]> git.ipfire.org Git - thirdparty/cups.git/blobdiff - config-scripts/cups-ssl.m4
projects / thirdparty / cups.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge changes from CUPS 1.5svn-r9631.
[thirdparty/cups.git] / config-scripts / cups-ssl.m4
diff --git a/config-scripts/cups-ssl.m4 b/config-scripts/cups-ssl.m4
index 4446f22aca31f8233127a2ae0657ea43c63c4ff1..ce62dfd450a692ad64560c50d4cbcec91ad1deec 100644 (file)
--- a/config-scripts/cups-ssl.m4
+++ b/config-scripts/cups-ssl.m4
@@ -1,28 +1,19 @@
 dnl
-dnl "$Id: cups-ssl.m4 5525 2006-05-15 13:52:16Z mike $"
+dnl "$Id: cups-ssl.m4 7241 2008-01-22 22:34:52Z mike $"
 dnl
-dnl   OpenSSL/GNUTLS stuff for the Common UNIX Printing System (CUPS).
+dnl   OpenSSL/GNUTLS stuff for CUPS.
 dnl
-dnl   Copyright 1997-2006 by Easy Software Products, all rights reserved.
+dnl   Copyright 2007-2011 by Apple Inc.
+dnl   Copyright 1997-2007 by Easy Software Products, all rights reserved.
 dnl
 dnl   These coded instructions, statements, and computer programs are the
-dnl   property of Easy Software Products and are protected by Federal
-dnl   copyright law.  Distribution and use rights are outlined in the file
-dnl   "LICENSE.txt" which should have been included with this file.  If this
-dnl   file is missing or damaged please contact Easy Software Products
-dnl   at:
-dnl
-dnl       Attn: CUPS Licensing Information
-dnl       Easy Software Products
-dnl       44141 Airport View Drive, Suite 204
-dnl       Hollywood, Maryland 20636 USA
-dnl
-dnl       Voice: (301) 373-9600
-dnl       EMail: cups-info@cups.org
-dnl         WWW: http://www.cups.org
+dnl   property of Apple Inc. and are protected by Federal copyright
+dnl   law.  Distribution and use rights are outlined in the file "LICENSE.txt"
+dnl   which should have been included with this file.  If this file is
+dnl   file is missing or damaged, see the license at "http://www.cups.org/".
 dnl
 
-AC_ARG_ENABLE(ssl, [  --enable-ssl            turn on SSL/TLS support, default=yes])
+AC_ARG_ENABLE(ssl, [  --disable-ssl           disable SSL/TLS support])
 AC_ARG_ENABLE(cdsassl, [  --enable-cdsassl        use CDSA for SSL/TLS support, default=first])
 AC_ARG_ENABLE(gnutls, [  --enable-gnutls         use GNU TLS for SSL/TLS support, default=second])
 AC_ARG_ENABLE(openssl, [  --enable-openssl        use OpenSSL for SSL/TLS support, default=third])
@@ -31,42 +22,107 @@ AC_ARG_WITH(openssl-libs, [  --with-openssl-libs     set directory for OpenSSL l
     DSOFLAGS="-L$withval $DSOFLAGS",)
 AC_ARG_WITH(openssl-includes, [  --with-openssl-includes set directory for OpenSSL includes],
     CFLAGS="-I$withval $CFLAGS"
-    CXXFLAGS="-I$withval $CXXFLAGS"
     CPPFLAGS="-I$withval $CPPFLAGS",)
 
 SSLFLAGS=""
 SSLLIBS=""
-ENCRYPTION_REQUIRED=""
+have_ssl=0
 
 if test x$enable_ssl != xno; then
     dnl Look for CDSA...
-    if test "x${SSLLIBS}" = "x" -a "x${enable_cdsassl}" != "xno"; then
+    if test $have_ssl = 0 -a "x$enable_cdsassl" != "xno"; then
        if test $uname = Darwin; then
-           AC_CHECK_HEADER(Security/SecureTransport.h,
-               [SSLLIBS="-framework CoreFoundation -framework Security"
-                # MacOS X doesn't (yet) come with pre-installed encryption
-                # certificates for CUPS, so don't enable encryption on
-                # /admin just yet...
-                #ENCRYPTION_REQUIRED="  Encryption Required"
-                AC_DEFINE(HAVE_SSL)
-                AC_DEFINE(HAVE_CDSASSL)])
+           AC_CHECK_HEADER(Security/SecureTransport.h, [
+               have_ssl=1
+               AC_DEFINE(HAVE_SSL)
+               AC_DEFINE(HAVE_CDSASSL)
+
+               dnl Check for the various security headers...
+               AC_CHECK_HEADER(Security/SecCertificate.h,
+                   AC_DEFINE(HAVE_SECCERTIFICATE_H))
+               AC_CHECK_HEADER(Security/SecItem.h,
+                   AC_DEFINE(HAVE_SECITEM_H))
+               AC_CHECK_HEADER(Security/SecItemPriv.h,
+                   AC_DEFINE(HAVE_SECITEMPRIV_H))
+               AC_CHECK_HEADER(Security/SecPolicy.h,
+                   AC_DEFINE(HAVE_SECPOLICY_H))
+               AC_CHECK_HEADER(Security/SecPolicyPriv.h,
+                   AC_DEFINE(HAVE_SECPOLICYPRIV_H))
+               AC_CHECK_HEADER(Security/SecBasePriv.h,
+                   AC_DEFINE(HAVE_SECBASEPRIV_H))
+               AC_CHECK_HEADER(Security/SecIdentitySearchPriv.h,
+                   AC_DEFINE(HAVE_SECIDENTITYSEARCHPRIV_H))
+
+               dnl Check for SecCertificateCopyData..
+               AC_MSG_CHECKING(for SecCertificateCopyData)
+               if test $uversion -ge 100; then
+                   AC_DEFINE(HAVE_SECCERTIFICATECOPYDATA)
+                   AC_MSG_RESULT(yes)
+               else
+                   AC_MSG_RESULT(no)
+               fi
+
+               dnl Check for SecIdentitySearchCreateWithPolicy...
+               AC_MSG_CHECKING(for SecIdentitySearchCreateWithPolicy)
+               if test $uversion -ge 80; then
+                   AC_DEFINE(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY)
+                   AC_MSG_RESULT(yes)
+               else
+                   AC_MSG_RESULT(no)
+               fi
+
+               dnl Check for SecPolicyCreateSSL...
+               AC_MSG_CHECKING(for SecPolicyCreateSSL)
+               if test $uversion -ge 110; then
+                   AC_DEFINE(HAVE_SECPOLICYCREATESSL)
+                   AC_MSG_RESULT(yes)
+               else
+                   AC_MSG_RESULT(no)
+               fi])
+
+               AC_DEFINE(HAVE_CSSMERRORSTRING)
        fi
     fi
 
     dnl Then look for GNU TLS...
-    if test "x${SSLLIBS}" = "x" -a "x${enable_gnutls}" != "xno"; then
+    if test $have_ssl = 0 -a "x$enable_gnutls" != "xno" -a "x$PKGCONFIG" != x; then
        AC_PATH_PROG(LIBGNUTLSCONFIG,libgnutls-config)
-       if test "x$LIBGNUTLSCONFIG" != x; then
-           SSLLIBS=`$LIBGNUTLSCONFIG --libs`
-           SSLFLAGS=`$LIBGNUTLSCONFIG --cflags`
-           ENCRYPTION_REQUIRED="  Encryption Required"
-           AC_DEFINE(HAVE_SSL)
-           AC_DEFINE(HAVE_GNUTLS)
+       AC_PATH_PROG(LIBGCRYPTCONFIG,libgcrypt-config)
+       if $PKGCONFIG --exists gnutls; then
+           if test "x$have_pthread" = xyes; then
+               AC_MSG_WARN([The current version of GNU TLS cannot be made thread-safe.])
+           else
+               have_ssl=1
+               SSLLIBS=`$PKGCONFIG --libs gnutls`
+               SSLFLAGS=`$PKGCONFIG --cflags gnutls`
+               AC_DEFINE(HAVE_SSL)
+               AC_DEFINE(HAVE_GNUTLS)
+           fi
+       elif test "x$LIBGNUTLSCONFIG" != x; then
+           if test "x$have_pthread" = xyes; then
+               AC_MSG_WARN([The current version of GNU TLS cannot be made thread-safe.])
+           else
+               have_ssl=1
+               SSLLIBS=`$LIBGNUTLSCONFIG --libs`
+               SSLFLAGS=`$LIBGNUTLSCONFIG --cflags`
+               AC_DEFINE(HAVE_SSL)
+               AC_DEFINE(HAVE_GNUTLS)
+           fi
+       fi
+
+       if test $have_ssl = 1; then
+            if $PKGCONFIG --exists gcrypt; then
+               SSLLIBS="$SSLLIBS `$PKGCONFIG --libs gcrypt`"
+               SSLFLAGS="$SSLFLAGS `$PKGCONFIG --cflags gcrypt`"
+           elif test "x$LIBGCRYPTCONFIG" != x; then
+               SSLLIBS="$SSLLIBS `$LIBGCRYPTCONFIG --libs`"
+               SSLFLAGS="$SSLFLAGS `$LIBGCRYPTCONFIG --cflags`"
+           fi
        fi
     fi
 
     dnl Check for the OpenSSL library last...
-    if test "x${SSLLIBS}" = "x" -a "x${enable_openssl}" != "xno"; then
+    if test $have_ssl = 0 -a "x$enable_openssl" != "xno"; then
        AC_CHECK_HEADER(openssl/ssl.h,
            dnl Save the current libraries so the crypto stuff isn't always
            dnl included...
@@ -84,9 +140,9 @@ if test x$enable_ssl != xno; then
                "-lcrypto -lRSAglue -lrsaref"
            do
                AC_CHECK_LIB(ssl,SSL_new,
-                   [SSLFLAGS="-DOPENSSL_DISABLE_OLD_DES_SUPPORT"
+                   [have_ssl=1
+                    SSLFLAGS="-DOPENSSL_DISABLE_OLD_DES_SUPPORT"
                     SSLLIBS="-lssl $libcrypto"
-                    ENCRYPTION_REQUIRED="  Encryption Required"
                     AC_DEFINE(HAVE_SSL)
                     AC_DEFINE(HAVE_LIBSSL)],,
                    $libcrypto)
@@ -100,19 +156,20 @@ if test x$enable_ssl != xno; then
     fi
 fi
 
-if test "x$SSLLIBS" != x; then
+if test $have_ssl = 1; then
     AC_MSG_RESULT([    Using SSLLIBS="$SSLLIBS"])
     AC_MSG_RESULT([    Using SSLFLAGS="$SSLFLAGS"])
+elif test x$enable_cdsa = xyes -o x$enable_gnutls = xyes -o x$enable_openssl = xyes; then
+    AC_MSG_ERROR([Unable to enable SSL support.])
 fi
 
 AC_SUBST(SSLFLAGS)
 AC_SUBST(SSLLIBS)
-AC_SUBST(ENCRYPTION_REQUIRED)
 
 EXPORT_SSLLIBS="$SSLLIBS"
 AC_SUBST(EXPORT_SSLLIBS)
 
 
 dnl
-dnl End of "$Id: cups-ssl.m4 5525 2006-05-15 13:52:16Z mike $".
+dnl End of "$Id: cups-ssl.m4 7241 2008-01-22 22:34:52Z mike $".
 dnl
Unnamed repository; edit this file 'description' to name the repository.