AC_PREREQ([2.67])
-AC_INIT([cryptsetup],[1.2.0])
+AC_INIT([cryptsetup],[1.4.1])
dnl library version from <major>.<minor>.<release>[-<suffix>]
LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-)
-LIBCRYPTSETUP_VERSION_INFO=2:0:1
+LIBCRYPTSETUP_VERSION_INFO=4:0:0
AC_CONFIG_SRCDIR(src/cryptsetup.c)
AC_CONFIG_MACRO_DIR([m4])
AC_MSG_ERROR([Static build of cryptsetup is not supported with NSS.]),
fi
+ AC_MSG_WARN([NSS backend does NOT provide backward compatibility (missing ripemd160 hash).])
+
PKG_CHECK_MODULES([NSS], [nss],,
AC_MSG_ERROR('You need nss library'))
CRYPTO_CFLAGS=$NSS_CFLAGS
])
+AC_DEFUN([CONFIGURE_NETTLE], [
+ AC_CHECK_HEADERS(nettle/sha.h,,
+ [AC_MSG_ERROR('You need Nettle cryptographic library.')])
+
+ saved_LIBS=$LIBS
+ AC_CHECK_LIB(nettle, nettle_ripemd160_init,,
+ [AC_MSG_ERROR('You need Nettle library version 2.4 or more recent.')])
+ CRYPTO_LIBS=$LIBS
+ LIBS=$saved_LIBS
+
+ CRYPTO_STATIC_LIBS=$CRYPTO_LIBS
+])
+
dnl ==========================================================================
saved_LIBS=$LIBS
AC_ARG_ENABLE([static-cryptsetup],
AS_HELP_STRING([--enable-static-cryptsetup],
- [enable build of static cryptsetup binary]), [
+ [enable build of static cryptsetup binary]))
+if test x$enable_static_cryptsetup = xyes; then
if test x$enable_static = xno; then
AC_MSG_WARN([Requested static cryptsetup build, enabling static library.])
enable_static=yes
fi
- enable_static_cryptsetup=yes])
+fi
AM_CONDITIONAL(STATIC_CRYPTSETUP, test x$enable_static_cryptsetup = xyes)
AC_ARG_ENABLE(selinux,
LIBS=$saved_LIBS
LIBS="$LIBS $DEVMAPPER_LIBS"
+AC_CHECK_DECLS([dm_task_secure_data], [], [], [#include <libdevmapper.h>])
AC_CHECK_DECLS([DM_UDEV_DISABLE_DISK_RULES_FLAG], [have_cookie=yes], [have_cookie=no], [#include <libdevmapper.h>])
if test "x$enable_udev" = xyes; then
if test "x$have_cookie" = xno; then
dnl Crypto backend configuration.
AC_ARG_WITH([crypto_backend],
- AS_HELP_STRING([--with-crypto_backend], [crypto backend (gcrypt/openssl/nss/kernel) [gcrypt]]),
+ AS_HELP_STRING([--with-crypto_backend=BACKEND], [crypto backend (gcrypt/openssl/nss/kernel/nettle) [gcrypt]]),
[], with_crypto_backend=gcrypt
)
case $with_crypto_backend in
openssl) CONFIGURE_OPENSSL([]) ;;
nss) CONFIGURE_NSS([]) ;;
kernel) CONFIGURE_KERNEL([]) ;;
+ nettle) CONFIGURE_NETTLE([]) ;;
*) AC_MSG_ERROR([Unknown crypto backend.]) ;;
esac
AM_CONDITIONAL(CRYPTO_BACKEND_GCRYPT, test $with_crypto_backend = gcrypt)
AM_CONDITIONAL(CRYPTO_BACKEND_OPENSSL, test $with_crypto_backend = openssl)
AM_CONDITIONAL(CRYPTO_BACKEND_NSS, test $with_crypto_backend = nss)
AM_CONDITIONAL(CRYPTO_BACKEND_KERNEL, test $with_crypto_backend = kernel)
+AM_CONDITIONAL(CRYPTO_BACKEND_NETTLE, test $with_crypto_backend = nettle)
dnl Magic for cryptsetup.static build.
if test x$enable_static_cryptsetup = xyes; then
AC_CHECK_LIB(devmapper, dm_task_set_uuid,,
AC_MSG_ERROR([Cannot link with static device-mapper library.]))
+ dnl Try to detect uuid static library.
+ LIBS="$saved_LIBS -static"
+ AC_CHECK_LIB(uuid, uuid_generate,,
+ AC_MSG_ERROR([Cannot find static uuid library.]))
+
LIBS=$saved_LIBS
PKG_CONFIG=$saved_PKG_CONFIG
fi
[CS_DEFINE([$1], [$3], [$2])]
)])
+dnl ==========================================================================
+dnl Python bindings
+AC_ARG_ENABLE([python], AS_HELP_STRING([--enable-python],[enable Python bindings]),
+[with_python=$enableval],
+[with_python=no])
+
+if test "x$with_python" = "xyes"; then
+ AM_PATH_PYTHON([2.4])
+
+ if ! test -x "$PYTHON-config" ; then
+ AC_MSG_ERROR([Cannot find python development packages to build bindings])
+ fi
+
+ PYTHON_INCLUDES=$($PYTHON-config --includes)
+ AC_SUBST(PYTHON_INCLUDES)
+fi
+AM_CONDITIONAL([PYTHON_CRYPTSETUP], [test "x$with_python" = "xyes"])
+
+dnl ==========================================================================
CS_STR_WITH([plain-hash], [password hashing function for plain mode], [ripemd160])
CS_STR_WITH([plain-cipher], [cipher for plain mode], [aes])
CS_STR_WITH([plain-mode], [cipher mode for plain mode], [cbc-essiv:sha256])
CS_STR_WITH([luks1-mode], [cipher mode for LUKS1], [cbc-essiv:sha256])
CS_NUM_WITH([luks1-keybits],[key length in bits for LUKS1], [256])
+CS_STR_WITH([loopaes-cipher], [cipher for loop-AES mode], [aes])
+CS_NUM_WITH([loopaes-keybits],[key length in bits for loop-AES mode], [256])
+
+CS_NUM_WITH([keyfile-size-maxkb],[maximum keyfile size (in kilobytes)], [8192])
+CS_NUM_WITH([passphrase-size-max],[maximum keyfile size (in kilobytes)], [512])
dnl ==========================================================================
lib/libcryptsetup.pc
lib/crypto_backend/Makefile
lib/luks1/Makefile
+lib/loopaes/Makefile
src/Makefile
po/Makefile.in
man/Makefile
tests/Makefile
+python/Makefile
])
AC_OUTPUT