Skip to content

/ curl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error out if SSL not found/usable, when given `--with-ssl=...`? #3824

Closed
ihnorton opened this issue May 1, 2019 · 3 comments
Closed

Error out if SSL not found/usable, when given `--with-ssl=...`? #3824

ihnorton opened this issue May 1, 2019 · 3 comments
Labels
build

Comments

@ihnorton
Copy link

@ihnorton ihnorton commented May 1, 2019
edited

I did this

Remove my ssl libraries:

rm /path/to/prefix/lib/*ssl*

then configure:

configure --prefix=/path/to/prefix --enable-optimize --enable-shared=no --disable-ldap --with-pic=yes --with-ssl=/path/to/prefix

I expected the following

configure should error out because --with-ssl was supplied, but no SSL can be found, as confirmed in config.log:

configure:25513: WARNING: SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.
configure:25515: WARNING: Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with-schannel, --with-secure-transport, --with-mesalink or --with-amissl to address this.

There is some logic in configure.ac which seems intended to handle this case, but it is nested 1-2 levels too deep inside other if statements:

curl/configure.ac

Lines 1821 to 1824 in 55734f3

if test X"$OPT_SSL" != Xoff &&
test "$OPENSSL_ENABLED" != "1"; then
AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!])
fi

curl/libcurl version

curl-7.64.1.tar.gz

operating system

linux, GCC 4.8.2

patch

The following patch raises the error I expect, however, I've written ~0 M4 so not sure about the implications. Happy to submit a PR if this is useful:

diff --git a/configure.ac b/configure.ac
index 00fef9489..c548a96e4 100755
--- a/configure.ac
+++ b/configure.ac
@@ -1817,11 +1817,6 @@ if test -z "$ssl_backends" -o "x$OPT_SSL" != xno &&
     if test X"$OPENSSL_ENABLED" != X"1"; then
        LIBS="$CLEANLIBS"
     fi
-
-    if test X"$OPT_SSL" != Xoff &&
-       test "$OPENSSL_ENABLED" != "1"; then
-      AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!])
-    fi
   fi

   if test X"$OPENSSL_ENABLED" = X"1"; then
@@ -1889,6 +1884,11 @@ if test -z "$ssl_backends" -o "x$OPT_SSL" != xno &&
   test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
 fi

+if test X"$with_ssl" != Xno &&
+  test "$OPENSSL_ENABLED" != "1"; then
+  AC_MSG_ERROR([--with-ssl was given but test for SSL failed])
+fi
+
 dnl **********************************************************************
 dnl Check for the random seed preferences
 dnl **********************************************************************
@ihnorton ihnorton changed the title Error out if `config --with-ssl=...` not found/usable? Error out if SSL not found/usable, when given `--with-ssl=...`? May 1, 2019
@bagder bagder added the build label May 2, 2019
bagder added a commit that referenced this issue May 2, 2019
@bagder
configure: error out if OpenSSL wasn't detected when asked for
Verified
This commit was signed with a verified signature.
bagder Daniel Stenberg
GPG key ID: 5CC908FDB71E12C2 Learn about signing commits
Loading status checks…
76a706f 
If --with-ssl is used and configure still couldn't enable SSL this
creates an error instead of just silently ignoring the fact.

Suggested-by: Isaiah Norton
Fixes #3824
@bagder bagder mentioned this issue May 2, 2019
Closed
@bagder
Copy link
Member

@bagder bagder commented May 4, 2019

It should be noticed that the script does verify that the given prefix (if one is provided) includes the correct header file. And also, my attempts in landing a patch (see #3830) similar to mentioned here has failed so far...
@ihnorton
Copy link
Author

@ihnorton ihnorton commented May 4, 2019

Yes, this is simplified example. My original issue was due to the “-ldl -lpthread” link order issue, which caused OpenSSL detection to silently fail during the feature checks.

Thanks for submitting the fix (failures look like transient issue?)
@bagder
Copy link
Member

@bagder bagder commented May 11, 2019

No, the "fix" clearly fails on some builds so it's not adequate.
bagder added a commit that referenced this issue May 12, 2019
@bagder
configure: error out if OpenSSL wasn't detected when asked for
Verified
This commit was signed with a verified signature.
bagder Daniel Stenberg
GPG key ID: 5CC908FDB71E12C2 Learn about signing commits
Loading status checks…
4b03e1b 
If --with-ssl is used and configure still couldn't enable SSL this
creates an error instead of just silently ignoring the fact.

Suggested-by: Isaiah Norton
Fixes #3824
@bagder bagder closed this in c60042f May 14, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Aug 12, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
build
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

configure: error out if OpenSSL wasn't detected when asked for
2 participants
@bagder @ihnorton
You can’t perform that action at this time.