diff --git a/configure.ac b/configure.ac index b204653d9..d7f4c1f45 100644 --- a/configure.ac +++ b/configure.ac @@ -433,35 +433,6 @@ AC_HELP_STRING([--disable-nonblocking],[Disable non-blocking socket detection]), CURL_CHECK_NONBLOCKING_SOCKET ]) -dnl ********************************************************************** -dnl Check for the random seed preferences -dnl ********************************************************************** - -AC_ARG_WITH(egd-socket, -AC_HELP_STRING([--with-egd-socket=FILE], - [Entropy Gathering Daemon socket pathname]), - [ EGD_SOCKET="$withval" ] -) -if test -n "$EGD_SOCKET" ; then - AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET", - [your Entropy Gathering Daemon socket pathname] ) -fi - -dnl Check for user-specified random device -AC_ARG_WITH(random, -AC_HELP_STRING([--with-random=FILE],[read randomness from FILE (default=/dev/urandom)]), - [ RANDOM_FILE="$withval" ], - [ - dnl Check for random device - AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] ) - ] -) -if test -n "$RANDOM_FILE" ; then - AC_SUBST(RANDOM_FILE) - AC_DEFINE_UNQUOTED(RANDOM_FILE, "$RANDOM_FILE", - [a suitable file to read random data from]) -fi - dnl ********************************************************************** dnl Check if the operating system allows programs to write to their own argv[] dnl ********************************************************************** @@ -781,7 +752,10 @@ else ]) - if test "$HAVECRYPTO" = "yes"; then + if test X"$HAVECRYPTO" != X"yes"; then + AC_MSG_WARN([crypto lib was not found; SSL will be disabled]) + + else dnl This is only reasonable to do if crypto actually is there: check for dnl SSL libs NOTE: it is important to do this AFTER the crypto lib @@ -815,27 +789,44 @@ else else AC_MSG_RESULT(yes) fi - fi + else - dnl Check for SSLeay headers - AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ - openssl/pem.h openssl/ssl.h openssl/err.h, - curl_ssl_msg="enabled" - OPENSSL_ENABLED=1) - - if test $ac_cv_header_openssl_x509_h = no; then - AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h, + dnl Have the libraries--check for SSLeay/OpenSSL headers + AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ + openssl/pem.h openssl/ssl.h openssl/err.h, curl_ssl_msg="enabled" - OPENSSL_ENABLED=1) + OPENSSL_ENABLED=1 + AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use])) + + if test $ac_cv_header_openssl_x509_h = no; then + AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h, + curl_ssl_msg="enabled" + OPENSSL_ENABLED=1) + fi fi + USE_SSLEAY="$OPENSSL_ENABLED" + AC_DEFINE_UNQUOTED(USE_SSLEAY, $USE_SSLEAY, [if SSL is enabled]) + AC_SUBST(USE_SSLEAY) + AC_SUBST(USE_OPENSSL) + + if test X"$OPT_SSL" != Xoff && + test "$OPENSSL_ENABLED" != "1"; then + AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!]) + fi + fi + + +dnl ********************************************************************** +dnl Check for the CA bundle +dnl ********************************************************************** + + if test X"$OPENSSL_ENABLED" = X"1"; then dnl If the ENGINE library seems to be around, check for the OpenSSL engine dnl header, it is kind of "separated" from the main SSL check AC_CHECK_FUNC(ENGINE_init, [ AC_CHECK_HEADERS(openssl/engine.h) ]) - AC_SUBST(OPENSSL_ENABLED) - AC_MSG_CHECKING([CA cert bundle install path]) AC_ARG_WITH(ca-bundle, @@ -869,10 +860,7 @@ AC_HELP_STRING([--without-ca-bundle], [Don't install the CA bundle]), fi - if test X"$OPT_SSL" != Xoff && - test "$OPENSSL_ENABLED" != "1"; then - AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!]) - elif test "$OPENSSL_ENABLED" = "1"; then + if test "$OPENSSL_ENABLED" = "1"; then dnl when the ssl shared libs were found in a path that the run-time linker dnl doesn't search through, we need to add it to LD_LIBRARY_PATH to dnl prevent further configure tests to fail due to this @@ -884,6 +872,38 @@ fi AM_CONDITIONAL(CABUNDLE, test x$ca != xno) +dnl ********************************************************************** +dnl Check for the random seed preferences +dnl ********************************************************************** + +if test X"$OPENSSL_ENABLED" = X"1"; then + AC_ARG_WITH(egd-socket, + AC_HELP_STRING([--with-egd-socket=FILE], + [Entropy Gathering Daemon socket pathname]), + [ EGD_SOCKET="$withval" ] + ) + if test -n "$EGD_SOCKET" ; then + AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET", + [your Entropy Gathering Daemon socket pathname] ) + fi + + dnl Check for user-specified random device + AC_ARG_WITH(random, + AC_HELP_STRING([--with-random=FILE], + [read randomness from FILE (default=/dev/urandom)]), + [ RANDOM_FILE="$withval" ], + [ + dnl Check for random device + AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] ) + ] + ) + if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then + AC_SUBST(RANDOM_FILE) + AC_DEFINE_UNQUOTED(RANDOM_FILE, "$RANDOM_FILE", + [a suitable file to read random data from]) + fi +fi + dnl ********************************************************************** dnl Check for the presence of ZLIB libraries and headers dnl ********************************************************************** @@ -1560,7 +1580,8 @@ AC_CONFIG_FILES([Makefile \ packages/EPM/curl.list \ packages/EPM/Makefile \ packages/vms/Makefile \ - curl-config + curl-config \ + libcurl.pc ]) AC_OUTPUT diff --git a/curl-config.in b/curl-config.in index bc8a0128c..ef780273f 100644 --- a/curl-config.in +++ b/curl-config.in @@ -45,19 +45,19 @@ while test $# -gt 0; do case "$1" in --ca) - echo @CURL_CA_BUNDLE@ + echo "@CURL_CA_BUNDLE@" ;; --cc) - echo @CC@ + echo "@CC@" ;; --prefix) - echo $prefix + echo "$prefix" ;; --feature) - if test "@OPENSSL_ENABLED@" = "1"; then + if test "@USE_SSLEAY@" = "1"; then echo "SSL" fi if test "@KRB4_ENABLED@" = "1"; then diff --git a/lib/Makefile.netware b/lib/Makefile.netware index b7554cabb..35c7932ce 100644 --- a/lib/Makefile.netware +++ b/lib/Makefile.netware @@ -353,6 +353,7 @@ ifdef ZLIB_PATH endif ifdef SSL @echo $(DL)#define USE_SSLEAY 1$(DL) >> $@ + @echo $(DL)#define USE_OPENSSL 1$(DL) >> $@ @echo $(DL)#define HAVE_OPENSSL_X509_H 1$(DL) >> $@ @echo $(DL)#define HAVE_OPENSSL_SSL_H 1$(DL) >> $@ @echo $(DL)#define HAVE_OPENSSL_RSA_H 1$(DL) >> $@ diff --git a/lib/config-amigaos.h b/lib/config-amigaos.h index 5d617fe16..387adebf7 100644 --- a/lib/config-amigaos.h +++ b/lib/config-amigaos.h @@ -55,6 +55,9 @@ #define HAVE_WRITABLE_ARGV 1 #define HAVE_ZLIB_H 1 +#define USE_OPENSSL 1 +#define USE_SSLEAY 1 + #define OS "AmigaOS" #define PACKAGE "curl" diff --git a/lib/config-riscos.h b/lib/config-riscos.h index e6e44b0e3..85dec3ea4 100644 --- a/lib/config-riscos.h +++ b/lib/config-riscos.h @@ -53,9 +53,6 @@ /* Define this to your Entropy Gathering Daemon socket pathname */ #undef EGD_SOCKET -/* Define if you have a working OpenSSL installation */ -#undef OPENSSL_ENABLED - /* Set to explicitly specify we don't want to use thread-safe functions */ #define DISABLED_THREADSAFE diff --git a/lib/config-vms.h b/lib/config-vms.h index 83751073d..c9f931f5a 100755 --- a/lib/config-vms.h +++ b/lib/config-vms.h @@ -343,8 +343,11 @@ /* Define if you have the getpass function. */ #undef HAVE_GETPASS -/* Define if you have a working OpenSSL installation */ -#define OPENSSL_ENABLED 1 +/* if OpenSSL is in use */ +#define USE_OPENSSL 1 + +/* if SSL is enabled */ +#define USE_SSLEAY 1 /* Define if you have the `dlopen' function. */ #undef HAVE_DLOPEN diff --git a/lib/config.dj b/lib/config.dj index bfcf9f68c..f2d38d3da 100644 --- a/lib/config.dj +++ b/lib/config.dj @@ -90,6 +90,7 @@ #define HAVE_LIBSSL 1 #define HAVE_LIBCRYPTO 1 #define OPENSSL_NO_KRB5 1 + #define USE_OPENSSL 1 #endif /* Because djgpp <= 2.03 doesn't have snprintf() etc. diff --git a/lib/setup.h b/lib/setup.h index 1c088575c..8530f0224 100644 --- a/lib/setup.h +++ b/lib/setup.h @@ -113,23 +113,6 @@ typedef unsigned char bool; #include #endif -#if defined(HAVE_X509_H) && defined(HAVE_SSL_H) && defined(HAVE_RSA_H) && \ -defined(HAVE_PEM_H) && defined(HAVE_ERR_H) && defined(HAVE_CRYPTO_H) && \ -defined(HAVE_LIBSSL) && defined(HAVE_LIBCRYPTO) - /* the six important includes files all exist and so do both libs, - defined SSLeay usage */ -#define USE_SSLEAY 1 -#endif -#if defined(HAVE_OPENSSL_X509_H) && defined(HAVE_OPENSSL_SSL_H) && \ -defined(HAVE_OPENSSL_RSA_H) && defined(HAVE_OPENSSL_PEM_H) && \ -defined(HAVE_OPENSSL_ERR_H) && defined(HAVE_OPENSSL_CRYPTO_H) && \ -defined(HAVE_LIBSSL) && defined(HAVE_LIBCRYPTO) - /* the six important includes files all exist and so do both libs, - defined SSLeay usage */ -#define USE_SSLEAY 1 -#define USE_OPENSSL 1 -#endif - #ifndef STDC_HEADERS /* no standard C headers! */ #include #endif diff --git a/packages/vms/config-vms.h_with_ssl b/packages/vms/config-vms.h_with_ssl index e47acbe61..e3bc60dac 100755 --- a/packages/vms/config-vms.h_with_ssl +++ b/packages/vms/config-vms.h_with_ssl @@ -123,8 +123,11 @@ /* OpenSSL section starts here */ /* Define if you have a working OpenSSL installation */ -#define OPENSSL_ENABLED 1 -#ifdef OPENSSL_ENABLED +#define USE_SSLEAY 1 +#ifdef USE_SSLEAY + +/* if OpenSSL is in use */ +#define USE_OPENSSL 1 /* Define if you have the crypto library (-lcrypto). */ #define HAVE_LIBCRYPTO 1 diff --git a/packages/vms/config-vms.h_without_ssl b/packages/vms/config-vms.h_without_ssl index 5b87c1dd2..d7649bb83 100755 --- a/packages/vms/config-vms.h_without_ssl +++ b/packages/vms/config-vms.h_without_ssl @@ -123,8 +123,11 @@ /* OpenSSL section starts here */ /* Define if you have a working OpenSSL installation */ -#undef OPENSSL_ENABLED -#ifdef OPENSSL_ENABLED +#undef USE_SSLEAY +#ifdef USE_SSLEAY + +/* if OpenSSL is in use */ +#define USE_OPENSSL 1 /* Define if you have the crypto library (-lcrypto). */ #define HAVE_LIBCRYPTO 1 diff --git a/src/config-riscos.h b/src/config-riscos.h index 46de289b9..166021421 100644 --- a/src/config-riscos.h +++ b/src/config-riscos.h @@ -39,7 +39,7 @@ #undef NEED_REENTRANT /* Define if you have the Kerberos4 libraries (including -ldes) */ -#undef KRB4 +#undef HAVE_KRB4 /* Define if you want to enable IPv6 support */ #undef ENABLE_IPV6 @@ -56,9 +56,6 @@ /* Define this to your Entropy Gathering Daemon socket pathname */ #undef EGD_SOCKET -/* Define if you have a working OpenSSL installation */ -#undef OPENSSL_ENABLED - /* Set to explicitly specify we don't want to use thread-safe functions */ #define DISABLED_THREADSAFE