]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
test for AES_encrypt and fall back to sha256
authorMark Andrews <marka@isc.org>
Wed, 19 Feb 2014 04:22:31 +0000 (15:22 +1100)
committerMark Andrews <marka@isc.org>
Wed, 19 Feb 2014 04:22:31 +0000 (15:22 +1100)
configure
configure.in

index dce84f9f53310b65609085c8c77be3c14045814f..094c19c02af62f91dbc1e9e4be2e2d489debdd19 100755 (executable)
--- a/configure
+++ b/configure
@@ -15644,7 +15644,7 @@ fi
 if test "${with_sit_alg+set}" = set; then :
   withval=$with_sit_alg; with_sit_alg="$withval"
 else
-  with_sit_alg="aes"
+  with_sit_alg="auto"
 fi
 
 
@@ -15662,6 +15662,37 @@ $as_echo "#define HMAC_SHA1_SIT 1" >>confdefs.h
 
 $as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h
 
+               ;;
+       auto)
+               saved_libs="$LIBS"
+               LIBS="$LIBS $DNS_CRYPTO_LIBS"
+               for ac_func in AES_encrypt
+do :
+  ac_fn_c_check_func "$LINENO" "AES_encrypt" "ac_cv_func_AES_encrypt"
+if test "x$ac_cv_func_AES_encrypt" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_AES_ENCRYPT 1
+_ACEOF
+
+fi
+done
+
+               LIBS="$saved_libs"
+
+               if test "$ac_cv_func_AES_encrypt" = "yes"
+               then
+                       with_sit_alg="aes"
+                       want_openssl_aes="yes"
+
+$as_echo "#define AES_SIT 1" >>confdefs.h
+
+               else
+                       with_sit_alg="sha256"
+                       want_openssl_hash="yes"
+
+$as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h
+
+               fi
                ;;
        *)
                with_sit_alg="aes"
index e7dd058782797682fd9d08a1192a252a8356e146..853d436cbc37f0bf7e045398dfebf0b61c968062 100644 (file)
@@ -1534,7 +1534,7 @@ AC_ARG_ENABLE(openssl-aes,
 #
 AC_ARG_WITH(sit-alg,
        [  --with-sit-alg=ALG      choose the algorithm for SIT [[aes|sha1|sha256]]],
-       with_sit_alg="$withval", with_sit_alg="aes")
+       with_sit_alg="$withval", with_sit_alg="auto")
 
 case $with_sit_alg in
        *1)
@@ -1549,6 +1549,25 @@ case $with_sit_alg in
                AC_DEFINE(HMAC_SHA256_SIT, 1,
                          [Use HMAC-SHA256 for Source Identity Token generation])
                ;;
+       auto)
+               saved_libs="$LIBS"
+               LIBS="$LIBS $DNS_CRYPTO_LIBS"
+               AC_CHECK_FUNCS(AES_encrypt)
+               LIBS="$saved_libs"
+               
+               if test "$ac_cv_func_AES_encrypt" = "yes"
+               then
+                       with_sit_alg="aes"
+                       want_openssl_aes="yes"
+                       AC_DEFINE(AES_SIT, 1,
+                                [Use AES for Source Identity Token generation])
+               else
+                       with_sit_alg="sha256"
+                       want_openssl_hash="yes"
+                       AC_DEFINE(HMAC_SHA256_SIT, 1,
+                        [Use HMAC-SHA256 for Source Identity Token generation])
+               fi
+               ;;
        *)
                with_sit_alg="aes"
                want_openssl_aes="yes"