2011-08-03 22:30:22 +04:00
|
|
|
# configure.ac
|
2011-07-27 00:27:22 +04:00
|
|
|
#
|
2015-01-08 19:39:04 +03:00
|
|
|
# Copyright (C) 2006-2015 wolfSSL Inc.
|
2011-07-27 00:27:22 +04:00
|
|
|
#
|
2014-12-31 23:04:03 +03:00
|
|
|
# This file is part of wolfSSL. (formerly known as CyaSSL)
|
2011-07-27 00:27:22 +04:00
|
|
|
#
|
|
|
|
#
|
|
|
|
|
2016-03-18 01:02:13 +03:00
|
|
|
AC_INIT([wolfssl],[3.9.0],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
|
2011-08-25 02:54:58 +04:00
|
|
|
|
2012-10-19 08:30:21 +04:00
|
|
|
AC_CONFIG_AUX_DIR([build-aux])
|
2011-08-25 02:54:58 +04:00
|
|
|
|
2015-09-18 02:36:53 +03:00
|
|
|
# The following sets CFLAGS to empty if unset on command line. We do not want
|
|
|
|
# the default "-g -O2" that AC_PROG_CC sets automatically.
|
|
|
|
: ${CFLAGS=""}
|
|
|
|
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_CANONICAL_HOST
|
|
|
|
AC_CANONICAL_BUILD
|
|
|
|
|
2013-09-15 11:13:30 +04:00
|
|
|
AM_INIT_AUTOMAKE([1.11 -Wall -Werror -Wno-portability foreign tar-ustar subdir-objects no-define color-tests])
|
2013-04-10 21:21:56 +04:00
|
|
|
AC_PREREQ([2.63])
|
2011-08-25 02:54:58 +04:00
|
|
|
|
2013-09-15 11:13:30 +04:00
|
|
|
AC_ARG_PROGRAM
|
|
|
|
AC_DEFUN([PROTECT_AC_USE_SYSTEM_EXTENSIONS],
|
|
|
|
[AX_SAVE_FLAGS
|
|
|
|
AC_LANG_PUSH([C])
|
|
|
|
AC_USE_SYSTEM_EXTENSIONS
|
|
|
|
AC_LANG_POP([C])
|
|
|
|
AX_RESTORE_FLAGS
|
|
|
|
])
|
|
|
|
#PROTECT_AC_USE_SYSTEM_EXTENSIONS
|
2011-08-25 02:54:58 +04:00
|
|
|
|
2013-09-15 11:13:30 +04:00
|
|
|
AC_CONFIG_MACRO_DIR([m4])
|
2011-08-25 02:54:58 +04:00
|
|
|
|
2013-09-15 11:13:30 +04:00
|
|
|
AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2011-04-30 00:08:05 +04:00
|
|
|
#shared library versioning
|
2016-03-18 01:02:13 +03:00
|
|
|
WOLFSSL_LIBRARY_VERSION=5:0:2
|
2015-01-09 22:20:41 +03:00
|
|
|
# | | |
|
|
|
|
# +------+ | +---+
|
|
|
|
# | | |
|
|
|
|
# current:revision:age
|
|
|
|
# | | |
|
|
|
|
# | | +- increment if interfaces have been added
|
|
|
|
# | | set to zero if interfaces have been removed
|
|
|
|
# | | or changed
|
|
|
|
# | +- increment if source code has changed
|
|
|
|
# | set to zero if current is incremented
|
|
|
|
# +- increment if interfaces have been added, removed or changed
|
2014-12-30 02:30:26 +03:00
|
|
|
AC_SUBST([WOLFSSL_LIBRARY_VERSION])
|
2011-04-30 00:08:05 +04:00
|
|
|
|
2012-10-24 23:01:11 +04:00
|
|
|
# capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even
|
|
|
|
# if user doesn't override, no way to tell
|
|
|
|
USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS"
|
2015-09-24 02:27:48 +03:00
|
|
|
USER_CFLAGS="$CFLAGS"
|
2012-10-24 23:01:11 +04:00
|
|
|
|
2013-03-23 23:15:02 +04:00
|
|
|
LT_PREREQ([2.2])
|
|
|
|
LT_INIT([disable-static],[win32-dll])
|
2011-08-25 02:54:58 +04:00
|
|
|
LT_LANG([C++])
|
|
|
|
LT_LANG([C])
|
2013-03-23 23:15:02 +04:00
|
|
|
|
2011-08-25 02:54:58 +04:00
|
|
|
gl_VISIBILITY
|
2012-10-21 05:24:28 +04:00
|
|
|
AS_IF([ test -n "$CFLAG_VISIBILITY" ], [
|
|
|
|
AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY"
|
|
|
|
CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY"
|
|
|
|
])
|
2011-08-25 02:54:58 +04:00
|
|
|
|
|
|
|
m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
|
|
|
|
|
|
|
|
AC_CHECK_FUNCS([gethostbyname])
|
2013-04-11 23:30:09 +04:00
|
|
|
AC_CHECK_FUNCS([getaddrinfo])
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_CHECK_FUNCS([gettimeofday])
|
2015-11-10 01:48:39 +03:00
|
|
|
AC_CHECK_FUNCS([gmtime_r])
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_CHECK_FUNCS([inet_ntoa])
|
|
|
|
AC_CHECK_FUNCS([memset])
|
|
|
|
AC_CHECK_FUNCS([socket])
|
|
|
|
AC_CHECK_HEADERS([arpa/inet.h])
|
|
|
|
AC_CHECK_HEADERS([fcntl.h])
|
|
|
|
AC_CHECK_HEADERS([limits.h])
|
|
|
|
AC_CHECK_HEADERS([netdb.h])
|
|
|
|
AC_CHECK_HEADERS([netinet/in.h])
|
|
|
|
AC_CHECK_HEADERS([stddef.h])
|
|
|
|
AC_CHECK_HEADERS([sys/ioctl.h])
|
|
|
|
AC_CHECK_HEADERS([sys/socket.h])
|
|
|
|
AC_CHECK_HEADERS([sys/time.h])
|
2012-10-19 08:30:21 +04:00
|
|
|
AC_CHECK_HEADERS([errno.h])
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_CHECK_LIB(network,socket)
|
|
|
|
AC_CHECK_SIZEOF(long long, 8)
|
|
|
|
AC_CHECK_SIZEOF(long, 4)
|
2014-07-10 21:18:49 +04:00
|
|
|
AC_CHECK_TYPES(__uint128_t)
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_C_BIGENDIAN
|
2012-10-24 23:09:53 +04:00
|
|
|
# mktime check takes forever on some systems, if time supported it would be
|
|
|
|
# highly unusual for mktime to be missing
|
2015-08-13 11:20:47 +03:00
|
|
|
#AC_FUNC_MKTIME
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
AC_PROG_CC
|
|
|
|
AC_PROG_CC_C_O
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_PROG_CXX
|
2011-02-05 22:14:47 +03:00
|
|
|
AC_PROG_INSTALL
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_TYPE_SIZE_T
|
|
|
|
AC_TYPE_UINT8_T
|
|
|
|
AM_PROG_AS
|
|
|
|
AM_PROG_CC_C_O
|
|
|
|
LT_LIB_M
|
2011-04-27 02:41:16 +04:00
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
|
2013-04-12 20:29:31 +04:00
|
|
|
OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
|
2013-09-04 00:13:13 +04:00
|
|
|
OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
|
2014-12-31 23:04:03 +03:00
|
|
|
DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
|
2015-09-28 19:06:30 +03:00
|
|
|
LIB_ADD=
|
|
|
|
LIB_STATIC_ADD=
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2014-03-14 05:54:51 +04:00
|
|
|
thread_ls_on=no
|
2013-11-12 05:00:35 +04:00
|
|
|
# Thread local storage
|
2014-03-14 05:54:51 +04:00
|
|
|
AX_TLS([
|
|
|
|
[AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"]
|
|
|
|
[thread_ls_on=yes]
|
|
|
|
] , [:])
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
# DEBUG
|
2012-10-19 08:30:21 +04:00
|
|
|
AX_DEBUG
|
2012-10-24 22:53:33 +04:00
|
|
|
AS_IF([test "$ax_enable_debug" = "yes"],
|
|
|
|
[AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"],
|
|
|
|
[AM_CFLAGS="$AM_CFLAGS -DNDEBUG"])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
|
|
|
|
# SINGLE THREADED
|
2013-03-13 23:58:50 +04:00
|
|
|
AC_ARG_ENABLE([singlethreaded],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-singlethreaded Enable wolfSSL single threaded (default: disabled)],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ ENABLED_SINGLETHREADED=$enableval ],
|
2012-10-20 07:09:17 +04:00
|
|
|
[ ENABLED_SINGLETHREADED=no ])
|
|
|
|
|
|
|
|
AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[
|
|
|
|
AX_PTHREAD([
|
|
|
|
AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.])
|
2013-04-02 02:50:13 +04:00
|
|
|
AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS"
|
|
|
|
LIBS="$LIBS $PTHREAD_LIBS"
|
2012-10-20 07:09:17 +04:00
|
|
|
],[
|
|
|
|
ENABLED_SINGLETHREADED=yes
|
|
|
|
])
|
|
|
|
])
|
|
|
|
|
|
|
|
AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" ])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
|
|
|
|
# DTLS
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([dtls],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-dtls Enable wolfSSL DTLS (default: disabled)],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ ENABLED_DTLS=$enableval ],
|
|
|
|
[ ENABLED_DTLS=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_DTLS" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
# OpenSSH compatibility Build
|
|
|
|
AC_ARG_ENABLE([openssh],
|
|
|
|
[AS_HELP_STRING([--enable-openssh],[Enable OpenSSH compatibility build (default: disabled)])],
|
|
|
|
[ENABLED_OPENSSH=$enableval],
|
|
|
|
[ENABLED_OPENSSH=no])
|
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# OPENSSL Extra Compatibility
|
2013-03-13 23:58:50 +04:00
|
|
|
AC_ARG_ENABLE([opensslextra],
|
|
|
|
[ --enable-opensslextra Enable extra OpenSSL API, size+ (default: disabled)],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ ENABLED_OPENSSLEXTRA=$enableval ],
|
|
|
|
[ ENABLED_OPENSSLEXTRA=no ]
|
|
|
|
)
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_OPENSSLEXTRA="yes"
|
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
if test "$ENABLED_OPENSSLEXTRA" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
2011-06-07 20:02:36 +04:00
|
|
|
if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
|
|
|
|
then
|
2013-03-13 23:58:50 +04:00
|
|
|
AC_MSG_ERROR([cannot enable small and opensslextra, only one or the other.])
|
2011-06-07 20:02:36 +04:00
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2015-04-01 21:55:49 +03:00
|
|
|
# High Strength Build
|
|
|
|
AC_ARG_ENABLE([maxstrength],
|
|
|
|
[AS_HELP_STRING([--enable-maxstrength],[Enable Max Strengh build, allows TLSv1.2-AEAD-PFS ciphers only (default: disabled)])],
|
|
|
|
[ENABLED_MAXSTRENGTH=$enableval],
|
|
|
|
[ENABLED_MAXSTRENGTH=no])
|
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# IPv6 Test Apps
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([ipv6],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --enable-ipv6 Enable testing of IPV6 (default: disabled)],
|
|
|
|
[ ENABLED_IPV6=$enableval ],
|
|
|
|
[ ENABLED_IPV6=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_IPV6" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
2015-05-07 22:15:58 +03:00
|
|
|
AM_CONDITIONAL([BUILD_IPV6], [test "x$ENABLED_IPV6" = "xyes"])
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Fortress build
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([fortress],
|
2011-10-27 04:10:44 +04:00
|
|
|
[ --enable-fortress Enable SSL fortress build (default: disabled)],
|
|
|
|
[ ENABLED_FORTRESS=$enableval ],
|
|
|
|
[ ENABLED_FORTRESS=no ]
|
|
|
|
)
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_FORTRESS="yes"
|
|
|
|
fi
|
|
|
|
|
2011-10-27 04:10:44 +04:00
|
|
|
if test "$ENABLED_FORTRESS" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DWOLFSSL_ALWAYS_VERIFY_CB -DOPENSSL_EXTRA -DWOLFSSL_DES_ECB -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT -DWOLFSSL_DER_LOAD -DWOLFSSL_SHA512 -DWOLFSSL_SHA384 -DWOLFSSL_KEY_GEN"
|
2011-10-27 04:10:44 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# ssl bump build
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([bump],
|
2011-10-04 23:29:59 +04:00
|
|
|
[ --enable-bump Enable SSL Bump build (default: disabled)],
|
|
|
|
[ ENABLED_BUMP=$enableval ],
|
|
|
|
[ ENABLED_BUMP=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_BUMP" = "yes"
|
|
|
|
then
|
2015-09-14 19:45:14 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DWOLFSSL_CERT_GEN -DWOLFSSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DWOLFSSL_DER_LOAD -DWOLFSSL_ALT_NAMES -DWOLFSSL_TEST_CERT"
|
2011-10-04 23:29:59 +04:00
|
|
|
fi
|
|
|
|
|
2012-11-03 03:49:31 +04:00
|
|
|
ENABLED_SLOWMATH="yes"
|
2012-10-30 02:39:42 +04:00
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# lean psk build
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([leanpsk],
|
2012-10-30 02:39:42 +04:00
|
|
|
[ --enable-leanpsk Enable Lean PSK build (default: disabled)],
|
|
|
|
[ ENABLED_LEANPSK=$enableval ],
|
|
|
|
[ ENABLED_LEANPSK=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANPSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_SESSION_CACHE -DNO_DEV_RANDOM -DWOLFSSL_USER_IO -DNO_SHA -DUSE_SLOW_SHA"
|
2012-11-03 03:49:31 +04:00
|
|
|
ENABLED_SLOWMATH="no"
|
2012-12-01 03:45:43 +04:00
|
|
|
ENABLED_SINGLETHREADED="yes"
|
2012-10-30 02:39:42 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_LEANPSK], [test "x$ENABLED_LEANPSK" = "xyes"])
|
|
|
|
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# lean TLS build (TLS 1.2 client only (no client auth), ECC256, AES128 and SHA256 w/o Shamir)
|
|
|
|
AC_ARG_ENABLE([leantls],
|
|
|
|
[ --enable-leantls Enable Lean TLS build (default: disabled)],
|
|
|
|
[ ENABLED_LEANTLS=$enableval ],
|
|
|
|
[ ENABLED_LEANTLS=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_LEANTLS" = "yes"
|
|
|
|
then
|
2016-02-22 12:11:41 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANTLS -DNO_WRITEV -DHAVE_ECC -DTFM_ECC256 -DECC_USER_CURVES -DNO_WOLFSSL_SERVER -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_PWDBASED -DNO_DES3 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_SESSION_CACHE -DNO_SHA -DUSE_SLOW_SHA -DUSE_SLOW_SHA2 -DNO_PSK -DNO_WOLFSSL_MEMORY"
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_LEANTLS], [test "x$ENABLED_LEANTLS" = "xyes"])
|
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# big cache
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([bigcache],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --enable-bigcache Enable big session cache (default: disabled)],
|
|
|
|
[ ENABLED_BIGCACHE=$enableval ],
|
|
|
|
[ ENABLED_BIGCACHE=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_BIGCACHE" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# HUGE cache
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([hugecache],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --enable-hugecache Enable huge session cache (default: disabled)],
|
|
|
|
[ ENABLED_HUGECACHE=$enableval ],
|
|
|
|
[ ENABLED_HUGECACHE=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_HUGECACHE" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2011-09-07 03:23:25 +04:00
|
|
|
# SMALL cache
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([smallcache],
|
2011-09-07 03:23:25 +04:00
|
|
|
[ --enable-smallcache Enable small session cache (default: disabled)],
|
|
|
|
[ ENABLED_SMALLCACHE=$enableval ],
|
|
|
|
[ ENABLED_SMALLCACHE=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_SMALLCACHE" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Persistent session cache
|
2013-04-24 22:10:23 +04:00
|
|
|
AC_ARG_ENABLE([savesession],
|
|
|
|
[ --enable-savesession Enable persistent session cache (default: disabled)],
|
|
|
|
[ ENABLED_SAVESESSION=$enableval ],
|
|
|
|
[ ENABLED_SAVESESSION=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_SAVESESSION" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Persistent cert cache
|
2013-05-02 22:34:26 +04:00
|
|
|
AC_ARG_ENABLE([savecert],
|
|
|
|
[ --enable-savecert Enable persistent cert cache (default: disabled)],
|
|
|
|
[ ENABLED_SAVECERT=$enableval ],
|
|
|
|
[ ENABLED_SAVECERT=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_SAVECERT" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Atomic User Record Layer
|
2013-08-10 04:27:15 +04:00
|
|
|
AC_ARG_ENABLE([atomicuser],
|
|
|
|
[ --enable-atomicuser Enable Atomic User Record Layer (default: disabled)],
|
|
|
|
[ ENABLED_ATOMICUSER=$enableval ],
|
|
|
|
[ ENABLED_ATOMICUSER=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_ATOMICUSER" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Public Key Callbacks
|
2013-08-23 05:19:39 +04:00
|
|
|
AC_ARG_ENABLE([pkcallbacks],
|
|
|
|
[ --enable-pkcallbacks Enable Public Key Callbacks (default: disabled)],
|
|
|
|
[ ENABLED_PKCALLBACKS=$enableval ],
|
|
|
|
[ ENABLED_PKCALLBACKS=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_PKCALLBACKS" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# SNIFFER
|
2012-10-20 06:00:17 +04:00
|
|
|
AC_ARG_ENABLE([sniffer],
|
2015-03-12 22:07:48 +03:00
|
|
|
[AS_HELP_STRING([--enable-sniffer],[Enable wolfSSL sniffer support (default: disabled)])],
|
|
|
|
[ ENABLED_SNIFFER=$enableval ],
|
|
|
|
[ ENABLED_SNIFFER=no ]
|
|
|
|
)
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# sniffer doesn't work in maxstrength mode
|
2015-04-01 22:30:46 +03:00
|
|
|
if test "$ENABLED_SNIFFER" = "yes" && test "$ENABLED_MAXSTRENGTH" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable maxstrength in sniffer mode.])
|
|
|
|
fi
|
|
|
|
|
2015-03-12 22:07:48 +03:00
|
|
|
ENABLED_SNIFFTEST=no
|
|
|
|
AS_IF([ test "x$ENABLED_SNIFFER" = "xyes" ],
|
|
|
|
[
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SNIFFER -DOPENSSL_EXTRA"
|
|
|
|
AC_CHECK_HEADERS([pcap/pcap.h],
|
|
|
|
[ ENABLED_SNIFFTEST=yes ],
|
|
|
|
[ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]
|
|
|
|
)
|
|
|
|
])
|
2012-10-20 06:00:17 +04:00
|
|
|
|
2013-12-13 02:20:56 +04:00
|
|
|
AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])
|
|
|
|
AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-06-14 08:31:32 +04:00
|
|
|
# AES-GCM
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([aesgcm],
|
2015-04-01 02:23:28 +03:00
|
|
|
[AS_HELP_STRING([--enable-aesgcm],[Enable wolfSSL AES-GCM support (default: enabled)])],
|
2012-06-14 08:31:32 +04:00
|
|
|
[ ENABLED_AESGCM=$enableval ],
|
2015-03-27 21:12:42 +03:00
|
|
|
[ ENABLED_AESGCM=yes ]
|
2012-06-14 08:31:32 +04:00
|
|
|
)
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# leanpsk and leantls don't need gcm
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2015-03-29 21:30:05 +03:00
|
|
|
then
|
|
|
|
ENABLED_AESGCM=no
|
|
|
|
fi
|
|
|
|
|
2012-07-20 01:44:08 +04:00
|
|
|
if test "$ENABLED_AESGCM" = "word32"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DGCM_WORD32"
|
|
|
|
ENABLED_AESGCM=yes
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_AESGCM" = "small"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL"
|
|
|
|
ENABLED_AESGCM=yes
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_AESGCM" = "table"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DGCM_TABLE"
|
|
|
|
ENABLED_AESGCM=yes
|
|
|
|
fi
|
|
|
|
|
2012-06-14 08:31:32 +04:00
|
|
|
if test "$ENABLED_AESGCM" = "yes"
|
|
|
|
then
|
2013-04-02 01:25:20 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
|
2012-06-14 08:31:32 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_AESGCM], [test "x$ENABLED_AESGCM" = "xyes"])
|
|
|
|
|
2013-01-11 04:46:47 +04:00
|
|
|
|
|
|
|
# AES-CCM
|
|
|
|
AC_ARG_ENABLE([aesccm],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-aesccm Enable wolfSSL AES-CCM support (default: disabled)],
|
2013-01-11 04:46:47 +04:00
|
|
|
[ ENABLED_AESCCM=$enableval ],
|
|
|
|
[ ENABLED_AESCCM=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_AESCCM" = "yes"
|
|
|
|
then
|
2013-04-02 01:25:20 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"
|
2013-01-11 04:46:47 +04:00
|
|
|
fi
|
|
|
|
|
2013-01-16 03:20:30 +04:00
|
|
|
AM_CONDITIONAL([BUILD_AESCCM], [test "x$ENABLED_AESCCM" = "xyes"])
|
2013-01-11 04:46:47 +04:00
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# AES-NI
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([aesni],
|
2015-03-29 00:34:39 +03:00
|
|
|
[AS_HELP_STRING([--enable-aesni],[Enable wolfSSL AES-NI support (default: disabled)])],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ ENABLED_AESNI=$enableval ],
|
|
|
|
[ ENABLED_AESNI=no ]
|
|
|
|
)
|
|
|
|
|
2015-03-29 00:34:39 +03:00
|
|
|
# INTEL ASM
|
|
|
|
AC_ARG_ENABLE([intelasm],
|
|
|
|
[AS_HELP_STRING([--enable-intelasm],[Enable All Intel ASM speedups (default: disabled)])],
|
|
|
|
[ ENABLED_INTELASM=$enableval ],
|
|
|
|
[ ENABLED_INTELASM=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes"
|
2011-02-05 22:14:47 +03:00
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
|
2011-02-05 22:14:47 +03:00
|
|
|
if test "$GCC" = "yes"
|
|
|
|
then
|
|
|
|
# GCC needs these flags, icc doesn't
|
2013-04-12 20:29:31 +04:00
|
|
|
# opt levels greater than 2 may cause problems on systems w/o aesni
|
2014-07-10 21:18:49 +04:00
|
|
|
if test "$CC" != "icc"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -maes -msse4"
|
|
|
|
fi
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
2015-10-31 02:03:26 +03:00
|
|
|
AS_IF([test "x$ENABLED_AESGCM" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESGCM"])
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
2015-03-29 00:34:39 +03:00
|
|
|
if test "$ENABLED_INTELASM" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_INTEL_RDGEN -DUSE_INTEL_SPEEDUP"
|
|
|
|
ENABLED_AESNI=yes
|
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-01-18 09:52:31 +04:00
|
|
|
# Camellia
|
|
|
|
AC_ARG_ENABLE([camellia],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-camellia Enable wolfSSL Camellia support (default: disabled)],
|
2013-01-18 09:52:31 +04:00
|
|
|
[ ENABLED_CAMELLIA=$enableval ],
|
|
|
|
[ ENABLED_CAMELLIA=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CAMELLIA" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CAMELLIA"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_CAMELLIA], [test "x$ENABLED_CAMELLIA" = "xyes"])
|
|
|
|
|
|
|
|
|
2012-07-28 01:01:02 +04:00
|
|
|
# MD2
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([md2],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-md2 Enable wolfSSL MD2 support (default: disabled)],
|
2012-07-28 01:01:02 +04:00
|
|
|
[ ENABLED_MD2=$enableval ],
|
|
|
|
[ ENABLED_MD2=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_BUMP" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_MD2="yes"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_MD2" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MD2"
|
2012-07-28 01:01:02 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_MD2], [test "x$ENABLED_MD2" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# NULL CIPHER
|
2013-03-13 05:49:59 +04:00
|
|
|
AC_ARG_ENABLE([nullcipher],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-nullcipher Enable wolfSSL NULL cipher support (default: disabled)],
|
2013-03-13 05:49:59 +04:00
|
|
|
[ ENABLED_NULL_CIPHER=$enableval ],
|
|
|
|
[ ENABLED_NULL_CIPHER=no ]
|
|
|
|
)
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_NULL_CIPHER="yes"
|
|
|
|
fi
|
|
|
|
|
2013-03-13 05:49:59 +04:00
|
|
|
if test "$ENABLED_NULL_CIPHER" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER"
|
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# RIPEMD
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([ripemd],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-ripemd Enable wolfSSL RIPEMD-160 support (default: disabled)],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ ENABLED_RIPEMD=$enableval ],
|
|
|
|
[ ENABLED_RIPEMD=no ]
|
|
|
|
)
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_RIPEMD="yes"
|
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
if test "$ENABLED_RIPEMD" = "yes"
|
|
|
|
then
|
2014-12-19 01:40:09 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RIPEMD"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_RIPEMD], [test "x$ENABLED_RIPEMD" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-01-01 01:10:47 +04:00
|
|
|
# BLAKE2
|
|
|
|
AC_ARG_ENABLE([blake2],
|
2014-12-31 23:04:03 +03:00
|
|
|
[ --enable-blake2 Enable wolfSSL BLAKE2 support (default: disabled)],
|
2013-01-01 01:10:47 +04:00
|
|
|
[ ENABLED_BLAKE2=$enableval ],
|
|
|
|
[ ENABLED_BLAKE2=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_BLAKE2" = "yes"
|
|
|
|
then
|
2013-03-23 00:30:44 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_BLAKE2"
|
2013-01-01 01:10:47 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_BLAKE2], [test "x$ENABLED_BLAKE2" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-03-31 23:28:49 +03:00
|
|
|
# set sha512 default
|
|
|
|
SHA512_DEFAULT=no
|
|
|
|
if test "$host_cpu" = "x86_64"
|
|
|
|
then
|
|
|
|
SHA512_DEFAULT=yes
|
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# SHA512
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([sha512],
|
2015-03-31 23:28:49 +03:00
|
|
|
[AS_HELP_STRING([--enable-sha512],[Enable wolfSSL SHA-512 support (default: enabled on x86_64)])],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ ENABLED_SHA512=$enableval ],
|
2015-03-31 23:28:49 +03:00
|
|
|
[ ENABLED_SHA512=$SHA512_DEFAULT ]
|
2011-02-05 22:14:47 +03:00
|
|
|
)
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# leanpsk and leantls don't need sha512
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2015-04-01 01:55:39 +03:00
|
|
|
then
|
|
|
|
ENABLED_SHA512=no
|
|
|
|
fi
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_SHA512="yes"
|
|
|
|
fi
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
if test "$ENABLED_SHA512" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
2012-05-08 05:19:48 +04:00
|
|
|
if test "$ENABLED_FORTRESS" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_SHA512="yes"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
|
|
|
|
|
|
|
|
|
|
|
|
# SESSION CERTS
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([sessioncerts],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --enable-sessioncerts Enable session cert storing (default: disabled)],
|
|
|
|
[ ENABLED_SESSIONCERTS=$enableval ],
|
|
|
|
[ ENABLED_SESSIONCERTS=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_SESSIONCERTS" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# KEY GENERATION
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([keygen],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --enable-keygen Enable key generation (default: disabled)],
|
|
|
|
[ ENABLED_KEYGEN=$enableval ],
|
|
|
|
[ ENABLED_KEYGEN=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_KEYGEN" = "yes"
|
|
|
|
then
|
2014-12-30 21:00:18 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# CERT GENERATION
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([certgen],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --enable-certgen Enable cert generation (default: disabled)],
|
|
|
|
[ ENABLED_CERTGEN=$enableval ],
|
|
|
|
[ ENABLED_CERTGEN=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CERTGEN" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2014-01-10 23:50:55 +04:00
|
|
|
# CERT REQUEST GENERATION
|
|
|
|
AC_ARG_ENABLE([certreq],
|
|
|
|
[ --enable-certreq Enable cert request generation (default: disabled)],
|
|
|
|
[ ENABLED_CERTREQ=$enableval ],
|
|
|
|
[ ENABLED_CERTREQ=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CERTREQ" = "yes"
|
|
|
|
then
|
|
|
|
if test "$ENABLED_CERTGEN" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable certreq without enabling certgen.])
|
|
|
|
fi
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
|
2014-01-10 23:50:55 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-09-07 10:51:21 +03:00
|
|
|
# CERT REQUEST EXTENSION
|
|
|
|
AC_ARG_ENABLE([certext],
|
|
|
|
[ --enable-certext Enable cert request extensions (default: disabled)],
|
|
|
|
[ ENABLED_CERTEXT=$enableval ],
|
|
|
|
[ ENABLED_CERTEXT=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CERTEXT" = "yes"
|
|
|
|
then
|
2015-09-09 02:44:13 +03:00
|
|
|
if test "$ENABLED_CERTGEN" = "no"
|
2015-09-07 10:51:21 +03:00
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable certext without enabling certgen.])
|
|
|
|
fi
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_EXT"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2013-06-26 03:26:53 +04:00
|
|
|
# SEP
|
|
|
|
AC_ARG_ENABLE([sep],
|
|
|
|
[ --enable-sep Enable sep extensions (default: disabled)],
|
|
|
|
[ ENABLED_SEP=$enableval ],
|
|
|
|
[ ENABLED_SEP=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_SEP" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="-DWOLFSSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS"
|
2013-06-26 03:26:53 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# HKDF
|
2013-11-01 05:03:00 +04:00
|
|
|
AC_ARG_ENABLE([hkdf],
|
|
|
|
[ --enable-hkdf Enable HKDF (HMAC-KDF) support (default: disabled)],
|
|
|
|
[ ENABLED_HKDF=$enableval ],
|
|
|
|
[ ENABLED_HKDF=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_HKDF" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2013-03-13 00:03:42 +04:00
|
|
|
# DSA
|
|
|
|
AC_ARG_ENABLE([dsa],
|
|
|
|
[ --enable-dsa Enable DSA (default: disabled)],
|
|
|
|
[ ENABLED_DSA=$enableval ],
|
|
|
|
[ ENABLED_DSA=no ]
|
|
|
|
)
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_DSA="yes"
|
|
|
|
fi
|
|
|
|
|
2013-03-13 00:03:42 +04:00
|
|
|
if test "$ENABLED_DSA" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_DSA"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_DSA], [test "x$ENABLED_DSA" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-03-31 23:28:49 +03:00
|
|
|
# set ecc default
|
|
|
|
ECC_DEFAULT=no
|
|
|
|
|
|
|
|
if test "$host_cpu" = "x86_64"
|
|
|
|
then
|
|
|
|
ECC_DEFAULT=yes
|
|
|
|
fi
|
|
|
|
|
|
|
|
# ECC
|
2013-03-13 00:03:42 +04:00
|
|
|
AC_ARG_ENABLE([ecc],
|
2015-03-31 23:28:49 +03:00
|
|
|
[AS_HELP_STRING([--enable-ecc],[Enable ECC (default: enabled on x86_64)])],
|
2013-03-13 00:03:42 +04:00
|
|
|
[ ENABLED_ECC=$enableval ],
|
2015-03-31 23:28:49 +03:00
|
|
|
[ ENABLED_ECC=$ECC_DEFAULT ]
|
2013-03-13 00:03:42 +04:00
|
|
|
)
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# lean psk doesn't need ecc
|
2015-04-01 19:37:41 +03:00
|
|
|
if test "$ENABLED_LEANPSK" = "yes"
|
2015-04-01 01:55:39 +03:00
|
|
|
then
|
|
|
|
ENABLED_ECC=no
|
|
|
|
fi
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_ECC="yes"
|
|
|
|
fi
|
|
|
|
|
2013-03-13 00:03:42 +04:00
|
|
|
if test "$ENABLED_ECC" = "yes"
|
|
|
|
then
|
2013-09-05 00:13:10 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
|
2013-03-13 00:03:42 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-06-06 00:39:37 +03:00
|
|
|
# for using memory optimization setting on both curve25519 and ed25519
|
|
|
|
ENABLED_CURVED25519_SMALL=no
|
|
|
|
|
2015-03-24 21:56:40 +03:00
|
|
|
# CURVE25519
|
|
|
|
AC_ARG_ENABLE([curve25519],
|
|
|
|
[AS_HELP_STRING([--enable-curve25519],[Enable Curve25519 (default: disabled)])],
|
|
|
|
[ ENABLED_CURVE25519=$enableval ],
|
|
|
|
[ ENABLED_CURVE25519=no ]
|
2015-02-19 20:59:05 +03:00
|
|
|
)
|
|
|
|
|
2015-06-06 00:39:37 +03:00
|
|
|
|
2015-08-01 19:28:18 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_CURVE25519="yes"
|
|
|
|
fi
|
|
|
|
|
2015-06-06 00:39:37 +03:00
|
|
|
if test "$ENABLED_CURVE25519" = "small"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DCURVED25519_SMALL"
|
|
|
|
ENABLED_CURVED25519_SMALL=yes
|
|
|
|
ENABLED_CURVE25519=yes
|
|
|
|
fi
|
|
|
|
|
2015-03-24 21:56:40 +03:00
|
|
|
if test "$ENABLED_CURVE25519" = "yes"
|
2015-02-19 20:59:05 +03:00
|
|
|
then
|
2015-03-24 21:56:40 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CURVE25519"
|
2015-06-06 00:39:37 +03:00
|
|
|
ENABLED_FEMATH=yes
|
2015-02-19 20:59:05 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-03-24 21:56:40 +03:00
|
|
|
AM_CONDITIONAL([BUILD_CURVE25519], [test "x$ENABLED_CURVE25519" = "xyes"])
|
2015-02-19 20:59:05 +03:00
|
|
|
|
|
|
|
|
2015-03-19 20:40:41 +03:00
|
|
|
# ED25519
|
|
|
|
AC_ARG_ENABLE([ed25519],
|
2015-03-19 22:48:32 +03:00
|
|
|
[AS_HELP_STRING([--enable-ed25519],[Enable ED25519 (default: disabled)])],
|
2015-03-19 20:40:41 +03:00
|
|
|
[ ENABLED_ED25519=$enableval ],
|
|
|
|
[ ENABLED_ED25519=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2015-08-01 19:28:18 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_ED25519="yes"
|
|
|
|
fi
|
|
|
|
|
2015-06-06 00:39:37 +03:00
|
|
|
if test "$ENABLED_ED25519" = "small"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DCURVED25519_SMALL"
|
|
|
|
ENABLED_CURVED25519_SMALL=yes
|
|
|
|
ENABLED_ED25519=yes
|
|
|
|
fi
|
|
|
|
|
2015-03-19 20:40:41 +03:00
|
|
|
if test "$ENABLED_ED25519" = "yes"
|
|
|
|
then
|
|
|
|
if test "$ENABLED_SHA512" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable ed25519 without enabling sha512.])
|
|
|
|
fi
|
|
|
|
ENABLED_FEMATH=yes
|
|
|
|
ENABLED_GEMATH=yes
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_ED25519], [test "x$ENABLED_ED25519" = "xyes"])
|
2015-06-06 00:39:37 +03:00
|
|
|
AM_CONDITIONAL([BUILD_CURVED25519_SMALL], [test "x$ENABLED_CURVED25519_SMALL" = "xyes"])
|
2015-03-19 20:40:41 +03:00
|
|
|
AM_CONDITIONAL([BUILD_FEMATH], [test "x$ENABLED_FEMATH" = "xyes"])
|
|
|
|
AM_CONDITIONAL([BUILD_GEMATH], [test "x$ENABLED_GEMATH" = "xyes"])
|
|
|
|
|
|
|
|
# FP ECC, Fixed Point cache ECC
|
2013-09-07 01:24:31 +04:00
|
|
|
AC_ARG_ENABLE([fpecc],
|
|
|
|
[ --enable-fpecc Enable Fixed Point cache ECC (default: disabled)],
|
|
|
|
[ ENABLED_FPECC=$enableval ],
|
|
|
|
[ ENABLED_FPECC=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_FPECC" = "yes"
|
|
|
|
then
|
2013-11-08 03:59:31 +04:00
|
|
|
if test "$ENABLED_ECC" = "no"
|
|
|
|
then
|
2015-08-13 11:20:47 +03:00
|
|
|
AC_MSG_ERROR([cannot enable fpecc without enabling ecc.])
|
2013-11-08 03:59:31 +04:00
|
|
|
fi
|
2013-09-07 01:24:31 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DFP_ECC"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2013-11-08 03:59:31 +04:00
|
|
|
# ECC encrypt
|
|
|
|
AC_ARG_ENABLE([eccencrypt],
|
|
|
|
[ --enable-eccencrypt Enable ECC encrypt (default: disabled)],
|
|
|
|
[ ENABLED_ECC_ENCRYPT=$enableval ],
|
|
|
|
[ ENABLED_ECC_ENCRYPT=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_ECC_ENCRYPT" = "yes"
|
|
|
|
then
|
|
|
|
if test "$ENABLED_ECC" = "no"
|
|
|
|
then
|
2015-08-13 11:20:47 +03:00
|
|
|
AC_MSG_ERROR([cannot enable eccencrypt without enabling ecc.])
|
2013-11-08 03:59:31 +04:00
|
|
|
fi
|
|
|
|
if test "$ENABLED_HKDF" = "no"
|
|
|
|
then
|
2015-08-13 11:20:47 +03:00
|
|
|
AC_MSG_ERROR([cannot enable eccencrypt without enabling hkdf.])
|
2013-11-08 03:59:31 +04:00
|
|
|
fi
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# PSK
|
2013-03-12 23:48:41 +04:00
|
|
|
AC_ARG_ENABLE([psk],
|
|
|
|
[ --enable-psk Enable PSK (default: disabled)],
|
|
|
|
[ ENABLED_PSK=$enableval ],
|
|
|
|
[ ENABLED_PSK=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2013-03-13 22:27:14 +04:00
|
|
|
# ERROR STRINGS
|
|
|
|
AC_ARG_ENABLE([errorstrings],
|
|
|
|
[ --enable-errorstrings Enable error strings table (default: enabled)],
|
|
|
|
[ ENABLED_ERROR_STRINGS=$enableval ],
|
|
|
|
[ ENABLED_ERROR_STRINGS=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_ERROR_STRINGS" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off error strings if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-13 22:27:14 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
|
|
|
|
ENABLED_ERROR_STRINGS=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# OLD TLS
|
2013-03-13 22:49:11 +04:00
|
|
|
AC_ARG_ENABLE([oldtls],
|
|
|
|
[ --enable-oldtls Enable old TLS versions < 1.2 (default: enabled)],
|
|
|
|
[ ENABLED_OLD_TLS=$enableval ],
|
|
|
|
[ ENABLED_OLD_TLS=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_OLD_TLS" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off old if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-13 22:49:11 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
|
|
|
|
ENABLED_OLD_TLS=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# SSLv3
|
|
|
|
AC_ARG_ENABLE([sslv3],
|
2015-08-20 14:22:30 +03:00
|
|
|
[AS_HELP_STRING([--enable-sslv3],[Enable SSL version 3.0 (default: disabled)])],
|
2015-08-13 11:20:47 +03:00
|
|
|
[ ENABLED_SSLV3=$enableval ],
|
|
|
|
[ ENABLED_SSLV3=no]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_SSLV3" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_SSLV3"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# STACK SIZE info for examples
|
2013-03-28 22:28:38 +04:00
|
|
|
AC_ARG_ENABLE([stacksize],
|
|
|
|
[ --enable-stacksize Enable stack size info on examples (default: disabled)],
|
|
|
|
[ ENABLED_STACKSIZE=$enableval ],
|
|
|
|
[ ENABLED_STACKSIZE=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_STACKSIZE" = "yes"
|
|
|
|
then
|
|
|
|
AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
|
2013-06-20 00:04:43 +04:00
|
|
|
AC_CHECK_FUNC([pthread_attr_setstack], [], AC_CHECK_LIB([pthread],[pthread_attr_setstack]))
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DWOLFSSL_LOW_MEMORY"
|
2013-03-28 22:28:38 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# MEMORY
|
2013-03-13 00:31:14 +04:00
|
|
|
AC_ARG_ENABLE([memory],
|
|
|
|
[ --enable-memory Enable memory callbacks (default: enabled)],
|
|
|
|
[ ENABLED_MEMORY=$enableval ],
|
|
|
|
[ ENABLED_MEMORY=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_MEMORY" = "no"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_WOLFSSL_MEMORY"
|
2013-03-13 00:31:14 +04:00
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off memory cb if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-13 00:31:14 +04:00
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
# but don't turn on NO_WOLFSSL_MEMORY because using own
|
2013-03-13 00:31:14 +04:00
|
|
|
ENABLED_MEMORY=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_MEMORY], [test "x$ENABLED_MEMORY" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# RSA
|
2013-03-11 23:49:59 +04:00
|
|
|
AC_ARG_ENABLE([rsa],
|
|
|
|
[ --enable-rsa Enable RSA (default: enabled)],
|
|
|
|
[ ENABLED_RSA=$enableval ],
|
|
|
|
[ ENABLED_RSA=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_RSA" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off RSA if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-11 23:49:59 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
|
|
|
|
ENABLED_RSA=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_RSA], [test "x$ENABLED_RSA" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-03-13 00:03:42 +04:00
|
|
|
# DH
|
|
|
|
AC_ARG_ENABLE([dh],
|
2015-04-01 02:23:28 +03:00
|
|
|
[AS_HELP_STRING([--enable-dh],[Enable DH (default: enabled)])],
|
2013-03-13 00:03:42 +04:00
|
|
|
[ ENABLED_DH=$enableval ],
|
2015-03-27 20:23:15 +03:00
|
|
|
[ ENABLED_DH=yes ]
|
2013-03-13 00:03:42 +04:00
|
|
|
)
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_DH="yes"
|
|
|
|
fi
|
|
|
|
|
2013-03-13 00:03:42 +04:00
|
|
|
if test "$ENABLED_DH" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_DH"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off DH if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-13 00:03:42 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_DH"
|
|
|
|
ENABLED_DH=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_DH], [test "x$ENABLED_DH" = "xyes"])
|
|
|
|
|
|
|
|
|
2014-12-01 22:44:32 +03:00
|
|
|
# Anonymous
|
|
|
|
AC_ARG_ENABLE([anon],
|
|
|
|
[AS_HELP_STRING([--enable-anon],[Enable Anonymous (default: disabled)])],
|
|
|
|
[ ENABLED_ANON=$enableval ],
|
|
|
|
[ ENABLED_ANON=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
if test "x$ENABLED_ANON" = "xyes"
|
|
|
|
then
|
|
|
|
if test "x$ENABLED_DH" != "xyes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([Anonymous suite requires DH.])
|
|
|
|
fi
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ANON"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2013-03-12 23:48:41 +04:00
|
|
|
# ASN
|
2015-03-28 00:28:05 +03:00
|
|
|
# turn off asn, which means no certs, no rsa, no dsa, no ecc,
|
|
|
|
# and no big int (unless dh is on)
|
2013-03-12 23:48:41 +04:00
|
|
|
AC_ARG_ENABLE([asn],
|
|
|
|
[ --enable-asn Enable ASN (default: enabled)],
|
|
|
|
[ ENABLED_ASN=$enableval ],
|
|
|
|
[ ENABLED_ASN=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_ASN" = "no"
|
|
|
|
then
|
2015-03-28 00:28:05 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS"
|
2016-02-10 19:53:09 +03:00
|
|
|
if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" == "no"
|
2015-03-28 00:28:05 +03:00
|
|
|
then
|
2016-02-11 00:03:53 +03:00
|
|
|
# DH and ECC need bigint
|
2015-03-28 00:28:05 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_BIG_INT"
|
|
|
|
fi
|
2013-03-12 23:48:41 +04:00
|
|
|
else
|
|
|
|
# turn off ASN if leanpsk on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes"
|
|
|
|
then
|
2013-03-13 02:14:03 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
|
2013-03-12 23:48:41 +04:00
|
|
|
ENABLED_ASN=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_RSA" = "yes" && test "$ENABLED_ASN" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please disable rsa if disabling asn.])
|
|
|
|
fi
|
|
|
|
|
2013-03-13 00:03:42 +04:00
|
|
|
if test "$ENABLED_DSA" = "yes" && test "$ENABLED_ASN" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please disable dsa if disabling asn.])
|
|
|
|
fi
|
|
|
|
|
2016-02-11 00:03:53 +03:00
|
|
|
# DH and ECC need bigint
|
2016-02-10 19:53:09 +03:00
|
|
|
if test "$ENABLED_ASN" = "no" && test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no"
|
2013-03-13 02:14:03 +04:00
|
|
|
then
|
|
|
|
ENABLED_FASTMATH=no
|
|
|
|
ENABLED_SLOWMATH=no
|
|
|
|
fi
|
|
|
|
|
2013-03-12 23:48:41 +04:00
|
|
|
AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-03-12 04:07:37 +04:00
|
|
|
# AES
|
|
|
|
AC_ARG_ENABLE([aes],
|
|
|
|
[ --enable-aes Enable AES (default: enabled)],
|
|
|
|
[ ENABLED_AES=$enableval ],
|
|
|
|
[ ENABLED_AES=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_AES" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_AES"
|
2015-07-17 18:30:25 +03:00
|
|
|
if test "$ENABLED_FORTRESS" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([fortress requires aes])
|
|
|
|
fi
|
2015-07-17 00:31:36 +03:00
|
|
|
if test "$ENABLED_ECC_ENCRYPT" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable eccencrypt and hkdf without aes.])
|
|
|
|
fi
|
2015-03-28 07:30:27 +03:00
|
|
|
if test "$ENABLED_AESGCM" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([AESGCM requires AES.])
|
|
|
|
fi
|
|
|
|
if test "$ENABLED_AESCCM" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([AESCCM requires AES.])
|
|
|
|
fi
|
2013-03-12 04:07:37 +04:00
|
|
|
else
|
|
|
|
# turn off AES if leanpsk on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_AES"
|
|
|
|
ENABLED_AES=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_AES], [test "x$ENABLED_AES" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-03-13 00:12:10 +04:00
|
|
|
# CODING
|
|
|
|
AC_ARG_ENABLE([coding],
|
|
|
|
[ --enable-coding Enable Coding base 16/64 (default: enabled)],
|
|
|
|
[ ENABLED_CODING=$enableval ],
|
|
|
|
[ ENABLED_CODING=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CODING" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
|
|
|
|
else
|
|
|
|
# turn off CODING if leanpsk on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
|
|
|
|
ENABLED_CODING=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_CODING], [test "x$ENABLED_CODING" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-03-12 20:46:15 +04:00
|
|
|
# DES3
|
|
|
|
AC_ARG_ENABLE([des3],
|
|
|
|
[ --enable-des3 Enable DES3 (default: enabled)],
|
|
|
|
[ ENABLED_DES3=$enableval ],
|
|
|
|
[ ENABLED_DES3=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_DES3" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off DES3 if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-12 20:46:15 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
|
|
|
|
ENABLED_DES3=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_DES3], [test "x$ENABLED_DES3" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-09-23 17:16:39 +03:00
|
|
|
# IDEA
|
|
|
|
AC_ARG_ENABLE([idea],
|
2015-09-24 00:42:48 +03:00
|
|
|
[AS_HELP_STRING([--enable-idea],[Enable IDEA Cipher (default: disabled)])],
|
2015-09-23 17:16:39 +03:00
|
|
|
[ ENABLED_IDEA=$enableval ],
|
|
|
|
[ ENABLED_IDEA=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_IDEA" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_IDEA"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_IDEA], [test "x$ENABLED_IDEA" = "xyes"])
|
|
|
|
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# ARC4
|
2013-03-12 04:13:24 +04:00
|
|
|
AC_ARG_ENABLE([arc4],
|
2015-03-31 18:42:32 +03:00
|
|
|
[ --enable-arc4 Enable ARC4 (default: disabled)],
|
2013-03-12 04:13:24 +04:00
|
|
|
[ ENABLED_ARC4=$enableval ],
|
2015-03-27 20:17:22 +03:00
|
|
|
[ ENABLED_ARC4=no ]
|
2013-03-12 04:13:24 +04:00
|
|
|
)
|
|
|
|
|
2015-07-17 19:14:58 +03:00
|
|
|
if test "$ENABLED_OPENSSH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_ARC4="yes"
|
|
|
|
fi
|
|
|
|
|
2013-03-12 04:13:24 +04:00
|
|
|
if test "$ENABLED_ARC4" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off ARC4 if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-12 04:13:24 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
|
|
|
|
ENABLED_ARC4=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_RC4], [test "x$ENABLED_ARC4" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# MD5
|
2013-03-12 04:37:08 +04:00
|
|
|
AC_ARG_ENABLE([md5],
|
|
|
|
[ --enable-md5 Enable MD5 (default: enabled)],
|
|
|
|
[ ENABLED_MD5=$enableval ],
|
|
|
|
[ ENABLED_MD5=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_MD5" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off MD5 if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-12 04:37:08 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
|
|
|
|
ENABLED_MD5=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_MD5], [test "x$ENABLED_MD5" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# SHA
|
2013-03-12 04:53:38 +04:00
|
|
|
AC_ARG_ENABLE([sha],
|
|
|
|
[ --enable-sha Enable SHA (default: enabled)],
|
|
|
|
[ ENABLED_SHA=$enableval ],
|
|
|
|
[ ENABLED_SHA=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_SHA" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
|
|
|
|
else
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# turn off SHA if leanpsk or leantls on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2013-03-12 04:53:38 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
|
|
|
|
ENABLED_SHA=no
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_SHA], [test "x$ENABLED_SHA" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Web Server Build
|
2014-03-04 00:18:26 +04:00
|
|
|
AC_ARG_ENABLE([webserver],
|
|
|
|
[ --enable-webserver Enable Web Server (default: disabled)],
|
|
|
|
[ ENABLED_WEBSERVER=$enableval ],
|
|
|
|
[ ENABLED_WEBSERVER=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_WEBSERVER" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2013-03-12 04:01:05 +04:00
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# HC128
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([hc128],
|
2011-09-29 00:19:05 +04:00
|
|
|
[ --enable-hc128 Enable HC-128 (default: disabled)],
|
2011-08-25 04:39:23 +04:00
|
|
|
[ ENABLED_HC128=$enableval ],
|
|
|
|
[ ENABLED_HC128=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_HC128" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_HC128"
|
2011-09-29 00:19:05 +04:00
|
|
|
else
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128"
|
2011-08-25 04:39:23 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
|
2012-10-23 04:28:46 +04:00
|
|
|
# RABBIT
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([rabbit],
|
2012-10-23 04:28:46 +04:00
|
|
|
[ --enable-rabbit Enable RABBIT (default: disabled)],
|
|
|
|
[ ENABLED_RABBIT=$enableval ],
|
|
|
|
[ ENABLED_RABBIT=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_RABBIT" = "no"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT"
|
|
|
|
else
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-03-06 20:15:33 +03:00
|
|
|
# FIPS
|
2014-03-19 20:43:57 +04:00
|
|
|
AC_ARG_ENABLE([fips],
|
2015-03-12 22:25:39 +03:00
|
|
|
[AS_HELP_STRING([--enable-fips],[Enable FIPS 140-2, Will NOT work w/o FIPS license (default: disabled)])],
|
2014-03-19 20:43:57 +04:00
|
|
|
[ ENABLED_FIPS=$enableval ],
|
|
|
|
[ ENABLED_FIPS=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_FIPS" = "xyes"
|
|
|
|
then
|
2014-03-28 01:03:12 +04:00
|
|
|
# requires thread local storage
|
2014-03-19 21:19:08 +04:00
|
|
|
if test "$thread_ls_on" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([FIPS requires Thread Local Storage])
|
|
|
|
fi
|
2014-03-28 01:03:12 +04:00
|
|
|
# requires SHA512
|
|
|
|
if test "x$ENABLED_SHA512" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_SHA512="yes"
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
|
2014-03-28 01:03:12 +04:00
|
|
|
AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
|
|
|
|
fi
|
2014-10-28 01:52:22 +03:00
|
|
|
# requires AESGCM
|
|
|
|
if test "x$ENABLED_AESGCM" != "xyes"
|
|
|
|
then
|
|
|
|
ENABLED_AESGCM="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
|
|
|
|
AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
|
|
|
|
fi
|
2014-03-19 20:43:57 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-04-12 21:01:16 +03:00
|
|
|
# set POLY1305 default
|
|
|
|
POLY1305_DEFAULT=yes
|
|
|
|
|
|
|
|
if test "x$ENABLED_FIPS" = "xyes"
|
|
|
|
then
|
|
|
|
POLY1305_DEFAULT=no
|
|
|
|
fi
|
|
|
|
|
|
|
|
# POLY1305
|
|
|
|
AC_ARG_ENABLE([poly1305],
|
|
|
|
[AS_HELP_STRING([--enable-poly1305],[Enable wolfSSL POLY1305 support (default: enabled)])],
|
|
|
|
[ ENABLED_POLY1305=$enableval ],
|
|
|
|
[ ENABLED_POLY1305=$POLY1305_DEFAULT]
|
|
|
|
)
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# leanpsk and leantls don't need poly1305
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2015-04-12 21:01:16 +03:00
|
|
|
then
|
|
|
|
ENABLED_POLY1305=no
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_POLY1305" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_POLY1305 -DHAVE_ONE_TIME_AUTH"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_POLY1305], [test "x$ENABLED_POLY1305" = "xyes"])
|
|
|
|
|
|
|
|
|
|
|
|
# set CHACHA default
|
|
|
|
CHACHA_DEFAULT=yes
|
|
|
|
|
|
|
|
if test "x$ENABLED_FIPS" = "xyes"
|
|
|
|
then
|
|
|
|
CHACHA_DEFAULT=no
|
|
|
|
fi
|
|
|
|
|
|
|
|
# CHACHA
|
|
|
|
AC_ARG_ENABLE([chacha],
|
|
|
|
[ --enable-chacha Enable CHACHA (default: enabled)],
|
|
|
|
[ ENABLED_CHACHA=$enableval ],
|
|
|
|
[ ENABLED_CHACHA=$CHACHA_DEFAULT]
|
|
|
|
)
|
|
|
|
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
# leanpsk and leantls don't need chacha
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
|
2015-04-12 21:01:16 +03:00
|
|
|
then
|
|
|
|
ENABLED_CHACHA=no
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_CHACHA" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CHACHA"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_CHACHA], [test "x$ENABLED_CHACHA" = "xyes"])
|
|
|
|
|
|
|
|
|
2014-05-07 22:54:12 +04:00
|
|
|
# Hash DRBG
|
|
|
|
AC_ARG_ENABLE([hashdrbg],
|
2014-12-01 20:12:26 +03:00
|
|
|
[ --enable-hashdrbg Enable Hash DRBG support (default: enabled)],
|
2014-05-07 22:54:12 +04:00
|
|
|
[ ENABLED_HASHDRBG=$enableval ],
|
2014-12-01 20:12:26 +03:00
|
|
|
[ ENABLED_HASHDRBG=yes ]
|
2014-05-07 22:54:12 +04:00
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_HASHDRBG" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
|
|
|
|
else
|
|
|
|
# turn on Hash DRBG if FIPS is on or ARC4 is off
|
|
|
|
if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
|
|
|
|
ENABLED_HASHDRBG=yes
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Filesystem Build
|
2013-03-13 23:14:05 +04:00
|
|
|
AC_ARG_ENABLE([filesystem],
|
2013-06-01 04:57:08 +04:00
|
|
|
[ --enable-filesystem Enable Filesystem support (default: enabled)],
|
2013-03-13 23:14:05 +04:00
|
|
|
[ ENABLED_FILESYSTEM=$enableval ],
|
|
|
|
[ ENABLED_FILESYSTEM=yes ]
|
2011-06-30 21:07:49 +04:00
|
|
|
)
|
|
|
|
|
2013-03-13 23:14:05 +04:00
|
|
|
if test "$ENABLED_FILESYSTEM" = "no"
|
2011-06-30 21:07:49 +04:00
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
|
2013-03-13 23:14:05 +04:00
|
|
|
else
|
|
|
|
# turn off filesystem if leanpsk on
|
|
|
|
if test "$ENABLED_LEANPSK" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
|
|
|
|
ENABLED_FILESYSTEM=no
|
|
|
|
fi
|
2011-06-30 21:07:49 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# inline Build
|
2013-03-13 23:25:34 +04:00
|
|
|
AC_ARG_ENABLE([inline],
|
2013-05-10 23:34:00 +04:00
|
|
|
[ --enable-inline Enable inline functions (default: enabled)],
|
2013-03-13 23:25:34 +04:00
|
|
|
[ ENABLED_INLINE=$enableval ],
|
|
|
|
[ ENABLED_INLINE=yes ]
|
2011-08-03 21:59:08 +04:00
|
|
|
)
|
|
|
|
|
2013-03-13 23:25:34 +04:00
|
|
|
if test "$ENABLED_INLINE" = "no"
|
2011-08-03 21:59:08 +04:00
|
|
|
then
|
2011-08-25 22:41:14 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_INLINE"
|
2011-08-03 21:59:08 +04:00
|
|
|
fi
|
|
|
|
|
2013-03-13 23:25:34 +04:00
|
|
|
AM_CONDITIONAL([BUILD_INLINE], [test "x$ENABLED_INLINE" = "xyes"])
|
2011-06-07 20:02:36 +04:00
|
|
|
|
|
|
|
|
2016-02-23 20:13:52 +03:00
|
|
|
# OCSP
|
|
|
|
AC_ARG_ENABLE([ocsp],
|
|
|
|
[ --enable-ocsp Enable OCSP (default: disabled)],
|
|
|
|
[ ENABLED_OCSP=$enableval ],
|
|
|
|
[ ENABLED_OCSP=no ],
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_OCSP" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
|
|
|
|
|
|
|
|
|
|
|
if test "$ENABLED_OCSP" = "yes"
|
|
|
|
then
|
|
|
|
# check openssl command tool for testing ocsp
|
|
|
|
AC_CHECK_PROG([HAVE_OPENSSL_CMD],[openssl],[yes],[no])
|
|
|
|
|
|
|
|
if test "$HAVE_OPENSSL_CMD" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD"
|
|
|
|
else
|
|
|
|
AC_MSG_WARN([openssl command line tool not available for testing ocsp])
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-12-30 23:10:25 +03:00
|
|
|
# Certificate Status Request : a.k.a. OCSP Stapling
|
|
|
|
AC_ARG_ENABLE([ocspstapling],
|
|
|
|
[AS_HELP_STRING([--enable-ocspstapling],[Enable OCSP Stapling (default: disabled)])],
|
|
|
|
[ ENABLED_CERTIFICATE_STATUS_REQUEST=$enableval ],
|
|
|
|
[ ENABLED_CERTIFICATE_STATUS_REQUEST=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_CERTIFICATE_STATUS_REQUEST" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_CERTIFICATE_STATUS_REQUEST"
|
2016-02-23 20:13:52 +03:00
|
|
|
|
|
|
|
# Requires OCSP make sure on
|
|
|
|
if test "x$ENABLED_OCSP" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OCSP="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
|
|
|
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
|
|
|
fi
|
2015-12-30 23:10:25 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_OCSP_STAPLING], [test "x$ENABLED_CERTIFICATE_STATUS_REQUEST" = "xyes"])
|
|
|
|
|
|
|
|
# Certificate Status Request v2 : a.k.a. OCSP stapling v2
|
|
|
|
AC_ARG_ENABLE([ocspstapling2],
|
|
|
|
[AS_HELP_STRING([--enable-ocspstapling2],[Enable OCSP Stapling v2 (default: disabled)])],
|
|
|
|
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=$enableval ],
|
|
|
|
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_CERTIFICATE_STATUS_REQUEST_V2" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_CERTIFICATE_STATUS_REQUEST_V2"
|
|
|
|
|
2016-02-23 20:13:52 +03:00
|
|
|
# Requires OCSP make sure on
|
|
|
|
if test "x$ENABLED_OCSP" = "xno"
|
2015-12-30 23:10:25 +03:00
|
|
|
then
|
2016-02-23 20:13:52 +03:00
|
|
|
ENABLED_OCSP="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
|
|
|
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
2015-12-30 23:10:25 +03:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2016-02-23 20:13:52 +03:00
|
|
|
AM_CONDITIONAL([BUILD_OCSP_STAPLING_V2], [test "x$ENABLED_CERTIFICATE_STATUS_REQUEST_V2" = "xyes"])
|
2015-12-30 23:10:25 +03:00
|
|
|
|
2015-07-21 22:56:47 +03:00
|
|
|
# CRL
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([crl],
|
2012-05-11 23:22:16 +04:00
|
|
|
[ --enable-crl Enable CRL (default: disabled)],
|
|
|
|
[ ENABLED_CRL=$enableval ],
|
|
|
|
[ ENABLED_CRL=no ],
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CRL" = "yes"
|
|
|
|
then
|
2012-06-05 22:31:00 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
|
2012-05-11 23:22:16 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
|
|
|
|
|
2012-06-05 22:31:00 +04:00
|
|
|
# CRL Monitor
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([crl-monitor],
|
2012-06-05 22:31:00 +04:00
|
|
|
[ --enable-crl-monitor Enable CRL Monitor (default: disabled)],
|
|
|
|
[ ENABLED_CRL_MONITOR=$enableval ],
|
|
|
|
[ ENABLED_CRL_MONITOR=no ],
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_CRL_MONITOR" = "yes"
|
|
|
|
then
|
2012-11-16 22:47:13 +04:00
|
|
|
case $host_os in
|
2012-11-17 01:25:45 +04:00
|
|
|
*linux* | *darwin* | *freebsd*)
|
2012-11-16 22:47:13 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;;
|
|
|
|
*)
|
2012-11-17 01:25:45 +04:00
|
|
|
AC_MSG_ERROR([crl monitor only allowed on linux, OS X, or freebsd]) ;;
|
2012-11-16 22:47:13 +04:00
|
|
|
esac
|
2012-06-05 22:31:00 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-09-28 19:06:30 +03:00
|
|
|
# USER CRYPTO
|
|
|
|
ENABLED_USER_CRYPTO="no"
|
|
|
|
ENABLED_USER_RSA="no"
|
|
|
|
AC_DEFINE([BUILD_USER_RSA], [], [User RSA is being defined])
|
|
|
|
trycryptodir=""
|
|
|
|
AC_ARG_WITH([user-crypto],
|
|
|
|
[AS_HELP_STRING([--with-user-crypto=PATH],[Path to USER_CRYPTO install (default /usr/local)])],
|
|
|
|
[
|
|
|
|
CPPFLAGS="$CPPFLAGS -DHAVE_USER_CRYPTO"
|
|
|
|
LIBS="$LIBS -lusercrypto"
|
|
|
|
|
|
|
|
if test "x$withval" != "xno" ; then
|
|
|
|
trycryptodir=$withval
|
|
|
|
fi
|
|
|
|
if test "x$withval" == "xyes" ; then
|
|
|
|
trycryptodir="/usr/local"
|
|
|
|
fi
|
|
|
|
|
|
|
|
LDFLAGS="$LDFLAGS -L$trycryptodir/lib"
|
|
|
|
CPPFLAGS="$CPPFLAGS -I$trycryptodir/include"
|
|
|
|
|
|
|
|
#Look for RSA Init function in usercrypto lib
|
|
|
|
AC_CHECK_LIB([usercrypto], [wc_InitRsaKey], [user_rsa_linked=yes], [user_rsa_linked=no])
|
|
|
|
|
|
|
|
if test "x$user_rsa_linked" == "xyes" ; then
|
|
|
|
AC_MSG_NOTICE([User user_rsa.h being used])
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_USER_RSA"
|
|
|
|
ENABLED_USER_RSA=yes
|
|
|
|
ENABLED_USER_CRYPTO=yes
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
#Display check and find result of link attempts
|
|
|
|
AC_MSG_CHECKING([for USER_CRYPTO])
|
|
|
|
if test "x$ENABLED_USER_CRYPTO" == "xno" ; then
|
|
|
|
AC_MSG_RESULT([no])
|
|
|
|
AC_MSG_ERROR([USER_CRYPTO not found. Either move to /usr/include and /usr/lib or
|
|
|
|
Specify its path using --with-user-crypto=/dir/])
|
|
|
|
else
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
# Check if .la is available if not then rely on exported path
|
|
|
|
AC_CHECK_FILE($trycryptodir/lib/libusercrypto.la, [LIB_ADD="$trycryptodir/lib/libusercrypto.la $LIB_ADD"], [LIB_ADD="-lusercrypto $LIB_ADD"])
|
|
|
|
AM_LDFLAGS="$AM_LDFLAGS -L$trycryptodir/lib"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_USER_CRYPTO"
|
|
|
|
fi
|
|
|
|
]
|
|
|
|
)
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_USER_RSA], [test "x$ENABLED_USER_RSA" == "xyes"] )
|
|
|
|
AM_CONDITIONAL([BUILD_USER_CRYPTO], [test "x$ENABLED_USER_CRYPTO" = "xyes"])
|
|
|
|
|
|
|
|
if test "$ENABLED_USER_CRYPTO" = "yes" && test "$ENABLED_FIPS" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable user crypto and fips, user crypto posibility of using code in fips boundary.])
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# NTRU
|
2014-07-10 21:18:49 +04:00
|
|
|
ENABLED_NTRU="no"
|
|
|
|
tryntrudir=""
|
|
|
|
AC_ARG_WITH([ntru],
|
2015-09-28 19:06:30 +03:00
|
|
|
[AS_HELP_STRING([--with-ntru=PATH],[Path to NTRU install (default /usr/)])],
|
2014-07-10 21:18:49 +04:00
|
|
|
[
|
|
|
|
AC_MSG_CHECKING([for NTRU])
|
2015-07-07 18:55:58 +03:00
|
|
|
CPPFLAGS="$CPPFLAGS -DHAVE_NTRU -DHAVE_QSH -DHAVE_TLS_EXTENSIONS"
|
2015-07-16 22:43:50 +03:00
|
|
|
LIBS="$LIBS -lntruencrypt"
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2015-07-16 22:43:50 +03:00
|
|
|
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <libntruencrypt/ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
|
2014-07-10 21:18:49 +04:00
|
|
|
|
|
|
|
if test "x$ntru_linked" == "xno" ; then
|
|
|
|
if test "x$withval" != "xno" ; then
|
|
|
|
tryntrudir=$withval
|
|
|
|
fi
|
|
|
|
if test "x$withval" == "xyes" ; then
|
|
|
|
tryntrudir="/usr"
|
|
|
|
fi
|
|
|
|
|
2015-09-28 19:06:30 +03:00
|
|
|
LDFLAGS="$AM_LDFLAGS $LDFLAGS -L$tryntrudir/lib"
|
2014-07-10 21:18:49 +04:00
|
|
|
CPPFLAGS="$CPPFLAGS -I$tryntrudir/include"
|
|
|
|
|
2015-07-16 22:43:50 +03:00
|
|
|
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <libntruencrypt/ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
|
2014-07-10 21:18:49 +04:00
|
|
|
|
|
|
|
if test "x$ntru_linked" == "xno" ; then
|
|
|
|
AC_MSG_ERROR([NTRU isn't found.
|
|
|
|
If it's already installed, specify its path using --with-ntru=/dir/])
|
|
|
|
fi
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
|
|
|
|
else
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
fi
|
|
|
|
|
2015-07-07 18:55:58 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -DHAVE_QSH -DHAVE_TLS_EXTENSIONS"
|
2014-07-10 21:18:49 +04:00
|
|
|
ENABLED_NTRU="yes"
|
|
|
|
]
|
|
|
|
)
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
|
|
|
|
|
2011-06-07 20:02:36 +04:00
|
|
|
|
2013-05-22 01:37:50 +04:00
|
|
|
# SNI
|
|
|
|
AC_ARG_ENABLE([sni],
|
|
|
|
[ --enable-sni Enable SNI (default: disabled)],
|
|
|
|
[ ENABLED_SNI=$enableval ],
|
|
|
|
[ ENABLED_SNI=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_SNI" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI"
|
|
|
|
fi
|
|
|
|
|
2013-06-19 22:45:06 +04:00
|
|
|
# Maximum Fragment Length
|
|
|
|
AC_ARG_ENABLE([maxfragment],
|
2013-06-26 03:26:53 +04:00
|
|
|
[ --enable-maxfragment Enable Maximum Fragment Length (default: disabled)],
|
2013-06-19 22:45:06 +04:00
|
|
|
[ ENABLED_MAX_FRAGMENT=$enableval ],
|
|
|
|
[ ENABLED_MAX_FRAGMENT=no ]
|
|
|
|
)
|
|
|
|
|
2015-10-14 01:00:53 +03:00
|
|
|
# ALPN
|
|
|
|
AC_ARG_ENABLE([alpn],
|
|
|
|
[ --enable-alpn Enable ALPN (default: disabled)],
|
|
|
|
[ ENABLED_ALPN=$enableval ],
|
|
|
|
[ ENABLED_ALPN=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_ALPN" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_ALPN"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Maximum Fragment Length
|
2013-06-19 22:45:06 +04:00
|
|
|
if test "x$ENABLED_MAX_FRAGMENT" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_MAX_FRAGMENT"
|
|
|
|
fi
|
|
|
|
|
2013-07-23 22:42:43 +04:00
|
|
|
# Truncated HMAC
|
|
|
|
AC_ARG_ENABLE([truncatedhmac],
|
|
|
|
[ --enable-truncatedhmac Enable Truncated HMAC (default: disabled)],
|
|
|
|
[ ENABLED_TRUNCATED_HMAC=$enableval ],
|
|
|
|
[ ENABLED_TRUNCATED_HMAC=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_TRUNCATED_HMAC" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC"
|
|
|
|
fi
|
|
|
|
|
2014-09-17 03:33:17 +04:00
|
|
|
# Renegotiation Indication - (FAKE Secure Renegotiation)
|
2014-01-21 18:36:06 +04:00
|
|
|
AC_ARG_ENABLE([renegotiation-indication],
|
2015-03-12 22:25:39 +03:00
|
|
|
[AS_HELP_STRING([--enable-renegotiation-indication],[Enable Renegotiation Indication (default: disabled)])],
|
2014-01-21 18:36:06 +04:00
|
|
|
[ ENABLED_RENEGOTIATION_INDICATION=$enableval ],
|
|
|
|
[ ENABLED_RENEGOTIATION_INDICATION=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
|
|
|
|
then
|
2014-09-06 01:29:18 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_RENEGOTIATION_INDICATION"
|
2014-01-21 18:36:06 +04:00
|
|
|
fi
|
|
|
|
|
2014-09-17 03:33:17 +04:00
|
|
|
# Secure Renegotiation
|
|
|
|
AC_ARG_ENABLE([secure-renegotiation],
|
2015-03-12 22:25:39 +03:00
|
|
|
[AS_HELP_STRING([--enable-secure-renegotiation],[Enable Secure Renegotiation (default: disabled)])],
|
2014-09-17 03:33:17 +04:00
|
|
|
[ ENABLED_SECURE_RENEGOTIATION=$enableval ],
|
|
|
|
[ ENABLED_SECURE_RENEGOTIATION=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_SECURE_RENEGOTIATION" = "xyes"
|
|
|
|
then
|
2014-10-02 21:18:11 +04:00
|
|
|
if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([cannot enable renegotiation-indication and secure-renegotiation.])
|
|
|
|
fi
|
2014-09-17 03:33:17 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SECURE_RENEGOTIATION"
|
|
|
|
fi
|
|
|
|
|
2014-02-03 23:11:57 +04:00
|
|
|
# Supported Elliptic Curves Extensions
|
|
|
|
AC_ARG_ENABLE([supportedcurves],
|
2015-03-12 22:25:39 +03:00
|
|
|
[AS_HELP_STRING([--enable-supportedcurves],[Enable Supported Elliptic Curves (default: disabled)])],
|
2014-02-03 23:11:57 +04:00
|
|
|
[ ENABLED_SUPPORTED_CURVES=$enableval ],
|
|
|
|
[ ENABLED_SUPPORTED_CURVES=no ]
|
2013-08-26 19:44:50 +04:00
|
|
|
)
|
|
|
|
|
2014-02-03 23:11:57 +04:00
|
|
|
if test "x$ENABLED_SUPPORTED_CURVES" = "xyes"
|
2013-08-26 19:44:50 +04:00
|
|
|
then
|
2014-02-03 23:11:57 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES"
|
2013-08-26 19:44:50 +04:00
|
|
|
fi
|
|
|
|
|
2014-09-29 23:43:28 +04:00
|
|
|
# Session Ticket Extension
|
|
|
|
AC_ARG_ENABLE([session-ticket],
|
2015-03-12 22:25:39 +03:00
|
|
|
[AS_HELP_STRING([--enable-session-ticket],[Enable Session Ticket (default: disabled)])],
|
2014-09-29 23:43:28 +04:00
|
|
|
[ ENABLED_SESSION_TICKET=$enableval ],
|
|
|
|
[ ENABLED_SESSION_TICKET=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_SESSION_TICKET" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SESSION_TICKET"
|
|
|
|
fi
|
|
|
|
|
2013-06-19 22:45:06 +04:00
|
|
|
# TLS Extensions
|
|
|
|
AC_ARG_ENABLE([tlsx],
|
|
|
|
[ --enable-tlsx Enable all TLS Extensions (default: disabled)],
|
|
|
|
[ ENABLED_TLSX=$enableval ],
|
|
|
|
[ ENABLED_TLSX=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_TLSX" = "xyes"
|
|
|
|
then
|
2013-07-23 22:42:43 +04:00
|
|
|
ENABLED_SNI=yes
|
|
|
|
ENABLED_MAX_FRAGMENT=yes
|
2013-12-02 23:01:55 +04:00
|
|
|
ENABLED_TRUNCATED_HMAC=yes
|
2014-02-03 23:11:57 +04:00
|
|
|
ENABLED_SUPPORTED_CURVES=yes
|
2015-10-14 01:00:53 +03:00
|
|
|
ENABLED_ALPN=yes
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES -DHAVE_ALPN"
|
2013-06-19 22:45:06 +04:00
|
|
|
fi
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2014-01-11 03:11:17 +04:00
|
|
|
# PKCS7
|
2014-01-11 02:17:03 +04:00
|
|
|
AC_ARG_ENABLE([pkcs7],
|
|
|
|
[ --enable-pkcs7 Enable PKCS7 (default: disabled)],
|
|
|
|
[ ENABLED_PKCS7=$enableval ],
|
2014-01-11 03:11:17 +04:00
|
|
|
[ ENABLED_PKCS7=no ],
|
2014-01-11 02:17:03 +04:00
|
|
|
)
|
|
|
|
|
2014-01-11 03:11:17 +04:00
|
|
|
if test "$ENABLED_PKCS7" = "yes"
|
2014-01-11 02:17:03 +04:00
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
|
|
|
|
|
2014-01-27 23:35:43 +04:00
|
|
|
|
|
|
|
# Simple Certificate Enrollment Protocol (SCEP)
|
|
|
|
AC_ARG_ENABLE([scep],
|
|
|
|
[ --enable-scep Enable wolfSCEP (default: disabled)],
|
|
|
|
[ ENABLED_WOLFSCEP=$enableval ],
|
|
|
|
[ ENABLED_WOLFSCEP=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_WOLFSCEP" = "yes"
|
|
|
|
then
|
|
|
|
# Enable prereqs if not already enabled
|
|
|
|
if test "x$ENABLED_KEYGEN" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_KEYGEN="yes"
|
2014-12-30 21:00:18 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
|
2014-01-27 23:35:43 +04:00
|
|
|
fi
|
|
|
|
if test "x$ENABLED_CERTGEN" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CERTGEN="yes"
|
2014-12-31 20:01:32 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
|
2014-01-27 23:35:43 +04:00
|
|
|
fi
|
|
|
|
if test "x$ENABLED_CERTREQ" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CERTREQ="yes"
|
2014-12-31 20:01:32 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
|
2014-01-27 23:35:43 +04:00
|
|
|
fi
|
2015-09-07 10:51:21 +03:00
|
|
|
if test "x$ENABLED_CERTEXT" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CERTEXT="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_EXT"
|
|
|
|
fi
|
2014-01-27 23:35:43 +04:00
|
|
|
if test "x$ENABLED_PKCS7" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_PKCS7="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
|
|
|
|
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
|
|
|
|
fi
|
2014-12-31 20:01:32 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_WOLFSCEP"
|
2014-01-27 23:35:43 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Secure Remote Password
|
|
|
|
AC_ARG_ENABLE([srp],
|
|
|
|
[ --enable-srp Enable Secure Remote Password (default: disabled)],
|
|
|
|
[ ENABLED_SRP=$enableval ],
|
|
|
|
[ ENABLED_SRP=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_SRP" = "xyes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_HAVE_SRP"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_SRP], [test "x$ENABLED_SRP" = "xyes"])
|
|
|
|
|
|
|
|
|
|
|
|
|
2014-04-15 19:46:43 +04:00
|
|
|
# Small Stack
|
|
|
|
AC_ARG_ENABLE([smallstack],
|
2014-05-12 15:34:19 +04:00
|
|
|
[ --enable-smallstack Enable Small Stack Usage (default: disabled)],
|
2014-04-15 19:46:43 +04:00
|
|
|
[ ENABLED_SMALL_STACK=$enableval ],
|
2014-05-12 15:34:19 +04:00
|
|
|
[ ENABLED_SMALL_STACK=no ]
|
2014-04-15 19:46:43 +04:00
|
|
|
)
|
|
|
|
|
2014-04-16 20:25:51 +04:00
|
|
|
if test "x$ENABLED_SMALL_STACK" = "xyes"
|
2014-04-15 19:46:43 +04:00
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SMALL_STACK"
|
2014-04-15 19:46:43 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2012-12-05 09:28:18 +04:00
|
|
|
#valgrind
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([valgrind],
|
2012-12-05 09:28:18 +04:00
|
|
|
[ --enable-valgrind Enable valgrind for unit tests (default: disabled)],
|
|
|
|
[ ENABLED_VALGRIND=$enableval ],
|
|
|
|
[ ENABLED_VALGRIND=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_VALGRIND" = "yes"
|
|
|
|
then
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_CHECK_PROG([HAVE_VALGRIND],[valgrind],[yes],[no])
|
2012-12-05 09:28:18 +04:00
|
|
|
|
2013-05-17 03:20:51 +04:00
|
|
|
if test "$HAVE_VALGRIND" = "no"
|
|
|
|
then
|
2012-12-05 09:28:18 +04:00
|
|
|
AC_MSG_ERROR([Valgrind not found.])
|
|
|
|
fi
|
|
|
|
enable_shared=no
|
2013-03-28 02:17:21 +04:00
|
|
|
enable_static=yes
|
2013-01-05 03:52:46 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_VALGRIND"
|
2012-12-05 09:28:18 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([USE_VALGRIND], [test "x$ENABLED_VALGRIND" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Test certs, use internal cert functions for extra testing
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([testcert],
|
2011-06-04 00:01:45 +04:00
|
|
|
[ --enable-testcert Enable Test Cert (default: disabled)],
|
|
|
|
[ ENABLED_TESTCERT=$enableval ],
|
|
|
|
[ ENABLED_TESTCERT=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_TESTCERT" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TEST_CERT"
|
2011-06-04 00:01:45 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2014-03-14 05:54:51 +04:00
|
|
|
# I/O Pool, an example to show user how to override memory handler and use
|
|
|
|
# a pool for the input/output buffer requests
|
|
|
|
AC_ARG_ENABLE([iopool],
|
|
|
|
[ --enable-iopool Enable I/O Pool example (default: disabled)],
|
|
|
|
[ ENABLED_IOPOOL=$enableval ],
|
|
|
|
[ ENABLED_IOPOOL=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_IOPOOL" = "yes"
|
|
|
|
then
|
|
|
|
if test "$thread_ls_on" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([I/O Pool example requires Thread Local Storage])
|
|
|
|
fi
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_IO_POOL -DXMALLOC_USER"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Certificate Service Support
|
2014-02-12 01:08:12 +04:00
|
|
|
AC_ARG_ENABLE([certservice],
|
|
|
|
[ --enable-certservice Enable cert service (default: disabled)],
|
|
|
|
[ ENABLED_CERT_SERVICE=$enableval ],
|
|
|
|
[ ENABLED_CERT_SERVICE=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_CERT_SERVICE" = "yes"
|
|
|
|
then
|
2014-02-13 20:53:12 +04:00
|
|
|
# Requires ecc,certgen, and opensslextra make sure on
|
2014-02-12 01:08:12 +04:00
|
|
|
if test "x$ENABLED_CERTGEN" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CERTGEN="yes"
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
|
2014-02-12 01:08:12 +04:00
|
|
|
fi
|
|
|
|
if test "x$ENABLED_ECC" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_ECC="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
|
|
|
|
AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
|
|
|
|
fi
|
2014-02-13 20:53:12 +04:00
|
|
|
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OPENSSLEXTRA="yes"
|
|
|
|
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
|
|
|
|
fi
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_CERT_SERVICE"
|
2014-02-12 01:08:12 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-10-15 22:27:43 +03:00
|
|
|
# wolfSSL JNI
|
|
|
|
AC_ARG_ENABLE([jni],
|
|
|
|
[ --enable-jni Enable wolfSSL JNI (default: disabled)],
|
|
|
|
[ ENABLED_JNI=$enableval ],
|
|
|
|
[ ENABLED_JNI=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_JNI" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI"
|
|
|
|
|
|
|
|
# Enable prereqs if not already enabled
|
|
|
|
if test "x$ENABLED_DTLS" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_DTLS="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OPENSSLEXTRA="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_CRL" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CRL="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
|
|
|
|
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_OCSP" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OCSP="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
|
|
|
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_CRL_MONITOR" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CRL_MONITOR="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_SAVESESSION" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_SAVESESSION="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_SAVECERT" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_SAVECERT="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_ATOMICUSER" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_ATOMICUSER="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_ECC" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_ECC="yes"
|
2015-11-14 02:58:05 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
|
|
|
|
AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
|
2015-10-15 22:27:43 +03:00
|
|
|
fi
|
|
|
|
if test "x$ENABLED_PKCALLBACKS" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_PKCALLBACKS="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_DH" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_DH="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_DH"
|
|
|
|
fi
|
|
|
|
if test "x$ENABLED_PSK" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_PSK="yes"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2015-07-09 18:14:33 +03:00
|
|
|
# lighty Support
|
|
|
|
AC_ARG_ENABLE([lighty],
|
|
|
|
[ --enable-lighty Enable lighttpd/lighty (default: disabled)],
|
|
|
|
[ ENABLED_LIGHTY=$enableval ],
|
|
|
|
[ ENABLED_LIGHTY=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_LIGHTY" = "yes"
|
|
|
|
then
|
|
|
|
# Requires opensslextra make sure on
|
|
|
|
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OPENSSLEXTRA="yes"
|
|
|
|
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
|
|
|
|
fi
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1"
|
|
|
|
fi
|
|
|
|
|
2015-07-14 23:56:26 +03:00
|
|
|
# stunnel Support
|
|
|
|
AC_ARG_ENABLE([stunnel],
|
2015-07-15 23:44:09 +03:00
|
|
|
[ --enable-stunnel Enable stunnel (default: disabled)],
|
2015-07-14 23:56:26 +03:00
|
|
|
[ ENABLED_STUNNEL=$enableval ],
|
|
|
|
[ ENABLED_STUNNEL=no ]
|
|
|
|
)
|
|
|
|
if test "$ENABLED_STUNNEL" = "yes"
|
|
|
|
then
|
|
|
|
# Requires opensslextra make sure on
|
|
|
|
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OPENSSLEXTRA="yes"
|
|
|
|
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
|
|
|
|
fi
|
|
|
|
|
2015-08-12 19:10:30 +03:00
|
|
|
# Requires OCSP make sure on
|
|
|
|
if test "x$ENABLED_OCSP" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OCSP="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
|
|
|
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
|
|
|
fi
|
|
|
|
|
2015-07-14 23:56:26 +03:00
|
|
|
# Requires coding make sure on
|
|
|
|
if test "x$ENABLED_CODING" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CODING="yes"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Requires sessioncerts make sure on
|
|
|
|
if test "x$ENABLED_SESSIONCERTS" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_SESSIONCERTS="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
|
|
|
|
fi
|
|
|
|
|
2015-07-17 02:46:37 +03:00
|
|
|
# Requires crls, make sure on
|
|
|
|
if test "x$ENABLED_CRL" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_CRL="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
|
|
|
|
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
|
|
|
|
fi
|
2015-08-13 05:38:51 +03:00
|
|
|
|
|
|
|
# Requires tlsx, make sure on
|
|
|
|
if test "x$ENABLED_TLSX" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_TLSX="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES"
|
|
|
|
fi
|
|
|
|
|
2015-08-28 02:44:55 +03:00
|
|
|
# Requires ecc make sure on
|
|
|
|
if test "x$ENABLED_ECC" = "xno"
|
|
|
|
then
|
|
|
|
ENABLED_OPENSSLEXTRA="yes"
|
2015-10-12 18:25:54 +03:00
|
|
|
ENABLED_ECC="yes"
|
2015-08-28 02:44:55 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
|
|
|
|
AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
|
|
|
|
fi
|
|
|
|
|
2015-08-12 19:10:30 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_STUNNEL -DWOLFSSL_ALWAYS_VERIFY_CB"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_KEEP_SNI"
|
2015-07-14 23:56:26 +03:00
|
|
|
fi
|
|
|
|
|
2015-08-27 20:05:29 +03:00
|
|
|
if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no" \
|
|
|
|
&& test "x$ENABLED_STUNNEL" = "xno"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_PSK"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_PSK" = "no" && \
|
|
|
|
(test "$ENABLED_LEANPSK" = "yes" || test "x$ENABLED_STUNNEL" = "xyes")
|
|
|
|
then
|
|
|
|
ENABLED_PSK=yes
|
|
|
|
fi
|
2015-07-14 23:56:26 +03:00
|
|
|
|
|
|
|
# MD4
|
|
|
|
AC_ARG_ENABLE([md4],
|
|
|
|
[ --enable-md4 Enable MD4 (default: disabled)],
|
|
|
|
[ ENABLED_MD4=$enableval ],
|
|
|
|
[ ENABLED_MD4=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
if test "$ENABLED_MD4" = "no"
|
|
|
|
then
|
|
|
|
#turn on MD4 if using stunnel
|
|
|
|
if test "x$ENABLED_STUNNEL" = "xyes"
|
|
|
|
then
|
|
|
|
ENABLED_MD4="yes"
|
|
|
|
else
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_MD4"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_MD4], [test "x$ENABLED_MD4" = "xyes"])
|
|
|
|
|
2015-07-09 18:14:33 +03:00
|
|
|
|
2015-02-16 20:54:55 +03:00
|
|
|
# PWDBASED has to come after certservice since we want it on w/o explicit on
|
|
|
|
# PWDBASED
|
|
|
|
AC_ARG_ENABLE([pwdbased],
|
|
|
|
[ --enable-pwdbased Enable PWDBASED (default: disabled)],
|
|
|
|
[ ENABLED_PWDBASED=$enableval ],
|
|
|
|
[ ENABLED_PWDBASED=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_PWDBASED" = "no"
|
|
|
|
then
|
|
|
|
if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes"
|
|
|
|
then
|
|
|
|
# opensslextra and webserver needs pwdbased
|
|
|
|
ENABLED_PWDBASED=yes
|
|
|
|
else
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_PWDBASED], [test "x$ENABLED_PWDBASED" = "xyes"])
|
|
|
|
|
|
|
|
|
2015-09-11 02:24:25 +03:00
|
|
|
# wolfCrypt Only Build
|
|
|
|
AC_ARG_ENABLE([cryptonly],
|
|
|
|
[AS_HELP_STRING([--enable-cryptonly],[Enable wolfCrypt Only build (default: disabled)])],
|
|
|
|
[ENABLED_CRYPTONLY=$enableval],
|
|
|
|
[ENABLED_CRYPTONLY=no])
|
|
|
|
|
|
|
|
if test "$ENABLED_CRYPTONLY" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_ONLY"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_CRYPTONLY], [test "x$ENABLED_CRYPTONLY" = "xyes"])
|
|
|
|
|
2016-02-11 00:03:53 +03:00
|
|
|
if test "x$ENABLED_CRYPTONLY" = "xno"
|
|
|
|
then
|
|
|
|
if test "x$ENABLED_PSK" = "xno" && test "x$ENABLED_ASN" = "xno"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please enable psk if disabling asn.])
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "x$ENABLED_ECC" = "xyes" && test "x$ENABLED_ASN" = "xno"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please disable ecc if disabling asn.])
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2015-09-11 02:24:25 +03:00
|
|
|
|
2013-07-01 23:10:59 +04:00
|
|
|
# set fastmath default
|
|
|
|
FASTMATH_DEFAULT=no
|
|
|
|
|
2014-02-13 21:33:30 +04:00
|
|
|
if test "$host_cpu" = "x86_64"
|
2013-07-01 23:10:59 +04:00
|
|
|
then
|
2015-07-18 00:05:04 +03:00
|
|
|
FASTMATH_DEFAULT=yes
|
2013-07-01 23:10:59 +04:00
|
|
|
fi
|
|
|
|
|
2013-03-13 02:14:03 +04:00
|
|
|
# fastmath
|
|
|
|
AC_ARG_ENABLE([fastmath],
|
2013-07-01 23:10:59 +04:00
|
|
|
[ --enable-fastmath Enable fast math ops (default: enabled on x86_64)],
|
2013-03-13 02:14:03 +04:00
|
|
|
[ ENABLED_FASTMATH=$enableval ],
|
2013-07-01 23:10:59 +04:00
|
|
|
[ ENABLED_FASTMATH=$FASTMATH_DEFAULT]
|
2013-03-13 02:14:03 +04:00
|
|
|
)
|
|
|
|
|
|
|
|
if test "x$ENABLED_FASTMATH" = "xyes"
|
|
|
|
then
|
2016-02-11 00:03:53 +03:00
|
|
|
# turn off fastmth if leanpsk on or asn off (w/o DH and ECC)
|
2013-03-19 02:32:04 +04:00
|
|
|
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
|
|
|
|
then
|
2016-02-10 19:53:09 +03:00
|
|
|
if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no"
|
2015-03-28 00:28:05 +03:00
|
|
|
then
|
|
|
|
ENABLED_FASTMATH=no
|
|
|
|
else
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
|
|
|
|
ENABLED_SLOWMATH="no"
|
|
|
|
fi
|
2013-03-19 02:32:04 +04:00
|
|
|
else
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
|
|
|
|
ENABLED_SLOWMATH="no"
|
|
|
|
fi
|
2015-03-31 23:28:49 +03:00
|
|
|
if test "$host_cpu" = "x86_64"
|
|
|
|
then
|
|
|
|
# Have settings.h set FP_MAX_BITS higher if user didn't set directly
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_X86_64_BUILD"
|
|
|
|
fi
|
2013-03-13 02:14:03 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# fast HUGE math
|
|
|
|
AC_ARG_ENABLE([fasthugemath],
|
|
|
|
[ --enable-fasthugemath Enable fast math + huge code (default: disabled)],
|
|
|
|
[ ENABLED_FASTHUGEMATH=$enableval ],
|
|
|
|
[ ENABLED_FASTHUGEMATH=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_BUMP" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_FASTHUGEMATH="yes"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_FASTHUGEMATH" = "yes"
|
|
|
|
then
|
|
|
|
ENABLED_FASTMATH="yes"
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
|
|
|
|
ENABLED_SLOWMATH="no"
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"])
|
|
|
|
AM_CONDITIONAL([BUILD_SLOWMATH], [test "x$ENABLED_SLOWMATH" = "xyes"])
|
|
|
|
|
|
|
|
|
2012-11-29 23:31:57 +04:00
|
|
|
# Enable Examples, used to disable examples
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_ENABLE([examples],
|
2012-11-29 23:31:57 +04:00
|
|
|
[ --enable-examples Enable Examples (default: enabled)],
|
|
|
|
[ ENABLED_EXAMPLES=$enableval ],
|
|
|
|
[ ENABLED_EXAMPLES=yes ]
|
|
|
|
)
|
|
|
|
|
2013-03-13 23:14:05 +04:00
|
|
|
AS_IF([test "x$ENABLED_FILESYSTEM" = "xno"], [ENABLED_EXAMPLES="no"])
|
2013-03-13 23:25:34 +04:00
|
|
|
AS_IF([test "x$ENABLED_INLINE" = "xno"], [ENABLED_EXAMPLES="no"])
|
2015-09-11 02:24:25 +03:00
|
|
|
AS_IF([test "x$ENABLED_CRYPTONLY" = "xyes"], [ENABLED_EXAMPLES="no"])
|
2016-02-26 17:30:11 +03:00
|
|
|
AM_CONDITIONAL([BUILD_EXAMPLE_SERVERS], [test "x$ENABLED_EXAMPLES" = "xyes" && test "x$ENABLED_LEANTLS" = "xno"])
|
|
|
|
AM_CONDITIONAL([BUILD_EXAMPLE_CLIENTS], [test "x$ENABLED_EXAMPLES" = "xyes"])
|
|
|
|
AM_CONDITIONAL([BUILD_TESTS], [test "x$ENABLED_EXAMPLES" = "xyes" && test "x$ENABLED_LEANTLS" = "xno"])
|
2012-11-29 23:31:57 +04:00
|
|
|
|
2016-02-04 23:06:24 +03:00
|
|
|
# Enable wolfCrypt test and benchmark
|
|
|
|
AC_ARG_ENABLE([crypttests],
|
|
|
|
[ --enable-crypttests Enable Crypt Bench/Test (default: enabled)],
|
|
|
|
[ ENABLED_CRYPT_TESTS=$enableval ],
|
|
|
|
[ ENABLED_CRYPT_TESTS=yes ]
|
|
|
|
)
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_WOLFCRYPT_TESTS], [test "x$ENABLED_CRYPT_TESTS" = "xyes"])
|
2013-01-30 04:22:49 +04:00
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# LIBZ
|
2013-03-21 01:37:05 +04:00
|
|
|
ENABLED_LIBZ="no"
|
2011-02-05 22:14:47 +03:00
|
|
|
trylibzdir=""
|
2012-12-13 02:33:21 +04:00
|
|
|
AC_ARG_WITH([libz],
|
2011-02-05 22:14:47 +03:00
|
|
|
[ --with-libz=PATH PATH to libz install (default /usr/) ],
|
|
|
|
[
|
|
|
|
AC_MSG_CHECKING([for libz])
|
|
|
|
CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
|
|
|
|
LIBS="$LIBS -lz"
|
|
|
|
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
if test "x$libz_linked" == "xno" ; then
|
|
|
|
if test "x$withval" != "xno" ; then
|
|
|
|
trylibzdir=$withval
|
|
|
|
fi
|
|
|
|
if test "x$withval" == "xyes" ; then
|
|
|
|
trylibzdir="/usr"
|
|
|
|
fi
|
|
|
|
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib"
|
2011-02-05 22:14:47 +03:00
|
|
|
CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
|
|
|
|
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
if test "x$libz_linked" == "xno" ; then
|
|
|
|
AC_MSG_ERROR([libz isn't found.
|
|
|
|
If it's already installed, specify its path using --with-libz=/dir/])
|
|
|
|
fi
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
else
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
fi
|
2013-03-20 03:25:58 +04:00
|
|
|
ENABLED_LIBZ="yes"
|
2011-02-05 22:14:47 +03:00
|
|
|
]
|
|
|
|
)
|
2013-03-20 03:25:58 +04:00
|
|
|
AM_CONDITIONAL([BUILD_LIBZ], [test "x$ENABLED_LIBZ" = "xyes"])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# cavium
|
2013-01-30 04:22:49 +04:00
|
|
|
trycaviumdir=""
|
|
|
|
AC_ARG_WITH([cavium],
|
|
|
|
[ --with-cavium=PATH PATH to cavium/software dir ],
|
|
|
|
[
|
|
|
|
AC_MSG_CHECKING([for cavium])
|
|
|
|
CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM"
|
|
|
|
|
|
|
|
if test "x$withval" == "xyes" ; then
|
|
|
|
AC_MSG_ERROR([need a PATH for --with-cavium])
|
|
|
|
fi
|
|
|
|
if test "x$withval" != "xno" ; then
|
|
|
|
trycaviumdir=$withval
|
|
|
|
fi
|
|
|
|
|
|
|
|
LDFLAGS="$AM_LDFLAGS $trycaviumdir/api/cavium_common.o"
|
|
|
|
CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include"
|
|
|
|
|
|
|
|
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include "cavium_common.h"]], [[ CspShutdown(CAVIUM_DEV_ID); ]])],[ cavium_linked=yes ],[ cavium_linked=no ])
|
|
|
|
|
|
|
|
if test "x$cavium_linked" == "xno" ; then
|
|
|
|
AC_MSG_ERROR([cavium isn't found.
|
|
|
|
If it's already installed, specify its path using --with-cavium=/dir/])
|
|
|
|
fi
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
enable_shared=no
|
2013-03-28 02:17:21 +04:00
|
|
|
enable_static=yes
|
2013-01-30 04:22:49 +04:00
|
|
|
]
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2015-09-28 19:06:30 +03:00
|
|
|
# Fast RSA using Intel IPP
|
|
|
|
ippdir="${srcdir}/IPP"
|
2015-11-30 09:34:58 +03:00
|
|
|
ipplib="lib" # if autoconf guesses 32bit system changes lib directory
|
|
|
|
fastRSA_found=no
|
|
|
|
abs_path=`pwd`
|
2015-09-28 19:06:30 +03:00
|
|
|
|
|
|
|
# set up variables used
|
|
|
|
IPPLIBS=
|
|
|
|
IPPHEADERS=
|
|
|
|
IPPLINK=
|
|
|
|
|
|
|
|
AC_ARG_ENABLE([fast-rsa],
|
|
|
|
[AS_HELP_STRING([--enable-fast-rsa],[Enable RSA using Intel IPP (default: disabled)])],
|
|
|
|
[ ENABLED_FAST_RSA=$enableval ],
|
|
|
|
[ ENABLED_FAST_RSA=no ],
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_USER_RSA" = "no" && test "$ENABLED_FIPS" = "no"; then
|
|
|
|
|
|
|
|
if test "$ac_cv_sizeof_long" = "4" && test "$ac_cv_sizeof_long_long" = "8"; then
|
|
|
|
ipplib="lib_32" # 32 bit OS detected
|
|
|
|
fi
|
|
|
|
|
2015-11-30 09:34:58 +03:00
|
|
|
# Use static IPP Libraries
|
|
|
|
if test "$enable_shared" = "no" && test "$ENABLED_FAST_RSA" = "yes"; then
|
2015-09-28 19:06:30 +03:00
|
|
|
case $host_os in
|
|
|
|
*darwin*)
|
|
|
|
ipplib="$ipplib/mac_static"
|
|
|
|
AC_MSG_ERROR([Issue with static linking to libippcp.a on Mac.
|
|
|
|
Dynamic IPP libraries supported on Mac])
|
|
|
|
break;;
|
|
|
|
|
|
|
|
*linux*)
|
|
|
|
ipplib="$ipplib/linux_static"
|
|
|
|
break;;
|
|
|
|
*)
|
|
|
|
ENABLED_FAST_RSA=no
|
|
|
|
esac
|
|
|
|
|
|
|
|
AC_CHECK_FILES([$srcdir/IPP/$ipplib/libippcore.a $srcdir/IPP/$ipplib/libippcp.a], [], [ENABLED_FAST_RSA=no])
|
|
|
|
AC_CHECK_FILES([$srcdir/IPP/include/ipp.h $srcdir/IPP/include/ippcp.h], [AM_CPPFLAGS="-I$srcdir/IPP/include $AM_CPPFLAGS"], [ENABLED_FAST_RSA=no])
|
2015-11-30 09:34:58 +03:00
|
|
|
LIB_STATIC_ADD="$srcdir/IPP/$ipplib/libippcp.a $srcdir/IPP/$ipplib/libippcore.a $LIB_STATIC_ADD"
|
2015-10-26 22:11:11 +03:00
|
|
|
if test "$ENABLED_FAST_RSA" = "no"; then
|
|
|
|
AC_MSG_ERROR([Could not find fast rsa libraries])
|
|
|
|
fi
|
2015-09-28 19:06:30 +03:00
|
|
|
else
|
|
|
|
|
2015-11-30 09:34:58 +03:00
|
|
|
# Check for and use bundled IPP libraries
|
2015-09-28 19:06:30 +03:00
|
|
|
if test "$ENABLED_FAST_RSA" = "yes"; then
|
|
|
|
AC_MSG_NOTICE([Using local IPP crypto library])
|
|
|
|
|
2015-11-30 09:34:58 +03:00
|
|
|
AC_CHECK_FILES([$abs_path/IPP/include/ippcp.h],
|
|
|
|
[
|
|
|
|
# build and default locations on linux and mac
|
|
|
|
STORE_LDFLAGS=${LDFLAGS}
|
|
|
|
STORE_CPPFLAGS=${CPPFLAGS}
|
|
|
|
|
|
|
|
# using LDFLAGS instead of AM_ temporarily to test link to library
|
|
|
|
LDFLAGS="-L$ippdir/$ipplib -lippcp -lippcore"
|
|
|
|
CPPFLAGS="-I$ippdir/include"
|
|
|
|
AC_CHECK_HEADERS([ippcp.h], [AC_CHECK_LIB([ippcp], [ippsRSAEncrypt_PKCSv15], [fastRSA_found=yes], [fastRSA_found=no])], [fastRSA_found=no])
|
2015-09-28 19:06:30 +03:00
|
|
|
name="$ippdir/$ipplib/libippcp"
|
2015-11-30 09:34:58 +03:00
|
|
|
case $host_os in
|
|
|
|
*darwin*)
|
|
|
|
# check file existence and conditionally set variables
|
|
|
|
AC_CHECK_FILES([$abs_path/IPP/$ipplib/libippcp.dylib], [
|
|
|
|
IPPLIBS="${name}.dylib ${name}-9.0.dylib ${name}e9-9.0.dylib ${name}g9-9.0.dylib ${name}h9-9.0.dylib ${name}k0-9.0.dylib ${name}l9-9.0.dylib ${name}n8-9.0.dylib ${name}p8-9.0.dylib ${name}s8-9.0.dylib ${name}y8-9.0.dylib IPP/lib/libippcore.dylib IPP/lib/libippcore-9.0.dylib"
|
|
|
|
IPPLINK="mkdir -p src/.libs && ln -f ${name}.dylib src/.libs/libippcp.dylib && ln -f ${srcdir}/${name}-9.0.dylib src/.libs/libippcp-9.0.dylib && ln -f ${srcdir}/${name}e9-9.0.dylib src/.libs/libippcpe9-9.0.dylib && ln -f ${srcdir}/${name}g9-9.0.dylib src/.libs/libippcpg9-9.0.dylib && ln -f ${srcdir}/${name}h9-9.0.dylib src/.libs/libippcph9-9.0.dylib && ln -f ${srcdir}/${name}k0-9.0.dylib src/.libs/libippcpk0-9.0.dylib && ln -f ${srcdir}/${name}l9-9.0.dylib src/.libs/libippcpl9-9.0.dylib && ln -f ${srcdir}/${name}n8-9.0.dylib src/.libs/libippcpn8-9.0.dylib && ln -f ${srcdir}/${name}p8-9.0.dylib src/.libs/libippcpp8-9.0.dylib && ln -f ${srcdir}/${name}s8-9.0.dylib src/.libs/libippcps8-9.0.dylib && ln -f ${srcdir}/${name}y8-9.0.dylib src/.libs/libippcpy8-9.0.dylib && ln -f ${srcdir}/IPP/lib/libippcore.dylib src/.libs/libippcore.dylib && ln -f ${srcdir}/IPP/lib/libippcore-9.0.dylib src/.libs/libippcore-9.0.dylib"
|
|
|
|
], [fastRSA_found=no])
|
|
|
|
break;;
|
|
|
|
|
|
|
|
*linux*)
|
|
|
|
# check file existence and conditionally set variables
|
|
|
|
AC_CHECK_FILES([$abs_path/IPP/$ipplib/libippcp.so.9.0], [
|
|
|
|
if test "$ac_cv_sizeof_long" = "4" && test "$ac_cv_sizeof_long_long" = "8"; then
|
|
|
|
IPPLIBS="${name}.so.9.0 ${name}g9.so.9.0 ${name}h9.so.9.0 ${name}p8.so.9.0 ${name}px.so.9.0 ${name}s8.so.9.0 ${name}.so ${name}w7.so.9.0 IPP/$ipplib/libippcore.so IPP/$ipplib/libippcore.so.9.0"
|
|
|
|
IPPLINK="mkdir -p src/.libs && ln -f ${name}.so.9.0 src/.libs/libippcp.so.9.0 && ln -f ${name}g9.so.9.0 src/.libs/libippcpg9.so.9.0 && ln -f ${name}h9.so.9.0 src/.libs/libippcph9.so.9.0 && ln -f ${name}p8.so.9.0 src/.libs/libippcpp8.so.9.0 && ln -f ${name}px.so.9.0 src/.libs/libippcppx.so.9.0 && ln -f ${name}s8.so.9.0 src/.libs/libippcps8.so.9.0 && ln -f ${name}.so src/.libs/libippcp.so && ln -f ${name}w7.so.9.0 src/.libs/libippcpw7.so.9.0 && ln -f IPP/$ipplib/libippcore.so src/.libs/libippcore.so && ln -f IPP/$ipplib/libippcore.so.9.0 src/.libs/libippcore.so.9.0"
|
|
|
|
else
|
|
|
|
IPPLIBS="${name}.so.9.0 ${name}e9.so.9.0 ${name}k0.so.9.0 ${name}l9.so.9.0 ${name}m7.so.9.0 ${name}mx.so.9.0 ${name}.so ${name}n8.so.9.0 ${name}y8.so.9.0 IPP/lib/libippcore.so IPP/lib/libippcore.so.9.0"
|
|
|
|
IPPLINK="mkdir -p src/.libs && ln -f ${name}.so.9.0 src/.libs/libippcp.so.9.0 && ln -f ${name}e9.so.9.0 src/.libs/libippcpe9.so.9.0 && ln -f ${name}k0.so.9.0 src/.libs/libippcpk0.so.9.0 && ln -f ${name}l9.so.9.0 src/.libs/libippcpl9.so.9.0 && ln -f ${name}m7.so.9.0 src/.libs/libippcpm7.so.9.0 && ln -f ${name}mx.so.9.0 src/.libs/libippcpmx.so.9.0 && ln -f ${name}.so src/.libs/libippcp.so && ln -f ${name}n8.so.9.0 src/.libs/libippcpn8.so.9.0 && ln -f ${name}y8.so.9.0 src/.libs/libippcpy8.so.9.0 && ln -f IPP/lib/libippcore.so src/.libs/libippcore.so && ln -f IPP/lib/libippcore.so.9.0 src/.libs/libippcore.so.9.0"
|
|
|
|
fi
|
|
|
|
], [fastRSA_found=no])
|
|
|
|
break;;
|
|
|
|
*)
|
|
|
|
fastRSA_found=no
|
|
|
|
esac
|
|
|
|
|
|
|
|
if test "$fastRSA_found" = "yes"; then
|
|
|
|
# was succesfull so add tested LDFLAGS to AM_ flags
|
|
|
|
AM_LDFLAGS="${AM_LDFLAGS} ${LDFLAGS}"
|
|
|
|
AM_CPPFLAGS="${AM_CPPFLAGS} ${CPPFLAGS}"
|
|
|
|
IPPHEADERS="${srcdir}/IPP/include/*.h"
|
2015-09-28 19:06:30 +03:00
|
|
|
fi
|
2015-11-30 09:34:58 +03:00
|
|
|
|
|
|
|
# restore LDFLAGS to user set
|
|
|
|
LDFLAGS=${STORE_LDFLAGS}
|
|
|
|
CPPFLAGS=${STORE_CPPFLAGS}
|
|
|
|
], [fastRSA_found=no])
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Don't cache the result so it can be checked
|
|
|
|
AS_UNSET([ac_cv_header_ippcp_h])
|
|
|
|
AS_UNSET([ac_cv_header_ipp_h])
|
|
|
|
AS_UNSET([ac_cv_lib_ippcp_ippsRSAEncrypt_PKCSv15]);
|
|
|
|
|
|
|
|
# Check link and see if user has pre-existing IPP Libraries if not using local
|
|
|
|
if test "$ENABLED_FAST_RSA" = "yes" && test "$fastRSA_found" = "no"; then
|
|
|
|
AC_MSG_NOTICE([Checking if IPP crypto library installed])
|
|
|
|
AC_CHECK_HEADER([ippcp.h], [AC_CHECK_LIB([ippcp], [ippsRSAEncrypt_PKCSv15],
|
|
|
|
[
|
|
|
|
fastRSA_found=yes
|
|
|
|
AM_LDFLAGS="${AM_LDFLAGS} -lippcore -lippcp"
|
|
|
|
], [ fastRSA_found=no])
|
|
|
|
], [fastRSA_found=no])
|
2015-10-26 22:11:11 +03:00
|
|
|
|
|
|
|
# Error out on not finding libraries
|
2015-11-30 09:34:58 +03:00
|
|
|
if test "$fastRSA_found" = "no"; then
|
2015-10-26 22:11:11 +03:00
|
|
|
AC_MSG_ERROR([Could not find fast rsa libraries])
|
|
|
|
fi
|
2015-09-28 19:06:30 +03:00
|
|
|
fi
|
|
|
|
fi # end of if for shared library
|
|
|
|
else # if user rsa is set than do not use fast rsa option
|
2015-10-26 22:11:11 +03:00
|
|
|
if test "$ENABLED_FAST_RSA" = "yes"; then
|
|
|
|
AC_MSG_ERROR([Could not use fast rsa libraries with user crypto or fips])
|
|
|
|
fi
|
2015-11-30 09:34:58 +03:00
|
|
|
fi # end of if for user rsa crypto or fips
|
2015-09-28 19:06:30 +03:00
|
|
|
|
2015-11-30 09:34:58 +03:00
|
|
|
# End result of checking for IPP Libraries
|
2015-09-28 19:06:30 +03:00
|
|
|
AC_MSG_CHECKING([for fast RSA])
|
|
|
|
if test "$ENABLED_FAST_RSA" = "yes"; then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_FAST_RSA -DHAVE_USER_RSA"
|
|
|
|
# add in user crypto header that uses Intel IPP
|
|
|
|
AM_CPPFLAGS="$AM_CPPFLAGS -I$srcdir/wolfcrypt/user-crypto/include"
|
|
|
|
if test "$enable_shared" = "yes"; then
|
2015-11-30 09:34:58 +03:00
|
|
|
LIBS="$LIBS -lippcore -lippcp"
|
2015-09-28 19:06:30 +03:00
|
|
|
LIB_ADD="-lippcp -lippcore $LIB_ADD"
|
|
|
|
else
|
|
|
|
LIB_ADD="$srcdir/IPP/$ipplib/libippcp.a $srcdir/IPP/$ipplib/libippcore.a $LIB_ADD"
|
|
|
|
fi
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
else
|
|
|
|
AC_MSG_RESULT([no])
|
|
|
|
fi
|
|
|
|
|
|
|
|
AC_SUBST([IPPLIBS])
|
|
|
|
AC_SUBST([IPPHEADERS])
|
|
|
|
AC_SUBST([IPPLINK])
|
|
|
|
AM_CONDITIONAL([BUILD_FAST_RSA], [test "x$ENABLED_FAST_RSA" = "xyes"])
|
|
|
|
|
|
|
|
|
2013-03-21 01:37:05 +04:00
|
|
|
# microchip api
|
|
|
|
AC_ARG_ENABLE([mcapi],
|
|
|
|
[ --enable-mcapi Enable Microchip API (default: disabled)],
|
|
|
|
[ ENABLED_MCAPI=$enableval ],
|
|
|
|
[ ENABLED_MCAPI=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_MCAPI" = "yes"
|
|
|
|
then
|
2014-12-31 23:04:03 +03:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT"
|
2013-03-21 01:37:05 +04:00
|
|
|
fi
|
|
|
|
|
|
|
|
if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please enable sha512 if enabling mcapi.])
|
|
|
|
fi
|
|
|
|
|
2013-03-22 00:20:23 +04:00
|
|
|
if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_ECC" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please enable ecc if enabling mcapi.])
|
|
|
|
fi
|
|
|
|
|
2013-03-21 01:37:05 +04:00
|
|
|
if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_LIBZ" = "no"
|
|
|
|
then
|
|
|
|
AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"])
|
|
|
|
|
|
|
|
|
2016-03-04 21:05:22 +03:00
|
|
|
# Asynchronous Crypto
|
|
|
|
AC_ARG_ENABLE([asynccrypt],
|
|
|
|
[ --enable-asynccrypt Enable Asynchronous Crypto (default: disabled)],
|
|
|
|
[ ENABLED_ASYNCCRYPT=$enableval ],
|
|
|
|
[ ENABLED_ASYNCCRYPT=no ]
|
|
|
|
)
|
|
|
|
|
|
|
|
if test "$ENABLED_ASYNCCRYPT" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT"
|
|
|
|
|
|
|
|
# if Cavium not enabled the use async simulator for testing
|
|
|
|
if test "x$ENABLED_CAVIUM" = "xno"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_TEST"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AM_CONDITIONAL([BUILD_ASYNCCRYPT], [test "x$ENABLED_ASYNCCRYPT" = "xyes"])
|
|
|
|
|
|
|
|
|
2016-02-11 10:12:48 +03:00
|
|
|
# check if PSK was enabled for conditionally running psk.test script
|
|
|
|
AM_CONDITIONAL([BUILD_PSK], [test "x$ENABLED_PSK" = "xyes"])
|
|
|
|
|
2016-03-02 02:35:32 +03:00
|
|
|
|
|
|
|
# check if should run the trusted peer certs test
|
2016-03-12 19:37:32 +03:00
|
|
|
# (for now checking both C_FLAGS and C_EXTRA_FLAGS)
|
2016-03-02 02:35:32 +03:00
|
|
|
case $C_EXTRA_FLAGS in
|
|
|
|
*WOLFSSL_TRUST_PEER_CERT*)
|
|
|
|
have_tp=yes
|
|
|
|
break;;
|
|
|
|
*)
|
|
|
|
have_tp=no ;;
|
|
|
|
esac
|
2016-03-12 19:37:32 +03:00
|
|
|
if test "$have_tp" = "no"; then
|
|
|
|
case $C_FLAGS in
|
|
|
|
*WOLFSSL_TRUST_PEER_CERT*)
|
|
|
|
have_tp=yes
|
|
|
|
break;;
|
|
|
|
*)
|
|
|
|
have_tp=no ;;
|
|
|
|
esac
|
|
|
|
fi
|
2016-03-02 02:35:32 +03:00
|
|
|
AM_CONDITIONAL([BUILD_TRUST_PEER_CERT], [test "x$have_tp" = "xyes"])
|
|
|
|
|
|
|
|
|
2016-02-23 21:19:04 +03:00
|
|
|
################################################################################
|
|
|
|
# Check for build-type conflicts #
|
|
|
|
################################################################################
|
|
|
|
|
2015-04-01 21:55:49 +03:00
|
|
|
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
|
|
|
|
test "x$ENABLED_LEANPSK" = "xyes"],
|
|
|
|
[AC_MSG_ERROR([Cannot use Max Strength and Lean PSK at the same time.])])
|
|
|
|
|
2016-02-24 22:45:07 +03:00
|
|
|
AS_IF([test "x$ENABLED_OCSP" = "xyes" && \
|
|
|
|
test "x$ENABLED_ASN" = "xno"],
|
2016-02-23 21:19:04 +03:00
|
|
|
[AC_MSG_ERROR([please enable asn if enabling ocsp.])])
|
|
|
|
|
2016-02-25 00:57:16 +03:00
|
|
|
AS_IF([test "x$ENABLED_OCSP" = "xyes" && \
|
|
|
|
test "x$ENABLED_RSA" = "xno" && \
|
|
|
|
test "x$ENABLED_ECC" = "xno"],
|
|
|
|
[AC_MSG_ERROR([please enable rsa or ecc if enabling ocsp.])])
|
|
|
|
|
2016-02-23 21:19:04 +03:00
|
|
|
################################################################################
|
|
|
|
# Update CFLAGS based on options #
|
|
|
|
################################################################################
|
2015-04-01 21:55:49 +03:00
|
|
|
|
|
|
|
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes"],
|
|
|
|
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MAX_STRENGTH"])
|
|
|
|
|
|
|
|
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
|
|
|
|
test "x$ENABLED_OLD_TLS" = "xyes"],
|
|
|
|
[AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
|
|
|
|
ENABLED_OLD_TLS=no])
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
|
|
|
|
test "x$ENABLED_SSLV3" = "xyes"],
|
|
|
|
[AC_MSG_ERROR([Cannot use Max Strength and SSLv3 at the same time.])])
|
|
|
|
|
2016-02-23 21:19:04 +03:00
|
|
|
################################################################################
|
2013-03-21 01:37:05 +04:00
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
# OPTIMIZE FLAGS
|
|
|
|
if test "$GCC" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused"
|
2012-10-22 22:37:46 +04:00
|
|
|
if test "$ax_enable_debug" = "no"
|
2011-02-05 22:14:47 +03:00
|
|
|
then
|
|
|
|
if test "$ENABLED_FASTMATH" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS"
|
2011-02-05 22:14:47 +03:00
|
|
|
if test "$ENABLED_FASTHUGEMATH" = "yes"
|
|
|
|
then
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
else
|
2011-08-25 02:54:58 +04:00
|
|
|
AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS"
|
2011-02-05 22:14:47 +03:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2014-07-10 21:18:49 +04:00
|
|
|
# ICC command line warning for non supported warning flags
|
|
|
|
if test "$CC" = "icc"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -wd10006"
|
|
|
|
fi
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# Expose HAVE___UINT128_T to options flags"
|
|
|
|
if test "$ac_cv_type___uint128_t" = "yes"
|
|
|
|
then
|
|
|
|
AM_CFLAGS="$AM_CFLAGS -DHAVE___UINT128_T"
|
|
|
|
fi
|
|
|
|
|
2014-07-10 21:18:49 +04:00
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
LIB_SOCKET_NSL
|
2014-02-18 03:33:07 +04:00
|
|
|
AX_HARDEN_CC_COMPILER_FLAGS
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2013-05-02 00:17:11 +04:00
|
|
|
# link to ws2_32 if on mingw
|
|
|
|
case $host_os in
|
|
|
|
*mingw32)
|
|
|
|
LDFLAGS="$LDFLAGS -lws2_32" ;;
|
|
|
|
esac
|
|
|
|
|
2012-10-24 23:01:11 +04:00
|
|
|
# add user C_EXTRA_FLAGS back
|
|
|
|
CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS"
|
2015-09-24 02:27:48 +03:00
|
|
|
OPTION_FLAGS="$USER_CFLAGS $USER_C_EXTRA_FLAGS $AM_CFLAGS"
|
2012-10-24 23:01:11 +04:00
|
|
|
|
2011-08-25 02:54:58 +04:00
|
|
|
CREATE_HEX_VERSION
|
2012-10-24 22:53:33 +04:00
|
|
|
AC_SUBST([AM_CPPFLAGS])
|
|
|
|
AC_SUBST([AM_CFLAGS])
|
|
|
|
AC_SUBST([AM_LDFLAGS])
|
2015-10-31 02:03:26 +03:00
|
|
|
AC_SUBST([AM_CCASFLAGS])
|
2015-09-28 19:06:30 +03:00
|
|
|
AC_SUBST([LIB_ADD])
|
|
|
|
AC_SUBST([LIB_STATIC_ADD])
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
# FINAL
|
2011-08-25 02:54:58 +04:00
|
|
|
AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h])
|
2011-04-27 23:36:39 +04:00
|
|
|
AC_CONFIG_FILES([Makefile])
|
2015-01-06 02:58:28 +03:00
|
|
|
AC_CONFIG_FILES([wolfssl/version.h])
|
|
|
|
AC_CONFIG_FILES([wolfssl/options.h])
|
2015-01-06 20:16:56 +03:00
|
|
|
#have options.h and version.h for autoconf fips tag and build
|
2015-01-08 00:30:02 +03:00
|
|
|
#if test "x$ENABLED_FIPS" = "xyes"
|
|
|
|
#then
|
|
|
|
# AC_CONFIG_FILES([cyassl/version.h])
|
|
|
|
# AC_CONFIG_FILES([cyassl/options.h])
|
|
|
|
#fi
|
2015-01-01 00:06:01 +03:00
|
|
|
AC_CONFIG_FILES([support/wolfssl.pc])
|
2012-10-20 12:42:34 +04:00
|
|
|
AC_CONFIG_FILES([rpm/spec])
|
2011-08-25 02:54:58 +04:00
|
|
|
|
2012-10-26 10:06:06 +04:00
|
|
|
AX_CREATE_GENERIC_CONFIG
|
2012-10-27 02:38:37 +04:00
|
|
|
AX_AM_JOBSERVER([yes])
|
2012-10-26 08:35:52 +04:00
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
AC_OUTPUT
|
|
|
|
|
2013-04-12 22:21:38 +04:00
|
|
|
|
|
|
|
# force make clean
|
2012-11-29 23:31:57 +04:00
|
|
|
echo "---"
|
|
|
|
echo "Running make clean..."
|
2012-11-30 00:05:34 +04:00
|
|
|
make clean >/dev/null 2>&1
|
2012-11-29 23:31:57 +04:00
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
# generate user options header
|
2013-04-12 22:21:38 +04:00
|
|
|
echo "---"
|
|
|
|
echo "Generating user options header..."
|
2015-01-01 00:06:01 +03:00
|
|
|
|
2015-01-06 02:58:28 +03:00
|
|
|
OPTION_FILE="wolfssl/options.h"
|
2015-01-06 20:16:56 +03:00
|
|
|
#if
|
|
|
|
#OPTION_FILE+="cyassl/options.h"
|
|
|
|
#fi
|
2013-04-12 22:21:38 +04:00
|
|
|
rm -f $OPTION_FILE
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
echo "/* wolfssl options.h" > $OPTION_FILE
|
2013-04-13 03:50:16 +04:00
|
|
|
echo " * generated from configure options" >> $OPTION_FILE
|
2013-04-12 23:56:44 +04:00
|
|
|
echo " *" >> $OPTION_FILE
|
2015-01-08 19:39:04 +03:00
|
|
|
echo " * Copyright (C) 2006-2015 wolfSSL Inc." >> $OPTION_FILE
|
2013-04-12 23:56:44 +04:00
|
|
|
echo " *" >> $OPTION_FILE
|
2014-12-31 23:04:03 +03:00
|
|
|
echo " * This file is part of wolfSSL. (formerly known as CyaSSL)" >> $OPTION_FILE
|
2013-04-12 23:56:44 +04:00
|
|
|
echo " *" >> $OPTION_FILE
|
|
|
|
echo " */" >> $OPTION_FILE
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
echo "" >> $OPTION_FILE
|
2015-12-17 23:19:17 +03:00
|
|
|
echo "#ifndef WOLFSSL_OPTIONS_H" >> $OPTION_FILE
|
|
|
|
echo "#define WOLFSSL_OPTIONS_H" >> $OPTION_FILE
|
|
|
|
echo "" >> $OPTION_FILE
|
2015-08-13 11:20:47 +03:00
|
|
|
echo "" >> $OPTION_FILE
|
|
|
|
echo "#ifdef __cplusplus" >> $OPTION_FILE
|
|
|
|
echo "extern \"C\" {" >> $OPTION_FILE
|
|
|
|
echo "#endif" >> $OPTION_FILE
|
|
|
|
echo "" >> $OPTION_FILE
|
2013-04-12 22:21:38 +04:00
|
|
|
|
|
|
|
for option in $OPTION_FLAGS; do
|
|
|
|
defonly=`echo $option | sed 's/-D//'`
|
|
|
|
if test "$defonly" != "$option"
|
|
|
|
then
|
2013-05-30 02:03:27 +04:00
|
|
|
noequalsign=`echo $defonly | sed 's/=/ /'`
|
2015-04-13 22:01:21 +03:00
|
|
|
if test "$noequalsign" = "NDEBUG" || test "$noequalsign" = "DEBUG"
|
|
|
|
then
|
|
|
|
echo "not outputing (N)DEBUG to $OPTION_FILE"
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
|
2015-04-17 19:23:43 +03:00
|
|
|
# allow user to igonore system options
|
|
|
|
ignoresys=no
|
|
|
|
if [[[ $noequalsign == _* ]]] ;
|
|
|
|
then
|
|
|
|
ignoresys=yes
|
|
|
|
echo "#ifndef WOLFSSL_OPTIONS_IGNORE_SYS" >> $OPTION_FILE
|
|
|
|
fi
|
|
|
|
|
2015-04-16 20:36:51 +03:00
|
|
|
noarg=`echo $defonly | sed 's/=.*//'`
|
2015-04-17 19:23:43 +03:00
|
|
|
echo "#undef $noarg" >> $OPTION_FILE
|
|
|
|
echo "#define $noequalsign" >> $OPTION_FILE
|
|
|
|
|
|
|
|
if test "$ignoresys" = "yes"
|
|
|
|
then
|
|
|
|
echo "#endif" >> $OPTION_FILE
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "" >> $OPTION_FILE
|
2013-04-12 22:21:38 +04:00
|
|
|
else
|
|
|
|
echo "option w/o begin -D is $option, not saving to $OPTION_FILE"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
2015-08-13 11:20:47 +03:00
|
|
|
echo "" >> $OPTION_FILE
|
|
|
|
echo "#ifdef __cplusplus" >> $OPTION_FILE
|
|
|
|
echo "}" >> $OPTION_FILE
|
|
|
|
echo "#endif" >> $OPTION_FILE
|
|
|
|
echo "" >> $OPTION_FILE
|
2015-12-17 23:19:17 +03:00
|
|
|
echo "" >> $OPTION_FILE
|
|
|
|
echo "#endif /* WOLFSSL_OPTIONS_H */" >> $OPTION_FILE
|
|
|
|
echo "" >> $OPTION_FILE
|
2013-04-12 22:21:38 +04:00
|
|
|
echo
|
|
|
|
|
2015-01-08 00:30:02 +03:00
|
|
|
#backwards compatability for those who have included options or version
|
|
|
|
touch cyassl/options.h
|
|
|
|
echo "/* cyassl options.h" > cyassl/options.h
|
|
|
|
echo " * generated from wolfssl/options.h" >> cyassl/options.h
|
2015-02-12 00:10:06 +03:00
|
|
|
echo " */" >> cyassl/options.h
|
|
|
|
echo ""
|
2015-01-08 00:30:02 +03:00
|
|
|
while read -r line
|
|
|
|
do
|
|
|
|
echo "$line" >> cyassl/options.h
|
|
|
|
done < $OPTION_FILE
|
|
|
|
|
2015-12-17 23:19:17 +03:00
|
|
|
# switch ifdef protection in cyassl/option.h to CYASSL_OPTONS_H, remove bak
|
|
|
|
sed -i.bak 's/WOLFSSL_OPTIONS_H/CYASSL_OPTIONS_H/g' cyassl/options.h
|
|
|
|
rm cyassl/options.h.bak
|
|
|
|
|
2013-04-12 22:21:38 +04:00
|
|
|
# output config summary
|
2012-09-20 10:38:41 +04:00
|
|
|
echo "---"
|
|
|
|
echo "Configuration summary for $PACKAGE_NAME version $VERSION"
|
|
|
|
echo ""
|
2015-11-02 21:51:01 +03:00
|
|
|
echo " * Installation prefix: $prefix"
|
|
|
|
echo " * System type: $host_vendor-$host_os"
|
|
|
|
echo " * Host CPU: $host_cpu"
|
|
|
|
echo " * C Compiler: $CC"
|
|
|
|
echo " * C Flags: $CFLAGS"
|
|
|
|
echo " * C++ Compiler: $CXX"
|
|
|
|
echo " * C++ Flags: $CXXFLAGS"
|
|
|
|
echo " * CPP Flags: $CPPFLAGS"
|
|
|
|
echo " * CCAS Flags: $CCASFLAGS"
|
|
|
|
echo " * LIB Flags: $LIB"
|
|
|
|
echo " * Debug enabled: $ax_enable_debug"
|
|
|
|
echo " * Warnings as failure: $ac_cv_warnings_as_errors"
|
|
|
|
echo " * make -j: $enable_jobserver"
|
|
|
|
echo " * VCS checkout: $ac_cv_vcs_checkout"
|
2015-08-13 11:20:47 +03:00
|
|
|
echo
|
2012-10-20 06:00:17 +04:00
|
|
|
echo " Features "
|
2015-11-02 21:51:01 +03:00
|
|
|
echo " * Single threaded: $ENABLED_SINGLETHREADED"
|
|
|
|
echo " * Filesystem: $ENABLED_FILESYSTEM"
|
|
|
|
echo " * OpenSSH Build: $ENABLED_OPENSSH"
|
|
|
|
echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA"
|
|
|
|
echo " * Max Strength Build: $ENABLED_MAXSTRENGTH"
|
|
|
|
echo " * fastmath: $ENABLED_FASTMATH"
|
|
|
|
echo " * sniffer: $ENABLED_SNIFFER"
|
|
|
|
echo " * snifftest: $ENABLED_SNIFFTEST"
|
|
|
|
echo " * ARC4: $ENABLED_ARC4"
|
|
|
|
echo " * AES: $ENABLED_AES"
|
|
|
|
echo " * AES-NI: $ENABLED_AESNI"
|
|
|
|
echo " * AES-GCM: $ENABLED_AESGCM"
|
|
|
|
echo " * AES-CCM: $ENABLED_AESCCM"
|
|
|
|
echo " * DES3: $ENABLED_DES3"
|
|
|
|
echo " * IDEA: $ENABLED_IDEA"
|
|
|
|
echo " * Camellia: $ENABLED_CAMELLIA"
|
|
|
|
echo " * NULL Cipher: $ENABLED_NULL_CIPHER"
|
|
|
|
echo " * MD5: $ENABLED_MD5"
|
|
|
|
echo " * RIPEMD: $ENABLED_RIPEMD"
|
|
|
|
echo " * SHA: $ENABLED_SHA"
|
|
|
|
echo " * SHA-512: $ENABLED_SHA512"
|
|
|
|
echo " * BLAKE2: $ENABLED_BLAKE2"
|
|
|
|
echo " * keygen: $ENABLED_KEYGEN"
|
|
|
|
echo " * certgen: $ENABLED_CERTGEN"
|
|
|
|
echo " * certreq: $ENABLED_CERTREQ"
|
|
|
|
echo " * certext: $ENABLED_CERTEXT"
|
|
|
|
echo " * HC-128: $ENABLED_HC128"
|
|
|
|
echo " * RABBIT: $ENABLED_RABBIT"
|
|
|
|
echo " * CHACHA: $ENABLED_CHACHA"
|
|
|
|
echo " * Hash DRBG: $ENABLED_HASHDRBG"
|
|
|
|
echo " * PWDBASED: $ENABLED_PWDBASED"
|
|
|
|
echo " * wolfCrypt Only: $ENABLED_CRYPTONLY"
|
|
|
|
echo " * HKDF: $ENABLED_HKDF"
|
|
|
|
echo " * MD4: $ENABLED_MD4"
|
|
|
|
echo " * PSK: $ENABLED_PSK"
|
|
|
|
echo " * Poly1305: $ENABLED_POLY1305"
|
|
|
|
echo " * LEANPSK: $ENABLED_LEANPSK"
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-02-13 01:30:26 +03:00
|
|
|
echo " * LEANTLS: $ENABLED_LEANTLS"
|
2015-11-02 21:51:01 +03:00
|
|
|
echo " * RSA: $ENABLED_RSA"
|
|
|
|
echo " * DSA: $ENABLED_DSA"
|
|
|
|
echo " * DH: $ENABLED_DH"
|
|
|
|
echo " * ECC: $ENABLED_ECC"
|
|
|
|
echo " * CURVE25519: $ENABLED_CURVE25519"
|
|
|
|
echo " * ED25519: $ENABLED_ED25519"
|
|
|
|
echo " * FPECC: $ENABLED_FPECC"
|
|
|
|
echo " * ECC_ENCRYPT: $ENABLED_ECC_ENCRYPT"
|
|
|
|
echo " * ASN: $ENABLED_ASN"
|
|
|
|
echo " * Anonymous cipher: $ENABLED_ANON"
|
|
|
|
echo " * CODING: $ENABLED_CODING"
|
|
|
|
echo " * MEMORY: $ENABLED_MEMORY"
|
|
|
|
echo " * I/O POOL: $ENABLED_IOPOOL"
|
|
|
|
echo " * LIGHTY: $ENABLED_LIGHTY"
|
|
|
|
echo " * STUNNEL: $ENABLED_STUNNEL"
|
|
|
|
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
|
|
|
|
echo " * DTLS: $ENABLED_DTLS"
|
|
|
|
echo " * Old TLS Versions: $ENABLED_OLD_TLS"
|
|
|
|
echo " * SSL version 3.0: $ENABLED_SSLV3"
|
|
|
|
echo " * OCSP: $ENABLED_OCSP"
|
2015-12-30 23:10:25 +03:00
|
|
|
echo " * OCSP Stapling: $ENABLED_CERTIFICATE_STATUS_REQUEST"
|
|
|
|
echo " * OCSP Stapling v2: $ENABLED_CERTIFICATE_STATUS_REQUEST_V2"
|
2015-11-02 21:51:01 +03:00
|
|
|
echo " * CRL: $ENABLED_CRL"
|
|
|
|
echo " * CRL-MONITOR: $ENABLED_CRL_MONITOR"
|
|
|
|
echo " * Persistent session cache: $ENABLED_SAVESESSION"
|
|
|
|
echo " * Persistent cert cache: $ENABLED_SAVECERT"
|
|
|
|
echo " * Atomic User Record Layer: $ENABLED_ATOMICUSER"
|
|
|
|
echo " * Public Key Callbacks: $ENABLED_PKCALLBACKS"
|
|
|
|
echo " * NTRU: $ENABLED_NTRU"
|
|
|
|
echo " * Server Name Indication: $ENABLED_SNI"
|
|
|
|
echo " * ALPN: $ENABLED_ALPN"
|
|
|
|
echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT"
|
|
|
|
echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC"
|
|
|
|
echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
|
|
|
|
echo " * Session Ticket: $ENABLED_SESSION_TICKET"
|
|
|
|
echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION"
|
|
|
|
echo " * Secure Renegotiation: $ENABLED_SECURE_RENEGOTIATION"
|
|
|
|
echo " * All TLS Extensions: $ENABLED_TLSX"
|
|
|
|
echo " * PKCS#7 $ENABLED_PKCS7"
|
|
|
|
echo " * wolfSCEP $ENABLED_WOLFSCEP"
|
|
|
|
echo " * Secure Remote Password $ENABLED_SRP"
|
|
|
|
echo " * Small Stack: $ENABLED_SMALL_STACK"
|
|
|
|
echo " * valgrind unit tests: $ENABLED_VALGRIND"
|
|
|
|
echo " * LIBZ: $ENABLED_LIBZ"
|
|
|
|
echo " * Examples: $ENABLED_EXAMPLES"
|
|
|
|
echo " * User Crypto: $ENABLED_USER_CRYPTO"
|
|
|
|
echo " * Fast RSA: $ENABLED_FAST_RSA"
|
2016-03-04 21:05:22 +03:00
|
|
|
echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
|
2012-09-20 10:38:41 +04:00
|
|
|
echo ""
|
|
|
|
echo "---"
|
2016-03-31 01:15:38 +03:00
|
|
|
|
|
|
|
# Show warnings at bottom so they are noticed
|
|
|
|
if test "$ENABLED_ASYNCCRYPT" = "yes"
|
|
|
|
then
|
|
|
|
AC_MSG_WARN([Make sure real async files are loaded. Contact wolfSSL for details on using the asynccrypt option.])
|
|
|
|
fi
|