git.sur5r.net Git - freertos/blob - FreeRTOS-Plus/Source/WolfSSL/configure.ac

   1 # configure.ac
   2 #
   3 # Copyright (C) 2006-2015 wolfSSL Inc.
   4 #
   5 # This file is part of wolfSSL. (formerly known as CyaSSL)
   6 #
   7 #
   8
   9 AC_INIT([wolfssl],[3.6.0],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
  10
  11 AC_CONFIG_AUX_DIR([build-aux])
  12
  13 AC_CANONICAL_HOST
  14 AC_CANONICAL_BUILD
  15
  16 AM_INIT_AUTOMAKE([1.11 -Wall -Werror -Wno-portability foreign tar-ustar subdir-objects no-define color-tests])
  17 AC_PREREQ([2.63])
  18
  19 AC_ARG_PROGRAM
  20 AC_DEFUN([PROTECT_AC_USE_SYSTEM_EXTENSIONS],
  21          [AX_SAVE_FLAGS
  22           AC_LANG_PUSH([C])
  23           AC_USE_SYSTEM_EXTENSIONS
  24           AC_LANG_POP([C])
  25           AX_RESTORE_FLAGS
  26           ])
  27 #PROTECT_AC_USE_SYSTEM_EXTENSIONS
  28
  29 AC_CONFIG_MACRO_DIR([m4])
  30
  31 AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
  32
  33 #shared library versioning
  34 WOLFSSL_LIBRARY_VERSION=0:2:0
  35 #                       | | |
  36 #                +------+ | +---+
  37 #                |        |     |
  38 #               current:revision:age
  39 #                |        |     |
  40 #                |        |     +- increment if interfaces have been added
  41 #                |        |        set to zero if interfaces have been removed
  42 #                |        |        or changed
  43 #                |        +- increment if source code has changed
  44 #                |           set to zero if current is incremented
  45 #                +- increment if interfaces have been added, removed or changed
  46 AC_SUBST([WOLFSSL_LIBRARY_VERSION])
  47
  48 # capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even
  49 # if user doesn't override, no way to tell
  50 USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS"
  51
  52 LT_PREREQ([2.2])
  53 LT_INIT([disable-static],[win32-dll])
  54 LT_LANG([C++])
  55 LT_LANG([C])
  56
  57 gl_VISIBILITY
  58 AS_IF([ test -n "$CFLAG_VISIBILITY" ], [
  59        AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY"
  60        CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY"
  61        ])
  62
  63 m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
  64
  65 AC_CHECK_FUNCS([gethostbyname])
  66 AC_CHECK_FUNCS([getaddrinfo])
  67 AC_CHECK_FUNCS([gettimeofday])
  68 AC_CHECK_FUNCS([inet_ntoa])
  69 AC_CHECK_FUNCS([memset])
  70 AC_CHECK_FUNCS([socket])
  71 AC_CHECK_HEADERS([arpa/inet.h])
  72 AC_CHECK_HEADERS([fcntl.h])
  73 AC_CHECK_HEADERS([limits.h])
  74 AC_CHECK_HEADERS([netdb.h])
  75 AC_CHECK_HEADERS([netinet/in.h])
  76 AC_CHECK_HEADERS([stddef.h])
  77 AC_CHECK_HEADERS([sys/ioctl.h])
  78 AC_CHECK_HEADERS([sys/socket.h])
  79 AC_CHECK_HEADERS([sys/time.h])
  80 AC_CHECK_HEADERS([errno.h])
  81 AC_CHECK_LIB(network,socket)
  82 AC_CHECK_SIZEOF(long long, 8)
  83 AC_CHECK_SIZEOF(long, 4)
  84 AC_CHECK_TYPES(__uint128_t)
  85 AC_C_BIGENDIAN
  86 # mktime check takes forever on some systems, if time supported it would be
  87 # highly unusual for mktime to be missing
  88 #AC_FUNC_MKTIME
  89
  90 AC_PROG_CC
  91 AC_PROG_CC_C_O
  92 AC_PROG_CXX
  93 AC_PROG_INSTALL
  94 AC_TYPE_SIZE_T
  95 AC_TYPE_UINT8_T
  96 AM_PROG_AS
  97 AM_PROG_CC_C_O
  98 LT_LIB_M
  99
 100 OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
 101 OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
 102 OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
 103 DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
 104
 105 thread_ls_on=no
 106 # Thread local storage
 107 AX_TLS([
 108         [AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"]
 109         [thread_ls_on=yes]
 110        ] , [:])
 111
 112
 113 # DEBUG
 114 AX_DEBUG
 115 AS_IF([test "$ax_enable_debug" = "yes"],
 116       [AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"],
 117       [AM_CFLAGS="$AM_CFLAGS -DNDEBUG"])
 118
 119
 120 # SINGLE THREADED
 121 AC_ARG_ENABLE([singlethreaded],
 122     [  --enable-singlethreaded Enable wolfSSL single threaded (default: disabled)],
 123     [ ENABLED_SINGLETHREADED=$enableval ],
 124     [ ENABLED_SINGLETHREADED=no ])
 125
 126 AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[
 127        AX_PTHREAD([
 128                    AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.])
 129                    AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS"
 130                    LIBS="$LIBS $PTHREAD_LIBS"
 131                    ],[
 132                       ENABLED_SINGLETHREADED=yes
 133                       ])
 134        ])
 135
 136 AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" ])
 137
 138
 139 # DTLS
 140 AC_ARG_ENABLE([dtls],
 141     [  --enable-dtls           Enable wolfSSL DTLS (default: disabled)],
 142     [ ENABLED_DTLS=$enableval ],
 143     [ ENABLED_DTLS=no ]
 144     )
 145 if test "$ENABLED_DTLS" = "yes"
 146 then
 147   AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
 148 fi
 149
 150
 151 # OPENSSL Extra Compatibility
 152 AC_ARG_ENABLE([opensslextra],
 153     [  --enable-opensslextra   Enable extra OpenSSL API, size+ (default: disabled)],
 154     [ ENABLED_OPENSSLEXTRA=$enableval ],
 155     [ ENABLED_OPENSSLEXTRA=no ]
 156     )
 157 if test "$ENABLED_OPENSSLEXTRA" = "yes"
 158 then
 159   AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
 160 fi
 161
 162 if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
 163 then
 164     AC_MSG_ERROR([cannot enable small and opensslextra, only one or the other.])
 165 fi
 166
 167
 168 # High Strength Build
 169 AC_ARG_ENABLE([maxstrength],
 170     [AS_HELP_STRING([--enable-maxstrength],[Enable Max Strengh build, allows TLSv1.2-AEAD-PFS ciphers only (default: disabled)])],
 171     [ENABLED_MAXSTRENGTH=$enableval],
 172     [ENABLED_MAXSTRENGTH=no])
 173
 174
 175 # IPv6 Test Apps
 176 AC_ARG_ENABLE([ipv6],
 177     [  --enable-ipv6           Enable testing of IPV6 (default: disabled)],
 178     [ ENABLED_IPV6=$enableval ],
 179     [ ENABLED_IPV6=no ]
 180     )
 181
 182 if test "$ENABLED_IPV6" = "yes"
 183 then
 184     AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6"
 185 fi
 186
 187 AM_CONDITIONAL([BUILD_IPV6], [test "x$ENABLED_IPV6" = "xyes"])
 188
 189
 190 # Fortress build
 191 AC_ARG_ENABLE([fortress],
 192     [  --enable-fortress       Enable SSL fortress build (default: disabled)],
 193     [ ENABLED_FORTRESS=$enableval ],
 194     [ ENABLED_FORTRESS=no ]
 195     )
 196
 197 if test "$ENABLED_FORTRESS" = "yes"
 198 then
 199     AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DWOLFSSL_ALWAYS_VERIFY_CB -DOPENSSL_EXTRA -DWOLFSSL_DES_ECB -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT -DWOLFSSL_DER_LOAD -DWOLFSSL_SHA512 -DWOLFSSL_SHA384 -DWOLFSSL_KEY_GEN"
 200 fi
 201
 202
 203 # ssl bump build
 204 AC_ARG_ENABLE([bump],
 205     [  --enable-bump           Enable SSL Bump build (default: disabled)],
 206     [ ENABLED_BUMP=$enableval ],
 207     [ ENABLED_BUMP=no ]
 208     )
 209
 210 if test "$ENABLED_BUMP" = "yes"
 211 then
 212     AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DWOLFSSL_CERT_GEN -DWOLFSSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DWOLFSSL_DER_LOAD -DWOLFSSL_ALT_NAMES -DWOLFSSL_TEST_CERT"
 213 fi
 214
 215 ENABLED_SLOWMATH="yes"
 216
 217 # lean psk build
 218 AC_ARG_ENABLE([leanpsk],
 219     [  --enable-leanpsk        Enable Lean PSK build (default: disabled)],
 220     [ ENABLED_LEANPSK=$enableval ],
 221     [ ENABLED_LEANPSK=no ]
 222     )
 223
 224 if test "$ENABLED_LEANPSK" = "yes"
 225 then
 226     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANPSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_SESSION_CACHE -DNO_DEV_RANDOM -DWOLFSSL_USER_IO -DNO_SHA -DUSE_SLOW_SHA"
 227     ENABLED_SLOWMATH="no"
 228     ENABLED_SINGLETHREADED="yes"
 229 fi
 230
 231 AM_CONDITIONAL([BUILD_LEANPSK], [test "x$ENABLED_LEANPSK" = "xyes"])
 232
 233
 234 # big cache
 235 AC_ARG_ENABLE([bigcache],
 236     [  --enable-bigcache       Enable big session cache (default: disabled)],
 237     [ ENABLED_BIGCACHE=$enableval ],
 238     [ ENABLED_BIGCACHE=no ]
 239     )
 240
 241 if test "$ENABLED_BIGCACHE" = "yes"
 242 then
 243     AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE"
 244 fi
 245
 246
 247 # HUGE cache
 248 AC_ARG_ENABLE([hugecache],
 249     [  --enable-hugecache      Enable huge session cache (default: disabled)],
 250     [ ENABLED_HUGECACHE=$enableval ],
 251     [ ENABLED_HUGECACHE=no ]
 252     )
 253
 254 if test "$ENABLED_HUGECACHE" = "yes"
 255 then
 256     AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE"
 257 fi
 258
 259
 260 # SMALL cache
 261 AC_ARG_ENABLE([smallcache],
 262     [  --enable-smallcache     Enable small session cache (default: disabled)],
 263     [ ENABLED_SMALLCACHE=$enableval ],
 264     [ ENABLED_SMALLCACHE=no ]
 265     )
 266
 267 if test "$ENABLED_SMALLCACHE" = "yes"
 268 then
 269     AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE"
 270 fi
 271
 272
 273 # Persistent session cache
 274 AC_ARG_ENABLE([savesession],
 275     [  --enable-savesession    Enable persistent session cache (default: disabled)],
 276     [ ENABLED_SAVESESSION=$enableval ],
 277     [ ENABLED_SAVESESSION=no ]
 278     )
 279
 280 if test "$ENABLED_SAVESESSION" = "yes"
 281 then
 282     AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
 283 fi
 284
 285
 286 # Persistent cert cache
 287 AC_ARG_ENABLE([savecert],
 288     [  --enable-savecert       Enable persistent cert cache (default: disabled)],
 289     [ ENABLED_SAVECERT=$enableval ],
 290     [ ENABLED_SAVECERT=no ]
 291     )
 292
 293 if test "$ENABLED_SAVECERT" = "yes"
 294 then
 295     AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
 296 fi
 297
 298
 299 # Atomic User Record Layer
 300 AC_ARG_ENABLE([atomicuser],
 301     [  --enable-atomicuser     Enable Atomic User Record Layer (default: disabled)],
 302     [ ENABLED_ATOMICUSER=$enableval ],
 303     [ ENABLED_ATOMICUSER=no ]
 304     )
 305
 306 if test "$ENABLED_ATOMICUSER" = "yes"
 307 then
 308     AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
 309 fi
 310
 311
 312 # Public Key Callbacks
 313 AC_ARG_ENABLE([pkcallbacks],
 314     [  --enable-pkcallbacks    Enable Public Key Callbacks (default: disabled)],
 315     [ ENABLED_PKCALLBACKS=$enableval ],
 316     [ ENABLED_PKCALLBACKS=no ]
 317     )
 318
 319 if test "$ENABLED_PKCALLBACKS" = "yes"
 320 then
 321     AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
 322 fi
 323
 324
 325 # SNIFFER
 326 AC_ARG_ENABLE([sniffer],
 327    [AS_HELP_STRING([--enable-sniffer],[Enable wolfSSL sniffer support (default: disabled)])],
 328    [ ENABLED_SNIFFER=$enableval ],
 329    [ ENABLED_SNIFFER=no ]
 330    )
 331
 332 # sniffer does't work in maxstrength mode
 333 if test "$ENABLED_SNIFFER" = "yes" && test "$ENABLED_MAXSTRENGTH" = "yes"
 334 then
 335     AC_MSG_ERROR([cannot enable maxstrength in sniffer mode.])
 336 fi
 337
 338 ENABLED_SNIFFTEST=no
 339 AS_IF([ test "x$ENABLED_SNIFFER" = "xyes" ],
 340       [
 341           AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SNIFFER -DOPENSSL_EXTRA"
 342           AC_CHECK_HEADERS([pcap/pcap.h],
 343               [ ENABLED_SNIFFTEST=yes ],
 344               [ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]
 345           )
 346       ])
 347
 348 AM_CONDITIONAL([BUILD_SNIFFER],   [ test "x$ENABLED_SNIFFER"   = "xyes" ])
 349 AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ])
 350
 351 # AES-GCM
 352 AC_ARG_ENABLE([aesgcm],
 353     [AS_HELP_STRING([--enable-aesgcm],[Enable wolfSSL AES-GCM support (default: enabled)])],
 354     [ ENABLED_AESGCM=$enableval ],
 355     [ ENABLED_AESGCM=yes ]
 356     )
 357
 358 # lean psk does't need gcm
 359 if test "$ENABLED_LEANPSK" = "yes"
 360 then
 361     ENABLED_AESGCM=no
 362 fi
 363
 364 if test "$ENABLED_AESGCM" = "word32"
 365 then
 366     AM_CFLAGS="$AM_CFLAGS -DGCM_WORD32"
 367     ENABLED_AESGCM=yes
 368 fi
 369
 370 if test "$ENABLED_AESGCM" = "small"
 371 then
 372     AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL"
 373     ENABLED_AESGCM=yes
 374 fi
 375
 376 if test "$ENABLED_AESGCM" = "table"
 377 then
 378     AM_CFLAGS="$AM_CFLAGS -DGCM_TABLE"
 379     ENABLED_AESGCM=yes
 380 fi
 381
 382 if test "$ENABLED_AESGCM" = "yes"
 383 then
 384     AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
 385 fi
 386
 387 AM_CONDITIONAL([BUILD_AESGCM], [test "x$ENABLED_AESGCM" = "xyes"])
 388
 389
 390 # AES-CCM
 391 AC_ARG_ENABLE([aesccm],
 392     [  --enable-aesccm         Enable wolfSSL AES-CCM support (default: disabled)],
 393     [ ENABLED_AESCCM=$enableval ],
 394     [ ENABLED_AESCCM=no ]
 395     )
 396
 397 if test "$ENABLED_AESCCM" = "yes"
 398 then
 399     AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"
 400 fi
 401
 402 AM_CONDITIONAL([BUILD_AESCCM], [test "x$ENABLED_AESCCM" = "xyes"])
 403
 404
 405 # AES-NI
 406 AC_ARG_ENABLE([aesni],
 407     [AS_HELP_STRING([--enable-aesni],[Enable wolfSSL AES-NI support (default: disabled)])],
 408     [ ENABLED_AESNI=$enableval ],
 409     [ ENABLED_AESNI=no ]
 410     )
 411
 412 # INTEL ASM
 413 AC_ARG_ENABLE([intelasm],
 414     [AS_HELP_STRING([--enable-intelasm],[Enable All Intel ASM speedups (default: disabled)])],
 415     [ ENABLED_INTELASM=$enableval ],
 416     [ ENABLED_INTELASM=no ]
 417     )
 418
 419 if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes"
 420 then
 421     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
 422     if test "$GCC" = "yes"
 423     then
 424         # GCC needs these flags, icc doesn't
 425         # opt levels greater than 2 may cause problems on systems w/o aesni
 426         if test "$CC" != "icc"
 427         then
 428             AM_CFLAGS="$AM_CFLAGS -maes -msse4"
 429         fi
 430     fi
 431 fi
 432
 433 if test "$ENABLED_INTELASM" = "yes"
 434 then
 435     AM_CFLAGS="$AM_CFLAGS -DHAVE_INTEL_RDGEN -DUSE_INTEL_SPEEDUP"
 436     ENABLED_AESNI=yes
 437 fi
 438
 439 AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"])
 440
 441
 442 # Camellia
 443 AC_ARG_ENABLE([camellia],
 444     [  --enable-camellia       Enable wolfSSL Camellia support (default: disabled)],
 445     [ ENABLED_CAMELLIA=$enableval ],
 446     [ ENABLED_CAMELLIA=no ]
 447     )
 448
 449 if test "$ENABLED_CAMELLIA" = "yes"
 450 then
 451     AM_CFLAGS="$AM_CFLAGS -DHAVE_CAMELLIA"
 452 fi
 453
 454 AM_CONDITIONAL([BUILD_CAMELLIA], [test "x$ENABLED_CAMELLIA" = "xyes"])
 455
 456
 457 # MD2
 458 AC_ARG_ENABLE([md2],
 459     [  --enable-md2            Enable wolfSSL MD2 support (default: disabled)],
 460     [ ENABLED_MD2=$enableval ],
 461     [ ENABLED_MD2=no ]
 462     )
 463
 464 if test "$ENABLED_BUMP" = "yes"
 465 then
 466     ENABLED_MD2="yes"
 467 fi
 468
 469 if test "$ENABLED_MD2" = "yes"
 470 then
 471     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MD2"
 472 fi
 473
 474 AM_CONDITIONAL([BUILD_MD2], [test "x$ENABLED_MD2" = "xyes"])
 475
 476
 477 # NULL CIPHER
 478 AC_ARG_ENABLE([nullcipher],
 479     [  --enable-nullcipher     Enable wolfSSL NULL cipher support (default: disabled)],
 480     [ ENABLED_NULL_CIPHER=$enableval ],
 481     [ ENABLED_NULL_CIPHER=no ]
 482     )
 483
 484 if test "$ENABLED_NULL_CIPHER" = "yes"
 485 then
 486     AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER"
 487 fi
 488
 489 # RIPEMD
 490 AC_ARG_ENABLE([ripemd],
 491     [  --enable-ripemd         Enable wolfSSL RIPEMD-160 support (default: disabled)],
 492     [ ENABLED_RIPEMD=$enableval ],
 493     [ ENABLED_RIPEMD=no ]
 494     )
 495
 496 if test "$ENABLED_RIPEMD" = "yes"
 497 then
 498     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RIPEMD"
 499 fi
 500
 501 AM_CONDITIONAL([BUILD_RIPEMD], [test "x$ENABLED_RIPEMD" = "xyes"])
 502
 503
 504 # BLAKE2
 505 AC_ARG_ENABLE([blake2],
 506     [  --enable-blake2         Enable wolfSSL BLAKE2 support (default: disabled)],
 507     [ ENABLED_BLAKE2=$enableval ],
 508     [ ENABLED_BLAKE2=no ]
 509     )
 510
 511 if test "$ENABLED_BLAKE2" = "yes"
 512 then
 513     AM_CFLAGS="$AM_CFLAGS -DHAVE_BLAKE2"
 514 fi
 515
 516 AM_CONDITIONAL([BUILD_BLAKE2], [test "x$ENABLED_BLAKE2" = "xyes"])
 517
 518
 519 # set sha512 default
 520 SHA512_DEFAULT=no
 521 if test "$host_cpu" = "x86_64"
 522 then
 523 SHA512_DEFAULT=yes
 524 fi
 525
 526 # SHA512
 527 AC_ARG_ENABLE([sha512],
 528     [AS_HELP_STRING([--enable-sha512],[Enable wolfSSL SHA-512 support (default: enabled on x86_64)])],
 529     [ ENABLED_SHA512=$enableval ],
 530     [ ENABLED_SHA512=$SHA512_DEFAULT ]
 531     )
 532
 533 # lean psk does't need sha512
 534 if test "$ENABLED_LEANPSK" = "yes"
 535 then
 536     ENABLED_SHA512=no
 537 fi
 538
 539 if test "$ENABLED_SHA512" = "yes"
 540 then
 541     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
 542 fi
 543
 544 if test "$ENABLED_FORTRESS" = "yes"
 545 then
 546     ENABLED_SHA512="yes"
 547 fi
 548
 549
 550 AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
 551
 552
 553 # SESSION CERTS
 554 AC_ARG_ENABLE([sessioncerts],
 555     [  --enable-sessioncerts   Enable session cert storing (default: disabled)],
 556     [ ENABLED_SESSIONCERTS=$enableval ],
 557     [ ENABLED_SESSIONCERTS=no ]
 558     )
 559
 560 if test "$ENABLED_SESSIONCERTS" = "yes"
 561 then
 562     AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
 563 fi
 564
 565
 566 # KEY GENERATION
 567 AC_ARG_ENABLE([keygen],
 568     [  --enable-keygen         Enable key generation (default: disabled)],
 569     [ ENABLED_KEYGEN=$enableval ],
 570     [ ENABLED_KEYGEN=no ]
 571     )
 572
 573 if test "$ENABLED_KEYGEN" = "yes"
 574 then
 575     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
 576 fi
 577
 578
 579 # CERT GENERATION
 580 AC_ARG_ENABLE([certgen],
 581     [  --enable-certgen        Enable cert generation (default: disabled)],
 582     [ ENABLED_CERTGEN=$enableval ],
 583     [ ENABLED_CERTGEN=no ]
 584     )
 585
 586 if test "$ENABLED_CERTGEN" = "yes"
 587 then
 588     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
 589 fi
 590
 591
 592 # CERT REQUEST GENERATION
 593 AC_ARG_ENABLE([certreq],
 594     [  --enable-certreq        Enable cert request generation (default: disabled)],
 595     [ ENABLED_CERTREQ=$enableval ],
 596     [ ENABLED_CERTREQ=no ]
 597     )
 598
 599 if test "$ENABLED_CERTREQ" = "yes"
 600 then
 601     if test "$ENABLED_CERTGEN" = "no"
 602     then
 603         AC_MSG_ERROR([cannot enable certreq without enabling certgen.])
 604     fi
 605     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
 606 fi
 607
 608
 609 # SEP
 610 AC_ARG_ENABLE([sep],
 611     [  --enable-sep            Enable sep extensions (default: disabled)],
 612     [ ENABLED_SEP=$enableval ],
 613     [ ENABLED_SEP=no ]
 614     )
 615 if test "$ENABLED_SEP" = "yes"
 616 then
 617   AM_CFLAGS="-DWOLFSSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS"
 618 fi
 619
 620
 621 # HKDF
 622 AC_ARG_ENABLE([hkdf],
 623     [  --enable-hkdf           Enable HKDF (HMAC-KDF) support (default: disabled)],
 624     [ ENABLED_HKDF=$enableval ],
 625     [ ENABLED_HKDF=no ]
 626     )
 627 if test "$ENABLED_HKDF" = "yes"
 628 then
 629   AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF"
 630 fi
 631
 632
 633 # DSA
 634 AC_ARG_ENABLE([dsa],
 635     [  --enable-dsa            Enable DSA (default: disabled)],
 636     [ ENABLED_DSA=$enableval ],
 637     [ ENABLED_DSA=no ]
 638     )
 639
 640 if test "$ENABLED_DSA" = "no"
 641 then
 642     AM_CFLAGS="$AM_CFLAGS -DNO_DSA"
 643 fi
 644
 645 AM_CONDITIONAL([BUILD_DSA], [test "x$ENABLED_DSA" = "xyes"])
 646
 647
 648 # set ecc default
 649 ECC_DEFAULT=no
 650
 651 if test "$host_cpu" = "x86_64"
 652 then
 653 ECC_DEFAULT=yes
 654 fi
 655
 656 # ECC
 657 AC_ARG_ENABLE([ecc],
 658     [AS_HELP_STRING([--enable-ecc],[Enable ECC (default: enabled on x86_64)])],
 659     [ ENABLED_ECC=$enableval ],
 660     [ ENABLED_ECC=$ECC_DEFAULT ]
 661     )
 662
 663 # lean psk does't need ecc
 664 if test "$ENABLED_LEANPSK" = "yes"
 665 then
 666     ENABLED_ECC=no
 667 fi
 668
 669 if test "$ENABLED_ECC" = "yes"
 670 then
 671     AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
 672 fi
 673
 674 AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
 675
 676
 677 if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes"
 678 then
 679     AC_MSG_ERROR([cannot enable ecc and small, ecc requires TLS which small turns off.])
 680 fi
 681
 682
 683 # for using memory optimization setting on both curve25519 and ed25519
 684 ENABLED_CURVED25519_SMALL=no
 685
 686 # CURVE25519
 687 AC_ARG_ENABLE([curve25519],
 688     [AS_HELP_STRING([--enable-curve25519],[Enable Curve25519 (default: disabled)])],
 689     [ ENABLED_CURVE25519=$enableval ],
 690     [ ENABLED_CURVE25519=no ]
 691     )
 692
 693
 694 if test "$ENABLED_CURVE25519" = "small"
 695 then
 696     AM_CFLAGS="$AM_CFLAGS -DCURVED25519_SMALL"
 697     ENABLED_CURVED25519_SMALL=yes
 698     ENABLED_CURVE25519=yes
 699 fi
 700
 701 if test "$ENABLED_CURVE25519" = "yes"
 702 then
 703     AM_CFLAGS="$AM_CFLAGS -DHAVE_CURVE25519"
 704     ENABLED_FEMATH=yes
 705 fi
 706
 707
 708 AM_CONDITIONAL([BUILD_CURVE25519], [test "x$ENABLED_CURVE25519" = "xyes"])
 709
 710
 711 # ED25519
 712 AC_ARG_ENABLE([ed25519],
 713     [AS_HELP_STRING([--enable-ed25519],[Enable ED25519 (default: disabled)])],
 714     [ ENABLED_ED25519=$enableval ],
 715     [ ENABLED_ED25519=no ]
 716     )
 717
 718
 719 if test "$ENABLED_ED25519" = "small"
 720 then
 721     AM_CFLAGS="$AM_CFLAGS -DCURVED25519_SMALL"
 722     ENABLED_CURVED25519_SMALL=yes
 723     ENABLED_ED25519=yes
 724 fi
 725
 726 if test "$ENABLED_ED25519" = "yes"
 727 then
 728     if test "$ENABLED_SHA512" = "no"
 729     then
 730         AC_MSG_ERROR([cannot enable ed25519 without enabling sha512.])
 731     fi
 732     ENABLED_FEMATH=yes
 733     ENABLED_GEMATH=yes
 734     AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"
 735 fi
 736
 737 AM_CONDITIONAL([BUILD_ED25519], [test "x$ENABLED_ED25519" = "xyes"])
 738 AM_CONDITIONAL([BUILD_CURVED25519_SMALL], [test "x$ENABLED_CURVED25519_SMALL" = "xyes"])
 739 AM_CONDITIONAL([BUILD_FEMATH],  [test "x$ENABLED_FEMATH" = "xyes"])
 740 AM_CONDITIONAL([BUILD_GEMATH],  [test "x$ENABLED_GEMATH" = "xyes"])
 741
 742 # FP ECC, Fixed Point cache ECC
 743 AC_ARG_ENABLE([fpecc],
 744     [  --enable-fpecc          Enable Fixed Point cache ECC (default: disabled)],
 745     [ ENABLED_FPECC=$enableval ],
 746     [ ENABLED_FPECC=no ]
 747     )
 748
 749 if test "$ENABLED_FPECC" = "yes"
 750 then
 751     if test "$ENABLED_ECC" = "no"
 752     then
 753         AC_MSG_ERROR([cannot enable fpecc without enabling ecc.])
 754     fi
 755     AM_CFLAGS="$AM_CFLAGS -DFP_ECC"
 756 fi
 757
 758
 759 # ECC encrypt
 760 AC_ARG_ENABLE([eccencrypt],
 761     [  --enable-eccencrypt     Enable ECC encrypt (default: disabled)],
 762     [ ENABLED_ECC_ENCRYPT=$enableval ],
 763     [ ENABLED_ECC_ENCRYPT=no ]
 764     )
 765
 766 if test "$ENABLED_ECC_ENCRYPT" = "yes"
 767 then
 768     if test "$ENABLED_ECC" = "no"
 769     then
 770         AC_MSG_ERROR([cannot enable eccencrypt without enabling ecc.])
 771     fi
 772     if test "$ENABLED_HKDF" = "no"
 773     then
 774         AC_MSG_ERROR([cannot enable eccencrypt without enabling hkdf.])
 775     fi
 776     AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT"
 777 fi
 778
 779
 780 # PSK
 781 AC_ARG_ENABLE([psk],
 782     [  --enable-psk            Enable PSK (default: disabled)],
 783     [ ENABLED_PSK=$enableval ],
 784     [ ENABLED_PSK=no ]
 785     )
 786
 787 if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no"
 788 then
 789     AM_CFLAGS="$AM_CFLAGS -DNO_PSK"
 790 fi
 791
 792 if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "yes"
 793 then
 794     ENABLED_PSK=yes
 795 fi
 796
 797
 798 # ERROR STRINGS
 799 AC_ARG_ENABLE([errorstrings],
 800     [  --enable-errorstrings   Enable error strings table (default: enabled)],
 801     [ ENABLED_ERROR_STRINGS=$enableval ],
 802     [ ENABLED_ERROR_STRINGS=yes ]
 803     )
 804
 805 if test "$ENABLED_ERROR_STRINGS" = "no"
 806 then
 807     AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
 808 else
 809     # turn off error strings if leanpsk on
 810     if test "$ENABLED_LEANPSK" = "yes"
 811     then
 812         AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
 813         ENABLED_ERROR_STRINGS=no
 814     fi
 815 fi
 816
 817
 818 # OLD TLS
 819 AC_ARG_ENABLE([oldtls],
 820     [  --enable-oldtls         Enable old TLS versions < 1.2 (default: enabled)],
 821     [ ENABLED_OLD_TLS=$enableval ],
 822     [ ENABLED_OLD_TLS=yes ]
 823     )
 824
 825 if test "$ENABLED_OLD_TLS" = "no"
 826 then
 827     AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
 828 else
 829     # turn off old if leanpsk on
 830     if test "$ENABLED_LEANPSK" = "yes"
 831     then
 832         AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
 833         ENABLED_OLD_TLS=no
 834     fi
 835 fi
 836
 837
 838 # STACK SIZE info for examples
 839 AC_ARG_ENABLE([stacksize],
 840     [  --enable-stacksize      Enable stack size info on examples (default: disabled)],
 841     [ ENABLED_STACKSIZE=$enableval ],
 842     [ ENABLED_STACKSIZE=no ]
 843     )
 844
 845 if test "$ENABLED_STACKSIZE" = "yes"
 846 then
 847     AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
 848     AC_CHECK_FUNC([pthread_attr_setstack], [], AC_CHECK_LIB([pthread],[pthread_attr_setstack]))
 849     AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DWOLFSSL_LOW_MEMORY"
 850 fi
 851
 852
 853 # MEMORY
 854 AC_ARG_ENABLE([memory],
 855     [  --enable-memory         Enable memory callbacks (default: enabled)],
 856     [ ENABLED_MEMORY=$enableval ],
 857     [ ENABLED_MEMORY=yes ]
 858     )
 859
 860 if test "$ENABLED_MEMORY" = "no"
 861 then
 862     AM_CFLAGS="$AM_CFLAGS -DNO_WOLFSSL_MEMORY"
 863 else
 864     # turn off memory cb if leanpsk on
 865     if test "$ENABLED_LEANPSK" = "yes"
 866     then
 867         # but don't turn on NO_WOLFSSL_MEMORY because using own
 868         ENABLED_MEMORY=no
 869     fi
 870 fi
 871
 872 AM_CONDITIONAL([BUILD_MEMORY], [test "x$ENABLED_MEMORY" = "xyes"])
 873
 874
 875 # RSA
 876 AC_ARG_ENABLE([rsa],
 877     [  --enable-rsa            Enable RSA (default: enabled)],
 878     [ ENABLED_RSA=$enableval ],
 879     [ ENABLED_RSA=yes ]
 880     )
 881
 882 if test "$ENABLED_RSA" = "no"
 883 then
 884     AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
 885 else
 886     # turn off RSA if leanpsk on
 887     if test "$ENABLED_LEANPSK" = "yes"
 888     then
 889         AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
 890         ENABLED_RSA=no
 891     fi
 892 fi
 893
 894 AM_CONDITIONAL([BUILD_RSA], [test "x$ENABLED_RSA" = "xyes"])
 895
 896
 897 # DH
 898 AC_ARG_ENABLE([dh],
 899     [AS_HELP_STRING([--enable-dh],[Enable DH (default: enabled)])],
 900     [ ENABLED_DH=$enableval ],
 901     [ ENABLED_DH=yes ]
 902     )
 903
 904 if test "$ENABLED_DH" = "no"
 905 then
 906     AM_CFLAGS="$AM_CFLAGS -DNO_DH"
 907 else
 908     # turn off DH if leanpsk on
 909     if test "$ENABLED_LEANPSK" = "yes"
 910     then
 911         AM_CFLAGS="$AM_CFLAGS -DNO_DH"
 912         ENABLED_DH=no
 913     fi
 914 fi
 915
 916 AM_CONDITIONAL([BUILD_DH], [test "x$ENABLED_DH" = "xyes"])
 917
 918
 919 # Anonymous
 920 AC_ARG_ENABLE([anon],
 921     [AS_HELP_STRING([--enable-anon],[Enable Anonymous (default: disabled)])],
 922     [ ENABLED_ANON=$enableval ],
 923     [ ENABLED_ANON=no ]
 924     )
 925
 926
 927 if test "x$ENABLED_ANON" = "xyes"
 928 then
 929     if test "x$ENABLED_DH" != "xyes"
 930     then
 931         AC_MSG_ERROR([Anonymous suite requires DH.])
 932     fi
 933     AM_CFLAGS="$AM_CFLAGS -DHAVE_ANON"
 934 fi
 935
 936
 937 # ASN
 938 # turn off asn, which means no certs, no rsa, no dsa, no ecc,
 939 # and no big int (unless dh is on)
 940 AC_ARG_ENABLE([asn],
 941     [  --enable-asn            Enable ASN (default: enabled)],
 942     [ ENABLED_ASN=$enableval ],
 943     [ ENABLED_ASN=yes ]
 944     )
 945
 946 if test "$ENABLED_ASN" = "no"
 947 then
 948     AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS"
 949     if test "$ENABLED_DH" = "no"
 950     then
 951         # DH needs bigint
 952         AM_CFLAGS="$AM_CFLAGS -DNO_BIG_INT"
 953     fi
 954 else
 955     # turn off ASN if leanpsk on
 956     if test "$ENABLED_LEANPSK" = "yes"
 957     then
 958         AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
 959         ENABLED_ASN=no
 960     fi
 961 fi
 962
 963 if test "$ENABLED_RSA" = "yes" && test "$ENABLED_ASN" = "no"
 964 then
 965     AC_MSG_ERROR([please disable rsa if disabling asn.])
 966 fi
 967
 968 if test "$ENABLED_DSA" = "yes" && test "$ENABLED_ASN" = "no"
 969 then
 970     AC_MSG_ERROR([please disable dsa if disabling asn.])
 971 fi
 972
 973 if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no"
 974 then
 975     AC_MSG_ERROR([please disable ecc if disabling asn.])
 976 fi
 977
 978 if test "$ENABLED_PSK" = "no" && test "$ENABLED_ASN" = "no"
 979 then
 980     AC_MSG_ERROR([please enable psk if disabling asn.])
 981 fi
 982
 983 # DH needs bigint
 984 if test "$ENABLED_ASN" = "no" && test "$ENABLED_DH" = "no"
 985 then
 986     ENABLED_FASTMATH=no
 987     ENABLED_SLOWMATH=no
 988 fi
 989
 990 AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" = "xyes"])
 991
 992
 993 # AES
 994 AC_ARG_ENABLE([aes],
 995     [  --enable-aes            Enable AES (default: enabled)],
 996     [ ENABLED_AES=$enableval ],
 997     [ ENABLED_AES=yes ]
 998     )
 999
1000 if test "$ENABLED_AES" = "no"
1001 then
1002     AM_CFLAGS="$AM_CFLAGS -DNO_AES"
1003     if test "$ENABLED_AESGCM" = "yes"
1004     then
1005         AC_MSG_ERROR([AESGCM requires AES.])
1006     fi
1007     if test "$ENABLED_AESCCM" = "yes"
1008     then
1009         AC_MSG_ERROR([AESCCM requires AES.])
1010     fi
1011 else
1012     # turn off AES if leanpsk on
1013     if test "$ENABLED_LEANPSK" = "yes"
1014     then
1015         AM_CFLAGS="$AM_CFLAGS -DNO_AES"
1016         ENABLED_AES=no
1017     fi
1018 fi
1019
1020 AM_CONDITIONAL([BUILD_AES], [test "x$ENABLED_AES" = "xyes"])
1021
1022
1023 # CODING
1024 AC_ARG_ENABLE([coding],
1025     [  --enable-coding         Enable Coding base 16/64 (default: enabled)],
1026     [ ENABLED_CODING=$enableval ],
1027     [ ENABLED_CODING=yes ]
1028     )
1029
1030 if test "$ENABLED_CODING" = "no"
1031 then
1032     AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
1033 else
1034     # turn off CODING if leanpsk on
1035     if test "$ENABLED_LEANPSK" = "yes"
1036     then
1037         AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
1038         ENABLED_CODING=no
1039     fi
1040 fi
1041
1042 AM_CONDITIONAL([BUILD_CODING], [test "x$ENABLED_CODING" = "xyes"])
1043
1044
1045 # DES3
1046 AC_ARG_ENABLE([des3],
1047     [  --enable-des3           Enable DES3 (default: enabled)],
1048     [ ENABLED_DES3=$enableval ],
1049     [ ENABLED_DES3=yes ]
1050     )
1051
1052 if test "$ENABLED_DES3" = "no"
1053 then
1054     AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
1055 else
1056     # turn off DES3 if leanpsk on
1057     if test "$ENABLED_LEANPSK" = "yes"
1058     then
1059         AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
1060         ENABLED_DES3=no
1061     fi
1062 fi
1063
1064 AM_CONDITIONAL([BUILD_DES3], [test "x$ENABLED_DES3" = "xyes"])
1065
1066
1067 # ARC4
1068 AC_ARG_ENABLE([arc4],
1069     [  --enable-arc4           Enable ARC4 (default: disabled)],
1070     [ ENABLED_ARC4=$enableval ],
1071     [ ENABLED_ARC4=no ]
1072     )
1073
1074 if test "$ENABLED_ARC4" = "no"
1075 then
1076     AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
1077 else
1078     # turn off ARC4 if leanpsk on
1079     if test "$ENABLED_LEANPSK" = "yes"
1080     then
1081         AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
1082         ENABLED_ARC4=no
1083     fi
1084 fi
1085
1086 AM_CONDITIONAL([BUILD_RC4], [test "x$ENABLED_ARC4" = "xyes"])
1087
1088
1089 # MD5
1090 AC_ARG_ENABLE([md5],
1091     [  --enable-md5            Enable MD5 (default: enabled)],
1092     [ ENABLED_MD5=$enableval ],
1093     [ ENABLED_MD5=yes ]
1094     )
1095
1096 if test "$ENABLED_MD5" = "no"
1097 then
1098     AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
1099 else
1100     # turn off MD5 if leanpsk on
1101     if test "$ENABLED_LEANPSK" = "yes"
1102     then
1103         AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
1104         ENABLED_MD5=no
1105     fi
1106 fi
1107
1108 AM_CONDITIONAL([BUILD_MD5], [test "x$ENABLED_MD5" = "xyes"])
1109
1110
1111 # SHA
1112 AC_ARG_ENABLE([sha],
1113     [  --enable-sha            Enable SHA (default: enabled)],
1114     [ ENABLED_SHA=$enableval ],
1115     [ ENABLED_SHA=yes ]
1116     )
1117
1118 if test "$ENABLED_SHA" = "no"
1119 then
1120     AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
1121 else
1122     # turn off SHA if leanpsk on
1123     if test "$ENABLED_LEANPSK" = "yes"
1124     then
1125         AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
1126         ENABLED_SHA=no
1127     fi
1128 fi
1129
1130 AM_CONDITIONAL([BUILD_SHA], [test "x$ENABLED_SHA" = "xyes"])
1131
1132
1133 # MD4
1134 AC_ARG_ENABLE([md4],
1135     [  --enable-md4            Enable MD4 (default: disabled)],
1136     [ ENABLED_MD4=$enableval ],
1137     [ ENABLED_MD4=no ]
1138     )
1139
1140 if test "$ENABLED_MD4" = "no"
1141 then
1142     AM_CFLAGS="$AM_CFLAGS -DNO_MD4"
1143 fi
1144
1145 AM_CONDITIONAL([BUILD_MD4], [test "x$ENABLED_MD4" = "xyes"])
1146
1147
1148 # Web Server Build
1149 AC_ARG_ENABLE([webserver],
1150     [  --enable-webserver      Enable Web Server (default: disabled)],
1151     [ ENABLED_WEBSERVER=$enableval ],
1152     [ ENABLED_WEBSERVER=no ]
1153     )
1154
1155 if test "$ENABLED_WEBSERVER" = "yes"
1156 then
1157     AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER"
1158 fi
1159
1160
1161
1162 # HC128
1163 AC_ARG_ENABLE([hc128],
1164     [  --enable-hc128          Enable HC-128 (default: disabled)],
1165     [ ENABLED_HC128=$enableval ],
1166     [ ENABLED_HC128=no ]
1167     )
1168
1169 if test "$ENABLED_HC128" = "no"
1170 then
1171     AM_CFLAGS="$AM_CFLAGS -DNO_HC128"
1172 else
1173     AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128"
1174 fi
1175
1176 AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"])
1177
1178
1179 # RABBIT
1180 AC_ARG_ENABLE([rabbit],
1181     [  --enable-rabbit         Enable RABBIT (default: disabled)],
1182     [ ENABLED_RABBIT=$enableval ],
1183     [ ENABLED_RABBIT=no ]
1184     )
1185
1186 if test "$ENABLED_RABBIT" = "no"
1187 then
1188     AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT"
1189 else
1190     AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT"
1191 fi
1192
1193 AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"])
1194
1195
1196 # FIPS
1197 AC_ARG_ENABLE([fips],
1198     [AS_HELP_STRING([--enable-fips],[Enable FIPS 140-2, Will NOT work w/o FIPS license (default: disabled)])],
1199     [ ENABLED_FIPS=$enableval ],
1200     [ ENABLED_FIPS=no ]
1201     )
1202
1203 if test "x$ENABLED_FIPS" = "xyes"
1204 then
1205     # requires thread local storage
1206     if test "$thread_ls_on" = "no"
1207     then
1208         AC_MSG_ERROR([FIPS requires Thread Local Storage])
1209     fi
1210     # requires SHA512
1211     if test "x$ENABLED_SHA512" = "xno"
1212     then
1213         ENABLED_SHA512="yes"
1214         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
1215         AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
1216     fi
1217     # requires AESGCM
1218     if test "x$ENABLED_AESGCM" != "xyes"
1219     then
1220         ENABLED_AESGCM="yes"
1221         AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
1222         AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
1223     fi
1224     AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
1225 fi
1226
1227 AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"])
1228
1229
1230 # set POLY1305 default
1231 POLY1305_DEFAULT=yes
1232
1233 if test "x$ENABLED_FIPS" = "xyes"
1234 then
1235 POLY1305_DEFAULT=no
1236 fi
1237
1238 # POLY1305
1239 AC_ARG_ENABLE([poly1305],
1240     [AS_HELP_STRING([--enable-poly1305],[Enable wolfSSL POLY1305 support (default: enabled)])],
1241     [ ENABLED_POLY1305=$enableval ],
1242     [ ENABLED_POLY1305=$POLY1305_DEFAULT]
1243     )
1244
1245 # lean psk does't need poly1305
1246 if test "$ENABLED_LEANPSK" = "yes"
1247 then
1248     ENABLED_POLY1305=no
1249 fi
1250
1251 if test "$ENABLED_POLY1305" = "yes"
1252 then
1253     AM_CFLAGS="$AM_CFLAGS -DHAVE_POLY1305 -DHAVE_ONE_TIME_AUTH"
1254 fi
1255
1256 AM_CONDITIONAL([BUILD_POLY1305], [test "x$ENABLED_POLY1305" = "xyes"])
1257
1258
1259 # set CHACHA default
1260 CHACHA_DEFAULT=yes
1261
1262 if test "x$ENABLED_FIPS" = "xyes"
1263 then
1264 CHACHA_DEFAULT=no
1265 fi
1266
1267 # CHACHA
1268 AC_ARG_ENABLE([chacha],
1269     [  --enable-chacha         Enable CHACHA (default: enabled)],
1270     [ ENABLED_CHACHA=$enableval ],
1271     [ ENABLED_CHACHA=$CHACHA_DEFAULT]
1272     )
1273
1274 # lean psk does't need chacha
1275 if test "$ENABLED_LEANPSK" = "yes"
1276 then
1277     ENABLED_CHACHA=no
1278 fi
1279
1280 if test "$ENABLED_CHACHA" = "yes"
1281 then
1282     AM_CFLAGS="$AM_CFLAGS -DHAVE_CHACHA"
1283 fi
1284
1285 AM_CONDITIONAL([BUILD_CHACHA], [test "x$ENABLED_CHACHA" = "xyes"])
1286
1287
1288 # Hash DRBG
1289 AC_ARG_ENABLE([hashdrbg],
1290     [  --enable-hashdrbg       Enable Hash DRBG support (default: enabled)],
1291     [ ENABLED_HASHDRBG=$enableval ],
1292     [ ENABLED_HASHDRBG=yes ]
1293     )
1294
1295 if test "x$ENABLED_HASHDRBG" = "xyes"
1296 then
1297     AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
1298 else
1299     # turn on Hash DRBG if FIPS is on or ARC4 is off
1300     if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno"
1301     then
1302         AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
1303         ENABLED_HASHDRBG=yes
1304     fi
1305 fi
1306
1307
1308 # Filesystem Build
1309 AC_ARG_ENABLE([filesystem],
1310     [  --enable-filesystem     Enable Filesystem support (default: enabled)],
1311     [ ENABLED_FILESYSTEM=$enableval ],
1312     [ ENABLED_FILESYSTEM=yes ]
1313     )
1314
1315 if test "$ENABLED_FILESYSTEM" = "no"
1316 then
1317     AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
1318 else
1319     # turn off filesystem if leanpsk on
1320     if test "$ENABLED_LEANPSK" = "yes"
1321     then
1322         AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
1323         ENABLED_FILESYSTEM=no
1324     fi
1325 fi
1326
1327
1328 # inline Build
1329 AC_ARG_ENABLE([inline],
1330     [  --enable-inline         Enable inline functions (default: enabled)],
1331     [ ENABLED_INLINE=$enableval ],
1332     [ ENABLED_INLINE=yes ]
1333     )
1334
1335 if test "$ENABLED_INLINE" = "no"
1336 then
1337     AM_CFLAGS="$AM_CFLAGS -DNO_INLINE"
1338 fi
1339
1340 AM_CONDITIONAL([BUILD_INLINE], [test "x$ENABLED_INLINE" = "xyes"])
1341
1342
1343 # OCSP
1344 AC_ARG_ENABLE([ocsp],
1345     [  --enable-ocsp           Enable OCSP (default: disabled)],
1346     [ ENABLED_OCSP=$enableval ],
1347     [ ENABLED_OCSP=no ],
1348     )
1349
1350 if test "$ENABLED_OCSP" = "yes"
1351 then
1352     AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
1353 fi
1354
1355 AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
1356
1357
1358 if test "$ENABLED_OCSP" = "yes"
1359 then
1360     # check openssl command tool for testing ocsp
1361     AC_CHECK_PROG([HAVE_OPENSSL_CMD],[openssl],[yes],[no])
1362
1363     if test "$HAVE_OPENSSL_CMD" = "yes"
1364     then
1365         AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD"
1366     else
1367         AC_MSG_WARN([openssl command line tool not available for testing ocsp])
1368     fi
1369 fi
1370
1371
1372 # CRL
1373 AC_ARG_ENABLE([crl],
1374     [  --enable-crl            Enable CRL (default: disabled)],
1375     [ ENABLED_CRL=$enableval ],
1376     [ ENABLED_CRL=no ],
1377     )
1378
1379 if test "$ENABLED_CRL" = "yes"
1380 then
1381     AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
1382 fi
1383
1384 AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
1385
1386
1387 # CRL Monitor
1388 AC_ARG_ENABLE([crl-monitor],
1389     [  --enable-crl-monitor    Enable CRL Monitor (default: disabled)],
1390     [ ENABLED_CRL_MONITOR=$enableval ],
1391     [ ENABLED_CRL_MONITOR=no ],
1392     )
1393
1394 if test "$ENABLED_CRL_MONITOR" = "yes"
1395 then
1396     case $host_os in
1397     *linux* | *darwin* | *freebsd*)
1398         AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;;
1399     *)
1400         AC_MSG_ERROR([crl monitor only allowed on linux, OS X, or freebsd]) ;;
1401     esac
1402 fi
1403
1404 AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"])
1405
1406
1407 # NTRU
1408 ENABLED_NTRU="no"
1409 tryntrudir=""
1410 AC_ARG_WITH([ntru],
1411     [  --with-ntru=PATH        Path to NTRU install (default /usr/) ],
1412     [
1413         AC_MSG_CHECKING([for NTRU])
1414         CPPFLAGS="$CPPFLAGS -DHAVE_NTRU"
1415         LIBS="$LIBS -lNTRUEncrypt"
1416
1417         AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
1418
1419         if test "x$ntru_linked" == "xno" ; then
1420             if test "x$withval" != "xno" ; then
1421                 tryntrudir=$withval
1422             fi
1423             if test "x$withval" == "xyes" ; then
1424                 tryntrudir="/usr"
1425             fi
1426
1427             LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
1428             CPPFLAGS="$CPPFLAGS -I$tryntrudir/include"
1429
1430             AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
1431
1432             if test "x$ntru_linked" == "xno" ; then
1433                 AC_MSG_ERROR([NTRU isn't found.
1434                 If it's already installed, specify its path using --with-ntru=/dir/])
1435             fi
1436             AC_MSG_RESULT([yes])
1437             AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
1438         else
1439             AC_MSG_RESULT([yes])
1440         fi
1441
1442         AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU"
1443         ENABLED_NTRU="yes"
1444     ]
1445 )
1446
1447 AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
1448
1449 if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes"
1450 then
1451     AC_MSG_ERROR([cannot enable ntru and small, ntru requires TLS which small turns off.])
1452 fi
1453
1454 # SNI
1455 AC_ARG_ENABLE([sni],
1456     [  --enable-sni            Enable SNI (default: disabled)],
1457     [ ENABLED_SNI=$enableval ],
1458     [ ENABLED_SNI=no ]
1459     )
1460
1461 if test "x$ENABLED_SNI" = "xyes"
1462 then
1463     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI"
1464 fi
1465
1466 # Maximum Fragment Length
1467 AC_ARG_ENABLE([maxfragment],
1468     [  --enable-maxfragment    Enable Maximum Fragment Length (default: disabled)],
1469     [ ENABLED_MAX_FRAGMENT=$enableval ],
1470     [ ENABLED_MAX_FRAGMENT=no ]
1471     )
1472
1473 if test "x$ENABLED_MAX_FRAGMENT" = "xyes"
1474 then
1475     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_MAX_FRAGMENT"
1476 fi
1477
1478 # Truncated HMAC
1479 AC_ARG_ENABLE([truncatedhmac],
1480     [  --enable-truncatedhmac  Enable Truncated HMAC (default: disabled)],
1481     [ ENABLED_TRUNCATED_HMAC=$enableval ],
1482     [ ENABLED_TRUNCATED_HMAC=no ]
1483     )
1484
1485 if test "x$ENABLED_TRUNCATED_HMAC" = "xyes"
1486 then
1487     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC"
1488 fi
1489
1490 # Renegotiation Indication - (FAKE Secure Renegotiation)
1491 AC_ARG_ENABLE([renegotiation-indication],
1492     [AS_HELP_STRING([--enable-renegotiation-indication],[Enable Renegotiation Indication (default: disabled)])],
1493     [ ENABLED_RENEGOTIATION_INDICATION=$enableval ],
1494     [ ENABLED_RENEGOTIATION_INDICATION=no ]
1495     )
1496
1497 if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
1498 then
1499     AM_CFLAGS="$AM_CFLAGS -DHAVE_RENEGOTIATION_INDICATION"
1500 fi
1501
1502 # Secure Renegotiation
1503 AC_ARG_ENABLE([secure-renegotiation],
1504     [AS_HELP_STRING([--enable-secure-renegotiation],[Enable Secure Renegotiation (default: disabled)])],
1505     [ ENABLED_SECURE_RENEGOTIATION=$enableval ],
1506     [ ENABLED_SECURE_RENEGOTIATION=no ]
1507     )
1508
1509 if test "x$ENABLED_SECURE_RENEGOTIATION" = "xyes"
1510 then
1511     if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
1512     then
1513         AC_MSG_ERROR([cannot enable renegotiation-indication and secure-renegotiation.])
1514     fi
1515     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SECURE_RENEGOTIATION"
1516 fi
1517
1518 # Supported Elliptic Curves Extensions
1519 AC_ARG_ENABLE([supportedcurves],
1520     [AS_HELP_STRING([--enable-supportedcurves],[Enable Supported Elliptic Curves (default: disabled)])],
1521     [ ENABLED_SUPPORTED_CURVES=$enableval ],
1522     [ ENABLED_SUPPORTED_CURVES=no ]
1523     )
1524
1525 if test "x$ENABLED_SUPPORTED_CURVES" = "xyes"
1526 then
1527     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES"
1528 fi
1529
1530 # Session Ticket Extension
1531 AC_ARG_ENABLE([session-ticket],
1532     [AS_HELP_STRING([--enable-session-ticket],[Enable Session Ticket (default: disabled)])],
1533     [ ENABLED_SESSION_TICKET=$enableval ],
1534     [ ENABLED_SESSION_TICKET=no ]
1535     )
1536
1537 if test "x$ENABLED_SESSION_TICKET" = "xyes"
1538 then
1539     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SESSION_TICKET"
1540 fi
1541
1542 # TLS Extensions
1543 AC_ARG_ENABLE([tlsx],
1544     [  --enable-tlsx           Enable all TLS Extensions (default: disabled)],
1545     [ ENABLED_TLSX=$enableval ],
1546     [ ENABLED_TLSX=no ]
1547     )
1548
1549 if test "x$ENABLED_TLSX" = "xyes"
1550 then
1551         ENABLED_SNI=yes
1552         ENABLED_MAX_FRAGMENT=yes
1553         ENABLED_TRUNCATED_HMAC=yes
1554         ENABLED_SUPPORTED_CURVES=yes
1555     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES"
1556 fi
1557
1558 # PKCS7
1559 AC_ARG_ENABLE([pkcs7],
1560     [  --enable-pkcs7          Enable PKCS7 (default: disabled)],
1561     [ ENABLED_PKCS7=$enableval ],
1562     [ ENABLED_PKCS7=no ],
1563     )
1564
1565 if test "$ENABLED_PKCS7" = "yes"
1566 then
1567     AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
1568 fi
1569
1570 AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
1571
1572
1573 # Simple Certificate Enrollment Protocol (SCEP)
1574 AC_ARG_ENABLE([scep],
1575     [  --enable-scep           Enable wolfSCEP (default: disabled)],
1576     [ ENABLED_WOLFSCEP=$enableval ],
1577     [ ENABLED_WOLFSCEP=no ]
1578     )
1579 if test "$ENABLED_WOLFSCEP" = "yes"
1580 then
1581     # Enable prereqs if not already enabled
1582     if test "x$ENABLED_KEYGEN" = "xno"
1583     then
1584         ENABLED_KEYGEN="yes"
1585         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
1586     fi
1587     if test "x$ENABLED_CERTGEN" = "xno"
1588     then
1589         ENABLED_CERTGEN="yes"
1590         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
1591     fi
1592     if test "x$ENABLED_CERTREQ" = "xno"
1593     then
1594         ENABLED_CERTREQ="yes"
1595         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
1596     fi
1597     if test "x$ENABLED_PKCS7" = "xno"
1598     then
1599         ENABLED_PKCS7="yes"
1600         AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
1601         AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
1602     fi
1603     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_WOLFSCEP"
1604 fi
1605
1606
1607 # Small Stack
1608 AC_ARG_ENABLE([smallstack],
1609     [  --enable-smallstack     Enable Small Stack Usage (default: disabled)],
1610     [ ENABLED_SMALL_STACK=$enableval ],
1611     [ ENABLED_SMALL_STACK=no ]
1612     )
1613
1614 if test "x$ENABLED_SMALL_STACK" = "xyes"
1615 then
1616     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SMALL_STACK"
1617 fi
1618
1619
1620 #valgrind
1621 AC_ARG_ENABLE([valgrind],
1622     [  --enable-valgrind       Enable valgrind for unit tests (default: disabled)],
1623     [ ENABLED_VALGRIND=$enableval ],
1624     [ ENABLED_VALGRIND=no ]
1625     )
1626
1627 if test "$ENABLED_VALGRIND" = "yes"
1628 then
1629     AC_CHECK_PROG([HAVE_VALGRIND],[valgrind],[yes],[no])
1630
1631     if test "$HAVE_VALGRIND" = "no"
1632     then
1633         AC_MSG_ERROR([Valgrind not found.])
1634     fi
1635     enable_shared=no
1636     enable_static=yes
1637     AM_CFLAGS="$AM_CFLAGS -DHAVE_VALGRIND"
1638 fi
1639
1640 AM_CONDITIONAL([USE_VALGRIND], [test "x$ENABLED_VALGRIND" = "xyes"])
1641
1642
1643 # Test certs, use internal cert functions for extra testing
1644 AC_ARG_ENABLE([testcert],
1645     [  --enable-testcert       Enable Test Cert (default: disabled)],
1646     [ ENABLED_TESTCERT=$enableval ],
1647     [ ENABLED_TESTCERT=no ]
1648     )
1649
1650 if test "$ENABLED_TESTCERT" = "yes"
1651 then
1652     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TEST_CERT"
1653 fi
1654
1655
1656 # I/O Pool, an example to show user how to override memory handler and use
1657 # a pool for the input/output buffer requests
1658 AC_ARG_ENABLE([iopool],
1659     [  --enable-iopool         Enable I/O Pool example (default: disabled)],
1660     [ ENABLED_IOPOOL=$enableval ],
1661     [ ENABLED_IOPOOL=no ]
1662     )
1663
1664 if test "$ENABLED_IOPOOL" = "yes"
1665 then
1666     if test "$thread_ls_on" = "no"
1667     then
1668         AC_MSG_ERROR([I/O Pool example requires Thread Local Storage])
1669     fi
1670     AM_CFLAGS="$AM_CFLAGS -DHAVE_IO_POOL -DXMALLOC_USER"
1671 fi
1672
1673
1674 # Certificate Service Support
1675 AC_ARG_ENABLE([certservice],
1676     [  --enable-certservice    Enable cert service (default: disabled)],
1677     [ ENABLED_CERT_SERVICE=$enableval ],
1678     [ ENABLED_CERT_SERVICE=no ]
1679     )
1680 if test "$ENABLED_CERT_SERVICE" = "yes"
1681 then
1682     # Requires ecc,certgen, and opensslextra make sure on
1683     if test "x$ENABLED_CERTGEN" = "xno"
1684     then
1685         ENABLED_CERTGEN="yes"
1686         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
1687     fi
1688     if test "x$ENABLED_ECC" = "xno"
1689     then
1690         ENABLED_ECC="yes"
1691         AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
1692         AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
1693     fi
1694     if test "x$ENABLED_OPENSSLEXTRA" = "xno"
1695     then
1696         ENABLED_OPENSSLEXTRA="yes"
1697         AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
1698     fi
1699     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_CERT_SERVICE"
1700 fi
1701
1702
1703 # PWDBASED has to come after certservice since we want it on w/o explicit on
1704 # PWDBASED
1705 AC_ARG_ENABLE([pwdbased],
1706     [  --enable-pwdbased       Enable PWDBASED (default: disabled)],
1707     [ ENABLED_PWDBASED=$enableval ],
1708     [ ENABLED_PWDBASED=no ]
1709     )
1710
1711 if test "$ENABLED_PWDBASED" = "no"
1712 then
1713     if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes"
1714     then
1715         # opensslextra and webserver needs pwdbased
1716         ENABLED_PWDBASED=yes
1717     else
1718         AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED"
1719     fi
1720 fi
1721
1722 AM_CONDITIONAL([BUILD_PWDBASED], [test "x$ENABLED_PWDBASED" = "xyes"])
1723
1724
1725 # set fastmath default
1726 FASTMATH_DEFAULT=no
1727
1728 if test "$host_cpu" = "x86_64"
1729 then
1730 FASTMATH_DEFAULT=yes
1731 fi
1732
1733 # fastmath
1734 AC_ARG_ENABLE([fastmath],
1735     [  --enable-fastmath       Enable fast math ops (default: enabled on x86_64)],
1736     [ ENABLED_FASTMATH=$enableval ],
1737     [ ENABLED_FASTMATH=$FASTMATH_DEFAULT]
1738     )
1739
1740 if test "x$ENABLED_FASTMATH" = "xyes"
1741 then
1742     # turn off fastmth if leanpsk on or asn off (w/o dh)
1743     if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
1744     then
1745         if test "$ENABLED_DH" = "no"
1746         then
1747             ENABLED_FASTMATH=no
1748         else
1749             AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
1750             ENABLED_SLOWMATH="no"
1751         fi
1752     else
1753         AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
1754         ENABLED_SLOWMATH="no"
1755     fi
1756     if test "$host_cpu" = "x86_64"
1757     then
1758         # Have settings.h set FP_MAX_BITS higher if user didn't set directly
1759         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_X86_64_BUILD"
1760     fi
1761 fi
1762
1763
1764 # fast HUGE math
1765 AC_ARG_ENABLE([fasthugemath],
1766     [  --enable-fasthugemath   Enable fast math + huge code (default: disabled)],
1767     [ ENABLED_FASTHUGEMATH=$enableval ],
1768     [ ENABLED_FASTHUGEMATH=no ]
1769     )
1770
1771 if test "$ENABLED_BUMP" = "yes"
1772 then
1773     ENABLED_FASTHUGEMATH="yes"
1774 fi
1775
1776 if test "$ENABLED_FASTHUGEMATH" = "yes"
1777 then
1778     ENABLED_FASTMATH="yes"
1779     AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
1780     ENABLED_SLOWMATH="no"
1781 fi
1782
1783 AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"])
1784 AM_CONDITIONAL([BUILD_SLOWMATH], [test "x$ENABLED_SLOWMATH" = "xyes"])
1785
1786
1787 # Enable Examples, used to disable examples
1788 AC_ARG_ENABLE([examples],
1789     [  --enable-examples       Enable Examples  (default: enabled)],
1790     [ ENABLED_EXAMPLES=$enableval ],
1791     [ ENABLED_EXAMPLES=yes ]
1792     )
1793
1794 AS_IF([test "x$ENABLED_FILESYSTEM" = "xno"], [ENABLED_EXAMPLES="no"])
1795 AS_IF([test "x$ENABLED_INLINE" = "xno"], [ENABLED_EXAMPLES="no"])
1796 AM_CONDITIONAL([BUILD_EXAMPLES], [test "x$ENABLED_EXAMPLES" = "xyes"])
1797
1798
1799 # LIBZ
1800 ENABLED_LIBZ="no"
1801 trylibzdir=""
1802 AC_ARG_WITH([libz],
1803     [  --with-libz=PATH        PATH to libz install (default /usr/) ],
1804     [
1805         AC_MSG_CHECKING([for libz])
1806         CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
1807         LIBS="$LIBS -lz"
1808
1809         AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
1810
1811         if test "x$libz_linked" == "xno" ; then
1812             if test "x$withval" != "xno" ; then
1813                 trylibzdir=$withval
1814             fi
1815             if test "x$withval" == "xyes" ; then
1816                 trylibzdir="/usr"
1817             fi
1818
1819             AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib"
1820             CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
1821
1822             AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
1823
1824             if test "x$libz_linked" == "xno" ; then
1825                 AC_MSG_ERROR([libz isn't found.
1826                 If it's already installed, specify its path using --with-libz=/dir/])
1827             fi
1828             AC_MSG_RESULT([yes])
1829         else
1830             AC_MSG_RESULT([yes])
1831         fi
1832         ENABLED_LIBZ="yes"
1833     ]
1834 )
1835 AM_CONDITIONAL([BUILD_LIBZ], [test "x$ENABLED_LIBZ" = "xyes"])
1836
1837
1838 # cavium
1839 trycaviumdir=""
1840 AC_ARG_WITH([cavium],
1841     [  --with-cavium=PATH      PATH to cavium/software dir ],
1842     [
1843         AC_MSG_CHECKING([for cavium])
1844         CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM"
1845
1846             if test "x$withval" == "xyes" ; then
1847                 AC_MSG_ERROR([need a PATH for --with-cavium])
1848             fi
1849             if test "x$withval" != "xno" ; then
1850                 trycaviumdir=$withval
1851             fi
1852
1853             LDFLAGS="$AM_LDFLAGS $trycaviumdir/api/cavium_common.o"
1854             CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include"
1855
1856             AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include "cavium_common.h"]], [[ CspShutdown(CAVIUM_DEV_ID); ]])],[ cavium_linked=yes ],[ cavium_linked=no ])
1857
1858             if test "x$cavium_linked" == "xno" ; then
1859                 AC_MSG_ERROR([cavium isn't found.
1860                 If it's already installed, specify its path using --with-cavium=/dir/])
1861             fi
1862             AC_MSG_RESULT([yes])
1863             enable_shared=no
1864             enable_static=yes
1865     ]
1866 )
1867
1868
1869 # microchip api
1870 AC_ARG_ENABLE([mcapi],
1871     [  --enable-mcapi          Enable Microchip API (default: disabled)],
1872     [ ENABLED_MCAPI=$enableval ],
1873     [ ENABLED_MCAPI=no ]
1874     )
1875
1876 if test "$ENABLED_MCAPI" = "yes"
1877 then
1878     AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT"
1879 fi
1880
1881 if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no"
1882 then
1883     AC_MSG_ERROR([please enable sha512 if enabling mcapi.])
1884 fi
1885
1886 if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_ECC" = "no"
1887 then
1888     AC_MSG_ERROR([please enable ecc if enabling mcapi.])
1889 fi
1890
1891 if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_LIBZ" = "no"
1892 then
1893     AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
1894 fi
1895
1896 AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"])
1897
1898
1899 # wolfSSL JNI
1900 AC_ARG_ENABLE([jni],
1901     [  --enable-jni            Enable wolfSSL JNI (default: disabled)],
1902     [ ENABLED_JNI=$enableval ],
1903     [ ENABLED_JNI=no ]
1904     )
1905 if test "$ENABLED_JNI" = "yes"
1906 then
1907     # Enable prereqs if not already enabled
1908     if test "x$ENABLED_DTLS" = "xno"
1909     then
1910         ENABLED_DTLS="yes"
1911         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS"
1912     fi
1913     if test "x$ENABLED_OPENSSLEXTRA" = "xno"
1914     then
1915         ENABLED_OPENSSLEXTRA="yes"
1916         AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
1917     fi
1918     if test "x$ENABLED_CRL" = "xno"
1919     then
1920         ENABLED_CRL="yes"
1921         AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
1922         AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
1923     fi
1924     if test "x$ENABLED_OCSP" = "xno"
1925     then
1926         ENABLED_OCSP="yes"
1927         AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
1928         AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
1929     fi
1930     if test "x$ENABLED_CRL_MONITOR" = "xno"
1931     then
1932         ENABLED_CRL_MONITOR="yes"
1933         AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
1934     fi
1935     if test "x$ENABLED_SAVESESSION" = "xno"
1936     then
1937         ENABLED_SAVESESSION="yes"
1938         AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
1939     fi
1940     if test "x$ENABLED_SAVECERT" = "xno"
1941     then
1942         ENABLED_SAVECERT="yes"
1943         AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
1944     fi
1945     if test "x$ENABLED_ATOMICUSER" = "xno"
1946     then
1947         ENABLED_ATOMICUSER="yes"
1948         AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
1949     fi
1950     if test "x$ENABLED_ECC" = "xno"
1951     then
1952         ENABLED_ECC="yes"
1953         AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC"
1954     fi
1955     if test "x$ENABLED_PKCALLBACKS" = "xno"
1956     then
1957         ENABLED_PKCALLBACKS="yes"
1958         AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
1959     fi
1960     if test "x$ENABLED_DH" = "xno"
1961     then
1962         ENABLED_DH="yes"
1963         AM_CFLAGS="$AM_CFLAGS -DHAVE_DH"
1964     fi
1965 fi
1966
1967
1968 # Check for build-type conflicts
1969 AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
1970        test "x$ENABLED_LEANPSK" = "xyes"],
1971       [AC_MSG_ERROR([Cannot use Max Strength and Lean PSK at the same time.])])
1972
1973
1974 # Update CFLAGS based on options
1975 AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes"],
1976       [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MAX_STRENGTH"])
1977
1978 AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
1979        test "x$ENABLED_OLD_TLS" = "xyes"],
1980       [AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
1981        ENABLED_OLD_TLS=no])
1982
1983
1984 # OPTIMIZE FLAGS
1985 if test "$GCC" = "yes"
1986 then
1987     AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused"
1988     if test "$ax_enable_debug" = "no"
1989     then
1990         if test "$ENABLED_FASTMATH" = "yes"
1991         then
1992             AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS"
1993             if test "$ENABLED_FASTHUGEMATH" = "yes"
1994             then
1995                 AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS"
1996             fi
1997         else
1998             AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS"
1999         fi
2000     fi
2001 fi
2002
2003 # ICC command line warning for non supported warning flags
2004 if test "$CC" = "icc"
2005 then
2006     AM_CFLAGS="$AM_CFLAGS -wd10006"
2007 fi
2008
2009
2010 LIB_SOCKET_NSL
2011 AX_HARDEN_CC_COMPILER_FLAGS
2012
2013 # link to ws2_32 if on mingw
2014 case $host_os in
2015     *mingw32)
2016         LDFLAGS="$LDFLAGS -lws2_32" ;;
2017 esac
2018
2019 # add user C_EXTRA_FLAGS back
2020 CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS"
2021 OPTION_FLAGS="$USER_C_EXTRA_FLAGS $AM_CFLAGS"
2022
2023 CREATE_HEX_VERSION
2024 AC_SUBST([AM_CPPFLAGS])
2025 AC_SUBST([AM_CFLAGS])
2026 AC_SUBST([AM_LDFLAGS])
2027
2028 # FINAL
2029 AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h])
2030 AC_CONFIG_FILES([Makefile])
2031 AC_CONFIG_FILES([wolfssl/version.h])
2032 AC_CONFIG_FILES([wolfssl/options.h])
2033 #have options.h and version.h for autoconf fips tag and build
2034 #if test "x$ENABLED_FIPS" = "xyes"
2035 #then
2036 #    AC_CONFIG_FILES([cyassl/version.h])
2037 #    AC_CONFIG_FILES([cyassl/options.h])
2038 #fi
2039 AC_CONFIG_FILES([support/wolfssl.pc])
2040 AC_CONFIG_FILES([rpm/spec])
2041
2042 AX_CREATE_GENERIC_CONFIG
2043 AX_AM_JOBSERVER([yes])
2044
2045 AC_OUTPUT
2046
2047
2048 # force make clean
2049 echo "---"
2050 echo "Running make clean..."
2051 make clean >/dev/null 2>&1
2052 # Touch files that may not be in repository
2053 echo "Touching File..."
2054 touch ctaocrypt/src/fips.c
2055 touch ctaocrypt/src/fips_test.c
2056 echo
2057
2058 # generate user options header
2059 echo "---"
2060 echo "Generating user options header..."
2061
2062 OPTION_FILE="wolfssl/options.h"
2063 #if
2064 #OPTION_FILE+="cyassl/options.h"
2065 #fi
2066 rm -f $OPTION_FILE
2067
2068 echo "/* wolfssl options.h" > $OPTION_FILE
2069 echo " * generated from configure options" >> $OPTION_FILE
2070 echo " *" >> $OPTION_FILE
2071 echo " * Copyright (C) 2006-2015 wolfSSL Inc." >> $OPTION_FILE
2072 echo " *" >> $OPTION_FILE
2073 echo " * This file is part of wolfSSL. (formerly known as CyaSSL)" >> $OPTION_FILE
2074 echo " *" >> $OPTION_FILE
2075 echo " */" >> $OPTION_FILE
2076
2077 echo "" >> $OPTION_FILE
2078 echo "#pragma once" >> $OPTION_FILE
2079 echo "" >> $OPTION_FILE
2080 echo "#ifdef __cplusplus" >> $OPTION_FILE
2081 echo "extern \"C\" {" >> $OPTION_FILE
2082 echo "#endif" >> $OPTION_FILE
2083 echo "" >> $OPTION_FILE
2084
2085 for option in $OPTION_FLAGS; do
2086     defonly=`echo $option | sed 's/-D//'`
2087     if test "$defonly" != "$option"
2088     then
2089         noequalsign=`echo $defonly | sed 's/=/ /'`
2090         if test "$noequalsign" = "NDEBUG" || test "$noequalsign" = "DEBUG"
2091         then
2092             echo "not outputing (N)DEBUG to $OPTION_FILE"
2093             continue
2094         fi
2095
2096         # allow user to igonore system options
2097         ignoresys=no
2098         if [[[ $noequalsign == _* ]]] ;
2099         then
2100             ignoresys=yes
2101             echo "#ifndef WOLFSSL_OPTIONS_IGNORE_SYS" >> $OPTION_FILE
2102         fi
2103
2104         noarg=`echo $defonly | sed 's/=.*//'`
2105         echo "#undef  $noarg" >> $OPTION_FILE
2106         echo "#define $noequalsign" >> $OPTION_FILE
2107
2108         if test "$ignoresys" = "yes"
2109         then
2110             echo "#endif" >> $OPTION_FILE
2111         fi
2112
2113         echo "" >> $OPTION_FILE
2114     else
2115         echo "option w/o begin -D is $option, not saving to $OPTION_FILE"
2116     fi
2117 done
2118
2119 echo "" >> $OPTION_FILE
2120 echo "#ifdef __cplusplus" >> $OPTION_FILE
2121 echo "}" >> $OPTION_FILE
2122 echo "#endif" >> $OPTION_FILE
2123 echo "" >> $OPTION_FILE
2124 echo
2125
2126 #backwards compatability for those who have included options or version
2127 touch cyassl/options.h
2128 echo "/* cyassl options.h" > cyassl/options.h
2129 echo " * generated from wolfssl/options.h" >> cyassl/options.h
2130 echo " */" >> cyassl/options.h
2131 echo ""
2132 while read -r line
2133 do
2134     echo "$line" >> cyassl/options.h
2135 done < $OPTION_FILE
2136
2137 # output config summary
2138 echo "---"
2139 echo "Configuration summary for $PACKAGE_NAME version $VERSION"
2140 echo ""
2141 echo "   * Installation prefix:       $prefix"
2142 echo "   * System type:               $host_vendor-$host_os"
2143 echo "   * Host CPU:                  $host_cpu"
2144 echo "   * C Compiler:                $CC"
2145 echo "   * C Flags:                   $CFLAGS"
2146 echo "   * C++ Compiler:              $CXX"
2147 echo "   * C++ Flags:                 $CXXFLAGS"
2148 echo "   * CPP Flags:                 $CPPFLAGS"
2149 echo "   * LIB Flags:                 $LIB"
2150 echo "   * Debug enabled:             $ax_enable_debug"
2151 echo "   * Warnings as failure:       $ac_cv_warnings_as_errors"
2152 echo "   * make -j:                   $enable_jobserver"
2153 echo "   * VCS checkout:              $ac_cv_vcs_checkout"
2154 echo
2155 echo "   Features "
2156 echo "   * Single threaded:           $ENABLED_SINGLETHREADED"
2157 echo "   * Filesystem:                $ENABLED_FILESYSTEM"
2158 echo "   * OpenSSL Extra API:         $ENABLED_OPENSSLEXTRA"
2159 echo "   * Max Strength Build:        $ENABLED_MAXSTRENGTH"
2160 echo "   * fastmath:                  $ENABLED_FASTMATH"
2161 echo "   * sniffer:                   $ENABLED_SNIFFER"
2162 echo "   * snifftest:                 $ENABLED_SNIFFTEST"
2163 echo "   * ARC4:                      $ENABLED_ARC4"
2164 echo "   * AES:                       $ENABLED_AES"
2165 echo "   * AES-NI:                    $ENABLED_AESNI"
2166 echo "   * AES-GCM:                   $ENABLED_AESGCM"
2167 echo "   * AES-CCM:                   $ENABLED_AESCCM"
2168 echo "   * DES3:                      $ENABLED_DES3"
2169 echo "   * Camellia:                  $ENABLED_CAMELLIA"
2170 echo "   * NULL Cipher:               $ENABLED_NULL_CIPHER"
2171 echo "   * MD5:                       $ENABLED_MD5"
2172 echo "   * RIPEMD:                    $ENABLED_RIPEMD"
2173 echo "   * SHA:                       $ENABLED_SHA"
2174 echo "   * SHA-512:                   $ENABLED_SHA512"
2175 echo "   * BLAKE2:                    $ENABLED_BLAKE2"
2176 echo "   * keygen:                    $ENABLED_KEYGEN"
2177 echo "   * certgen:                   $ENABLED_CERTGEN"
2178 echo "   * certreq:                   $ENABLED_CERTREQ"
2179 echo "   * HC-128:                    $ENABLED_HC128"
2180 echo "   * RABBIT:                    $ENABLED_RABBIT"
2181 echo "   * CHACHA:                    $ENABLED_CHACHA"
2182 echo "   * Hash DRBG:                 $ENABLED_HASHDRBG"
2183 echo "   * PWDBASED:                  $ENABLED_PWDBASED"
2184 echo "   * HKDF:                      $ENABLED_HKDF"
2185 echo "   * MD4:                       $ENABLED_MD4"
2186 echo "   * PSK:                       $ENABLED_PSK"
2187 echo "   * Poly1305:                  $ENABLED_POLY1305"
2188 echo "   * LEANPSK:                   $ENABLED_LEANPSK"
2189 echo "   * RSA:                       $ENABLED_RSA"
2190 echo "   * DSA:                       $ENABLED_DSA"
2191 echo "   * DH:                        $ENABLED_DH"
2192 echo "   * ECC:                       $ENABLED_ECC"
2193 echo "   * CURVE25519:                $ENABLED_CURVE25519"
2194 echo "   * ED25519:                   $ENABLED_ED25519"
2195 echo "   * FPECC:                     $ENABLED_FPECC"
2196 echo "   * ECC_ENCRYPT:               $ENABLED_ECC_ENCRYPT"
2197 echo "   * ASN:                       $ENABLED_ASN"
2198 echo "   * Anonymous cipher:          $ENABLED_ANON"
2199 echo "   * CODING:                    $ENABLED_CODING"
2200 echo "   * MEMORY:                    $ENABLED_MEMORY"
2201 echo "   * I/O POOL:                  $ENABLED_IOPOOL"
2202 echo "   * ERROR_STRINGS:             $ENABLED_ERROR_STRINGS"
2203 echo "   * DTLS:                      $ENABLED_DTLS"
2204 echo "   * Old TLS Versions:          $ENABLED_OLD_TLS"
2205 echo "   * OCSP:                      $ENABLED_OCSP"
2206 echo "   * CRL:                       $ENABLED_CRL"
2207 echo "   * CRL-MONITOR:               $ENABLED_CRL_MONITOR"
2208 echo "   * Persistent session cache:  $ENABLED_SAVESESSION"
2209 echo "   * Persistent cert    cache:  $ENABLED_SAVECERT"
2210 echo "   * Atomic User Record Layer:  $ENABLED_ATOMICUSER"
2211 echo "   * Public Key Callbacks:      $ENABLED_PKCALLBACKS"
2212 echo "   * NTRU:                      $ENABLED_NTRU"
2213 echo "   * SNI:                       $ENABLED_SNI"
2214 echo "   * Maximum Fragment Length:   $ENABLED_MAX_FRAGMENT"
2215 echo "   * Truncated HMAC:            $ENABLED_TRUNCATED_HMAC"
2216 echo "   * Renegotiation Indication:  $ENABLED_RENEGOTIATION_INDICATION"
2217 echo "   * Secure Renegotiation:      $ENABLED_SECURE_RENEGOTIATION"
2218 echo "   * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
2219 echo "   * Session Ticket:            $ENABLED_SESSION_TICKET"
2220 echo "   * All TLS Extensions:        $ENABLED_TLSX"
2221 echo "   * PKCS#7                     $ENABLED_PKCS7"
2222 echo "   * wolfSCEP                   $ENABLED_WOLFSCEP"
2223 echo "   * Small Stack:               $ENABLED_SMALL_STACK"
2224 echo "   * valgrind unit tests:       $ENABLED_VALGRIND"
2225 echo "   * LIBZ:                      $ENABLED_LIBZ"
2226 echo "   * Examples:                  $ENABLED_EXAMPLES"
2227 echo ""
2228 echo "---"
2229