curl: make SecureTransport the secondary TLS-backend fixup

curl · Oct 8, 2023 · 55ff9b9 · 55ff9b9
1 parent fba3391
commit 55ff9b9
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 16 deletions.
diff --git a/curl-autotools.sh b/curl-autotools.sh
@@ -136,22 +136,12 @@ _VER="$1"
       options="${options} --without-zstd"
     fi
 
-    if [ "${_OS}" = 'win' ]; then
-      options="${options} --with-schannel"
-    elif [ "${_OS}" = 'mac' ] && [ "${_OSVER}" -lt '1015' ]; then
-      # SecureTransport deprecated in 2019 (macOS 10.15 Catalina, iOS 13.0)
-      options="${options} --with-secure-transport"
-      # Without this, SecureTransport becomes the default TLS backend
-      [ -n "${mainssl}" ] && options="${options} --with-default-ssl-backend=${mainssl}"
-    fi
-    CPPFLAGS="${CPPFLAGS} -DHAS_ALPN"
-
     h3=0
 
     mainssl=''  # openssl, wolfssl, mbedtls, schannel, secure-transport, gnutls, bearssl, rustls
 
     if [ -n "${_OPENSSL}" ]; then
-      mainssl='openssl'
+      [ -n "${mainssl}" ] || mainssl='openssl'
       options="${options} --with-openssl=${_TOP}/${_OPENSSL}/${_PP}"
       options="${options} --disable-openssl-auto-load-config"
       if [ "${_OPENSSL}" = 'boringssl' ]; then
@@ -171,7 +161,7 @@ _VER="$1"
     fi
 
     if [ -d ../wolfssl ]; then
-      mainssl='wolfssl'
+      [ -n "${mainssl}" ] || mainssl='wolfssl'
       options="${options} --with-wolfssl=${_TOP}/wolfssl/${_PP}"
       # for QUIC auto-detection
       CPPFLAGS="${CPPFLAGS} -DHAVE_UINTPTR_T"
@@ -182,14 +172,24 @@ _VER="$1"
     fi
 
     if [ -d ../mbedtls ]; then
-      mainssl='mbedtls'
+      [ -n "${mainssl}" ] || mainssl='mbedtls'
       options="${options} --with-mbedtls=${_TOP}/mbedtls/${_PP}"
     else
       options="${options} --without-mbedtls"
     fi
 
     options="${options} --without-gnutls --without-bearssl --without-rustls --without-hyper"
 
+    if [ "${_OS}" = 'win' ]; then
+      options="${options} --with-schannel"
+    elif [ "${_OS}" = 'mac' ] && [ "${_OSVER}" -lt '1015' ]; then
+      # SecureTransport deprecated in 2019 (macOS 10.15 Catalina, iOS 13.0)
+      options="${options} --with-secure-transport"
+      # Without this, SecureTransport becomes the default TLS backend
+      [ -n "${mainssl}" ] && options="${options} --with-default-ssl-backend=${mainssl}"
+    fi
+    CPPFLAGS="${CPPFLAGS} -DHAS_ALPN"
+
     if [ -d ../wolfssh ] && [ -d ../wolfssl ]; then
       options="${options} --with-wolfssh=${_TOP}/wolfssh/${_PP}"
       CPPFLAGS="${CPPFLAGS} -I${_TOP}/wolfssh/${_PP}/include"

diff --git a/curl-cmake.sh b/curl-cmake.sh
@@ -135,7 +135,7 @@ _VER="$1"
   mainssl=''  # openssl, wolfssl, mbedtls, schannel, secure-transport, gnutls, bearssl, rustls
 
   if [ -n "${_OPENSSL}" ]; then
-    mainssl='openssl'
+    [ -n "${mainssl}" ] || mainssl='openssl'
     options="${options} -DCURL_USE_OPENSSL=ON"
     options="${options} -DOPENSSL_ROOT_DIR=${_TOP}/${_OPENSSL}/${_PP}"
     options="${options} -DCURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG=ON"
@@ -155,7 +155,7 @@ _VER="$1"
   fi
 
   if [ -d ../wolfssl ]; then
-    mainssl='wolfssl'
+    [ -n "${mainssl}" ] || mainssl='wolfssl'
     options="${options} -DCURL_USE_WOLFSSL=ON"
     options="${options} -DWolfSSL_INCLUDE_DIR=${_TOP}/wolfssl/${_PP}/include"
     options="${options} -DWolfSSL_LIBRARY=${_TOP}/wolfssl/${_PP}/lib/libwolfssl.a"
@@ -164,7 +164,7 @@ _VER="$1"
   fi
 
   if [ -d ../mbedtls ]; then
-    mainssl='mbedtls'
+    [ -n "${mainssl}" ] || mainssl='mbedtls'
     options="${options} -DCURL_USE_MBEDTLS=ON"
     options="${options} -DMBEDTLS_INCLUDE_DIRS=${_TOP}/mbedtls/${_PP}/include"
     options="${options} -DMBEDCRYPTO_LIBRARY=${_TOP}/mbedtls/${_PP}/lib/libmbedcrypto.a"