diff options
| author | Garrett D'Amore <garrett@damore.org> | 2017-11-09 14:09:14 -0800 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2017-11-20 21:49:09 -0800 |
| commit | 02178a8b5843a2c5a59fb7b104e4f9f5df1ff5ee (patch) | |
| tree | 122ee2bebf060aa26d6fa0778b877a6b7ca9b864 /cmake/FindmbedTLS.cmake | |
| parent | e8694d15d0a108895bf869f292d59e11d834361e (diff) | |
| download | nng-02178a8b5843a2c5a59fb7b104e4f9f5df1ff5ee.tar.gz nng-02178a8b5843a2c5a59fb7b104e4f9f5df1ff5ee.tar.bz2 nng-02178a8b5843a2c5a59fb7b104e4f9f5df1ff5ee.zip | |
fixes #3 TLS transport
This introduces a new transport (compatible with the TLS
transport from mangos), using TLS v1.2.
To use the new transport, you must have the mbed TLS library
available on your system (Xenial libmbedtls-dev). You can use
version 2.x or newer -- 1.3.x and PolarSSL versions are not
supported.
You enable the TLS transport with -DNNG_TRANSPORT_TLS=ON in the CMake
configuration.
You must configure the server certificate by default, and this can only
be done using nng options. See the nng_tls man page for details.
This work is experimental, and was made possible by Capitar IT Group BV,
and Staysail Systems, Inc.
Diffstat (limited to 'cmake/FindmbedTLS.cmake')
| -rw-r--r-- | cmake/FindmbedTLS.cmake | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/cmake/FindmbedTLS.cmake b/cmake/FindmbedTLS.cmake new file mode 100644 index 00000000..e0c0aa5a --- /dev/null +++ b/cmake/FindmbedTLS.cmake @@ -0,0 +1,80 @@ +# +# Copyright 2017 Garrett D'Amore <garrett@damore.org> +# Copyright 2017 Capitar IT Group BV <info@capitar.com> +# +# This software is supplied under the terms of the MIT License, a +# copy of which should be located in the distribution where this +# file was obtained (LICENSE.txt). A copy of the license may also be +# found online at https://opensource.org/licenses/MIT. +# + +# +# Try to find the mbed TLS libraries. +# +# Sets the following: +# +# MBEDTLS_INCLUDE_DIR - Where to find ssl.h, etc. +# MBEDTLS_FOUND - True if we found mbedtls. +# MBEDTLS_CRYPTO_LIBRARY - The mbedcrypto library. +# MBEDTLS_X509_LIBRARY - The mbedx509 library. +# MBEDTLS_TLS_LIBRARY - The mbedtls library. +# MBEDTLS_LIBRARIES - List of all three mbedtls libraries. +# MBEDTLS_VERSION - $major.$minor.$revision (e.g. ``2.6.0``). +# +# Hints: +# +# Set ``MBEDTLS_ROOT_DIR`` to the root directory of mbed TLS installation. +# + +set(_MBEDTLS_ROOT_HINTS ${MBEDTLS_ROOT_DIR} ENV MBEDTLS_ROOT_DIR) + +include(FindPackageHandleStandardArgs) + +find_path(MBEDTLS_INCLUDE_DIR + NAMES mbedtls/ssl.h + HINTS ${_MBEDTLS_ROOT_HINTS} + PATHS /usr/local + PATH_SUFFIXES include) + +find_library(MBEDTLS_CRYPTO_LIBRARY + NAMES mbedcrypto + HINTS ${_MBEDTLS_ROOT_HINTS} + PATHS /usr/local + PATH_SUFFIXES lib) + +find_library(MBEDTLS_X509_LIBRARY + NAMES mbedx509 + HINTS ${_MBEDTLS_ROOT_HINTS} + PATHS /usr/local + PATH_SUFFIXES lib) + +find_library(MBEDTLS_TLS_LIBRARY + NAMES mbedtls + HINTS ${_MBEDTLS_ROOT_HINTS} + PATHS /usr/local + PATH_SUFFIXES lib) + +set(MBEDTLS_LIBRARIES + ${MBEDTLS_TLS_LIBRARY} + ${MBEDTLS_X509_LIBRARY} + ${MBEDTLS_CRYPTO_LIBRARY}) + +if (${MBEDTLS_TLS_LIBRARY-NOTFOUND}) + message(FATAL_ERROR "Failed to find mbed TLS library") +endif() + +mark_as_advanced( + MBEDSSL_INCLUDE_DIR + MBEDTLS_LIBRRIES + MBEDTLS_CRYPTO_LIBRARY + MBEDTLS_X509_LIBRARY + MBEDTLS_TLS_LIBRARY) + +# Extract the version from the header... hopefully it matches the library. +file(STRINGS ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h _MBEDTLS_VERLINE + REGEX "^#define[ \t]+MBEDTLS_VERSION_STRING[\t ].*") +string(REGEX REPLACE ".*MBEDTLS_VERSION_STRING[\t ]+\"(.*)\"" "\\1" MBEDTLS_VERSION ${_MBEDTLS_VERLINE}) + +find_package_handle_standard_args(mbedTLS + REQUIRED_VARS MBEDTLS_TLS_LIBRARY MBEDTLS_CRYPTO_LIBRARY MBEDTLS_X509_LIBRARY MBEDTLS_INCLUDE_DIR VERSION_VAR MBEDTLS_VERSION) + |