X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=config-scripts%2Fcups-ssl.m4;h=ce62dfd450a692ad64560c50d4cbcec91ad1deec;hb=82f972324ddde683be8a6d302f9937532ab0cf81;hp=949a3e4f50485e1f69feaf7ef21ee37a02d3f978;hpb=c07d5b2daf136da7af01c48ff78135d06d2762fc;p=thirdparty%2Fcups.git diff --git a/config-scripts/cups-ssl.m4 b/config-scripts/cups-ssl.m4 index 949a3e4f5..ce62dfd45 100644 --- a/config-scripts/cups-ssl.m4 +++ b/config-scripts/cups-ssl.m4 @@ -1,28 +1,19 @@ dnl -dnl "$Id: cups-ssl.m4 181 2006-06-22 20:01:18Z jlovell $" +dnl "$Id: cups-ssl.m4 7241 2008-01-22 22:34:52Z mike $" dnl -dnl OpenSSL/GNUTLS stuff for the Common UNIX Printing System (CUPS). +dnl OpenSSL/GNUTLS stuff for CUPS. dnl -dnl Copyright 1997-2006 by Easy Software Products, all rights reserved. +dnl Copyright 2007-2011 by Apple Inc. +dnl Copyright 1997-2007 by Easy Software Products, all rights reserved. dnl dnl These coded instructions, statements, and computer programs are the -dnl property of Easy Software Products and are protected by Federal -dnl copyright law. Distribution and use rights are outlined in the file -dnl "LICENSE.txt" which should have been included with this file. If this -dnl file is missing or damaged please contact Easy Software Products -dnl at: -dnl -dnl Attn: CUPS Licensing Information -dnl Easy Software Products -dnl 44141 Airport View Drive, Suite 204 -dnl Hollywood, Maryland 20636 USA -dnl -dnl Voice: (301) 373-9600 -dnl EMail: cups-info@cups.org -dnl WWW: http://www.cups.org +dnl property of Apple Inc. and are protected by Federal copyright +dnl law. Distribution and use rights are outlined in the file "LICENSE.txt" +dnl which should have been included with this file. If this file is +dnl file is missing or damaged, see the license at "http://www.cups.org/". dnl -AC_ARG_ENABLE(ssl, [ --enable-ssl turn on SSL/TLS support, default=yes]) +AC_ARG_ENABLE(ssl, [ --disable-ssl disable SSL/TLS support]) AC_ARG_ENABLE(cdsassl, [ --enable-cdsassl use CDSA for SSL/TLS support, default=first]) AC_ARG_ENABLE(gnutls, [ --enable-gnutls use GNU TLS for SSL/TLS support, default=second]) AC_ARG_ENABLE(openssl, [ --enable-openssl use OpenSSL for SSL/TLS support, default=third]) @@ -31,43 +22,107 @@ AC_ARG_WITH(openssl-libs, [ --with-openssl-libs set directory for OpenSSL l DSOFLAGS="-L$withval $DSOFLAGS",) AC_ARG_WITH(openssl-includes, [ --with-openssl-includes set directory for OpenSSL includes], CFLAGS="-I$withval $CFLAGS" - CXXFLAGS="-I$withval $CXXFLAGS" CPPFLAGS="-I$withval $CPPFLAGS",) SSLFLAGS="" SSLLIBS="" -ENCRYPTION_REQUIRED="" +have_ssl=0 if test x$enable_ssl != xno; then dnl Look for CDSA... - if test "x${SSLLIBS}" = "x" -a "x${enable_cdsassl}" != "xno"; then + if test $have_ssl = 0 -a "x$enable_cdsassl" != "xno"; then if test $uname = Darwin; then - AC_CHECK_HEADER(Security/SecureTransport.h, - [SSLLIBS="-framework CoreFoundation -framework Security" - # MacOS X doesn't (yet) come with pre-installed encryption - # certificates for CUPS, so don't enable encryption on - # /admin just yet... - #ENCRYPTION_REQUIRED=" Encryption Required" - AC_CHECK_HEADER(Security/SecBasePriv.h,AC_DEFINE(HAVE_SECBASEPRIV_H)) - AC_DEFINE(HAVE_SSL) - AC_DEFINE(HAVE_CDSASSL)]) + AC_CHECK_HEADER(Security/SecureTransport.h, [ + have_ssl=1 + AC_DEFINE(HAVE_SSL) + AC_DEFINE(HAVE_CDSASSL) + + dnl Check for the various security headers... + AC_CHECK_HEADER(Security/SecCertificate.h, + AC_DEFINE(HAVE_SECCERTIFICATE_H)) + AC_CHECK_HEADER(Security/SecItem.h, + AC_DEFINE(HAVE_SECITEM_H)) + AC_CHECK_HEADER(Security/SecItemPriv.h, + AC_DEFINE(HAVE_SECITEMPRIV_H)) + AC_CHECK_HEADER(Security/SecPolicy.h, + AC_DEFINE(HAVE_SECPOLICY_H)) + AC_CHECK_HEADER(Security/SecPolicyPriv.h, + AC_DEFINE(HAVE_SECPOLICYPRIV_H)) + AC_CHECK_HEADER(Security/SecBasePriv.h, + AC_DEFINE(HAVE_SECBASEPRIV_H)) + AC_CHECK_HEADER(Security/SecIdentitySearchPriv.h, + AC_DEFINE(HAVE_SECIDENTITYSEARCHPRIV_H)) + + dnl Check for SecCertificateCopyData.. + AC_MSG_CHECKING(for SecCertificateCopyData) + if test $uversion -ge 100; then + AC_DEFINE(HAVE_SECCERTIFICATECOPYDATA) + AC_MSG_RESULT(yes) + else + AC_MSG_RESULT(no) + fi + + dnl Check for SecIdentitySearchCreateWithPolicy... + AC_MSG_CHECKING(for SecIdentitySearchCreateWithPolicy) + if test $uversion -ge 80; then + AC_DEFINE(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) + AC_MSG_RESULT(yes) + else + AC_MSG_RESULT(no) + fi + + dnl Check for SecPolicyCreateSSL... + AC_MSG_CHECKING(for SecPolicyCreateSSL) + if test $uversion -ge 110; then + AC_DEFINE(HAVE_SECPOLICYCREATESSL) + AC_MSG_RESULT(yes) + else + AC_MSG_RESULT(no) + fi]) + + AC_DEFINE(HAVE_CSSMERRORSTRING) fi fi dnl Then look for GNU TLS... - if test "x${SSLLIBS}" = "x" -a "x${enable_gnutls}" != "xno"; then + if test $have_ssl = 0 -a "x$enable_gnutls" != "xno" -a "x$PKGCONFIG" != x; then AC_PATH_PROG(LIBGNUTLSCONFIG,libgnutls-config) - if test "x$LIBGNUTLSCONFIG" != x; then - SSLLIBS=`$LIBGNUTLSCONFIG --libs` - SSLFLAGS=`$LIBGNUTLSCONFIG --cflags` - ENCRYPTION_REQUIRED=" Encryption Required" - AC_DEFINE(HAVE_SSL) - AC_DEFINE(HAVE_GNUTLS) + AC_PATH_PROG(LIBGCRYPTCONFIG,libgcrypt-config) + if $PKGCONFIG --exists gnutls; then + if test "x$have_pthread" = xyes; then + AC_MSG_WARN([The current version of GNU TLS cannot be made thread-safe.]) + else + have_ssl=1 + SSLLIBS=`$PKGCONFIG --libs gnutls` + SSLFLAGS=`$PKGCONFIG --cflags gnutls` + AC_DEFINE(HAVE_SSL) + AC_DEFINE(HAVE_GNUTLS) + fi + elif test "x$LIBGNUTLSCONFIG" != x; then + if test "x$have_pthread" = xyes; then + AC_MSG_WARN([The current version of GNU TLS cannot be made thread-safe.]) + else + have_ssl=1 + SSLLIBS=`$LIBGNUTLSCONFIG --libs` + SSLFLAGS=`$LIBGNUTLSCONFIG --cflags` + AC_DEFINE(HAVE_SSL) + AC_DEFINE(HAVE_GNUTLS) + fi + fi + + if test $have_ssl = 1; then + if $PKGCONFIG --exists gcrypt; then + SSLLIBS="$SSLLIBS `$PKGCONFIG --libs gcrypt`" + SSLFLAGS="$SSLFLAGS `$PKGCONFIG --cflags gcrypt`" + elif test "x$LIBGCRYPTCONFIG" != x; then + SSLLIBS="$SSLLIBS `$LIBGCRYPTCONFIG --libs`" + SSLFLAGS="$SSLFLAGS `$LIBGCRYPTCONFIG --cflags`" + fi fi fi dnl Check for the OpenSSL library last... - if test "x${SSLLIBS}" = "x" -a "x${enable_openssl}" != "xno"; then + if test $have_ssl = 0 -a "x$enable_openssl" != "xno"; then AC_CHECK_HEADER(openssl/ssl.h, dnl Save the current libraries so the crypto stuff isn't always dnl included... @@ -85,9 +140,9 @@ if test x$enable_ssl != xno; then "-lcrypto -lRSAglue -lrsaref" do AC_CHECK_LIB(ssl,SSL_new, - [SSLFLAGS="-DOPENSSL_DISABLE_OLD_DES_SUPPORT" + [have_ssl=1 + SSLFLAGS="-DOPENSSL_DISABLE_OLD_DES_SUPPORT" SSLLIBS="-lssl $libcrypto" - ENCRYPTION_REQUIRED=" Encryption Required" AC_DEFINE(HAVE_SSL) AC_DEFINE(HAVE_LIBSSL)],, $libcrypto) @@ -101,19 +156,20 @@ if test x$enable_ssl != xno; then fi fi -if test "x$SSLLIBS" != x; then +if test $have_ssl = 1; then AC_MSG_RESULT([ Using SSLLIBS="$SSLLIBS"]) AC_MSG_RESULT([ Using SSLFLAGS="$SSLFLAGS"]) +elif test x$enable_cdsa = xyes -o x$enable_gnutls = xyes -o x$enable_openssl = xyes; then + AC_MSG_ERROR([Unable to enable SSL support.]) fi AC_SUBST(SSLFLAGS) AC_SUBST(SSLLIBS) -AC_SUBST(ENCRYPTION_REQUIRED) EXPORT_SSLLIBS="$SSLLIBS" AC_SUBST(EXPORT_SSLLIBS) dnl -dnl End of "$Id: cups-ssl.m4 181 2006-06-22 20:01:18Z jlovell $". +dnl End of "$Id: cups-ssl.m4 7241 2008-01-22 22:34:52Z mike $". dnl