1#*************************************************************************** 2# _ _ ____ _ 3# Project ___| | | | _ \| | 4# / __| | | | |_) | | 5# | (__| |_| | _ <| |___ 6# \___|\___/|_| \_\_____| 7# 8# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. 9# 10# This software is licensed as described in the file COPYING, which 11# you should have received as part of this distribution. The terms 12# are also available at https://curl.se/docs/copyright.html. 13# 14# You may opt to use, copy, modify, merge, publish, distribute and/or sell 15# copies of the Software, and permit persons to whom the Software is 16# furnished to do so, under the terms of the COPYING file. 17# 18# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19# KIND, either express or implied. 20# 21#*************************************************************************** 22 23# File version for 'aclocal' use. Keep it a single number. 24# serial 5 25 26 27dnl CURL_CHECK_OPENSSL_API_HEADERS 28dnl ------------------------------------------------- 29dnl Find out OpenSSL headers API version, as reported 30dnl by OPENSSL_VERSION_NUMBER. No runtime checks 31dnl allowed here for cross-compilation support. 32dnl HAVE_OPENSSL_API_HEADERS is defined as appropriate 33dnl only for systems which actually run the configure 34dnl script. Config files generated manually or in any 35dnl other way shall not define this. 36 37AC_DEFUN([CURL_CHECK_OPENSSL_API_HEADERS], [ 38 # 39 tst_api="unknown" 40 # 41 AC_MSG_CHECKING([for OpenSSL headers version]) 42 CURL_CHECK_DEF([OPENSSL_VERSION_NUMBER], [ 43# ifdef USE_OPENSSL 44# include <openssl/crypto.h> 45# else 46# include <crypto.h> 47# endif 48 ], [silent]) 49 if test "$curl_cv_have_def_OPENSSL_VERSION_NUMBER" = "yes"; then 50 tst_verlen=`expr "$curl_cv_def_OPENSSL_VERSION_NUMBER" : '.*'` 51 case "x$tst_verlen" in 52 x6) 53 tst_vermaj=`echo $curl_cv_def_OPENSSL_VERSION_NUMBER | cut -c 3` 54 tst_vermin=`echo $curl_cv_def_OPENSSL_VERSION_NUMBER | cut -c 4` 55 tst_verfix=`echo $curl_cv_def_OPENSSL_VERSION_NUMBER | cut -c 5` 56 tst_api=0x$tst_vermaj$tst_vermin$tst_verfix 57 ;; 58 x11|x10) 59 tst_vermaj=`echo $curl_cv_def_OPENSSL_VERSION_NUMBER | cut -c 3` 60 tst_vermin=`echo $curl_cv_def_OPENSSL_VERSION_NUMBER | cut -c 5` 61 tst_verfix=`echo $curl_cv_def_OPENSSL_VERSION_NUMBER | cut -c 7` 62 tst_api=0x$tst_vermaj$tst_vermin$tst_verfix 63 ;; 64 *) 65 tst_api="unknown" 66 ;; 67 esac 68 case $tst_api in 69 0x111) tst_show="1.1.1" ;; 70 0x110) tst_show="1.1.0" ;; 71 0x102) tst_show="1.0.2" ;; 72 0x101) tst_show="1.0.1" ;; 73 0x100) tst_show="1.0.0" ;; 74 0x099) tst_show="0.9.9" ;; 75 0x098) tst_show="0.9.8" ;; 76 0x097) tst_show="0.9.7" ;; 77 0x096) tst_show="0.9.6" ;; 78 0x095) tst_show="0.9.5" ;; 79 0x094) tst_show="0.9.4" ;; 80 0x093) tst_show="0.9.3" ;; 81 0x092) tst_show="0.9.2" ;; 82 0x091) tst_show="0.9.1" ;; 83 *) tst_show="unknown" ;; 84 esac 85 tst_show="$tst_show - $curl_cv_def_OPENSSL_VERSION_NUMBER" 86 else 87 tst_show="unknown" 88 fi 89 AC_MSG_RESULT([$tst_show]) 90 # 91dnl if test "$tst_api" != "unknown"; then 92dnl AC_DEFINE_UNQUOTED(HAVE_OPENSSL_API_HEADERS, $tst_api, 93dnl [OpenSSL headers configure time API. Defined only by configure script. 94dnl No matter what, do not ever define this manually or by any other means.]) 95dnl fi 96 curl_openssl_api_headers=$tst_api 97]) 98 99 100dnl CURL_CHECK_OPENSSL_API_LIBRARY 101dnl ------------------------------------------------- 102dnl Find out OpenSSL library API version, performing 103dnl only link tests in order to avoid getting fooled 104dnl by mismatched OpenSSL headers. No runtime checks 105dnl allowed here for cross-compilation support. 106dnl HAVE_OPENSSL_API_LIBRARY is defined as appropriate 107dnl only for systems which actually run the configure 108dnl script. Config files generated manually or in any 109dnl other way shall not define this. 110dnl 111dnl Most probably we should not bother attempting to 112dnl detect OpenSSL library development API versions 113dnl 0.9.9 and 1.1.0. For our intended use, detecting 114dnl released versions should be good enough. 115dnl 116dnl Given that currently we are not using the result 117dnl of this check, except for informative purposes, 118dnl lets try to figure out everything. 119 120AC_DEFUN([CURL_CHECK_OPENSSL_API_LIBRARY], [ 121 # 122 tst_api="unknown" 123 # 124 AC_MSG_CHECKING([for OpenSSL library version]) 125 if test "$tst_api" = "unknown"; then 126 AC_LINK_IFELSE([ 127 AC_LANG_FUNC_LINK_TRY([ERR_clear_last_mark]) 128 ],[ 129 tst_api="0x111" 130 ]) 131 fi 132 if test "$tst_api" = "unknown"; then 133 case $host in 134 *-*-vms*) 135 AC_LINK_IFELSE([ 136 AC_LANG_FUNC_LINK_TRY([SSL_CTX_set_not_resumbl_sess_cb]) 137 ],[ 138 tst_api="0x110" 139 ]) 140 ;; 141 *) 142 AC_LINK_IFELSE([ 143 AC_LANG_FUNC_LINK_TRY([SSL_CTX_set_not_resumable_session_callback]) 144 ],[ 145 tst_api="0x110" 146 ]) 147 ;; 148 esac 149 fi 150 if test "$tst_api" = "unknown"; then 151 AC_LINK_IFELSE([ 152 AC_LANG_FUNC_LINK_TRY([SSL_CONF_CTX_new]) 153 ],[ 154 tst_api="0x102" 155 ]) 156 fi 157 if test "$tst_api" = "unknown"; then 158 AC_LINK_IFELSE([ 159 AC_LANG_FUNC_LINK_TRY([SSL_renegotiate_abbreviated]) 160 ],[ 161 tst_api="0x101" 162 ]) 163 fi 164 if test "$tst_api" = "unknown"; then 165 AC_LINK_IFELSE([ 166 AC_LANG_FUNC_LINK_TRY([OBJ_add_sigid]) 167 ],[ 168 tst_api="0x100" 169 ]) 170 fi 171 if test "$tst_api" = "unknown"; then 172 AC_LINK_IFELSE([ 173 AC_LANG_FUNC_LINK_TRY([ERR_set_mark]) 174 ],[ 175 tst_api="0x098" 176 ]) 177 fi 178 if test "$tst_api" = "unknown"; then 179 AC_LINK_IFELSE([ 180 AC_LANG_FUNC_LINK_TRY([ERR_peek_last_error]) 181 ],[ 182 tst_api="0x097" 183 ]) 184 fi 185 if test "$tst_api" = "unknown"; then 186 AC_LINK_IFELSE([ 187 AC_LANG_FUNC_LINK_TRY([c2i_ASN1_OBJECT]) 188 ],[ 189 tst_api="0x096" 190 ]) 191 fi 192 if test "$tst_api" = "unknown"; then 193 AC_LINK_IFELSE([ 194 AC_LANG_FUNC_LINK_TRY([SSL_CTX_set_purpose]) 195 ],[ 196 tst_api="0x095" 197 ]) 198 fi 199 if test "$tst_api" = "unknown"; then 200 AC_LINK_IFELSE([ 201 AC_LANG_FUNC_LINK_TRY([OBJ_obj2txt]) 202 ],[ 203 tst_api="0x094" 204 ]) 205 fi 206 if test "$tst_api" = "unknown"; then 207 AC_LINK_IFELSE([ 208 AC_LANG_FUNC_LINK_TRY([SSL_get_verify_depth]) 209 ],[ 210 tst_api="0x093" 211 ]) 212 fi 213 if test "$tst_api" = "unknown"; then 214 AC_LINK_IFELSE([ 215 AC_LANG_FUNC_LINK_TRY([SSL_library_init]) 216 ],[ 217 tst_api="0x092" 218 ]) 219 fi 220 if test "$tst_api" = "unknown"; then 221 AC_LINK_IFELSE([ 222 AC_LANG_FUNC_LINK_TRY([SSL_CTX_set_cipher_list]) 223 ],[ 224 tst_api="0x091" 225 ]) 226 fi 227 case $tst_api in 228 0x111) tst_show="1.1.1" ;; 229 0x110) tst_show="1.1.0" ;; 230 0x102) tst_show="1.0.2" ;; 231 0x101) tst_show="1.0.1" ;; 232 0x100) tst_show="1.0.0" ;; 233 0x099) tst_show="0.9.9" ;; 234 0x098) tst_show="0.9.8" ;; 235 0x097) tst_show="0.9.7" ;; 236 0x096) tst_show="0.9.6" ;; 237 0x095) tst_show="0.9.5" ;; 238 0x094) tst_show="0.9.4" ;; 239 0x093) tst_show="0.9.3" ;; 240 0x092) tst_show="0.9.2" ;; 241 0x091) tst_show="0.9.1" ;; 242 *) tst_show="unknown" ;; 243 esac 244 AC_MSG_RESULT([$tst_show]) 245 # 246dnl if test "$tst_api" != "unknown"; then 247dnl AC_DEFINE_UNQUOTED(HAVE_OPENSSL_API_LIBRARY, $tst_api, 248dnl [OpenSSL library link time API. Defined only by configure script. 249dnl No matter what, do not ever define this manually or by any other means.]) 250dnl fi 251 curl_openssl_api_library=$tst_api 252]) 253 254 255dnl CURL_CHECK_OPENSSL_API 256dnl ------------------------------------------------- 257 258AC_DEFUN([CURL_CHECK_OPENSSL_API], [ 259 # 260 CURL_CHECK_OPENSSL_API_HEADERS 261 CURL_CHECK_OPENSSL_API_LIBRARY 262 # 263 tst_match="yes" 264 # 265 AC_MSG_CHECKING([for OpenSSL headers and library versions matching]) 266 if test "$curl_openssl_api_headers" = "unknown" || 267 test "$curl_openssl_api_library" = "unknown"; then 268 tst_match="fail" 269 tst_warns="Can not compare OpenSSL headers and library versions." 270 elif test "$curl_openssl_api_headers" != "$curl_openssl_api_library"; then 271 tst_match="no" 272 tst_warns="OpenSSL headers and library versions do not match." 273 fi 274 AC_MSG_RESULT([$tst_match]) 275 if test "$tst_match" != "yes"; then 276 AC_MSG_WARN([$tst_warns]) 277 fi 278]) 279 280dnl ********************************************************************** 281dnl Check for OpenSSL libraries and headers 282dnl ********************************************************************** 283 284AC_DEFUN([CURL_WITH_OPENSSL], [ 285if test "x$OPT_OPENSSL" != xno; then 286 ssl_msg= 287 288 dnl backup the pre-ssl variables 289 CLEANLDFLAGS="$LDFLAGS" 290 CLEANCPPFLAGS="$CPPFLAGS" 291 CLEANLIBS="$LIBS" 292 293 dnl This is for Msys/Mingw 294 case $host in 295 *-*-msys* | *-*-mingw*) 296 AC_MSG_CHECKING([for gdi32]) 297 my_ac_save_LIBS=$LIBS 298 LIBS="-lgdi32 $LIBS" 299 AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ 300 #include <windef.h> 301 #include <wingdi.h> 302 ]], 303 [[ 304 GdiFlush(); 305 ]])], 306 [ dnl worked! 307 AC_MSG_RESULT([yes])], 308 [ dnl failed, restore LIBS 309 LIBS=$my_ac_save_LIBS 310 AC_MSG_RESULT(no)] 311 ) 312 ;; 313 esac 314 315 case "$OPT_OPENSSL" in 316 yes) 317 dnl --with-openssl (without path) used 318 PKGTEST="yes" 319 PREFIX_OPENSSL= 320 ;; 321 *) 322 dnl check the given --with-openssl spot 323 PKGTEST="no" 324 PREFIX_OPENSSL=$OPT_OPENSSL 325 326 dnl Try pkg-config even when cross-compiling. Since we 327 dnl specify PKG_CONFIG_LIBDIR we're only looking where 328 dnl the user told us to look 329 OPENSSL_PCDIR="$OPT_OPENSSL/lib/pkgconfig" 330 if test -f "$OPENSSL_PCDIR/openssl.pc"; then 331 AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$OPENSSL_PCDIR"]) 332 PKGTEST="yes" 333 elif test ! -f "$PREFIX_OPENSSL/include/openssl/ssl.h"; then 334 AC_MSG_ERROR([$PREFIX_OPENSSL is a bad --with-openssl prefix!]) 335 fi 336 337 dnl in case pkg-config comes up empty, use what we got 338 dnl via --with-openssl 339 LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff" 340 if test "$PREFIX_OPENSSL" != "/usr" ; then 341 SSL_LDFLAGS="-L$LIB_OPENSSL" 342 SSL_CPPFLAGS="-I$PREFIX_OPENSSL/include" 343 fi 344 SSL_CPPFLAGS="$SSL_CPPFLAGS -I$PREFIX_OPENSSL/include/openssl" 345 ;; 346 esac 347 348 if test "$PKGTEST" = "yes"; then 349 350 CURL_CHECK_PKGCONFIG(openssl, [$OPENSSL_PCDIR]) 351 352 if test "$PKGCONFIG" != "no" ; then 353 SSL_LIBS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl 354 $PKGCONFIG --libs-only-l --libs-only-other openssl 2>/dev/null` 355 356 SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl 357 $PKGCONFIG --libs-only-L openssl 2>/dev/null` 358 359 SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl 360 $PKGCONFIG --cflags-only-I openssl 2>/dev/null` 361 362 AC_SUBST(SSL_LIBS) 363 AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"]) 364 AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"]) 365 AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"]) 366 367 LIB_OPENSSL=`echo $SSL_LDFLAGS | sed -e 's/^-L//'` 368 369 dnl use the values pkg-config reported. This is here 370 dnl instead of below with CPPFLAGS and LDFLAGS because we only 371 dnl learn about this via pkg-config. If we only have 372 dnl the argument to --with-openssl we don't know what 373 dnl additional libs may be necessary. Hope that we 374 dnl don't need any. 375 LIBS="$SSL_LIBS $LIBS" 376 fi 377 fi 378 379 dnl finally, set flags to use SSL 380 CPPFLAGS="$CPPFLAGS $SSL_CPPFLAGS" 381 LDFLAGS="$LDFLAGS $SSL_LDFLAGS" 382 383 AC_CHECK_LIB(crypto, HMAC_Update,[ 384 HAVECRYPTO="yes" 385 LIBS="-lcrypto $LIBS" 386 ],[ 387 if test -n "$LIB_OPENSSL" ; then 388 LDFLAGS="$CLEANLDFLAGS -L$LIB_OPENSSL" 389 fi 390 if test "$PKGCONFIG" = "no" -a -n "$PREFIX_OPENSSL" ; then 391 # only set this if pkg-config wasn't used 392 CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include/openssl -I$PREFIX_OPENSSL/include" 393 fi 394 # Linking previously failed, try extra paths from --with-openssl or 395 # pkg-config. Use a different function name to avoid reusing the earlier 396 # cached result. 397 AC_CHECK_LIB(crypto, HMAC_Init_ex,[ 398 HAVECRYPTO="yes" 399 LIBS="-lcrypto $LIBS"], [ 400 401 dnl still no, but what about with -ldl? 402 AC_MSG_CHECKING([OpenSSL linking with -ldl]) 403 LIBS="$CLEANLIBS -lcrypto -ldl" 404 AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ 405 #include <openssl/err.h> 406 ]], [[ 407 ERR_clear_error(); 408 ]]) ], 409 [ 410 AC_MSG_RESULT(yes) 411 HAVECRYPTO="yes" 412 ], 413 [ 414 AC_MSG_RESULT(no) 415 dnl ok, so what about both -ldl and -lpthread? 416 dnl This may be necessary for static libraries. 417 418 AC_MSG_CHECKING([OpenSSL linking with -ldl and -lpthread]) 419 LIBS="$CLEANLIBS -lcrypto -ldl -lpthread" 420 AC_LINK_IFELSE([ 421 AC_LANG_PROGRAM([[ 422 #include <openssl/err.h> 423 ]], [[ 424 ERR_clear_error(); 425 ]])], 426 [ 427 AC_MSG_RESULT(yes) 428 HAVECRYPTO="yes" 429 ], 430 [ 431 AC_MSG_RESULT(no) 432 LDFLAGS="$CLEANLDFLAGS" 433 CPPFLAGS="$CLEANCPPFLAGS" 434 LIBS="$CLEANLIBS" 435 436 ]) 437 438 ]) 439 440 ]) 441 ]) 442 443 if test X"$HAVECRYPTO" = X"yes"; then 444 dnl This is only reasonable to do if crypto actually is there: check for 445 dnl SSL libs NOTE: it is important to do this AFTER the crypto lib 446 447 AC_CHECK_LIB(ssl, SSL_connect) 448 449 if test "$ac_cv_lib_ssl_SSL_connect" != yes; then 450 dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff 451 AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use); 452 OLIBS=$LIBS 453 LIBS="-lRSAglue -lrsaref $LIBS" 454 AC_CHECK_LIB(ssl, SSL_connect) 455 if test "$ac_cv_lib_ssl_SSL_connect" != yes; then 456 dnl still no SSL_connect 457 AC_MSG_RESULT(no) 458 LIBS=$OLIBS 459 else 460 AC_MSG_RESULT(yes) 461 fi 462 463 else 464 465 dnl Have the libraries--check for OpenSSL headers 466 AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ 467 openssl/pem.h openssl/ssl.h openssl/err.h, 468 ssl_msg="OpenSSL" 469 test openssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes 470 OPENSSL_ENABLED=1 471 AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use])) 472 473 if test $ac_cv_header_openssl_x509_h = no; then 474 dnl we don't use the "action" part of the AC_CHECK_HEADERS macro 475 dnl since 'err.h' might in fact find a krb4 header with the same 476 dnl name 477 AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h) 478 479 if test $ac_cv_header_x509_h = yes && 480 test $ac_cv_header_crypto_h = yes && 481 test $ac_cv_header_ssl_h = yes; then 482 dnl three matches 483 ssl_msg="OpenSSL" 484 OPENSSL_ENABLED=1 485 fi 486 fi 487 fi 488 489 if test X"$OPENSSL_ENABLED" != X"1"; then 490 LIBS="$CLEANLIBS" 491 fi 492 493 if test X"$OPT_OPENSSL" != Xoff && 494 test "$OPENSSL_ENABLED" != "1"; then 495 AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!]) 496 fi 497 fi 498 499 if test X"$OPENSSL_ENABLED" = X"1"; then 500 dnl These can only exist if OpenSSL exists 501 dnl OpenSSL_version is introduced in 3.0.0 502 503 AC_CHECK_FUNCS( RAND_egd \ 504 SSLv2_client_method \ 505 OpenSSL_version ) 506 507 AC_MSG_CHECKING([for BoringSSL]) 508 AC_COMPILE_IFELSE([ 509 AC_LANG_PROGRAM([[ 510 #include <openssl/base.h> 511 ]],[[ 512 #ifndef OPENSSL_IS_BORINGSSL 513 #error not boringssl 514 #endif 515 ]]) 516 ],[ 517 AC_MSG_RESULT([yes]) 518 AC_DEFINE_UNQUOTED(HAVE_BORINGSSL, 1, 519 [Define to 1 if using BoringSSL.]) 520 ssl_msg="BoringSSL" 521 ],[ 522 AC_MSG_RESULT([no]) 523 ]) 524 525 AC_MSG_CHECKING([for libressl]) 526 AC_COMPILE_IFELSE([ 527 AC_LANG_PROGRAM([[ 528#include <openssl/opensslv.h> 529 ]],[[ 530 int dummy = LIBRESSL_VERSION_NUMBER; 531 ]]) 532 ],[ 533 AC_MSG_RESULT([yes]) 534 AC_DEFINE_UNQUOTED(HAVE_LIBRESSL, 1, 535 [Define to 1 if using libressl.]) 536 ssl_msg="libressl" 537 ],[ 538 AC_MSG_RESULT([no]) 539 ]) 540 541 AC_MSG_CHECKING([for OpenSSL >= v3]) 542 AC_COMPILE_IFELSE([ 543 AC_LANG_PROGRAM([[ 544#include <openssl/opensslv.h> 545 ]],[[ 546 #if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) 547 return 0; 548 #else 549 #error older than 3 550 #endif 551 ]]) 552 ],[ 553 AC_MSG_RESULT([yes]) 554 AC_DEFINE_UNQUOTED(HAVE_OPENSSL3, 1, 555 [Define to 1 if using OpenSSL 3 or later.]) 556 dnl OpenSSLv3 marks the DES functions deprecated but we have no 557 dnl replacements (yet) so tell the compiler to not warn for them 558 dnl 559 dnl Ask OpenSSL to suppress the warnings. 560 CPPFLAGS="$CPPFLAGS -DOPENSSL_SUPPRESS_DEPRECATED" 561 ssl_msg="OpenSSL v3+" 562 ],[ 563 AC_MSG_RESULT([no]) 564 ]) 565 fi 566 567 if test "$OPENSSL_ENABLED" = "1"; then 568 if test -n "$LIB_OPENSSL"; then 569 dnl when the ssl shared libs were found in a path that the run-time 570 dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH 571 dnl to prevent further configure tests to fail due to this 572 if test "x$cross_compiling" != "xyes"; then 573 CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_OPENSSL" 574 export CURL_LIBRARY_PATH 575 AC_MSG_NOTICE([Added $LIB_OPENSSL to CURL_LIBRARY_PATH]) 576 fi 577 fi 578 CURL_CHECK_OPENSSL_API 579 check_for_ca_bundle=1 580 fi 581 582 test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" 583fi 584 585if test X"$OPT_OPENSSL" != Xno && 586 test "$OPENSSL_ENABLED" != "1"; then 587 AC_MSG_NOTICE([OPT_OPENSSL: $OPT_OPENSSL]) 588 AC_MSG_NOTICE([OPENSSL_ENABLED: $OPENSSL_ENABLED]) 589 AC_MSG_ERROR([--with-openssl was given but OpenSSL could not be detected]) 590fi 591 592dnl ********************************************************************** 593dnl Check for the random seed preferences 594dnl ********************************************************************** 595 596if test X"$OPENSSL_ENABLED" = X"1"; then 597 AC_ARG_WITH(egd-socket, 598 AS_HELP_STRING([--with-egd-socket=FILE], 599 [Entropy Gathering Daemon socket pathname]), 600 [ EGD_SOCKET="$withval" ] 601 ) 602 if test -n "$EGD_SOCKET" ; then 603 AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET", 604 [your Entropy Gathering Daemon socket pathname] ) 605 fi 606 607 dnl Check for user-specified random device 608 AC_ARG_WITH(random, 609 AS_HELP_STRING([--with-random=FILE], 610 [read randomness from FILE (default=/dev/urandom)]), 611 [ RANDOM_FILE="$withval" ], 612 [ 613 if test x$cross_compiling != xyes; then 614 dnl Check for random device 615 AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] ) 616 else 617 AC_MSG_WARN([skipped the /dev/urandom detection when cross-compiling]) 618 fi 619 ] 620 ) 621 if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then 622 AC_SUBST(RANDOM_FILE) 623 AC_DEFINE_UNQUOTED(RANDOM_FILE, "$RANDOM_FILE", 624 [a suitable file to read random data from]) 625 fi 626fi 627 628dnl --- 629dnl We require OpenSSL with SRP support. 630dnl --- 631if test "$OPENSSL_ENABLED" = "1"; then 632 AC_CHECK_LIB(crypto, SRP_Calc_client_key, 633 [ 634 AC_DEFINE(HAVE_OPENSSL_SRP, 1, [if you have the function SRP_Calc_client_key]) 635 AC_SUBST(HAVE_OPENSSL_SRP, [1]) 636 ]) 637fi 638 639dnl --- 640dnl Whether the OpenSSL configuration will be loaded automatically 641dnl --- 642if test X"$OPENSSL_ENABLED" = X"1"; then 643AC_ARG_ENABLE(openssl-auto-load-config, 644AS_HELP_STRING([--enable-openssl-auto-load-config],[Enable automatic loading of OpenSSL configuration]) 645AS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading of OpenSSL configuration]), 646[ if test X"$enableval" = X"no"; then 647 AC_MSG_NOTICE([automatic loading of OpenSSL configuration disabled]) 648 AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration won't be loaded automatically]) 649 fi 650]) 651fi 652 653]) 654