Add --without-libssl configure parameter
This replaces --without-ipsec and --without-ipv6sr
and allows other parts of the code to be disabled if
libssl is not available.
Change-Id: Id97ff3685a7924d7f86622952e0405d94ceb5957
Signed-off-by: Damjan Marion <damarion@cisco.com>
diff --git a/src/configure.ac b/src/configure.ac
index eb380d8..b223444 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -101,8 +101,7 @@
WITH_ARG(dpdk_mlx5_pmd, [Use DPDK with mlx5 PMD])
# --without-X
-WITHOUT_ARG(ipsec, [Disable IPSec])
-WITHOUT_ARG(ipv6sr, [Disable IPv6 SR])
+WITHOUT_ARG(libssl, [Disable libssl])
WITHOUT_ARG(apicli, [Disable binary api CLI])
AC_ARG_WITH(unix,
@@ -133,8 +132,7 @@
AC_DEFINE_UNQUOTED(DPDK, [${n_with_dpdk}])
AC_DEFINE_UNQUOTED(DPDK_SHARED_LIB, [${n_enable_dpdk_shared}])
AC_DEFINE_UNQUOTED(DPDK_CRYPTO, [${n_with_dpdk_crypto}])
-AC_DEFINE_UNQUOTED(IPSEC, [${n_with_ipsec}])
-AC_DEFINE_UNQUOTED(IPV6SR, [${n_with_ipv6sr}])
+AC_DEFINE_UNQUOTED(WITH_LIBSSL, [${n_with_libssl}])
# Silence following noise:
diff --git a/src/vnet.am b/src/vnet.am
index 3b2a25e..93dd1e6 100644
--- a/src/vnet.am
+++ b/src/vnet.am
@@ -26,7 +26,7 @@
libvnet_la_LIBADD = $(libvnet_la_DEPENDENCIES) -lm -lpthread -ldl -lrt $(DPDK_LD_ADD)
libvnet_la_LDFLAGS = $(DPDK_LD_FLAGS)
-if WITH_IPV6SR
+if WITH_LIBSSL
libvnet_la_LIBADD += -lcrypto
endif
@@ -372,7 +372,7 @@
########################################
# Layer 3 protocol: IPSec
########################################
-if WITH_IPSEC
+if WITH_LIBSSL
libvnet_la_SOURCES += \
vnet/ipsec/ipsec.c \
vnet/ipsec/ipsec_cli.c \
@@ -673,7 +673,7 @@
# ipv6 segment routing
########################################
-if WITH_IPV6SR
+if WITH_LIBSSL
libvnet_la_SOURCES += \
vnet/sr/sr.c \
vnet/sr/sr_replicate.c \
diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c
index 30cc5bd..9bcf63b 100644
--- a/src/vnet/ipsec/ipsec_api.c
+++ b/src/vnet/ipsec/ipsec_api.c
@@ -26,7 +26,7 @@
#include <vnet/vnet_msg_enum.h>
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
#include <vnet/ipsec/ipsec.h>
#include <vnet/ipsec/ikev2.h>
#endif /* IPSEC */
@@ -63,7 +63,7 @@
static void vl_api_ipsec_spd_add_del_t_handler
(vl_api_ipsec_spd_add_del_t * mp)
{
-#if IPSEC == 0
+#if WITH_LIBSSL == 0
clib_warning ("unimplemented");
#else
@@ -95,7 +95,7 @@
VALIDATE_SW_IF_INDEX (mp);
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
rv = ipsec_set_interface_spd (vm, sw_if_index, spd_id, mp->is_add);
#else
rv = VNET_API_ERROR_UNIMPLEMENTED;
@@ -113,7 +113,7 @@
vl_api_ipsec_spd_add_del_entry_reply_t *rmp;
int rv;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
ipsec_policy_t p;
memset (&p, 0, sizeof (p));
@@ -176,7 +176,7 @@
vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
vl_api_ipsec_sad_add_del_entry_reply_t *rmp;
int rv;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
ipsec_sa_t sa;
memset (&sa, 0, sizeof (sa));
@@ -324,7 +324,7 @@
ipsec_spd_t *spd;
uword *p;
u32 spd_index;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
q = vl_api_client_index_to_input_queue (mp->client_index);
if (q == 0)
return;
@@ -355,7 +355,7 @@
vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
vl_api_ipsec_sa_set_key_reply_t *rmp;
int rv;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
ipsec_sa_t sa;
sa.id = ntohl (mp->sa_id);
sa.crypto_key_len = mp->crypto_key_length;
@@ -377,7 +377,7 @@
vl_api_ikev2_profile_add_del_reply_t *rmp;
int rv = 0;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
vlib_main_t *vm = vlib_get_main ();
clib_error_t *error;
u8 *tmp = format (0, "%s", mp->name);
@@ -399,7 +399,7 @@
vl_api_ikev2_profile_set_auth_reply_t *rmp;
int rv = 0;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
vlib_main_t *vm = vlib_get_main ();
clib_error_t *error;
u8 *tmp = format (0, "%s", mp->name);
@@ -423,7 +423,7 @@
vl_api_ikev2_profile_add_del_reply_t *rmp;
int rv = 0;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
vlib_main_t *vm = vlib_get_main ();
clib_error_t *error;
u8 *tmp = format (0, "%s", mp->name);
@@ -447,7 +447,7 @@
vl_api_ikev2_profile_set_ts_reply_t *rmp;
int rv = 0;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
vlib_main_t *vm = vlib_get_main ();
clib_error_t *error;
u8 *tmp = format (0, "%s", mp->name);
@@ -470,7 +470,7 @@
vl_api_ikev2_profile_set_ts_reply_t *rmp;
int rv = 0;
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
vlib_main_t *vm = vlib_get_main ();
clib_error_t *error;
diff --git a/src/vnet/ipsec/ipsec_output.c b/src/vnet/ipsec/ipsec_output.c
index 9797789..df93b5e 100644
--- a/src/vnet/ipsec/ipsec_output.c
+++ b/src/vnet/ipsec/ipsec_output.c
@@ -27,7 +27,7 @@
#define ESP_NODE "esp-encrypt"
#endif
-#if IPSEC > 0
+#if WITH_LIBSSL > 0
#define foreach_ipsec_output_next \
_(DROP, "error-drop") \
diff --git a/src/vpp/api/api.c b/src/vpp/api/api.c
index 3d6905d..3afc338 100644
--- a/src/vpp/api/api.c
+++ b/src/vpp/api/api.c
@@ -54,7 +54,7 @@
#include <vnet/ip/ip6_neighbor.h>
#include <vnet/dhcp/proxy.h>
#include <vnet/dhcp/client.h>
-#if IPV6SR > 0
+#if WITH_LIBSSL > 0
#include <vnet/sr/sr.h>
#endif
#include <vnet/dhcpv6/proxy.h>