$build_crypto" in |
667 | fi | 667 | openssl|gnutls|none) |
668 | ], | 668 | ;; |
669 | [want_openssl="auto"]) | 669 | *) |
670 | 670 | AC_MSG_ERROR([Unknown build crypto --with-crypto=${build_crypto}]) | |
671 | AC_MSG_CHECKING([whether to use OpenSSL]) | 671 | ;; |
672 | AC_MSG_RESULT([${want_openssl}]) | 672 | esac |
673 | |||
674 | # GnuTLS support | ||
675 | |||
676 | AC_ARG_ENABLE([gnutls], | ||
677 | [AC_HELP_STRING([--disable-gnutls], [disable gnutls eet support @<:@default=auto@:>@])], | ||
678 | [ | ||
679 | if test "x${enableval}" = "xyes" ; then | ||
680 | want_gnutls="yes" | ||
681 | else | ||
682 | want_gnutls="no" | ||
683 | fi | ||
684 | ], | ||
685 | [want_gnutls="auto"]) | ||
686 | |||
687 | AC_MSG_CHECKING([whether to use Gnutls]) | ||
688 | AC_MSG_RESULT([${want_gnutls}]) | ||
689 | |||
690 | # Cryptography support | ||
691 | |||
692 | AC_ARG_ENABLE([cipher], | ||
693 | [AC_HELP_STRING([--disable-cipher], [disable cipher support for eet API @<:@default=yes@:>@])], | ||
694 | [ | ||
695 | if test "x${enableval}" = "xyes" ; then | ||
696 | want_cipher="yes" | ||
697 | else | ||
698 | want_cipher="no" | ||
699 | fi | ||
700 | ], | ||
701 | [want_cipher="yes"]) | ||
702 | |||
703 | AC_MSG_CHECKING([whether to use cipher]) | ||
704 | AC_MSG_RESULT([${want_cipher}]) | ||
705 | |||
706 | AC_ARG_ENABLE([signature], | ||
707 | [AC_HELP_STRING([--disable-signature], [disable signature file support for eet @<:@default=yes@:>@])], | ||
708 | [ | ||
709 | if test "x${enableval}" = "xyes" ; then | ||
710 | want_signature="yes" | ||
711 | else | ||
712 | want_signature="no" | ||
713 | fi | ||
714 | ], | ||
715 | [want_signature="yes"]) | ||
716 | |||
717 | AC_MSG_CHECKING([whether to use signature]) | ||
718 | AC_MSG_RESULT([${want_signature}]) | ||
719 | 673 | ||
720 | ### Checks for programs | 674 | ### Checks for programs |
721 | 675 | ||
@@ -749,150 +703,72 @@ AC_SUBST(EFL_EET_BUILD) | |||
749 | 703 | ||
750 | ## Secure layer | 704 | ## Secure layer |
751 | 705 | ||
752 | # Gnutls library | 706 | case "$build_crypto" in |
753 | 707 | gnutls) | |
754 | have_gnutls="no" | 708 | PKG_CHECK_MODULES([GNUTLS], [gnutls >= 1.7.6]) |
755 | if test "x${want_gnutls}" = "xyes" || test "x${want_gnutls}" = "xauto" ; then | 709 | AC_DEFINE([HAVE_GNUTLS], [1], [Have Gnutls support]) |
756 | PKG_CHECK_MODULES([GNUTLS], [gnutls >= 1.7.6], | 710 | requirements_pc_eet="gnutls >= 1.7.6 ${requirements_pc_eet}" |
757 | [ | 711 | requirements_pc_deps_eet="gnutls >= 1.7.6 ${requirements_pc_deps_eet}" |
758 | have_gnutls="yes" | 712 | |
759 | want_openssl="no" | 713 | # TODO: do we need this? |
760 | AC_DEFINE([HAVE_GNUTLS], [1], [Have Gnutls support]) | 714 | # libgcrypt |
761 | requirements_pc_eet="gnutls >= 1.7.6 ${requirements_pc_eet}" | 715 | AC_PATH_GENERIC([libgcrypt], [], [:], |
762 | requirements_pc_deps_eet="gnutls >= 1.7.6 ${requirements_pc_deps_eet}" | 716 | [AC_MSG_ERROR([libgcrypt required but not found])]) |
763 | ], | ||
764 | [have_gnutls="no"]) | ||
765 | fi | ||
766 | |||
767 | # libgcrypt | ||
768 | |||
769 | if test "x${have_gnutls}" = "xyes" ; then | ||
770 | AC_PATH_GENERIC([libgcrypt], [], [have_gnutls="yes"], [have_gnutls="no"]) | ||
771 | if test "x${have_gnutls}" = "xyes" ; then | ||
772 | requirements_libs_eet="${LIBGCRYPT_LIBS} ${requirements_libs_eet}" | 717 | requirements_libs_eet="${LIBGCRYPT_LIBS} ${requirements_libs_eet}" |
773 | requirements_libs_deps_eet="${LIBGCRYPT_LIBS} ${requirements_libs_deps_eet}" | 718 | requirements_libs_deps_eet="${LIBGCRYPT_LIBS} ${requirements_libs_deps_eet}" |
774 | fi | ||
775 | fi | ||
776 | |||
777 | # Specific GNUTLS improvement | ||
778 | 719 | ||
779 | AC_ARG_ENABLE(new-gnutls-api, | 720 | # TODO: do we need this? can't we just bump required version? |
780 | [AC_HELP_STRING( | 721 | # Specific GNUTLS improvement |
781 | [--disable-new-gnutls-api], | 722 | CFLAGS_save="${CFLAGS}" |
782 | [enable use of gnutls_x509_crt_verify_hash. @<:@default=yes@:>@])], | 723 | LIBS_save="${LIBS}" |
783 | [ | 724 | CFLAGS="${GNUTLS_CFLAGS}" |
784 | if test "x${enableval}" = "xyes" ; then | 725 | LIBS="${GNUTLS_LIBS}" |
785 | new_gnutls_api="yes" | 726 | AC_CHECK_LIB([gnutls], [gnutls_x509_crt_verify_hash], |
786 | else | 727 | [ |
787 | new_gnutls_api="no" | 728 | AC_DEFINE([EET_USE_NEW_GNUTLS_API], [1], [use gnutls_x509_crt_verify_hash]) |
788 | fi | 729 | ], [AC_MSG_NOTICE([Optional gnutls_x509_crt_verify_hash not present.])]) |
789 | ], | 730 | CFLAGS="${CFLAGS_save}" |
790 | [new_gnutls_api="yes"]) | 731 | LIBS="${LIBS_save}" |
791 | 732 | ||
792 | AC_MSG_CHECKING([whether to use gnutls_x509_crt_verify_hash]) | 733 | # TODO: do we need this? can't we just bump required version? |
793 | AC_MSG_RESULT([${new_gnutls_api}]) | 734 | CFLAGS_save="${CFLAGS}" |
794 | 735 | LIBS_save="${LIBS}" | |
795 | if test "x${have_gnutls}" = "xyes" && test "x${new_gnutls_api}" = "xyes" ; then | 736 | CFLAGS="${GNUTLS_CFLAGS}" |
796 | CFLAGS_save="${CFLAGS}" | 737 | LIBS="${GNUTLS_LIBS}" |
797 | LIBS_save="${LIBS}" | 738 | AC_CHECK_LIB([gnutls], [gnutls_privkey_sign_data], |
798 | CFLAGS="${GNUTLS_CFLAGS}" | 739 | [ |
799 | LIBS="${GNUTLS_LIBS}" | 740 | AC_DEFINE([EET_USE_NEW_PRIVKEY_SIGN_DATA], [1], [use gnutls_privkey_sign_data]) |
800 | AC_CHECK_LIB([gnutls], [gnutls_x509_crt_verify_hash], | 741 | ], [AC_MSG_NOTICE([Optional gnutls_privkey_sign_data not present.])]) |
801 | [ | 742 | CFLAGS="${CFLAGS_save}" |
802 | AC_DEFINE([EET_USE_NEW_GNUTLS_API], [1], [use gnutls_x509_crt_verify_hash]) | 743 | LIBS="${LIBS_save}" |
803 | new_gnutls_api="yes" | 744 | |
804 | ], | 745 | # TODO: do we need this? can't we just bump required version? |
805 | [new_gnutls_api="no"]) | 746 | CFLAGS_save="${CFLAGS}" |
806 | CFLAGS="${CFLAGS_save}" | 747 | LIBS_save="${LIBS}" |
807 | LIBS="${LIBS_save}" | 748 | CFLAGS="${GNUTLS_CFLAGS}" |
808 | fi | 749 | LIBS="${GNUTLS_LIBS}" |
809 | 750 | AC_CHECK_LIB([gnutls], [gnutls_pubkey_verify_hash], | |
810 | use_gnutls_privkey_sign_data="no" | 751 | [ |
811 | if test "x${have_gnutls}" = "xyes" ; then | 752 | AC_DEFINE([EET_USE_NEW_PUBKEY_VERIFY_HASH], [1], [use gnutls_pubkey_verify_hash]) |
812 | CFLAGS_save="${CFLAGS}" | 753 | ]) |
813 | LIBS_save="${LIBS}" | 754 | CFLAGS="${CFLAGS_save}" |
814 | CFLAGS="${GNUTLS_CFLAGS}" | 755 | LIBS="${LIBS_save}" |
815 | LIBS="${GNUTLS_LIBS}" | 756 | ;; |
816 | AC_CHECK_LIB([gnutls], [gnutls_privkey_sign_data], | ||
817 | [ | ||
818 | AC_DEFINE([EET_USE_NEW_PRIVKEY_SIGN_DATA], [1], [use gnutls_privkey_sign_data]) | ||
819 | use_gnutls_privkey_sign_data="yes" | ||
820 | ], | ||
821 | [use_gnutls_privkey_sign_data="no"]) | ||
822 | CFLAGS="${CFLAGS_save}" | ||
823 | LIBS="${LIBS_save}" | ||
824 | fi | ||
825 | |||
826 | AC_MSG_CHECKING([whether to use gnutls_privkey_sign_data]) | ||
827 | AC_MSG_RESULT([${use_gnutls_privkey_sign_data}]) | ||
828 | |||
829 | use_gnutls_pubkey_verify_hash="no" | ||
830 | if test "x${have_gnutls}" = "xyes" ; then | ||
831 | CFLAGS_save="${CFLAGS}" | ||
832 | LIBS_save="${LIBS}" | ||
833 | CFLAGS="${GNUTLS_CFLAGS}" | ||
834 | LIBS="${GNUTLS_LIBS}" | ||
835 | AC_CHECK_LIB([gnutls], [gnutls_pubkey_verify_hash], | ||
836 | [ | ||
837 | AC_DEFINE([EET_USE_NEW_PUBKEY_VERIFY_HASH], [1], [use gnutls_pubkey_verify_hash]) | ||
838 | use_gnutls_pubkey_verify_hash="yes" | ||
839 | ], | ||
840 | [use_gnutls_pubkey_verify_hash="no"]) | ||
841 | CFLAGS="${CFLAGS_save}" | ||
842 | LIBS="${LIBS_save}" | ||
843 | fi | ||
844 | |||
845 | AC_MSG_CHECKING([whether to use gnutls_pubkey_verify_hash]) | ||
846 | AC_MSG_RESULT([${use_gnutls_pubkey_verify_hash}]) | ||
847 | |||
848 | # Openssl library | ||
849 | |||
850 | have_openssl="no" | ||
851 | if test "x${want_openssl}" = "xyes" || test "x${want_openssl}" = "xauto" ; then | ||
852 | PKG_CHECK_EXISTS([openssl], | ||
853 | [ | ||
854 | have_openssl="yes" | ||
855 | AC_DEFINE([HAVE_OPENSSL], [1], [Have Openssl support]) | ||
856 | requirements_pc_eet="openssl ${requirements_pc_eet}" | ||
857 | requirements_pc_deps_eet="openssl ${requirements_pc_deps_eet}" | ||
858 | ], | ||
859 | [have_openssl="no"]) | ||
860 | fi | ||
861 | 757 | ||
862 | if test "x${have_gnutls}" = "xyes" ; then | 758 | openssl) |
863 | secure_layer="GnuTLS" | 759 | PKG_CHECK_MODULES([OPENSSL], [openssl]) |
864 | elif test "x${have_openssl}" = "xyes" ; then | 760 | AC_DEFINE([HAVE_OPENSSL], [1], [Have Openssl support]) |
865 | secure_layer="OpenSSL" | 761 | requirements_pc_eet="openssl ${requirements_pc_eet}" |
866 | else | 762 | requirements_pc_deps_eet="openssl ${requirements_pc_deps_eet}" |
867 | secure_layer="no" | 763 | ;; |
868 | fi | 764 | esac |
869 | 765 | ||
870 | # Cryptography support | 766 | # Cryptography support |
871 | 767 | if test "$build_crypto" != "none" ; then | |
872 | have_cipher="no" | ||
873 | if test "x${have_gnutls}" = "xyes" && test "x${want_cipher}" = "xyes" ; then | ||
874 | have_cipher="yes" | ||
875 | AC_DEFINE([HAVE_CIPHER], [1], [Have cipher support built in eet]) | 768 | AC_DEFINE([HAVE_CIPHER], [1], [Have cipher support built in eet]) |
876 | elif test "x${have_openssl}" = "xyes" && test "x${want_cipher}" = "xyes" ; then | ||
877 | have_cipher="yes" | ||
878 | AC_DEFINE([HAVE_CIPHER], [1], [Have cipher support built in eet]) | ||
879 | fi | ||
880 | |||
881 | AC_MSG_CHECKING([whether to activate cipher support in eet]) | ||
882 | AC_MSG_RESULT([${have_cipher}]) | ||
883 | |||
884 | have_signature="no" | ||
885 | if test "x${have_gnutls}" = "xyes" && test "x${want_signature}" = "xyes" ; then | ||
886 | have_signature="yes" | ||
887 | AC_DEFINE([HAVE_SIGNATURE], [1], [Have signature support for eet file]) | ||
888 | elif test "x${have_openssl}" = "xyes" && test "x${want_signature}" = "xyes" ; then | ||
889 | have_signature="yes" | ||
890 | AC_DEFINE([HAVE_SIGNATURE], [1], [Have signature support for eet file]) | 769 | AC_DEFINE([HAVE_SIGNATURE], [1], [Have signature support for eet file]) |
891 | fi | 770 | fi |
892 | 771 | ||
893 | AC_MSG_CHECKING([whether to activate signature support in eet]) | ||
894 | AC_MSG_RESULT([${have_signature}]) | ||
895 | |||
896 | # libjpeg and zlib | 772 | # libjpeg and zlib |
897 | 773 | ||
898 | EFL_CHECK_LIBS([EET], [libjpeg zlib]) | 774 | EFL_CHECK_LIBS([EET], [libjpeg zlib]) |
@@ -1146,11 +1022,7 @@ echo | |||
1146 | else | 1022 | else |
1147 | echo "Eet" | 1023 | echo "Eet" |
1148 | echo | 1024 | echo |
1149 | echo " Secure layer.........: ${secure_layer}" | 1025 | echo " Secure layer.........: ${build_crypto}" |
1150 | if test "x${have_gnutls}" = "xyes" || test "x${have_openssl}" = "xyes" ; then | ||
1151 | echo " Cipher support.....: ${have_cipher}" | ||
1152 | echo " Signature..........: ${have_signature}" | ||
1153 | fi | ||
1154 | echo | 1026 | echo |
1155 | echo " Old eet file format..: ${old_eet_file_format}" | 1027 | echo " Old eet file format..: ${old_eet_file_format}" |
1156 | echo | 1028 | echo |