diff options
author | Dean Scarff <deanscarff@google.com> | 2020-07-02 11:24:04 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2020-10-17 02:04:36 +0200 |
commit | a99ad2b9007d1775e9598bc78698cbc5d5ba0f60 (patch) | |
tree | 3f23cbfdc410a96e8317aded4397377a14f14b84 /configure.ac | |
parent | 2ff84aa2c95eba295e374f239b47e314d59e59cb (diff) | |
download | qpdf-a99ad2b9007d1775e9598bc78698cbc5d5ba0f60.tar.zst |
Update OpenSSL autoconf checks
- Checks explicitly for versions >= 1.1.0 with pkg-config
- Refactor the fallback checks. Previously they were copied
from the gnutls logic, but could be slightly surprising (it's not
obvious that they're for the case where pkg-config returns a false
negative, and it's weird that the linker check overode the header check)
- Fix the AC_SEARCH_LIBS check to try -lcrypto instead of -lopenssl
(-lcrypto is the standard library OpenSSL ships the crypto symbols in).
- Fix the AC_SEARCH_LIBS check to look for EVP_MD_CTX_new, which is not
present in versions prior to 1.1.0.
Fixes qpdf/qpdf#429 (although I haven't verified on cygwin)
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/configure.ac b/configure.ac index 83587b82..bd2ee15a 100644 --- a/configure.ac +++ b/configure.ac @@ -586,23 +586,27 @@ if test "$USE_CRYPTO_NATIVE" = "1"; then DEFAULT_CRYPTO=native fi -dnl If the openssl/BoringSSL provider is explicitly requested, require openssl +dnl If the openssl/BoringSSL provider is explicitly requested, require openssl. dnl If the openssl provider is not explicitly disabled, enable it if dnl openssl is available. If the openssl provider is explicitly dnl disabled, do not link with openssl even if present. -PKG_CHECK_MODULES([pc_openssl], [openssl], [OPENSSL_FOUND=1], [OPENSSL_FOUND=0]) -if test "$OPENSSL_FOUND" = "0"; then - AC_CHECK_HEADER([openssl/evp.h],[OPENSSL_FOUND=1],[OPENSSL_FOUND=0]) - AC_SEARCH_LIBS(EVP_DigestInit_ex,openssl,[OPENSSL_FOUND=1],[OPENSSL_FOUND=0]) -fi +PKG_CHECK_MODULES([pc_openssl], [openssl >= 1.1.0], + [OPENSSL_FOUND=1], [OPENSSL_FOUND=0]) + +dnl Override pkg-config if headers and libraries are present. +AS_IF([test "$OPENSSL_FOUND" = "0"], + [AC_CHECK_HEADER( + [openssl/evp.h], + [AC_SEARCH_LIBS(EVP_MD_CTX_new,crypto,[OPENSSL_FOUND=1])]) + ]) IMPLICIT_OPENSSL=0 USE_CRYPTO_OPENSSL=0 AC_SUBST(USE_CRYPTO_OPENSSL) AC_ARG_ENABLE(crypto-openssl, AS_HELP_STRING([--enable-crypto-openssl], - [whether to include support for the BoringSSL crypto provider]), + [whether to include support for the openssl crypto provider]), [if test "$enableval" = "yes"; then USE_CRYPTO_OPENSSL=1 else |