1
0
mirror of https://github.com/moparisthebest/wget synced 2024-07-03 16:38:41 -04:00

[svn] Improve OpenSSL autodetection.

Published in <sxsitbcon7w.fsf@florida.arsdigita.de>.
This commit is contained in:
hniksic 2001-12-12 00:30:03 -08:00
parent aa76fd748c
commit b0ab325703
2 changed files with 120 additions and 62 deletions

View File

@ -1,3 +1,7 @@
2001-12-12 Hrvoje Niksic <hniksic@arsdigita.com>
* configure.in: Autodetect SSL. Check for SSL includes too.
2001-12-11 Hrvoje Niksic <hniksic@arsdigita.com> 2001-12-11 Hrvoje Niksic <hniksic@arsdigita.com>
* config.sub: Ditto. * config.sub: Ditto.

View File

@ -46,7 +46,8 @@ AC_ARG_WITH(socks,
[AC_DEFINE(HAVE_SOCKS)]) [AC_DEFINE(HAVE_SOCKS)])
AC_ARG_WITH(ssl, AC_ARG_WITH(ssl,
[ --with-ssl[=SSL_ROOT] link with libssl [in SSL_ROOT/lib] for https: support]) [ --with-ssl[=SSL-ROOT] link with SSL support [default=auto]
--without-ssl disable SSL autodetection])
AC_ARG_ENABLE(opie, AC_ARG_ENABLE(opie,
[ --disable-opie disable support for opie or s/key FTP login], [ --disable-opie disable support for opie or s/key FTP login],
@ -215,25 +216,53 @@ then
AC_CHECK_LIB(socks, Rconnect) AC_CHECK_LIB(socks, Rconnect)
fi fi
dnl If --with-ssl was specified, make sure we can link with the dnl $with_ssl can be one of:
dnl OpenSSL libs. We should probably auto-detect this by default. dnl - empty string or "auto", meaning autodetect SSL and use it if found.
dnl - "yes", meaning link with SSL or bail out.
dnl - "no", meaning don't link with SSL.
dnl - anything else, meaning use that as the SSL root, and bail out
dnl if it fails.
if test x"$with_ssl" != x -a x"$with_ssl" != x"no"; then if test x"$with_ssl" = x; then
dnl Canonicalize unspecified with-ssl setting to "auto". This
dnl implements the "auto-detect by default" feature. If you want to
dnl change this to "ignore SSL by default", change "auto" to "no".
with_ssl=auto
fi
dnl Detection of OpenSSL is much hairier than the detection of other
dnl libraries because OpenSSL can be compiled as a third-party
dnl library, which means it will not be found without additional
dnl linker magic. It would be really nice to rework this check into
dnl an AC_DEFUN so that we can reuse it for other third-party
dnl libraries.
if test x"$with_ssl" != x"no"; then
wget_force_ssl=no
if test x"$with_ssl" = x"yes"; then if test x"$with_ssl" = x"yes"; then
dnl OpenSSL's default install location is "/usr/local/ssl". We also wget_force_ssl=yes
dnl allow /usr/local for regular-style install, and /usr for Linux
dnl stuff.
ssl_all_roots="default /usr/local/ssl /usr/local /opt"
else
dnl Root has been kindly provided by the user.
ssl_all_roots=$with_ssl
fi fi
if test x"$with_ssl" = x"yes" || test x"$with_ssl" = x"auto"; then
dnl OpenSSL's root was not specified, so we have to guess. First
dnl try the system default location, then "/usr/local/ssl" (where
dnl OpenSSL installs by default), then "/usr/local" (traditional
dnl choice for installation root), then "/opt".
ssl_all_roots="system-default /usr/local/ssl /usr/local /opt"
else
dnl Root has been specified by the user.
ssl_all_roots=$with_ssl
wget_force_ssl=yes
fi
wget_save_CC=$CC
wget_save_LIBS=$LIBS wget_save_LIBS=$LIBS
wget_save_LDFLAGS=$LDFLAGS wget_save_LDFLAGS=$LDFLAGS
wget_save_CC=$CC wget_save_CPPFLAGS=$CPPFLAGS
dnl Use libtool for OpenSSL tests to handle the "-R<rpath>" option. dnl Use libtool for OpenSSL tests so we can specify "-R<rpath>"
dnl without having to know how the linker handles it.
CC="$SHELL ./libtool $CC" CC="$SHELL ./libtool $CC"
dnl Unfortunately, as of this writing (OpenSSL 0.9.6), the libcrypto dnl Unfortunately, as of this writing (OpenSSL 0.9.6), the libcrypto
@ -244,13 +273,13 @@ if test x"$with_ssl" != x -a x"$with_ssl" != x"no"; then
AC_CHECK_LIB(dl,dlopen) AC_CHECK_LIB(dl,dlopen)
AC_CHECK_LIB(dl,shl_load) AC_CHECK_LIB(dl,shl_load)
ssl_linked=no ssl_success=no
dnl Now try to find SSL libraries in each of the likely SSL roots. dnl Now try to find SSL libraries in each of the likely SSL roots.
for ssl_root in $ssl_all_roots for ssl_root in $ssl_all_roots
do do
if test x"$ssl_root" = xdefault; then if test x"$ssl_root" = x"system-default"; then
dnl Try the default library locations. dnl Try the default include and library locations.
SSL_INCLUDES= SSL_INCLUDES=
else else
dnl Try this specific root. dnl Try this specific root.
@ -260,10 +289,30 @@ if test x"$with_ssl" != x -a x"$with_ssl" != x"no"; then
LDFLAGS="-L$ssl_root/lib -R$ssl_root/lib $wget_save_LDFLAGS" LDFLAGS="-L$ssl_root/lib -R$ssl_root/lib $wget_save_LDFLAGS"
fi fi
ssl_link_failure=no
AC_MSG_RESULT(["Looking for SSL libraries in $ssl_root"]) AC_MSG_RESULT(["Looking for SSL libraries in $ssl_root"])
dnl Check whether the compiler can find the include files. On
dnl some systems Gcc finds libraries in /usr/local/lib, but fails
dnl to find the includes in /usr/local/include.
ssl_found_includes=no
CPPFLAGS="$SSL_INCLUDES $wget_save_CPPFLAGS"
AC_MSG_CHECKING(["for includes"])
AC_TRY_CPP([#include <openssl/ssl.h>
#include <openssl/rsa.h>
],
AC_MSG_RESULT("found"); ssl_found_includes=yes,
AC_MSG_RESULT("not found")
)
if test x"$ssl_found_includes" = xno; then
continue
fi
ssl_link_failure=no
dnl Make sure that the checks don't run afoul of the cache. It dnl Make sure that the checks don't run afoul of the cache. It
dnl would be nicer to temporarily turn off the cache, but dnl would be nicer to temporarily turn off the cache, but
dnl apparently Autoconf doesn't allow that. dnl apparently Autoconf doesn't allow that.
@ -278,18 +327,22 @@ if test x"$with_ssl" != x -a x"$with_ssl" != x"no"; then
AC_CHECK_LIB(crypto, RSA_new, , ssl_link_failure=yes) AC_CHECK_LIB(crypto, RSA_new, , ssl_link_failure=yes)
AC_CHECK_LIB(ssl, SSL_new, , ssl_link_failure=yes) AC_CHECK_LIB(ssl, SSL_new, , ssl_link_failure=yes)
dnl If ssl_link_failure is still no, the libraries link. But we if test x"$ssl_link_failure" = xyes; then
dnl still need to check if the program linked with those libraries dnl One or both libs failed to link.
dnl under these settings with run. On some systems (Solaris), Gcc continue
dnl adds -L/usr/local/lib to the linking line, but fails to add fi
dnl -R/usr/local/lib, thus creating executables that link, but
dnl fail to run. dnl The libraries link. But we still need to check if the program
dnl linked with those libraries under these settings with run. On
dnl some systems (Solaris), Gcc adds -L/usr/local/lib to the
dnl linking line, but fails to add -R/usr/local/lib, thus creating
dnl executables that link, but fail to run.
dnl If we are cross-compiling, just assume that working linkage dnl If we are cross-compiling, just assume that working linkage
dnl implies working executable. dnl implies working executable.
if test x"$ssl_link_failure" = xno; then ssl_run_failure=no
dnl Now try to run the thing.
AC_MSG_CHECKING("whether SSL libs are resolved at runtime") AC_MSG_CHECKING("whether SSL libs are resolved at runtime")
AC_TRY_RUN([ AC_TRY_RUN([
int RSA_new(); int RSA_new();
@ -297,50 +350,51 @@ int SSL_new();
main(){return 0;} main(){return 0;}
], ],
AC_MSG_RESULT("yes"), AC_MSG_RESULT("yes"),
AC_MSG_RESULT("no"); ssl_link_failure=yes, AC_MSG_RESULT("no"); ssl_run_failure=yes,
AC_MSG_RESULT("cross")) AC_MSG_RESULT("cross")
fi )
if test x"$ssl_link_failure" = xno; then if test x"$ssl_run_failure" = xno; then
dnl This echo doesn't look right, but I'm not sure what to use ssl_success=yes
dnl instead. break
fi
done
if test x"$ssl_success" = xyes; then
dnl AC_MSG_RESULT doesn't look right here, but I'm not sure what
dnl to use instead.
AC_MSG_RESULT("Compiling in support for SSL in $ssl_root") AC_MSG_RESULT("Compiling in support for SSL in $ssl_root")
AC_DEFINE(HAVE_SSL) AC_DEFINE(HAVE_SSL)
AC_SUBST(SSL_INCLUDES) AC_SUBST(SSL_INCLUDES)
SSL_OBJ='gen_sslfunc$o' SSL_OBJ='gen_sslfunc$o'
AC_SUBST(SSL_OBJ) AC_SUBST(SSL_OBJ)
ssl_linked=yes else
break LDFLAGS=$wget_save_LDFLAGS
fi
done
if test x"$ssl_linked" = xno; then
LD_FLAGS=$wget_save_LDFLAGS
LIBS=$wget_save_LIBS LIBS=$wget_save_LIBS
dnl Perhaps we should abort here. Dan argues that configure dnl If linking with SSL was forced rather than auto-detected, then
dnl scripts shouldn't abort out of principle, but on the other dnl bail out if SSL failed.
dnl hand remember that the user explicitly requested linking with if test x"$wget_force_ssl" = x"yes"; then
dnl SSL. exec >&2
echo "ERROR: Failed to find OpenSSL libraries."
dnl IMHO there should be a way to specify whether SSL should be exit 2
dnl avoided, auto-detected, or required, defaulting to fi
dnl `autodetect'. Only in the `require' mode the script would
dnl abort if SSL is not found.
echo
echo "WARNING: Failed to link with OpenSSL libraries in $ssl_root/lib."
echo " Wget will be built without support for https://... URLs."
echo
fi fi
dnl Restore the compiler setting.
CC=$wget_save_CC CC=$wget_save_CC
dnl Restore the CPPFLAGS. Do this regardless of whether linking
dnl with SSL succeeded -- SSL includes will be handled using
dnl @SSL_INCLUDES@.
CPPFLAGS=$wget_save_CPPFLAGS
fi fi
dnl dnl
dnl Find an md5 implementation. dnl Find an md5 implementation.
dnl dnl
if test x$wget_need_md5 = xyes if test x"$wget_need_md5" = xyes
then then
MD5_OBJ='gen-md5$o' MD5_OBJ='gen-md5$o'
@ -350,7 +404,7 @@ then
dnl something simple like "MD5Update" because there are a number of dnl something simple like "MD5Update" because there are a number of
dnl MD5 implementations that use that name. md5_calc is, hopefully, dnl MD5 implementations that use that name. md5_calc is, hopefully,
dnl specific to the Solaris MD5 library. dnl specific to the Solaris MD5 library.
if test x$found_md5 = xno; then if test x"$found_md5" = xno; then
AC_CHECK_LIB(md5, md5_calc, [ AC_CHECK_LIB(md5, md5_calc, [
AC_DEFINE(HAVE_SOLARIS_MD5) AC_DEFINE(HAVE_SOLARIS_MD5)
LIBS="-lmd5 $LIBS" LIBS="-lmd5 $LIBS"
@ -360,15 +414,15 @@ then
dnl Then see if we're linking OpenSSL anyway; if yes, use its md5 dnl Then see if we're linking OpenSSL anyway; if yes, use its md5
dnl implementation. dnl implementation.
if test x$found_md5 = xno; then if test x"$found_md5" = xno; then
if test x$ssl_linked = xyes; then if test x"$ssl_success" = xyes; then
AC_DEFINE(HAVE_OPENSSL_MD5) AC_DEFINE(HAVE_OPENSSL_MD5)
found_md5=yes found_md5=yes
fi fi
fi fi
dnl If none of the above worked, use the builtin one. dnl If none of the above worked, use the one we ship with Wget.
if test x$found_md5 = xno; then if test x"$found_md5" = xno; then
AC_DEFINE(HAVE_BUILTIN_MD5) AC_DEFINE(HAVE_BUILTIN_MD5)
found_md5=yes found_md5=yes
MD5_OBJ="$MD5_OBJ gnu-md5\$o" MD5_OBJ="$MD5_OBJ gnu-md5\$o"