4 dnl TLS stuff for CUPS.
6 dnl Copyright 2007-2013 by Apple Inc.
7 dnl Copyright 1997-2007 by Easy Software Products, all rights reserved.
9 dnl These coded instructions, statements, and computer programs are the
10 dnl property of Apple Inc. and are protected by Federal copyright
11 dnl law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 dnl which should have been included with this file. If this file is
13 dnl file is missing or damaged, see the license at "http://www.cups.org/".
16 AC_ARG_ENABLE(ssl, [ --disable-ssl disable SSL/TLS support])
17 AC_ARG_ENABLE(cdsassl, [ --enable-cdsassl use CDSA for SSL/TLS support, default=first])
18 AC_ARG_ENABLE(gnutls, [ --enable-gnutls use GNU TLS for SSL/TLS support, default=second])
26 if test x$enable_ssl != xno; then
28 if test $have_ssl = 0 -a "x$enable_cdsassl" != "xno"; then
29 if test $uname = Darwin; then
30 AC_CHECK_HEADER(Security/SecureTransport.h, [
33 AC_DEFINE(HAVE_CDSASSL)
34 CUPS_SERVERCERT="/Library/Keychains/System.keychain"
36 dnl Check for the various security headers...
37 AC_CHECK_HEADER(Security/SecureTransportPriv.h,
38 AC_DEFINE(HAVE_SECURETRANSPORTPRIV_H))
39 AC_CHECK_HEADER(Security/SecCertificate.h,
40 AC_DEFINE(HAVE_SECCERTIFICATE_H))
41 AC_CHECK_HEADER(Security/SecItem.h,
42 AC_DEFINE(HAVE_SECITEM_H))
43 AC_CHECK_HEADER(Security/SecItemPriv.h,
44 AC_DEFINE(HAVE_SECITEMPRIV_H),,
45 [#include <Security/SecItem.h>])
46 AC_CHECK_HEADER(Security/SecPolicy.h,
47 AC_DEFINE(HAVE_SECPOLICY_H))
48 AC_CHECK_HEADER(Security/SecPolicyPriv.h,
49 AC_DEFINE(HAVE_SECPOLICYPRIV_H))
50 AC_CHECK_HEADER(Security/SecBasePriv.h,
51 AC_DEFINE(HAVE_SECBASEPRIV_H))
52 AC_CHECK_HEADER(Security/SecIdentitySearchPriv.h,
53 AC_DEFINE(HAVE_SECIDENTITYSEARCHPRIV_H))
55 AC_DEFINE(HAVE_CSSMERRORSTRING)
56 AC_DEFINE(HAVE_SECKEYCHAINOPEN)])
60 dnl Then look for GNU TLS...
61 if test $have_ssl = 0 -a "x$enable_gnutls" != "xno" -a "x$PKGCONFIG" != x; then
62 AC_PATH_PROG(LIBGNUTLSCONFIG,libgnutls-config)
63 AC_PATH_PROG(LIBGCRYPTCONFIG,libgcrypt-config)
64 if $PKGCONFIG --exists gnutls; then
66 SSLLIBS=`$PKGCONFIG --libs gnutls`
67 SSLFLAGS=`$PKGCONFIG --cflags gnutls`
69 AC_DEFINE(HAVE_GNUTLS)
70 elif test "x$LIBGNUTLSCONFIG" != x; then
72 SSLLIBS=`$LIBGNUTLSCONFIG --libs`
73 SSLFLAGS=`$LIBGNUTLSCONFIG --cflags`
75 AC_DEFINE(HAVE_GNUTLS)
78 if test $have_ssl = 1; then
79 CUPS_SERVERCERT="ssl/server.crt"
80 CUPS_SERVERKEY="ssl/server.key"
82 if $PKGCONFIG --exists gcrypt; then
83 SSLLIBS="$SSLLIBS `$PKGCONFIG --libs gcrypt`"
84 SSLFLAGS="$SSLFLAGS `$PKGCONFIG --cflags gcrypt`"
85 elif test "x$LIBGCRYPTCONFIG" != x; then
86 SSLLIBS="$SSLLIBS `$LIBGCRYPTCONFIG --libs`"
87 SSLFLAGS="$SSLFLAGS `$LIBGCRYPTCONFIG --cflags`"
94 if test $have_ssl = 1; then
95 AC_MSG_RESULT([ Using SSLLIBS="$SSLLIBS"])
96 AC_MSG_RESULT([ Using SSLFLAGS="$SSLFLAGS"])
97 IPPALIASES="http https ipps"
98 elif test x$enable_cdsa = xyes -o x$enable_gnutls = xyes; then
99 AC_MSG_ERROR([Unable to enable SSL support.])
102 AC_SUBST(CUPS_SERVERCERT)
103 AC_SUBST(CUPS_SERVERKEY)
108 EXPORT_SSLLIBS="$SSLLIBS"
109 AC_SUBST(EXPORT_SSLLIBS)