Build: Make the crypto backend selectable

Introduce the -DZM_CRYPTO_BACKEND CMake option through which the crypto backend can be selected.
Supported values: openssl (default) and gnutls

This commit makes OpenSSL or GnuTLS a requirement to compile/run ZoneMinder.

Following restriction applies:
  * If libjwt is not found we fall back to jwt-cpp which only supports OpenSSL
This commit is contained in:
Peter Keresztes Schmidt 2021-05-24 14:25:52 +02:00
parent b81689aa3f
commit caadc41bfd
1 changed files with 19 additions and 10 deletions

View File

@ -190,6 +190,15 @@ set(ZM_MANPAGE_DEST_PREFIX "share/man" CACHE PATH
non-standard folder. Most Linux users will not need to change this. non-standard folder. Most Linux users will not need to change this.
BSD users may need to set this.") BSD users may need to set this.")
# Supported crypto backends. Using OpenSSL by default to be compatible with jwt-cpp.
set(ZM_CRYPTO_BACKEND_OPTIONS gnutls openssl)
set(ZM_CRYPTO_BACKEND openssl CACHE STRING "Determines which crypto backend should be used.")
set_property(CACHE ZM_CRYPTO_BACKEND PROPERTY STRINGS ${ZM_CRYPTO_BACKEND_OPTIONS})
if(NOT ZM_CRYPTO_BACKEND IN_LIST ZM_CRYPTO_BACKEND_OPTIONS)
message(FATAL_ERROR "Invalid value for ZM_CRYPTO_BACKEND. Possible options: ${ZM_CRYPTO_BACKEND_OPTIONS}")
endif()
# Reassign some variables if a target distro has been specified # Reassign some variables if a target distro has been specified
if((ZM_TARGET_DISTRO MATCHES "^el") OR (ZM_TARGET_DISTRO MATCHES "^fc")) if((ZM_TARGET_DISTRO MATCHES "^el") OR (ZM_TARGET_DISTRO MATCHES "^fc"))
set(ZM_RUNDIR "/var/run/zoneminder") set(ZM_RUNDIR "/var/run/zoneminder")
@ -340,9 +349,9 @@ else()
set(optlibsnotfound "${optlibsnotfound} LIBJWT") set(optlibsnotfound "${optlibsnotfound} LIBJWT")
endif() endif()
# gnutls (using find_library and find_path) # GnuTLS
if(HAVE_LIBJWT) if (${ZM_CRYPTO_BACKEND} STREQUAL "gnutls")
find_library(GNUTLS_LIBRARIES gnutls) find_library(GNUTLS_LIBRARIES gnutls REQUIRED)
if(GNUTLS_LIBRARIES) if(GNUTLS_LIBRARIES)
set(HAVE_LIBGNUTLS 1) set(HAVE_LIBGNUTLS 1)
list(APPEND ZM_BIN_LIBS "${GNUTLS_LIBRARIES}") list(APPEND ZM_BIN_LIBS "${GNUTLS_LIBRARIES}")
@ -357,11 +366,9 @@ if(HAVE_LIBJWT)
else() else()
set(optlibsnotfound "${optlibsnotfound} GnuTLS") set(optlibsnotfound "${optlibsnotfound} GnuTLS")
endif() endif()
endif()
# OpenSSL # OpenSSL
if(NOT HAVE_LIBGNUTLS OR NOT HAVE_LIBJWT) elseif (${ZM_CRYPTO_BACKEND} STREQUAL "openssl")
find_package(OpenSSL) find_package(OpenSSL REQUIRED)
if(OPENSSL_FOUND) if(OPENSSL_FOUND)
set(HAVE_LIBOPENSSL 1) set(HAVE_LIBOPENSSL 1)
set(HAVE_LIBCRYPTO 1) set(HAVE_LIBCRYPTO 1)
@ -619,9 +626,9 @@ endif()
# #
# *** END OF LIBRARY CHECKS *** # *** END OF LIBRARY CHECKS ***
# Check for gnutls or crypto # If libjwt is not present we fall back to jwt-cpp which requires OpenSSL
if((NOT HAVE_LIBCRYPTO) AND (NOT HAVE_LIBGNUTLS)) if((NOT HAVE_LIBJWT) AND (NOT HAVE_LIBOPENSSL))
message(FATAL_ERROR "ZoneMinder requires crypto or gnutls but none were found on your system") message(FATAL_ERROR "Using the jwt-cpp backend requires OpenSSL as crypto backend.")
endif() endif()
# Check for V4L header files and enable ZM_HAS_V4L, ZM_HAS_V4L1, ZM_HAS_V4L2 accordingly # Check for V4L header files and enable ZM_HAS_V4L, ZM_HAS_V4L1, ZM_HAS_V4L2 accordingly
@ -834,6 +841,8 @@ endif()
message(STATUS "Optional libraries found:${optlibsfound}") message(STATUS "Optional libraries found:${optlibsfound}")
message(STATUS "Optional libraries not found:${optlibsnotfound}") message(STATUS "Optional libraries not found:${optlibsnotfound}")
message(STATUS "Enabled crypto backend: ${ZM_CRYPTO_BACKEND}")
# Run ZM configuration generator # Run ZM configuration generator
message(STATUS "Running ZoneMinder configuration generator") message(STATUS "Running ZoneMinder configuration generator")
execute_process(COMMAND perl ${CMAKE_CURRENT_BINARY_DIR}/zmconfgen.pl RESULT_VARIABLE ZMCONFGEN_RESULT) execute_process(COMMAND perl ${CMAKE_CURRENT_BINARY_DIR}/zmconfgen.pl RESULT_VARIABLE ZMCONFGEN_RESULT)