1 dnl sxe-crypto.m4 -- Cryptographical stuff
6 AC_DEFUN([SXE_PATH_OPENSSL_BIN], [dnl
7 AC_CHECK_PROG([have_openssl_bin], [openssl], [yes], [no])
8 AC_PATH_PROG([OPENSSL_BIN], [openssl], [echo])
9 ])dnl SXE_PATH_OPENSSL_BIN
11 AC_DEFUN([SXE_OPENSSL_VERSION], [dnl
12 ## assumes SXE_PATH_OPENSSL_BIN has been run already
13 AC_MSG_CHECKING([for openssl version])
14 if test "$have_openssl_bin" = "yes"; then
15 OPENSSL_VERSION=`$OPENSSL_BIN version`
17 OPENSSL_VERSION="unknown"
19 AC_MSG_RESULT([$OPENSSL_VERSION])
21 AC_MSG_CHECKING([whether OpenSSL version is recent enough])
22 ## we allow 0.9.7e-?, 0.9.8* and 0.9.9*
23 allowed_versions="0.9.7[e-z] 0.9.8* 0.9.9* 1.0.0*"
25 for ver in $allowed_versions; do
26 if echo "$OPENSSL_VERSION" | grep -q "$ver"; then
31 AC_MSG_RESULT([$OPENSSL_SANE_P])
32 ])dnl SXE_OPENSSL_VERSION
34 AC_DEFUN([SXE_TRY_OPENSSL_HISTORICAL_PREFIX], [dnl
35 ## ooh, maybe this historical trap to install at /usr/local/ssl
36 OPENSSL_CPPFLAGS="-I/usr/local/ssl/include"
37 OPENSSL_LDFLAGS="-L/usr/local/ssl/lib"
39 ## now append these candidates to our c_switch and ld_switch
41 SXE_APPEND([$OPENSSL_CPPFLAGS], [CPPFLAGS])
42 SXE_APPEND([$OPENSSL_LDFLAGS], [LDFLAGS])
45 SXE_CHECK_HEADERS([openssl/crypto.h])
46 SXE_CHECK_HEADERS([openssl/x509.h openssl/pem.h])
47 SXE_CHECK_HEADERS([openssl/ssl.h openssl/bio.h])
48 AC_CHECK_LIB([crypto], [OPENSSL_cleanse],
49 [have_libcrypto=yes], [have_libcrypto=no])
53 if test "$ac_cv_header_openssl_crypto_h $have_libcrypto" != "yes yes"; then
56 openssl_historical_prefix_worked="no"
58 openssl_historical_prefix_worked="yes"
60 ])dnl SXE_TRY_OPENSSL_HISTORICAL_PREFIX
62 AC_DEFUN([SXE_TRY_OPENSSL_BIN_PREFIX], [dnl
63 ## use the dirname of the openssl binary to determine the prefix of SSL
64 openssl_bindir=`dirname $OPENSSL_BIN`
65 openssl_prefix_maybe=`dirname $openssl_bindir`
66 OPENSSL_CPPFLAGS="-I$openssl_prefix_maybe/include"
67 OPENSSL_LDFLAGS="-L$openssl_prefix_maybe/lib"
69 ## now append these candidates to our c_switch and ld_switch
71 SXE_APPEND([$OPENSSL_CPPFLAGS], [CPPFLAGS])
72 SXE_APPEND([$OPENSSL_LDFLAGS], [LDFLAGS])
75 SXE_CHECK_HEADERS([openssl/crypto.h])
76 SXE_CHECK_HEADERS([openssl/x509.h openssl/pem.h])
77 SXE_CHECK_HEADERS([openssl/ssl.h openssl/bio.h])
78 AC_CHECK_LIB([ssl], [SSL_connect],
79 [have_libssl=yes], [have_libssl=no])
80 AC_CHECK_LIB([crypto], [OPENSSL_cleanse],
81 [have_libcrypto=yes], [have_libcrypto=no])
85 if test "$ac_cv_header_openssl_crypto_h $have_libcrypto $have_libssl " != "yes yes yes"; then
88 openssl_bin_prefix_worked="no"
90 openssl_bin_prefix_worked="yes"
92 ])dnl SXE_TRY_OPENSSL_BIN_PREFIX
94 AC_DEFUN([SXE_CHECK_OPENSSL_LOCS], [dnl
95 ## defines OPENSSL_CPPFLAGS and OPENSSL_LDFLAGS if needed
97 dnl Look for these standard header file locations
98 OPENSSL_LIBS="-lssl -lcrypto"
99 SXE_CHECK_HEADERS([openssl/crypto.h])
100 SXE_CHECK_HEADERS([openssl/x509.h openssl/pem.h])
101 SXE_CHECK_HEADERS([openssl/ssl.h openssl/bio.h])
102 AC_CHECK_LIB([crypto], [OPENSSL_cleanse],
103 [have_libcrypto=yes], [have_libcrypto=no])
104 AC_CHECK_LIB([ssl], [SSL_connect],
105 [have_libssl=yes], [have_libssl=no])
106 if test "$ac_cv_header_openssl_crypto_h $have_libcrypto $have_libssl" != "yes yes yes"; then
108 unset ac_cv_header_openssl_crypto_h
109 unset ac_cv_lib_crypto_OPENSSL_cleanse
110 SXE_TRY_OPENSSL_BIN_PREFIX
111 if test "$openssl_bin_prefix_worked" != "yes"; then
113 unset ac_cv_header_openssl_crypto_h
114 unset ac_cv_lib_crypto_OPENSSL_cleanse
115 SXE_TRY_OPENSSL_HISTORICAL_PREFIX
118 ## the location was known already, nothing to do now
121 ])dnl SXE_CHECK_OPENSSL_LOCS
123 AC_DEFUN([SXE_CHECK_OPENSSL_FEATURES], [dnl
124 dnl test for some special purpose stuff in libcrypto
125 AC_CHECK_LIB([crypto], [RSA_new], [openssl_no_rsa=no], [openssl_no_rsa=yes])
126 AC_CHECK_LIB([crypto], [DSA_new], [openssl_no_dsa=no], [openssl_no_dsa=yes])
127 AC_CHECK_LIB([crypto], [ECDSA_SIG_new], [openssl_no_ecdsa=no],
128 [openssl_no_ecdsa=yes])
129 AC_CHECK_LIB([crypto], [ECDH_OpenSSL], [openssl_no_ecdh=no],
130 [openssl_no_ecdh=yes])
131 AC_CHECK_LIB([crypto], [EC_KEY_new], [openssl_no_ec=no], [openssl_no_ec=yes])
132 AC_CHECK_LIB([crypto], [DH_new], [openssl_no_dh=no], [openssl_no_dh=yes])
133 if test "$openssl_no_rsa" = "yes"; then
134 AC_DEFINE([OPENSSL_NO_RSA], [1], [Description here!])
136 if test "$openssl_no_dsa" = "yes"; then
137 AC_DEFINE([OPENSSL_NO_DSA], [1], [Description here!])
139 if test "$openssl_no_ecdsa" = "yes"; then
140 AC_DEFINE([OPENSSL_NO_ECDSA], [1], [Description here!])
142 if test "$openssl_no_ecdh" = "yes"; then
143 AC_DEFINE([OPENSSL_NO_ECDH], [1], [Description here!])
145 if test "$openssl_no_ec" = "yes"; then
146 AC_DEFINE([OPENSSL_NO_EC], [1], [Description here!])
148 if test "$openssl_no_dh" = "yes"; then
149 AC_DEFINE([OPENSSL_NO_DH], [1], [Description here!])
152 dnl check for libssl support
153 AC_CHECK_LIB([ssl], [SSL_new], [openssl_ssl=yes], [openssl_ssl=no])
154 if test "$openssl_ssl" = "yes"; then
155 AC_DEFINE([OPENSSL_SSL], [1], [Description here!])
157 ])dnl SXE_CHECK_OPENSSL_FEATURES
159 AC_DEFUN([SXE_CHECK_OPENSSL_FUNCS], [dnl
161 LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS"
162 CPPFLAGS="$CPPFLAGS $OPENSSL_CPPFLAGS"
163 LIBS="$LIBS $OPENSSL_LIBS"
165 OpenSSL_add_all_digests OpenSSL_add_all_ciphers dnl
166 RAND_bytes RAND_query_egd_bytes RAND_status dnl
167 EVP_cleanup EVP_MD_CTX_init EVP_DigestInit_ex dnl
168 EVP_DigestUpdate EVP_DigestFinal_ex EVP_MD_CTX_cleanup dnl
169 HMAC_CTX_init HMAC_Init HMAC_Update HMAC_Final HMAC_CTX_cleanup dnl
170 EVP_BytesToKey EVP_CIPHER_CTX_init EVP_EncryptInit dnl
171 EVP_EncryptUpdate EVP_EncryptFinal EVP_DecryptInit dnl
172 EVP_DecryptUpdate EVP_DecryptFinal EVP_CIPHER_CTX_cleanup dnl
173 EVP_PKEY_new RSA_generate_key DSA_generate_parameters dnl
174 DSA_generate_key EC_get_builtin_curves dnl
175 EC_KEY_new_by_curve_name EC_KEY_generate_key dnl
176 EC_KEY_set_private_key EC_KEY_dup dnl
177 EVP_SealInit EVP_SealFinal EVP_OpenInit EVP_OpenFinal dnl
178 EVP_SignFinal EVP_VerifyFinal dnl
179 PEM_read_X509 PEM_read_PUBKEY PEM_read_PrivateKey dnl
180 PEM_write_PUBKEY PEM_write_PKCS8PrivateKey dnl
181 BIO_new BIO_free BIO_printf BIO_dump BIO_get_callback_arg dnl
182 BIO_set_callback BIO_set_callback_arg BIO_read dnl
183 SSL_library_init SSL_load_error_strings dnl
184 SSLv2_client_method SSLv3_client_method dnl
185 SSLv23_client_method TLSv1_client_method dnl
186 SSLv2_server_method SSLv3_server_method dnl
187 SSLv23_server_method TLSv1_server_method dnl
188 SSL_CTX_new SSL_CTX_free SSL_CTX_add_client_CA dnl
189 SSL_CTX_load_verify_locations SSL_CTX_use_certificate dnl
190 SSL_CTX_use_PrivateKey SSL_CTX_check_private_key dnl
191 SSL_CTX_use_certificate_file SSL_CTX_use_PrivateKey_file dnl
192 SSL_do_handshake SSL_get_error ssl_verify_cert_chain dnl
193 SSL_get_peer_cert_chain SSL_pending SSL_get_certificate dnl
194 SSL_get_peer_certificate X509_verify_cert_error_string dnl
195 SSL_get_verify_result SSL_get_current_cipher SSL_CIPHER_get_bits])
197 ])dnl SXE_CHECK_OPENSSL_FUNCS
199 AC_DEFUN([SXE_CHECK_OPENSSL], [dnl
200 AC_MSG_CHECKING([for OpenSSL])
204 dnl defines OPENSSL_VERSION and OPENSSL_SANE_P
206 if test "$OPENSSL_SANE_P" = "yes"; then
207 SXE_CHECK_OPENSSL_LOCS
208 if test "$have_libssl $have_libcrypto" = "yes yes"; then
210 SXE_CHECK_OPENSSL_FEATURES
211 SXE_CHECK_OPENSSL_FUNCS
214 ])dnl SXE_CHECK_OPENSSL
217 dnl Kerberos detection
218 dnl ==================
220 AC_DEFUN([SXE_CHECK_KERBEROS], [dnl
221 ## defines sxe_cv_feat_kerberos
222 ## call like this SXE_CHECK_GMP([<if-found>], [<if-not-found>])
223 pushdef([ACTION_IF_FOUND], [$1])
224 pushdef([ACTION_IF_NOT_FOUND], [$2])
226 AC_CACHE_CHECK([for kerberos support],
227 [sxe_cv_feat_kerberos], [_SXE_CHECK_KERBEROS])
229 if test "$sxe_cv_feat_kerberos5" = "yes"; then
230 AC_DEFINE([HAVE_KERBEROS5], [1],
231 [Whether kerberos5 support is available!])
233 if test "$sxe_cv_feat_kerberos" = "yes"; then
235 AC_DEFINE([HAVE_KERBEROS], [1],
236 [Whether kerberos support is available!])
243 popdef([ACTION_IF_FOUND])
244 popdef([ACTION_IF_NOT_FOUND])
245 ])dnl SXE_CHECK_KERBEROS
247 AC_DEFUN([SXE_CHECK_KERBEROS5], [dnl
248 ## defines sxe_cv_feat_kerberos
249 ## call like this SXE_CHECK_GMP([<if-found>], [<if-not-found>])
250 pushdef([ACTION_IF_FOUND], [$1])
251 pushdef([ACTION_IF_NOT_FOUND], [$2])
253 AC_CACHE_CHECK([for kerberos5 support],
254 [sxe_cv_feat_kerberos5], [_SXE_CHECK_KERBEROS])
256 if test "$sxe_cv_feat_kerberos5" = "yes"; then
258 AC_DEFINE([HAVE_KERBEROS5], [1],
259 [Whether kerberos5 support is available!])
266 popdef([ACTION_IF_FOUND])
267 popdef([ACTION_IF_NOT_FOUND])
268 ])dnl SXE_CHECK_KERBEROS5
270 AC_DEFUN([_SXE_CHECK_KERBEROS], [dnl
271 AC_REQUIRE([SXE_CHECK_KERBEROS_HEADERS])
272 AC_REQUIRE([SXE_CHECK_KERBEROS_LIBS])
274 if test "$ac_cv_header_krb5_krb5_h" = "yes" -a \
275 "$ac_cv_lib_krb5_krb5_sendauth" = "yes" -o \
276 "$ac_cv_header_krb5_h" = "yes" -a \
277 "$ac_cv_lib_krb5_krb5_sendauth" = "yes"; then
278 sxe_cv_feat_kerberos="yes"
279 sxe_cv_feat_kerberos5="yes"
280 KERBEROS_LIBS="-lkrb5"
281 elif test "$ac_cv_header_krb_krb_h" = "yes" -a \
282 "$ac_cv_lib_krb_krb_sendauth" = "yes" -o \
283 "$ac_cv_header_krb_h" = "yes" -a \
284 "$ac_cv_lib_krb_krb_sendauth" = "yes"; then
285 sxe_cv_feat_kerberos="yes"
286 sxe_cv_feat_kerberos5="no"
287 KERBEROS_LIBS="-lkrb"
288 elif test "$ac_cv_header_kerberos_krb_h" = "yes" -a \
289 "$ac_cv_lib_krb_krb_sendauth" = "yes" -o \
290 "$ac_cv_header_kerberosIV_krb_h" = "yes" -a \
291 "$ac_cv_lib_krb_krb_sendauth" = "yes"; then
292 sxe_cv_feat_kerberos="yes"
293 sxe_cv_feat_kerberos5="no"
294 KERBEROS_LIBS="-lkrb"
296 sxe_cv_feat_kerberos="no"
297 sxe_cv_feat_kerberos5="no"
300 ])dnl _SXE_CHECK_KERBEROS
302 AC_DEFUN([SXE_CHECK_KERBEROS_HEADERS], [dnl
303 AC_CHECK_HEADERS([des.h krb.h krb/krb.h])
304 AC_CHECK_HEADERS([kerberos/krb.h kerberosIV/krb.h])
305 AC_CHECK_HEADERS([krb5.h krb5/krb5.h])
306 AC_CHECK_HEADERS([com_err.h krb/com_err.h kerberosIV/krb_err.h])
307 ])dnl SXE_CHECK_KERBEROS_HEADERS
309 AC_DEFUN([SXE_CHECK_KERBEROS_LIBS], [dnl
310 AC_CHECK_LIB([krb], [krb_sendauth], [:])
311 AC_CHECK_LIB([krb5], [krb5_sendauth], [:])
312 ])dnl SXE_CHECK_KERBEROS_LIBS
314 dnl sxe-maths.m4 ends here
projects / sxemacs / blob