From 28311d4355e38376dc7ebcf1d2d7957718f55359 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Sat, 14 Feb 2015 18:51:44 -0600 Subject: conditionally build certhash into openssl(1) For now, look for openat and symlink. We may switch to just needing symlink later. --- .gitignore | 1 + apps/Makefile.am | 7 ++++++- apps/certhash_disabled.c | 13 +++++++++++++ configure.ac | 2 ++ 4 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 apps/certhash_disabled.c diff --git a/.gitignore b/.gitignore index 9f95742..b27bf23 100644 --- a/.gitignore +++ b/.gitignore @@ -111,6 +111,7 @@ apps/openssl apps/openssl.cnf !apps/apps_win.c !apps/poll_win.c +!apps/certhash_disabled.c crypto/compat/arc4random.c crypto/compat/chacha_private.h diff --git a/apps/Makefile.am b/apps/Makefile.am index f752ca6..30978c1 100644 --- a/apps/Makefile.am +++ b/apps/Makefile.am @@ -10,7 +10,6 @@ openssl_LDADD += $(top_builddir)/crypto/libcrypto.la openssl_SOURCES = apps.c openssl_SOURCES += asn1pars.c openssl_SOURCES += ca.c -openssl_SOURCES += certhash.c openssl_SOURCES += ciphers.c openssl_SOURCES += cms.c openssl_SOURCES += crl.c @@ -58,6 +57,12 @@ openssl_SOURCES += verify.c openssl_SOURCES += version.c openssl_SOURCES += x509.c +if BUILD_CERTHASH +openssl_SOURCES += certhash.c +else +openssl_SOURCES += certhash_disabled.c +endif + if HOST_WIN openssl_SOURCES += apps_win.c else diff --git a/apps/certhash_disabled.c b/apps/certhash_disabled.c new file mode 100644 index 0000000..8238ff7 --- /dev/null +++ b/apps/certhash_disabled.c @@ -0,0 +1,13 @@ +/* + * Public domain + * certhash dummy implementation for platforms without symlinks + */ + +#include "apps.h" + +int +certhash_main(int argc, char **argv) +{ + fprintf(stderr, "certhash is not enabled on this platform\n"); + return (1); +} diff --git a/configure.ac b/configure.ac index d8e5338..2f86fbd 100644 --- a/configure.ac +++ b/configure.ac @@ -197,6 +197,7 @@ LDFLAGS="$LDFLAGS $CLANG_FLAGS" AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval]) AC_CHECK_FUNCS([getentropy issetugid memmem poll reallocarray]) AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum]) +AC_CHECK_FUNCS([symlink openat]) AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp]) # Share test results with automake @@ -215,6 +216,7 @@ AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes]) AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes]) AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes]) AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes]) +AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes -a "x$ac_cv_func_openat" = xyes]) # overrides for arc4random_buf implementations with known issues AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], -- cgit v1.2.3-55-g6feb