diff options
author | Jonathan Reams <jbreams@mongodb.com> | 2015-05-22 10:44:39 -0400 |
---|---|---|
committer | Jonathan Reams <jbreams@mongodb.com> | 2015-07-14 13:26:58 -0400 |
commit | 27d655f756492dc5c0848204ee88f449859ef8a9 (patch) | |
tree | 978580659197d3277226f4332045d16a1d05f8d7 /SConstruct | |
parent | 66cb570f7b0e5de6dc4a58238e320fcf65396806 (diff) | |
download | mongo-27d655f756492dc5c0848204ee88f449859ef8a9.tar.gz |
SERVER-18371 Add configure check for SSL/FIPS
Diffstat (limited to 'SConstruct')
-rw-r--r-- | SConstruct | 38 |
1 files changed, 35 insertions, 3 deletions
diff --git a/SConstruct b/SConstruct index aaedd510ec3..5e938be0df5 100644 --- a/SConstruct +++ b/SConstruct @@ -232,7 +232,6 @@ add_option( "extralib", "comma separated list of libraries (--extralib js_stati # experimental features add_option( "mm", "use main memory instead of memory mapped files" , 0 , True ) add_option( "ssl" , "Enable SSL" , 0 , True ) -add_option( "ssl-fips-capability", "Enable the ability to activate FIPS 140-2 mode", 0, True ); add_option( "rocksdb" , "Enable RocksDB" , 0 , False ) add_option( "wiredtiger", "Enable wiredtiger", "?", True, "wiredtiger", type="choice", choices=["on", "off"], const="on", default="on") @@ -1158,8 +1157,6 @@ if has_option( "ssl" ): else: env.Append( LIBS=["ssl"] ) env.Append( LIBS=["crypto"] ) - if has_option("ssl-fips-capability"): - env.Append( CPPDEFINES=["MONGO_SSL_FIPS"] ) else: env.Append( MONGO_CRYPTO=["tom"] ) @@ -2279,6 +2276,41 @@ def doConfigure(myenv): # ask each module to configure itself and the build environment. moduleconfig.configure_modules(mongo_modules, conf) + def CheckLinkSSL(context): + test_body = """ + #include <openssl/err.h> + #include <openssl/ssl.h> + #include <stdlib.h> + + int main() { + SSL_library_init(); + SSL_load_error_strings(); + ERR_load_crypto_strings(); + + OpenSSL_add_all_algorithms(); + ERR_free_strings(); + return EXIT_SUCCESS; + } + """ + context.Message("Checking if OpenSSL is available...") + ret = context.TryLink(textwrap.dedent(test_body), ".c") + context.Result(ret) + return ret + conf.AddTest("CheckLinkSSL", CheckLinkSSL) + + if has_option("ssl"): + if not conf.CheckLinkSSL(): + print "SSL is enabled, but is unavailable" + Exit(1) + + if conf.CheckDeclaration( + "FIPS_mode_set", + includes=""" + #include <openssl/crypto.h> + #include <openssl/evp.h> + """): + conf.env.Append(CPPDEFINES=['MONGO_HAVE_FIPS_MODE_SET']) + return conf.Finish() env = doConfigure( env ) |