configure.ac: add --disable-autokey, #define AUTOKEY to enable future

  support for building without Autokey, but with OpenSSL for its digest
  algorithms (hash functions).  Code must be modified to use #ifdef
  AUTOKEY instead of #ifdef OPENSSL where appropriate to complete this.
include/ntp_crypto.h: make assumption AUTOKEY implies OPENSSL explicit.

bk: 4bf1b5d8uF9RhWxYFhpJ04bZIRUl_A

diff --git a/ChangeLog b/ChangeLog
index db944ae4cd4838097882c0117ea8a1decbc24715..dee6e8239946c0f53187cb05bbc8c6a507ecf446 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 * [Bug 1555] from 4.2.6p2-RC4: sntp illegal C (mixed code and
   declarations).
+* configure.ac: add --disable-autokey, #define AUTOKEY to enable future
+  support for building without Autokey, but with OpenSSL for its digest
+  algorithms (hash functions).  Code must be modified to use #ifdef
+  AUTOKEY instead of #ifdef OPENSSL where appropriate to complete this.
+* include/ntp_crypto.h: make assumption AUTOKEY implies OPENSSL explicit.
 (4.2.7p31) 2010/05/11 Released by Harlan Stenn <stenn@ntp.org>
 * [Bug 1325] from 4.2.6p2-RC3: unreachable code sntp recv_bcst_data().
 * [Bug 1459] from 4.2.6p2-RC3: sntp MD5 authentication does not work

diff --git a/configure.ac b/configure.ac
index f7966c3e192e16baae8fdc559ec01f80bd9cca53..855c46cac8f09c73ff63775f26fcbb9b88952eb4 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -2101,7 +2101,7 @@ if test "$ntp_ok" = "yes"; then
 fi
 AC_MSG_RESULT($ntp_ok)
 
-AC_MSG_CHECKING([[for a the number of minutes in a DST adjustment]])
+AC_MSG_CHECKING([for a the number of minutes in a DST adjustment])
 AC_ARG_ENABLE(
     [dst_minutes],
     AS_HELP_STRING(
@@ -3238,16 +3238,34 @@ case "$ntp_libparse" in
 esac
 AC_MSG_RESULT([$ans])
 
-
-# AC_SUBST(RSAOBJS)
-# AC_SUBST(RSASRCS)
-# AC_SUBST(RSADIR)
-# AC_SUBST(RSAREF)
-# AC_SUBST(LIBRSAREF)
-# AC_SUBST(MAKE_LIBRSAREF)
-
 NTP_OPENSSL
 
+# if we are using OpenSSL (--with-crypto), by default Autokey is enabled
+AC_MSG_CHECKING([if we want to include NTP Autokey protocol support])
+AC_ARG_ENABLE(
+    [autokey],
+    AS_HELP_STRING(
+       [--enable-autokey],
+       [+ Experimental disabling of NTP Autokey protocol]
+       ),
+    [ntp_autokey=$enableval],
+    [ntp_autokey=$ntp_openssl]
+)
+case "$ntp_autokey" in
+ no)
+    ;;
+ *)
+    case "$ntp_openssl" in
+     no)
+       AC_MSG_WARN([Disabling Autokey, --enable-autokey requires --with-crypto.])
+       ;;
+     *)
+       AC_DEFINE(AUTOKEY, , [Support NTP Autokey protocol?])
+       ntp_autokey=yes
+    esac
+esac
+AC_MSG_RESULT([$ntp_autokey])
+
 AC_MSG_CHECKING([if we want to compile with ElectricFence])
 AC_ARG_WITH(electricfence,
        AC_HELP_STRING([--with-electricfence], [- compile with ElectricFence malloc debugger]),

diff --git a/include/ntp_crypto.h b/include/ntp_crypto.h
index 9fc4cda5479407df04085d4e7360b01d87cc3794..501174d5428389c193b9edd6fd04d2edfc60bcae 100644 (file)
--- a/include/ntp_crypto.h
+++ b/include/ntp_crypto.h
@@ -179,5 +179,10 @@ extern     int     crypto_nid;     /* digest nid */
 extern struct value hostval;   /* host name/value */
 extern struct cert_info *cinfo; /* host certificate information */
 extern struct value tai_leap;  /* leapseconds table */
+#else  /* ! OPENSSL follows */
+#ifdef AUTOKEY
+#error AUTOKEY should be defined only if OPENSSL is.
+invalidsyntax: AUTOKEY should be defined only if OPENSSL is.
+#endif
 #endif /* OPENSSL */
 #endif /* NTP_CRYPTO_H */