diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-07-01 14:15:11 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-22 14:35:16 +0200 |
commit | 53f97e1e9125aa9327c7ecf4a1b0b1a0c20cf2de (patch) | |
tree | db6651657f923cf0e7f2a6c34fd673ccb2e5c2fb /configure.ac | |
parent | 725336282db0c9f160d6ef577288e5a628959776 (diff) | |
download | openvpn-53f97e1e9125aa9327c7ecf4a1b0b1a0c20cf2de.tar.gz openvpn-53f97e1e9125aa9327c7ecf4a1b0b1a0c20cf2de.tar.xz openvpn-53f97e1e9125aa9327c7ecf4a1b0b1a0c20cf2de.zip |
Added PolarSSL support:
- Crypto library
- SSL library
- PKCS#11 support
For missing features, please see README.polarssl
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 67 |
1 files changed, 49 insertions, 18 deletions
diff --git a/configure.ac b/configure.ac index b80439b..bbdd713 100644 --- a/configure.ac +++ b/configure.ac @@ -291,14 +291,16 @@ AC_ARG_WITH(mem-check, ) AC_ARG_WITH([ssl-type], - [ --with-ssl-type=TYPE Build with the given SSL library, TYPE = openssl ], + [ --with-ssl-type=TYPE Build with the given SSL library, TYPE = openssl or polarssl ], [case "${withval}" in openssl) SSL_LIB=openssl ;; + polarssl) SSL_LIB=polarssl ;; *) AC_MSG_ERROR([bad value ${withval} for --with-ssl-type]) ;; esac], [SSL_LIB="openssl"] ) AM_CONDITIONAL([USE_OPENSSL], [test x$SSL_LIB = xopenssl]) +AM_CONDITIONAL([USE_POLARSSL], [test x$SSL_LIB = xpolarssl]) dnl fix search path, to allow compilers to find syshead.h CPPFLAGS="$CPPFLAGS -I${srcdir}" @@ -710,6 +712,24 @@ if test "$LZO_STUB" = "yes"; then fi dnl +dnl enable pkcs11 capability +dnl + +if test "$PKCS11" = "yes"; then + AC_CHECKING([for pkcs11-helper Library and Header files]) + AC_CHECK_HEADER(pkcs11-helper-1.0/pkcs11h-core.h, + [AC_CHECK_LIB(pkcs11-helper, pkcs11h_initialize, + [ + AC_DEFINE(USE_PKCS11, 1, [Enable PKCS11 capability]) + OPENVPN_ADD_LIBS(-lpkcs11-helper) + ], + [AC_MSG_RESULT([pkcs11-helper library not found.])] + )], + [AC_MSG_RESULT([pkcs11-helper headers not found.])] + ) +fi + +dnl dnl check for SSL-crypto library dnl @@ -752,7 +772,20 @@ if test "$CRYPTO" = "yes"; then [AC_MSG_ERROR([OpenSSL crypto Library is too old.])] ) fi - + if test "$SSL_LIB" = "polarssl"; then + AC_CHECKING([for PolarSSL Crypto Library and Header files]) + AC_CHECK_HEADER(polarssl/aes.h, + [AC_CHECK_LIB(polarssl, aes_crypt_cbc, + [ + OPENVPN_ADD_LIBS(-lpolarssl) + AC_DEFINE(USE_CRYPTO, 1, [Use crypto library]) + AC_DEFINE(USE_POLARSSL, 1, [Use PolarSSL library]) + ], + [AC_MSG_ERROR([PolarSSL Crypto library not found.])] + )], + [AC_MSG_ERROR([PolarSSL Crypto headers not found.])] + ) + fi dnl dnl check for OpenSSL-SSL library dnl @@ -788,6 +821,20 @@ if test "$CRYPTO" = "yes"; then AC_DEFINE(USE_SSL, 1, [Use OpenSSL SSL library]) fi + if test "$SSL_LIB" = "polarssl"; then + AC_CHECKING([for PolarSSL SSL Library and Header files]) + AC_CHECK_HEADER(polarssl/ssl.h, + [AC_CHECK_LIB(polarssl, ssl_init, + [ + OPENVPN_ADD_LIBS(-lpolarssl) + AC_DEFINE(USE_SSL, 1, [Use SSL library]) + AC_DEFINE(USE_POLARSSL, 1, [Use PolarSSL library]) + ], + [AC_MSG_ERROR([PolarSSL SSL library not found.])] + )], + [AC_MSG_ERROR([PolarSSL SSL headers not found.])] + ) + fi fi fi @@ -796,22 +843,6 @@ if test "$X509ALTUSERNAME" = "yes"; then AC_DEFINE(ENABLE_X509ALTUSERNAME, 1, [Enable --x509-username-field feature]) fi -dnl enable pkcs11 capability - -if test "$PKCS11" = "yes"; then - AC_CHECKING([for pkcs11-helper Library and Header files]) - AC_CHECK_HEADER(pkcs11-helper-1.0/pkcs11h-core.h, - [AC_CHECK_LIB(pkcs11-helper, pkcs11h_initialize, - [ - AC_DEFINE(USE_PKCS11, 1, [Enable PKCS11 capability]) - OPENVPN_ADD_LIBS(-lpkcs11-helper) - ], - [AC_MSG_RESULT([pkcs11-helper library not found.])] - )], - [AC_MSG_RESULT([pkcs11-helper headers not found.])] - ) -fi - dnl enable multi-client mode if test "$MULTI" = "yes"; then AC_DEFINE(ENABLE_CLIENT_SERVER, 1, [Enable client/server capability]) |