• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#***************************************************************************
2#                                  _   _ ____  _
3#  Project                     ___| | | |  _ \| |
4#                             / __| | | | |_) | |
5#                            | (__| |_| |  _ <| |___
6#                             \___|\___/|_| \_\_____|
7#
8# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9#
10# This software is licensed as described in the file COPYING, which
11# you should have received as part of this distribution. The terms
12# are also available at https://curl.se/docs/copyright.html.
13#
14# You may opt to use, copy, modify, merge, publish, distribute and/or sell
15# copies of the Software, and permit persons to whom the Software is
16# furnished to do so, under the terms of the COPYING file.
17#
18# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19# KIND, either express or implied.
20#
21# SPDX-License-Identifier: curl
22#
23#***************************************************************************
24
25dnl ----------------------------------------------------
26dnl check for GnuTLS
27dnl ----------------------------------------------------
28
29AC_DEFUN([CURL_WITH_GNUTLS], [
30if test "x$OPT_GNUTLS" != xno; then
31  ssl_msg=
32
33  if test X"$OPT_GNUTLS" != Xno; then
34
35    addld=""
36    addlib=""
37    gtlslib=""
38    version=""
39    addcflags=""
40
41    if test "x$OPT_GNUTLS" = "xyes"; then
42      dnl this is with no particular path given
43      CURL_CHECK_PKGCONFIG(gnutls)
44
45      if test "$PKGCONFIG" != "no" ; then
46        addlib=`$PKGCONFIG --libs-only-l gnutls`
47        addld=`$PKGCONFIG --libs-only-L gnutls`
48        addcflags=`$PKGCONFIG --cflags-only-I gnutls`
49        version=`$PKGCONFIG --modversion gnutls`
50        gtlslib=`echo $addld | $SED -e 's/^-L//'`
51      else
52        dnl without pkg-config, we try libgnutls-config as that was how it
53        dnl used to be done
54        check=`libgnutls-config --version 2>/dev/null`
55        if test -n "$check"; then
56          addlib=`libgnutls-config --libs`
57          addcflags=`libgnutls-config --cflags`
58          version=`libgnutls-config --version`
59          gtlslib=`libgnutls-config --prefix`/lib$libsuff
60        fi
61      fi
62    else
63      dnl this is with a given path, first check if there's a libgnutls-config
64      dnl there and if not, make an educated guess
65      cfg=$OPT_GNUTLS/bin/libgnutls-config
66      check=`$cfg --version 2>/dev/null`
67      if test -n "$check"; then
68        addlib=`$cfg --libs`
69        addcflags=`$cfg --cflags`
70        version=`$cfg --version`
71        gtlslib=`$cfg --prefix`/lib$libsuff
72      else
73        dnl without pkg-config and libgnutls-config, we guess a lot!
74        addlib=-lgnutls
75        addld=-L$OPT_GNUTLS/lib$libsuff
76        addcflags=-I$OPT_GNUTLS/include
77        version="" # we just don't know
78        gtlslib=$OPT_GNUTLS/lib$libsuff
79      fi
80    fi
81
82    if test -z "$version"; then
83      dnl lots of efforts, still no go
84      version="unknown"
85    fi
86
87    if test -n "$addlib"; then
88
89      CLEANLIBS="$LIBS"
90      CLEANCPPFLAGS="$CPPFLAGS"
91      CLEANLDFLAGS="$LDFLAGS"
92
93      LIBS="$addlib $LIBS"
94      LDFLAGS="$LDFLAGS $addld"
95      if test "$addcflags" != "-I/usr/include"; then
96         CPPFLAGS="$CPPFLAGS $addcflags"
97      fi
98
99      dnl this function is selected since it was introduced in 3.1.10
100      AC_CHECK_LIB(gnutls, gnutls_x509_crt_get_dn2,
101       [
102       AC_DEFINE(USE_GNUTLS, 1, [if GnuTLS is enabled])
103       AC_SUBST(USE_GNUTLS, [1])
104       GNUTLS_ENABLED=1
105       USE_GNUTLS="yes"
106       ssl_msg="GnuTLS"
107       test gnutls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
108       ],
109       [
110         LIBS="$CLEANLIBS"
111         CPPFLAGS="$CLEANCPPFLAGS"
112       ])
113
114      if test "x$USE_GNUTLS" = "xyes"; then
115        AC_MSG_NOTICE([detected GnuTLS version $version])
116        check_for_ca_bundle=1
117        if test -n "$gtlslib"; then
118          dnl when shared libs were found in a path that the run-time
119          dnl linker doesn't search through, we need to add it to
120          dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
121          dnl due to this
122          if test "x$cross_compiling" != "xyes"; then
123            CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$gtlslib"
124            export CURL_LIBRARY_PATH
125            AC_MSG_NOTICE([Added $gtlslib to CURL_LIBRARY_PATH])
126          fi
127        fi
128      fi
129
130    fi
131
132  fi dnl GNUTLS not disabled
133
134  test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
135fi
136
137dnl ---
138dnl Check which crypto backend GnuTLS uses
139dnl ---
140
141if test "$GNUTLS_ENABLED" = "1"; then
142  USE_GNUTLS_NETTLE=
143  # First check if we can detect either crypto library via transitive linking
144  AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
145
146  # If not, try linking directly to both of them to see if they are available
147  if test "$USE_GNUTLS_NETTLE" = ""; then
148    AC_CHECK_LIB(nettle, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
149  fi
150  if test "$USE_GNUTLS_NETTLE" = ""; then
151    AC_MSG_ERROR([GnuTLS found, but nettle was not found])
152  fi
153  LIBS="-lnettle $LIBS"
154fi
155
156dnl ---
157dnl We require GnuTLS with SRP support.
158dnl ---
159if test "$GNUTLS_ENABLED" = "1"; then
160  AC_CHECK_LIB(gnutls, gnutls_srp_verifier,
161   [
162     AC_DEFINE(HAVE_GNUTLS_SRP, 1, [if you have the function gnutls_srp_verifier])
163     AC_SUBST(HAVE_GNUTLS_SRP, [1])
164   ])
165fi
166
167])
168