1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-10 21:48:10 -05:00

configure: split out each TLS library detector into its own function

... and put those functions in separate m4 files per TLS library.
This commit is contained in:
Daniel Stenberg 2021-04-15 11:17:29 +02:00
parent 68d89f242c
commit ee36e86ce8
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
12 changed files with 1437 additions and 1202 deletions

File diff suppressed because it is too large Load Diff

47
m4/curl-amissl.m4 Normal file
View File

@ -0,0 +1,47 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_AMISSL], [
AC_MSG_CHECKING([whether to enable Amiga native SSL/TLS (AmiSSL)])
if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then
if test "x$OPT_AMISSL" != xno; then
ssl_msg=
if test "x$OPT_AMISSL" != "xno"; then
AC_MSG_RESULT(yes)
ssl_msg="AmiSSL"
test amissl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
AMISSL_ENABLED=1
LIBS="-lamisslauto $LIBS"
AC_DEFINE(USE_AMISSL, 1, [if AmiSSL is in use])
AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use])
else
AC_MSG_RESULT(no)
fi
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
else
AC_MSG_RESULT(no)
fi
else
AC_MSG_RESULT(no)
fi
])

108
m4/curl-bearssl.m4 Normal file
View File

@ -0,0 +1,108 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_BEARSSL], [
dnl ----------------------------------------------------
dnl check for BearSSL
dnl ----------------------------------------------------
if test "x$OPT_BEARSSL" != xno; then
_cppflags=$CPPFLAGS
_ldflags=$LDFLAGS
ssl_msg=
if test X"$OPT_BEARSSL" != Xno; then
if test "$OPT_BEARSSL" = "yes"; then
OPT_BEARSSL=""
fi
if test -z "$OPT_BEARSSL" ; then
dnl check for lib first without setting any new path
AC_CHECK_LIB(bearssl, br_ssl_client_init_full,
dnl libbearssl found, set the variable
[
AC_DEFINE(USE_BEARSSL, 1, [if BearSSL is enabled])
AC_SUBST(USE_BEARSSL, [1])
BEARSSL_ENABLED=1
USE_BEARSSL="yes"
ssl_msg="BearSSL"
test bearssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
], [], -lbearssl)
fi
addld=""
addlib=""
addcflags=""
bearssllib=""
if test "x$USE_BEARSSL" != "xyes"; then
dnl add the path and test again
addld=-L$OPT_BEARSSL/lib$libsuff
addcflags=-I$OPT_BEARSSL/include
bearssllib=$OPT_BEARSSL/lib$libsuff
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
AC_CHECK_LIB(bearssl, br_ssl_client_init_full,
[
AC_DEFINE(USE_BEARSSL, 1, [if BearSSL is enabled])
AC_SUBST(USE_BEARSSL, [1])
BEARSSL_ENABLED=1
USE_BEARSSL="yes"
ssl_msg="BearSSL"
test bearssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
CPPFLAGS=$_cppflags
LDFLAGS=$_ldflags
], -lbearssl)
fi
if test "x$USE_BEARSSL" = "xyes"; then
AC_MSG_NOTICE([detected BearSSL])
check_for_ca_bundle=1
LIBS="-lbearssl $LIBS"
if test -n "$bearssllib"; then
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$bearssllib"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $bearssllib to CURL_LIBRARY_PATH])
fi
fi
fi
fi dnl BearSSL not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
])

165
m4/curl-gnutls.m4 Normal file
View File

@ -0,0 +1,165 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
dnl ----------------------------------------------------
dnl check for GnuTLS
dnl ----------------------------------------------------
AC_DEFUN([CURL_WITH_GNUTLS], [
if test "x$OPT_GNUTLS" != xno; then
ssl_msg=
if test X"$OPT_GNUTLS" != Xno; then
addld=""
addlib=""
gtlslib=""
version=""
addcflags=""
if test "x$OPT_GNUTLS" = "xyes"; then
dnl this is with no partiular path given
CURL_CHECK_PKGCONFIG(gnutls)
if test "$PKGCONFIG" != "no" ; then
addlib=`$PKGCONFIG --libs-only-l gnutls`
addld=`$PKGCONFIG --libs-only-L gnutls`
addcflags=`$PKGCONFIG --cflags-only-I gnutls`
version=`$PKGCONFIG --modversion gnutls`
gtlslib=`echo $addld | $SED -e 's/^-L//'`
else
dnl without pkg-config, we try libgnutls-config as that was how it
dnl used to be done
check=`libgnutls-config --version 2>/dev/null`
if test -n "$check"; then
addlib=`libgnutls-config --libs`
addcflags=`libgnutls-config --cflags`
version=`libgnutls-config --version`
gtlslib=`libgnutls-config --prefix`/lib$libsuff
fi
fi
else
dnl this is with a given path, first check if there's a libgnutls-config
dnl there and if not, make an educated guess
cfg=$OPT_GNUTLS/bin/libgnutls-config
check=`$cfg --version 2>/dev/null`
if test -n "$check"; then
addlib=`$cfg --libs`
addcflags=`$cfg --cflags`
version=`$cfg --version`
gtlslib=`$cfg --prefix`/lib$libsuff
else
dnl without pkg-config and libgnutls-config, we guess a lot!
addlib=-lgnutls
addld=-L$OPT_GNUTLS/lib$libsuff
addcflags=-I$OPT_GNUTLS/include
version="" # we just don't know
gtlslib=$OPT_GNUTLS/lib$libsuff
fi
fi
if test -z "$version"; then
dnl lots of efforts, still no go
version="unknown"
fi
if test -n "$addlib"; then
CLEANLIBS="$LIBS"
CLEANCPPFLAGS="$CPPFLAGS"
CLEANLDFLAGS="$LDFLAGS"
LIBS="$addlib $LIBS"
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
dnl this function is selected since it was introduced in 3.1.10
AC_CHECK_LIB(gnutls, gnutls_x509_crt_get_dn2,
[
AC_DEFINE(USE_GNUTLS, 1, [if GnuTLS is enabled])
AC_SUBST(USE_GNUTLS, [1])
GNUTLS_ENABLED=1
USE_GNUTLS="yes"
ssl_msg="GnuTLS"
test gnutls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
LIBS="$CLEANLIBS"
CPPFLAGS="$CLEANCPPFLAGS"
])
if test "x$USE_GNUTLS" = "xyes"; then
AC_MSG_NOTICE([detected GnuTLS version $version])
check_for_ca_bundle=1
if test -n "$gtlslib"; then
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$gtlslib"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $gtlslib to CURL_LIBRARY_PATH])
fi
fi
fi
fi
fi dnl GNUTLS not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
dnl ---
dnl Check which crypto backend GnuTLS uses
dnl ---
if test "$GNUTLS_ENABLED" = "1"; then
USE_GNUTLS_NETTLE=
# First check if we can detect either crypto library via transitive linking
AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
# If not, try linking directly to both of them to see if they are available
if test "$USE_GNUTLS_NETTLE" = ""; then
AC_CHECK_LIB(nettle, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
fi
if test "$USE_GNUTLS_NETTLE" = ""; then
AC_MSG_ERROR([GnuTLS found, but nettle was not found])
fi
LIBS="-lnettle $LIBS"
fi
dnl ---
dnl We require GnuTLS with SRP support.
dnl ---
if test "$GNUTLS_ENABLED" = "1"; then
AC_CHECK_LIB(gnutls, gnutls_srp_verifier,
[
AC_DEFINE(HAVE_GNUTLS_SRP, 1, [if you have the function gnutls_srp_verifier])
AC_SUBST(HAVE_GNUTLS_SRP, [1])
])
fi
])

109
m4/curl-mbedtls.m4 Normal file
View File

@ -0,0 +1,109 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
dnl ----------------------------------------------------
dnl check for mbedTLS
dnl ----------------------------------------------------
AC_DEFUN([CURL_WITH_MBEDTLS], [
if test "x$OPT_MBEDTLS" != xno; then
_cppflags=$CPPFLAGS
_ldflags=$LDFLAGS
ssl_msg=
if test X"$OPT_MBEDTLS" != Xno; then
if test "$OPT_MBEDTLS" = "yes"; then
OPT_MBEDTLS=""
fi
if test -z "$OPT_MBEDTLS" ; then
dnl check for lib first without setting any new path
AC_CHECK_LIB(mbedtls, mbedtls_havege_init,
dnl libmbedtls found, set the variable
[
AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled])
AC_SUBST(USE_MBEDTLS, [1])
MBEDTLS_ENABLED=1
USE_MBEDTLS="yes"
ssl_msg="mbedTLS"
test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
], [], -lmbedx509 -lmbedcrypto)
fi
addld=""
addlib=""
addcflags=""
mbedtlslib=""
if test "x$USE_MBEDTLS" != "xyes"; then
dnl add the path and test again
addld=-L$OPT_MBEDTLS/lib$libsuff
addcflags=-I$OPT_MBEDTLS/include
mbedtlslib=$OPT_MBEDTLS/lib$libsuff
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
AC_CHECK_LIB(mbedtls, mbedtls_ssl_init,
[
AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled])
AC_SUBST(USE_MBEDTLS, [1])
MBEDTLS_ENABLED=1
USE_MBEDTLS="yes"
ssl_msg="mbedTLS"
test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
CPPFLAGS=$_cppflags
LDFLAGS=$_ldflags
], -lmbedx509 -lmbedcrypto)
fi
if test "x$USE_MBEDTLS" = "xyes"; then
AC_MSG_NOTICE([detected mbedTLS])
check_for_ca_bundle=1
LIBS="-lmbedtls -lmbedx509 -lmbedcrypto $LIBS"
if test -n "$mbedtlslib"; then
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$mbedtlslib"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $mbedtlslib to CURL_LIBRARY_PATH])
fi
fi
fi
fi dnl mbedTLS not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
])

107
m4/curl-mesalink.m4 Normal file
View File

@ -0,0 +1,107 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_MESALINK], [
dnl ----------------------------------------------------
dnl check for MesaLink
dnl ----------------------------------------------------
if test "x$OPT_MESALINK" != xno; then
_cppflags=$CPPFLAGS
_ldflags=$LDFLAGS
ssl_msg=
if test X"$OPT_MESALINK" != Xno; then
if test "$OPT_MESALINK" = "yes"; then
OPT_MESALINK=""
fi
if test -z "$OPT_MESALINK" ; then
dnl check for lib first without setting any new path
AC_CHECK_LIB(mesalink, mesalink_library_init,
dnl libmesalink found, set the variable
[
AC_DEFINE(USE_MESALINK, 1, [if MesaLink is enabled])
AC_SUBST(USE_MESALINK, [1])
MESALINK_ENABLED=1
USE_MESALINK="yes"
ssl_msg="MesaLink"
test mesalink != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
])
fi
addld=""
addlib=""
addcflags=""
mesalinklib=""
if test "x$USE_MESALINK" != "xyes"; then
dnl add the path and test again
addld=-L$OPT_MESALINK/lib$libsuff
addcflags=-I$OPT_MESALINK/include
mesalinklib=$OPT_MESALINK/lib$libsuff
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
AC_CHECK_LIB(mesalink, mesalink_library_init,
[
AC_DEFINE(USE_MESALINK, 1, [if MesaLink is enabled])
AC_SUBST(USE_MESALINK, [1])
MESALINK_ENABLED=1
USE_MESALINK="yes"
ssl_msg="MesaLink"
test mesalink != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
CPPFLAGS=$_cppflags
LDFLAGS=$_ldflags
])
fi
if test "x$USE_MESALINK" = "xyes"; then
AC_MSG_NOTICE([detected MesaLink])
LIBS="-lmesalink $LIBS"
if test -n "$mesalinklib"; then
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl LD_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$mesalinklib"
export LD_LIBRARY_PATH
AC_MSG_NOTICE([Added $mesalinklib to LD_LIBRARY_PATH])
fi
fi
fi
fi dnl MesaLink not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
])

142
m4/curl-nss.m4 Normal file
View File

@ -0,0 +1,142 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_NSS], [
if test "x$OPT_NSS" != xno; then
ssl_msg=
if test X"$OPT_NSS" != Xno; then
addld=""
addlib=""
addcflags=""
nssprefix=""
version=""
if test "x$OPT_NSS" = "xyes"; then
CURL_CHECK_PKGCONFIG(nss)
if test "$PKGCONFIG" != "no" ; then
addlib=`$PKGCONFIG --libs nss`
addcflags=`$PKGCONFIG --cflags nss`
version=`$PKGCONFIG --modversion nss`
nssprefix=`$PKGCONFIG --variable=prefix nss`
else
dnl Without pkg-config, we check for nss-config
check=`nss-config --version 2>/dev/null`
if test -n "$check"; then
addlib=`nss-config --libs`
addcflags=`nss-config --cflags`
version=`nss-config --version`
nssprefix=`nss-config --prefix`
else
addlib="-lnss3"
addcflags=""
version="unknown"
fi
fi
else
NSS_PCDIR="$OPT_NSS/lib/pkgconfig"
if test -f "$NSS_PCDIR/nss.pc"; then
CURL_CHECK_PKGCONFIG(nss, [$NSS_PCDIR])
if test "$PKGCONFIG" != "no" ; then
addld=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-L nss`
addlib=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-l nss`
addcflags=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --cflags nss`
version=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --modversion nss`
nssprefix=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --variable=prefix nss`
fi
fi
fi
if test -z "$addlib"; then
# Without pkg-config, we'll kludge in some defaults
AC_MSG_WARN([Using hard-wired libraries and compilation flags for NSS.])
addld="-L$OPT_NSS/lib"
addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
addcflags="-I$OPT_NSS/include"
version="unknown"
nssprefix=$OPT_NSS
fi
CLEANLDFLAGS="$LDFLAGS"
CLEANLIBS="$LIBS"
CLEANCPPFLAGS="$CPPFLAGS"
LDFLAGS="$addld $LDFLAGS"
LIBS="$addlib $LIBS"
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
[
AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
AC_SUBST(USE_NSS, [1])
USE_NSS="yes"
NSS_ENABLED=1
ssl_msg="NSS"
test nss != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
LDFLAGS="$CLEANLDFLAGS"
LIBS="$CLEANLIBS"
CPPFLAGS="$CLEANCPPFLAGS"
])
if test "x$USE_NSS" = "xyes"; then
AC_MSG_NOTICE([detected NSS version $version])
dnl PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because
dnl PK11_DestroyGenericObject() does not release resources allocated by
dnl PK11_CreateGenericObject() early enough.
AC_CHECK_FUNC(PK11_CreateManagedGenericObject,
[
AC_DEFINE(HAVE_PK11_CREATEMANAGEDGENERICOBJECT, 1,
[if you have the PK11_CreateManagedGenericObject function])
])
dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
NSS_LIBS=$addlib
AC_SUBST([NSS_LIBS])
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$nssprefix/lib$libsuff"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to CURL_LIBRARY_PATH])
fi
fi dnl NSS found
fi dnl NSS not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
])

View File

@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___ # | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____| # \___|\___/|_| \_\_____|
# #
# Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. # Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
# #
# This software is licensed as described in the file COPYING, which # This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms # you should have received as part of this distribution. The terms
@ -276,3 +276,378 @@ AC_DEFUN([CURL_CHECK_OPENSSL_API], [
AC_MSG_WARN([$tst_warns]) AC_MSG_WARN([$tst_warns])
fi fi
]) ])
dnl **********************************************************************
dnl Check for OpenSSL libraries and headers
dnl **********************************************************************
AC_DEFUN([CURL_WITH_OPENSSL], [
if test "x$OPT_OPENSSL" != xno; then
ssl_msg=
dnl backup the pre-ssl variables
CLEANLDFLAGS="$LDFLAGS"
CLEANCPPFLAGS="$CPPFLAGS"
CLEANLIBS="$LIBS"
dnl This is for Msys/Mingw
case $host in
*-*-msys* | *-*-mingw*)
AC_MSG_CHECKING([for gdi32])
my_ac_save_LIBS=$LIBS
LIBS="-lgdi32 $LIBS"
AC_LINK_IFELSE([ AC_LANG_PROGRAM([[
#include <windef.h>
#include <wingdi.h>
]],
[[
GdiFlush();
]])],
[ dnl worked!
AC_MSG_RESULT([yes])],
[ dnl failed, restore LIBS
LIBS=$my_ac_save_LIBS
AC_MSG_RESULT(no)]
)
;;
esac
case "$OPT_OPENSSL" in
yes)
dnl --with-openssl (without path) used
PKGTEST="yes"
PREFIX_OPENSSL=
;;
*)
dnl check the given --with-openssl spot
PKGTEST="no"
PREFIX_OPENSSL=$OPT_OPENSSL
dnl Try pkg-config even when cross-compiling. Since we
dnl specify PKG_CONFIG_LIBDIR we're only looking where
dnl the user told us to look
OPENSSL_PCDIR="$OPT_OPENSSL/lib/pkgconfig"
if test -f "$OPENSSL_PCDIR/openssl.pc"; then
AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$OPENSSL_PCDIR"])
PKGTEST="yes"
elif test ! -f "$PREFIX_OPENSSL/include/openssl/ssl.h"; then
AC_MSG_ERROR([$PREFIX_OPENSSL is a bad --with-openssl prefix!])
fi
dnl in case pkg-config comes up empty, use what we got
dnl via --with-openssl
LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff"
if test "$PREFIX_OPENSSL" != "/usr" ; then
SSL_LDFLAGS="-L$LIB_OPENSSL"
SSL_CPPFLAGS="-I$PREFIX_OPENSSL/include"
fi
SSL_CPPFLAGS="$SSL_CPPFLAGS -I$PREFIX_OPENSSL/include/openssl"
;;
esac
if test "$PKGTEST" = "yes"; then
CURL_CHECK_PKGCONFIG(openssl, [$OPENSSL_PCDIR])
if test "$PKGCONFIG" != "no" ; then
SSL_LIBS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
$PKGCONFIG --libs-only-l --libs-only-other openssl 2>/dev/null`
SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
$PKGCONFIG --libs-only-L openssl 2>/dev/null`
SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
$PKGCONFIG --cflags-only-I openssl 2>/dev/null`
AC_SUBST(SSL_LIBS)
AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"])
AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"])
AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"])
LIB_OPENSSL=`echo $SSL_LDFLAGS | sed -e 's/^-L//'`
dnl use the values pkg-config reported. This is here
dnl instead of below with CPPFLAGS and LDFLAGS because we only
dnl learn about this via pkg-config. If we only have
dnl the argument to --with-openssl we don't know what
dnl additional libs may be necessary. Hope that we
dnl don't need any.
LIBS="$SSL_LIBS $LIBS"
fi
fi
dnl finally, set flags to use SSL
CPPFLAGS="$CPPFLAGS $SSL_CPPFLAGS"
LDFLAGS="$LDFLAGS $SSL_LDFLAGS"
AC_CHECK_LIB(crypto, HMAC_Update,[
HAVECRYPTO="yes"
LIBS="-lcrypto $LIBS"
],[
if test -n "$LIB_OPENSSL" ; then
LDFLAGS="$CLEANLDFLAGS -L$LIB_OPENSSL"
fi
if test "$PKGCONFIG" = "no" -a -n "$PREFIX_OPENSSL" ; then
# only set this if pkg-config wasn't used
CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include/openssl -I$PREFIX_OPENSSL/include"
fi
# Linking previously failed, try extra paths from --with-openssl or
# pkg-config. Use a different function name to avoid reusing the earlier
# cached result.
AC_CHECK_LIB(crypto, HMAC_Init_ex,[
HAVECRYPTO="yes"
LIBS="-lcrypto $LIBS"], [
dnl still no, but what about with -ldl?
AC_MSG_CHECKING([OpenSSL linking with -ldl])
LIBS="$CLEANLIBS -lcrypto -ldl"
AC_LINK_IFELSE([ AC_LANG_PROGRAM([[
#include <openssl/err.h>
]], [[
ERR_clear_error();
]]) ],
[
AC_MSG_RESULT(yes)
HAVECRYPTO="yes"
],
[
AC_MSG_RESULT(no)
dnl ok, so what about both -ldl and -lpthread?
dnl This may be necessary for static libraries.
AC_MSG_CHECKING([OpenSSL linking with -ldl and -lpthread])
LIBS="$CLEANLIBS -lcrypto -ldl -lpthread"
AC_LINK_IFELSE([
AC_LANG_PROGRAM([[
#include <openssl/err.h>
]], [[
ERR_clear_error();
]])],
[
AC_MSG_RESULT(yes)
HAVECRYPTO="yes"
],
[
AC_MSG_RESULT(no)
LDFLAGS="$CLEANLDFLAGS"
CPPFLAGS="$CLEANCPPFLAGS"
LIBS="$CLEANLIBS"
])
])
])
])
if test X"$HAVECRYPTO" = X"yes"; then
dnl This is only reasonable to do if crypto actually is there: check for
dnl SSL libs NOTE: it is important to do this AFTER the crypto lib
AC_CHECK_LIB(ssl, SSL_connect)
if test "$ac_cv_lib_ssl_SSL_connect" != yes; then
dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff
AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use);
OLIBS=$LIBS
LIBS="-lRSAglue -lrsaref $LIBS"
AC_CHECK_LIB(ssl, SSL_connect)
if test "$ac_cv_lib_ssl_SSL_connect" != yes; then
dnl still no SSL_connect
AC_MSG_RESULT(no)
LIBS=$OLIBS
else
AC_MSG_RESULT(yes)
fi
else
dnl Have the libraries--check for OpenSSL headers
AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
openssl/pem.h openssl/ssl.h openssl/err.h,
ssl_msg="OpenSSL"
test openssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
OPENSSL_ENABLED=1
AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use]))
if test $ac_cv_header_openssl_x509_h = no; then
dnl we don't use the "action" part of the AC_CHECK_HEADERS macro
dnl since 'err.h' might in fact find a krb4 header with the same
dnl name
AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h)
if test $ac_cv_header_x509_h = yes &&
test $ac_cv_header_crypto_h = yes &&
test $ac_cv_header_ssl_h = yes; then
dnl three matches
ssl_msg="OpenSSL"
OPENSSL_ENABLED=1
fi
fi
fi
if test X"$OPENSSL_ENABLED" != X"1"; then
LIBS="$CLEANLIBS"
fi
if test X"$OPT_OPENSSL" != Xoff &&
test "$OPENSSL_ENABLED" != "1"; then
AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!])
fi
fi
if test X"$OPENSSL_ENABLED" = X"1"; then
dnl These can only exist if OpenSSL exists
dnl OpenSSL_version is introduced in 3.0.0
AC_CHECK_FUNCS( RAND_egd \
SSLv2_client_method \
OpenSSL_version )
AC_MSG_CHECKING([for BoringSSL])
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#include <openssl/base.h>
]],[[
#ifndef OPENSSL_IS_BORINGSSL
#error not boringssl
#endif
]])
],[
AC_MSG_RESULT([yes])
AC_DEFINE_UNQUOTED(HAVE_BORINGSSL, 1,
[Define to 1 if using BoringSSL.])
ssl_msg="BoringSSL"
],[
AC_MSG_RESULT([no])
])
AC_MSG_CHECKING([for libressl])
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#include <openssl/opensslv.h>
]],[[
int dummy = LIBRESSL_VERSION_NUMBER;
]])
],[
AC_MSG_RESULT([yes])
AC_DEFINE_UNQUOTED(HAVE_LIBRESSL, 1,
[Define to 1 if using libressl.])
ssl_msg="libressl"
],[
AC_MSG_RESULT([no])
])
AC_MSG_CHECKING([for OpenSSL >= v3])
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#include <openssl/opensslv.h>
]],[[
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
return 0;
#else
#error older than 3
#endif
]])
],[
AC_MSG_RESULT([yes])
AC_DEFINE_UNQUOTED(HAVE_OPENSSL3, 1,
[Define to 1 if using OpenSSL 3 or later.])
dnl OpenSSLv3 marks the DES functions deprecated but we have no
dnl replacements (yet) so tell the compiler to not warn for them
dnl
dnl Ask OpenSSL to suppress the warnings.
CPPFLAGS="$CPPFLAGS -DOPENSSL_SUPPRESS_DEPRECATED"
ssl_msg="OpenSSL v3+"
],[
AC_MSG_RESULT([no])
])
fi
if test "$OPENSSL_ENABLED" = "1"; then
if test -n "$LIB_OPENSSL"; then
dnl when the ssl shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH
dnl to prevent further configure tests to fail due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_OPENSSL"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $LIB_OPENSSL to CURL_LIBRARY_PATH])
fi
fi
CURL_CHECK_OPENSSL_API
check_for_ca_bundle=1
fi
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
if test X"$OPT_OPENSSL" != Xno &&
test "$OPENSSL_ENABLED" != "1"; then
AC_MSG_NOTICE([OPT_OPENSSL: $OPT_OPENSSL])
AC_MSG_NOTICE([OPENSSL_ENABLED: $OPENSSL_ENABLED])
AC_MSG_ERROR([--with-openssl was given but OpenSSL could not be detected])
fi
dnl **********************************************************************
dnl Check for the random seed preferences
dnl **********************************************************************
if test X"$OPENSSL_ENABLED" = X"1"; then
AC_ARG_WITH(egd-socket,
AS_HELP_STRING([--with-egd-socket=FILE],
[Entropy Gathering Daemon socket pathname]),
[ EGD_SOCKET="$withval" ]
)
if test -n "$EGD_SOCKET" ; then
AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET",
[your Entropy Gathering Daemon socket pathname] )
fi
dnl Check for user-specified random device
AC_ARG_WITH(random,
AS_HELP_STRING([--with-random=FILE],
[read randomness from FILE (default=/dev/urandom)]),
[ RANDOM_FILE="$withval" ],
[
if test x$cross_compiling != xyes; then
dnl Check for random device
AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] )
else
AC_MSG_WARN([skipped the /dev/urandom detection when cross-compiling])
fi
]
)
if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then
AC_SUBST(RANDOM_FILE)
AC_DEFINE_UNQUOTED(RANDOM_FILE, "$RANDOM_FILE",
[a suitable file to read random data from])
fi
fi
dnl ---
dnl We require OpenSSL with SRP support.
dnl ---
if test "$OPENSSL_ENABLED" = "1"; then
AC_CHECK_LIB(crypto, SRP_Calc_client_key,
[
AC_DEFINE(HAVE_OPENSSL_SRP, 1, [if you have the function SRP_Calc_client_key])
AC_SUBST(HAVE_OPENSSL_SRP, [1])
])
fi
dnl ---
dnl Whether the OpenSSL configuration will be loaded automatically
dnl ---
if test X"$OPENSSL_ENABLED" = X"1"; then
AC_ARG_ENABLE(openssl-auto-load-config,
AS_HELP_STRING([--enable-openssl-auto-load-config],[Enable automatic loading of OpenSSL configuration])
AS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading of OpenSSL configuration]),
[ if test X"$enableval" = X"no"; then
AC_MSG_NOTICE([automatic loading of OpenSSL configuration disabled])
AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration won't be loaded automatically])
fi
])
fi
])

106
m4/curl-rustls.m4 Normal file
View File

@ -0,0 +1,106 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_RUSTLS], [
dnl ----------------------------------------------------
dnl check for rustls
dnl ----------------------------------------------------
if test "x$OPT_RUSTLS" != xno; then
_cppflags=$CPPFLAGS
_ldflags=$LDFLAGS
ssl_msg=
if test X"$OPT_RUSTLS" != Xno; then
if test "$OPT_RUSTLS" = "yes"; then
OPT_RUSTLS=""
fi
if test -z "$OPT_RUSTLS" ; then
dnl check for lib first without setting any new path
AC_CHECK_LIB(crustls, rustls_client_session_read,
dnl libcrustls found, set the variable
[
AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled])
AC_SUBST(USE_RUSTLS, [1])
RUSTLS_ENABLED=1
USE_RUSTLS="yes"
ssl_msg="rustls"
test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
], [], -lpthread -ldl)
fi
addld=""
addlib="-lpthread"
addcflags=""
bearssllib=""
if test "x$USE_RUSTLS" != "xyes"; then
dnl add the path and test again
addld=-L$OPT_RUSTLS/lib$libsuff
addcflags=-I$OPT_RUSTLS/include
rustlslib=$OPT_RUSTLS/lib$libsuff
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
AC_CHECK_LIB(crustls, rustls_client_session_read,
[
AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled])
AC_SUBST(USE_RUSTLS, [1])
RUSTLS_ENABLED=1
USE_RUSTLS="yes"
ssl_msg="rustls"
test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]),
-lpthread -ldl)
fi
if test "x$USE_RUSTLS" = "xyes"; then
AC_MSG_NOTICE([detected rustls])
check_for_ca_bundle=1
LIBS="-lcrustls -lpthread -ldl $LIBS"
if test -n "$rustlslib"; then
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$rustlslib"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $rustlslib to CURL_LIBRARY_PATH])
fi
fi
fi
fi dnl rustls not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
])

46
m4/curl-schannel.m4 Normal file
View File

@ -0,0 +1,46 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_SCHANNEL], [
AC_MSG_CHECKING([whether to enable Windows native SSL/TLS])
if test "x$OPT_SCHANNEL" != xno; then
ssl_msg=
if test "x$OPT_SCHANNEL" != "xno" &&
test "x$curl_cv_native_windows" = "xyes"; then
AC_MSG_RESULT(yes)
AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support])
AC_SUBST(USE_SCHANNEL, [1])
ssl_msg="Schannel"
test schannel != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
SCHANNEL_ENABLED=1
# --with-schannel implies --enable-sspi
AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support])
AC_SUBST(USE_WINDOWS_SSPI, [1])
curl_sspi_msg="enabled"
else
AC_MSG_RESULT(no)
fi
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
else
AC_MSG_RESULT(no)
fi
])

43
m4/curl-sectransp.m4 Normal file
View File

@ -0,0 +1,43 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_SECURETRANSPORT], [
AC_MSG_CHECKING([whether to enable Secure Transport])
if test "x$OPT_SECURETRANSPORT" != xno; then
if test "x$OPT_SECURETRANSPORT" != "xno" &&
(test "x$cross_compiling" != "xno" || test -d "/System/Library/Frameworks/Security.framework"); then
AC_MSG_RESULT(yes)
AC_DEFINE(USE_SECTRANSP, 1, [enable Secure Transport])
AC_SUBST(USE_SECTRANSP, [1])
ssl_msg="Secure Transport"
test secure-transport != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
SECURETRANSPORT_ENABLED=1
LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
else
AC_MSG_RESULT(no)
fi
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
else
AC_MSG_RESULT(no)
fi
])

177
m4/curl-wolfssl.m4 Normal file
View File

@ -0,0 +1,177 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
#***************************************************************************
AC_DEFUN([CURL_WITH_WOLFSSL], [
dnl ----------------------------------------------------
dnl check for wolfSSL
dnl ----------------------------------------------------
case "$OPT_WOLFSSL" in
yes|no)
wolfpkg=""
;;
*)
wolfpkg="$withval/lib/pkgconfig"
;;
esac
if test "x$OPT_WOLFSSL" != xno; then
_cppflags=$CPPFLAGS
_ldflags=$LDFLAGS
ssl_msg=
if test X"$OPT_WOLFSSL" != Xno; then
if test "$OPT_WOLFSSL" = "yes"; then
OPT_WOLFSSL=""
fi
dnl try pkg-config magic
CURL_CHECK_PKGCONFIG(wolfssl, [$wolfpkg])
AC_MSG_NOTICE([Check dir $wolfpkg])
addld=""
addlib=""
addcflags=""
if test "$PKGCONFIG" != "no" ; then
addlib=`CURL_EXPORT_PCDIR([$wolfpkg])
$PKGCONFIG --libs-only-l wolfssl`
addld=`CURL_EXPORT_PCDIR([$wolfpkg])
$PKGCONFIG --libs-only-L wolfssl`
addcflags=`CURL_EXPORT_PCDIR([$wolfpkg])
$PKGCONFIG --cflags-only-I wolfssl`
version=`CURL_EXPORT_PCDIR([$wolfpkg])
$PKGCONFIG --modversion wolfssl`
wolfssllibpath=`echo $addld | $SED -e 's/^-L//'`
else
addlib=-lwolfssl
dnl use system defaults if user does not supply a path
if test -n "$OPT_WOLFSSL"; then
addld=-L$OPT_WOLFSSL/lib$libsuff
addcflags=-I$OPT_WOLFSSL/include
wolfssllibpath=$OPT_WOLFSSL/lib$libsuff
fi
fi
if test "x$USE_WOLFSSL" != "xyes"; then
LDFLAGS="$LDFLAGS $addld"
AC_MSG_NOTICE([Add $addld to LDFLAGS])
if test "$addcflags" != "-I/usr/include"; then
CPPFLAGS="$CPPFLAGS $addcflags"
AC_MSG_NOTICE([Add $addcflags to CPPFLAGS])
fi
my_ac_save_LIBS="$LIBS"
LIBS="$addlib $LIBS"
AC_MSG_NOTICE([Add $addlib to LIBS])
AC_MSG_CHECKING([for wolfSSL_Init in -lwolfssl])
AC_LINK_IFELSE([
AC_LANG_PROGRAM([[
/* These aren't needed for detection and confuse WolfSSL.
They are set up properly later if it is detected. */
#undef SIZEOF_LONG
#undef SIZEOF_LONG_LONG
#include <wolfssl/ssl.h>
]],[[
return wolfSSL_Init();
]])
],[
AC_MSG_RESULT(yes)
AC_DEFINE(USE_WOLFSSL, 1, [if wolfSSL is enabled])
AC_SUBST(USE_WOLFSSL, [1])
WOLFSSL_ENABLED=1
USE_WOLFSSL="yes"
ssl_msg="WolfSSL"
test wolfssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
AC_MSG_RESULT(no)
CPPFLAGS=$_cppflags
LDFLAGS=$_ldflags
wolfssllibpath=""
])
LIBS="$my_ac_save_LIBS"
fi
if test "x$USE_WOLFSSL" = "xyes"; then
AC_MSG_NOTICE([detected wolfSSL])
check_for_ca_bundle=1
dnl wolfssl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
AX_COMPILE_CHECK_SIZEOF(long long)
LIBS="$addlib -lm $LIBS"
dnl Recent WolfSSL versions build without SSLv3 by default
dnl WolfSSL needs configure --enable-opensslextra to have *get_peer*
dnl DES* is needed for NTLM support and lives in the OpenSSL compatibility
dnl layer
AC_CHECK_FUNCS(wolfSSLv3_client_method \
wolfSSL_get_peer_certificate \
wolfSSL_UseALPN )
dnl if this symbol is present, we want the include path to include the
dnl OpenSSL API root as well
AC_CHECK_FUNC(wolfSSL_DES_ecb_encrypt,
[
AC_DEFINE(HAVE_WOLFSSL_DES_ECB_ENCRYPT, 1,
[if you have wolfSSL_DES_ecb_encrypt])
if test -n "$addcflags"; then
dnl use a for loop to strip off whitespace
for f in $addcflags; do
CPPFLAGS="$f/wolfssl $CPPFLAGS"
AC_MSG_NOTICE([Add $f/wolfssl to CPPFLAGS])
break
done
else
dnl user didn't give a path, so guess/hope they installed wolfssl
dnl headers to system default location
CPPFLAGS="-I$includedir/wolfssl $CPPFLAGS"
AC_MSG_NOTICE([Add $includedir/wolfssl to CPPFLAGS])
fi
WOLFSSL_NTLM=1
]
)
if test -n "$wolfssllibpath"; then
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
dnl due to this
if test "x$cross_compiling" != "xyes"; then
CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$wolfssllibpath"
export CURL_LIBRARY_PATH
AC_MSG_NOTICE([Added $wolfssllibpath to CURL_LIBRARY_PATH])
fi
fi
fi
fi dnl wolfSSL not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
])