diff options
-rw-r--r-- | configure.ac | 8 | ||||
-rw-r--r-- | src/conf_macros.m4 | 22 | ||||
-rw-r--r-- | src/external/crypto.m4 | 20 | ||||
-rw-r--r-- | src/tests/crypto-tests.c | 19 |
4 files changed, 52 insertions, 17 deletions
diff --git a/configure.ac b/configure.ac index 18aa823b9..f88846648 100644 --- a/configure.ac +++ b/configure.ac @@ -95,6 +95,7 @@ WITH_SELINUX WITH_NSCD WITH_SEMANAGE WITH_LIBNL +WITH_CRYPTO m4_include([src/external/pkg.m4]) m4_include([src/external/libpopt.m4]) @@ -175,6 +176,13 @@ if test x$HAVE_SYSTEMD_UNIT != x; then AM_CHECK_SYSTEMD fi +if test x$cryptolib = xnss; then + AM_CHECK_NSS +fi +if test x$cryptolib = xlibcrypto; then + AM_CHECK_LIBCRYPTO +fi + AC_CHECK_HEADERS([sys/inotify.h]) AC_CHECK_HEADERS([sasl/sasl.h],,AC_MSG_ERROR([Could not find SASL headers])) diff --git a/src/conf_macros.m4 b/src/conf_macros.m4 index 273a52704..31048d3de 100644 --- a/src/conf_macros.m4 +++ b/src/conf_macros.m4 @@ -295,3 +295,25 @@ AC_DEFUN([WITH_LIBNL], fi ]) +AC_DEFUN([WITH_CRYPTO], + [ AC_ARG_WITH([crypto], + [AC_HELP_STRING([--with-crypto=CRYPTO_LIB], + [The cryptographic library to use (nss|libcrypto). The default is nss.] + ) + ], + [], + with_crypto=nss + ) + + cryptolib="" + if test x"$with_crypto" != x; then + if test x"$with_crypto" = xnss || \ + test x"$with_crypto" = xlibcrypto; then + cryptolib="$with_crypto"; + else + AC_MSG_ERROR([Illegal value -$with_crypto- for option --with-crypto]) + fi + fi + AM_CONDITIONAL([HAVE_NSS], [test x"$cryptolib" = xnss]) + AM_CONDITIONAL([HAVE_LIBCRYPTO], [test x"$cryptolib" = xlibcrypto]) + ]) diff --git a/src/external/crypto.m4 b/src/external/crypto.m4 index d1bcf40ac..19a064d3a 100644 --- a/src/external/crypto.m4 +++ b/src/external/crypto.m4 @@ -1,13 +1,9 @@ -AC_ARG_ENABLE(crypto, - [ --enable-crypto Use OpenSSL crypto instead of NSS], - [CRYPTO="$enableval"], - [CRYPTO="no"] -) +AC_DEFUN([AM_CHECK_NSS], + [PKG_CHECK_MODULES([NSS],[nss]) + AC_DEFINE_UNQUOTED(HAVE_NSS, 1, [Build with NSS crypto back end]) +]) -if test x$CRYPTO != xyes; then - PKG_CHECK_MODULES([NSS],[nss],[have_nss=1],[have_nss=]) -else - PKG_CHECK_MODULES([CRYPTO],[libcrypto],[have_crypto=1],[have_crypto=]) -fi -AM_CONDITIONAL([HAVE_NSS], [test x$have_nss != x]) -AM_CONDITIONAL([HAVE_CRYPTO], [test x$have_crypto != x]) +AC_DEFUN([AM_CHECK_LIBCRYPTO], + [PKG_CHECK_MODULES([CRYPTO],[libcrypto]) + AC_DEFINE_UNQUOTED(HAVE_LIBCRYPTO, 1, [Build with libcrypt crypto back end]) +]) diff --git a/src/tests/crypto-tests.c b/src/tests/crypto-tests.c index f802c119d..286bc2356 100644 --- a/src/tests/crypto-tests.c +++ b/src/tests/crypto-tests.c @@ -55,9 +55,18 @@ START_TEST(test_encrypt_decrypt) "", /* empty */ NULL}; /* sentinel */ int i; - char *obfpwd; - char *ctpwd; + char *obfpwd = NULL; + char *ctpwd = NULL; int ret; + int expected; + +#ifdef HAVE_NSS + expected = EOK; +#elif HAVE_LIBCRYPTO + expected = ENOSYS; +#else +#error Unknown crypto back end +#endif test_ctx = talloc_new(NULL); fail_if(test_ctx == NULL); @@ -66,12 +75,12 @@ START_TEST(test_encrypt_decrypt) for (i=0; password[i]; i++) { ret = sss_password_encrypt(test_ctx, password[i], strlen(password[i])+1, AES_256, &obfpwd); - fail_if(ret != EOK); + fail_if(ret != expected); ret = sss_password_decrypt(test_ctx, obfpwd, &ctpwd); - fail_if(ret != EOK); + fail_if(ret != expected); - fail_if(strcmp(password[i], ctpwd) != 0); + fail_if(ctpwd && strcmp(password[i], ctpwd) != 0); talloc_free(obfpwd); talloc_free(ctpwd); |