conditionally build certhash into openssl(1)

For now, look for openat and symlink. We may switch to just needing symlink later.
author: Brent Cook <bcook@openbsd.org> 2015-02-14 18:51:44 -0600
committer: Brent Cook <bcook@openbsd.org> 2015-02-14 18:54:43 -0600
commit: 28311d4355e38376dc7ebcf1d2d7957718f55359 (patch)
tree: ac6dd78bba77be68c50a9070a7876bdece1443a4
parent: 2286578fd4e93e024ac33a0fd8f89dc936ad95a8 (diff)
download: portable-28311d4355e38376dc7ebcf1d2d7957718f55359.tar.gz
portable-28311d4355e38376dc7ebcf1d2d7957718f55359.tar.bz2
portable-28311d4355e38376dc7ebcf1d2d7957718f55359.zip
4 files changed, 22 insertions, 1 deletions
diff --git a/.gitignore b/.gitignore
index 9f95742..b27bf23 100644
--- a/.gitignore
+++ b/.gitignore
@@ -111,6 +111,7 @@ apps/openssl
 apps/openssl.cnf
 !apps/apps_win.c
 !apps/poll_win.c
+!apps/certhash_disabled.c
 crypto/compat/arc4random.c
 crypto/compat/chacha_private.h
diff --git a/apps/Makefile.am b/apps/Makefile.am
index f752ca6..30978c1 100644
--- a/apps/Makefile.am
+++ b/apps/Makefile.am
@@ -10,7 +10,6 @@ openssl_LDADD += $(top_builddir)/crypto/libcrypto.la
 openssl_SOURCES = apps.c
 openssl_SOURCES += asn1pars.c
 openssl_SOURCES += ca.c
-openssl_SOURCES += certhash.c
 openssl_SOURCES += ciphers.c
 openssl_SOURCES += cms.c
 openssl_SOURCES += crl.c
@@ -58,6 +57,12 @@ openssl_SOURCES += verify.c
 openssl_SOURCES += version.c
 openssl_SOURCES += x509.c
+if BUILD_CERTHASH
+openssl_SOURCES += certhash.c
+else
+openssl_SOURCES += certhash_disabled.c
+endif
 if HOST_WIN
 openssl_SOURCES += apps_win.c
 else
diff --git a/apps/certhash_disabled.c b/apps/certhash_disabled.c
new file mode 100644
index 0000000..8238ff7
--- /dev/null
+++ b/apps/certhash_disabled.c
@@ -0,0 +1,13 @@
+/*
+ * Public domain
+ * certhash dummy implementation for platforms without symlinks
+ */
+#include "apps.h"
+int
+certhash_main(int argc, char **argv)
+{
+        fprintf(stderr, "certhash is not enabled on this platform\n");
+        return (1);
+}
diff --git a/configure.ac b/configure.ac
index d8e5338..2f86fbd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -197,6 +197,7 @@ LDFLAGS="$LDFLAGS $CLANG_FLAGS"
 AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval])
 AC_CHECK_FUNCS([getentropy issetugid memmem poll reallocarray])
 AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum])
+AC_CHECK_FUNCS([symlink openat])
 AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
 # Share test results with automake
@@ -215,6 +216,7 @@ AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
 AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
+AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes -a "x$ac_cv_func_openat" = xyes])
 # overrides for arc4random_buf implementations with known issues
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
author	Brent Cook <bcook@openbsd.org>	2015-02-14 18:51:44 -0600
committer	Brent Cook <bcook@openbsd.org>	2015-02-14 18:54:43 -0600
commit	28311d4355e38376dc7ebcf1d2d7957718f55359 (patch)
tree	ac6dd78bba77be68c50a9070a7876bdece1443a4
parent	2286578fd4e93e024ac33a0fd8f89dc936ad95a8 (diff)
download	portable-28311d4355e38376dc7ebcf1d2d7957718f55359.tar.gz portable-28311d4355e38376dc7ebcf1d2d7957718f55359.tar.bz2 portable-28311d4355e38376dc7ebcf1d2d7957718f55359.zip