diff options
| author | ADAM David Alan Martin <adam.martin@10gen.com> | 2017-08-14 14:15:52 -0400 |
|---|---|---|
| committer | ADAM David Alan Martin <adam.martin@10gen.com> | 2017-08-14 15:35:22 -0400 |
| commit | 476e861748510449511eb0a9a250a03cff8c07e6 (patch) | |
| tree | 3015dd2d39c4c47e2de31c07573c9dd05dbc757a /SConstruct | |
| parent | 58b36b8bbc6ca7159e100ada6dc15852af0a8661 (diff) | |
| download | mongo-476e861748510449511eb0a9a250a03cff8c07e6.tar.gz | |
SERVER-24897 Configuration of DHE parameters.
Added an option to permit specifying a Diffie Hellman parameters file
in PEM format which will be passed to OpenSSL. We also now indicate
to OpenSSL that we'd like Elliptic Curve Diffie Hellman Exchange,
if the client supports it.
Diffstat (limited to 'SConstruct')
| -rw-r--r-- | SConstruct | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/SConstruct b/SConstruct index 71a0ee147e8..9c984268122 100644 --- a/SConstruct +++ b/SConstruct @@ -2760,6 +2760,27 @@ def doConfigure(myenv): """): conf.env.SetConfigHeaderDefine('MONGO_CONFIG_HAVE_ASN1_ANY_DEFINITIONS') + + def CheckOpenSSL_EC_DH(context): + compile_test_body = textwrap.dedent(""" + #include <openssl/ssl.h> + + int main() { + SSL_CTX_set_ecdh_auto(0, 0); + SSL_set_ecdh_auto(0, 0); + return 0; + } + """) + + context.Message("Checking if SSL_[CTX_]_set_ecdh_auto is supported... ") + result = context.TryCompile(compile_test_body, ".cpp") + context.Result(result) + return result + + conf.AddTest("CheckOpenSSL_EC_DH", CheckOpenSSL_EC_DH) + if conf.CheckOpenSSL_EC_DH(): + conf.env.SetConfigHeaderDefine('MONGO_CONFIG_HAS_SSL_SET_ECDH_AUTO') + else: env.Append( MONGO_CRYPTO=["tom"] ) |