Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 94 insertions, 0 deletions

diff --git a/lib/crypto/wscript b/lib/crypto/wscript
new file mode 100644
index 0000000..acf5cb8
--- /dev/null
+++ b/lib/crypto/wscript
@@ -0,0 +1,94 @@
+#!/usr/bin/env python
+from waflib import Options
+from waflib import Errors, Logs
+
+
+def options(opt):
+    opt.add_option('--accel-aes',
+                   help=("Should we use accelerated AES crypto functions. "
+                         "Options are intelaesni|none."),
+                   action="store",
+                   dest='accel_aes',
+                   default="none")
+
+
+def configure(conf):
+    if conf.CHECK_FUNCS('SHA1_Update'):
+        conf.DEFINE('SHA1_RENAME_NEEDED', 1)
+
+    #
+    # --aes-accel=XXX selects accelerated AES crypto library to use, if any.
+    # Default is none.
+    #
+    if Options.options.accel_aes.lower() == "intelaesni":
+        Logs.info("Attempting to compile with runtime-switchable x86_64 "
+                  "Intel AES instructions. WARNING - this is temporary.")
+    elif Options.options.accel_aes.lower() != "none":
+        raise Errors.WafError("--aes-accel=%s is not a valid option. Valid "
+                              "options are [none|intelaesni]" %
+                              Options.options.accel_aes)
+
+
+def build(bld):
+    extra_deps = ""
+
+    if (bld.CONFIG_SET("HAVE_AESNI_INTEL")
+            and not bld.CONFIG_SET('HAVE_GNUTLS_AES_CMAC')):
+        extra_deps += ' aesni-intel'
+
+    bld.SAMBA_SUBSYSTEM("GNUTLS_HELPERS",
+                        source='''
+                        gnutls_error.c
+                        gnutls_aead_aes_256_cbc_hmac_sha512.c
+                        gnutls_arcfour_confounded_md5.c
+                        gnutls_weak_crypto.c
+                        ''',
+                        deps="gnutls samba-errors")
+
+    bld.SAMBA_SUBSYSTEM("LIBCRYPTO_AES",
+                        source='aes.c rijndael-alg-fst.c',
+                        deps='talloc',
+                        enabled=not bld.CONFIG_SET('HAVE_GNUTLS_AES_CMAC'))
+
+    bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES_CMAC',
+                        source='aes_cmac_128.c',
+                        deps='talloc',
+                        enabled=not bld.CONFIG_SET('HAVE_GNUTLS_AES_CMAC'))
+
+    bld.SAMBA_SUBSYSTEM('LIBCRYPTO',
+                        source='''
+                        md4.c
+                        ''',
+                        deps='''
+                        talloc
+                        LIBCRYPTO_AES
+                        LIBCRYPTO_AES_CMAC
+                        ''' + extra_deps)
+
+    bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO_AES_CMAC',
+                        source='aes_cmac_128_test.c',
+                        autoproto='aes_cmac_test_proto.h',
+                        deps='talloc',
+                        enabled=not bld.CONFIG_SET('HAVE_GNUTLS_AES_CMAC'))
+
+    bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO',
+                        source='md4test.c',
+                        autoproto='test_proto.h',
+                        deps='''
+                        LIBCRYPTO
+                        TORTURE_LIBCRYPTO_AES_CMAC
+                        ''')
+
+    bld.SAMBA_PYTHON('python_crypto',
+                     source='py_crypto.c',
+                     deps='gnutls talloc LIBCLI_AUTH',
+                     realname='samba/crypto.so')
+
+    bld.SAMBA_BINARY('test_gnutls_aead_aes_256_cbc_hmac_sha512',
+                     source='''
+                            gnutls_error.c
+                            tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c
+                            ''',
+                     deps='cmocka gnutls samba-util samba-errors',
+                     local_include=False,
+                     for_selftest=True)