1*6236dae4SAndroid Build Coastguard Worker#*************************************************************************** 2*6236dae4SAndroid Build Coastguard Worker# _ _ ____ _ 3*6236dae4SAndroid Build Coastguard Worker# Project ___| | | | _ \| | 4*6236dae4SAndroid Build Coastguard Worker# / __| | | | |_) | | 5*6236dae4SAndroid Build Coastguard Worker# | (__| |_| | _ <| |___ 6*6236dae4SAndroid Build Coastguard Worker# \___|\___/|_| \_\_____| 7*6236dae4SAndroid Build Coastguard Worker# 8*6236dae4SAndroid Build Coastguard Worker# Copyright (C) Daniel Stenberg, <[email protected]>, et al. 9*6236dae4SAndroid Build Coastguard Worker# 10*6236dae4SAndroid Build Coastguard Worker# This software is licensed as described in the file COPYING, which 11*6236dae4SAndroid Build Coastguard Worker# you should have received as part of this distribution. The terms 12*6236dae4SAndroid Build Coastguard Worker# are also available at https://curl.se/docs/copyright.html. 13*6236dae4SAndroid Build Coastguard Worker# 14*6236dae4SAndroid Build Coastguard Worker# You may opt to use, copy, modify, merge, publish, distribute and/or sell 15*6236dae4SAndroid Build Coastguard Worker# copies of the Software, and permit persons to whom the Software is 16*6236dae4SAndroid Build Coastguard Worker# furnished to do so, under the terms of the COPYING file. 17*6236dae4SAndroid Build Coastguard Worker# 18*6236dae4SAndroid Build Coastguard Worker# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19*6236dae4SAndroid Build Coastguard Worker# KIND, either express or implied. 20*6236dae4SAndroid Build Coastguard Worker# 21*6236dae4SAndroid Build Coastguard Worker# SPDX-License-Identifier: curl 22*6236dae4SAndroid Build Coastguard Worker# 23*6236dae4SAndroid Build Coastguard Worker#*************************************************************************** 24*6236dae4SAndroid Build Coastguard Worker 25*6236dae4SAndroid Build Coastguard Worker# File version for 'aclocal' use. Keep it a single number. 26*6236dae4SAndroid Build Coastguard Worker# serial 5 27*6236dae4SAndroid Build Coastguard Worker 28*6236dae4SAndroid Build Coastguard Workerdnl ********************************************************************** 29*6236dae4SAndroid Build Coastguard Workerdnl Check for OpenSSL libraries and headers 30*6236dae4SAndroid Build Coastguard Workerdnl ********************************************************************** 31*6236dae4SAndroid Build Coastguard Worker 32*6236dae4SAndroid Build Coastguard WorkerAC_DEFUN([CURL_WITH_OPENSSL], [ 33*6236dae4SAndroid Build Coastguard Workerif test "x$OPT_OPENSSL" != xno; then 34*6236dae4SAndroid Build Coastguard Worker ssl_msg= 35*6236dae4SAndroid Build Coastguard Worker 36*6236dae4SAndroid Build Coastguard Worker dnl backup the pre-ssl variables 37*6236dae4SAndroid Build Coastguard Worker CLEANLDFLAGS="$LDFLAGS" 38*6236dae4SAndroid Build Coastguard Worker CLEANCPPFLAGS="$CPPFLAGS" 39*6236dae4SAndroid Build Coastguard Worker CLEANLIBS="$LIBS" 40*6236dae4SAndroid Build Coastguard Worker 41*6236dae4SAndroid Build Coastguard Worker dnl This is for MSYS/MinGW 42*6236dae4SAndroid Build Coastguard Worker case $host in 43*6236dae4SAndroid Build Coastguard Worker *-*-msys* | *-*-mingw*) 44*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for gdi32]) 45*6236dae4SAndroid Build Coastguard Worker my_ac_save_LIBS=$LIBS 46*6236dae4SAndroid Build Coastguard Worker LIBS="-lgdi32 $LIBS" 47*6236dae4SAndroid Build Coastguard Worker AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ 48*6236dae4SAndroid Build Coastguard Worker #include <windef.h> 49*6236dae4SAndroid Build Coastguard Worker #include <wingdi.h> 50*6236dae4SAndroid Build Coastguard Worker ]], 51*6236dae4SAndroid Build Coastguard Worker [[ 52*6236dae4SAndroid Build Coastguard Worker GdiFlush(); 53*6236dae4SAndroid Build Coastguard Worker ]])], 54*6236dae4SAndroid Build Coastguard Worker [ dnl worked! 55*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes])], 56*6236dae4SAndroid Build Coastguard Worker [ dnl failed, restore LIBS 57*6236dae4SAndroid Build Coastguard Worker LIBS=$my_ac_save_LIBS 58*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(no)] 59*6236dae4SAndroid Build Coastguard Worker ) 60*6236dae4SAndroid Build Coastguard Worker ;; 61*6236dae4SAndroid Build Coastguard Worker esac 62*6236dae4SAndroid Build Coastguard Worker 63*6236dae4SAndroid Build Coastguard Worker case "$OPT_OPENSSL" in 64*6236dae4SAndroid Build Coastguard Worker yes) 65*6236dae4SAndroid Build Coastguard Worker dnl --with-openssl (without path) used 66*6236dae4SAndroid Build Coastguard Worker PKGTEST="yes" 67*6236dae4SAndroid Build Coastguard Worker PREFIX_OPENSSL= 68*6236dae4SAndroid Build Coastguard Worker ;; 69*6236dae4SAndroid Build Coastguard Worker *) 70*6236dae4SAndroid Build Coastguard Worker dnl check the given --with-openssl spot 71*6236dae4SAndroid Build Coastguard Worker PKGTEST="no" 72*6236dae4SAndroid Build Coastguard Worker PREFIX_OPENSSL=$OPT_OPENSSL 73*6236dae4SAndroid Build Coastguard Worker 74*6236dae4SAndroid Build Coastguard Worker dnl Try pkg-config even when cross-compiling. Since we 75*6236dae4SAndroid Build Coastguard Worker dnl specify PKG_CONFIG_LIBDIR we're only looking where 76*6236dae4SAndroid Build Coastguard Worker dnl the user told us to look 77*6236dae4SAndroid Build Coastguard Worker OPENSSL_PCDIR="$OPT_OPENSSL/lib/pkgconfig" 78*6236dae4SAndroid Build Coastguard Worker if test -f "$OPENSSL_PCDIR/openssl.pc"; then 79*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$OPENSSL_PCDIR"]) 80*6236dae4SAndroid Build Coastguard Worker PKGTEST="yes" 81*6236dae4SAndroid Build Coastguard Worker fi 82*6236dae4SAndroid Build Coastguard Worker 83*6236dae4SAndroid Build Coastguard Worker if test "$PKGTEST" != "yes"; then 84*6236dae4SAndroid Build Coastguard Worker # try lib64 instead 85*6236dae4SAndroid Build Coastguard Worker OPENSSL_PCDIR="$OPT_OPENSSL/lib64/pkgconfig" 86*6236dae4SAndroid Build Coastguard Worker if test -f "$OPENSSL_PCDIR/openssl.pc"; then 87*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$OPENSSL_PCDIR"]) 88*6236dae4SAndroid Build Coastguard Worker PKGTEST="yes" 89*6236dae4SAndroid Build Coastguard Worker fi 90*6236dae4SAndroid Build Coastguard Worker fi 91*6236dae4SAndroid Build Coastguard Worker 92*6236dae4SAndroid Build Coastguard Worker if test "$PKGTEST" != "yes"; then 93*6236dae4SAndroid Build Coastguard Worker if test ! -f "$PREFIX_OPENSSL/include/openssl/ssl.h"; then 94*6236dae4SAndroid Build Coastguard Worker AC_MSG_ERROR([$PREFIX_OPENSSL is a bad --with-openssl prefix!]) 95*6236dae4SAndroid Build Coastguard Worker fi 96*6236dae4SAndroid Build Coastguard Worker fi 97*6236dae4SAndroid Build Coastguard Worker 98*6236dae4SAndroid Build Coastguard Worker dnl in case pkg-config comes up empty, use what we got 99*6236dae4SAndroid Build Coastguard Worker dnl via --with-openssl 100*6236dae4SAndroid Build Coastguard Worker LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff" 101*6236dae4SAndroid Build Coastguard Worker if test "$PREFIX_OPENSSL" != "/usr" ; then 102*6236dae4SAndroid Build Coastguard Worker SSL_LDFLAGS="-L$LIB_OPENSSL" 103*6236dae4SAndroid Build Coastguard Worker SSL_CPPFLAGS="-I$PREFIX_OPENSSL/include" 104*6236dae4SAndroid Build Coastguard Worker fi 105*6236dae4SAndroid Build Coastguard Worker ;; 106*6236dae4SAndroid Build Coastguard Worker esac 107*6236dae4SAndroid Build Coastguard Worker 108*6236dae4SAndroid Build Coastguard Worker if test "$PKGTEST" = "yes"; then 109*6236dae4SAndroid Build Coastguard Worker 110*6236dae4SAndroid Build Coastguard Worker CURL_CHECK_PKGCONFIG(openssl, [$OPENSSL_PCDIR]) 111*6236dae4SAndroid Build Coastguard Worker 112*6236dae4SAndroid Build Coastguard Worker if test "$PKGCONFIG" != "no" ; then 113*6236dae4SAndroid Build Coastguard Worker SSL_LIBS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl 114*6236dae4SAndroid Build Coastguard Worker $PKGCONFIG --libs-only-l --libs-only-other openssl 2>/dev/null` 115*6236dae4SAndroid Build Coastguard Worker 116*6236dae4SAndroid Build Coastguard Worker SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl 117*6236dae4SAndroid Build Coastguard Worker $PKGCONFIG --libs-only-L openssl 2>/dev/null` 118*6236dae4SAndroid Build Coastguard Worker 119*6236dae4SAndroid Build Coastguard Worker SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl 120*6236dae4SAndroid Build Coastguard Worker $PKGCONFIG --cflags-only-I openssl 2>/dev/null` 121*6236dae4SAndroid Build Coastguard Worker 122*6236dae4SAndroid Build Coastguard Worker AC_SUBST(SSL_LIBS) 123*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"]) 124*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"]) 125*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"]) 126*6236dae4SAndroid Build Coastguard Worker 127*6236dae4SAndroid Build Coastguard Worker LIB_OPENSSL=`echo $SSL_LDFLAGS | sed -e 's/^-L//'` 128*6236dae4SAndroid Build Coastguard Worker 129*6236dae4SAndroid Build Coastguard Worker dnl use the values pkg-config reported. This is here 130*6236dae4SAndroid Build Coastguard Worker dnl instead of below with CPPFLAGS and LDFLAGS because we only 131*6236dae4SAndroid Build Coastguard Worker dnl learn about this via pkg-config. If we only have 132*6236dae4SAndroid Build Coastguard Worker dnl the argument to --with-openssl we don't know what 133*6236dae4SAndroid Build Coastguard Worker dnl additional libs may be necessary. Hope that we 134*6236dae4SAndroid Build Coastguard Worker dnl don't need any. 135*6236dae4SAndroid Build Coastguard Worker LIBS="$SSL_LIBS $LIBS" 136*6236dae4SAndroid Build Coastguard Worker fi 137*6236dae4SAndroid Build Coastguard Worker fi 138*6236dae4SAndroid Build Coastguard Worker 139*6236dae4SAndroid Build Coastguard Worker dnl finally, set flags to use SSL 140*6236dae4SAndroid Build Coastguard Worker CPPFLAGS="$CPPFLAGS $SSL_CPPFLAGS" 141*6236dae4SAndroid Build Coastguard Worker LDFLAGS="$LDFLAGS $SSL_LDFLAGS" 142*6236dae4SAndroid Build Coastguard Worker 143*6236dae4SAndroid Build Coastguard Worker AC_CHECK_LIB(crypto, HMAC_Update,[ 144*6236dae4SAndroid Build Coastguard Worker HAVECRYPTO="yes" 145*6236dae4SAndroid Build Coastguard Worker LIBS="-lcrypto $LIBS" 146*6236dae4SAndroid Build Coastguard Worker ],[ 147*6236dae4SAndroid Build Coastguard Worker if test -n "$LIB_OPENSSL" ; then 148*6236dae4SAndroid Build Coastguard Worker LDFLAGS="$CLEANLDFLAGS -L$LIB_OPENSSL" 149*6236dae4SAndroid Build Coastguard Worker fi 150*6236dae4SAndroid Build Coastguard Worker if test "$PKGCONFIG" = "no" -a -n "$PREFIX_OPENSSL" ; then 151*6236dae4SAndroid Build Coastguard Worker # only set this if pkg-config wasn't used 152*6236dae4SAndroid Build Coastguard Worker CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include" 153*6236dae4SAndroid Build Coastguard Worker fi 154*6236dae4SAndroid Build Coastguard Worker # Linking previously failed, try extra paths from --with-openssl or 155*6236dae4SAndroid Build Coastguard Worker # pkg-config. Use a different function name to avoid reusing the earlier 156*6236dae4SAndroid Build Coastguard Worker # cached result. 157*6236dae4SAndroid Build Coastguard Worker AC_CHECK_LIB(crypto, HMAC_Init_ex,[ 158*6236dae4SAndroid Build Coastguard Worker HAVECRYPTO="yes" 159*6236dae4SAndroid Build Coastguard Worker LIBS="-lcrypto $LIBS"], [ 160*6236dae4SAndroid Build Coastguard Worker 161*6236dae4SAndroid Build Coastguard Worker dnl still no, but what about with -ldl? 162*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([OpenSSL linking with -ldl]) 163*6236dae4SAndroid Build Coastguard Worker LIBS="-lcrypto $CLEANLIBS -ldl" 164*6236dae4SAndroid Build Coastguard Worker AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ 165*6236dae4SAndroid Build Coastguard Worker #include <openssl/err.h> 166*6236dae4SAndroid Build Coastguard Worker ]], [[ 167*6236dae4SAndroid Build Coastguard Worker ERR_clear_error(); 168*6236dae4SAndroid Build Coastguard Worker ]]) ], 169*6236dae4SAndroid Build Coastguard Worker [ 170*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(yes) 171*6236dae4SAndroid Build Coastguard Worker HAVECRYPTO="yes" 172*6236dae4SAndroid Build Coastguard Worker ], 173*6236dae4SAndroid Build Coastguard Worker [ 174*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(no) 175*6236dae4SAndroid Build Coastguard Worker dnl ok, so what about both -ldl and -lpthread? 176*6236dae4SAndroid Build Coastguard Worker dnl This may be necessary for static libraries. 177*6236dae4SAndroid Build Coastguard Worker 178*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([OpenSSL linking with -ldl and -lpthread]) 179*6236dae4SAndroid Build Coastguard Worker LIBS="-lcrypto $CLEANLIBS -ldl -lpthread" 180*6236dae4SAndroid Build Coastguard Worker AC_LINK_IFELSE([ 181*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 182*6236dae4SAndroid Build Coastguard Worker #include <openssl/err.h> 183*6236dae4SAndroid Build Coastguard Worker ]], [[ 184*6236dae4SAndroid Build Coastguard Worker ERR_clear_error(); 185*6236dae4SAndroid Build Coastguard Worker ]])], 186*6236dae4SAndroid Build Coastguard Worker [ 187*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(yes) 188*6236dae4SAndroid Build Coastguard Worker HAVECRYPTO="yes" 189*6236dae4SAndroid Build Coastguard Worker ], 190*6236dae4SAndroid Build Coastguard Worker [ 191*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(no) 192*6236dae4SAndroid Build Coastguard Worker LDFLAGS="$CLEANLDFLAGS" 193*6236dae4SAndroid Build Coastguard Worker CPPFLAGS="$CLEANCPPFLAGS" 194*6236dae4SAndroid Build Coastguard Worker LIBS="$CLEANLIBS" 195*6236dae4SAndroid Build Coastguard Worker ]) 196*6236dae4SAndroid Build Coastguard Worker ]) 197*6236dae4SAndroid Build Coastguard Worker ]) 198*6236dae4SAndroid Build Coastguard Worker ]) 199*6236dae4SAndroid Build Coastguard Worker 200*6236dae4SAndroid Build Coastguard Worker if test X"$HAVECRYPTO" = X"yes"; then 201*6236dae4SAndroid Build Coastguard Worker dnl This is only reasonable to do if crypto actually is there: check for 202*6236dae4SAndroid Build Coastguard Worker dnl SSL libs NOTE: it is important to do this AFTER the crypto lib 203*6236dae4SAndroid Build Coastguard Worker 204*6236dae4SAndroid Build Coastguard Worker AC_CHECK_LIB(ssl, SSL_connect) 205*6236dae4SAndroid Build Coastguard Worker 206*6236dae4SAndroid Build Coastguard Worker if test "$ac_cv_lib_ssl_SSL_connect" != yes; then 207*6236dae4SAndroid Build Coastguard Worker dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff 208*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use); 209*6236dae4SAndroid Build Coastguard Worker OLIBS=$LIBS 210*6236dae4SAndroid Build Coastguard Worker LIBS="-lRSAglue -lrsaref $LIBS" 211*6236dae4SAndroid Build Coastguard Worker AC_CHECK_LIB(ssl, SSL_connect) 212*6236dae4SAndroid Build Coastguard Worker if test "$ac_cv_lib_ssl_SSL_connect" != yes; then 213*6236dae4SAndroid Build Coastguard Worker dnl still no SSL_connect 214*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(no) 215*6236dae4SAndroid Build Coastguard Worker LIBS=$OLIBS 216*6236dae4SAndroid Build Coastguard Worker else 217*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT(yes) 218*6236dae4SAndroid Build Coastguard Worker fi 219*6236dae4SAndroid Build Coastguard Worker 220*6236dae4SAndroid Build Coastguard Worker else 221*6236dae4SAndroid Build Coastguard Worker 222*6236dae4SAndroid Build Coastguard Worker dnl Have the libraries--check for OpenSSL headers 223*6236dae4SAndroid Build Coastguard Worker AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ 224*6236dae4SAndroid Build Coastguard Worker openssl/pem.h openssl/ssl.h openssl/err.h, 225*6236dae4SAndroid Build Coastguard Worker ssl_msg="OpenSSL" 226*6236dae4SAndroid Build Coastguard Worker test openssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes 227*6236dae4SAndroid Build Coastguard Worker OPENSSL_ENABLED=1 228*6236dae4SAndroid Build Coastguard Worker AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use])) 229*6236dae4SAndroid Build Coastguard Worker 230*6236dae4SAndroid Build Coastguard Worker if test $ac_cv_header_openssl_x509_h = no; then 231*6236dae4SAndroid Build Coastguard Worker dnl we don't use the "action" part of the AC_CHECK_HEADERS macro 232*6236dae4SAndroid Build Coastguard Worker dnl since 'err.h' might in fact find a krb4 header with the same 233*6236dae4SAndroid Build Coastguard Worker dnl name 234*6236dae4SAndroid Build Coastguard Worker AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h) 235*6236dae4SAndroid Build Coastguard Worker 236*6236dae4SAndroid Build Coastguard Worker if test $ac_cv_header_x509_h = yes && 237*6236dae4SAndroid Build Coastguard Worker test $ac_cv_header_crypto_h = yes && 238*6236dae4SAndroid Build Coastguard Worker test $ac_cv_header_ssl_h = yes; then 239*6236dae4SAndroid Build Coastguard Worker dnl three matches 240*6236dae4SAndroid Build Coastguard Worker ssl_msg="OpenSSL" 241*6236dae4SAndroid Build Coastguard Worker OPENSSL_ENABLED=1 242*6236dae4SAndroid Build Coastguard Worker fi 243*6236dae4SAndroid Build Coastguard Worker fi 244*6236dae4SAndroid Build Coastguard Worker fi 245*6236dae4SAndroid Build Coastguard Worker 246*6236dae4SAndroid Build Coastguard Worker if test X"$OPENSSL_ENABLED" != X"1"; then 247*6236dae4SAndroid Build Coastguard Worker LIBS="$CLEANLIBS" 248*6236dae4SAndroid Build Coastguard Worker fi 249*6236dae4SAndroid Build Coastguard Worker 250*6236dae4SAndroid Build Coastguard Worker if test X"$OPT_OPENSSL" != Xoff && 251*6236dae4SAndroid Build Coastguard Worker test "$OPENSSL_ENABLED" != "1"; then 252*6236dae4SAndroid Build Coastguard Worker AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!]) 253*6236dae4SAndroid Build Coastguard Worker fi 254*6236dae4SAndroid Build Coastguard Worker fi 255*6236dae4SAndroid Build Coastguard Worker 256*6236dae4SAndroid Build Coastguard Worker if test X"$OPENSSL_ENABLED" = X"1"; then 257*6236dae4SAndroid Build Coastguard Worker dnl These can only exist if OpenSSL exists 258*6236dae4SAndroid Build Coastguard Worker 259*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for BoringSSL]) 260*6236dae4SAndroid Build Coastguard Worker AC_COMPILE_IFELSE([ 261*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 262*6236dae4SAndroid Build Coastguard Worker #include <openssl/base.h> 263*6236dae4SAndroid Build Coastguard Worker ]],[[ 264*6236dae4SAndroid Build Coastguard Worker #ifndef OPENSSL_IS_BORINGSSL 265*6236dae4SAndroid Build Coastguard Worker #error not boringssl 266*6236dae4SAndroid Build Coastguard Worker #endif 267*6236dae4SAndroid Build Coastguard Worker ]]) 268*6236dae4SAndroid Build Coastguard Worker ],[ 269*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes]) 270*6236dae4SAndroid Build Coastguard Worker ssl_msg="BoringSSL" 271*6236dae4SAndroid Build Coastguard Worker OPENSSL_IS_BORINGSSL=1 272*6236dae4SAndroid Build Coastguard Worker ],[ 273*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([no]) 274*6236dae4SAndroid Build Coastguard Worker ]) 275*6236dae4SAndroid Build Coastguard Worker 276*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for AWS-LC]) 277*6236dae4SAndroid Build Coastguard Worker AC_COMPILE_IFELSE([ 278*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 279*6236dae4SAndroid Build Coastguard Worker #include <openssl/base.h> 280*6236dae4SAndroid Build Coastguard Worker ]],[[ 281*6236dae4SAndroid Build Coastguard Worker #ifndef OPENSSL_IS_AWSLC 282*6236dae4SAndroid Build Coastguard Worker #error not AWS-LC 283*6236dae4SAndroid Build Coastguard Worker #endif 284*6236dae4SAndroid Build Coastguard Worker ]]) 285*6236dae4SAndroid Build Coastguard Worker ],[ 286*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes]) 287*6236dae4SAndroid Build Coastguard Worker ssl_msg="AWS-LC" 288*6236dae4SAndroid Build Coastguard Worker OPENSSL_IS_BORINGSSL=1 289*6236dae4SAndroid Build Coastguard Worker ],[ 290*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([no]) 291*6236dae4SAndroid Build Coastguard Worker ]) 292*6236dae4SAndroid Build Coastguard Worker 293*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for LibreSSL]) 294*6236dae4SAndroid Build Coastguard Worker AC_COMPILE_IFELSE([ 295*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 296*6236dae4SAndroid Build Coastguard Worker #include <openssl/opensslv.h> 297*6236dae4SAndroid Build Coastguard Worker ]],[[ 298*6236dae4SAndroid Build Coastguard Worker int dummy = LIBRESSL_VERSION_NUMBER; 299*6236dae4SAndroid Build Coastguard Worker ]]) 300*6236dae4SAndroid Build Coastguard Worker ],[ 301*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes]) 302*6236dae4SAndroid Build Coastguard Worker AC_DEFINE_UNQUOTED(HAVE_LIBRESSL, 1, 303*6236dae4SAndroid Build Coastguard Worker [Define to 1 if using LibreSSL.]) 304*6236dae4SAndroid Build Coastguard Worker ssl_msg="LibreSSL" 305*6236dae4SAndroid Build Coastguard Worker ],[ 306*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([no]) 307*6236dae4SAndroid Build Coastguard Worker ]) 308*6236dae4SAndroid Build Coastguard Worker 309*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for OpenSSL >= v3]) 310*6236dae4SAndroid Build Coastguard Worker AC_COMPILE_IFELSE([ 311*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 312*6236dae4SAndroid Build Coastguard Worker #include <openssl/opensslv.h> 313*6236dae4SAndroid Build Coastguard Worker ]],[[ 314*6236dae4SAndroid Build Coastguard Worker #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) 315*6236dae4SAndroid Build Coastguard Worker return 0; 316*6236dae4SAndroid Build Coastguard Worker #else 317*6236dae4SAndroid Build Coastguard Worker #error older than 3 318*6236dae4SAndroid Build Coastguard Worker #endif 319*6236dae4SAndroid Build Coastguard Worker ]]) 320*6236dae4SAndroid Build Coastguard Worker ],[ 321*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes]) 322*6236dae4SAndroid Build Coastguard Worker ssl_msg="OpenSSL v3+" 323*6236dae4SAndroid Build Coastguard Worker ],[ 324*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([no]) 325*6236dae4SAndroid Build Coastguard Worker ]) 326*6236dae4SAndroid Build Coastguard Worker fi 327*6236dae4SAndroid Build Coastguard Worker 328*6236dae4SAndroid Build Coastguard Worker dnl is this OpenSSL (fork) providing the original QUIC API? 329*6236dae4SAndroid Build Coastguard Worker AC_CHECK_FUNCS([SSL_set_quic_use_legacy_codepoint], 330*6236dae4SAndroid Build Coastguard Worker [QUIC_ENABLED=yes]) 331*6236dae4SAndroid Build Coastguard Worker if test "$QUIC_ENABLED" = "yes"; then 332*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([OpenSSL fork speaks QUIC API]) 333*6236dae4SAndroid Build Coastguard Worker else 334*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([OpenSSL version does not speak QUIC API]) 335*6236dae4SAndroid Build Coastguard Worker fi 336*6236dae4SAndroid Build Coastguard Worker 337*6236dae4SAndroid Build Coastguard Worker if test "$OPENSSL_ENABLED" = "1"; then 338*6236dae4SAndroid Build Coastguard Worker if test -n "$LIB_OPENSSL"; then 339*6236dae4SAndroid Build Coastguard Worker dnl when the ssl shared libs were found in a path that the run-time 340*6236dae4SAndroid Build Coastguard Worker dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH 341*6236dae4SAndroid Build Coastguard Worker dnl to prevent further configure tests to fail due to this 342*6236dae4SAndroid Build Coastguard Worker if test "x$cross_compiling" != "xyes"; then 343*6236dae4SAndroid Build Coastguard Worker CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_OPENSSL" 344*6236dae4SAndroid Build Coastguard Worker export CURL_LIBRARY_PATH 345*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([Added $LIB_OPENSSL to CURL_LIBRARY_PATH]) 346*6236dae4SAndroid Build Coastguard Worker fi 347*6236dae4SAndroid Build Coastguard Worker fi 348*6236dae4SAndroid Build Coastguard Worker check_for_ca_bundle=1 349*6236dae4SAndroid Build Coastguard Worker LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE openssl" 350*6236dae4SAndroid Build Coastguard Worker fi 351*6236dae4SAndroid Build Coastguard Worker 352*6236dae4SAndroid Build Coastguard Worker test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" 353*6236dae4SAndroid Build Coastguard Workerfi 354*6236dae4SAndroid Build Coastguard Worker 355*6236dae4SAndroid Build Coastguard Workerif test X"$OPT_OPENSSL" != Xno && 356*6236dae4SAndroid Build Coastguard Worker test "$OPENSSL_ENABLED" != "1"; then 357*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([OPT_OPENSSL: $OPT_OPENSSL]) 358*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([OPENSSL_ENABLED: $OPENSSL_ENABLED]) 359*6236dae4SAndroid Build Coastguard Worker AC_MSG_ERROR([--with-openssl was given but OpenSSL could not be detected]) 360*6236dae4SAndroid Build Coastguard Workerfi 361*6236dae4SAndroid Build Coastguard Worker 362*6236dae4SAndroid Build Coastguard Workerdnl --- 363*6236dae4SAndroid Build Coastguard Workerdnl We require OpenSSL with SRP support. 364*6236dae4SAndroid Build Coastguard Workerdnl --- 365*6236dae4SAndroid Build Coastguard Workerif test "$OPENSSL_ENABLED" = "1"; then 366*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for SRP support in OpenSSL]) 367*6236dae4SAndroid Build Coastguard Worker AC_LINK_IFELSE([ 368*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 369*6236dae4SAndroid Build Coastguard Worker #include <openssl/ssl.h> 370*6236dae4SAndroid Build Coastguard Worker ]],[[ 371*6236dae4SAndroid Build Coastguard Worker SSL_CTX_set_srp_username(NULL, ""); 372*6236dae4SAndroid Build Coastguard Worker SSL_CTX_set_srp_password(NULL, ""); 373*6236dae4SAndroid Build Coastguard Worker ]]) 374*6236dae4SAndroid Build Coastguard Worker ],[ 375*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes]) 376*6236dae4SAndroid Build Coastguard Worker AC_DEFINE(HAVE_OPENSSL_SRP, 1, [if you have the functions SSL_CTX_set_srp_username and SSL_CTX_set_srp_password]) 377*6236dae4SAndroid Build Coastguard Worker AC_SUBST(HAVE_OPENSSL_SRP, [1]) 378*6236dae4SAndroid Build Coastguard Worker ],[ 379*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([no]) 380*6236dae4SAndroid Build Coastguard Worker ]) 381*6236dae4SAndroid Build Coastguard Workerfi 382*6236dae4SAndroid Build Coastguard Worker 383*6236dae4SAndroid Build Coastguard Workerdnl --- 384*6236dae4SAndroid Build Coastguard Workerdnl Whether the OpenSSL configuration will be loaded automatically 385*6236dae4SAndroid Build Coastguard Workerdnl --- 386*6236dae4SAndroid Build Coastguard Workerif test X"$OPENSSL_ENABLED" = X"1"; then 387*6236dae4SAndroid Build Coastguard Worker AC_ARG_ENABLE(openssl-auto-load-config, 388*6236dae4SAndroid Build Coastguard WorkerAS_HELP_STRING([--enable-openssl-auto-load-config],[Enable automatic loading of OpenSSL configuration]) 389*6236dae4SAndroid Build Coastguard WorkerAS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading of OpenSSL configuration]), 390*6236dae4SAndroid Build Coastguard Worker [ if test X"$enableval" = X"no"; then 391*6236dae4SAndroid Build Coastguard Worker AC_MSG_NOTICE([automatic loading of OpenSSL configuration disabled]) 392*6236dae4SAndroid Build Coastguard Worker AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration won't be loaded automatically]) 393*6236dae4SAndroid Build Coastguard Worker fi 394*6236dae4SAndroid Build Coastguard Worker ]) 395*6236dae4SAndroid Build Coastguard Workerfi 396*6236dae4SAndroid Build Coastguard Worker 397*6236dae4SAndroid Build Coastguard Workerdnl --- 398*6236dae4SAndroid Build Coastguard Workerdnl We may use OpenSSL QUIC. 399*6236dae4SAndroid Build Coastguard Workerdnl --- 400*6236dae4SAndroid Build Coastguard Workerif test "$OPENSSL_ENABLED" = "1"; then 401*6236dae4SAndroid Build Coastguard Worker AC_MSG_CHECKING([for QUIC support and OpenSSL >= 3.3]) 402*6236dae4SAndroid Build Coastguard Worker AC_LINK_IFELSE([ 403*6236dae4SAndroid Build Coastguard Worker AC_LANG_PROGRAM([[ 404*6236dae4SAndroid Build Coastguard Worker #include <openssl/ssl.h> 405*6236dae4SAndroid Build Coastguard Worker ]],[[ 406*6236dae4SAndroid Build Coastguard Worker #if (OPENSSL_VERSION_NUMBER < 0x30300000L) 407*6236dae4SAndroid Build Coastguard Worker #error need at least version 3.3.0 408*6236dae4SAndroid Build Coastguard Worker #endif 409*6236dae4SAndroid Build Coastguard Worker OSSL_QUIC_client_method(); 410*6236dae4SAndroid Build Coastguard Worker ]]) 411*6236dae4SAndroid Build Coastguard Worker ],[ 412*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([yes]) 413*6236dae4SAndroid Build Coastguard Worker have_openssl_quic=1 414*6236dae4SAndroid Build Coastguard Worker ],[ 415*6236dae4SAndroid Build Coastguard Worker AC_MSG_RESULT([no]) 416*6236dae4SAndroid Build Coastguard Worker ]) 417*6236dae4SAndroid Build Coastguard Workerfi 418*6236dae4SAndroid Build Coastguard Worker]) 419