blob: 391f1cbd5992e6e0aa97413c9d21659ceb286e04 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
# SYNOPSIS -*- Autoconf -*-
#
# NTP_CRYPTO_RAND
#
# DESCRIPTION
#
# AUTHOR
#
# Harlan Stenn
#
# LICENSE
#
# This file is Copyright (c) 2014 Network Time Foundation
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice,
# author attribution and this notice are preserved. This file is offered
# as-is, without any warranty.
AC_DEFUN([NTP_CRYPTO_RAND], [
AC_REQUIRE([NTP_OPENSSL])dnl
dnl check for --disable-openssl-random
dnl if that's not specified:
dnl - Look for RAND_poll and RAND_bytes
dnl - if they exist, define USE_OPENSSL_CRYPTO_RAND
AC_MSG_CHECKING([if we want to use SSL library's secure random numbers])
AC_ARG_ENABLE(
[openssl-random],
[AS_HELP_STRING(
[--enable-openssl-random],
[+ Use SSL lib's secure random numbers]
)],
[ntp_use_openssl_random=$enableval ; ntp_ssl_random_mandatory=$enableval],
[ntp_use_openssl_random=yes ; ntp_ssl_random_mandatory=no]
)
AC_MSG_RESULT([$ntp_use_openssl_random])
# The following might need extra libraries
NTPO_SAVED_LIBS="$LIBS"
LIBS="$NTPO_SAVED_LIBS $LDADD_NTP"
dnl AC_MSG_NOTICE([LIBS is <$LIBS>])
AC_CHECK_FUNCS([RAND_bytes RAND_poll])
LIBS="$NTPO_SAVED_LIBS"
case "$ntp_openssl$ntp_use_openssl_random$ac_cv_func_RAND_bytes$ac_cv_func_RAND_poll" in
yesyesyesyes)
AC_MSG_NOTICE([Using SSL library's secure random number generator])
AC_DEFINE([USE_OPENSSL_CRYPTO_RAND], [1], [Use OpenSSL's crypto random functions])
;;
*)
ntp_use_openssl_random=no
AC_MSG_NOTICE([SSL library's secure random number generator unavailable.])
case "$ntp_ssl_random_mandatory" in
yes)
AC_MSG_ERROR(
[No suitable SSL library was found and
--enable-openssl-random was given.. Remove --enable-openssl-random
if you wish to build without a cryptographically secure random number
generator.
WARNING: Use of ntp-keygen without a secure RNG may generate
------- keys that are predictable.]
)
;;
*)
AC_MSG_WARN(
[WARNING: Use of ntp-keygen without a secure RNG may generate
------- keys that are predictable.]
)
esac
esac
AS_UNSET([ntp_ssl_random_mandatory])
]) dnl NTP_CRYPTO_RAND
|
