159 lines
4.7 KiB
Plaintext
159 lines
4.7 KiB
Plaintext
# -*- autoconf -*-
|
|
#########################################
|
|
##
|
|
# Miscellaneous checks
|
|
##
|
|
#########################################
|
|
|
|
##
|
|
# Package characteristics
|
|
# Authentication/Encryption support
|
|
##
|
|
|
|
# Check for PKCS11
|
|
#
|
|
AC_MSG_CHECKING([for authentication support])
|
|
useopenssl=no
|
|
usepkcs=no
|
|
if test "x$ac_cv_lib_pkcs11_C_Initialize" != "xyes" -o "x$ac_cv_header_security_cryptoki_h" != "xyes"; then
|
|
if test "x$askedpkcs" = "xyes"; then
|
|
AC_MSG_ERROR(Asked to use PKCS11 but I couldn't find it.)
|
|
fi
|
|
else
|
|
if test "x$askedpkcs" = "xyes"; then
|
|
usepkcs=yes
|
|
fi
|
|
fi
|
|
|
|
# Check for OpenSSL
|
|
#
|
|
if test \( "x$ac_cv_func_EVP_md5" != "xyes" -a \
|
|
"x$ac_cv_lib_crypto_EVP_md5" != "xyes" -a \
|
|
"x$ac_cv_lib_eay32_EVP_md5" != "xyes" \) -o \
|
|
"x$ac_cv_header_openssl_hmac_h" != "xyes"; then
|
|
if test "x$askedopenssl" = "xyes"; then
|
|
AC_MSG_ERROR(Asked to use OpenSSL but I couldn't find it.)
|
|
fi
|
|
else
|
|
if test "x$askedopenssl" = "xyes"; then
|
|
useopenssl=yes
|
|
elif test "x$tryopenssl" = "xyes"; then
|
|
if test "x$usepkcs" != "xyes"; then
|
|
useopenssl=yes
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# Available authentication/encryption modes
|
|
#
|
|
if test "x$CRYPTO" = "xinternal" ; then
|
|
authmodes="MD5 SHA1"
|
|
if test "x$enable_privacy" != "xno" ; then
|
|
encrmodes="DES AES"
|
|
else
|
|
encrmodes="[disabled]"
|
|
fi
|
|
AC_DEFINE(NETSNMP_USE_INTERNAL_CRYPTO, 1, "Define if internal cryptography code should be used")
|
|
AC_MSG_RESULT(Internal Crypto Support)
|
|
elif test "x$useopenssl" != "xno" ; then
|
|
authmodes="MD5 SHA1"
|
|
if test "x$ac_cv_func_EVP_sha224" = xyes; then
|
|
authmodes="$authmodes SHA224 SHA256"
|
|
fi
|
|
if test "x$ac_cv_func_EVP_sha384" = xyes; then
|
|
authmodes="$authmodes SHA384 SHA512"
|
|
fi
|
|
if test "x$enable_privacy" != "xno" ; then
|
|
if test "x$ac_cv_header_openssl_aes_h" = "xyes" ; then
|
|
encrmodes="DES AES"
|
|
else
|
|
encrmodes="DES"
|
|
fi
|
|
else
|
|
encrmodes="[disabled]"
|
|
fi
|
|
AC_DEFINE(NETSNMP_USE_OPENSSL)
|
|
LNETSNMPLIBS="$LNETSNMPLIBS $LIBCRYPTO"
|
|
AC_MSG_RESULT(OpenSSL Support)
|
|
elif test "x$usepkcs" != "xno" ; then
|
|
authmodes="MD5 SHA1"
|
|
if test "x$enable_privacy" != "xno" ; then
|
|
encrmodes="DES"
|
|
else
|
|
encrmodes="[disabled]"
|
|
fi
|
|
AC_DEFINE(NETSNMP_USE_PKCS11, 1,
|
|
[Define if you are using the codeS11 library ...])
|
|
LNETSNMPLIBS="$LNETSNMPLIBS $LIBPKCS11"
|
|
AC_MSG_RESULT(PKCS11 Support)
|
|
elif test "x$enable_md5" != "xno"; then
|
|
authmodes="MD5"
|
|
encrmodes=""
|
|
AC_DEFINE(NETSNMP_USE_INTERNAL_MD5)
|
|
AC_MSG_RESULT(Internal MD5 Support)
|
|
fi
|
|
if test "x$enable_md5" = "xno"; then
|
|
authmodes=`echo $authmodes | $SED 's/MD5 *//;'`
|
|
fi
|
|
if test "x$ac_cv_func_AES_cfb128_encrypt" = xyes ||
|
|
test "x$CRYPTO" = xinternal; then
|
|
encrmodes="$encrmodes AES128"
|
|
if test "x$aes_capable" = "xyes"; then
|
|
encrmodes="$encrmodes AES192 AES192C AES256 AES256C"
|
|
fi
|
|
fi
|
|
AC_SUBST(LNETSNMPLIBS)
|
|
AC_SUBST(LAGENTLIBS)
|
|
|
|
AC_MSG_CACHE_ADD(Crypto support from: $CRYPTO)
|
|
AC_MSG_CACHE_ADD(Authentication support: $authmodes)
|
|
AC_MSG_CACHE_ADD(Encryption support: $encrmodes)
|
|
|
|
if test "x$all_warnings" != "x"; then
|
|
AC_MSG_CACHE_ADD(WARNING: $all_warnings)
|
|
fi
|
|
|
|
#
|
|
# Check whether user wants DNSSEC local validation support
|
|
#
|
|
_libs=${LIBS}
|
|
if ! test "x-$want_dnssec" = "x-no" ; then
|
|
AC_CHECK_HEADERS([validator/validator-config.h])
|
|
if test "$ac_cv_header_validator_validator_config_h" != yes; then
|
|
AC_MSG_ERROR(Can't find validator.h)
|
|
fi
|
|
if test "x$ac_cv_lib_crypto_EVP_md5" != "xyes" -a \
|
|
"x$ac_cv_lib_eay32_EVP_md5" != "xyes" -o \
|
|
"x$ac_cv_header_openssl_hmac_h" != "xyes"; then
|
|
AC_MSG_ERROR(Couldn't find OpenSSL for local DNSSEC validation support.)
|
|
fi
|
|
LIBS="$LIBS $LIBCRYPTO"
|
|
AC_CHECK_LIB(sres, query_send,,AC_MSG_ERROR([Can't find libsres]))
|
|
VAL_LIBS="-lsres $LIBCRYPTO"
|
|
LIBS="$LIBS -lsres"
|
|
AC_CHECK_LIB(val, p_val_status,
|
|
LIBS="$LIBS -lval"
|
|
VAL_LIBS="$VAL_LIBS -lval"
|
|
have_val_res_query=yes,
|
|
[ AC_CHECK_LIB(pthread, pthread_rwlock_init)
|
|
AC_CHECK_LIB(val-threads, p_val_status,
|
|
have_val_res_query=yes
|
|
LIBS="-lval-threads $LIBS"
|
|
VAL_LIBS="-lval-threads -lpthread $VAL_LIBS"
|
|
LIBVAL_SUFFIX="-threads",
|
|
AC_MSG_ERROR(Can't find libval or libval-threads))
|
|
])
|
|
AC_DEFINE(DNSSEC_LOCAL_VALIDATION, 1,
|
|
[Define if you want local DNSSEC validation support])
|
|
DNSSEC="enabled"
|
|
else
|
|
DNSSEC="disabled"
|
|
fi
|
|
|
|
LIBS=${_libs}
|
|
|
|
AC_SUBST(VAL_LIBS)
|
|
AC_MSG_CACHE_ADD(Local DNSSEC validation: $DNSSEC)
|
|
|
|
|