xref: /freebsd/contrib/ntp/sntp/m4/ntp_crypto_rand.m4 (revision f5f40dd63bc7acbb5312b26ac1ea1103c12352a6) 
1# SYNOPSIS						-*- Autoconf -*-
2#
3#  NTP_CRYPTO_RAND
4#
5# DESCRIPTION
6#
7# AUTHOR
8#
9#  Harlan Stenn
10#
11# LICENSE
12#
13#  This file is Copyright (c) 2014 Network Time Foundation
14#
15#  Copying and distribution of this file, with or without modification, are
16#  permitted in any medium without royalty provided the copyright notice,
17#  author attribution and this notice are preserved.  This file is offered
18#  as-is, without any warranty.
19
20AC_DEFUN([NTP_CRYPTO_RAND], [
21AC_REQUIRE([NTP_OPENSSL])dnl
22
23dnl check for --disable-openssl-random
24dnl if that's not specified:
25dnl - Look for RAND_poll and RAND_bytes
26dnl - if they exist, define USE_OPENSSL_CRYPTO_RAND
27
28AC_MSG_CHECKING([if we want to use SSL library's secure random numbers])
29AC_ARG_ENABLE(
30    [openssl-random],
31    [AS_HELP_STRING(
32    	[--enable-openssl-random],
33	[+ Use SSL lib's secure random numbers]
34    )],
35    [ntp_use_openssl_random=$enableval ; ntp_ssl_random_mandatory=$enableval],
36    [ntp_use_openssl_random=yes ; ntp_ssl_random_mandatory=no]
37)
38AC_MSG_RESULT([$ntp_use_openssl_random])
39
40# The following might need extra libraries
41NTPO_SAVED_LIBS="$LIBS"
42LIBS="$NTPO_SAVED_LIBS $LDADD_NTP"
43dnl AC_MSG_NOTICE([LIBS is <$LIBS>])
44AC_CHECK_FUNCS([RAND_bytes RAND_poll])
45LIBS="$NTPO_SAVED_LIBS"
46case "$ntp_openssl$ntp_use_openssl_random$ac_cv_func_RAND_bytes$ac_cv_func_RAND_poll" in
47 yesyesyesyes)
48    AC_MSG_NOTICE([Using SSL library's secure random number generator])
49    AC_DEFINE([USE_OPENSSL_CRYPTO_RAND], [1], [Use OpenSSL's crypto random functions])
50    ;;
51 *)
52    ntp_use_openssl_random=no
53    AC_MSG_NOTICE([SSL library's secure random number generator unavailable.])
54    case "$ntp_ssl_random_mandatory" in
55     yes)
56	AC_MSG_ERROR(
57[No suitable SSL library was found and
58--enable-openssl-random was given..  Remove --enable-openssl-random
59if you wish to build without a cryptographically secure random number
60generator.
61
62WARNING: Use of ntp-keygen without a secure RNG may generate
63-------  keys that are predictable.]
64	)
65	;;
66     *)
67	AC_MSG_WARN(
68[WARNING: Use of ntp-keygen without a secure RNG may generate
69-------  keys that are predictable.]
70	)
71    esac
72esac
73
74AS_UNSET([ntp_ssl_random_mandatory])
75
76]) dnl NTP_CRYPTO_RAND
77
78