diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | configure.ac | 17 |
2 files changed, 23 insertions, 0 deletions
@@ -1,3 +1,9 @@ +835. [build] fdupont + The configure script checks if OpenSSL supports SHA-2, in order + to avoid very old (and likely subject to unfixed security bugs) + OpenSSL versions. + (Trac #3482, git xxx) + 834. [bug] marcin Corrected the definition of the example DHCPv4 and DHCPv6 address pools in the default kea.conf file. diff --git a/configure.ac b/configure.ac index 016b024fb5..79577ea055 100644 --- a/configure.ac +++ b/configure.ac @@ -817,6 +817,23 @@ EOF #CRYPTO_LDFLAGS="-ldl" CRYPTO_LDFLAGS="" CRYPTO_RPATH="" + dnl Check avaibility of SHA-2 + AC_MSG_CHECKING([support of SHA-2]) + LIBS_SAVED=${LIBS} + LIBS="$LIBS $CRYPTO_LIBS" + CPPFLAGS_SAVED=${CPPFLAGS} + CPPFLAGS="$CRYPTO_INCLUDES $CPPFLAGS" + AC_LINK_IFELSE( + [AC_LANG_PROGRAM([#include <openssl/evp.h>], + [const EVP_MD* h224 = EVP_sha224(); + const EVP_MD* h256 = EVP_sha256(); + const EVP_MD* h384 = EVP_sha384(); + const EVP_MD* h512 = EVP_sha512(); + ])], + [AC_MSG_RESULT([yes])], + [AC_MSG_ERROR([missing EVP entry for SHA-2])]) + LIBS=${LIBS_SAVED} + CPPFLAGS=${CPPFLAGS_SAVED} fi AM_CONDITIONAL(HAVE_BOTAN, test "$CRYPTO_NAME" = "Botan") |