]> git.ipfire.org Git - thirdparty/cups.git/blob - config-scripts/cups-ssl.m4
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Drop old private APIs that are no longer used/supported.
[thirdparty/cups.git] / config-scripts / cups-ssl.m4
1 dnl
2 dnl "$Id$"
3 dnl
4 dnl OpenSSL/GNUTLS stuff for CUPS.
5 dnl
6 dnl Copyright 2007-2012 by Apple Inc.
7 dnl Copyright 1997-2007 by Easy Software Products, all rights reserved.
8 dnl
9 dnl These coded instructions, statements, and computer programs are the
10 dnl property of Apple Inc. and are protected by Federal copyright
11 dnl law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 dnl which should have been included with this file. If this file is
13 dnl file is missing or damaged, see the license at "http://www.cups.org/".
14 dnl
15
16 AC_ARG_ENABLE(ssl, [ --disable-ssl disable SSL/TLS support])
17 AC_ARG_ENABLE(cdsassl, [ --enable-cdsassl use CDSA for SSL/TLS support, default=first])
18 AC_ARG_ENABLE(gnutls, [ --enable-gnutls use GNU TLS for SSL/TLS support, default=second])
19 AC_ARG_ENABLE(openssl, [ --enable-openssl use OpenSSL for SSL/TLS support, default=third])
20 AC_ARG_WITH(openssl-libs, [ --with-openssl-libs set directory for OpenSSL library],
21 LDFLAGS="-L$withval $LDFLAGS"
22 DSOFLAGS="-L$withval $DSOFLAGS",)
23 AC_ARG_WITH(openssl-includes, [ --with-openssl-includes set directory for OpenSSL includes],
24 CFLAGS="-I$withval $CFLAGS"
25 CPPFLAGS="-I$withval $CPPFLAGS",)
26
27 SSLFLAGS=""
28 SSLLIBS=""
29 have_ssl=0
30 CUPS_SERVERCERT=""
31 CUPS_SERVERKEY=""
32
33 if test x$enable_ssl != xno; then
34 dnl Look for CDSA...
35 if test $have_ssl = 0 -a "x$enable_cdsassl" != "xno"; then
36 if test $uname = Darwin; then
37 AC_CHECK_HEADER(Security/SecureTransport.h, [
38 have_ssl=1
39 AC_DEFINE(HAVE_SSL)
40 AC_DEFINE(HAVE_CDSASSL)
41 CUPS_SERVERCERT="/Library/Keychains/System.keychain"
42
43 dnl Check for the various security headers...
44 AC_CHECK_HEADER(Security/SecureTransportPriv.h,
45 AC_DEFINE(HAVE_SECURETRANSPORTPRIV_H))
46 AC_CHECK_HEADER(Security/SecCertificate.h,
47 AC_DEFINE(HAVE_SECCERTIFICATE_H))
48 AC_CHECK_HEADER(Security/SecItem.h,
49 AC_DEFINE(HAVE_SECITEM_H))
50 AC_CHECK_HEADER(Security/SecItemPriv.h,
51 AC_DEFINE(HAVE_SECITEMPRIV_H),,
52 [#include <Security/SecItem.h>])
53 AC_CHECK_HEADER(Security/SecPolicy.h,
54 AC_DEFINE(HAVE_SECPOLICY_H))
55 AC_CHECK_HEADER(Security/SecPolicyPriv.h,
56 AC_DEFINE(HAVE_SECPOLICYPRIV_H))
57 AC_CHECK_HEADER(Security/SecBasePriv.h,
58 AC_DEFINE(HAVE_SECBASEPRIV_H))
59 AC_CHECK_HEADER(Security/SecIdentitySearchPriv.h,
60 AC_DEFINE(HAVE_SECIDENTITYSEARCHPRIV_H))
61
62 AC_DEFINE(HAVE_CSSMERRORSTRING)])
63 fi
64 fi
65
66 dnl Then look for GNU TLS...
67 if test $have_ssl = 0 -a "x$enable_gnutls" != "xno" -a "x$PKGCONFIG" != x; then
68 AC_PATH_PROG(LIBGNUTLSCONFIG,libgnutls-config)
69 AC_PATH_PROG(LIBGCRYPTCONFIG,libgcrypt-config)
70 if $PKGCONFIG --exists gnutls; then
71 have_ssl=1
72 SSLLIBS=`$PKGCONFIG --libs gnutls`
73 SSLFLAGS=`$PKGCONFIG --cflags gnutls`
74 AC_DEFINE(HAVE_SSL)
75 AC_DEFINE(HAVE_GNUTLS)
76 elif test "x$LIBGNUTLSCONFIG" != x; then
77 have_ssl=1
78 SSLLIBS=`$LIBGNUTLSCONFIG --libs`
79 SSLFLAGS=`$LIBGNUTLSCONFIG --cflags`
80 AC_DEFINE(HAVE_SSL)
81 AC_DEFINE(HAVE_GNUTLS)
82 fi
83
84 if test $have_ssl = 1; then
85 CUPS_SERVERCERT="ssl/server.crt"
86 CUPS_SERVERKEY="ssl/server.key"
87
88 if $PKGCONFIG --exists gcrypt; then
89 SSLLIBS="$SSLLIBS `$PKGCONFIG --libs gcrypt`"
90 SSLFLAGS="$SSLFLAGS `$PKGCONFIG --cflags gcrypt`"
91 elif test "x$LIBGCRYPTCONFIG" != x; then
92 SSLLIBS="$SSLLIBS `$LIBGCRYPTCONFIG --libs`"
93 SSLFLAGS="$SSLFLAGS `$LIBGCRYPTCONFIG --cflags`"
94 fi
95 fi
96 fi
97
98 dnl Check for the OpenSSL library last...
99 if test $have_ssl = 0 -a "x$enable_openssl" != "xno"; then
100 AC_CHECK_HEADER(openssl/ssl.h,[
101 dnl Save the current libraries so the crypto stuff isn't always
102 dnl included...
103 SAVELIBS="$LIBS"
104
105 dnl Some ELF systems can't resolve all the symbols in libcrypto
106 dnl if libcrypto was linked against RSAREF, and fail to link the
107 dnl test program correctly, even though a correct installation
108 dnl of OpenSSL exists. So we test the linking three times in
109 dnl case the RSAREF libraries are needed.
110
111 for libcrypto in \
112 "-lcrypto" \
113 "-lcrypto -lrsaref" \
114 "-lcrypto -lRSAglue -lrsaref"
115 do
116 AC_CHECK_LIB(ssl,SSL_new,
117 [have_ssl=1
118 SSLFLAGS="-DOPENSSL_DISABLE_OLD_DES_SUPPORT"
119 SSLLIBS="-lssl $libcrypto"
120 AC_DEFINE(HAVE_SSL)
121 AC_DEFINE(HAVE_LIBSSL)],,
122 $libcrypto)
123
124 if test "x${SSLLIBS}" != "x"; then
125 break
126 fi
127 done
128
129 if test "x${SSLLIBS}" != "x"; then
130 CUPS_SERVERCERT="ssl/server.crt"
131 CUPS_SERVERKEY="ssl/server.key"
132
133 LIBS="$SAVELIBS $SSLLIBS"
134 AC_CHECK_FUNCS(SSL_set_tlsext_host_name)
135 fi
136
137 LIBS="$SAVELIBS"])
138 fi
139 fi
140
141 IPPALIASES="http"
142 if test $have_ssl = 1; then
143 AC_MSG_RESULT([ Using SSLLIBS="$SSLLIBS"])
144 AC_MSG_RESULT([ Using SSLFLAGS="$SSLFLAGS"])
145 IPPALIASES="http https ipps"
146 elif test x$enable_cdsa = xyes -o x$enable_gnutls = xyes -o x$enable_openssl = xyes; then
147 AC_MSG_ERROR([Unable to enable SSL support.])
148 fi
149
150 AC_SUBST(CUPS_SERVERCERT)
151 AC_SUBST(CUPS_SERVERKEY)
152 AC_SUBST(IPPALIASES)
153 AC_SUBST(SSLFLAGS)
154 AC_SUBST(SSLLIBS)
155
156 EXPORT_SSLLIBS="$SSLLIBS"
157 AC_SUBST(EXPORT_SSLLIBS)
158
159 dnl
160 dnl End of "$Id$".
161 dnl
Unnamed repository; edit this file 'description' to name the repository.