From 88bedb41fe82df312d62e364a5a216b62fc8807c Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Tue, 5 Nov 2019 14:32:28 -0500
Subject: Implement gnutls crypto provider (fixes #218)

Thanks to Zdenek Dohnal <zdohnal@redhat.com> for contributing the code
used for the gnutls crypto provider.
---
 configure.ac | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index d7223d06..1f6b151a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -506,6 +506,49 @@ if test "$USE_CRYPTO_NATIVE" = "1"; then
   DEFAULT_CRYPTO=native
 fi
 
+dnl If the gnutls provider is explicitly requested, require gnutls. If
+dnl the gnutls provider is not explicitly disabled, enable it if
+dnl gnutls is available. If the gnutls provider is explicitly
+dnl disabled, do not link with gnutls even if present.
+
+PKG_CHECK_MODULES([pc_gnutls], [gnutls], [GNUTLS_FOUND=1], [GNUTLS_FOUND=0])
+
+IMPLICIT_GNUTLS=0
+USE_CRYPTO_GNUTLS=0
+AC_SUBST(USE_CRYPTO_GNUTLS)
+AC_ARG_ENABLE(crypto-gnutls,
+   AS_HELP_STRING([--enable-crypto-gnutls],
+                  [whether to include support for gnutls crypto provider]),
+   [if test "$enableval" = "yes"; then
+      USE_CRYPTO_GNUTLS=1
+    else
+      USE_CRYPTO_GNUTLS=0
+    fi],
+   [IMPLICIT_GNUTLS=$IMPLICIT_CRYPTO])
+
+if test "$IMPLICIT_GNUTLS" = "1"; then
+  USE_CRYPTO_GNUTLS=$GNUTLS_FOUND
+  if test "$USE_CRYPTO_GNUTLS" = "1"; then
+    AC_MSG_NOTICE(enabling gnutls crypto provider since gnutls is available)
+  else
+    AC_MSG_NOTICE(not enabling gnutls crypto provider since gnutls was not found)
+  fi
+fi
+
+if test "$USE_CRYPTO_GNUTLS" = "1" -a "$GNUTLS_FOUND" = "0"; then
+  AC_MSG_ERROR(unable to use requested gnutls crypto provider without gnutls)
+fi
+
+if test "$USE_CRYPTO_GNUTLS" = "1"; then
+  CFLAGS="$CFLAGS $pc_gnutls_CFLAGS"
+  CXXFLAGS="$CXXFLAGS $pc_gnutls_CXXFLAGS"
+  LIBS="$LIBS $pc_gnutls_LIBS"
+  AC_DEFINE([USE_CRYPTO_GNUTLS], 1, [Whether to use the gnutls crypto provider])
+  DEFAULT_CRYPTO=gnutls
+elif test "$GNUTLS_FOUND" = "1"; then
+  AC_MSG_NOTICE(not linking with gnutls even though it is available)
+fi
+
 dnl Allow the default crypto provider to be specified explicitly.
 
 AC_MSG_CHECKING(which crypto to use by default)
@@ -527,6 +570,11 @@ case "$DEFAULT_CRYPTO" in
       bad_crypto=1
     fi
   ;;
+  "gnutls")
+    if test "$USE_CRYPTO_GNUTLS" != "1"; then
+      bad_crypto=1
+    fi
+  ;;
   *)
     bad_crypto=1
   ;;
-- 
cgit v1.2.3-54-g00ecf