# -*- autoconf -*- ######################################### ## # Miscellaneous checks ## ######################################### ## # Package characteristics # Authentication/Encryption support ## # Check for PKCS11 # AC_MSG_CHECKING([for authentication support]) useopenssl=no usepkcs=no if test "x$ac_cv_lib_pkcs11_C_Initialize" != "xyes" -o "x$ac_cv_header_security_cryptoki_h" != "xyes"; then if test "x$askedpkcs" = "xyes"; then AC_MSG_ERROR(Asked to use PKCS11 but I couldn't find it.) fi else if test "x$askedpkcs" = "xyes"; then usepkcs=yes fi fi # Check for OpenSSL # if test "x$ac_cv_lib_crypto_EVP_md5" != "xyes" -a "x$ac_cv_lib_eay32_EVP_md5" != "xyes" -o "x$ac_cv_header_openssl_hmac_h" != "xyes"; then if test "x$askedopenssl" = "xyes"; then AC_MSG_ERROR(Asked to use OpenSSL but I couldn't find it.) fi else if test "x$askedopenssl" = "xyes"; then useopenssl=yes elif test "x$tryopenssl" = "xyes"; then if test "x$usepkcs" != "xyes"; then useopenssl=yes fi fi fi # Available authentication/encryption modes # if test "x$CRYPTO" = "xinternal" ; then authmodes="MD5 SHA1" if test "x$enable_privacy" != "xno" ; then encrmodes="DES AES" else encrmodes="[disabled]" fi AC_DEFINE(NETSNMP_USE_INTERNAL_CRYPTO, 1, "Define if internal cryptography code should be used") AC_MSG_RESULT(Internal Crypto Support) elif test "x$useopenssl" != "xno" ; then authmodes="MD5 SHA1" if test "x$ac_cv_func_EVP_sha224" = xyes; then authmodes="$authmodes SHA224 SHA256" fi if test "x$ac_cv_func_EVP_sha384" = xyes; then authmodes="$authmodes SHA384 SHA512" fi if test "x$enable_privacy" != "xno" ; then if test "x$ac_cv_header_openssl_aes_h" = "xyes" ; then encrmodes="DES AES" else encrmodes="DES" fi else encrmodes="[disabled]" fi AC_DEFINE(NETSNMP_USE_OPENSSL) LNETSNMPLIBS="$LNETSNMPLIBS $LIBCRYPTO" AC_MSG_RESULT(OpenSSL Support) elif test "x$usepkcs" != "xno" ; then authmodes="MD5 SHA1" if test "x$enable_privacy" != "xno" ; then encrmodes="DES" else encrmodes="[disabled]" fi AC_DEFINE(NETSNMP_USE_PKCS11, 1, [Define if you are using the codeS11 library ...]) LNETSNMPLIBS="$LNETSNMPLIBS $LIBPKCS11" AC_MSG_RESULT(PKCS11 Support) elif test "x$enable_md5" != "xno"; then authmodes="MD5" encrmodes="" AC_DEFINE(NETSNMP_USE_INTERNAL_MD5) AC_MSG_RESULT(Internal MD5 Support) fi if test "x$enable_md5" = "xno"; then authmodes=`echo $authmodes | $SED 's/MD5 *//;'` fi if test "x$ac_cv_func_AES_cfb128_encrypt" = xyes || test "x$CRYPTO" = xinternal; then encrmodes="$encrmodes AES128" if test "x$aes_capable" = "xyes"; then encrmodes="$encrmodes AES192 AES192C AES256 AES256C" fi fi AC_SUBST(LNETSNMPLIBS) AC_SUBST(LAGENTLIBS) AC_MSG_CACHE_ADD(Crypto support from: $CRYPTO) AC_MSG_CACHE_ADD(Authentication support: $authmodes) AC_MSG_CACHE_ADD(Encryption support: $encrmodes) if test "x$all_warnings" != "x"; then AC_MSG_CACHE_ADD(WARNING: $all_warnings) fi # # Check whether user wants DNSSEC local validation support # _libs=${LIBS} if ! test "x-$want_dnssec" = "x-no" ; then AC_CHECK_HEADERS([validator/validator-config.h]) if test "$ac_cv_header_validator_validator_config_h" != yes; then AC_MSG_ERROR(Can't find validator.h) fi if test "x$ac_cv_lib_crypto_EVP_md5" != "xyes" -a \ "x$ac_cv_lib_eay32_EVP_md5" != "xyes" -o \ "x$ac_cv_header_openssl_hmac_h" != "xyes"; then AC_MSG_ERROR(Couldn't find OpenSSL for local DNSSEC validation support.) fi LIBS="$LIBS $LIBCRYPTO" AC_CHECK_LIB(sres, query_send,,AC_MSG_ERROR([Can't find libsres])) VAL_LIBS="-lsres $LIBCRYPTO" LIBS="$LIBS -lsres" AC_CHECK_LIB(val, p_val_status, LIBS="$LIBS -lval" VAL_LIBS="$VAL_LIBS -lval" have_val_res_query=yes, [ AC_CHECK_LIB(pthread, pthread_rwlock_init) AC_CHECK_LIB(val-threads, p_val_status, have_val_res_query=yes LIBS="-lval-threads $LIBS" VAL_LIBS="-lval-threads -lpthread $VAL_LIBS" LIBVAL_SUFFIX="-threads", AC_MSG_ERROR(Can't find libval or libval-threads)) ]) AC_DEFINE(DNSSEC_LOCAL_VALIDATION, 1, [Define if you want local DNSSEC validation support]) DNSSEC="enabled" else DNSSEC="disabled" fi LIBS=${_libs} AC_SUBST(VAL_LIBS) AC_MSG_CACHE_ADD(Local DNSSEC validation: $DNSSEC)