From e8e1fad7248e2d893c701ef323c045de1cf92806 Mon Sep 17 00:00:00 2001
From: aj <aj@c6295689-39f2-0310-b995-f0e70906c6a9>
Date: Sun, 5 Dec 2004 19:04:17 +0000
Subject: [PATCH] the big openssl fix. hope everything still works.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1992 c6295689-39f2-0310-b995-f0e70906c6a9
---
 configure.in | 275 +++++++++++++++++++++++++++++----------------------
 1 file changed, 155 insertions(+), 120 deletions(-)

diff --git a/configure.in b/configure.in
index 030405ac..a4c56355 100644
--- a/configure.in
+++ b/configure.in
@@ -227,49 +227,77 @@ AC_CACHE_CHECK([for flex directory], ac_cv_flexdir, [
 	ac_cv_flexdir=$flexdir
 ])
 
-dnl The big mess with OpenSSL
-AC_ARG_WITH(openssl,
-	[  --with-openssl=PATH     use OpenSSL in PATH],
-	[tryssldir=$withval])
 
-SSL_MSG="no"
-ENGINE_MSG="no"
+dnl The big mess with OpenSSL
 saved_LIBS="$LIBS"
 saved_LDFLAGS="$LDFLAGS"
 saved_CPPFLAGS="$CPPFLAGS"
-AC_SUBST(LIBCRYPTO)
-AC_SUBST(ENGINE_LINK)
-AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
-	if test "x$tryssldir" = "x" ; then
-		tryssldir="$trycommondir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl"
-	fi
 
-	for ssldir in $tryssldir ; do
-		# Skip empty variables
-		if test -z "$ssldir"; then
-			continue;
-		fi
+SSL_MSG="no"
+ssldir=""
+
+AC_ARG_WITH(openssl,
+	[  --with-openssl=PATH     use OpenSSL in PATH],
+	[
 		# Disable OpenSSL support
-		if test "x$ssldir" = "xno" ; then
+		if test "x$withval" = "xno" ; then
 			SSL_MSG="no (disabled)"
-			ENGINE_MSG="no (disabled)"
 			break;
 		fi
+
+		# ok we got a directory, so only check in that dir.
+		LIBCRYPTO="-lcrypto"
+		CPPFLAGS="$saved_CPPFLAGS"
+		LDFLAGS="$saved_LDFLAGS"
+		LIBS="$saved_LIBS $LIBCRYPTO"
+		LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
+		if test ! -z "$need_dash_r" ; then
+			LDFLAGS="-R$ssldir/lib $LDFLAGS"
+		fi
+		CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
+
+		AC_TRY_RUN(
+			[
+#include <string.h>
+#include <openssl/rand.h>
+int main(void)
+{
+	char a[2048];
+	memset(a, 0, sizeof(a));
+	RAND_add(a, sizeof(a), sizeof(a));
+	return(RAND_status() <= 0);
+}
+			],
+			[
+				SSL_MSG="yes"
+				ssldir="$withval"
+				LIBS="$saved_LIBS"
+				LDFLAGS="$saved_LDFLAGS"
+				CPPFLAGS="$saved_CPPFLAGS"
+				break
+			])
+	] , [
+
+	# we didn't get a directory, so we start searching for openssl.
+
+	for tryssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl; do
+
 		# Skip directories if they don't exist
-		if test ! -d "$ssldir/" ; then
+		if test ! -d "$tryssldir/" ; then
 			continue;
 		fi
+
 		LIBCRYPTO="-lcrypto"
 		CPPFLAGS="$saved_CPPFLAGS"
 		LDFLAGS="$saved_LDFLAGS"
 		LIBS="$saved_LIBS $LIBCRYPTO"
 
-		if test "x$ssldir" != "x/usr"; then
-			LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
+		if test "x$tryssldir" != "x/usr"; then
+			LDFLAGS="-L$tryssldir/lib $saved_LDFLAGS"
 			if test ! -z "$need_dash_r" ; then
-				LDFLAGS="-R$ssldir/lib $LDFLAGS"
+				LDFLAGS="-R$tryssldir/lib $LDFLAGS"
 			fi
-			CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
+			CPPFLAGS="-I$tryssldir/include $saved_CPPFLAGS"
 		fi
 
 		# Basic test to check for compatible version and correct linking
@@ -288,18 +316,74 @@ int main(void)
 			],
 			[
 				SSL_MSG="yes"
-			], []
+				ssldir=$tryssldir
+				break;
+			],
+			[
+				SSL_MSG="no"
+				LIBS="$saved_LIBS"
+				LDFLAGS="$saved_LDFLAGS"
+				CPPFLAGS="$saved_CPPFLAGS"
+			]
 		)
+	done
+	])
+LIBS="$saved_LIBS"
+AC_SUBST(LIBCRYPTO)
+AM_CONDITIONAL(HAVE_SSL, test "x$SSL_MSG" = "xyes")
 
-		if test "x$SSL_MSG" != "xyes" 
-		then
-			continue
-		fi
+# ok, we checked for basic ssl support.
+# if it is not available, we can skip the rest of
+# the test. also we have $ssldir set to the location
+# of the openssl libs.
 
-		# latest openssl version with engine
-		# properly integrated?
-		AC_MSG_CHECKING([for openssl version])
-		AC_TRY_RUN(
+ENGINE_MSG="no"
+if [ "x$SSL_MSG" = "xyes" ]
+then
+	# engine has to be there and working
+	LIBS="$saved_LIBS $LIBCRYPTO $LIBDL"
+	AC_TRY_RUN(
+			[
+#include <string.h>
+#include <openssl/opensslv.h>
+#include <openssl/engine.h>
+#include <openssl/rand.h>
+int main(void)
+{
+	char a[2048];
+	ENGINE *e;
+
+	e = ENGINE_new();
+	ENGINE_load_dynamic();
+	if (!e) return 1;
+	memset(a, 0, sizeof(a));
+	RAND_add(a, sizeof(a), sizeof(a));
+	return(RAND_status() <= 0);
+}
+	],
+	[
+		ENGINE_MSG=yes
+		ENGINE_LINK="$LIBCRYPTO"
+	], [
+		ENGINE_MSG=no
+	]);
+fi
+LIBS="$saved_LIBS"
+AC_SUBST(ENGINE_LINK)
+AM_CONDITIONAL(HAVE_ENGINE, test "x$ENGINE_MSG" = "xyes")
+
+# ok, now we might (or not) have ssl and an engine.
+# still room for "improvements", i.e. hacks to work
+# with old engines.
+
+SSLHACK_MSG=no
+
+if [ "x$SSL_MSG" = "xyes" -a "x$ENGINE_MSG" = "xyes" ]
+then
+	# latest openssl version with engine
+	# properly integrated?
+	AC_MSG_CHECKING([for openssl version])
+	AC_TRY_RUN(
 		[
 #include <stdlib.h>
 #include <string.h>
@@ -314,58 +398,24 @@ int main(void)
 		exit(1);
 	}
 }
-		],
-		[
-			AC_MSG_RESULT([good, 0.9.7d or later])
-			GOOD_OPENSSL=yes
-		],
-		[
-			AC_MSG_RESULT([not so good, 0.9.7d or later would be better])
-			GOOD_OPENSSL=no
-		]
-		)
+	],
+	[
+		AC_MSG_RESULT([good, 0.9.7d or later])
+		OLD_OPENSSL=no
+	],
+	[
+		AC_MSG_RESULT([not so good, 0.9.7d or later would be better])
+		OLD_OPENSSL=yes
+	])
 
-		if test "x$GOOD_OPENSSL" == "xyes" 
-		then
-			# engine has to be there and working
-			LIBS="$saved_LIBS $LIBCRYPTO $LIBDL"
-			AC_TRY_RUN(
-			[
-#include <string.h>
-#include <openssl/opensslv.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-int main(void)
-{
-	char a[2048];
-	ENGINE *e;
+	if test "x$OLD_OPENSSL" == "xyes" 
+	then
+		# openssl found, but version less than 0.9.7d
 
-	e = ENGINE_new();
-	ENGINE_load_dynamic();
-	if (!e) return 1;
-	memset(a, 0, sizeof(a));
-	RAND_add(a, sizeof(a), sizeof(a));
-	return(RAND_status() <= 0);
-}
-				],
-				[
-					ENGINE_MSG=yes
-					ENGINE_LINK="$LIBCRYPTO"
-				], [
-					# should never happen,
-					# every 0.9.7* version has engine
-					# support integrated, it can't
-					# be missing.
-  AC_MSG_ERROR([OpenSSL support broken: openssl >= 0.9.7d without engine detected.])
-				])
-				break;
-		else
-			# openssl found, but version less than 0.9.7d
+		# linking libcrypto.a staticaly possible?
 			
-			# openssl with engine support?
-			LIBCRYPTOA="$ssldir/lib/libcrypto.a $LIBDL"
-			LIBS="$saved_LIBS $LIBCRYPTOA"
-			AC_TRY_RUN(
+		LIBS="$saved_LIBS $ssldir/lib/libcrypto.a $LIBDL"
+		AC_TRY_RUN(
 			[
 #include <string.h>
 #include <openssl/opensslv.h>
@@ -383,50 +433,25 @@ int main(void)
 	RAND_add(a, sizeof(a), sizeof(a));
 	return(RAND_status() <= 0);
 }
-			],
-			[
-				ENGINE_MSG=yes
-				ENGINE_LINK="$LIBCRYPTOA"
-			], []
-		)
-		break;
-		fi
-
-	done
-
-	if test "x$SSL_MSG" = "xyes" ; then
-		ac_cv_openssldir="$ssldir"
-	else
-		ac_cv_openssldir="no"
+		],
+		[
+			SSLHACK_MSG=yes
+			ENGINE_LINK="$ssldir/lib/libcrypto.a"
+		], []
+	)
 	fi
-], [SSL_MSG=yes])
-CPPFLAGS="$saved_CPPFLAGS"
-LDFLAGS="$saved_LDFLAGS"
-LIBS="$saved_LIBS"
-
-if test "x$SSL_MSG" = "xyes" ; then
-  AC_DEFINE(HAVE_OPENSSL, 1, [Have OpenSSL libraries])
-  if test "x$ac_cv_openssldir" != "x/usr"; then
-    LDFLAGS="-L$ac_cv_openssldir/lib $LDFLAGS"
-    if test ! -z "$need_dash_r" ; then
-       LDFLAGS="-R$ac_cv_openssldir/lib $LDFLAGS"
-    fi
-    CPPFLAGS="-I$ac_cv_openssldir/include $saved_CPPFLAGS"
-  fi
-else
-  LIBCRYPTO=""
-  LIBCRYPTOA=""
-  ENGINE_LINK=""
 fi
-AM_CONDITIONAL(HAVE_SSL, test "x$SSL_MSG" = "xyes")
-AM_CONDITIONAL(HAVE_ENGINE, test "x$ENGINE_MSG" = "xyes")
+AM_CONDITIONAL(HAVE_SSLHACK, test "x$SSLHACK_MSG" = "xyes")
 
-AC_SUBST(OPENSSL_LDFLAGS)
+# now - last part to do: check if we gain anything from 
+# funny parameters to link openssl with.
+
+saved_LDFLAGS="$LDFLAGS"
 if test "x$ENGINE_MSG" = "xyes" ; then
   for openssl_ldflag in "-Wl,-Bsymbolic" "-G -Wl,-Bsymbolic" "-shared -G -Wl,-Bsymbolic" "-Wl,-all_load"; do
 	AC_MSG_CHECKING([whether we can use $openssl_ldflag])
 	saved_CFLAGS=$CFLAGS
-	CFLAGS="$CFLAGS $openssl_ldflag"
+	LDFLAGS="$saved_LDFLAGS $openssl_ldflag"
 	AC_TRY_LINK(,[return 1],ac_cv_use_openssl_flag="yes",ac_cv_use_openssl_flag="no")
 	CFLAGS=$saved_CFLAGS
 	AC_MSG_RESULT($ac_cv_use_openssl_flag)
@@ -436,6 +461,8 @@ if test "x$ENGINE_MSG" = "xyes" ; then
 	fi
   done
 fi
+LDFLAGS="$saved_LDFLAGS"
+AC_SUBST(OPENSSL_LDFLAGS)
 
 AC_ARG_WITH(pam-dir,
 	[  --with-pam-dir=PATH     Specify path for PAM installation libraries],
@@ -615,16 +642,23 @@ else
 fi
 
 if test "x$PCSC_MSG" = "xyes"; then
+	CPPFLAGS="${PCSC_CFLAGS} $saved_CPPFLAGS"
 	CFLAGS="$PCSC_CFLAGS $saved_CFLAGS"
 	LIBS="$PCSC_LIBS $saved_LIBS"
 	AC_TRY_LINK([
 #include <stdlib.h>
+#ifdef __APPLE__
+#include <PCSC/wintypes.h>
+#include <PCSC/winscard.h>
+#else
 #include <winscard.h>
+#endif
 	], [
-SCardControl(NULL, NULL, 0, NULL, 0);
+SCardControl(NULL, NULL, 0, NULL, NULL);
 	], [
 		AC_DEFINE(HAVE_PCSC_OLD, 1, [old version of pc/sc-lite])
 	])	
+	CPPFLAGS="$saved_CPPFLAGS"
 	CFLAGS="$saved_CFLAGS"
 	LIBS="$saved_LIBS"
 fi
@@ -1008,6 +1042,7 @@ echo ""
 echo "Random number collection: ${RAND_MSG}"
 echo "OpenSSL support:          ${SSL_MSG}"
 echo "        with engine:      ${ENGINE_MSG}"
+echo "        with sslhack:     ${SSLHACK_MSG}"
 echo "PC/SC support:            ${PCSC_MSG}"
 echo "OpenCT support:           ${OPENCT_MSG}"
 echo "Assuan support:           ${ASSUAN_MSG}"