Skip to content
Permalink
d5ee0b4e6f
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

otp/lib/crypto/configure.ac

Go to file
 
 
Cannot retrieve contributors at this time
971 lines (893 sloc) 38.3 KB
Raw Blame
dnl Process this file with autoconf to produce a configure script. -*-Autoconf-*-
dnl
dnl %CopyrightBegin%
dnl
dnl Copyright Ericsson AB 2018-2022. All Rights Reserved.
dnl
dnl Licensed under the Apache License, Version 2.0 (the "License");
dnl you may not use this file except in compliance with the License.
dnl You may obtain a copy of the License at
dnl
dnl http://www.apache.org/licenses/LICENSE-2.0
dnl
dnl Unless required by applicable law or agreed to in writing, software
dnl distributed under the License is distributed on an "AS IS" BASIS,
dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
dnl See the License for the specific language governing permissions and
dnl limitations under the License.
dnl
dnl %CopyrightEnd%
dnl
dnl define([AC_CACHE_LOAD], )dnl
dnl define([AC_CACHE_SAVE], )dnl
AC_INIT
AC_CONFIG_SRCDIR([vsn.mk])
AC_PREREQ([2.71])
m4_include([otp.m4])
AC_CONFIG_AUX_DIR([${ERL_TOP}/make/autoconf])
ERL_CANONICAL_SYSTEM_TYPE
AC_LANG(C)
LM_PRECIOUS_VARS
## Delete previous failed configure results
if test -f ./CONF_INFO; then
rm ./CONF_INFO
fi
if test "$cross_compiling" = "yes"; then
CROSS_COMPILING=yes
else
CROSS_COMPILING=no
fi
AC_SUBST(CROSS_COMPILING)
ERL_XCOMP_SYSROOT_INIT
AC_PROG_CC
LM_WINDOWS_ENVIRONMENT
ERL_DED
AC_MSG_CHECKING([for multiarch directory])
multiarch_dir=
if test "$GCC" = "yes"; then
multiarch_dir=`$CC $CFLAGS -print-multiarch 2>/dev/null`
if test $? -ne 0; then
multiarch_dir=
fi
fi
if test "$multiarch_dir" = ""; then
AC_MSG_RESULT([not found])
else
AC_MSG_RESULT([$multiarch_dir])
fi
dnl
dnl SSL, SSH and CRYPTO need the OpenSSL libraries
dnl
dnl Check flags --with-ssl, --without-ssl --with-ssl=PATH.
dnl If no option is given or --with-ssl is set without a path then we
dnl search for OpenSSL libraries and header files in the standard locations.
dnl If set to --without-ssl we disable the use of SSL, SSH and CRYPTO.
dnl If set to --with-ssl=PATH we use that path as the prefix, i.e. we
dnl use "PATH/include" and "PATH/lib".
AC_CHECK_SIZEOF(void *)
std_ssl_locations="\
/usr/local \
/usr/sfw \
/usr \
/opt/local \
/usr/pkg \
/usr/local/openssl \
/usr/local/opt/openssl \
/opt/homebrew/opt/openssl \
/usr/lib/openssl \
/usr/openssl \
/usr/local/ssl \
/usr/lib/ssl \
/usr/ssl \
/"
AC_ARG_WITH(ssl,
AS_HELP_STRING([--with-ssl=PATH], [base location of OpenSSL include and lib directories])
AS_HELP_STRING([--with-ssl], [use SSL (default)])
AS_HELP_STRING([--without-ssl], [don't use SSL]))
AC_ARG_WITH(ssl-lib-subdir,
AS_HELP_STRING([--with-ssl-lib-subdir=RELATIVE_PATH],
[specify extra OpenSSL lib sub-directory to search in (relative to base directory)]),
[
case "$with_ssl_lib_subdir" in
yes|no)
with_ssl_lib_subdir=
;;
*)
;;
esac
],
[with_ssl_lib_subdir=]) #default
AC_ARG_WITH(ssl-incl,
AS_HELP_STRING([--with-ssl-incl=PATH],
[base location of OpenSSL include dir (if different than base location specified by --with-ssl=PATH)]),
[
case X$with_ssl in
X | Xyes | Xno) AC_MSG_ERROR([--with-ssl-incl=PATH set without --with-ssl=PATH]);;
esac
],
[with_ssl_incl=$with_ssl]) #default
AC_ARG_WITH(ssl-zlib,
AS_HELP_STRING([--with-ssl-zlib=PATH], [Path to static zlib library to link the
crypto NIF with. This zlib library is most
often not necessary but might be needed in
order to link the NIF in some cases.]),
[], [with_ssl_zlib=default]) #default
AC_ARG_WITH(ssl-rpath,
AS_HELP_STRING([--with-ssl-rpath=yes|no|PATHS],
[runtime library path for OpenSSL. Default is "yes", which equates to a
number of standard locations. If "no", then no runtime
library paths will be used. Anything else should be a
comma or colon separated list of paths.]),
[
case X$with_ssl in
Xno) AC_MSG_ERROR([--with-ssl-rpath set without --with-ssl]);;
esac
],
[with_ssl_rpath=default]) #default
AC_ARG_ENABLE(dynamic-ssl-lib,
AS_HELP_STRING([--enable-dynamic-ssl-lib],
[enable using dynamic openssl libraries when linking the crypto NIF])
AS_HELP_STRING([--disable-dynamic-ssl-lib],
[disable using dynamic openssl libraries when linking the crypto NIF]),
[ case "$enableval" in
no) enable_dynamic_ssl=no ;;
*) enable_dynamic_ssl=yes ;;
esac ], enable_dynamic_ssl=undefined)
AC_ARG_ENABLE(evp-dh,
AS_HELP_STRING([--disable-evp-dh],
[intentionally undocumented workaround]),
[ case "$enableval" in
no) DISABLE_EVP_DH=1;;
*) DISABLE_EVP_DH=0;;
esac ], DISABLE_EVP_DH=0)
AC_ARG_ENABLE(evp-hmac,
AS_HELP_STRING([--disable-evp-hmac],
[intentionally undocumented workaround]),
[ case "$enableval" in
no) DISABLE_EVP_HMAC=1;;
*) DISABLE_EVP_HMAC=0;;
esac ], DISABLE_EVP_HMAC=0)
AC_ARG_ENABLE(otp-test-engine,
AS_HELP_STRING([--disable-otp-test-engine],
[Disable build of the otp_test_engine. (default is --enable-otp-test-engine, unless for LibreSSL >= 3.5.0 where default is --disable-otp-test-engine)]),
[ case "$enableval" in
no) DISABLE_OTP_TEST_ENGINE=yes;;
*) DISABLE_OTP_TEST_ENGINE=no;;
esac ], DISABLE_OTP_TEST_ENGINE=default)
AC_ARG_ENABLE(deprecated_warnings,
AS_HELP_STRING([--disable-deprecated-warnings],
[disable warnings for deprecated functions in cryptolib (default is to warn, except for OpenSSL 3.x where the default is not to warn)]),
[ case "$enableval" in
no) deprecated_warnings=no;;
*) deprecated_warnings=yes;;
esac ], deprecated_warnings=default_yes)
AC_DEFUN([ERL_LINK_CRYPTO_IFELSE], [
test_cflags=$1
test_ldflags=$2
test_libs=$3
saveCFLAGS="$CFLAGS"
saveLDFLAGS="$LDFLAGS"
saveLIBS="$LIBS"
CFLAGS="$DED_BASIC_CFLAGS $test_cflags"
LDFLAGS="$DED_LDFLAGS_CONFTEST $test_ldflags"
LIBS="$LIBS $test_libs"
AC_LINK_IFELSE(
[AC_LANG_PROGRAM(
[[
#include <stdio.h>
#include <openssl/hmac.h>
]],
[[
HMAC(0, 0, 0, 0, 0, 0, 0);
]])],
[
$4
],
[
$5
])
CFLAGS="$saveCFLAGS"
LDFLAGS="$saveLDFLAGS"
LIBS="$saveLIBS"
])
AC_DEFUN([ERL_CRYPTO_CHECK_LIB], [
# Check for static and dynamic crypto library in the directory
# given as argument...
#
# Written as a macro in order to avoid writing the tests twice...
idir=$1
prfx=$2
rdir=$3
dir="$prfx$rdir"
static_crypto_lib_name=crypto
static_ssl_lib_name=ssl
static_extra_libs="$forced_static_zlib"
static_lib_dir=
dynamic_crypto_lib_name=crypto
dynamic_ssl_lib_name=ssl
dynamic_extra_libs="$forced_static_zlib"
dynamic_lib_dir=
dynamic_runtime_lib_dir=
found_static_lib=no
found_dynamic_lib=no
save_CPPFLAGS=$CPPFLAGS
CPPFLAGS="-I$idir/include"
AC_EGREP_CPP(^yes.?$,[
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER >= 0x0090803fL
yes
#endif
],
[valid_include=yes],
[valid_include=no])
AC_EGREP_CPP(^yes.?$,[
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_MAJOR == 3
yes
#endif
],
[v3_include=yes],
[v3_include=no])
if test "x$DISABLE_OTP_TEST_ENGINE" = "xdefault"; then
# Get default value for the --disable-otp-test-engine. Depends on cryptolib version
AC_EGREP_CPP(^yes.?$,[
#include <openssl/opensslv.h>
#if LIBRESSL_VERSION_NUMBER >= 0x3050000fL
yes
#endif
],
[DISABLE_OTP_TEST_ENGINE=yes],
[DISABLE_OTP_TEST_ENGINE=no])
fi
CPPFLAGS="$save_CPPFLAGS"
AS_IF([test $valid_include != yes],
[
# Not a valid include...
static_crypto_lib_name=
static_ssl_lib_name=
static_extra_libs=
static_lib_dir=
dynamic_crypto_lib_name=
dynamic_ssl_lib_name=
dynamic_extra_libs=
dynamic_lib_dir=
dynamic_runtime_lib_dir=
],
[test "$host_os" = "win32"],
[
# Windows...
AS_IF([test -f "$dir/lib/VC/static/libcrypto${lib_bits}MD.lib"],
[
static_crypto_lib_name=libcrypto${lib_bits}MD
static_ssl_lib_name="libssl${lib_bits}MD"
static_extra_libs="$static_extra_libs -lCRYPT32 -lWS2_32"
static_lib_dir="$dir/lib/VC/static"
found_static_lib=yes
])
AS_IF([test -f "$dir/lib/VC/libcrypto${lib_bits}MD.lib"],
[
dynamic_crypto_lib_name=libcrypto${lib_bits}MD
dynamic_ssl_lib_name="libssl${lib_bits}MD"
dynamic_runtime_lib_dir="$rdir/lib/VC"
dynamic_lib_dir="$dir/lib/VC"
found_dynamic_lib=yes
])
],
[
# Not windows...
AS_CASE(["$host_os"],
[darwin*],
[
static_ext=.a
dynamic_ext=.dylib
],
[
static_ext=.a
dynamic_ext=.so
])
for sdir in $search_subdirs; do
AS_IF([test -f "$dir/$sdir/lib$dynamic_crypto_lib_name$dynamic_ext"],
[
found_dynlib=yes
],
[
found_dynlib=no
AS_CASE([$host_os],
[openbsd*],
[
# libcrypto.so got a suffix on (at least some) openbsd.
# If we find libcrypto.so with suffix, we try to link
# to it using -lcrypto ...
for f in "$dir/$sdir/lib$dynamic_crypto_lib_name$dynamic_ext"*; do
AS_IF([test -f "$f"], [found_dynlib=yes; break])
done
])
])
AS_IF([test $found_dynlib = yes],
[
# Found dynamic library; check if it links...
dynamic_lib_dir="$dir/$sdir"
dynamic_runtime_lib_dir="$rdir/$sdir"
ERL_LINK_CRYPTO_IFELSE(["-I$idir/include"],
["-L$dynamic_lib_dir"],
["-l$dynamic_crypto_lib_name $dynamic_extra_libs"],
[found_dynamic_lib=yes],
[found_dynamic_lib=no])
AS_IF([test $found_dynamic_lib = no -a $static_zlib != no],
[
# No, but linking with zlib as well might help...
dynamic_extra_libs="$dynamic_extra_libs $static_zlib"
ERL_LINK_CRYPTO_IFELSE(["-I$idir/include"],
["-L$dynamic_lib_dir"],
["-l$dynamic_crypto_lib_name $dynamic_extra_libs"],
[found_dynamic_lib=yes],
[found_dynamic_lib=no])
])
])
AS_IF([test -f "$dir/$sdir/lib$static_crypto_lib_name$static_ext"],
[
# Found static library; check if it links...
static_lib_dir="$dir/$sdir"
ERL_LINK_CRYPTO_IFELSE(["-I$idir/include"],
[],
["$dir/$sdir/lib$static_crypto_lib_name$static_ext $static_extra_libs"],
[found_static_lib=yes],
[found_static_lib=no])
AS_IF([test $found_static_lib = no -a $static_zlib != no],
[
# No, but inking with zlib as well might help...
static_extra_libs="$static_extra_libs $static_zlib"
ERL_LINK_CRYPTO_IFELSE(["-I$idir/include"],
[],
["$dir/$sdir/lib$static_crypto_lib_name$static_ext $static_extra_libs"],
[found_static_lib=yes],
[found_static_lib=no])
])
])
AS_IF([test $found_static_lib = yes -o $found_dynamic_lib = yes],
[break])
done
])
])
# Remove all SKIP files from previous runs
for a in ssl crypto ssh; do
rm -f "$ERL_TOP/lib/$a/SKIP"
done
# Setup subdirectories to search in...
search_subdirs="lib"
if test "$ac_cv_sizeof_void_p" = "8"; then
search_subdirs="$search_subdirs lib64 lib/64"
else
search_subdirs="$search_subdirs lib32 lib/32"
fi
test "$multiarch_dir" = "" || search_subdirs="lib/$multiarch_dir $search_subdirs"
test "$with_ssl_lib_subdir" = "" || search_subdirs="$with_ssl_lib_subdir $search_subdirs"
# We might need to link with zlib, so first check if we can find
# a static zlib to use if needed...
static_zlib=no
forced_static_zlib=
case "$with_ssl_zlib" in
no)
;;
default | yes)
AC_MSG_CHECKING([for static zlib])
for dir in $std_ssl_locations; do
for sdir in $search_subdirs; do
if test -f "$erl_xcomp_sysroot$dir/$sdir/libz.a"; then
static_zlib="$erl_xcomp_sysroot$dir/$sdir/libz.a"
break
fi
done
test "$static_zlib" = "no" || break
done
AC_MSG_RESULT([$static_zlib])
if test $with_ssl_zlib = yes; then
if test $static_zlib = no; then
AC_MSG_ERROR([linking with zlib requested by user, but no such library was found])
fi
forced_static_zlib="$static_zlib"
static_zlib=no
fi;;
*) # PATH
AC_MSG_CHECKING([for static zlib])
if test -f "$with_ssl_zlib/libz.a"; then
forced_static_zlib="$with_ssl_zlib/libz.a"
else
for sdir in $search_subdirs; do
if test -f "$with_ssl_zlib/$sdir/libz.a"; then
forced_static_zlib="$with_ssl_zlib/$sdir/libz.a"
break
fi
done
fi
if test "$forced_static_zlib" = ""; then
AC_MSG_ERROR([linking with zlib requested by user, but no such library was found in $with_ssl_zlib])
fi
AC_MSG_RESULT([$forced_static_zlib])
;;
esac
if test $enable_dynamic_ssl = undefined; then
if test "$host_os" = "win32" ; then
enable_dynamic_ssl=default_no
else
enable_dynamic_ssl=default_yes
fi
fi
case $enable_dynamic_ssl in
yes|default_yes)
SSL_DYNAMIC_ONLY=yes;;
*)
SSL_DYNAMIC_ONLY=no;;
esac
AS_CASE(["$erl_xcomp_without_sysroot-$with_ssl"],
[yes-* | no-no],
[
SSL_APP=
CRYPTO_APP=
SSH_APP=
if test "$with_ssl" != "no"; then
skip="Cannot search for ssl; missing cross system root (erl_xcomp_sysroot)."
fi
for a in ssl crypto ssh; do
echo "$skip" > $ERL_TOP/lib/$a/SKIP
done
],
[no-yes | no-],
[
# We search for OpenSSL in the common OS standard locations.
SSL_APP=ssl
CRYPTO_APP=crypto
SSH_APP=ssh
AS_IF([test "$host_os" != "win32"],
[
std_win_ssl_locations=
],
[
AS_IF([test "x$ac_cv_sizeof_void_p" = "x8"],
[
std_win_ssl_locations="/mnt/c/OpenSSL-Win64 /c/OpenSSL-Win64 /mnt/c/opt/local64/pgm/OpenSSL /opt/local64/pgm/OpenSSL /cygdrive/c/OpenSSL-Win64"
lib_bits=64
],
[
std_win_ssl_locations="/mnt/c/OpenSSL-Win32 /c/OpenSSL-Win32 /mnt/c/OpenSSL /c/OpenSSL /cygdrive/c/OpenSSL /opt/local/pgm/OpenSSL /opt/local32/pgm/OpenSSL /mnt/c/opt/local/pgm/OpenSSL /mnt/c/opt/local32/pgm/OpenSSL /cygdrive/c/OpenSSL-Win32"
lib_bits=32
])
])
usable_crypto=no
AC_MSG_CHECKING([for OpenSSL crypto library with version >= 0.9.8c in standard locations])
for rdir in $std_win_ssl_locations $std_ssl_locations; do
AS_IF([test -f "$erl_xcomp_isysroot$rdir/include/openssl/opensslv.h"],
[
SSL_INCDIR="$erl_xcomp_isysroot$rdir"
SSL_INCLUDE="-I$SSL_INCDIR/include"
ERL_CRYPTO_CHECK_LIB(["$SSL_INCDIR"], ["$erl_xcomp_sysroot"], ["$rdir"])
AS_CASE([$enable_dynamic_ssl-$found_dynamic_lib-$found_static_lib],
[no-*-no],
[
# Dynamic linking against ssl library disabled by user,
# and no static library found...
],
[yes-no-*],
[
# Static linking against ssl library disabled by user,
# and no dynamic library found...
],
[*-no-no],
[
# Neither static nor dynamic ssl library found...
],
[no-*-yes | default_no-*-yes | default_yes-no-yes],
[
# Link statically...
SSL_CRYPTO_LIBNAME=$static_crypto_lib_name
SSL_SSL_LIBNAME=$static_ssl_lib_name
SSL_LIBDIR="$static_lib_dir"
SSL_EXTRA_LIBS="$static_extra_libs"
SSL_RUNTIME_LIBDIR=
SSL_DYNAMIC_ONLY=no
usable_crypto=yes
break
],
[*-yes-*],
[
# Link dynamically...
SSL_CRYPTO_LIBNAME=$dynamic_crypto_lib_name
SSL_SSL_LIBNAME=$dynamic_ssl_lib_name
SSL_EXTRA_LIBS="$dynamic_extra_libs"
SSL_LIBDIR="$dynamic_lib_dir"
SSL_RUNTIME_LIBDIR="$dynamic_runtime_lib_dir"
SSL_DYNAMIC_ONLY=yes
usable_crypto=yes
break
])
])
done
AS_IF([test $usable_crypto = yes],
[AS_IF([test $SSL_DYNAMIC_ONLY = yes],
[AC_MSG_RESULT([dynamic $SSL_CRYPTO_LIBNAME library in $SSL_LIBDIR])],
[AC_MSG_RESULT([static $SSL_CRYPTO_LIBNAME library in $SSL_LIBDIR])])],
[
AC_MSG_RESULT([no])
SSL_APP=
CRYPTO_APP=
SSH_APP=
SSL_INCDIR=
SSL_INCLUDE=
SSL_CRYPTO_LIBNAME=
SSL_SSL_LIBNAME=
SSL_INCDIR=
SSL_RUNTIME_LIBDIR=
SSL_LIBDIR=
AS_CASE(["$with_ssl-$enable_dynamic_ssl"],
[yes-yes],
[
AC_MSG_ERROR([crypto library with dynamic linking requested by user, but no such library was found])
],
[yes-no],
[
AC_MSG_ERROR([crypto library with static linking requested by user, but no such library was found])
],
[yes-*],
[
AC_MSG_ERROR([crypto library requested by user, but no such library was found])
],
[
AC_MSG_WARN([No (usable) OpenSSL found, skipping ssl, ssh and crypto applications])
])
for a in ssl crypto ssh; do
echo "No usable OpenSSL found" > $ERL_TOP/lib/$a/SKIP
done
])
],
[
# Option given with PATH to package
AS_IF([test ! -d "$with_ssl"],
[AC_MSG_ERROR(Invalid path to option --with-ssl=PATH)])
AS_IF([test ! -d "$with_ssl_incl"],
[AC_MSG_ERROR(Invalid path to option --with-ssl-incl=PATH)])
AC_MSG_CHECKING([for OpenSSL header in $with_ssl_incl])
AS_IF([test -f "$with_ssl_incl/include/openssl/opensslv.h"],
[AC_MSG_RESULT([yes])],
[AC_MSG_ERROR([no OpenSSL header found in $with_ssl_incl])])
SSL_INCDIR="$with_ssl_incl"
AC_MSG_CHECKING([for OpenSSL in $with_ssl])
ERL_CRYPTO_CHECK_LIB(["$with_ssl_incl"], [""], ["$with_ssl"])
AS_CASE([$enable_dynamic_ssl-$found_dynamic_lib-$found_static_lib],
[no-*-no],
[
AC_MSG_ERROR([dynamic linking against crypto library disabled by user, but no static library found in $with_ssl])
],
[yes-no-*],
[
AC_MSG_ERROR([static linking against crypto library disabled by user, but no dynamic library found in $with_ssl])
],
[*-no-no],
[
AC_MSG_ERROR([neither static nor dynamic crypto library found in $with_ssl])
],
[no-*-yes | default_no-*-yes | default_yes-no-yes],
[
# Link statically...
SSL_CRYPTO_LIBNAME=$static_crypto_lib_name
SSL_SSL_LIBNAME=$static_ssl_lib_name
SSL_LIBDIR="$static_lib_dir"
SSL_EXTRA_LIBS="$static_extra_libs"
SSL_RUNTIME_LIBDIR=
SSL_DYNAMIC_ONLY=no
],
[*-yes-*],
[
# Link dynamically...
SSL_CRYPTO_LIBNAME=$dynamic_crypto_lib_name
SSL_SSL_LIBNAME=$dynamic_ssl_lib_name
SSL_EXTRA_LIBS="$dynamic_extra_libs"
SSL_LIBDIR="$dynamic_lib_dir"
SSL_RUNTIME_LIBDIR="$dynamic_runtime_lib_dir"
SSL_DYNAMIC_ONLY=yes
])
AS_IF([test $SSL_DYNAMIC_ONLY = yes],
[AC_MSG_RESULT([dynamic $SSL_CRYPTO_LIBNAME library in $SSL_LIBDIR])],
[AC_MSG_RESULT([static $SSL_CRYPTO_LIBNAME library in $SSL_LIBDIR])])
SSL_INCLUDE="-I$with_ssl_incl/include"
SSL_APP=ssl
CRYPTO_APP=crypto
SSH_APP=ssh
AS_IF([test "$cross_compiling" = "yes"],
[
SSL_RUNTIME_LIBDIR=`echo "$SSL_LIBDIR" | sed -n "s|^$erl_xcomp_sysroot\(/*\)\(.*\)\$|/\2|p"`
],
[
SSL_RUNTIME_LIBDIR="$SSL_LIBDIR"
])
])dnl AS_CASE
SSL_DED_LD_RUNTIME_LIBRARY_PATH=
ded_ld_rflg="$DED_LD_FLAG_RUNTIME_LIBRARY_PATH"
AS_CASE(["$with_ssl_rpath"],
[no],
[
# Use no ssl runtime library path
SSL_DED_LD_RUNTIME_LIBRARY_PATH=
],
[yes | default],
[
# Use standard lib locations for ssl runtime library path
AC_MSG_CHECKING([for runtime library path to use])
if test $enable_dynamic_ssl = no -a "$with_ssl_rpath" = yes; then
AC_MSG_ERROR([requested by user, but user also requested static linking])
fi
AS_IF([test "$CRYPTO_APP" = ""],
[
AS_IF([test "$with_ssl_rpath" = yes],
[AC_MSG_ERROR([requested by user, but could not be used since no crypto library was found])])
AC_MSG_RESULT([])
],
[test "$ded_ld_rflg" = ""],
[
AS_IF([test "$with_ssl_rpath" = yes],
[AC_MSG_ERROR([requested by user, but cannot be set on this platform])])
AC_MSG_RESULT([])
],
[test "$SSL_DYNAMIC_ONLY" != "yes"],
[
AS_IF([test "$with_ssl_rpath" = yes],
[AC_MSG_WARN([requested by user, but dynamic linking will not be used])],
[AC_MSG_RESULT([])])
],
[
# Try to find a suitable rpath based on default install directories...
libdirs="/lib"
dir_lib64=no
dir_lib_64=no
dir_lib32=no
dir_lib_32=no
dir_multiarch=no
dir_with_ssl_lib_subdir=no
AS_IF([test "$multiarch_dir" != ""], [dir_multiarch=yes])
AS_IF([test "$with_ssl_lib_subdir" != ""], [dir_with_ssl_lib_subdir=yes])
AS_CASE(["$SSL_RUNTIME_LIBDIR"],
[*/lib/64 | */lib/64/], [dir_lib_64=yes],
[*/lib64 | */lib64/], [dir_lib64=yes],
[*/lib/32 | */lib/32/], [dir_lib_32=yes],
[*/lib32 | */lib32/], [dir_lib32=yes])
for dir in $std_ssl_locations; do
AS_IF([test "$ac_cv_sizeof_void_p" = "8"],
[
AS_IF([test $dir_lib_64 = no && test -d "$erl_xcomp_sysroot$dir/lib/64"],
[dir_lib_64=yes])
AS_IF([test $dir_lib64 = no && test -d "$erl_xcomp_sysroot$dir/lib64"],
[dir_lib64=yes])
],
[
AS_IF([test $dir_lib_32 = no && test -d "$erl_xcomp_sysroot$dir/lib/32"],
[dir_lib_32=yes])
AS_IF([test $dir_lib32 = no && test -d "$erl_xcomp_sysroot$dir/lib32"],
[dir_lib32=yes])
])
AS_IF([test $dir_multiarch = no && test -d "$erl_xcomp_sysroot$dir/lib/$multiarch_dir"],
[dir_multiarch=yes])
done
AS_IF([test $dir_with_ssl_lib_subdir = yes],
[libdirs="/$with_ssl_lib_subdir $libdirs"])
AS_IF([test $dir_multiarch = yes],
[libdirs="/lib/$multiarch_dir $libdirs"])
AS_IF([test $dir_lib_64 = yes],
[libdirs="/lib/64 $libdirs"])
AS_IF([test $dir_lib64 = yes],
[libdirs="/lib64 $libdirs"])
AS_IF([test $dir_lib_32 = yes],
[libdirs="/lib/32 $libdirs"])
AS_IF([test $dir_lib32 = yes],
[libdirs="/lib32 $libdirs"])
#
# We try the follwing runtime paths in the
# following order:
# 1. Standard ssl locations with all variations
# of lib subdirectories that we know of
# 2. Standard ssl locations with all variations
# of lib subdirectories that we know of and
# exist on this machine
# 3. Determined $SSL_RUNTIME_LIBDIR
# If none of the above links, we skip runtime
# library path...
#
for type in std x_std curr; do
ded_ld_rpath="$ded_ld_rflg$SSL_RUNTIME_LIBDIR"
rpath="$SSL_RUNTIME_LIBDIR"
AS_IF([test $type != curr],
[
for ldir in $libdirs; do
for dir in $std_ssl_locations; do
AS_IF([test "$SSL_RUNTIME_LIBDIR" = "$dir$ldir"],
[continue])
AS_IF([test $type = x_std && test '!' -d "$erl_xcomp_sysroot$dir$ldir"],
[continue])
AS_IF([test "$dir" = "/"],
[libdir="$ldir"],
[libdir="$dir$ldir"])
ded_ld_rpath="$ded_ld_rpath $ded_ld_rflg$libdir"
rpath="$rpath:$libdir"
done
done
])
# Check that it still links when we add the runtime path...
ERL_LINK_CRYPTO_IFELSE(["$SSL_INCLUDE"],
["$ded_ld_rpath -L$SSL_LIBDIR"],
["-l$SSL_CRYPTO_LIBNAME $SSL_EXTRA_LIBS"],
[rpath_success=yes],
[rpath_success=no])
AS_IF([test "$rpath_success" = "yes"], [break])
done
AS_IF([test "$rpath_success" != "yes"],
[
ded_ld_rpath=
rpath=
])
SSL_DED_LD_RUNTIME_LIBRARY_PATH="$ded_ld_rpath"
AS_IF([test "$rpath" != ""],
[
AC_MSG_RESULT([$rpath])
],
[test "$with_ssl_rpath" = yes],
[
AC_MSG_ERROR([requested by user, but could not be used])
],
[
AC_MSG_WARN([unable to set run path during linking])
])
])
# end yes|default
],
[
# Use ssl runtime library paths set by --with-ssl-rpath
AC_MSG_CHECKING([whether runtime library path can be set])
AS_IF([test $enable_dynamic_ssl = no],
[
AC_MSG_ERROR([runtime library path requested by user, but user also requested static linking])
],
[test "$CRYPTO_APP" = ""],
[
AS_IF([test "$with_ssl_rpath" = yes],
[AC_MSG_ERROR([runtime library path requested by user, but could not be set since no crypto library was found])])
AC_MSG_RESULT([])
],
[test "$ded_ld_rflg" = ""],
[
AS_IF([test "$with_ssl_rpath" = yes],
[AC_MSG_ERROR([runtime library path requested by user, but cannot be set on this platform])])
AC_MSG_RESULT([])
]
[test "$SSL_DYNAMIC_ONLY" != "yes"],
[
AS_IF([test "$with_ssl_rpath" = yes],
[AC_MSG_WARN([runtime library path requested by user, but dynamic linking will not be used])],
[AC_MSG_RESULT([])])
],
[
# Check that it links...
ded_ld_rpath=
delimit=
rpath=
rpath_delimit=
save_ifs="$IFS"; IFS=",:"
for dir in $with_ssl_rpath; do
ded_ld_rpath="$ded_ld_rpath$delimit$ded_ld_rflg$dir"
delimit=" "
rpath="$rpath$rpath_delimit$dir"
rpath_delimit=":"
done
IFS="$save_ifs"
SSL_DED_LD_RUNTIME_LIBRARY_PATH="$ded_ld_rpath"
ERL_LINK_CRYPTO_IFELSE(["$SSL_INCLUDE"],
["$ded_ld_rpath -L$SSL_LIBDIR"],
["-l$SSL_CRYPTO_LIBNAME $SSL_EXTRA_LIBS"],
[rpath_success=yes],
[rpath_success=no])
AS_IF([test "$rpath_success" = yes],
[AC_MSG_RESULT([yes; using $rpath])],
[AC_MSG_ERROR([runtime library path requested by user, but link failed])])
])
])dnl AS_CASE
AC_ARG_ENABLE(fips,
AS_HELP_STRING([--enable-fips], [enable OpenSSL FIPS mode support])
AS_HELP_STRING([--disable-fips], [disable OpenSSL FIPS mode support (default)]),
[ case "$enableval" in
yes) enable_fips_support=yes ;;
*) enable_fips_support=no ;;
esac ], enable_fips_support=no)
SSL_FLAGS=
AS_IF([test "$enable_fips_support" = "yes"],
[
AS_IF([test "$CRYPTO_APP" = ""],
[AC_MSG_ERROR([FIPS support requested, but no crypto library found])])
saveCFLAGS="$CFLAGS"
saveLDFLAGS="$LDFLAGS"
saveLIBS="$LIBS"
CFLAGS="$DED_BASIC_CFLAGS $SSL_INCLUDE"
AS_IF([test $SSL_DYNAMIC_ONLY = yes],
[
LDFLAGS="$DED_LDFLAGS_CONFTEST $ded_ld_rpath -L$SSL_LIBDIR"
LIBS="$LIBS -l$SSL_CRYPTO_LIBNAME $SSL_EXTRA_LIBS"
],
[
LDFLAGS="$DED_LDFLAGS_CONFTEST"
AS_IF([test "$host_os" = "win32"],
[LIBS="$LIBS $SSL_LIBDIR/$SSL_CRYPTO_LIBNAME.lib $SSL_EXTRA_LIBS"],
[LIBS="$LIBS $SSL_LIBDIR/lib$SSL_CRYPTO_LIBNAME.a $SSL_EXTRA_LIBS"])
])
AC_CHECK_FUNC([FIPS_mode_set],
[SSL_FLAGS="-DFIPS_SUPPORT"],
[AC_MSG_ERROR([FIPS support requested, but cannot be enabled])])
CFLAGS="$saveCFLAGS"
LDFLAGS="$saveLDFLAGS"
LIBS="$saveLIBS"
])
AS_IF([test "x$v3_include" = "xyes"],
[echo "Using OpenSSL 3.0 is not yet recommended for production code." >> ./CONF_INFO
AC_MSG_WARN(******************************************************************)
AC_MSG_WARN(* Using OpenSSL 3.0 is not yet recommended for production code. *)
AS_IF([test "x$SSL_DYNAMIC_ONLY" = "xno" ],
[echo "Static linking with OpenSSL 3.0 *MAY* require special configuring of the cryptolib." >> ./CONF_INFO
AC_MSG_WARN(* Static linking *MAY* require re-configuring the 3.0 cryptolib. *)
])
AC_MSG_WARN(******************************************************************)
])
AS_IF([test "x$v3_include" = "xyes" && test "x$deprecated_warnings" = "xdefault_yes" && test "$CRYPTO_APP" != ""],
[deprecated_warnings=no
])
AS_IF([test "x$deprecated_warnings" = "xno" && test "$CRYPTO_APP" != ""],
[SSL_FLAGS="$SSL_FLAGS -Wno-deprecated-declarations"
])
saveCFLAGS="$CFLAGS"
saveLDFLAGS="$LDFLAGS"
saveLIBS="$LIBS"
CFLAGS="$DED_BASIC_CFLAGS $SSL_INCLUDE"
AS_IF([test $SSL_DYNAMIC_ONLY = yes],
[
LDFLAGS="$DED_LDFLAGS_CONFTEST $ded_ld_rpath -L$SSL_LIBDIR"
LIBS="$LIBS -l$SSL_CRYPTO_LIBNAME $SSL_EXTRA_LIBS"
],
[
LDFLAGS="$DED_LDFLAGS_CONFTEST"
AS_IF([test "$host_os" = "win32"],
[LIBS="$LIBS $SSL_LIBDIR/$SSL_CRYPTO_LIBNAME.lib $SSL_EXTRA_LIBS"],
[LIBS="$LIBS $SSL_LIBDIR/lib$SSL_CRYPTO_LIBNAME.a $SSL_EXTRA_LIBS"])
])
AC_CHECK_DECL([CRYPTO_memcmp],
[have_crypto_memcmp_decl=yes],
[have_crypto_memcmp_decl=no],
[#include <openssl/crypto.h>])
AS_IF([test $have_crypto_memcmp_decl = yes],
[
AC_MSG_CHECKING([whether CRYPTO_memcmp can be linked])
AC_LINK_IFELSE(
[AC_LANG_PROGRAM([[
#include <openssl/crypto.h>
]],
[[
CRYPTO_memcmp("a", "b", 1);
]])],
[
SSL_FLAGS="-DHAVE_OPENSSL_CRYPTO_MEMCMP $SSL_FLAGS"
AC_MSG_RESULT([yes])
],
[
AC_MSG_RESULT([no])
])
])
CFLAGS="$saveCFLAGS"
LDFLAGS="$saveLDFLAGS"
LIBS="$saveLIBS"
AC_SUBST(SSL_INCLUDE)
AC_SUBST(SSL_INCDIR)
AC_SUBST(SSL_LIBDIR)
AC_SUBST(SSL_FLAGS)
AC_SUBST(SSL_CRYPTO_LIBNAME)
AC_SUBST(SSL_SSL_LIBNAME)
AC_SUBST(SSL_EXTRA_LIBS)
AC_SUBST(SSL_DED_LD_RUNTIME_LIBRARY_PATH)
AC_SUBST(SSL_DYNAMIC_ONLY)
AC_SUBST(DISABLE_EVP_DH)
AC_SUBST(DISABLE_EVP_HMAC)
AC_SUBST(DISABLE_OTP_TEST_ENGINE)
AC_CONFIG_FILES([c_src/$host/Makefile:c_src/Makefile.in])
AC_OUTPUT