diff options
author | Greg Hudson <ghudson@mit.edu> | 2011-10-13 16:07:23 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2011-10-13 16:07:23 +0000 |
commit | c829ea8c9ac7ac866e6435ba99de90155c3cf144 (patch) | |
tree | 22c10c32c854b38049687963eb5c701f44193fcc /src/configure.in | |
parent | c9da1ad355e0ac07b35ecb1cb0d8aab570ae095a (diff) | |
download | krb5-c829ea8c9ac7ac866e6435ba99de90155c3cf144.tar.gz krb5-c829ea8c9ac7ac866e6435ba99de90155c3cf144.tar.xz krb5-c829ea8c9ac7ac866e6435ba99de90155c3cf144.zip |
Add PKINIT NSS support
Add an implementation of PKINIT using NSS instead of OpenSSL, from
nalin@redhat.com.
ticket: 6975
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25327 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/configure.in')
-rw-r--r-- | src/configure.in | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/src/configure.in b/src/configure.in index 7bb1a6cbde..3451173a49 100644 --- a/src/configure.in +++ b/src/configure.in @@ -190,6 +190,48 @@ if test "$PRNG_ALG" = fortuna; then AC_DEFINE(FORTUNA,1,[Define if Fortuna PRNG is selected]) fi +# WITH_PKINIT_CRYPTO_IMPL + +PKINIT_CRYPTO_IMPL="$CRYPTO_IMPL" +AC_ARG_WITH([pkinit-crypto-impl], +AC_HELP_STRING([--with-pkinit-crypto-impl=IMPL], [use specified pkinit crypto implementation @<:@openssl@:>@]), +[PKINIT_CRYPTO_IMPL=$withval +AC_MSG_RESULT("pkinit will use \'$withval\'") +], withval=$PKINIT_CRYPTO_IMPL) +case "$withval" in +builtin|openssl) + AC_CHECK_LIB(crypto, PKCS7_get_signer_info) + PKINIT_CRYPTO_IMPL=openssl + ;; +nss) + if test "${PKINIT_CRYPTO_IMPL_CFLAGS+set}" != set; then + PKINIT_CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss` + fi + if test "${PKINIT_CRYPTO_IMPL_LIBS+set}" != set; then + PKINIT_CRYPTO_IMPL_LIBS=`pkg-config --libs nss` + fi + AC_DEFINE(PKINIT_CRYPTO_IMPL_NSS,1,[Define if pkinit crypto implementation is NSS]) + save_CFLAGS=$CFLAGS + CFLAGS="$CFLAGS $PKINIT_CRYPTO_IMPL_CFLAGS" + AC_COMPILE_IFELSE([ +#include <nss.h> +#if NSS_VMAJOR < 3 || (NSS_VMAJOR == 3 && NSS_VMINOR < 12) +#error +#elif NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH < 11 +#error +#endif + ], [], [AC_MSG_ERROR([NSS version 3.12.11 or later required.])]) + CFLAGS=$save_CFLAGS + ;; +*) + AC_MSG_ERROR([Unknown crypto implementation $withval]) + ;; +esac +AC_CONFIG_COMMANDS(PKINIT_CRYPTO_IMPL,,PKINIT_CRYPTO_IMPL=$PKINIT_CRYPTO_IMPL) +AC_SUBST(PKINIT_CRYPTO_IMPL) +AC_SUBST(PKINIT_CRYPTO_IMPL_CFLAGS) +AC_SUBST(PKINIT_CRYPTO_IMPL_LIBS) + # --with-kdc-kdb-update makes the KDC update the database with last request # information and failure information. |