ntp_openssl.m4 revision 285169
1275970Scydnl #################################################################### 2275970Scydnl OpenSSL support shared by top-level and sntp/configure.ac 3275970Scydnl 4275970Scydnl Provides command-line option --with-crypto, as well as deprecated 5275970Scydnl options --with-openssl-incdir, --with-openssl-libdir, and the 6275970Scydnl latter's suboption --with-rpath. 7275970Scydnl 8275970Scydnl Specifying --with-openssl-libdir or --with-openssl-incdir causes any 9275970Scydnl pkg-config openssl information to be ignored in favor of the legacy 10275970Scydnl manual search for directories and specified library names. 11275970Scydnl 12275970Scydnl Output AC_DEFINEs (for config.h) 13275970Scydnl OPENSSL defined only if using OpenSSL 14275970Scydnl 15275970Scydnl Output variables: 16275970Scydnl ntp_openssl yes if using OpenSSL, no otherwise 17275970Scydnl 18275970Scydnl Output substitutions: 19275970Scydnl CFLAGS_NTP OpenSSL-specific flags added as needed, and 20275970Scydnl -Wstrict-prototypes for gcc if it does not 21275970Scydnl trigger a flood of warnings for each file 22275970Scydnl including OpenSSL headers. 23275970Scydnl CPPFLAGS_NTP OpenSSL -Iincludedir flags added as needed. 24275970Scydnl LDADD_NTP OpenSSL -L and -l flags added as needed. 25275970Scydnl LDFLAGS_NTP Other OpenSSL link flags added as needed. 26275970Scydnl 27275970Scydnl #################################################################### 28275970ScyAC_DEFUN([NTP_OPENSSL], [ 29275970ScyAC_REQUIRE([NTP_PKG_CONFIG])dnl 30275970ScyAC_REQUIRE([NTP_VER_SUFFIX])dnl 31275970Scy 32275970ScyAC_ARG_WITH( 33275970Scy [crypto], 34275970Scy [AS_HELP_STRING( 35275970Scy [--with-crypto], 36275970Scy [+ =openssl,libcrypto] 37275970Scy )] 38275970Scy) 39275970ScyAC_ARG_WITH( 40275970Scy [openssl-libdir], 41275970Scy [AS_HELP_STRING( 42275970Scy [--with-openssl-libdir], 43275970Scy [+ =/something/reasonable] 44275970Scy )] 45275970Scy) 46275970ScyAC_ARG_WITH( 47275970Scy [openssl-incdir], 48275970Scy [AS_HELP_STRING( 49275970Scy [--with-openssl-incdir], 50275970Scy [+ =/something/reasonable] 51275970Scy )] 52275970Scy) 53275970ScyAC_ARG_WITH( 54275970Scy [rpath], 55275970Scy [AS_HELP_STRING( 56275970Scy [--without-rpath], 57275970Scy [s Disable auto-added -R linker paths] 58275970Scy )] 59275970Scy) 60275970Scyntp_openssl=no 61275970Scyntp_openssl_from_pkg_config=no 62275970Scywith_crypto=${with_crypto:-openssl,libcrypto} 63275970Scycase "$with_crypto" in 64275970Scy yes) 65275970Scy with_crypto=openssl,libcrypto 66275970Scyesac 67275970Scycase "$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}" in 68275970Scy no:*) ;; 69275970Scy *:notempty:notgiven:notgiven) 70275970Scy for pkg in `echo $with_crypto | sed -e 's/,/ /'`; do 71275970Scy AC_MSG_CHECKING([pkg-config for $pkg]) 72275970Scy if $PKG_CONFIG --exists $pkg ; then 73275970Scy CPPFLAGS_NTP="$CPPFLAGS_NTP `$PKG_CONFIG --cflags-only-I $pkg`" 74275970Scy CFLAGS_NTP="$CFLAGS_NTP `$PKG_CONFIG --cflags-only-other $pkg`" 75275970Scy LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-L $pkg`" 76275970Scy LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-l $pkg`" 77275970Scy LDFLAGS_NTP="$LDFLAGS_NTP `$PKG_CONFIG --libs-only-other $pkg`" 78275970Scy VER_SUFFIX=o 79275970Scy ntp_openssl=yes 80275970Scy ntp_openssl_from_pkg_config=yes 81275970Scy AC_MSG_RESULT([yes]) 82275970Scy 83275970Scy break 84275970Scy fi 85275970Scy AC_MSG_RESULT([no]) 86275970Scy done 87275970Scyesac 88275970Scycase "$with_crypto:$ntp_openssl" in 89275970Scy no:*) ;; 90275970Scy *:no) 91275970Scy need_dash_r= 92275970Scy need_dash_Wlrpath= 93275970Scy case "${with_rpath-notgiven}" in 94275970Scy yes) 95275970Scy # Lame - what to do if we need -Wl... but not -R? 96275970Scy need_dash_r=1 97275970Scy ;; 98275970Scy notgiven) 99275970Scy case "$host" in 100275970Scy *-*-linux*) 101275970Scy # This may really only be true for gcc 102275970Scy need_dash_Wlrpath=1 103275970Scy ;; 104275970Scy *-*-netbsd*) 105275970Scy need_dash_r=1 106275970Scy ;; 107275970Scy *-*-solaris*) 108275970Scy need_dash_r=1 109275970Scy ;; 110275970Scy esac 111275970Scy ;; 112275970Scy esac 113275970Scy 114275970Scy AC_MSG_CHECKING([for openssl library directory]) 115275970Scy with_openssl_libdir=${with_openssl_libdir-notgiven} 116275970Scy case "$with_openssl_libdir" in 117275970Scy notgiven) 118275970Scy case "$build" in 119275970Scy $host) 120275970Scy with_openssl_libdir=default 121275970Scy ;; 122275970Scy *) 123275970Scy with_openssl_libdir=no 124275970Scy ;; 125275970Scy esac 126275970Scy esac 127275970Scy case "$with_openssl_libdir" in 128275970Scy default) 129275970Scy # Look in: 130275970Scy with_openssl_libdir="/usr/lib /usr/lib/openssl /usr/sfw/lib" 131275970Scy with_openssl_libdir="$with_openssl_libdir /usr/local/lib" 132275970Scy with_openssl_libdir="$with_openssl_libdir /usr/local/ssl/lib /lib" 133275970Scy esac 134275970Scy case "$with_openssl_libdir" in 135275970Scy no) 136275970Scy ;; 137275970Scy *) # Look for libcrypto.a and libssl.a: 138275970Scy for i in $with_openssl_libdir no 139275970Scy do 140275970Scy case "$host" in 141275970Scy *-*-darwin*) 142275970Scy test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break 143275970Scy ;; 144275970Scy *) 145275970Scy test -f $i/libcrypto.so -a -f $i/libssl.so && break 146275970Scy test -f $i/libcrypto.a -a -f $i/libssl.a && break 147275970Scy ;; 148275970Scy esac 149275970Scy done 150275970Scy openssl_libdir=$i 151275970Scy ;; 152275970Scy esac 153275970Scy AC_MSG_RESULT([$openssl_libdir]) 154275970Scy case "$openssl_libdir" in 155275970Scy no) 156275970Scy openssl_libdir= 157275970Scy AC_MSG_WARN([libcrypto and libssl not found in any of $with_openssl_libdir]) 158275970Scy esac 159275970Scy 160275970Scy AC_MSG_CHECKING([for openssl include directory]) 161275970Scy with_openssl_incdir=${with_openssl_incdir-notgiven} 162275970Scy case "$with_openssl_incdir" in 163275970Scy notgiven) 164275970Scy # Look in: 165275970Scy with_openssl_incdir="/usr/include /usr/sfw/include" 166275970Scy with_openssl_incdir="$with_openssl_incdir /usr/local/include" 167275970Scy with_openssl_incdir="$with_openssl_incdir /usr/local/ssl/include" 168275970Scy esac 169275970Scy case "$with_openssl_incdir" in 170275970Scy no) 171275970Scy ;; 172275970Scy *) # look for openssl/evp.h: 173275970Scy for i in $with_openssl_incdir no 174275970Scy do 175275970Scy test -f $i/openssl/evp.h && break 176275970Scy done 177275970Scy openssl_incdir=$i 178275970Scy ;; 179275970Scy esac 180275970Scy AS_UNSET([i]) 181275970Scy AC_MSG_RESULT([$openssl_incdir]) 182275970Scy case "$openssl_incdir" in 183275970Scy no) 184275970Scy openssl_incdir= 185275970Scy AC_MSG_WARN([did not find openssl/evp.h in any of $with_openssl_incdir]) 186275970Scy esac 187275970Scy if test -z "$openssl_libdir" -o -z "$openssl_incdir" 188275970Scy then 189275970Scy ntp_openssl=no 190275970Scy else 191275970Scy ntp_openssl=yes 192275970Scy VER_SUFFIX=o 193275970Scy fi 194275970Scy case "$ntp_openssl" in 195275970Scy yes) 196275970Scy # We have OpenSSL inc/lib dirs - use them. 197275970Scy case "$openssl_incdir" in 198275970Scy /usr/include) 199275970Scy ;; 200275970Scy *) 201275970Scy CPPFLAGS_NTP="$CPPFLAGS_NTP -I$openssl_incdir" 202275970Scy ;; 203275970Scy esac 204275970Scy case "$openssl_libdir" in 205275970Scy /usr/lib) 206275970Scy ;; 207275970Scy *) 208275970Scy LDADD_NTP="$LDADD_NTP -L$openssl_libdir" 209275970Scy case "$need_dash_r" in 210275970Scy 1) 211275970Scy LDFLAGS_NTP="$LDFLAGS_NTP -R$openssl_libdir" 212275970Scy esac 213275970Scy case "$need_dash_Wlrpath" in 214275970Scy 1) 215275970Scy LDFLAGS_NTP="$LDFLAGS_NTP -Wl,-rpath,$openssl_libdir" 216275970Scy esac 217275970Scy ;; 218275970Scy esac 219275970Scy LDADD_NTP="$LDADD_NTP -lcrypto" 220275970Scy esac 221275970Scyesac 222275970Scy 223275970ScyAC_MSG_CHECKING([if we will use crypto]) 224275970ScyAC_MSG_RESULT([$ntp_openssl]) 225275970Scy 226275970Scycase "$ntp_openssl" in 227275970Scy yes) 228275970Scy AC_DEFINE([OPENSSL], [], [Use OpenSSL?]) 229275970Scy case "$VER_SUFFIX" in 230275970Scy *o*) ;; 231275970Scy *) AC_MSG_ERROR([OPENSSL set but no 'o' in VER_SUFFIX!]) ;; 232275970Scy esac 233275970Scy ;; 234275970Scyesac 235275970Scy 236275970ScyNTPO_SAVED_CPPFLAGS="$CPPFLAGS" 237275970ScyCPPFLAGS="$CPPFLAGS $CPPFLAGS_NTP" 238275970ScyNTPO_SAVED_LIBS="$LIBS" 239275970Scy 240275970Scy# 241275970Scy# check for linking with -lcrypto failure, and try -lcrypto -lz. 242275970Scy# Helps m68k-atari-mint 243275970Scy# 244275970Scycase "$ntp_openssl:$ntp_openssl_from_pkg_config" in 245275970Scy yes:no) 246275970Scy LIBS="$NTPO_SAVED_LIBS $LDADD_NTP" 247275970Scy AC_CACHE_CHECK( 248275970Scy [if linking with -lcrypto alone works], 249275970Scy [ntp_cv_bare_lcrypto], 250275970Scy [AC_LINK_IFELSE( 251275970Scy [AC_LANG_PROGRAM( 252275970Scy [[ 253275970Scy #include "openssl/err.h" 254275970Scy #include "openssl/evp.h" 255275970Scy ]], 256275970Scy [[ 257275970Scy ERR_load_crypto_strings(); 258275970Scy OpenSSL_add_all_algorithms(); 259275970Scy ]] 260275970Scy )], 261275970Scy [ntp_cv_bare_lcrypto=yes], 262275970Scy [ntp_cv_bare_lcrypto=no] 263275970Scy )] 264275970Scy ) 265275970Scy case "$ntp_cv_bare_lcrypto" in 266275970Scy no) 267275970Scy LIBS="$NTPO_SAVED_LIBS $LDADD_NTP -lz" 268275970Scy AC_CACHE_CHECK( 269275970Scy [if linking with -lcrypto -lz works], 270275970Scy [ntp_cv_lcrypto_lz], 271275970Scy [AC_LINK_IFELSE( 272275970Scy [AC_LANG_PROGRAM( 273275970Scy [[ 274275970Scy #include "openssl/err.h" 275275970Scy #include "openssl/evp.h" 276275970Scy ]], 277275970Scy [[ 278275970Scy ERR_load_crypto_strings(); 279275970Scy OpenSSL_add_all_algorithms(); 280275970Scy ]] 281275970Scy )], 282275970Scy [ntp_cv_lcrypto_lz=yes], 283275970Scy [ntp_cv_lcrypto_lz=no] 284275970Scy )] 285275970Scy ) 286275970Scy case "$ntp_cv_lcrypto_lz" in 287275970Scy yes) 288275970Scy LDADD_NTP="$LDADD_NTP -lz" 289275970Scy esac 290275970Scy esac 291275970Scyesac 292275970Scy 293275970Scy# 294275970Scy# Older OpenSSL headers have a number of callback prototypes inside 295275970Scy# other function prototypes which trigger copious warnings with gcc's 296275970Scy# -Wstrict-prototypes, which is included in -Wall. 297275970Scy# 298275970Scy# An example: 299275970Scy# 300275970Scy# int i2d_RSA_NET(const RSA *a, unsigned char **pp, 301275970Scy# int (*cb)(), int sgckey); 302275970Scy# ^^^^^^^^^^^ 303275970Scy# 304275970Scy# 305275970Scy# 306275970Scyopenssl_triggers_warnings=unknown 307275970ScyNTPO_SAVED_CFLAGS="$CFLAGS" 308275970Scy 309275970Scycase "$ntp_openssl:$GCC" in 310275970Scy yes:yes) 311275970Scy CFLAGS="$CFLAGS -Werror" 312275970Scy AC_COMPILE_IFELSE( 313275970Scy [AC_LANG_PROGRAM( 314275970Scy [[ 315275970Scy ]], 316275970Scy [[ 317275970Scy /* see if -Werror breaks gcc */ 318275970Scy ]] 319275970Scy )], 320275970Scy [gcc_handles_Werror=yes], 321275970Scy [gcc_handles_Werror=no] 322275970Scy ) 323275970Scy case "$gcc_handles_Werror" in 324275970Scy no) 325275970Scy # if this gcc doesn't do -Werror go ahead and use 326275970Scy # -Wstrict-prototypes. 327275970Scy openssl_triggers_warnings=yes 328275970Scy ;; 329275970Scy yes) 330275970Scy CFLAGS="$CFLAGS -Wstrict-prototypes" 331275970Scy AC_COMPILE_IFELSE( 332275970Scy [AC_LANG_PROGRAM( 333275970Scy [[ 334275970Scy #include "openssl/asn1_mac.h" 335275970Scy #include "openssl/bn.h" 336275970Scy #include "openssl/err.h" 337275970Scy #include "openssl/evp.h" 338275970Scy #include "openssl/pem.h" 339275970Scy #include "openssl/rand.h" 340275970Scy #include "openssl/x509v3.h" 341275970Scy ]], 342275970Scy [[ 343275970Scy /* empty body */ 344275970Scy ]] 345275970Scy )], 346275970Scy [openssl_triggers_warnings=no], 347275970Scy [openssl_triggers_warnings=yes] 348275970Scy ) 349275970Scy esac 350275970Scy case "$openssl_triggers_warnings" in 351275970Scy yes) 352275970Scy CFLAGS_NTP="$CFLAGS_NTP -Wno-strict-prototypes" 353275970Scy ;; 354275970Scy *) 355275970Scy CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes" 356275970Scy esac 357275970Scy ;; 358275970Scy no:yes) 359275970Scy # gcc without OpenSSL 360275970Scy CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes" 361275970Scyesac 362275970Scy 363285169Scy# Because we don't want -Werror for the EVP_MD_do_all_sorted check 364275970ScyCFLAGS="$NTPO_SAVED_CFLAGS" 365285169Scy 366285169Scycase "$ntp_openssl" in 367285169Scy yes) 368285169Scy LIBS="$NTPO_SAVED_LIBS $LDADD_NTP" 369285169Scy AC_CHECK_FUNCS([EVP_MD_do_all_sorted]) 370285169Scy ;; 371285169Scyesac 372285169Scy 373275970ScyCPPFLAGS="$NTPO_SAVED_CPPFLAGS" 374275970ScyLIBS="$NTPO_SAVED_LIBS" 375275970ScyAS_UNSET([NTPO_SAVED_CFLAGS]) 376275970ScyAS_UNSET([NTPO_SAVED_CPPFLAGS]) 377275970ScyAS_UNSET([NTPO_SAVED_LIBS]) 378275970ScyAS_UNSET([openssl_triggers_warnings]) 379275970ScyAS_UNSET([ntp_openssl_from_pkg_config]) 380275970Scy]) 381275970Scydnl ====================================================================== 382