faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

configure: add option to disable AES-GCM-SIV support

Browse source
This commit is contained in:
Miroslav Lichvar 2023-05-23 16:36:25 +02:00
parent c80858f738
commit b57d7040b3
2 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
configure vendored
View file

@ -128,6 +128,7 @@ For better control, use the options below.
--without-seccomp Don't use seccomp even if it is available --without-seccomp Don't use seccomp even if it is available
--disable-asyncdns Disable asynchronous name resolving --disable-asyncdns Disable asynchronous name resolving
--disable-forcednsretry Don't retry on permanent DNS error --disable-forcednsretry Don't retry on permanent DNS error
--without-aes-gcm-siv Don't use AES-GCM-SIV for NTS even if it is available
--without-clock-gettime Don't use clock_gettime() even if it is available --without-clock-gettime Don't use clock_gettime() even if it is available
--disable-timestamping Disable support for SW/HW timestamping --disable-timestamping Disable support for SW/HW timestamping
--enable-ntp-signd Enable support for MS-SNTP authentication in Samba --enable-ntp-signd Enable support for MS-SNTP authentication in Samba
@ -244,6 +245,7 @@ try_setsched=0
try_lockmem=0 try_lockmem=0
feat_asyncdns=1 feat_asyncdns=1
feat_forcednsretry=1 feat_forcednsretry=1
try_aes_gcm_siv=1
try_clock_gettime=1 try_clock_gettime=1
try_arc4random=1 try_arc4random=1
try_recvmmsg=1 try_recvmmsg=1
@ -345,6 +347,9 @@ do
--disable-forcednsretry) --disable-forcednsretry)
feat_forcednsretry=0 feat_forcednsretry=0
;; ;;
--without-aes-gcm-siv)
try_aes_gcm_siv=0
;;
--without-clock-gettime) --without-clock-gettime)
try_clock_gettime=0 try_clock_gettime=0
;; ;;
@ -986,7 +991,7 @@ if [ $feat_ntp = "1" ] && [ $feat_nts = "1" ] && [ $try_gnutls = "1" ]; then
EXTRA_OBJECTS="$EXTRA_OBJECTS siv_nettle.o" EXTRA_OBJECTS="$EXTRA_OBJECTS siv_nettle.o"
add_def HAVE_SIV add_def HAVE_SIV
add_def HAVE_NETTLE_SIV_CMAC add_def HAVE_NETTLE_SIV_CMAC
if test_code 'AES-GCM-SIV in nettle' \ if [ $try_aes_gcm_siv = "1" ] && test_code 'AES-GCM-SIV in nettle' \
'nettle/siv-gcm.h' "" "$LIBS" \ 'nettle/siv-gcm.h' "" "$LIBS" \
'siv_gcm_aes128_encrypt_message((void *)1, 0, NULL, 0, (void *)2, 16, (void *)3, 'siv_gcm_aes128_encrypt_message((void *)1, 0, NULL, 0, (void *)2, 16, (void *)3,
(void *)4);' (void *)4);'

1
test/compilation/003-sanitizers
View file

@ -26,6 +26,7 @@ for extra_config_opts in \
"--all-privops" \ "--all-privops" \
"--disable-ipv6" \ "--disable-ipv6" \
"--disable-scfilter" \ "--disable-scfilter" \
"--without-aes-gcm-siv" \
"--without-gnutls" \ "--without-gnutls" \
"--without-nettle" \ "--without-nettle" \
"--without-nettle --without-nss" \ "--without-nettle --without-nss" \