AC_PREREQ([2.67])
-AC_INIT([cryptsetup],[1.2.0-rc1])
+AC_INIT([cryptsetup],[1.4.0-cvs])
dnl library version from <major>.<minor>.<release>[-<suffix>]
LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-)
-LIBCRYPTSETUP_VERSION_INFO=2:0:1
+LIBCRYPTSETUP_VERSION_INFO=4:0:0
AC_CONFIG_SRCDIR(src/cryptsetup.c)
AC_CONFIG_MACRO_DIR([m4])
AC_SUBST(UUID_LIBS, $LIBS)
LIBS=$saved_LIBS
-
-AM_PATH_LIBGCRYPT(1.1.42,,[AC_MSG_ERROR('You need the gcrypt library')])
-
AC_CHECK_FUNCS([posix_memalign])
AC_C_CONST
LIBS=$saved_LIBS
dnl ==========================================================================
+dnl Crypto backend functions
+
+AC_DEFUN([CONFIGURE_GCRYPT], [
+ AM_PATH_LIBGCRYPT(1.1.42,,[AC_MSG_ERROR('You need the gcrypt library')])
+
+ if test x$enable_static_cryptsetup = xyes; then
+ saved_LIBS=$LIBS
+ LIBS="$saved_LIBS $LIBGCRYPT_LIBS -static"
+ AC_CHECK_LIB(gcrypt, gcry_check_version,,
+ AC_MSG_ERROR([Cannot find static gcrypt library.]),
+ [-lgpg-error])
+ LIBGCRYPT_STATIC_LIBS="$LIBGCRYPT_LIBS -lgpg-error"
+ LIBS=$saved_LIBS
+ fi
+
+ CRYPTO_CFLAGS=$LIBGCRYPT_CFLAGS
+ CRYPTO_LIBS=$LIBGCRYPT_LIBS
+ CRYPTO_STATIC_LIBS=$LIBGCRYPT_STATIC_LIBS
+])
+
+AC_DEFUN([CONFIGURE_OPENSSL], [
+ PKG_CHECK_MODULES([OPENSSL], [openssl >= 0.9.8],,
+ AC_MSG_ERROR('You need openssl library'))
+ CRYPTO_CFLAGS=$OPENSSL_CFLAGS
+ CRYPTO_LIBS=$OPENSSL_LIBS
+
+ if test x$enable_static_cryptsetup = xyes; then
+ saved_PKG_CONFIG=$PKG_CONFIG
+ PKG_CONFIG="$PKG_CONFIG --static"
+ PKG_CHECK_MODULES([OPENSSL], [openssl])
+ CRYPTO_STATIC_LIBS=$OPENSSL_LIBS
+ PKG_CONFIG=$saved_PKG_CONFIG
+ fi
+])
+
+AC_DEFUN([CONFIGURE_NSS], [
+ if test x$enable_static_cryptsetup = xyes; then
+ AC_MSG_ERROR([Static build of cryptsetup is not supported with NSS.]),
+ fi
+
+ AC_MSG_WARN([NSS backend does NOT provide backward compatibility (missing ripemd160 hash).])
+
+ PKG_CHECK_MODULES([NSS], [nss],,
+ AC_MSG_ERROR('You need nss library'))
+ CRYPTO_CFLAGS=$NSS_CFLAGS
+ CRYPTO_LIBS=$NSS_LIBS
+])
+
+AC_DEFUN([CONFIGURE_KERNEL], [
+ AC_CHECK_HEADERS(linux/if_alg.h,,
+ [AC_MSG_ERROR('You need Linux kernel with userspace crypto interface.')])
+# AC_CHECK_DECLS([AF_ALG],,
+# [AC_MSG_ERROR('You need Linux kernel with userspace crypto interface.')],
+# [#include <sys/socket.h>])
+
+])
+
+AC_DEFUN([CONFIGURE_NETTLE], [
+ AC_CHECK_HEADERS(nettle/sha.h,,
+ [AC_MSG_ERROR('You need Nettle cryptographic library.')])
+
+ saved_LIBS=$LIBS
+ AC_CHECK_LIB(nettle, nettle_sha512_init,,
+ [AC_MSG_ERROR('You need Nettle library version 2.1 or more recent.')])
+ CRYPTO_LIBS=$LIBS
+ LIBS=$saved_LIBS
+
+ AC_MSG_WARN([Nettle backend does NOT provide backward compatibility (missing ripemd160 hash).])
+
+ CRYPTO_STATIC_LIBS=$CRYPTO_LIBS
+])
+
+dnl ==========================================================================
saved_LIBS=$LIBS
AC_ARG_ENABLE([static-cryptsetup],
AS_HELP_STRING([--enable-static-cryptsetup],
- [enable build of static cryptsetup binary]), [
+ [enable build of static cryptsetup binary]))
+if test x$enable_static_cryptsetup = xyes; then
if test x$enable_static = xno; then
AC_MSG_WARN([Requested static cryptsetup build, enabling static library.])
enable_static=yes
fi
- enable_static_cryptsetup=yes])
+fi
AM_CONDITIONAL(STATIC_CRYPTSETUP, test x$enable_static_cryptsetup = xyes)
AC_ARG_ENABLE(selinux,
LIBS=$saved_LIBS
LIBS="$LIBS $DEVMAPPER_LIBS"
+AC_CHECK_DECLS([dm_task_secure_data], [], [], [#include <libdevmapper.h>])
AC_CHECK_DECLS([DM_UDEV_DISABLE_DISK_RULES_FLAG], [have_cookie=yes], [have_cookie=no], [#include <libdevmapper.h>])
if test "x$enable_udev" = xyes; then
if test "x$have_cookie" = xno; then
fi
LIBS=$saved_LIBS
+dnl Crypto backend configuration.
+AC_ARG_WITH([crypto_backend],
+ AS_HELP_STRING([--with-crypto_backend=BACKEND], [crypto backend (gcrypt/openssl/nss/kernel/nettle) [gcrypt]]),
+ [], with_crypto_backend=gcrypt
+)
+case $with_crypto_backend in
+ gcrypt) CONFIGURE_GCRYPT([]) ;;
+ openssl) CONFIGURE_OPENSSL([]) ;;
+ nss) CONFIGURE_NSS([]) ;;
+ kernel) CONFIGURE_KERNEL([]) ;;
+ nettle) CONFIGURE_NETTLE([]) ;;
+ *) AC_MSG_ERROR([Unknown crypto backend.]) ;;
+esac
+AM_CONDITIONAL(CRYPTO_BACKEND_GCRYPT, test $with_crypto_backend = gcrypt)
+AM_CONDITIONAL(CRYPTO_BACKEND_OPENSSL, test $with_crypto_backend = openssl)
+AM_CONDITIONAL(CRYPTO_BACKEND_NSS, test $with_crypto_backend = nss)
+AM_CONDITIONAL(CRYPTO_BACKEND_KERNEL, test $with_crypto_backend = kernel)
+AM_CONDITIONAL(CRYPTO_BACKEND_NETTLE, test $with_crypto_backend = nettle)
+
dnl Magic for cryptsetup.static build.
if test x$enable_static_cryptsetup = xyes; then
saved_PKG_CONFIG=$PKG_CONFIG
PKG_CONFIG="$PKG_CONFIG --static"
- LIBS="$saved_LIBS $LIBGCRYPT_LIBS -static"
- AC_CHECK_LIB(gcrypt, gcry_check_version,,
- AC_MSG_ERROR([Cannot find static gcrypt library.]),
- [-lgpg-error])
- LIBGCRYPT_STATIC_LIBS="$LIBGCRYPT_LIBS -lgpg-error"
-
LIBS="$saved_LIBS -static"
AC_CHECK_LIB(popt, poptGetContext,,
AC_MSG_ERROR([Cannot find static popt library.]))
AC_SUBST([DEVMAPPER_LIBS])
AC_SUBST([DEVMAPPER_STATIC_LIBS])
-AC_SUBST([LIBGCRYPT_STATIC_LIBS])
+
+AC_SUBST([CRYPTO_CFLAGS])
+AC_SUBST([CRYPTO_LIBS])
+AC_SUBST([CRYPTO_STATIC_LIBS])
+
AC_SUBST([LIBCRYPTSETUP_VERSION])
AC_SUBST([LIBCRYPTSETUP_VERSION_INFO])
CS_STR_WITH([luks1-mode], [cipher mode for LUKS1], [cbc-essiv:sha256])
CS_NUM_WITH([luks1-keybits],[key length in bits for LUKS1], [256])
+CS_STR_WITH([loopaes-cipher], [cipher for loop-AES mode], [aes])
+CS_NUM_WITH([loopaes-keybits],[key length in bits for loop-AES mode], [256])
+
+CS_NUM_WITH([keyfile-size-maxkb],[maximum keyfile size (in kilobytes)], [8192])
+CS_NUM_WITH([passphrase-size-max],[maximum keyfile size (in kilobytes)], [512])
dnl ==========================================================================
AC_CONFIG_FILES([ Makefile
lib/Makefile
lib/libcryptsetup.pc
+lib/crypto_backend/Makefile
lib/luks1/Makefile
+lib/loopaes/Makefile
src/Makefile
po/Makefile.in
man/Makefile
projects / platform / upstream / cryptsetup.git / blobdiff