| https://bugs.gentoo.org/417129 |
| |
| fix openssl build logic: |
| * do not probe direct filesystem paths (including hardcoding things like /usr) |
| * use pkg-config to locate proper openssl libraries |
| * turn dsa check into a header one |
| * turn ecdsa check into a link one |
| * have gost/aes actually default to --with-xxx value when cross-compiling |
| |
| Patch by Mike Frysinger <vapier@chromium.org> |
| |
| --- a/configure.in |
| +++ b/configure.in |
| @@ -1442,16 +1442,21 @@ case "$use_openssl" in |
| OPENSSLLINKOBJS="" |
| OPENSSLLINKSRCS="" |
| ;; |
| - auto) |
| - DST_OPENSSL_INC="" |
| - CRYPTO="" |
| + yes|auto) |
| + CRYPTO="" |
| + PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CRYPTO='-DOPENSSL'], [ |
| + if test "$use_openssl" = "yes"; then |
| + AC_MSG_ERROR(openssl not found) |
| + fi |
| + use_openssl="no" |
| + ]) |
| + |
| + DST_OPENSSL_INC=$OPENSSL_CFLAGS |
| + DST_OPENSSL_LIBS=$OPENSSL_LIBS |
| OPENSSLGOSTLINKOBJS="" |
| OPENSSLGOSTLINKSRS="" |
| OPENSSLLINKOBJS="" |
| OPENSSLLINKSRCS="" |
| - AC_MSG_ERROR( |
| -[OpenSSL was not found in any of $openssldirs; use --with-openssl=/path |
| -If you don't want OpenSSL, use --without-openssl]) |
| ;; |
| *) |
| if test "$want_native_pkcs11" = "yes" |
| @@ -1588,27 +1593,39 @@ no) |
| ;; |
| esac |
| |
| + CC="$saved_cc" |
| + CFLAGS="$saved_cflags" |
| + LIBS="$saved_libs" |
| + OPENSSLLINKOBJS='${OPENSSLLINKOBJS}' |
| + OPENSSLLINKSRCS='${OPENSSLLINKSRCS}' |
| + ;; |
| +esac |
| + |
| +if test "$use_openssl" = "yes"; then |
| + saved_cc="$CC" |
| + saved_cflags="$CFLAGS" |
| + saved_libs="$LIBS" |
| + CFLAGS="$CFLAGS $DST_OPENSSL_INC" |
| + LIBS="$LIBS $DST_OPENSSL_LIBS" |
| + |
| - AC_MSG_CHECKING(for OpenSSL DSA support) |
| - if test -f $use_openssl/include/openssl/dsa.h |
| - then |
| + AC_CHECK_HEADERS([openssl/dsa.h]) |
| + if test "$ac_cv_header_openssl_dsa_h" = yes; then |
| AC_DEFINE(HAVE_OPENSSL_DSA) |
| - AC_MSG_RESULT(yes) |
| - else |
| - AC_MSG_RESULT(no) |
| fi |
| |
| AC_CHECK_FUNCS(EVP_sha256 EVP_sha384 EVP_sha512) |
| |
| AC_MSG_CHECKING(for OpenSSL ECDSA support) |
| have_ecdsa="" |
| - AC_TRY_RUN([ |
| + AC_TRY_LINK([ |
| #include <openssl/ecdsa.h> |
| #include <openssl/objects.h> |
| +],[ |
| int main() { |
| EC_KEY *ec256, *ec384; |
| |
| #if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA384) |
| - return (1); |
| +#error choke |
| #endif |
| ec256 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
| ec384 = EC_KEY_new_by_curve_name(NID_secp384r1); |
| @@ -1637,24 +1654,7 @@ int main() { |
| [AC_MSG_RESULT(yes) |
| have_ecdsa="yes"], |
| [AC_MSG_RESULT(no) |
| - have_ecdsa="no"], |
| + have_ecdsa="no"]) |
| - [AC_MSG_RESULT(using --with-ecdsa)]) |
| - case "$with_ecdsa" in |
| - yes) |
| - case "$have_ecdsa" in |
| - no) AC_MSG_ERROR([ecdsa not supported]) ;; |
| - *) have_ecdsa=yes ;; |
| - esac |
| - ;; |
| - no) |
| - have_ecdsa=no ;; |
| - *) |
| - case "$have_ecdsa" in |
| - yes|no) ;; |
| - *) AC_MSG_ERROR([need --with-ecdsa=[[yes or no]]]) ;; |
| - esac |
| - ;; |
| - esac |
| case $have_ecdsa in |
| yes) |
| OPENSSL_ECDSA="yes" |
| @@ -1702,7 +1702,8 @@ int main() { |
| have_gost="yes"], |
| [AC_MSG_RESULT(no) |
| have_gost="no"], |
| - [AC_MSG_RESULT(using --with-gost)]) |
| + [AC_MSG_RESULT(using --with-gost) |
| + have_gost=$with_gost]) |
| case "$with_gost" in |
| yes) |
| case "$have_gost" in |
| @@ -1752,7 +1753,8 @@ int main() { |
| [AC_MSG_RESULT(yes) |
| have_aes="yes"], |
| [AC_MSG_RESULT(no)])], |
| - [AC_MSG_RESULT(using --with-aes)]) |
| + [AC_MSG_RESULT(using --with-aes) |
| + have_aes=$with_aes]) |
| |
| ISC_OPENSSL_INC="" |
| ISC_OPENSSL_LIBS="" |
| @@ -1765,8 +1767,7 @@ int main() { |
| OPENSSLLINKOBJS='${OPENSSLLINKOBJS}' |
| OPENSSLLINKSRCS='${OPENSSLLINKSRCS}' |
| |
| - ;; |
| -esac |
| +fi |
| |
| # |
| # This would include the system openssl path (and linker options to use |