From: Mark Andrews Date: Wed, 19 Feb 2014 04:22:31 +0000 (+1100) Subject: test for AES_encrypt and fall back to sha256 X-Git-Tag: v9.10.0b1~79 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=fb507b955efbaeec2709c7b5f93464ba0f6da584;p=thirdparty%2Fbind9.git test for AES_encrypt and fall back to sha256 --- diff --git a/configure b/configure index dce84f9f533..094c19c02af 100755 --- a/configure +++ b/configure @@ -15644,7 +15644,7 @@ fi if test "${with_sit_alg+set}" = set; then : withval=$with_sit_alg; with_sit_alg="$withval" else - with_sit_alg="aes" + with_sit_alg="auto" fi @@ -15662,6 +15662,37 @@ $as_echo "#define HMAC_SHA1_SIT 1" >>confdefs.h $as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h + ;; + auto) + saved_libs="$LIBS" + LIBS="$LIBS $DNS_CRYPTO_LIBS" + for ac_func in AES_encrypt +do : + ac_fn_c_check_func "$LINENO" "AES_encrypt" "ac_cv_func_AES_encrypt" +if test "x$ac_cv_func_AES_encrypt" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_AES_ENCRYPT 1 +_ACEOF + +fi +done + + LIBS="$saved_libs" + + if test "$ac_cv_func_AES_encrypt" = "yes" + then + with_sit_alg="aes" + want_openssl_aes="yes" + +$as_echo "#define AES_SIT 1" >>confdefs.h + + else + with_sit_alg="sha256" + want_openssl_hash="yes" + +$as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h + + fi ;; *) with_sit_alg="aes" diff --git a/configure.in b/configure.in index e7dd0587827..853d436cbc3 100644 --- a/configure.in +++ b/configure.in @@ -1534,7 +1534,7 @@ AC_ARG_ENABLE(openssl-aes, # AC_ARG_WITH(sit-alg, [ --with-sit-alg=ALG choose the algorithm for SIT [[aes|sha1|sha256]]], - with_sit_alg="$withval", with_sit_alg="aes") + with_sit_alg="$withval", with_sit_alg="auto") case $with_sit_alg in *1) @@ -1549,6 +1549,25 @@ case $with_sit_alg in AC_DEFINE(HMAC_SHA256_SIT, 1, [Use HMAC-SHA256 for Source Identity Token generation]) ;; + auto) + saved_libs="$LIBS" + LIBS="$LIBS $DNS_CRYPTO_LIBS" + AC_CHECK_FUNCS(AES_encrypt) + LIBS="$saved_libs" + + if test "$ac_cv_func_AES_encrypt" = "yes" + then + with_sit_alg="aes" + want_openssl_aes="yes" + AC_DEFINE(AES_SIT, 1, + [Use AES for Source Identity Token generation]) + else + with_sit_alg="sha256" + want_openssl_hash="yes" + AC_DEFINE(HMAC_SHA256_SIT, 1, + [Use HMAC-SHA256 for Source Identity Token generation]) + fi + ;; *) with_sit_alg="aes" want_openssl_aes="yes"