diff options
| -rw-r--r-- | configure.ac | 73 |
1 files changed, 59 insertions, 14 deletions
diff --git a/configure.ac b/configure.ac index bb9cf395..28d2c9e3 100644 --- a/configure.ac +++ b/configure.ac @@ -368,28 +368,73 @@ dnl -------------------------- dnl Test for support for SSL/TLS dnl -------------------------- dnl -if test "x$enable_ssl" = "xyes"; then - AC_CHECK_HEADER(mbedtls/ssl.h, ssl_ok=yes, ssl_ok=no, - [#include <mbedtls/platform.h>]) -dnl In mbed TLS 2.3.0, ssl.h needs platform.h but fails to include it. - if test "x$ssl_ok" = "xyes"; then - old_libs="$LIBS" - AC_CHECK_LIB(mbedtls, mbedtls_ssl_init, ssl_ok=yes, ssl_ok=no, -lmbedx509 -lmbedcrypto) - LIBS="$old_libs" +tls_ok="no" +tls_impl="none" +if test "x$enable_tls" = "xyes"; then + if test "x$enable_openssl" = "xyes"; then + dnl Search for OpenSSL headers first + AC_CHECK_HEADER(openssl/ssl.h, openssl_ok=yes, openssl_ok=no) + + dnl If the headers are found, try to link with -lssl and -lcrypto + if test "x$openssl_ok" = "xyes"; then + old_libs="$LIBS" + AC_CHECK_LIB(ssl, SSL_write, openssl_ok=yes, openssl_ok=no, -lcrypto) + LIBS="$old_libs" + fi + + dnl If all went good, set OpenSSL + if test "x$openssl_ok" = "xyes"; then + AC_MSG_NOTICE([Using OpenSSL as TLS library.]) + tls_impl="OpenSSL" + AC_DEFINE([HAVE_OPENSSL], [1], [OpenSSL works]) + LIBSSL_LIBS="-lcrypto -lssl" + else + AC_MSG_NOTICE([Cannot find OpenSSL, trying mbedTLS...]) + fi + else + AC_MSG_NOTICE([Skipping OpenSSL search, as it is disabled]) fi - if test "x$ssl_ok" = "xyes"; then - LIBSSL_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto" + dnl Try to find mbedTLS if OpenSSL failed or is disabled + if test "x$enable_mbedtls" = "xyes"; then + if test "x$openssl_ok" != "xyes"; then + dnl In mbed TLS 2.3.0, ssl.h needs platform.h but fails to include it. + AC_CHECK_HEADER(mbedtls/ssl.h, mbedtls_ok=yes, mbedtls_ok=no, [#include <mbedtls/platform.h>]) + + dnl If the headers are found, try to link with mbedTLS + if test "x$mbedtls_ok" = "xyes"; then + old_libs="$LIBS" + AC_CHECK_LIB(mbedtls, mbedtls_ssl_init, mbedtls_ok=yes, mbedtls_ok=no, -lmbedx509 -lmbedcrypto) + LIBS="$old_libs" + fi + + dnl If it went good, use it, otherwise disable TLS support + if test "x$mbedtls_ok" = "xyes"; then + AC_MSG_NOTICE([Using mbedTLS as TLS library.]) + tls_impl="mbedTLS" + AC_DEFINE([HAVE_MBEDTLS], [1], [mbedTLS works]) + LIBSSL_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto" + else + AC_MSG_NOTICE([Cannot find mbedTLS]) + fi + fi else - AC_MSG_WARN([*** mbed TLS 2 not found. Disabling SSL/HTTPS/TLS support. ***]) + AC_MSG_NOTICE([Skipping mbedTLS search, as it is disabled]) fi -fi -if test "x$ssl_ok" = "xyes"; then - AC_DEFINE([ENABLE_SSL], [1], [Enable SSL/HTTPS/TLS support]) + dnl Only need one that works + if test "x$openssl_ok" = "xyes" -o "x$mbedtls_ok" = "xyes"; then + tls_ok="yes" + AC_DEFINE([ENABLE_TLS], [1], [Enable TLS support]) + else + AC_MSG_ERROR([No TLS library available]) + fi fi +AM_CONDITIONAL([USE_OPENSSL], [test "x$openssl_ok" = "xyes"]) +AM_CONDITIONAL([USE_MBEDTLS], [test "x$mbedtls_ok" = "xyes"]) + dnl -------------------------------------------------------------- dnl Test for iconv functionality in libc or for libiconv usability dnl -------------------------------------------------------------- |