Add a configure switch to build with NSS.

When it is set, include the NSS headers and libraries as
appropriate.  Doesn't actually use them yet, though.
This commit is contained in:
Nick Mathewson 2018-07-11 12:57:30 -04:00
parent 92db96d80f
commit 79267bad65
5 changed files with 36 additions and 3 deletions

View File

@ -129,6 +129,11 @@ TOR_INTERNAL_TESTING_LIBS = \
TOR_LDFLAGS_CRYPTLIB=@TOR_LDFLAGS_openssl@ TOR_LDFLAGS_CRYPTLIB=@TOR_LDFLAGS_openssl@
TOR_LIBS_CRYPTLIB=@TOR_OPENSSL_LIBS@ TOR_LIBS_CRYPTLIB=@TOR_OPENSSL_LIBS@
TOR_CFLAGS_CRYPTLIB=
if USE_NSS
TOR_CFLAGS_CRYPTLIB+=@NSS_CFLAGS@
TOR_LIBS_CRYPTLIB+=@NSS_LIBS@
endif
# All libraries used to link tor-cov # All libraries used to link tor-cov

View File

@ -53,6 +53,8 @@ AC_ARG_ENABLE(restart-debugging,
AS_HELP_STRING(--enable-restart-debugging, [Build Tor with support for debugging in-process restart. Developers only.])) AS_HELP_STRING(--enable-restart-debugging, [Build Tor with support for debugging in-process restart. Developers only.]))
AC_ARG_ENABLE(zstd-advanced-apis, AC_ARG_ENABLE(zstd-advanced-apis,
AS_HELP_STRING(--disable-zstd-advanced-apis, [Build without support for zstd's "static-only" APIs.])) AS_HELP_STRING(--disable-zstd-advanced-apis, [Build without support for zstd's "static-only" APIs.]))
AC_ARG_ENABLE(nss,
AS_HELP_STRING(--enable-nss, [Use Mozilla's NSS TLS library. (EXPERIMENTAL)]))
if test "x$enable_coverage" != "xyes" -a "x$enable_asserts_in_tests" = "xno" ; then if test "x$enable_coverage" != "xyes" -a "x$enable_asserts_in_tests" = "xno" ; then
AC_MSG_ERROR([Can't disable assertions outside of coverage build]) AC_MSG_ERROR([Can't disable assertions outside of coverage build])
@ -64,6 +66,15 @@ AM_CONDITIONAL(DISABLE_ASSERTS_IN_UNIT_TESTS, test "x$enable_asserts_in_tests" =
AM_CONDITIONAL(LIBFUZZER_ENABLED, test "x$enable_libfuzzer" = "xyes") AM_CONDITIONAL(LIBFUZZER_ENABLED, test "x$enable_libfuzzer" = "xyes")
AM_CONDITIONAL(OSS_FUZZ_ENABLED, test "x$enable_oss_fuzz" = "xyes") AM_CONDITIONAL(OSS_FUZZ_ENABLED, test "x$enable_oss_fuzz" = "xyes")
AM_CONDITIONAL(USE_RUST, test "x$enable_rust" = "xyes") AM_CONDITIONAL(USE_RUST, test "x$enable_rust" = "xyes")
AM_CONDITIONAL(USE_NSS, test "x$enable_nss" = "xyes")
AM_CONDITIONAL(USE_OPENSSL, true)
if test "x$enable_nss" = "xyes"; then
AC_DEFINE(ENABLE_NSS, 1,
[Defined if we're building with NSS in addition to OpenSSL.])
fi
AC_DEFINE(ENABLE_OPENSSL, 1,
[Defined if we're building with OpenSSL or LibreSSL])
if test "$enable_static_tor" = "yes"; then if test "$enable_static_tor" = "yes"; then
enable_static_libevent="yes"; enable_static_libevent="yes";
@ -821,6 +832,17 @@ fi
LIBS="$save_LIBS" LIBS="$save_LIBS"
AC_SUBST(TOR_LIB_MATH) AC_SUBST(TOR_LIB_MATH)
dnl ------------------------------------------------------
dnl Hello, NSS. You're new around here.
if test "x$enable_nss" = "xyes"; then
PKG_CHECK_MODULES(NSS,
[nss],
[have_nss=yes],
[have_nss=no; AC_MSG_ERROR([You asked for NSS but I can't find it.])])
AC_SUBST(NSS_CFLAGS)
AC_SUBST(NSS_LIBS)
fi
dnl ------------------------------------------------------ dnl ------------------------------------------------------
dnl Where do you live, openssl? And how do we call you? dnl Where do you live, openssl? And how do we call you?

View File

@ -22,10 +22,13 @@ src_lib_libtor_crypt_ops_a_SOURCES = \
src/lib/crypt_ops/crypto_util.c \ src/lib/crypt_ops/crypto_util.c \
src/lib/crypt_ops/digestset.c src/lib/crypt_ops/digestset.c
src_lib_libtor_crypt_ops_a_CFLAGS = $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB)
src_lib_libtor_crypt_ops_testing_a_SOURCES = \ src_lib_libtor_crypt_ops_testing_a_SOURCES = \
$(src_lib_libtor_crypt_ops_a_SOURCES) $(src_lib_libtor_crypt_ops_a_SOURCES)
src_lib_libtor_crypt_ops_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS) src_lib_libtor_crypt_ops_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS)
src_lib_libtor_crypt_ops_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS) src_lib_libtor_crypt_ops_testing_a_CFLAGS = \
$(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) $(TEST_CFLAGS)
noinst_HEADERS += \ noinst_HEADERS += \
src/lib/crypt_ops/aes.h \ src/lib/crypt_ops/aes.h \

View File

@ -1,4 +1,4 @@
src_lib_libcurve25519_donna_a_CFLAGS= src_lib_libcurve25519_donna_a_CFLAGS=$(TOR_CFLAGS_CRYPTO)
if BUILD_CURVE25519_DONNA if BUILD_CURVE25519_DONNA
src_lib_libcurve25519_donna_a_SOURCES=\ src_lib_libcurve25519_donna_a_SOURCES=\

View File

@ -9,10 +9,13 @@ src_lib_libtor_tls_a_SOURCES = \
src/lib/tls/buffers_tls.c \ src/lib/tls/buffers_tls.c \
src/lib/tls/tortls.c src/lib/tls/tortls.c
src_lib_libtor_tls_a_CFLAGS = $(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB)
src_lib_libtor_tls_testing_a_SOURCES = \ src_lib_libtor_tls_testing_a_SOURCES = \
$(src_lib_libtor_tls_a_SOURCES) $(src_lib_libtor_tls_a_SOURCES)
src_lib_libtor_tls_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS) src_lib_libtor_tls_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS)
src_lib_libtor_tls_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS) src_lib_libtor_tls_testing_a_CFLAGS = \
$(AM_CFLAGS) $(TOR_CFLAGS_CRYPTLIB) $(TEST_CFLAGS)
noinst_HEADERS += \ noinst_HEADERS += \
src/lib/tls/ciphers.inc \ src/lib/tls/ciphers.inc \