- libssl, from OpenSSL (http://www.openssl.org/), is optional but
recommended. libssl is required to establish confidentiality
and authenticity in the connections among OpenFlow switches and
- controllers.
+ controllers. To enable, compile with --enable-ssl=yes
If you are working from a Git tree or snapshot (instead of from a
distribution tarball), or if you modify the OpenFlow build system, you
The instructions above set up OpenFlow for operation over a plaintext
TCP connection. Production use of OpenFlow should use SSL[*] to
ensure confidentiality and authenticity of traffic among switches and
-controllers.
+controllers. The source must be configured with --enable-ssl=yes to
+build with ssl support.
To use SSL with OpenFlow, you must set up a public-key infrastructure
(PKI) including a pair of certificate authorities (CAs), one for
[Define to 1 if net/if_packet.h is available.])
fi
+AC_ARG_ENABLE(
+ [ssl],
+ [AC_HELP_STRING([--enable-ssl],
+ [Enable ssl support (requires libssl)])],
+ [case "${enableval}" in # (
+ yes) ssl=true ;; # (
+ no) ssl=false ;; # (
+ *) AC_MSG_ERROR([bad value ${enableval} for --enable-ssl]) ;;
+ esac],
+ [ssl=false])
+
+if test "$ssl" = true; then
PKG_CHECK_MODULES([SSL], [libssl],
[HAVE_OPENSSL=yes],
[HAVE_OPENSSL=no
$SSL_PKG_ERRORS
OpenFlow will not support SSL connections.])])
+
+fi
AM_CONDITIONAL([HAVE_OPENSSL], [test "$HAVE_OPENSSL" = yes])
if test "$HAVE_OPENSSL" = yes; then
AC_DEFINE([HAVE_OPENSSL], [1], [Define to 1 if OpenSSL is installed.])
bin_PROGRAMS = controller
controller_SOURCES = controller.c
-controller_LDADD = ../lib/libopenflow.la
+controller_LDADD = ../lib/libopenflow.la -ldl
bin_PROGRAMS = secchan
secchan_SOURCES = secchan.c
-secchan_LDADD = ../lib/libopenflow.la
+secchan_LDADD = ../lib/libopenflow.la -ldl
table-linear.c \
table-mac.c
-switch_LDADD = ../lib/libopenflow.la
+switch_LDADD = ../lib/libopenflow.la -ldl
projects / openvswitch / commitdiff