forked from enlightenment/efl
efl: simplify crypto options.
Introduce a new --with-crypto={openssl,gnutls,none} that will allow one to choose the EFL cryptographic system. If set to gnutls or openssl, cipher and signature will be enabled. Otherwise it's disabled. NOTE: gnutls is trying to cope with old API and that sucks. Should we just drop the support for old gnutls and bump the required version? SVN revision: 77789
This commit is contained in:
parent
17fa1d7756
commit
cca6952abf
194
configure.ac
194
configure.ac
|
@ -655,67 +655,21 @@ else
|
||||||
AC_DEFINE(EET_OLD_EET_FILE_FORMAT, 0, [support old eet file format])
|
AC_DEFINE(EET_OLD_EET_FILE_FORMAT, 0, [support old eet file format])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Openssl support
|
AC_ARG_WITH([crypto],
|
||||||
|
[AC_HELP_STRING([--with-crypto=CRYPTO],
|
||||||
|
[use the predefined build crypto, one of:
|
||||||
|
openssl, gnutls or none.
|
||||||
|
@<:@default=openssl@:>@])],
|
||||||
|
[build_crypto=${withval}],
|
||||||
|
[build_crypto=openssl])
|
||||||
|
|
||||||
AC_ARG_ENABLE([openssl],
|
case "$build_crypto" in
|
||||||
[AC_HELP_STRING([--disable-openssl], [disable openssl eet support @<:@default=auto@:>@])],
|
openssl|gnutls|none)
|
||||||
[
|
;;
|
||||||
if test "x${enableval}" = "xyes" ; then
|
*)
|
||||||
want_openssl="yes"
|
AC_MSG_ERROR([Unknown build crypto --with-crypto=${build_crypto}])
|
||||||
else
|
;;
|
||||||
want_openssl="no"
|
esac
|
||||||
fi
|
|
||||||
],
|
|
||||||
[want_openssl="auto"])
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use OpenSSL])
|
|
||||||
AC_MSG_RESULT([${want_openssl}])
|
|
||||||
|
|
||||||
# GnuTLS support
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([gnutls],
|
|
||||||
[AC_HELP_STRING([--disable-gnutls], [disable gnutls eet support @<:@default=auto@:>@])],
|
|
||||||
[
|
|
||||||
if test "x${enableval}" = "xyes" ; then
|
|
||||||
want_gnutls="yes"
|
|
||||||
else
|
|
||||||
want_gnutls="no"
|
|
||||||
fi
|
|
||||||
],
|
|
||||||
[want_gnutls="auto"])
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use Gnutls])
|
|
||||||
AC_MSG_RESULT([${want_gnutls}])
|
|
||||||
|
|
||||||
# Cryptography support
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([cipher],
|
|
||||||
[AC_HELP_STRING([--disable-cipher], [disable cipher support for eet API @<:@default=yes@:>@])],
|
|
||||||
[
|
|
||||||
if test "x${enableval}" = "xyes" ; then
|
|
||||||
want_cipher="yes"
|
|
||||||
else
|
|
||||||
want_cipher="no"
|
|
||||||
fi
|
|
||||||
],
|
|
||||||
[want_cipher="yes"])
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use cipher])
|
|
||||||
AC_MSG_RESULT([${want_cipher}])
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([signature],
|
|
||||||
[AC_HELP_STRING([--disable-signature], [disable signature file support for eet @<:@default=yes@:>@])],
|
|
||||||
[
|
|
||||||
if test "x${enableval}" = "xyes" ; then
|
|
||||||
want_signature="yes"
|
|
||||||
else
|
|
||||||
want_signature="no"
|
|
||||||
fi
|
|
||||||
],
|
|
||||||
[want_signature="yes"])
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use signature])
|
|
||||||
AC_MSG_RESULT([${want_signature}])
|
|
||||||
|
|
||||||
### Checks for programs
|
### Checks for programs
|
||||||
|
|
||||||
|
@ -749,50 +703,22 @@ AC_SUBST(EFL_EET_BUILD)
|
||||||
|
|
||||||
## Secure layer
|
## Secure layer
|
||||||
|
|
||||||
# Gnutls library
|
case "$build_crypto" in
|
||||||
|
gnutls)
|
||||||
have_gnutls="no"
|
PKG_CHECK_MODULES([GNUTLS], [gnutls >= 1.7.6])
|
||||||
if test "x${want_gnutls}" = "xyes" || test "x${want_gnutls}" = "xauto" ; then
|
|
||||||
PKG_CHECK_MODULES([GNUTLS], [gnutls >= 1.7.6],
|
|
||||||
[
|
|
||||||
have_gnutls="yes"
|
|
||||||
want_openssl="no"
|
|
||||||
AC_DEFINE([HAVE_GNUTLS], [1], [Have Gnutls support])
|
AC_DEFINE([HAVE_GNUTLS], [1], [Have Gnutls support])
|
||||||
requirements_pc_eet="gnutls >= 1.7.6 ${requirements_pc_eet}"
|
requirements_pc_eet="gnutls >= 1.7.6 ${requirements_pc_eet}"
|
||||||
requirements_pc_deps_eet="gnutls >= 1.7.6 ${requirements_pc_deps_eet}"
|
requirements_pc_deps_eet="gnutls >= 1.7.6 ${requirements_pc_deps_eet}"
|
||||||
],
|
|
||||||
[have_gnutls="no"])
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
# TODO: do we need this?
|
||||||
# libgcrypt
|
# libgcrypt
|
||||||
|
AC_PATH_GENERIC([libgcrypt], [], [:],
|
||||||
if test "x${have_gnutls}" = "xyes" ; then
|
[AC_MSG_ERROR([libgcrypt required but not found])])
|
||||||
AC_PATH_GENERIC([libgcrypt], [], [have_gnutls="yes"], [have_gnutls="no"])
|
|
||||||
if test "x${have_gnutls}" = "xyes" ; then
|
|
||||||
requirements_libs_eet="${LIBGCRYPT_LIBS} ${requirements_libs_eet}"
|
requirements_libs_eet="${LIBGCRYPT_LIBS} ${requirements_libs_eet}"
|
||||||
requirements_libs_deps_eet="${LIBGCRYPT_LIBS} ${requirements_libs_deps_eet}"
|
requirements_libs_deps_eet="${LIBGCRYPT_LIBS} ${requirements_libs_deps_eet}"
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
# TODO: do we need this? can't we just bump required version?
|
||||||
# Specific GNUTLS improvement
|
# Specific GNUTLS improvement
|
||||||
|
|
||||||
AC_ARG_ENABLE(new-gnutls-api,
|
|
||||||
[AC_HELP_STRING(
|
|
||||||
[--disable-new-gnutls-api],
|
|
||||||
[enable use of gnutls_x509_crt_verify_hash. @<:@default=yes@:>@])],
|
|
||||||
[
|
|
||||||
if test "x${enableval}" = "xyes" ; then
|
|
||||||
new_gnutls_api="yes"
|
|
||||||
else
|
|
||||||
new_gnutls_api="no"
|
|
||||||
fi
|
|
||||||
],
|
|
||||||
[new_gnutls_api="yes"])
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use gnutls_x509_crt_verify_hash])
|
|
||||||
AC_MSG_RESULT([${new_gnutls_api}])
|
|
||||||
|
|
||||||
if test "x${have_gnutls}" = "xyes" && test "x${new_gnutls_api}" = "xyes" ; then
|
|
||||||
CFLAGS_save="${CFLAGS}"
|
CFLAGS_save="${CFLAGS}"
|
||||||
LIBS_save="${LIBS}"
|
LIBS_save="${LIBS}"
|
||||||
CFLAGS="${GNUTLS_CFLAGS}"
|
CFLAGS="${GNUTLS_CFLAGS}"
|
||||||
|
@ -800,15 +726,11 @@ if test "x${have_gnutls}" = "xyes" && test "x${new_gnutls_api}" = "xyes" ; then
|
||||||
AC_CHECK_LIB([gnutls], [gnutls_x509_crt_verify_hash],
|
AC_CHECK_LIB([gnutls], [gnutls_x509_crt_verify_hash],
|
||||||
[
|
[
|
||||||
AC_DEFINE([EET_USE_NEW_GNUTLS_API], [1], [use gnutls_x509_crt_verify_hash])
|
AC_DEFINE([EET_USE_NEW_GNUTLS_API], [1], [use gnutls_x509_crt_verify_hash])
|
||||||
new_gnutls_api="yes"
|
], [AC_MSG_NOTICE([Optional gnutls_x509_crt_verify_hash not present.])])
|
||||||
],
|
|
||||||
[new_gnutls_api="no"])
|
|
||||||
CFLAGS="${CFLAGS_save}"
|
CFLAGS="${CFLAGS_save}"
|
||||||
LIBS="${LIBS_save}"
|
LIBS="${LIBS_save}"
|
||||||
fi
|
|
||||||
|
|
||||||
use_gnutls_privkey_sign_data="no"
|
# TODO: do we need this? can't we just bump required version?
|
||||||
if test "x${have_gnutls}" = "xyes" ; then
|
|
||||||
CFLAGS_save="${CFLAGS}"
|
CFLAGS_save="${CFLAGS}"
|
||||||
LIBS_save="${LIBS}"
|
LIBS_save="${LIBS}"
|
||||||
CFLAGS="${GNUTLS_CFLAGS}"
|
CFLAGS="${GNUTLS_CFLAGS}"
|
||||||
|
@ -816,18 +738,11 @@ if test "x${have_gnutls}" = "xyes" ; then
|
||||||
AC_CHECK_LIB([gnutls], [gnutls_privkey_sign_data],
|
AC_CHECK_LIB([gnutls], [gnutls_privkey_sign_data],
|
||||||
[
|
[
|
||||||
AC_DEFINE([EET_USE_NEW_PRIVKEY_SIGN_DATA], [1], [use gnutls_privkey_sign_data])
|
AC_DEFINE([EET_USE_NEW_PRIVKEY_SIGN_DATA], [1], [use gnutls_privkey_sign_data])
|
||||||
use_gnutls_privkey_sign_data="yes"
|
], [AC_MSG_NOTICE([Optional gnutls_privkey_sign_data not present.])])
|
||||||
],
|
|
||||||
[use_gnutls_privkey_sign_data="no"])
|
|
||||||
CFLAGS="${CFLAGS_save}"
|
CFLAGS="${CFLAGS_save}"
|
||||||
LIBS="${LIBS_save}"
|
LIBS="${LIBS_save}"
|
||||||
fi
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use gnutls_privkey_sign_data])
|
# TODO: do we need this? can't we just bump required version?
|
||||||
AC_MSG_RESULT([${use_gnutls_privkey_sign_data}])
|
|
||||||
|
|
||||||
use_gnutls_pubkey_verify_hash="no"
|
|
||||||
if test "x${have_gnutls}" = "xyes" ; then
|
|
||||||
CFLAGS_save="${CFLAGS}"
|
CFLAGS_save="${CFLAGS}"
|
||||||
LIBS_save="${LIBS}"
|
LIBS_save="${LIBS}"
|
||||||
CFLAGS="${GNUTLS_CFLAGS}"
|
CFLAGS="${GNUTLS_CFLAGS}"
|
||||||
|
@ -835,64 +750,25 @@ if test "x${have_gnutls}" = "xyes" ; then
|
||||||
AC_CHECK_LIB([gnutls], [gnutls_pubkey_verify_hash],
|
AC_CHECK_LIB([gnutls], [gnutls_pubkey_verify_hash],
|
||||||
[
|
[
|
||||||
AC_DEFINE([EET_USE_NEW_PUBKEY_VERIFY_HASH], [1], [use gnutls_pubkey_verify_hash])
|
AC_DEFINE([EET_USE_NEW_PUBKEY_VERIFY_HASH], [1], [use gnutls_pubkey_verify_hash])
|
||||||
use_gnutls_pubkey_verify_hash="yes"
|
])
|
||||||
],
|
|
||||||
[use_gnutls_pubkey_verify_hash="no"])
|
|
||||||
CFLAGS="${CFLAGS_save}"
|
CFLAGS="${CFLAGS_save}"
|
||||||
LIBS="${LIBS_save}"
|
LIBS="${LIBS_save}"
|
||||||
fi
|
;;
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to use gnutls_pubkey_verify_hash])
|
openssl)
|
||||||
AC_MSG_RESULT([${use_gnutls_pubkey_verify_hash}])
|
PKG_CHECK_MODULES([OPENSSL], [openssl])
|
||||||
|
|
||||||
# Openssl library
|
|
||||||
|
|
||||||
have_openssl="no"
|
|
||||||
if test "x${want_openssl}" = "xyes" || test "x${want_openssl}" = "xauto" ; then
|
|
||||||
PKG_CHECK_EXISTS([openssl],
|
|
||||||
[
|
|
||||||
have_openssl="yes"
|
|
||||||
AC_DEFINE([HAVE_OPENSSL], [1], [Have Openssl support])
|
AC_DEFINE([HAVE_OPENSSL], [1], [Have Openssl support])
|
||||||
requirements_pc_eet="openssl ${requirements_pc_eet}"
|
requirements_pc_eet="openssl ${requirements_pc_eet}"
|
||||||
requirements_pc_deps_eet="openssl ${requirements_pc_deps_eet}"
|
requirements_pc_deps_eet="openssl ${requirements_pc_deps_eet}"
|
||||||
],
|
;;
|
||||||
[have_openssl="no"])
|
esac
|
||||||
fi
|
|
||||||
|
|
||||||
if test "x${have_gnutls}" = "xyes" ; then
|
|
||||||
secure_layer="GnuTLS"
|
|
||||||
elif test "x${have_openssl}" = "xyes" ; then
|
|
||||||
secure_layer="OpenSSL"
|
|
||||||
else
|
|
||||||
secure_layer="no"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Cryptography support
|
# Cryptography support
|
||||||
|
if test "$build_crypto" != "none" ; then
|
||||||
have_cipher="no"
|
|
||||||
if test "x${have_gnutls}" = "xyes" && test "x${want_cipher}" = "xyes" ; then
|
|
||||||
have_cipher="yes"
|
|
||||||
AC_DEFINE([HAVE_CIPHER], [1], [Have cipher support built in eet])
|
AC_DEFINE([HAVE_CIPHER], [1], [Have cipher support built in eet])
|
||||||
elif test "x${have_openssl}" = "xyes" && test "x${want_cipher}" = "xyes" ; then
|
|
||||||
have_cipher="yes"
|
|
||||||
AC_DEFINE([HAVE_CIPHER], [1], [Have cipher support built in eet])
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to activate cipher support in eet])
|
|
||||||
AC_MSG_RESULT([${have_cipher}])
|
|
||||||
|
|
||||||
have_signature="no"
|
|
||||||
if test "x${have_gnutls}" = "xyes" && test "x${want_signature}" = "xyes" ; then
|
|
||||||
have_signature="yes"
|
|
||||||
AC_DEFINE([HAVE_SIGNATURE], [1], [Have signature support for eet file])
|
|
||||||
elif test "x${have_openssl}" = "xyes" && test "x${want_signature}" = "xyes" ; then
|
|
||||||
have_signature="yes"
|
|
||||||
AC_DEFINE([HAVE_SIGNATURE], [1], [Have signature support for eet file])
|
AC_DEFINE([HAVE_SIGNATURE], [1], [Have signature support for eet file])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
AC_MSG_CHECKING([whether to activate signature support in eet])
|
|
||||||
AC_MSG_RESULT([${have_signature}])
|
|
||||||
|
|
||||||
# libjpeg and zlib
|
# libjpeg and zlib
|
||||||
|
|
||||||
EFL_CHECK_LIBS([EET], [libjpeg zlib])
|
EFL_CHECK_LIBS([EET], [libjpeg zlib])
|
||||||
|
@ -1146,11 +1022,7 @@ echo
|
||||||
else
|
else
|
||||||
echo "Eet"
|
echo "Eet"
|
||||||
echo
|
echo
|
||||||
echo " Secure layer.........: ${secure_layer}"
|
echo " Secure layer.........: ${build_crypto}"
|
||||||
if test "x${have_gnutls}" = "xyes" || test "x${have_openssl}" = "xyes" ; then
|
|
||||||
echo " Cipher support.....: ${have_cipher}"
|
|
||||||
echo " Signature..........: ${have_signature}"
|
|
||||||
fi
|
|
||||||
echo
|
echo
|
||||||
echo " Old eet file format..: ${old_eet_file_format}"
|
echo " Old eet file format..: ${old_eet_file_format}"
|
||||||
echo
|
echo
|
||||||
|
|
Loading…
Reference in New Issue