CINCLUDES = ${NS_INCLUDES} ${BIND9_INCLUDES} ${DNS_INCLUDES} ${ISCCFG_INCLUDES} \
${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DNAMED_CONFFILE=\"${sysconfdir}/named.conf\"
+CDEFINES = -DNAMED_CONFFILE=\"${sysconfdir}/named.conf\"
CWARNINGS =
DNSLIBS = ../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
CINCLUDES = -I${srcdir}/include ${ISC_INCLUDES} ${ISCCC_INCLUDES} \
${ISCCFG_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@
#include <isc/time.h>
#include <isc/util.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
int len = 0;
int ch;
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
CINCLUDES = -I${srcdir}/include -I${srcdir}/../include \
${DNS_INCLUDES} ${ISC_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
OBJS = os.@O@
CINCLUDES = -I${srcdir}/include ${DNS_INCLUDES} ${ISC_INCLUDES} \
${IRS_INCLUDES} ${ISCCFG_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DVERSION=\"${VERSION}\" \
+CDEFINES = -DVERSION=\"${VERSION}\" \
-DSYSCONFDIR=\"${sysconfdir}\"
CWARNINGS =
${BIND9_INCLUDES} ${ISC_INCLUDES} \
${IRS_INCLUDES} ${ISCCFG_INCLUDES} @LIBIDN2_CFLAGS@ @DST_OPENSSL_INC@
-CDEFINES = -DVERSION=\"${VERSION}\" @CRYPTO@
+CDEFINES = -DVERSION=\"${VERSION}\"
CWARNINGS =
ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@
#include <dig/dig.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
debug("setup_libs()");
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
CDEFINES = -DVERSION=\"${VERSION}\" @USE_PKCS11@ @PKCS11_ENGINE@ \
- @CRYPTO@ -DPK11_LIB_LOCATION=\"@PKCS11_PROVIDER@\"
+ -DPK11_LIB_LOCATION=\"@PKCS11_PROVIDER@\"
CWARNINGS =
DNSLIBS = ../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fatal("out of memory");
}
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
if (result != ISC_R_SUCCESS)
fatal("out of memory");
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
if (result != ISC_R_SUCCESS)
fatal("out of memory");
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fprintf(stderr, " -3: use NSEC3-capable algorithm\n");
fprintf(stderr, " -c class (default: IN)\n");
fprintf(stderr, " -E <engine>:\n");
-#if defined(PKCS11CRYPTO)
+#if HAVE_PKCS11
fprintf(stderr, " path to PKCS#11 provider library "
"(default is %s)\n", PK11_LIB_LOCATION);
#elif defined(USE_PKCS11)
RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
/* associate the key */
ret = dst_key_fromlabel(name, alg, flags, protocol, rdclass,
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
"pkcs11",
#else
engine,
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fprintf(stderr, " -c <class>: (default: IN)\n");
fprintf(stderr, " -d <digest bits> (0 => max, default)\n");
fprintf(stderr, " -E <engine>:\n");
-#if defined(PKCS11CRYPTO)
+#if HAVE_PKCS11
fprintf(stderr, " path to PKCS#11 provider library "
"(default is %s)\n", PK11_LIB_LOCATION);
#elif defined(USE_PKCS11)
if (argc == 1)
usage();
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fprintf(stderr, "Usage:\n");
fprintf(stderr, " %s [options] keyfile\n\n", program);
fprintf(stderr, "Version: %s\n", VERSION);
-#if defined(PKCS11CRYPTO)
+#if HAVE_PKCS11
fprintf(stderr, " -E engine: specify PKCS#11 provider "
"(default: %s)\n", PK11_LIB_LOCATION);
#elif defined(USE_PKCS11)
if (result != ISC_R_SUCCESS)
fatal("Out of memory");
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fprintf(stderr, " %s [options] keyfile\n\n", program);
fprintf(stderr, "Version: %s\n", VERSION);
fprintf(stderr, "General options:\n");
-#if defined(PKCS11CRYPTO)
+#if HAVE_PKCS11
fprintf(stderr, " -E engine: specify PKCS#11 provider "
"(default: %s)\n", PK11_LIB_LOCATION);
#elif defined(USE_PKCS11)
setup_logging(mctx, &log);
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fprintf(stderr, "verify generated signatures\n");
fprintf(stderr, "\t-c class (IN)\n");
fprintf(stderr, "\t-E engine:\n");
-#if defined(PKCS11CRYPTO)
+#if HAVE_PKCS11
fprintf(stderr, "\t\tpath to PKCS#11 provider library "
"(default is %s)\n", PK11_LIB_LOCATION);
#elif defined(USE_PKCS11)
if (result != ISC_R_SUCCESS)
fatal("out of memory");
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
#include <dst/dst.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
fprintf(stderr, "\t\tfile format of input zonefile (text)\n");
fprintf(stderr, "\t-c class (IN)\n");
fprintf(stderr, "\t-E engine:\n");
-#if defined(PKCS11CRYPTO)
+#if HAVE_PKCS11
fprintf(stderr, "\t\tpath to PKCS#11 provider library "
"(default is %s)\n", PK11_LIB_LOCATION);
#elif defined(USE_PKCS11)
if (result != ISC_R_SUCCESS)
fatal("out of memory");
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
dns_result_register();
${ISC_INCLUDES} ${DLZDRIVER_INCLUDES} \
${DBDRIVER_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CONTRIB_DLZ@ @USE_PKCS11@ @PKCS11_ENGINE@ @CRYPTO@
+CDEFINES = @CONTRIB_DLZ@ @USE_PKCS11@ @PKCS11_ENGINE@
CWARNINGS =
#include <dns/view.h>
#include <dst/result.h>
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/result.h>
#endif
#include <named/smf_globals.h>
#endif
-#ifdef OPENSSL
+#if HAVE_OPENSSL
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#endif
#ifdef __SUNPRO_C
printf("compiled by Solaris Studio %x\n", __SUNPRO_C);
#endif
-#ifdef OPENSSL
+#if HAVE_OPENSSL
printf("compiled with OpenSSL version: %s\n",
OPENSSL_VERSION_TEXT);
#if !defined(LIBRESSL_VERSION_NUMBER) && \
dns_result_register();
dst_result_register();
isccc_result_register();
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
pk11_result_register();
#endif
${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} \
${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
OBJS = os.@O@ dlz_dlopen_driver.@O@
${ISCCFG_INCLUDES} ${IRS_INCLUDES} ${DST_GSSAPI_INC} \
@DST_OPENSSL_INC@
-CDEFINES = -DVERSION=\"${VERSION}\" @CRYPTO@ @USE_GSSAPI@
+CDEFINES = -DVERSION=\"${VERSION}\" @USE_GSSAPI@
CWARNINGS =
DNSLIBS = ../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
CINCLUDES = ${ISC_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
ISCLIBS = ../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
CINCLUDES = -I${srcdir}/include ${ISC_INCLUDES} ${ISCCC_INCLUDES} \
${ISCCFG_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES} \
@DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
BACKTRACECFLAGS = @BACKTRACECFLAGS@
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES} \
@DST_OPENSSL_INC@ @DST_GSSAPI_INC@
-CDEFINES = @CRYPTO@ @USE_GSSAPI@
+CDEFINES = @USE_GSSAPI@
CWARNINGS =
BACKTRACECFLAGS = @BACKTRACECFLAGS@
CINCLUDES = ${ISC_INCLUDES}
-CDEFINES = -DPK11_LIB_LOCATION=\"${PROVIDER}\" @CRYPTO@
+CDEFINES = -DPK11_LIB_LOCATION=\"${PROVIDER}\"
ISCLIBS = ../../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
CINCLUDES = ${ISC_INCLUDES}
-CDEFINES = -DPK11_LIB_LOCATION=\"${PROVIDER}\" @CRYPTO@
+CDEFINES = -DPK11_LIB_LOCATION=\"${PROVIDER}\"
ISCLIBS = ../../../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
CINCLUDES = ${ISC_INCLUDES} ${DNS_INCLUDES}
-CDEFINES = @USE_GSSAPI@ @CRYPTO@
+CDEFINES = @USE_GSSAPI@
CWARNINGS =
DNSLIBS =
@BIND9_MAKE_INCLUDES@
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
LIBS = @LIBS@
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
DNSLIBS = ../../../../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
DNSLIBS = ../../../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
CINCLUDES = ${ISC_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
ISCLIBS = ../../../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
CINCLUDES = ${ISC_INCLUDES} ${DNS_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
DNSLIBS =
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
DNSLIBS = ../../../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
#include <config.h>
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
-
#include <stdio.h>
#include <stdlib.h>
#include <dst/dst.h>
#include <dst/result.h>
-#if !defined(OPENSSL)
+#if !HAVE_OPENSSL
/*
* Use a fixed key file pair if compiled without OpenSSL.
return(0);
}
-#else
+#else /* !HAVE_OPENSSL */
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/rsa.h>
}
#endif
-#else /* OPENSSL || PKCS11CRYPTO */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <isc/util.h>
-
-int
-main(int argc, char **argv) {
- UNUSED(argc);
- UNUSED(argv);
- fprintf(stderr, "Compiled without Crypto\n");
- exit(1);
-}
-
-#endif /* OPENSSL || PKCS11CRYPTO */
/*! \file */
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
DNSLIBS = ../../../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
* information regarding copyright ownership.
*/
+#include <config.h>
#define _GNU_SOURCE
#include <sys/syscall.h>
CINCLUDES = ${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES} \
${BIND9_INCLUDES} @DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DVERSION=\"${VERSION}\"
+CDEFINES = -DVERSION=\"${VERSION}\"
CWARNINGS =
DNSLIBS = ../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
{"libisccc.dll", FileData::BinDir, FileData::Critical, FALSE, TRUE},
{"libdns.dll", FileData::BinDir, FileData::Critical, FALSE, TRUE},
{"libirs.dll", FileData::BinDir, FileData::Critical, FALSE, TRUE},
-#ifdef OPENSSL
+#if HAVE_OPENSSL
{"libeay32.dll", FileData::BinDir, FileData::Critical, FALSE, TRUE},
#endif
#ifdef HAVE_LIBXML2
/* Define to 1 if you have the <net/route.h> header file. */
#undef HAVE_NET_ROUTE_H
+/* Define if OpenSSL is used as cryptographic library provider. */
+#undef HAVE_OPENSSL
+
/* Define if your OpenSSL version supports AES */
#undef HAVE_OPENSSL_AES
/* Define if your OpenSSL version supports GOST. */
#undef HAVE_OPENSSL_GOST
+/* Define if native PKCS#11 is used as cryptographic library provider */
+#undef HAVE_PKCS11
+
/* Define if your PKCS11 provider supports ECDSA. */
#undef HAVE_PKCS11_ECDSA
/* Define if your OpenSSL version supports GOST. */
@HAVE_OPENSSL_GOST@
+/* Define if native PKCS#11 is used as cryptographic library provider */
+@HAVE_PKCS11@
+
/* Define if your PKCS11 provider supports ECDSA. */
@HAVE_PKCS11_ECDSA@
/* Define if GOST private keys are encoded in ASN.1. */
@PREFER_GOSTASN1@
+/* Define if OpenSSL is used as cryptographic library provider. */
+@HAVE_OPENSSL@
+
/* Define if your OpenSSL version supports EVP AES */
@HAVE_OPENSSL_EVP_AES@
PKCS11_ED25519
PKCS11_GOST
PKCS11_ECDSA
-CRYPTO
PKCS11LINKSRCS
PKCS11LINKOBJS
PKCS11_PROVIDER
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: disabled because of native PKCS11" >&5
$as_echo "disabled because of native PKCS11" >&6; }
DST_OPENSSL_INC=""
- CRYPTO="-DPKCS11CRYPTO"
+ CRYPTO="PKCS11"
CRYPTOLIB="pkcs11"
OPENSSLECDSALINKOBJS=""
OPENSSLECDSALINKSRCS=""
OPENSSLGOSTLINKSRCS=""
OPENSSLLINKOBJS=""
OPENSSLLINKSRCS=""
+
+$as_echo "#define HAVE_PKCS11 1" >>confdefs.h
+
;;
no)
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
then
as_fn_error $? "\"$use_openssl/include/openssl/opensslv.h\" not found" "$LINENO" 5
fi
- CRYPTO='-DOPENSSL'
+ CRYPTO='OPENSSL'
CRYPTOLIB="openssl"
if test "/usr" = "$use_openssl"
then
CFLAGS="$DST_OPENSSL_INC $CFLAGS"
LIBS="$DST_OPENSSL_LIBS $LIBS"
+$as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL >= 1.0.0 or LibreSSL" >&5
$as_echo_n "checking for OpenSSL >= 1.0.0 or LibreSSL... " >&6; }
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
ISC_PLATFORM_OPENSSLHASH="#undef ISC_PLATFORM_OPENSSLHASH"
if test "whenossl" = "$want_openssl_hash"
then
- if test "X$CRYPTO" = "X-DOPENSSL"
+ if test "$CRYPTO" = "OPENSSL"
then
want_openssl_hash="yes"
else
fi
case $want_openssl_hash in
yes)
- if test "X$CRYPTO" != "X-DOPENSSL"
+ if test "$CRYPTO" != "OPENSSL"
then
as_fn_error $? "No OpenSSL for hash functions" "$LINENO" 5
fi
if ! $use_threads; then
as_fn_error $? "PKCS11 requires thread support" "$LINENO" 5
fi
- if test "X$CRYPTO" = "X-DOPENSSL"
+ if test "$CRYPTO" = "OPENSSL"
then
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL with PKCS11 support" >&5
$as_echo_n "checking for OpenSSL with PKCS11 support... " >&6; }
-
if test "X$CRYPTO" = "X"; then
# cat << \EOF
as_fn_error $? "No cryptography library has been found or provided.
native_pkcs11)
AC_MSG_RESULT(disabled because of native PKCS11)
DST_OPENSSL_INC=""
- CRYPTO="-DPKCS11CRYPTO"
+ CRYPTO="PKCS11"
CRYPTOLIB="pkcs11"
OPENSSLECDSALINKOBJS=""
OPENSSLECDSALINKSRCS=""
OPENSSLGOSTLINKSRCS=""
OPENSSLLINKOBJS=""
OPENSSLLINKSRCS=""
+ AC_DEFINE([HAVE_PKCS11],[1],[Define if native PKCS#11 is used as cryptographic library provider])
;;
no)
AC_MSG_RESULT(no)
then
AC_MSG_ERROR(["$use_openssl/include/openssl/opensslv.h" not found])
fi
- CRYPTO='-DOPENSSL'
+ CRYPTO='OPENSSL'
CRYPTOLIB="openssl"
if test "/usr" = "$use_openssl"
then
saved_libs="$LIBS"
CFLAGS="$DST_OPENSSL_INC $CFLAGS"
LIBS="$DST_OPENSSL_LIBS $LIBS"
-
+ AC_DEFINE([HAVE_OPENSSL],[1],[Define if OpenSSL is used as cryptographic library provider.])
AC_MSG_CHECKING(for OpenSSL >= 1.0.0 or LibreSSL)
AC_TRY_COMPILE([
#include <openssl/opensslv.h>
ISC_PLATFORM_OPENSSLHASH="#undef ISC_PLATFORM_OPENSSLHASH"
if test "whenossl" = "$want_openssl_hash"
then
- if test "X$CRYPTO" = "X-DOPENSSL"
+ if test "$CRYPTO" = "OPENSSL"
then
want_openssl_hash="yes"
else
fi
case $want_openssl_hash in
yes)
- if test "X$CRYPTO" != "X-DOPENSSL"
+ if test "$CRYPTO" != "OPENSSL"
then
AC_MSG_ERROR([No OpenSSL for hash functions])
fi
if ! $use_threads; then
AC_MSG_ERROR([PKCS11 requires thread support])
fi
- if test "X$CRYPTO" = "X-DOPENSSL"
+ if test "$CRYPTO" = "OPENSSL"
then
AC_MSG_CHECKING(for OpenSSL with PKCS11 support)
saved_cc="$CC"
AC_SUBST(PKCS11LINKOBJS)
AC_SUBST(PKCS11LINKSRCS)
-AC_SUBST(CRYPTO)
AC_SUBST(PKCS11_ECDSA)
AC_SUBST(PKCS11_GOST)
AC_SUBST(PKCS11_ED25519)
CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \
${ISC_INCLUDES} ${DLZINCLUDES}
-CDEFINES = @CONTRIB_DLZ@ @CRYPTO@
+CDEFINES = @CONTRIB_DLZ@
CWARNINGS =
DLZLIBS = @DLZ_DRIVER_LIBS@
CINCLUDES = -I. ${BIND9_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} \
${ISCCFG_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
ISCLIBS = ../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
/*! \file */
+#include <config.h>
#include <bind9/version.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <signal.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <versions.h>
CINCLUDES = -I. -I${top_srcdir}/lib/dns -Iinclude ${DNS_INCLUDES} \
${ISC_INCLUDES} @DST_OPENSSL_INC@ @DST_GSSAPI_INC@
-CDEFINES = -DUSE_MD5 @CRYPTO@ @USE_GSSAPI@ ${USE_ISC_SPNEGO}
+CDEFINES = -DUSE_MD5 @USE_GSSAPI@ ${USE_ISC_SPNEGO}
CWARNINGS =
* information regarding copyright ownership.
*/
+#include <config.h>
+
/*! \file */
#define DNS_NAME_USEINLINE 1
-#include <config.h>
-
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
return (_r); \
} while (0); \
-#if defined(OPENSSL)
+#if HAVE_OPENSSL
static void *
default_memalloc(void *arg, size_t size) {
UNUSED(arg);
REQUIRE(mctx != NULL);
REQUIRE(dst_initialized == ISC_FALSE);
-#if !defined(OPENSSL) && !defined(PKCS11CRYPTO)
UNUSED(engine);
-#endif
dst__memory_pool = NULL;
-#if defined(OPENSSL)
+#if HAVE_OPENSSL
UNUSED(mctx);
/*
* When using --with-openssl, there seems to be no good way of not
#ifndef OPENSSL_LEAKS
isc_mem_setdestroycheck(dst__memory_pool, ISC_FALSE);
#endif
-#else /* OPENSSL */
+#else /* HAVE_OPENSSL */
isc_mem_attach(mctx, &dst__memory_pool);
-#endif /* OPENSSL */
+#endif /* HAVE_OPENSSL */
dst_result_register();
RETERR(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256]));
RETERR(dst__hmacsha384_init(&dst_t_func[DST_ALG_HMACSHA384]));
RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512]));
-#ifdef OPENSSL
+#if HAVE_OPENSSL
RETERR(dst__openssl_init(engine));
#ifndef PK11_MD5_DISABLE
RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5],
#ifdef HAVE_OPENSSL_ED448
RETERR(dst__openssleddsa_init(&dst_t_func[DST_ALG_ED448]));
#endif
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
RETERR(dst__pkcs11_init(mctx, engine));
#ifndef PK11_MD5_DISABLE
RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSAMD5]));
#ifdef HAVE_PKCS11_GOST
RETERR(dst__pkcs11gost_init(&dst_t_func[DST_ALG_ECCGOST]));
#endif
-#endif /* if OPENSSL, elif PKCS11CRYPTO */
+#endif /* if HAVE_OPENSSL, elif HAVE_PKCS11 */
#ifdef GSSAPI
RETERR(dst__gssapi_init(&dst_t_func[DST_ALG_GSSAPI]));
#endif
-#if !defined(OPENSSL) && !defined(PKCS11CRYPTO)
-#error Either OpenSSL or PKCS#11 cryptographic provider needed.
-#endif /* !defined(OPENSSL) && !defined(PKCS11CRYPTO) */
dst_initialized = ISC_TRUE;
return (ISC_R_SUCCESS);
for (i = 0; i < DST_MAX_ALGS; i++)
if (dst_t_func[i] != NULL && dst_t_func[i]->cleanup != NULL)
dst_t_func[i]->cleanup();
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
-#ifdef OPENSSL
+#if HAVE_OPENSSL
dst__openssl_destroy();
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
(void) dst__pkcs11_destroy();
-#endif /* if OPENSSL, elif PKCS11CRYPTO */
-#endif /* defined(OPENSSL) || defined(PKCS11CRYPTO) */
+#else
+#error Either OpenSSL or PKCS#11 cryptographic provider needed.
+#endif /* if HAVE_OPENSSL, elif HAVE_PKCS11 */
if (dst__memory_pool != NULL)
isc_mem_detach(&dst__memory_pool);
}
algorithm_status(unsigned int alg) {
REQUIRE(dst_initialized == ISC_TRUE);
- if (dst_algorithm_supported(alg))
+ if (dst_algorithm_supported(alg)) {
return (ISC_R_SUCCESS);
-#if !defined(OPENSSL) && !defined(PKCS11CRYPTO)
- if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 ||
- alg == DST_ALG_DSA || alg == DST_ALG_DH ||
- alg == DST_ALG_HMACMD5 || alg == DST_ALG_NSEC3DSA ||
- alg == DST_ALG_NSEC3RSASHA1 ||
- alg == DST_ALG_RSASHA256 || alg == DST_ALG_RSASHA512 ||
- alg == DST_ALG_ECCGOST ||
- alg == DST_ALG_ECDSA256 || alg == DST_ALG_ECDSA384 ||
- alg == DST_ALG_ED25519 || alg == DST_ALG_ED448)
- return (DST_R_NOCRYPTO);
-#endif
+ }
return (DST_R_UNSUPPORTEDALG);
}
#include <dst/dst.h>
-#ifdef OPENSSL
+#if HAVE_OPENSSL
#ifndef PK11_DH_DISABLE
#include <openssl/dh.h>
#endif
union {
void *generic;
gss_ctx_id_t gssctx;
-#ifdef OPENSSL
+#if HAVE_OPENSSL
#ifndef PK11_DSA_DISABLE
DSA *dsa;
#endif
DH *dh;
#endif
EVP_PKEY *pkey;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
pk11_object_t *pkey;
#endif
#ifndef PK11_MD5_DISABLE
isc_hmacsha256_t *hmacsha256ctx;
isc_hmacsha384_t *hmacsha384ctx;
isc_hmacsha512_t *hmacsha512ctx;
-#ifdef OPENSSL
+#if HAVE_OPENSSL
EVP_MD_CTX *evp_md_ctx;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
pk11_context_t *pk11_ctx;
#endif
} ctxdata;
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#ifdef OPENSSL
-
#include <config.h>
+#if HAVE_OPENSSL
+
#include <isc/mem.h>
#include <isc/mutex.h>
#include <isc/mutexblock.h>
}
#endif
-#endif /* OPENSSL */
+#endif /* HAVE_OPENSSL */
/*! \file */
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#ifdef OPENSSL
-
#include <config.h>
+#if HAVE_OPENSSL
+
#include <pk11/site.h>
#ifndef PK11_DH_DISABLE
}
#endif /* !PK11_DH_DISABLE */
-#else /* OPENSSL */
+#else /* HAVE_OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* OPENSSL */
+#endif /* HAVE_OPENSSL */
/*! \file */
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#ifdef OPENSSL
-
#include <config.h>
+#if HAVE_OPENSSL
+
#include <pk11/site.h>
#ifndef PK11_DSA_DISABLE
}
#endif /* !PK11_DSA_DISABLE */
-#else /* OPENSSL */
+#else /* HAVE_OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* OPENSSL */
+#endif /* HAVE_OPENSSL */
/*! \file */
#include <config.h>
-#if defined(OPENSSL) && defined(HAVE_OPENSSL_ECDSA)
+#if HAVE_OPENSSL && HAVE_OPENSSL_ECDSA
#include <isc/mem.h>
#include <isc/safe.h>
return (ISC_R_SUCCESS);
}
-#else /* HAVE_OPENSSL_ECDSA */
+#else /* HAVE_OPENSSL && HAVE_OPENSSL_ECDSA */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* HAVE_OPENSSL_ECDSA */
+#endif /* HAVE_OPENSSL && HAVE_OPENSSL_ECDSA */
/*! \file */
#include <config.h>
-#if defined(OPENSSL) && \
- (defined(HAVE_OPENSSL_ED25519) || defined(HAVE_OPENSSL_ED448))
+#if HAVE_OPENSSL && (HAVE_OPENSSL_ED25519 || HAVE_OPENSSL_ED448)
#include <isc/mem.h>
#include <isc/safe.h>
return (ISC_R_SUCCESS);
}
-#else /* HAVE_OPENSSL_EDxxx */
+#else /* HAVE_OPENSSL && (HAVE_OPENSSL_ED25519 || HAVE_OPENSSL_ED448) */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* HAVE_OPENSSL_EDxxx */
+#endif /* HAVE_OPENSSL && (HAVE_OPENSSL_ED25519 || HAVE_OPENSSL_ED448) */
/*! \file */
#include <config.h>
-#if defined(OPENSSL) && defined(HAVE_OPENSSL_GOST)
+#if HAVE_OPENSSL && HAVE_OPENSSL_GOST
#include <isc/mem.h>
#include <isc/safe.h>
return (ret);
}
-#else /* HAVE_OPENSSL_GOST */
+#else /* HAVE_OPENSSL && HAVE_OPENSSL_GOST */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* HAVE_OPENSSL_GOST */
+#endif /* HAVE_OPENSSL && HAVE_OPENSSL_GOST */
/*! \file */
* information regarding copyright ownership.
*/
-#ifdef OPENSSL
#include <config.h>
+#if HAVE_OPENSSL
+
#include <isc/md5.h>
#include <isc/mem.h>
#include <isc/safe.h>
return (ISC_R_SUCCESS);
}
-#else /* OPENSSL */
+#else /* HAVE_OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* OPENSSL */
+#endif /* HAVE_OPENSSL */
/*! \file */
* information regarding copyright ownership.
*/
-#ifdef PKCS11CRYPTO
-
#include <config.h>
+#if HAVE_PKCS11
+
#include <isc/util.h>
#include <dns/log.h>
return (fallback);
}
-#endif /* PKCS11CRYPTO */
+#endif /* HAVE_PKCS11 */
/*! \file */
* information regarding copyright ownership.
*/
-#ifdef PKCS11CRYPTO
-
#include <config.h>
+#if HAVE_PKCS11
+
#include <pk11/site.h>
#ifndef PK11_DH_DISABLE
}
#endif /* !PK11_DH_DISABLE */
-#else /* PKCS11CRYPTO */
+#else /* HAVE_PKCS11 */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* PKCS11CRYPTO */
+#endif /* HAVE_PKCS11 */
/*! \file */
* information regarding copyright ownership.
*/
-#ifdef PKCS11CRYPTO
-
#include <config.h>
+#if HAVE_PKCS11
+
#include <pk11/site.h>
#ifndef PK11_DSA_DISABLE
}
#endif /* !PK11_DSA_DISABLE */
-#else /* PKCS11CRYPTO */
+#else /* HAVE_PKCS11 */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* PKCS11CRYPTO */
+#endif /* HAVE_PKCS11 */
/*! \file */
#include <config.h>
-#if defined(PKCS11CRYPTO) && defined(HAVE_PKCS11_ECDSA)
+#if HAVE_PKCS11 && defined(HAVE_PKCS11_ECDSA)
#include <isc/mem.h>
#include <isc/safe.h>
return (ISC_R_SUCCESS);
}
-#else /* PKCS11CRYPTO && HAVE_PKCS11_ECDSA */
+#else /* HAVE_PKCS11 && HAVE_PKCS11_ECDSA */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* PKCS11CRYPTO && HAVE_PKCS11_ECDSA */
+#endif /* HAVE_PKCS11 && HAVE_PKCS11_ECDSA */
/*! \file */
#include <config.h>
-#if defined(PKCS11CRYPTO) && \
+#if HAVE_PKCS11 && \
defined(HAVE_PKCS11_ED25519) || defined(HAVE_PKCS11_ED448)
#include <isc/mem.h>
return (ISC_R_SUCCESS);
}
-#else /* PKCS11CRYPTO && HAVE_PKCS11_EDxxx */
+#else /* HAVE_PKCS11 && HAVE_PKCS11_EDxxx */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* PKCS11CRYPTO && HAVE_PKCS11_EDxxx */
+#endif /* HAVE_PKCS11 && HAVE_PKCS11_EDxxx */
/*! \file */
#include <config.h>
-#if defined(PKCS11CRYPTO) && defined(HAVE_PKCS11_GOST)
+#if HAVE_PKCS11 && defined(HAVE_PKCS11_GOST)
#include <isc/mem.h>
#include <isc/safe.h>
return (ISC_R_SUCCESS);
}
-#else /* PKCS11CRYPTO && HAVE_PKCS11_GOST */
+#else /* HAVE_PKCS11 && HAVE_PKCS11_GOST */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* PKCS11CRYPTO && HAVE_PKCS11_GOST */
+#endif /* HAVE_PKCS11 && HAVE_PKCS11_GOST */
/*! \file */
* information regarding copyright ownership.
*/
-
-#ifdef PKCS11CRYPTO
-
#include <config.h>
+#if HAVE_PKCS11
+
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
return (ISC_R_SUCCESS);
}
-#else /* PKCS11CRYPTO */
+#else /* HAVE_PKCS11 */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
-#endif /* PKCS11CRYPTO */
+#endif /* HAVE_PKCS11 */
/*! \file */
* information regarding copyright ownership.
*/
+#include <config.h>
+
/*! \file
* \brief
* Portable SPNEGO implementation.
* harmless in any case.
*/
-#include <config.h>
-
#include <stdlib.h>
#include <errno.h>
* information regarding copyright ownership.
*/
+#include <config.h>
/*! \file
* \brief Method routines generated from SPNEGO ASN.1 module.
CINCLUDES = -I. -Iinclude ${DNS_INCLUDES} ${ISC_INCLUDES} \
@DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns/tests/\""
+CDEFINES = -DTESTS="\"${top_builddir}/lib/dns/tests/\""
ISCLIBS = ../../isc/libisc.@A@ @ISC_OPENSSL_LIBS@
ISCDEPLIBS = ../../isc/libisc.@A@
#include "dnstest.h"
-#if defined(OPENSSL) && !defined(PK11_DH_DISABLE)
+#if HAVE_OPENSSL && !defined(PK11_DH_DISABLE)
ATF_TC(isc_dh_computesecret);
ATF_TC_HEAD(isc_dh_computesecret, tc) {
* Main
*/
ATF_TP_ADD_TCS(tp) {
-#if defined(OPENSSL) && !defined(PK11_DH_DISABLE)
+#if HAVE_OPENSSL && !defined(PK11_DH_DISABLE)
ATF_TP_ADD_TC(tp, isc_dh_computesecret);
#else
ATF_TP_ADD_TC(tp, untested);
#include <unistd.h>
#include <stdio.h>
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
-
#include <isc/base64.h>
#include <isc/buffer.h>
#include <isc/util.h>
dns_test_end();
}
-#else
-#include <isc/util.h>
-
-ATF_TC(untested);
-ATF_TC_HEAD(untested, tc) {
- atf_tc_set_md_var(tc, "descr", "skipping keytable test");
-}
-ATF_TC_BODY(untested, tc) {
- UNUSED(tc);
- atf_tc_skip("DNSSEC not available");
-}
-#endif
-
/*
* Main
*/
ATF_TP_ADD_TCS(tp) {
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
ATF_TP_ADD_TC(tp, add);
ATF_TP_ADD_TC(tp, delete);
ATF_TP_ADD_TC(tp, deletekeynode);
ATF_TP_ADD_TC(tp, issecuredomain);
ATF_TP_ADD_TC(tp, dump);
ATF_TP_ADD_TC(tp, nta);
-#else
- ATF_TP_ADD_TC(tp, untested);
-#endif
return (atf_no_error());
}
#include "dnstest.h"
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
/*
* Helper functions
*/
dns_test_end();
}
-#else
-ATF_TC(untested);
-ATF_TC_HEAD(untested, tc) {
- atf_tc_set_md_var(tc, "descr", "skipping nsec3 test");
-}
-ATF_TC_BODY(untested, tc) {
- UNUSED(tc);
- atf_tc_skip("DNSSEC not available");
-}
-#endif
/*
* Main
*/
ATF_TP_ADD_TCS(tp) {
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
ATF_TP_ADD_TC(tp, max_iterations);
ATF_TP_ADD_TC(tp, nsec3param_salttotext);
-#else
- ATF_TP_ADD_TC(tp, untested);
-#endif
return (atf_no_error());
}
#include "../dst_internal.h"
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
-
static unsigned char d[10] = {
0xa, 0x10, 0xbb, 0, 0xfe, 0x15, 0x1, 0x88, 0xcc, 0x7d
};
dst_key_free(&key);
dns_test_end();
}
-#else
-ATF_TC(untested);
-ATF_TC_HEAD(untested, tc) {
- atf_tc_set_md_var(tc, "descr", "skipping RSA test");
-}
-ATF_TC_BODY(untested, tc) {
- UNUSED(tc);
- atf_tc_skip("RSA not available");
-}
-#endif
+
/*
* Main
*/
ATF_TP_ADD_TCS(tp) {
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
ATF_TP_ADD_TC(tp, isc_rsa_verify);
-#else
- ATF_TP_ADD_TC(tp, untested);
-#endif
return (atf_no_error());
}
#include <isc/util.h>
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
#include <string.h>
#include <dns/db.h>
dns_test_end();
}
-#else
-ATF_TC(untested);
-ATF_TC_HEAD(untested, tc) {
- atf_tc_set_md_var(tc, "descr", "skipping dns__zone_updatesigs() test");
-}
-ATF_TC_BODY(untested, tc) {
- UNUSED(tc);
- atf_tc_skip("DNSSEC support not compiled in");
-}
-#endif
ATF_TP_ADD_TCS(tp) {
-#if defined(OPENSSL) || defined(PKCS11CRYPTO)
ATF_TP_ADD_TC(tp, updatesigs);
-#else
- ATF_TP_ADD_TC(tp, untested);
-#endif
return (atf_no_error());
}
#define TEMP_BUFFER_SZ 8192
#define TKEY_RANDOM_AMOUNT 16
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/pk11.h>
#endif
/*! \file */
+#include <config.h>
#include <dns/version.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <signal.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <versions.h>
${DNS_INCLUDES} ${ISC_INCLUDES} \
${ISCCFG_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
# Alphabetically
@BIND9_MAKE_INCLUDES@
CINCLUDES = -I. -Iinclude -I../include ${ISC_INCLUDES} ${IRS_INCLUDES}
-CDEFINES = -DTESTS="\"${top_builddir}/lib/irs/tests/\"" @CRYPTO@
+CDEFINES = -DTESTS="\"${top_builddir}/lib/irs/tests/\""
CFGLIBS = ../../isccfg/libisccfg.@A@
CFGDEPLIBS = ../../isccfg/libisccfg.@A@
* information regarding copyright ownership.
*/
+#include <config.h>
/*! \file */
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <signal.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <versions.h>
-I${srcdir}/@ISC_ARCH_DIR@/include \
-I./include \
-I${srcdir}/include ${DNS_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DPK11_LIB_LOCATION=\"${PROVIDER}\"
+CDEFINES = -DPK11_LIB_LOCATION=\"${PROVIDER}\"
CWARNINGS =
# Alphabetically
AES_encrypt(in, out, &k);
}
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#include <pk11/pk11.h>
#include <pk11/internal.h>
* information regarding copyright ownership.
*/
+#include <config.h>
/*! \file
* \brief
#include <isc/types.h>
#include <isc/util.h>
-#if PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/internal.h>
#include <pk11/pk11.h>
#endif
ctx->ctx = NULL;
}
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#ifndef PK11_MD5_HMAC_REPLACE
#include <isc/types.h>
#include <isc/util.h>
-#if PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/internal.h>
#include <pk11/pk11.h>
#endif
isc_safe_memwipe(newdigest, sizeof(newdigest));
}
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#if defined(PK11_SHA_1_HMAC_REPLACE) || \
defined(PK11_SHA224_HMAC_REPLACE) || \
#endif
} isc_hmacmd5_t;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#include <pk11/pk11.h>
typedef pk11_context_t isc_hmacmd5_t;
typedef isc_hmacsha_t isc_hmacsha384_t;
typedef isc_hmacsha_t isc_hmacsha512_t;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#include <pk11/pk11.h>
typedef pk11_context_t isc_hmacsha1_t;
#endif
} isc_md5_t;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#include <pk11/pk11.h>
typedef pk11_context_t isc_md5_t;
***** Platform-dependent defines.
*****/
-/***
- *** Enforce OpenSSL or PKCS#11 cryptography
- ***/
-
-#if !defined(OPENSSL) && !defined(PKCS11CRYPTO)
-#error No cryptography library has been found or provided.
-#endif
-
/***
*** Network.
***/
#endif
} isc_sha1_t;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#include <pk11/pk11.h>
typedef pk11_context_t isc_sha1_t;
typedef isc_sha2_t isc_sha256_t;
typedef isc_sha2_t isc_sha512_t;
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
#include <pk11/pk11.h>
typedef pk11_context_t isc_sha256_t;
#include <isc/string.h>
#include <isc/types.h>
-#if PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/internal.h>
#include <pk11/pk11.h>
#endif
ctx->ctx = NULL;
}
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
void
isc_md5_init(isc_md5_t *ctx) {
-I../include \
-I${srcdir}/../include
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
OBJS = msgcat.@O@
-I${srcdir}/../include \
-I${srcdir}/..
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
THREADOPTOBJS = condition.@O@ mutex.@O@
}
scan_slots();
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
if (rand_token == NULL) {
result = PK11_R_NORANDOMSERVICE;
goto unlock;
goto unlock;
}
#endif
-#endif /* PKCS11CRYPTO */
+#endif /* HAVE_PKCS11 */
result = ISC_R_SUCCESS;
unlock:
UNLOCK(&sessionlock);
pk11_sessionlist_t *freelist;
pk11_session_t *sp;
isc_result_t ret;
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
isc_result_t service_ret = ISC_R_SUCCESS;
#else
UNUSED(need_services);
ctx->session = CK_INVALID_HANDLE;
ret = pk11_initialize(NULL, NULL);
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
if (ret == PK11_R_NORANDOMSERVICE ||
ret == PK11_R_NODIGESTSERVICE ||
ret == PK11_R_NOAESSERVICE) {
service_ret = ret;
}
else
-#endif /* PKCS11CRYPTO */
+#endif /* HAVE_PKCS11 */
if (ret != ISC_R_SUCCESS)
return (ret);
UNLOCK(&sessionlock);
switch(optype) {
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
case OP_RAND:
token = rand_token;
break;
token = ISC_LIST_NEXT(token, link))
if (token->slotid == slot)
break;
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
if ((token == NULL) ||
((token->operations & (1 << optype)) == 0))
return (ISC_R_NOTFOUND);
UNLOCK(&sessionlock);
ctx->handle = sp;
ctx->session = sp->session;
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
if (ret == ISC_R_SUCCESS)
ret = service_ret;
#endif
-I${srcdir}/../include \
-I${srcdir}/..
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
OBJS = condition.@O@ mutex.@O@ thread.@O@
#include <stdlib.h>
#include <unistd.h>
-#ifdef OPENSSL
+#if HAVE_OPENSSL
#include <openssl/rand.h>
#include <openssl/err.h>
-#endif /* ifdef OPENSSL */
+#endif /* ifdef HAVE_OPENSSL */
-#ifdef PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/pk11.h>
-#endif /* ifdef PKCS11CRYPTO */
+#endif /* if HAVE_PKCS11 */
#if defined(__linux__)
# include <errno.h>
# endif /* defined(__linux__) */
/* Use crypto library as fallback when no other CSPRNG is available */
-# if defined(OPENSSL)
+# if HAVE_OPENSSL
if (RAND_bytes(buf, buflen) < 1) {
FATAL_ERROR(__FILE__, __LINE__, "RAND_bytes(): %s", ERR_error_string(ERR_get_error(), NULL));
}
-# elif defined(PKCS11CRYPTO)
+# elif HAVE_PKCS11
RUNTIME_CHECK(pk11_rand_bytes(buf, buflen) == ISC_R_SUCCESS);
# endif /* if defined(HAVE_ARC4RANDOM_BUF) */
#include <isc/types.h>
#include <isc/util.h>
-#if PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/internal.h>
#include <pk11/pk11.h>
#endif
context->ctx = NULL;
}
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
void
isc_sha1_init(isc_sha1_t *ctx) {
#include <isc/string.h>
#include <isc/util.h>
-#if PKCS11CRYPTO
+#if HAVE_PKCS11
#include <pk11/internal.h>
#include <pk11/pk11.h>
#endif
context->ctx = NULL;
}
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
void
isc_sha224_init(isc_sha224_t *context) {
} else {
#if defined(ISC_PLATFORM_OPENSSLHASH) && !defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX_reset(context->ctx);
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
pk11_return_session(context);
#else
isc_safe_memwipe(context, sizeof(*context));
} else {
#if defined(ISC_PLATFORM_OPENSSLHASH) && !defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX_reset(context->ctx);
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
pk11_return_session(context);
#else
isc_safe_memwipe(context, sizeof(*context));
} else {
#if defined(ISC_PLATFORM_OPENSSLHASH) && !defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX_reset(context->ctx);
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
pk11_return_session(context);
#else
isc_safe_memwipe(context, sizeof(*context));
} else {
#if defined(ISC_PLATFORM_OPENSSLHASH) && !defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX_reset(context->ctx);
-#elif PKCS11CRYPTO
+#elif HAVE_PKCS11
pk11_return_session(context);
#else
isc_safe_memwipe(context, sizeof(*context));
* information regarding copyright ownership.
*/
+#include <config.h>
+
/*
* Copyright (c) 1990, 1993
* The Regents of the University of California. All rights reserved.
@BIND9_MAKE_INCLUDES@
CINCLUDES = -I. -Iinclude ${ISC_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/isc/tests/\""
+CDEFINES = -DTESTS="\"${top_builddir}/lib/isc/tests/\""
ISCLIBS = ../libisc.@A@ @ISC_OPENSSL_LIBS@
ISCDEPLIBS = ../libisc.@A@
-I${srcdir}/../include \
-I${srcdir}/.. @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
# Alphabetically
* information regarding copyright ownership.
*/
+#include <config.h>
/*! \file
* \brief
* information regarding copyright ownership.
*/
+#include <config.h>
#include <isc/print.h>
* information regarding copyright ownership.
*/
+#include <config.h>
/*! \file
* \brief
/*! \file */
+#include <config.h>
#include <isc/version.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <stdio.h>
-I./include \
-I${srcdir}/include \
-I${srcdir}/../include
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
# Alphabetically
#endif
#endif
-/***
- *** Enforce OpenSSL or PKCS#11 cryptography
- ***/
-
-#if !defined(OPENSSL) && !defined(PKCS11CRYPTO)
-#error No cryptography library has been found or provided.
-#endif
-
/***
*** Network.
***/
* information regarding copyright ownership.
*/
+#include <config.h>
#include <isc/net.h>
#include <isc/platform.h>
* information regarding copyright ownership.
*/
+#include <config.h>
/*
* The NT Groups have two groups that are not well documented and are
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
* information regarding copyright ownership.
*/
+#include <config.h>
+
/* This code uses functions which are only available on Server 2003 and
* higher, and Windows XP and higher.
*
* information regarding copyright ownership.
*/
+#include <config.h>
#include <versions.h>
* information regarding copyright ownership.
*/
+#include <config.h>
+
#include <windows.h>
#ifndef TESTVERSION
CINCLUDES = -I. ${DNS_INCLUDES} ${ISC_INCLUDES} \
${ISCCC_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
ISCLIBS = ../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
/*! \file */
+#include <config.h>
+
#include <isccc/version.h>
const char isccc_version[] = VERSION;
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <signal.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <versions.h>
CINCLUDES = -I. ${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES}
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
ISCLIBS = ../../lib/isc/libisc.@A@ @ISC_OPENSSL_LIBS@
CINCLUDES = -I. -Iinclude \
${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES} \
@DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns/tests/\""
+CDEFINES = -DTESTS="\"${top_builddir}/lib/dns/tests/\""
ISCLIBS = ../../isc/libisc.@A@ @ISC_OPENSSL_LIBS@
ISCDEPLIBS = ../../isc/libisc.@A@
/*! \file */
+#include <config.h>
#include <isccfg/version.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <signal.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <versions.h>
${NS_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} \
@DST_OPENSSL_INC@ @DST_GSSAPI_INC@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
CINCLUDES = -I. -Iinclude ${NS_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} \
@DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/ns/tests/\""
+CDEFINES = -DTESTS="\"${top_builddir}/lib/ns/tests/\""
ISCLIBS = ../../isc/libisc.@A@ @ISC_OPENSSL_LIBS@
ISCDEPLIBS = ../../isc/libisc.@A@
*/
/*! \file */
+#include <config.h>
#include <ns/version.h>
* information regarding copyright ownership.
*/
+#include <config.h>
#include <windows.h>
#include <signal.h>
*/
/*! \file */
+#include <config.h>
#include <versions.h>
#prefix = @prefix@
#exec_prefix = @exec_prefix@
-CDEFINES = @CRYPTO@
+CDEFINES =
CWARNINGS =
DNSLIBS = -ldns @DNS_CRYPTO_LIBS@
-I${top_srcdir}/lib/irs/include \
-I../../lib/irs/include @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DVERSION=\"${VERSION}\" \
+CDEFINES = -DVERSION=\"${VERSION}\" \
-DSYSCONFDIR=\"${sysconfdir}\"
CWARNINGS =
* information regarding copyright ownership.
*/
-
/*
* bindevt.c : Defines the entry point for event log viewer DLL.
*/
}
print TBLFILE "/*\n * Generated by $rev \n */\n";
+print TBLFILE "#include <config.h>\n";
print TBLFILE "#include <isc/backtrace.h>\n";
print TBLFILE "const int isc__backtrace_nsymbols = $nsyms;\n";
print TBLFILE "const isc_backtrace_symmap_t isc__backtrace_symtable[] = {\n";
"HAVE_GEOIP_CITY_V6",
"HAVE_GEOIP_V6",
"HAVE_LIBXML2",
+ "HAVE_OPENSSL",
"HAVE_OPENSSL_AES",
"HAVE_OPENSSL_DSA",
"HAVE_OPENSSL_ECDSA",
"HAVE_OPENSSL_ED448",
"HAVE_OPENSSL_EVP_AES",
"HAVE_OPENSSL_GOST",
+ "HAVE_PKCS11",
"HAVE_PKCS11_ECDSA",
"HAVE_PKCS11_ED25519",
"HAVE_PKCS11_ED448",
}
}
$configdefd{"CRYPTO"} = "PKCS11CRYPTO";
+ $configdefh{"HAVE_PKCS11"} = 1;
if ($use_ecdsa eq "no") {
if ($verbose) {
print "no ECDSA support in native PKCS#11\n";
$configinc{"OPENSSL_INC"} = "$openssl_inc";
$configlib{"OPENSSL_LIB"} = "$openssl_lib";
$configdll{"OPENSSL_DLL"} = "$openssl_dll";
+ $configdefh{"HAVE_OPENSSL"} = 1;
if (-f File::Spec->catfile($openssl_inc, "openssl", "dsa.h")) {
$configdefh{"HAVE_OPENSSL_DSA"} = 1;
} elsif ($verbose) {
die "Unrecognized cookie algorithm: $cookie_algorithm\n";
}
-print "Cryptographic library for DNSSEC: $cryptolib\n";
+if ($cryptolib ne "") {
+ print "Cryptographic library for DNSSEC: $cryptolib\n";
+} else {
+ die "No cryptography library has been found or provided."
+}
# enable-openssl-hash
if ($enable_openssl_hash eq "yes") {
projects / thirdparty / bind9.git / commitdiff
