From a544bae91253e6ade36b174cd6bb64e6562d7b69 Mon Sep 17 00:00:00 2001 From: ng0 Date: Fri, 12 Apr 2019 22:12:39 +0000 Subject: Properly enforce building with the right configure switches. The downside of this commit is that to address the wrong package definitions out there, I have to break with the good package definitions. --- configure.ac | 1458 ++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 1364 insertions(+), 94 deletions(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index faf2b2129..7435b820b 100755 --- a/configure.ac +++ b/configure.ac @@ -374,6 +374,16 @@ AC_ARG_ENABLE(http, AC_HELP_STRING([--enable-http],[Enable HTTP support]) AC_HELP_STRING([--disable-http],[Disable HTTP support]), [ case "$enableval" in + no) + AC_MSG_ERROR([You must build gnurl with --enable-http!]) + AC_MSG_RESULT(no) + AC_DEFINE(CURL_DISABLE_HTTP, 1, [to disable HTTP]) + disable_http="yes" + AC_MSG_WARN([disable HTTP disables FTP over proxy and RTSP]) + AC_SUBST(CURL_DISABLE_HTTP, [1]) + AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP]) + AC_SUBST(CURL_DISABLE_RTSP, [1]) + ;; *) AC_MSG_RESULT(yes) ;; esac ], @@ -384,46 +394,60 @@ AC_ARG_ENABLE(ftp, AC_HELP_STRING([--enable-ftp],[Enable FTP support]) AC_HELP_STRING([--disable-ftp],[Disable FTP support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_FTP, 1, [to disable FTP]) AC_SUBST(CURL_DISABLE_FTP, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-ftp!]) + AC_MSG_RESULT(yes) + ;; esac ], + if test "x$CURL_DISABLE_FTP" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-ftp!]) + fi AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_FTP, 1, [to disable FTP]) - AC_SUBST(CURL_DISABLE_FTP, [1]) ) AC_MSG_CHECKING([whether to support file]) AC_ARG_ENABLE(file, AC_HELP_STRING([--enable-file],[Enable FILE support]) AC_HELP_STRING([--disable-file],[Disable FILE support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_FILE, 1, [to disable FILE]) AC_SUBST(CURL_DISABLE_FILE, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-file!]) + AC_MSG_RESULT(no) + ;; esac ], + if test "x$CURL_DISABLE_FILE" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-file!]) + fi AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_FILE, 1, [to disable FILE]) - AC_SUBST(CURL_DISABLE_FILE, [1]) ) AC_MSG_CHECKING([whether to support ldap]) AC_ARG_ENABLE(ldap, AC_HELP_STRING([--enable-ldap],[Enable LDAP support]) AC_HELP_STRING([--disable-ldap],[Disable LDAP support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP]) AC_SUBST(CURL_DISABLE_LDAP, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-ldap!]) + AC_MSG_RESULT(yes) + ;; esac ],[ - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP]) - AC_SUBST(CURL_DISABLE_LDAP, [1]) - ] + if test "x$CURL_DISABLE_LDAP" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-ldap!]) + fi + AC_MSG_RESULT(no) ] ) AC_MSG_CHECKING([whether to support ldaps]) AC_ARG_ENABLE(ldaps, @@ -470,16 +494,16 @@ AC_HELP_STRING([--disable-rtsp],[Disable RTSP support]), *) if test x$CURL_DISABLE_HTTP = x1 ; then AC_MSG_ERROR(HTTP support needs to be enabled in order to enable RTSP support!) else - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP]) - AC_SUBST(CURL_DISABLE_RTSP, [1]) + AC_MSG_ERROR([You must build gnurl with --disable-rtsp!]) + AC_MSG_RESULT(yes) + curl_rtsp_msg="enabled" fi ;; esac ], if test "x$CURL_DISABLE_HTTP" != "x1"; then - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP]) - AC_SUBST(CURL_DISABLE_RTSP, [1]) + AC_MSG_ERROR([You must build gnurl with --disable-rtsp!]) + AC_MSG_RESULT(yes) + curl_rtsp_msg="enabled" else AC_MSG_RESULT(no) fi @@ -506,45 +530,59 @@ AC_ARG_ENABLE(dict, AC_HELP_STRING([--enable-dict],[Enable DICT support]) AC_HELP_STRING([--disable-dict],[Disable DICT support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_DICT, 1, [to disable DICT]) AC_SUBST(CURL_DISABLE_DICT, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-dict!]) + AC_MSG_RESULT(no) + ;; esac ], + if test "x$CURL_DISABLE_DICT" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-dict!]) + fi AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_DICT, 1, [to disable DICT]) - AC_SUBST(CURL_DISABLE_DICT, [1]) ) AC_MSG_CHECKING([whether to support telnet]) AC_ARG_ENABLE(telnet, AC_HELP_STRING([--enable-telnet],[Enable TELNET support]) AC_HELP_STRING([--disable-telnet],[Disable TELNET support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_TELNET, 1, [to disable TELNET]) AC_SUBST(CURL_DISABLE_TELNET, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-telnet!]) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_TELNET, 1, [to disable TELNET]) - AC_SUBST(CURL_DISABLE_TELNET, [1]) + if test "x$CURL_DISABLE_TELNET" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-telnet!]) + fi + AC_MSG_RESULT(yes) ) AC_MSG_CHECKING([whether to support tftp]) AC_ARG_ENABLE(tftp, AC_HELP_STRING([--enable-tftp],[Enable TFTP support]) AC_HELP_STRING([--disable-tftp],[Disable TFTP support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_TFTP, 1, [to disable TFTP]) AC_SUBST(CURL_DISABLE_TFTP, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-tftp!]) + AC_MSG_RESULT(yes) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_TFTP, 1, [to disable TFTP]) - AC_SUBST(CURL_DISABLE_TFTP, [1]) + if test "x$CURL_DISABLE_TFTP" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-tftp!]) + fi + AC_MSG_RESULT(yes) ) AC_MSG_CHECKING([whether to support pop3]) @@ -552,15 +590,20 @@ AC_ARG_ENABLE(pop3, AC_HELP_STRING([--enable-pop3],[Enable POP3 support]) AC_HELP_STRING([--disable-pop3],[Disable POP3 support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_POP3, 1, [to disable POP3]) AC_SUBST(CURL_DISABLE_POP3, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-pop3!]) + AC_MSG_RESULT(yes) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_POP3, 1, [to disable POP3]) - AC_SUBST(CURL_DISABLE_POP3, [1]) + if test "x$CURL_DISABLE_POP3" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-pop3!]) + fi + AC_MSG_RESULT(yes) ) @@ -569,15 +612,20 @@ AC_ARG_ENABLE(imap, AC_HELP_STRING([--enable-imap],[Enable IMAP support]) AC_HELP_STRING([--disable-imap],[Disable IMAP support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_IMAP, 1, [to disable IMAP]) AC_SUBST(CURL_DISABLE_IMAP, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-imap!]) + AC_MSG_RESULT(yes) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_IMAP, 1, [to disable IMAP]) - AC_SUBST(CURL_DISABLE_IMAP, [1]) + if test "x$CURL_DISABLE_IMAP" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-imap!]) + fi + AC_MSG_RESULT(yes) ) @@ -586,15 +634,20 @@ AC_ARG_ENABLE(smb, AC_HELP_STRING([--enable-smb],[Enable SMB/CIFS support]) AC_HELP_STRING([--disable-smb],[Disable SMB/CIFS support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_SMB, 1, [to disable SMB/CIFS]) AC_SUBST(CURL_DISABLE_SMB, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-smb!]) + AC_MSG_RESULT(yes) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_SMB, 1, [to disable SMB/CIFS]) - AC_SUBST(CURL_DISABLE_SMB, [1]) + if test "x$CURL_DISABLE_SMB" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-smb!]) + fi + AC_MSG_RESULT(yes) ) AC_MSG_CHECKING([whether to support smtp]) @@ -602,15 +655,20 @@ AC_ARG_ENABLE(smtp, AC_HELP_STRING([--enable-smtp],[Enable SMTP support]) AC_HELP_STRING([--disable-smtp],[Disable SMTP support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_SMTP, 1, [to disable SMTP]) AC_SUBST(CURL_DISABLE_SMTP, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-smtp!]) + AC_MSG_RESULT(yes) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_SMTP, 1, [to disable SMTP]) - AC_SUBST(CURL_DISABLE_SMTP, [1]) + if test "x$CURL_DISABLE_SMTP" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-smtp!]) + fi + AC_MSG_RESULT(yes) ) AC_MSG_CHECKING([whether to support gopher]) @@ -618,15 +676,20 @@ AC_ARG_ENABLE(gopher, AC_HELP_STRING([--enable-gopher],[Enable Gopher support]) AC_HELP_STRING([--disable-gopher],[Disable Gopher support]), [ case "$enableval" in - *) + no) AC_MSG_RESULT(no) AC_DEFINE(CURL_DISABLE_GOPHER, 1, [to disable Gopher]) AC_SUBST(CURL_DISABLE_GOPHER, [1]) ;; + *) + AC_MSG_ERROR([You must build gnurl with --disable-gopher!]) + AC_MSG_RESULT(yes) + ;; esac ], - AC_MSG_RESULT(no) - AC_DEFINE(CURL_DISABLE_GOPHER, 1, [to disable Gopher]) - AC_SUBST(CURL_DISABLE_GOPHER, [1]) + if test "x$CURL_DISABLE_GOPHER" != "x1"; then + AC_MSG_ERROR([You must build gnurl with --disable-gopher!]) + fi + AC_MSG_RESULT(yes) ) @@ -1281,7 +1344,7 @@ dnl ********************************************************************** dnl Check for GSS-API libraries dnl ********************************************************************** -dnl check for GSS-API stuff in the /usr as default. Note: possible candidate for removal. +dnl check for GSS-API stuff in the /usr as default GSSAPI_ROOT="/usr" AC_ARG_WITH(gssapi-includes, @@ -1322,7 +1385,7 @@ if test x"$want_gss" = xyes; then if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi` elif test -f "$KRB5CONFIG"; then - GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` + GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` elif test "$GSSAPI_ROOT" != "yes"; then GSSAPI_INCS="-I$GSSAPI_ROOT/include" fi @@ -1440,10 +1503,10 @@ if test x"$want_gss" = xyes; then LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR" case $host in *-hp-hpux*) - LIBS="lgss $LIBS" + LIBS="-lgss $LIBS" ;; *) - LIBS="-lgssapi -lkrb5 $LIBS" + LIBS="-lgssapi $LIBS" ;; esac fi @@ -1491,6 +1554,70 @@ dnl check winssl option before other SSL libraries dnl ------------------------------------------------- OPT_WINSSL=no +AC_ARG_WITH(winssl,dnl +AC_HELP_STRING([--with-winssl],[enable Windows native SSL/TLS]) +AC_HELP_STRING([--without-winssl], [disable Windows native SSL/TLS]), + OPT_WINSSL=$withval) + +AC_ARG_WITH(schannel,dnl +AC_HELP_STRING([--with-schannel],[enable Windows native SSL/TLS]) +AC_HELP_STRING([--without-schannel], [disable Windows native SSL/TLS]), + OPT_WINSSL=$withval) + +AC_MSG_CHECKING([whether to enable Windows native SSL/TLS (Windows native builds only)]) +if test -z "$ssl_backends" -o "x$OPT_WINSSL" != xno; then + ssl_msg= + if test "x$OPT_WINSSL" != "xno" && + test "x$curl_cv_native_windows" = "xyes"; then + AC_MSG_RESULT(yes) + AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support]) + AC_SUBST(USE_SCHANNEL, [1]) + ssl_msg="Windows-native" + test schannel != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + WINSSL_ENABLED=1 + # --with-winssl implies --enable-sspi + AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support]) + AC_SUBST(USE_WINDOWS_SSPI, [1]) + curl_sspi_msg="enabled" + LIBS="-lcrypt32 $LIBS" + else + AC_MSG_RESULT(no) + fi + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +else + AC_MSG_RESULT(no) +fi + +OPT_SECURETRANSPORT=no +AC_ARG_WITH(darwinssl,dnl +AC_HELP_STRING([--with-darwinssl],[enable Apple OS native SSL/TLS]) +AC_HELP_STRING([--without-darwinssl], [disable Apple OS native SSL/TLS]), + OPT_SECURETRANSPORT=$withval) + +AC_ARG_WITH(secure-transport,dnl +AC_HELP_STRING([--with-secure-transport],[enable Apple OS native SSL/TLS]) +AC_HELP_STRING([--without-secure-transport], [disable Apple OS native SSL/TLS]), + OPT_SECURETRANSPORT=$withval) + +AC_MSG_CHECKING([whether to enable Secure Transport]) +if test -z "$ssl_backends" -o "x$OPT_SECURETRANSPORT" != xno; then + if test "x$OPT_SECURETRANSPORT" != "xno" && + test -d "/System/Library/Frameworks/Security.framework"; then + AC_MSG_RESULT(yes) + AC_DEFINE(USE_SECTRANSP, 1, [enable Secure Transport]) + AC_SUBST(USE_SECTRANSP, [1]) + ssl_msg="Secure Transport" + test secure-transport != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + SECURETRANSPORT_ENABLED=1 + LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security" + else + AC_MSG_RESULT(no) + fi + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +else + AC_MSG_RESULT(no) +fi + OPT_AMISSL=no AC_ARG_WITH(amissl,dnl AC_HELP_STRING([--with-amissl],[enable Amiga native SSL/TLS (AmiSSL)]) @@ -1528,6 +1655,299 @@ dnl Default to compiler & linker defaults for SSL files & libraries. OPT_SSL=off dnl Default to no CA bundle ca="no" +AC_ARG_WITH(ssl,dnl +AC_HELP_STRING([--with-ssl=PATH],[Where to look for OpenSSL, PATH points to the SSL installation (default: /usr/local/ssl); when possible, set the PKG_CONFIG_PATH environment variable instead of using this option]) +AC_HELP_STRING([--without-ssl], [disable OpenSSL]), + OPT_SSL=$withval) + +if test -z "$ssl_backends" -o "x$OPT_SSL" != xno && + test X"$OPT_SSL" != Xno; then + ssl_msg= + + dnl backup the pre-ssl variables + CLEANLDFLAGS="$LDFLAGS" + CLEANCPPFLAGS="$CPPFLAGS" + CLEANLIBS="$LIBS" + + dnl This is for Msys/Mingw + case $host in + *-*-msys* | *-*-mingw*) + AC_MSG_CHECKING([for gdi32]) + my_ac_save_LIBS=$LIBS + LIBS="-lgdi32 $LIBS" + AC_TRY_LINK([#include + #include ], + [GdiFlush();], + [ dnl worked! + AC_MSG_RESULT([yes])], + [ dnl failed, restore LIBS + LIBS=$my_ac_save_LIBS + AC_MSG_RESULT(no)] + ) + ;; + esac + + case "$OPT_SSL" in + yes) + AC_MSG_ERROR([You must not build gnurl with OpenSSL, use --without-ssl!]) + dnl --with-ssl (without path) used + if test x$cross_compiling != xyes; then + dnl only do pkg-config magic when not cross-compiling + PKGTEST="yes" + fi + PREFIX_OPENSSL=/usr/local/ssl + LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff" + ;; + off) + AC_MSG_ERROR([You must not build gnurl with OpenSSL, use --without-ssl!]) + dnl no --with-ssl option given, just check default places + if test x$cross_compiling != xyes; then + dnl only do pkg-config magic when not cross-compiling + PKGTEST="yes" + fi + PREFIX_OPENSSL= + ;; + *) + AC_MSG_ERROR([You must not build gnurl with OpenSSL, use --without-ssl!]) + dnl check the given --with-ssl spot + PKGTEST="no" + PREFIX_OPENSSL=$OPT_SSL + + dnl Try pkg-config even when cross-compiling. Since we + dnl specify PKG_CONFIG_LIBDIR we're only looking where + dnl the user told us to look + OPENSSL_PCDIR="$OPT_SSL/lib/pkgconfig" + if test -f "$OPENSSL_PCDIR/openssl.pc"; then + AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$OPENSSL_PCDIR"]) + PKGTEST="yes" + elif test ! -f "$PREFIX_OPENSSL/include/openssl/ssl.h"; then + AC_MSG_ERROR([$PREFIX_OPENSSL is a bad --with-ssl prefix!]) + fi + + dnl in case pkg-config comes up empty, use what we got + dnl via --with-ssl + LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff" + if test "$PREFIX_OPENSSL" != "/usr" ; then + SSL_LDFLAGS="-L$LIB_OPENSSL" + SSL_CPPFLAGS="-I$PREFIX_OPENSSL/include" + fi + SSL_CPPFLAGS="$SSL_CPPFLAGS -I$PREFIX_OPENSSL/include/openssl" + ;; + esac + + if test "$PKGTEST" = "yes"; then + + CURL_CHECK_PKGCONFIG(openssl, [$OPENSSL_PCDIR]) + + if test "$PKGCONFIG" != "no" ; then + SSL_LIBS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl + $PKGCONFIG --libs-only-l --libs-only-other openssl 2>/dev/null` + + SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl + $PKGCONFIG --libs-only-L openssl 2>/dev/null` + + SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl + $PKGCONFIG --cflags-only-I openssl 2>/dev/null` + + AC_SUBST(SSL_LIBS) + AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"]) + AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"]) + AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"]) + + LIB_OPENSSL=`echo $SSL_LDFLAGS | sed -e 's/-L//g'` + + dnl use the values pkg-config reported. This is here + dnl instead of below with CPPFLAGS and LDFLAGS because we only + dnl learn about this via pkg-config. If we only have + dnl the argument to --with-ssl we don't know what + dnl additional libs may be necessary. Hope that we + dnl don't need any. + LIBS="$SSL_LIBS $LIBS" + fi + fi + + dnl finally, set flags to use SSL + CPPFLAGS="$CPPFLAGS $SSL_CPPFLAGS" + LDFLAGS="$LDFLAGS $SSL_LDFLAGS" + + AC_CHECK_LIB(crypto, HMAC_Update,[ + HAVECRYPTO="yes" + LIBS="-lcrypto $LIBS" + ],[ + LDFLAGS="$CLEANLDFLAGS -L$LIB_OPENSSL" + if test "$PKGCONFIG" = "no" ; then + # only set this if pkg-config wasn't used + CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include/openssl -I$PREFIX_OPENSSL/include" + fi + AC_CHECK_LIB(crypto, HMAC_Init_ex,[ + HAVECRYPTO="yes" + LIBS="-lcrypto $LIBS"], [ + + dnl still no, but what about with -ldl? + AC_MSG_CHECKING([OpenSSL linking with -ldl]) + LIBS="$CLEANLIBS -lcrypto -ldl" + AC_TRY_LINK( + [ + #include + ], + [ + ERR_clear_error(); + ], + [ + AC_MSG_RESULT(yes) + HAVECRYPTO="yes" + ], + [ + AC_MSG_RESULT(no) + dnl ok, so what about both -ldl and -lpthread? + + AC_MSG_CHECKING([OpenSSL linking with -ldl and -lpthread]) + LIBS="$CLEANLIBS -lcrypto -ldl -lpthread" + AC_TRY_LINK( + [ + #include + ], + [ + ERR_clear_error(); + ], + [ + AC_MSG_RESULT(yes) + HAVECRYPTO="yes" + ], + [ + AC_MSG_RESULT(no) + LDFLAGS="$CLEANLDFLAGS" + CPPFLAGS="$CLEANCPPFLAGS" + LIBS="$CLEANLIBS" + + ]) + + ]) + + ]) + ]) + + if test X"$HAVECRYPTO" = X"yes"; then + dnl This is only reasonable to do if crypto actually is there: check for + dnl SSL libs NOTE: it is important to do this AFTER the crypto lib + + AC_CHECK_LIB(ssl, SSL_connect) + + if test "$ac_cv_lib_ssl_SSL_connect" != yes; then + dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff + AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use); + OLIBS=$LIBS + LIBS="-lRSAglue -lrsaref $LIBS" + AC_CHECK_LIB(ssl, SSL_connect) + if test "$ac_cv_lib_ssl_SSL_connect" != yes; then + dnl still no SSL_connect + AC_MSG_RESULT(no) + LIBS=$OLIBS + else + AC_MSG_RESULT(yes) + fi + + else + + dnl Have the libraries--check for OpenSSL headers + AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ + openssl/pem.h openssl/ssl.h openssl/err.h, + ssl_msg="OpenSSL" + test openssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + OPENSSL_ENABLED=1 + AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use])) + + if test $ac_cv_header_openssl_x509_h = no; then + dnl we don't use the "action" part of the AC_CHECK_HEADERS macro + dnl since 'err.h' might in fact find a krb4 header with the same + dnl name + AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h) + + if test $ac_cv_header_x509_h = yes && + test $ac_cv_header_crypto_h = yes && + test $ac_cv_header_ssl_h = yes; then + dnl three matches + ssl_msg="OpenSSL" + OPENSSL_ENABLED=1 + fi + fi + fi + + if test X"$OPENSSL_ENABLED" != X"1"; then + LIBS="$CLEANLIBS" + fi + + if test X"$OPT_SSL" != Xoff && + test "$OPENSSL_ENABLED" != "1"; then + AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!]) + fi + fi + + if test X"$OPENSSL_ENABLED" = X"1"; then + AC_MSG_ERROR([You must not build gnurl with OpenSSL, use --without-ssl!]) + dnl These can only exist if OpenSSL exists + dnl Older versions of Cyassl (some time before 2.9.4) don't have + dnl SSL_get_shutdown (but this check won't actually detect it there + dnl as it's a macro that needs the header files be included) + dnl OpenSSL_version is introduced in 3.0.0 + + AC_CHECK_FUNCS( RAND_egd \ + SSL_get_shutdown \ + SSLv2_client_method \ + OpenSSL_version ) + + AC_MSG_CHECKING([for BoringSSL]) + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM([[ + #include + ]],[[ + #ifndef OPENSSL_IS_BORINGSSL + #error not boringssl + #endif + ]]) + ],[ + AC_MSG_RESULT([yes]) + AC_DEFINE_UNQUOTED(HAVE_BORINGSSL, 1, + [Define to 1 if using BoringSSL.]) + ssl_msg="BoringSSL" + ],[ + AC_MSG_RESULT([no]) + ]) + + AC_MSG_CHECKING([for libressl]) + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM([[ +#include + ]],[[ + int dummy = LIBRESSL_VERSION_NUMBER; + ]]) + ],[ + AC_MSG_RESULT([yes]) + AC_DEFINE_UNQUOTED(HAVE_LIBRESSL, 1, + [Define to 1 if using libressl.]) + ssl_msg="libressl" + ],[ + AC_MSG_RESULT([no]) + ]) + fi + + if test "$OPENSSL_ENABLED" = "1"; then + if test -n "$LIB_OPENSSL"; then + dnl when the ssl shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH + dnl to prevent further configure tests to fail due to this + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_OPENSSL" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $LIB_OPENSSL to CURL_LIBRARY_PATH]) + fi + fi + CURL_CHECK_OPENSSL_API + check_for_ca_bundle=1 + fi + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +fi dnl ********************************************************************** dnl Check for the random seed preferences @@ -1750,46 +2170,618 @@ if test "$GNUTLS_ENABLED" = "1"; then ]) fi +dnl ---------------------------------------------------- +dnl check for PolarSSL +dnl ---------------------------------------------------- + +dnl Default to compiler & linker defaults for PolarSSL files & libraries. OPT_POLARSSL=no -OPT_MBEDTLS=no -OPT_CYASSL=no -dnl NSS. Only check if GnuTLS and OpenSSL are not enabled -OPT_NSS=no -OPT_AXTLS=off -OPT_MESALINK=no -case "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$MBEDTLS_ENABLED$AXTLS_ENABLED$CYASSL_ENABLED$WINSSL_ENABLED$DARWINSSL_ENABLED$MESALINK_ENABLED" in -x) - AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.]) - AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with-axtls, --with-winssl, --with-darwinssl, or --with-mesalink to address this.]) - ;; -x1) - # one SSL backend is enabled - AC_SUBST(SSL_ENABLED) - SSL_ENABLED="1" - AC_MSG_NOTICE([built with one SSL backend]) - ;; -*) - # more than one SSL backend is enabled - AC_SUBST(SSL_ENABLED) - SSL_ENABLED="1" - AC_SUBST(CURL_WITH_MULTI_SSL) - CURL_WITH_MULTI_SSL="1" - AC_DEFINE(CURL_WITH_MULTI_SSL, 1, [built with multiple SSL backends]) - AC_MSG_NOTICE([built with multiple SSL backends]) - ;; -esac +_cppflags=$CPPFLAGS +_ldflags=$LDFLAGS +AC_ARG_WITH(polarssl,dnl +AC_HELP_STRING([--with-polarssl=PATH],[where to look for PolarSSL, PATH points to the installation root]) +AC_HELP_STRING([--without-polarssl], [disable PolarSSL detection]), + OPT_POLARSSL=$withval) -if test -n "$ssl_backends"; then - curl_ssl_msg="enabled ($ssl_backends)" -fi +if test -z "$ssl_backends" -o "x$OPT_POLARSSL" != xno; then + ssl_msg= -if test no = "$VALID_DEFAULT_SSL_BACKEND" -then - if test -n "$SSL_ENABLED" - then - AC_MSG_ERROR([Default SSL backend $DEFAULT_SSL_BACKEND not enabled!]) - else + if test X"$OPT_POLARSSL" != Xno; then + + if test "$OPT_POLARSSL" = "yes"; then + OPT_POLARSSL="" + fi + + if test -z "$OPT_POLARSSL" ; then + dnl check for lib first without setting any new path + + AC_CHECK_LIB(polarssl, havege_init, + dnl libpolarssl found, set the variable + [ + AC_DEFINE(USE_POLARSSL, 1, [if PolarSSL is enabled]) + AC_SUBST(USE_POLARSSL, [1]) + POLARSSL_ENABLED=1 + USE_POLARSSL="yes" + ssl_msg="PolarSSL" + test polarssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ]) + fi + + addld="" + addlib="" + addcflags="" + polarssllib="" + + if test "x$USE_POLARSSL" != "xyes"; then + dnl add the path and test again + addld=-L$OPT_POLARSSL/lib$libsuff + addcflags=-I$OPT_POLARSSL/include + polarssllib=$OPT_POLARSSL/lib$libsuff + + LDFLAGS="$LDFLAGS $addld" + if test "$addcflags" != "-I/usr/include"; then + CPPFLAGS="$CPPFLAGS $addcflags" + fi + + AC_CHECK_LIB(polarssl, ssl_init, + [ + AC_DEFINE(USE_POLARSSL, 1, [if PolarSSL is enabled]) + AC_SUBST(USE_POLARSSL, [1]) + POLARSSL_ENABLED=1 + USE_POLARSSL="yes" + ssl_msg="PolarSSL" + test polarssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], + [ + CPPFLAGS=$_cppflags + LDFLAGS=$_ldflags + ]) + fi + + if test "x$USE_POLARSSL" = "xyes"; then + AC_MSG_NOTICE([detected PolarSSL]) + check_for_ca_bundle=1 + LIBS="-lpolarssl $LIBS" + + if test -n "$polarssllib"; then + dnl when shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to + dnl CURL_LIBRARY_PATH to prevent further configure tests to fail + dnl due to this + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$polarssllib" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $polarssllib to CURL_LIBRARY_PATH]) + fi + fi + fi + + fi dnl PolarSSL not disabled + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +fi + +dnl ---------------------------------------------------- +dnl check for mbedTLS +dnl ---------------------------------------------------- + +OPT_MBEDTLS=no + +_cppflags=$CPPFLAGS +_ldflags=$LDFLAGS +AC_ARG_WITH(mbedtls,dnl +AC_HELP_STRING([--with-mbedtls=PATH],[where to look for mbedTLS, PATH points to the installation root]) +AC_HELP_STRING([--without-mbedtls], [disable mbedTLS detection]), + OPT_MBEDTLS=$withval) + +if test -z "$ssl_backends" -o "x$OPT_MBEDTLS" != xno; then + ssl_msg= + + if test X"$OPT_MBEDTLS" != Xno; then + + if test "$OPT_MBEDTLS" = "yes"; then + OPT_MBEDTLS="" + fi + + if test -z "$OPT_MBEDTLS" ; then + dnl check for lib first without setting any new path + + AC_CHECK_LIB(mbedtls, mbedtls_havege_init, + dnl libmbedtls found, set the variable + [ + AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled]) + AC_SUBST(USE_MBEDTLS, [1]) + MBEDTLS_ENABLED=1 + USE_MBEDTLS="yes" + ssl_msg="mbedTLS" + test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], [], -lmbedx509 -lmbedcrypto) + fi + + addld="" + addlib="" + addcflags="" + mbedtlslib="" + + if test "x$USE_MBEDTLS" != "xyes"; then + dnl add the path and test again + addld=-L$OPT_MBEDTLS/lib$libsuff + addcflags=-I$OPT_MBEDTLS/include + mbedtlslib=$OPT_MBEDTLS/lib$libsuff + + LDFLAGS="$LDFLAGS $addld" + if test "$addcflags" != "-I/usr/include"; then + CPPFLAGS="$CPPFLAGS $addcflags" + fi + + AC_CHECK_LIB(mbedtls, mbedtls_ssl_init, + [ + AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled]) + AC_SUBST(USE_MBEDTLS, [1]) + MBEDTLS_ENABLED=1 + USE_MBEDTLS="yes" + ssl_msg="mbedTLS" + test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], + [ + CPPFLAGS=$_cppflags + LDFLAGS=$_ldflags + ], -lmbedx509 -lmbedcrypto) + fi + + if test "x$USE_MBEDTLS" = "xyes"; then + AC_MSG_NOTICE([detected mbedTLS]) + check_for_ca_bundle=1 + + LIBS="-lmbedtls -lmbedx509 -lmbedcrypto $LIBS" + + if test -n "$mbedtlslib"; then + dnl when shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to + dnl CURL_LIBRARY_PATH to prevent further configure tests to fail + dnl due to this + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$mbedtlslib" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $mbedtlslib to CURL_LIBRARY_PATH]) + fi + fi + fi + + fi dnl mbedTLS not disabled + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +fi + +dnl ---------------------------------------------------- +dnl check for CyaSSL +dnl ---------------------------------------------------- + +dnl Default to compiler & linker defaults for CyaSSL files & libraries. +OPT_CYASSL=no + +_cppflags=$CPPFLAGS +_ldflags=$LDFLAGS +AC_ARG_WITH(cyassl,dnl +AC_HELP_STRING([--with-cyassl=PATH],[where to look for CyaSSL, PATH points to the installation root (default: system lib default)]) +AC_HELP_STRING([--without-cyassl], [disable CyaSSL detection]), + OPT_CYASSL=$withval) + +dnl provide --with-wolfssl as an alias for --with-cyassl +AC_ARG_WITH(wolfssl,dnl +AC_HELP_STRING([--with-wolfssl=PATH],[where to look for WolfSSL, PATH points to the installation root (default: system lib default)]) +AC_HELP_STRING([--without-wolfssl], [disable WolfSSL detection]), + OPT_CYASSL=$withval) + +if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then + ssl_msg= + + if test X"$OPT_CYASSL" != Xno; then + + if test "$OPT_CYASSL" = "yes"; then + OPT_CYASSL="" + fi + + dnl This should be reworked to use pkg-config instead + + cyassllibname=cyassl + + if test -z "$OPT_CYASSL" ; then + dnl check for lib in system default first + + AC_CHECK_LIB(cyassl, CyaSSL_Init, + dnl libcyassl found, set the variable + [ + AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled]) + AC_SUBST(USE_CYASSL, [1]) + CYASSL_ENABLED=1 + USE_CYASSL="yes" + ssl_msg="CyaSSL" + test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ]) + fi + + addld="" + addlib="" + addcflags="" + cyassllib="" + + if test "x$USE_CYASSL" != "xyes"; then + dnl add the path and test again + addld=-L$OPT_CYASSL/lib$libsuff + addcflags=-I$OPT_CYASSL/include + cyassllib=$OPT_CYASSL/lib$libsuff + + LDFLAGS="$LDFLAGS $addld" + if test "$addcflags" != "-I/usr/include"; then + CPPFLAGS="$CPPFLAGS $addcflags" + fi + + AC_CHECK_LIB(cyassl, CyaSSL_Init, + [ + AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled]) + AC_SUBST(USE_CYASSL, [1]) + CYASSL_ENABLED=1 + USE_CYASSL="yes" + ssl_msg="CyaSSL" + test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], + [ + CPPFLAGS=$_cppflags + LDFLAGS=$_ldflags + cyassllib="" + ]) + fi + + addld="" + addlib="" + addcflags="" + + if test "x$USE_CYASSL" != "xyes"; then + dnl libcyassl renamed to libwolfssl as of 3.4.0 + addld=-L$OPT_CYASSL/lib$libsuff + addcflags=-I$OPT_CYASSL/include + cyassllib=$OPT_CYASSL/lib$libsuff + + LDFLAGS="$LDFLAGS $addld" + if test "$addcflags" != "-I/usr/include"; then + CPPFLAGS="$CPPFLAGS $addcflags" + fi + + cyassllibname=wolfssl + my_ac_save_LIBS="$LIBS" + LIBS="-l$cyassllibname -lm $LIBS" + + AC_MSG_CHECKING([for CyaSSL_Init in -lwolfssl]) + AC_LINK_IFELSE([ + AC_LANG_PROGRAM([[ +/* These aren't needed for detection and confuse WolfSSL. + They are set up properly later if it is detected. */ +#undef SIZEOF_LONG +#undef SIZEOF_LONG_LONG +#include + ]],[[ + return CyaSSL_Init(); + ]]) + ],[ + AC_MSG_RESULT(yes) + AC_DEFINE(USE_CYASSL, 1, [if CyaSSL/WolfSSL is enabled]) + AC_SUBST(USE_CYASSL, [1]) + CYASSL_ENABLED=1 + USE_CYASSL="yes" + ssl_msg="WolfSSL" + test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], + [ + AC_MSG_RESULT(no) + CPPFLAGS=$_cppflags + LDFLAGS=$_ldflags + cyassllib="" + ]) + LIBS="$my_ac_save_LIBS" + fi + + if test "x$USE_CYASSL" = "xyes"; then + AC_MSG_NOTICE([detected $cyassllibname]) + check_for_ca_bundle=1 + + dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined! + AX_COMPILE_CHECK_SIZEOF(long long) + + dnl Versions since at least 2.6.0 may have options.h + AC_CHECK_HEADERS(cyassl/options.h) + + dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h + AC_CHECK_HEADERS(cyassl/error-ssl.h) + + LIBS="-l$cyassllibname -lm $LIBS" + + if test "x$cyassllibname" = "xwolfssl"; then + dnl Recent WolfSSL versions build without SSLv3 by default + dnl WolfSSL needs configure --enable-opensslextra to have *get_peer* + AC_CHECK_FUNCS(wolfSSLv3_client_method \ + wolfSSL_get_peer_certificate \ + wolfSSL_UseALPN) + else + dnl Cyassl needs configure --enable-opensslextra to have *get_peer* + AC_CHECK_FUNCS(CyaSSL_CTX_UseSupportedCurve \ + CyaSSL_get_peer_certificate) + fi + + if test -n "$cyassllib"; then + dnl when shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to + dnl CURL_LIBRARY_PATH to prevent further configure tests to fail + dnl due to this + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$cyassllib" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $cyassllib to CURL_LIBRARY_PATH]) + fi + fi + + fi + + fi dnl CyaSSL not disabled + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +fi + +dnl ---------------------------------------------------- +dnl check for MesaLink +dnl ---------------------------------------------------- + +dnl Default to compiler & linker defaults for MesaLink files & libraries. +OPT_MESALINK=no + +_cppflags=$CPPFLAGS +_ldflags=$LDFLAGS +AC_ARG_WITH(mesalink,dnl +AC_HELP_STRING([--with-mesalink=PATH],[where to look for MesaLink, PATH points to the installation root]) +AC_HELP_STRING([--without-mesalink], [disable MesaLink detection]), + OPT_MESALINK=$withval) + +if test -z "$ssl_backends" -o "x$OPT_MESALINK" != xno; then + ssl_msg= + + if test X"$OPT_MESALINK" != Xno; then + + if test "$OPT_MESALINK" = "yes"; then + OPT_MESALINK="" + fi + + if test -z "$OPT_MESALINK" ; then + dnl check for lib first without setting any new path + + AC_CHECK_LIB(mesalink, mesalink_library_init, + dnl libmesalink found, set the variable + [ + AC_DEFINE(USE_MESALINK, 1, [if MesaLink is enabled]) + AC_SUBST(USE_MESALINK, [1]) + MESALINK_ENABLED=1 + USE_MESALINK="yes" + ssl_msg="MesaLink" + test mesalink != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ]) + fi + + addld="" + addlib="" + addcflags="" + mesalinklib="" + + if test "x$USE_MESALINK" != "xyes"; then + dnl add the path and test again + addld=-L$OPT_MESALINK/lib$libsuff + addcflags=-I$OPT_MESALINK/include + mesalinklib=$OPT_MESALINK/lib$libsuff + + LDFLAGS="$LDFLAGS $addld" + if test "$addcflags" != "-I/usr/include"; then + CPPFLAGS="$CPPFLAGS $addcflags" + fi + + AC_CHECK_LIB(mesalink, mesalink_library_init, + [ + AC_DEFINE(USE_MESALINK, 1, [if MesaLink is enabled]) + AC_SUBST(USE_MESALINK, [1]) + MESALINK_ENABLED=1 + USE_MESALINK="yes" + ssl_msg="MesaLink" + test mesalink != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], + [ + CPPFLAGS=$_cppflags + LDFLAGS=$_ldflags + ]) + fi + + if test "x$USE_MESALINK" = "xyes"; then + AC_MSG_NOTICE([detected MesaLink]) + + LIBS="-lmesalink $LIBS" + + if test -n "$mesalinklib"; then + dnl when shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to + dnl LD_LIBRARY_PATH to prevent further configure tests to fail + dnl due to this + if test "x$cross_compiling" != "xyes"; then + LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$mesalinklib" + export LD_LIBRARY_PATH + AC_MSG_NOTICE([Added $mesalinklib to LD_LIBRARY_PATH]) + fi + fi + fi + + fi dnl MesaLink not disabled + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +fi + +dnl ---------------------------------------------------- +dnl NSS. Only check if GnuTLS and OpenSSL are not enabled +dnl ---------------------------------------------------- + +dnl Default to compiler & linker defaults for NSS files & libraries. +OPT_NSS=no + +AC_ARG_WITH(nss,dnl +AC_HELP_STRING([--with-nss=PATH],[where to look for NSS, PATH points to the installation root]) +AC_HELP_STRING([--without-nss], [disable NSS detection]), + OPT_NSS=$withval) + +if test -z "$ssl_backends" -o "x$OPT_NSS" != xno; then + ssl_msg= + + if test X"$OPT_NSS" != Xno; then + + addld="" + addlib="" + addcflags="" + nssprefix="" + version="" + + if test "x$OPT_NSS" = "xyes"; then + + CURL_CHECK_PKGCONFIG(nss) + + if test "$PKGCONFIG" != "no" ; then + addlib=`$PKGCONFIG --libs nss` + addcflags=`$PKGCONFIG --cflags nss` + version=`$PKGCONFIG --modversion nss` + nssprefix=`$PKGCONFIG --variable=prefix nss` + else + dnl Without pkg-config, we check for nss-config + + check=`nss-config --version 2>/dev/null` + if test -n "$check"; then + addlib=`nss-config --libs` + addcflags=`nss-config --cflags` + version=`nss-config --version` + nssprefix=`nss-config --prefix` + else + addlib="-lnss3" + addcflags="" + version="unknown" + fi + fi + else + NSS_PCDIR="$OPT_NSS/lib/pkgconfig" + if test -f "$NSS_PCDIR/nss.pc"; then + CURL_CHECK_PKGCONFIG(nss, [$NSS_PCDIR]) + if test "$PKGCONFIG" != "no" ; then + addld=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-L nss` + addlib=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-l nss` + addcflags=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --cflags nss` + version=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --modversion nss` + nssprefix=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --variable=prefix nss` + fi + fi + fi + + if test -z "$addlib"; then + # Without pkg-config, we'll kludge in some defaults + AC_MSG_WARN([Using hard-wired libraries and compilation flags for NSS.]) + addld="-L$OPT_NSS/lib" + addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4" + addcflags="-I$OPT_NSS/include" + version="unknown" + nssprefix=$OPT_NSS + fi + + CLEANLDFLAGS="$LDFLAGS" + CLEANLIBS="$LIBS" + CLEANCPPFLAGS="$CPPFLAGS" + + LDFLAGS="$addld $LDFLAGS" + LIBS="$addlib $LIBS" + if test "$addcflags" != "-I/usr/include"; then + CPPFLAGS="$CPPFLAGS $addcflags" + fi + + dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0 + AC_CHECK_LIB(nss3, SSL_VersionRangeSet, + [ + AC_DEFINE(USE_NSS, 1, [if NSS is enabled]) + AC_SUBST(USE_NSS, [1]) + USE_NSS="yes" + NSS_ENABLED=1 + ssl_msg="NSS" + test nss != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + ], + [ + LDFLAGS="$CLEANLDFLAGS" + LIBS="$CLEANLIBS" + CPPFLAGS="$CLEANCPPFLAGS" + ]) + + if test "x$USE_NSS" = "xyes"; then + AC_MSG_NOTICE([detected NSS version $version]) + + dnl PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because + dnl PK11_DestroyGenericObject() does not release resources allocated by + dnl PK11_CreateGenericObject() early enough. + AC_CHECK_FUNC(PK11_CreateManagedGenericObject, + [ + AC_DEFINE(HAVE_PK11_CREATEMANAGEDGENERICOBJECT, 1, + [if you have the PK11_CreateManagedGenericObject function]) + ]) + + dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS + NSS_LIBS=$addlib + AC_SUBST([NSS_LIBS]) + + dnl when shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to + dnl CURL_LIBRARY_PATH to prevent further configure tests to fail + dnl due to this + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$nssprefix/lib$libsuff" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to CURL_LIBRARY_PATH]) + fi + + fi dnl NSS found + + fi dnl NSS not disabled + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" +fi + +case "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$MBEDTLS_ENABLED$CYASSL_ENABLED$WINSSL_ENABLED$SECURETRANSPORT_ENABLED$MESALINK_ENABLED$AMISSL_ENABLED" in +x) + AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.]) + AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with-schannel, --with-secure-transport, --with-mesalink or --with-amissl to address this.]) + ;; +x1) + # one SSL backend is enabled + AC_SUBST(SSL_ENABLED) + SSL_ENABLED="1" + AC_MSG_NOTICE([built with one SSL backend]) + ;; +*) + # more than one SSL backend is enabled + AC_SUBST(SSL_ENABLED) + SSL_ENABLED="1" + AC_SUBST(CURL_WITH_MULTI_SSL) + CURL_WITH_MULTI_SSL="1" + AC_DEFINE(CURL_WITH_MULTI_SSL, 1, [built with multiple SSL backends]) + AC_MSG_NOTICE([built with multiple SSL backends]) + ;; +esac + +if test -n "$ssl_backends"; then + curl_ssl_msg="enabled ($ssl_backends)" +fi + +if test no = "$VALID_DEFAULT_SSL_BACKEND" +then + if test -n "$SSL_ENABLED" + then + AC_MSG_ERROR([Default SSL backend $DEFAULT_SSL_BACKEND not enabled!]) + else AC_MSG_ERROR([Default SSL backend requires SSL!]) fi elif test yes = "$VALID_DEFAULT_SSL_BACKEND" @@ -1815,6 +2807,7 @@ AC_ARG_WITH(libpsl, with_libpsl=$withval, with_libpsl=yes) if test $with_libpsl != "no"; then + AC_MSG_ERROR([You must build gnurl with --without-libpsl!]) AC_SEARCH_LIBS(psl_builtin, psl, [curl_psl_msg="enabled"; AC_DEFINE([USE_LIBPSL], [1], [PSL support enabled]) @@ -1845,6 +2838,7 @@ if test X"$OPT_LIBMETALINK" != Xno; then version="" libmetalinklib="" + AC_MSG_ERROR([You must build gnurl with --without-libmetalink!]) PKGTEST="no" if test "x$OPT_LIBMETALINK" = "xyes"; then dnl this is with no partiular path given @@ -1890,7 +2884,7 @@ if test X"$OPT_LIBMETALINK" != Xno; then ]]) ],[ AC_MSG_RESULT([yes ($version)]) - want_metalink="no" + want_metalink="yes" ],[ AC_MSG_RESULT([no ($version)]) AC_MSG_NOTICE([libmetalink library defective or too old]) @@ -1932,7 +2926,156 @@ AC_HELP_STRING([--with-libssh=PATH],[Where to look for libssh, PATH points to th AC_HELP_STRING([--with-libssh], [enable LIBSSH]), OPT_LIBSSH=$withval, OPT_LIBSSH=no) -LIBSSH2_ENABLED="0" +if test X"$OPT_LIBSSH2" != Xno; then + dnl backup the pre-libssh2 variables + CLEANLDFLAGS="$LDFLAGS" + CLEANCPPFLAGS="$CPPFLAGS" + CLEANLIBS="$LIBS" + + case "$OPT_LIBSSH2" in + yes) + AC_MSG_ERROR([You must build gnurl with --without-libssh!]) + dnl --with-libssh2 (without path) used + CURL_CHECK_PKGCONFIG(libssh2) + + if test "$PKGCONFIG" != "no" ; then + LIB_SSH2=`$PKGCONFIG --libs libssh2` + LD_SSH2=`$PKGCONFIG --libs-only-L libssh2` + CPP_SSH2=`$PKGCONFIG --cflags-only-I libssh2` + version=`$PKGCONFIG --modversion libssh2` + DIR_SSH2=`echo $LD_SSH2 | $SED -e 's/-L//'` + fi + + ;; + off) + dnl no --with-libssh2 option given, just check default places + ;; + *) + dnl use the given --with-libssh2 spot + PREFIX_SSH2=$OPT_LIBSSH2 + ;; + esac + + dnl if given with a prefix, we set -L and -I based on that + if test -n "$PREFIX_SSH2"; then + LIB_SSH2="-lssh2" + LD_SSH2=-L${PREFIX_SSH2}/lib$libsuff + CPP_SSH2=-I${PREFIX_SSH2}/include + DIR_SSH2=${PREFIX_SSH2}/lib$libsuff + fi + + LDFLAGS="$LDFLAGS $LD_SSH2" + CPPFLAGS="$CPPFLAGS $CPP_SSH2" + LIBS="$LIB_SSH2 $LIBS" + + AC_CHECK_LIB(ssh2, libssh2_channel_open_ex) + + AC_CHECK_HEADERS(libssh2.h, + curl_ssh_msg="enabled (libSSH2)" + LIBSSH2_ENABLED=1 + AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use]) + AC_SUBST(USE_LIBSSH2, [1]) + ) + + if test X"$OPT_LIBSSH2" != Xoff && + test "$LIBSSH2_ENABLED" != "1"; then + AC_MSG_ERROR([libSSH2 libs and/or directories were not found where specified!]) + fi + + if test "$LIBSSH2_ENABLED" = "1"; then + if test -n "$DIR_SSH2"; then + dnl when the libssh2 shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH + dnl to prevent further configure tests to fail due to this + + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_SSH2" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $DIR_SSH2 to CURL_LIBRARY_PATH]) + fi + fi + else + dnl no libssh2, revert back to clean variables + LDFLAGS=$CLEANLDFLAGS + CPPFLAGS=$CLEANCPPFLAGS + LIBS=$CLEANLIBS + fi +elif test X"$OPT_LIBSSH" != Xno; then + dnl backup the pre-libssh variables + CLEANLDFLAGS="$LDFLAGS" + CLEANCPPFLAGS="$CPPFLAGS" + CLEANLIBS="$LIBS" + + case "$OPT_LIBSSH" in + yes) + AC_MSG_ERROR([You must build gnurl with --without-libssh!]) + dnl --with-libssh (without path) used + CURL_CHECK_PKGCONFIG(libssh) + + if test "$PKGCONFIG" != "no" ; then + LIB_SSH=`$PKGCONFIG --libs-only-l libssh` + LD_SSH=`$PKGCONFIG --libs-only-L libssh` + CPP_SSH=`$PKGCONFIG --cflags-only-I libssh` + version=`$PKGCONFIG --modversion libssh` + DIR_SSH=`echo $LD_SSH | $SED -e 's/-L//'` + fi + + ;; + off) + dnl no --with-libssh option given, just check default places + ;; + *) + AC_MSG_ERROR([You must build gnurl with --without-libssh!]) + dnl use the given --with-libssh spot + PREFIX_SSH=$OPT_LIBSSH + ;; + esac + + dnl if given with a prefix, we set -L and -I based on that + if test -n "$PREFIX_SSH"; then + LIB_SSH="-lssh" + LD_SSH=-L${PREFIX_SSH}/lib$libsuff + CPP_SSH=-I${PREFIX_SSH}/include + DIR_SSH=${PREFIX_SSH}/lib$libsuff + fi + + LDFLAGS="$LDFLAGS $LD_SSH" + CPPFLAGS="$CPPFLAGS $CPP_SSH" + LIBS="$LIB_SSH $LIBS" + + AC_CHECK_LIB(ssh, ssh_new) + + AC_CHECK_HEADERS(libssh/libssh.h, + curl_ssh_msg="enabled (libSSH)" + LIBSSH_ENABLED=1 + AC_DEFINE(USE_LIBSSH, 1, [if libSSH is in use]) + AC_SUBST(USE_LIBSSH, [1]) + ) + + if test X"$OPT_LIBSSH" != Xoff && + test "$LIBSSH_ENABLED" != "1"; then + AC_MSG_ERROR([libSSH libs and/or directories were not found where specified!]) + fi + + if test "$LIBSSH_ENABLED" = "1"; then + if test -n "$DIR_SSH"; then + dnl when the libssh shared libs were found in a path that the run-time + dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH + dnl to prevent further configure tests to fail due to this + + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_SSH" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $DIR_SSH to CURL_LIBRARY_PATH]) + fi + fi + else + dnl no libssh, revert back to clean variables + LDFLAGS=$CLEANLDFLAGS + CPPFLAGS=$CLEANCPPFLAGS + LIBS=$CLEANLIBS + fi +fi dnl ********************************************************************** dnl Check for the presence of LIBRTMP libraries and headers @@ -1945,7 +3088,76 @@ AC_HELP_STRING([--with-librtmp=PATH],[Where to look for librtmp, PATH points to AC_HELP_STRING([--without-librtmp], [disable LIBRTMP]), OPT_LIBRTMP=$withval) -LIBRTMP_ENABLED="0" +if test X"$OPT_LIBRTMP" != Xno; then + dnl backup the pre-librtmp variables + CLEANLDFLAGS="$LDFLAGS" + CLEANCPPFLAGS="$CPPFLAGS" + CLEANLIBS="$LIBS" + + case "$OPT_LIBRTMP" in + yes) + AC_MSG_ERROR([You must build gnurl with --without-librtmp!]) + dnl --with-librtmp (without path) used + CURL_CHECK_PKGCONFIG(librtmp) + + if test "$PKGCONFIG" != "no" ; then + LIB_RTMP=`$PKGCONFIG --libs-only-l librtmp` + LD_RTMP=`$PKGCONFIG --libs-only-L librtmp` + CPP_RTMP=`$PKGCONFIG --cflags-only-I librtmp` + version=`$PKGCONFIG --modversion librtmp` + DIR_RTMP=`echo $LD_RTMP | $SED -e 's/-L//'` + else + dnl To avoid link errors, we do not allow --librtmp without + dnl a pkgconfig file + AC_MSG_ERROR([--librtmp was specified but could not find librtmp pkgconfig file.]) + fi + + ;; + off) + AC_MSG_ERROR([You must build gnurl with --without-librtmp!]) + dnl no --with-librtmp option given, just check default places + LIB_RTMP="-lrtmp" + ;; + *) + AC_MSG_ERROR([You must build gnurl with --without-librtmp!]) + dnl use the given --with-librtmp spot + LIB_RTMP="-lrtmp" + PREFIX_RTMP=$OPT_LIBRTMP + ;; + esac + AC_MSG_ERROR([You must build gnurl with --without-librtmp!]) + dnl if given with a prefix, we set -L and -I based on that + if test -n "$PREFIX_RTMP"; then + LD_RTMP=-L${PREFIX_RTMP}/lib$libsuff + CPP_RTMP=-I${PREFIX_RTMP}/include + DIR_RTMP=${PREFIX_RTMP}/lib$libsuff + fi + + LDFLAGS="$LDFLAGS $LD_RTMP" + CPPFLAGS="$CPPFLAGS $CPP_RTMP" + LIBS="$LIB_RTMP $LIBS" + + AC_CHECK_LIB(rtmp, RTMP_Init, + [ + AC_CHECK_HEADERS(librtmp/rtmp.h, + curl_rtmp_msg="enabled (librtmp)" + LIBRTMP_ENABLED=1 + AC_DEFINE(USE_LIBRTMP, 1, [if librtmp is in use]) + AC_SUBST(USE_LIBRTMP, [1]) + ) + ], + dnl not found, revert back to clean variables + LDFLAGS=$CLEANLDFLAGS + CPPFLAGS=$CLEANCPPFLAGS + LIBS=$CLEANLIBS + ) + + if test X"$OPT_LIBRTMP" != Xoff && + test "$LIBRTMP_ENABLED" != "1"; then + AC_MSG_ERROR([librtmp libs and/or directories were not found where specified!]) + fi + +fi dnl ********************************************************************** dnl Check for linker switch for versioned symbols @@ -2017,12 +3229,67 @@ case "$OPT_WINIDN" in want_winidn="no" AC_MSG_RESULT([no]) ;; + yes) + dnl --with-winidn option used without path + want_winidn="yes" + want_winidn_path="default" + AC_MSG_RESULT([yes]) + ;; *) - want_winidn="no" - AC_MSG_RESULT([no]) + dnl --with-winidn option used with path + want_winidn="yes" + want_winidn_path="$withval" + AC_MSG_RESULT([yes ($withval)]) ;; esac +if test "$want_winidn" = "yes"; then + dnl winidn library support has been requested + clean_CPPFLAGS="$CPPFLAGS" + clean_LDFLAGS="$LDFLAGS" + clean_LIBS="$LIBS" + WINIDN_LIBS="-lnormaliz" + WINIDN_CPPFLAGS="-DWINVER=0x0600" + # + if test "$want_winidn_path" != "default"; then + dnl path has been specified + dnl pkg-config not available or provides no info + WINIDN_LDFLAGS="-L$want_winidn_path/lib$libsuff" + WINIDN_CPPFLAGS="-I$want_winidn_path/include" + WINIDN_DIR="$want_winidn_path/lib$libsuff" + fi + # + CPPFLAGS="$CPPFLAGS $WINIDN_CPPFLAGS" + LDFLAGS="$LDFLAGS $WINIDN_LDFLAGS" + LIBS="$WINIDN_LIBS $LIBS" + # + AC_MSG_CHECKING([if IdnToUnicode can be linked]) + AC_LINK_IFELSE([ + AC_LANG_PROGRAM([[ + #include + ]],[[ + IdnToUnicode(0, NULL, 0, NULL, 0); + ]]) + ],[ + AC_MSG_RESULT([yes]) + tst_links_winidn="yes" + ],[ + AC_MSG_RESULT([no]) + tst_links_winidn="no" + ]) + # + if test "$tst_links_winidn" = "yes"; then + AC_DEFINE(USE_WIN32_IDN, 1, [Define to 1 if you have the `normaliz' (WinIDN) library (-lnormaliz).]) + AC_DEFINE(WANT_IDN_PROTOTYPES, 1, [Define to 1 to provide own prototypes.]) + AC_SUBST([IDN_ENABLED], [1]) + curl_idn_msg="enabled (Windows-native)" + else + AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled]) + CPPFLAGS="$clean_CPPFLAGS" + LDFLAGS="$clean_LDFLAGS" + LIBS="$clean_LIBS" + fi +fi dnl ********************************************************************** dnl Check for the presence of IDN libraries and headers @@ -2158,7 +3425,7 @@ dnl ********************************************************************** dnl Check for nghttp2 dnl ********************************************************************** -OPT_H2="yes" +OPT_H2="no" if test "x$disable_http" = "xyes"; then # without HTTP, nghttp2 is no use @@ -2175,11 +3442,13 @@ case "$OPT_H2" in want_h2="no" ;; yes) + AC_MSG_ERROR([You must build gnurl with --without-nghttp2!]) dnl --with-nghttp2 option used without path want_h2="default" want_h2_path="" ;; *) + AC_MSG_ERROR([You must build gnurl with --without-nghttp2!]) dnl --with-nghttp2 option used with path want_h2="yes" want_h2_path="$withval/lib/pkgconfig" @@ -2973,6 +4242,7 @@ dnl to let curl-config output the static libraries correctly ENABLE_STATIC="$enable_static" AC_SUBST(ENABLE_STATIC) + dnl dnl For keeping supported features and protocols also in pkg-config file dnl since it is more cross-compile friendly than curl-config -- cgit v1.2.3