diff options
author | Daiki Ueno <ueno@gnu.org> | 2022-01-17 17:53:32 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2022-01-17 17:53:32 +0000 |
commit | 34c6c97bd77975b96597e1e4c03e4d0465dda22a (patch) | |
tree | 666f64e885bb22dd43a89ed9e583680eb6f8c6ce /configure.ac | |
parent | 0a673a028506c6bff961c41992fb25baa1a11509 (diff) | |
parent | e256951eab4cc44367f8cc7bd2a51eeaacc10f7d (diff) | |
download | gnutls-34c6c97bd77975b96597e1e4c03e4d0465dda22a.tar.gz |
Merge branch 'wip/dueno/fips-module-version' into 'master'
fips: add mechanism to embed FIPS module name in the library
See merge request gnutls/gnutls!1508
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 84 |
1 files changed, 83 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index a4f8c183ae..895f845872 100644 --- a/configure.ac +++ b/configure.ac @@ -594,6 +594,24 @@ if [ test "$enable_fips" = "yes" ];then fips_key="orboDeJITITejsirpADONivirpUkvarP") AC_DEFINE_UNQUOTED([FIPS_KEY], ["$fips_key"], [The FIPS140-2 integrity key]) + + AC_ARG_WITH(fips140-module-name, AS_HELP_STRING([--with-fips140-module-name], + [specify the FIPS140 module name]), + fips_module_name="$withval", + fips_module_name=none) + + if test "x$fips_module_name" != xnone; then + AC_DEFINE_UNQUOTED([FIPS_MODULE_NAME], ["$fips_module_name"], [The FIPS140 module name]) + fi + + AC_ARG_WITH(fips140-module-version, AS_HELP_STRING([--with-fips140-module-version], + [specify the FIPS140 module version]), + fips_module_version="$withval", + fips_module_version=none) + + if test "x$fips_module_version" != xnone; then + AC_DEFINE_UNQUOTED([FIPS_MODULE_VERSION], ["$fips_module_version"], [The FIPS140 module version]) + fi else enable_fips=no AC_MSG_WARN([[ @@ -864,7 +882,7 @@ AM_CONDITIONAL(P11KIT_0_23_11_API, $PKG_CONFIG --atleast-version=0.23.11 p11-kit AM_CONDITIONAL(ENABLE_PKCS11, test "$with_p11_kit" != "no") -AC_ARG_WITH(tpm, +AC_ARG_WITH(tpm2, AS_HELP_STRING([--without-tpm2], [Disable TPM2 support.]), [with_tpm2=$withval], [with_tpm2=auto]) @@ -1142,6 +1160,70 @@ AM_CONDITIONAL(NEEDS_LIBRT, test "$gnutls_needs_librt" = "yes") AC_DEFINE([GNUTLS_INTERNAL_BUILD], 1, [We allow temporarily usage of deprecated functions - until they are removed.]) +hw_features= +if test "$enable_cryptodev" = yes; then + hw_features="$hw_features cryptodev" +fi +if test "$enable_afalg" = yes; then + hw_features="$hw_features afalg" +fi +if test "$use_padlock" = yes; then + hw_features="$hw_features padlock" +fi +if test "$with_p11_kit" = yes; then + hw_features="$hw_features pkcs11" +fi +if test "$with_tpm" = yes; then + hw_features="$hw_features tpm" +fi +if test "$have_tpm2" = yes; then + hw_features="$hw_features tpm2" +fi +if test "$enable_ktls" = yes; then + hw_features="$hw_features ktls" +fi +hw_features=`eval 'expr "$hw_features" : " \(.*\)"'` +AC_DEFINE_UNQUOTED([HW_FEATURES], ["$hw_features"], + [The enabled hardware features]) + +tls_features= +if test "$ac_enable_ssl3" = yes; then + tls_features="$tls_features ssl3" +fi +if test "$ac_enable_ssl2" = yes; then + tls_features="$tls_features ssl2-compat" +fi +if test "$ac_enable_srtp" = yes; then + tls_features="$tls_features srtp" +fi +if test "$ac_enable_alpn" = yes; then + tls_features="$tls_features alpn" +fi +if test "$ac_enable_ocsp" = yes; then + tls_features="$tls_features ocsp" +fi +if test "$ac_enable_srp" = yes; then + tls_features="$tls_features srp" +fi +if test "$ac_enable_psk" = yes; then + tls_features="$tls_features psk" +fi +if test "$ac_enable_dhe" = yes; then + tls_features="$tls_features dhe" +fi +if test "$ac_enable_ecdhe" = yes; then + tls_features="$tls_features ecdhe" +fi +if test "$ac_enable_anon" = yes; then + tls_features="$tls_features auth-anon" +fi +if test "$ac_enable_heartbeat" = yes; then + tls_features="$tls_features heartbeat" +fi +tls_features=`eval 'expr "$tls_features" : " \(.*\)"'` +AC_DEFINE_UNQUOTED([TLS_FEATURES], ["$tls_features"], + [The enabled TLS features]) + AC_DEFINE([fread_file], [_gnutls_fread_file], [static lib rename]) AC_DEFINE([read_file], [_gnutls_read_file], [static lib rename]) |