aboutsummaryrefslogtreecommitdiffstats
path: root/configure.ac
diff options
context:
space:
mode:
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac52
1 files changed, 52 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index 39f2bfa8..80a748b9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -513,6 +513,53 @@ if test "$USE_CRYPTO_NATIVE" = "1"; then
DEFAULT_CRYPTO=native
fi
+dnl If the openssl/BoringSSL provider is explicitly requested, require openssl
+dnl If the openssl provider is not explicitly disabled, enable it if
+dnl openssl is available. If the openssl provider is explicitly
+dnl disabled, do not link with openssl even if present.
+
+PKG_CHECK_MODULES([pc_openssl], [openssl], [OPENSSL_FOUND=1], [OPENSSL_FOUND=0])
+if test "$OPENSSL_FOUND" = "0"; then
+ AC_CHECK_HEADER([openssl/evp.h],[OPENSSL_FOUND=1],[OPENSSL_FOUND=0])
+ AC_SEARCH_LIBS(EVP_DigestInit_ex,openssl,[OPENSSL_FOUND=1],[OPENSSL_FOUND=0])
+fi
+
+IMPLICIT_OPENSSL=0
+USE_CRYPTO_OPENSSL=0
+AC_SUBST(USE_CRYPTO_OPENSSL)
+AC_ARG_ENABLE(crypto-openssl,
+ AS_HELP_STRING([--enable-crypto-openssl],
+ [whether to include support for the BoringSSL crypto provider]),
+ [if test "$enableval" = "yes"; then
+ USE_CRYPTO_OPENSSL=1
+ else
+ USE_CRYPTO_OPENSSL=0
+ fi],
+ [IMPLICIT_OPENSSL=$IMPLICIT_CRYPTO])
+
+if test "$IMPLICIT_OPENSSL" = "1"; then
+ USE_CRYPTO_OPENSSL=$OPENSSL_FOUND
+ if test "$USE_CRYPTO_OPENSSL" = "1"; then
+ AC_MSG_NOTICE(enabling openssl crypto provider since openssl is available)
+ else
+ AC_MSG_NOTICE(not enabling openssl crypto provider since openssl was not found)
+ fi
+fi
+
+if test "$USE_CRYPTO_OPENSSL" = "1" -a "$OPENSSL_FOUND" = "0"; then
+ AC_MSG_ERROR(unable to use requested openssl crypto provider without openssl)
+fi
+
+if test "$USE_CRYPTO_OPENSSL" = "1"; then
+ CFLAGS="$CFLAGS $pc_openssl_CFLAGS"
+ CXXFLAGS="$CXXFLAGS $pc_openssl_CXXFLAGS"
+ LIBS="$LIBS $pc_openssl_LIBS"
+ AC_DEFINE([USE_CRYPTO_OPENSSL], 1, [Whether to use the openssl crypto provider])
+ DEFAULT_CRYPTO=openssl
+elif test "$OPENSSL_FOUND" = "1"; then
+ AC_MSG_NOTICE(not linking with openssl even though it is available)
+fi
+
dnl If the gnutls provider is explicitly requested, require gnutls. If
dnl the gnutls provider is not explicitly disabled, enable it if
dnl gnutls is available. If the gnutls provider is explicitly
@@ -581,6 +628,11 @@ case "$DEFAULT_CRYPTO" in
bad_crypto=1
fi
;;
+ "openssl")
+ if test "$USE_CRYPTO_OPENSSL" != "1"; then
+ bad_crypto=1
+ fi
+ ;;
"gnutls")
if test "$USE_CRYPTO_GNUTLS" != "1"; then
bad_crypto=1
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-01 14:08:18 +0200