summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2011-04-24 16:15:04 +0200
committerStephen Gallagher <sgallagh@redhat.com>2011-04-27 11:47:24 -0400
commit172c07013d1ea99447a780fd36f49d5c3a76981b (patch)
tree2118564c1f9b161f40ba04fa124f9066d66ab841 /src
parente81a816cddab4a62f263d1a0274d5d3f101e8e0f (diff)
downloadsssd-172c07013d1ea99447a780fd36f49d5c3a76981b.tar.gz
sssd-172c07013d1ea99447a780fd36f49d5c3a76981b.tar.xz
sssd-172c07013d1ea99447a780fd36f49d5c3a76981b.zip
Require openssl-devel is libcrypto backend is selected
Diffstat (limited to 'src')
-rw-r--r--src/conf_macros.m422
-rw-r--r--src/external/crypto.m420
-rw-r--r--src/tests/crypto-tests.c19
3 files changed, 44 insertions, 17 deletions
diff --git a/src/conf_macros.m4 b/src/conf_macros.m4
index 273a52704..31048d3de 100644
--- a/src/conf_macros.m4
+++ b/src/conf_macros.m4
@@ -295,3 +295,25 @@ AC_DEFUN([WITH_LIBNL],
fi
])
+AC_DEFUN([WITH_CRYPTO],
+ [ AC_ARG_WITH([crypto],
+ [AC_HELP_STRING([--with-crypto=CRYPTO_LIB],
+ [The cryptographic library to use (nss|libcrypto). The default is nss.]
+ )
+ ],
+ [],
+ with_crypto=nss
+ )
+
+ cryptolib=""
+ if test x"$with_crypto" != x; then
+ if test x"$with_crypto" = xnss || \
+ test x"$with_crypto" = xlibcrypto; then
+ cryptolib="$with_crypto";
+ else
+ AC_MSG_ERROR([Illegal value -$with_crypto- for option --with-crypto])
+ fi
+ fi
+ AM_CONDITIONAL([HAVE_NSS], [test x"$cryptolib" = xnss])
+ AM_CONDITIONAL([HAVE_LIBCRYPTO], [test x"$cryptolib" = xlibcrypto])
+ ])
diff --git a/src/external/crypto.m4 b/src/external/crypto.m4
index d1bcf40ac..19a064d3a 100644
--- a/src/external/crypto.m4
+++ b/src/external/crypto.m4
@@ -1,13 +1,9 @@
-AC_ARG_ENABLE(crypto,
- [ --enable-crypto Use OpenSSL crypto instead of NSS],
- [CRYPTO="$enableval"],
- [CRYPTO="no"]
-)
+AC_DEFUN([AM_CHECK_NSS],
+ [PKG_CHECK_MODULES([NSS],[nss])
+ AC_DEFINE_UNQUOTED(HAVE_NSS, 1, [Build with NSS crypto back end])
+])
-if test x$CRYPTO != xyes; then
- PKG_CHECK_MODULES([NSS],[nss],[have_nss=1],[have_nss=])
-else
- PKG_CHECK_MODULES([CRYPTO],[libcrypto],[have_crypto=1],[have_crypto=])
-fi
-AM_CONDITIONAL([HAVE_NSS], [test x$have_nss != x])
-AM_CONDITIONAL([HAVE_CRYPTO], [test x$have_crypto != x])
+AC_DEFUN([AM_CHECK_LIBCRYPTO],
+ [PKG_CHECK_MODULES([CRYPTO],[libcrypto])
+ AC_DEFINE_UNQUOTED(HAVE_LIBCRYPTO, 1, [Build with libcrypt crypto back end])
+])
diff --git a/src/tests/crypto-tests.c b/src/tests/crypto-tests.c
index f802c119d..286bc2356 100644
--- a/src/tests/crypto-tests.c
+++ b/src/tests/crypto-tests.c
@@ -55,9 +55,18 @@ START_TEST(test_encrypt_decrypt)
"", /* empty */
NULL}; /* sentinel */
int i;
- char *obfpwd;
- char *ctpwd;
+ char *obfpwd = NULL;
+ char *ctpwd = NULL;
int ret;
+ int expected;
+
+#ifdef HAVE_NSS
+ expected = EOK;
+#elif HAVE_LIBCRYPTO
+ expected = ENOSYS;
+#else
+#error Unknown crypto back end
+#endif
test_ctx = talloc_new(NULL);
fail_if(test_ctx == NULL);
@@ -66,12 +75,12 @@ START_TEST(test_encrypt_decrypt)
for (i=0; password[i]; i++) {
ret = sss_password_encrypt(test_ctx, password[i], strlen(password[i])+1,
AES_256, &obfpwd);
- fail_if(ret != EOK);
+ fail_if(ret != expected);
ret = sss_password_decrypt(test_ctx, obfpwd, &ctpwd);
- fail_if(ret != EOK);
+ fail_if(ret != expected);
- fail_if(strcmp(password[i], ctpwd) != 0);
+ fail_if(ctpwd && strcmp(password[i], ctpwd) != 0);
talloc_free(obfpwd);
talloc_free(ctpwd);