the big openssl fix. hope everything still works.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1992 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
d2442fe48d
commit
e8e1fad724
241
configure.in
241
configure.in
|
@ -227,49 +227,77 @@ AC_CACHE_CHECK([for flex directory], ac_cv_flexdir, [
|
|||
ac_cv_flexdir=$flexdir
|
||||
])
|
||||
|
||||
dnl The big mess with OpenSSL
|
||||
AC_ARG_WITH(openssl,
|
||||
[ --with-openssl=PATH use OpenSSL in PATH],
|
||||
[tryssldir=$withval])
|
||||
|
||||
SSL_MSG="no"
|
||||
ENGINE_MSG="no"
|
||||
dnl The big mess with OpenSSL
|
||||
saved_LIBS="$LIBS"
|
||||
saved_LDFLAGS="$LDFLAGS"
|
||||
saved_CPPFLAGS="$CPPFLAGS"
|
||||
AC_SUBST(LIBCRYPTO)
|
||||
AC_SUBST(ENGINE_LINK)
|
||||
AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
|
||||
if test "x$tryssldir" = "x" ; then
|
||||
tryssldir="$trycommondir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl"
|
||||
fi
|
||||
|
||||
for ssldir in $tryssldir ; do
|
||||
# Skip empty variables
|
||||
if test -z "$ssldir"; then
|
||||
continue;
|
||||
fi
|
||||
SSL_MSG="no"
|
||||
ssldir=""
|
||||
|
||||
AC_ARG_WITH(openssl,
|
||||
[ --with-openssl=PATH use OpenSSL in PATH],
|
||||
[
|
||||
# Disable OpenSSL support
|
||||
if test "x$ssldir" = "xno" ; then
|
||||
if test "x$withval" = "xno" ; then
|
||||
SSL_MSG="no (disabled)"
|
||||
ENGINE_MSG="no (disabled)"
|
||||
break;
|
||||
fi
|
||||
# Skip directories if they don't exist
|
||||
if test ! -d "$ssldir/" ; then
|
||||
continue;
|
||||
fi
|
||||
|
||||
# ok we got a directory, so only check in that dir.
|
||||
LIBCRYPTO="-lcrypto"
|
||||
CPPFLAGS="$saved_CPPFLAGS"
|
||||
LDFLAGS="$saved_LDFLAGS"
|
||||
LIBS="$saved_LIBS $LIBCRYPTO"
|
||||
|
||||
if test "x$ssldir" != "x/usr"; then
|
||||
LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
|
||||
if test ! -z "$need_dash_r" ; then
|
||||
LDFLAGS="-R$ssldir/lib $LDFLAGS"
|
||||
fi
|
||||
CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
|
||||
|
||||
AC_TRY_RUN(
|
||||
[
|
||||
#include <string.h>
|
||||
#include <openssl/rand.h>
|
||||
int main(void)
|
||||
{
|
||||
char a[2048];
|
||||
memset(a, 0, sizeof(a));
|
||||
RAND_add(a, sizeof(a), sizeof(a));
|
||||
return(RAND_status() <= 0);
|
||||
}
|
||||
],
|
||||
[
|
||||
SSL_MSG="yes"
|
||||
ssldir="$withval"
|
||||
LIBS="$saved_LIBS"
|
||||
LDFLAGS="$saved_LDFLAGS"
|
||||
CPPFLAGS="$saved_CPPFLAGS"
|
||||
break
|
||||
])
|
||||
] , [
|
||||
|
||||
# we didn't get a directory, so we start searching for openssl.
|
||||
|
||||
for tryssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl; do
|
||||
|
||||
# Skip directories if they don't exist
|
||||
if test ! -d "$tryssldir/" ; then
|
||||
continue;
|
||||
fi
|
||||
|
||||
LIBCRYPTO="-lcrypto"
|
||||
CPPFLAGS="$saved_CPPFLAGS"
|
||||
LDFLAGS="$saved_LDFLAGS"
|
||||
LIBS="$saved_LIBS $LIBCRYPTO"
|
||||
|
||||
if test "x$tryssldir" != "x/usr"; then
|
||||
LDFLAGS="-L$tryssldir/lib $saved_LDFLAGS"
|
||||
if test ! -z "$need_dash_r" ; then
|
||||
LDFLAGS="-R$tryssldir/lib $LDFLAGS"
|
||||
fi
|
||||
CPPFLAGS="-I$tryssldir/include $saved_CPPFLAGS"
|
||||
fi
|
||||
|
||||
# Basic test to check for compatible version and correct linking
|
||||
|
@ -288,45 +316,30 @@ int main(void)
|
|||
],
|
||||
[
|
||||
SSL_MSG="yes"
|
||||
], []
|
||||
)
|
||||
|
||||
if test "x$SSL_MSG" != "xyes"
|
||||
then
|
||||
continue
|
||||
fi
|
||||
|
||||
# latest openssl version with engine
|
||||
# properly integrated?
|
||||
AC_MSG_CHECKING([for openssl version])
|
||||
AC_TRY_RUN(
|
||||
[
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
int main(void)
|
||||
{
|
||||
|
||||
if(OPENSSL_VERSION_NUMBER >= 0x0090704fL) {
|
||||
exit(0);
|
||||
} else {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
ssldir=$tryssldir
|
||||
break;
|
||||
],
|
||||
[
|
||||
AC_MSG_RESULT([good, 0.9.7d or later])
|
||||
GOOD_OPENSSL=yes
|
||||
],
|
||||
[
|
||||
AC_MSG_RESULT([not so good, 0.9.7d or later would be better])
|
||||
GOOD_OPENSSL=no
|
||||
SSL_MSG="no"
|
||||
LIBS="$saved_LIBS"
|
||||
LDFLAGS="$saved_LDFLAGS"
|
||||
CPPFLAGS="$saved_CPPFLAGS"
|
||||
]
|
||||
)
|
||||
done
|
||||
])
|
||||
LIBS="$saved_LIBS"
|
||||
AC_SUBST(LIBCRYPTO)
|
||||
AM_CONDITIONAL(HAVE_SSL, test "x$SSL_MSG" = "xyes")
|
||||
|
||||
if test "x$GOOD_OPENSSL" == "xyes"
|
||||
then
|
||||
# ok, we checked for basic ssl support.
|
||||
# if it is not available, we can skip the rest of
|
||||
# the test. also we have $ssldir set to the location
|
||||
# of the openssl libs.
|
||||
|
||||
ENGINE_MSG="no"
|
||||
if [ "x$SSL_MSG" = "xyes" ]
|
||||
then
|
||||
# engine has to be there and working
|
||||
LIBS="$saved_LIBS $LIBCRYPTO $LIBDL"
|
||||
AC_TRY_RUN(
|
||||
|
@ -352,19 +365,56 @@ int main(void)
|
|||
ENGINE_MSG=yes
|
||||
ENGINE_LINK="$LIBCRYPTO"
|
||||
], [
|
||||
# should never happen,
|
||||
# every 0.9.7* version has engine
|
||||
# support integrated, it can't
|
||||
# be missing.
|
||||
AC_MSG_ERROR([OpenSSL support broken: openssl >= 0.9.7d without engine detected.])
|
||||
ENGINE_MSG=no
|
||||
]);
|
||||
fi
|
||||
LIBS="$saved_LIBS"
|
||||
AC_SUBST(ENGINE_LINK)
|
||||
AM_CONDITIONAL(HAVE_ENGINE, test "x$ENGINE_MSG" = "xyes")
|
||||
|
||||
# ok, now we might (or not) have ssl and an engine.
|
||||
# still room for "improvements", i.e. hacks to work
|
||||
# with old engines.
|
||||
|
||||
SSLHACK_MSG=no
|
||||
|
||||
if [ "x$SSL_MSG" = "xyes" -a "x$ENGINE_MSG" = "xyes" ]
|
||||
then
|
||||
# latest openssl version with engine
|
||||
# properly integrated?
|
||||
AC_MSG_CHECKING([for openssl version])
|
||||
AC_TRY_RUN(
|
||||
[
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
int main(void)
|
||||
{
|
||||
|
||||
if(OPENSSL_VERSION_NUMBER >= 0x0090704fL) {
|
||||
exit(0);
|
||||
} else {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
],
|
||||
[
|
||||
AC_MSG_RESULT([good, 0.9.7d or later])
|
||||
OLD_OPENSSL=no
|
||||
],
|
||||
[
|
||||
AC_MSG_RESULT([not so good, 0.9.7d or later would be better])
|
||||
OLD_OPENSSL=yes
|
||||
])
|
||||
break;
|
||||
else
|
||||
|
||||
if test "x$OLD_OPENSSL" == "xyes"
|
||||
then
|
||||
# openssl found, but version less than 0.9.7d
|
||||
|
||||
# openssl with engine support?
|
||||
LIBCRYPTOA="$ssldir/lib/libcrypto.a $LIBDL"
|
||||
LIBS="$saved_LIBS $LIBCRYPTOA"
|
||||
# linking libcrypto.a staticaly possible?
|
||||
|
||||
LIBS="$saved_LIBS $ssldir/lib/libcrypto.a $LIBDL"
|
||||
AC_TRY_RUN(
|
||||
[
|
||||
#include <string.h>
|
||||
|
@ -385,48 +435,23 @@ int main(void)
|
|||
}
|
||||
],
|
||||
[
|
||||
ENGINE_MSG=yes
|
||||
ENGINE_LINK="$LIBCRYPTOA"
|
||||
SSLHACK_MSG=yes
|
||||
ENGINE_LINK="$ssldir/lib/libcrypto.a"
|
||||
], []
|
||||
)
|
||||
break;
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
if test "x$SSL_MSG" = "xyes" ; then
|
||||
ac_cv_openssldir="$ssldir"
|
||||
else
|
||||
ac_cv_openssldir="no"
|
||||
fi
|
||||
], [SSL_MSG=yes])
|
||||
CPPFLAGS="$saved_CPPFLAGS"
|
||||
LDFLAGS="$saved_LDFLAGS"
|
||||
LIBS="$saved_LIBS"
|
||||
|
||||
if test "x$SSL_MSG" = "xyes" ; then
|
||||
AC_DEFINE(HAVE_OPENSSL, 1, [Have OpenSSL libraries])
|
||||
if test "x$ac_cv_openssldir" != "x/usr"; then
|
||||
LDFLAGS="-L$ac_cv_openssldir/lib $LDFLAGS"
|
||||
if test ! -z "$need_dash_r" ; then
|
||||
LDFLAGS="-R$ac_cv_openssldir/lib $LDFLAGS"
|
||||
fi
|
||||
CPPFLAGS="-I$ac_cv_openssldir/include $saved_CPPFLAGS"
|
||||
fi
|
||||
else
|
||||
LIBCRYPTO=""
|
||||
LIBCRYPTOA=""
|
||||
ENGINE_LINK=""
|
||||
fi
|
||||
AM_CONDITIONAL(HAVE_SSL, test "x$SSL_MSG" = "xyes")
|
||||
AM_CONDITIONAL(HAVE_ENGINE, test "x$ENGINE_MSG" = "xyes")
|
||||
AM_CONDITIONAL(HAVE_SSLHACK, test "x$SSLHACK_MSG" = "xyes")
|
||||
|
||||
AC_SUBST(OPENSSL_LDFLAGS)
|
||||
# now - last part to do: check if we gain anything from
|
||||
# funny parameters to link openssl with.
|
||||
|
||||
saved_LDFLAGS="$LDFLAGS"
|
||||
if test "x$ENGINE_MSG" = "xyes" ; then
|
||||
for openssl_ldflag in "-Wl,-Bsymbolic" "-G -Wl,-Bsymbolic" "-shared -G -Wl,-Bsymbolic" "-Wl,-all_load"; do
|
||||
AC_MSG_CHECKING([whether we can use $openssl_ldflag])
|
||||
saved_CFLAGS=$CFLAGS
|
||||
CFLAGS="$CFLAGS $openssl_ldflag"
|
||||
LDFLAGS="$saved_LDFLAGS $openssl_ldflag"
|
||||
AC_TRY_LINK(,[return 1],ac_cv_use_openssl_flag="yes",ac_cv_use_openssl_flag="no")
|
||||
CFLAGS=$saved_CFLAGS
|
||||
AC_MSG_RESULT($ac_cv_use_openssl_flag)
|
||||
|
@ -436,6 +461,8 @@ if test "x$ENGINE_MSG" = "xyes" ; then
|
|||
fi
|
||||
done
|
||||
fi
|
||||
LDFLAGS="$saved_LDFLAGS"
|
||||
AC_SUBST(OPENSSL_LDFLAGS)
|
||||
|
||||
AC_ARG_WITH(pam-dir,
|
||||
[ --with-pam-dir=PATH Specify path for PAM installation libraries],
|
||||
|
@ -615,16 +642,23 @@ else
|
|||
fi
|
||||
|
||||
if test "x$PCSC_MSG" = "xyes"; then
|
||||
CPPFLAGS="${PCSC_CFLAGS} $saved_CPPFLAGS"
|
||||
CFLAGS="$PCSC_CFLAGS $saved_CFLAGS"
|
||||
LIBS="$PCSC_LIBS $saved_LIBS"
|
||||
AC_TRY_LINK([
|
||||
#include <stdlib.h>
|
||||
#ifdef __APPLE__
|
||||
#include <PCSC/wintypes.h>
|
||||
#include <PCSC/winscard.h>
|
||||
#else
|
||||
#include <winscard.h>
|
||||
#endif
|
||||
], [
|
||||
SCardControl(NULL, NULL, 0, NULL, 0);
|
||||
SCardControl(NULL, NULL, 0, NULL, NULL);
|
||||
], [
|
||||
AC_DEFINE(HAVE_PCSC_OLD, 1, [old version of pc/sc-lite])
|
||||
])
|
||||
CPPFLAGS="$saved_CPPFLAGS"
|
||||
CFLAGS="$saved_CFLAGS"
|
||||
LIBS="$saved_LIBS"
|
||||
fi
|
||||
|
@ -1008,6 +1042,7 @@ echo ""
|
|||
echo "Random number collection: ${RAND_MSG}"
|
||||
echo "OpenSSL support: ${SSL_MSG}"
|
||||
echo " with engine: ${ENGINE_MSG}"
|
||||
echo " with sslhack: ${SSLHACK_MSG}"
|
||||
echo "PC/SC support: ${PCSC_MSG}"
|
||||
echo "OpenCT support: ${OPENCT_MSG}"
|
||||
echo "Assuan support: ${ASSUAN_MSG}"
|
||||
|
|
Loading…
Reference in New Issue