From: Pieter Lexis Date: Mon, 27 Jun 2016 18:41:52 +0000 (+0200) Subject: Add PDNS_CHECK_LIBCRYPTO based on AX_CHECK_OPENSSL X-Git-Tag: auth-4.0.1^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=74d83458507bf7dd283b91304efb60c44c935934;p=thirdparty%2Fpdns.git Add PDNS_CHECK_LIBCRYPTO based on AX_CHECK_OPENSSL This detects libcrypto for OpenSSL 0.9.8, 1.0 and 1.1. Furthermore, curve detection appeared broken on Arch Linux, this is fixed with the addition of PDNS_CHECK_LIBCRYPTO_ECDSA, without breaking on Debian Jessie, Ubuntu Trusty, Wily and Xenial and CentOS 5 through 7. --- diff --git a/configure.ac b/configure.ac index e3c556ade4..050613cd6b 100644 --- a/configure.ac +++ b/configure.ac @@ -93,11 +93,12 @@ AC_CHECK_HEADERS( PDNS_ENABLE_BOTAN PDNS_CHECK_LIBSODIUM -AX_CHECK_OPENSSL([ +PDNS_CHECK_LIBCRYPTO([ ],[ - AC_MSG_ERROR([OpenSSL not found]) + AC_MSG_ERROR([OpenSSL/libcrypto not found]) ] ) +PDNS_CHECK_LIBCRYPTO_ECDSA PDNS_CHECK_RAGEL PDNS_CHECK_CLOCK_GETTIME @@ -352,7 +353,7 @@ AC_MSG_NOTICE([----------------]) AC_MSG_NOTICE([Built-in modules: $modules]) AC_MSG_NOTICE([Dynamic modules: $dynmodules]) AC_MSG_NOTICE([]) -AS_IF([test "x$openssl_ecdsa" = "xyes"], +AS_IF([test "x$libcrypto_ecdsa" == "xyes"], [AC_MSG_NOTICE([OpenSSL ecdsa: yes])], [AC_MSG_NOTICE([OpenSSL ecdsa: no])] ) diff --git a/m4/ax_check_openssl.m4 b/m4/pdns_check_libcrypto.m4 similarity index 51% rename from m4/ax_check_openssl.m4 rename to m4/pdns_check_libcrypto.m4 index 587b29d348..9f495b42ed 100644 --- a/m4/ax_check_openssl.m4 +++ b/m4/pdns_check_libcrypto.m4 @@ -1,29 +1,26 @@ -# =========================================================================== -# http://www.gnu.org/software/autoconf-archive/ax_check_openssl.html -# =========================================================================== -# # SYNOPSIS # -# AX_CHECK_OPENSSL([action-if-found[, action-if-not-found]]) +# PDNS_CHECK_LIBCRYPTO([action-if-found[, action-if-not-found]]) # # DESCRIPTION # -# Look for OpenSSL in a number of default spots, or in a user-selected -# spot (via --with-openssl). Sets +# Look for OpenSSL's libcrypto in a number of default spots, or in a +# user-selected spot (via --with-libcrypto). Sets # -# OPENSSL_INCLUDES to the include directives required -# OPENSSL_LIBS to the -l directives required -# OPENSSL_LDFLAGS to the -L or -R flags required +# LIBCRYPTO_INCLUDES to the include directives required +# LIBCRYPTO_LIBS to the -l directives required +# LIBCRYPTO_LDFLAGS to the -L or -R flags required # # and calls ACTION-IF-FOUND or ACTION-IF-NOT-FOUND appropriately # -# This macro sets OPENSSL_INCLUDES such that source files should use the +# This macro sets LIBCRYPTO_INCLUDES such that source files should use the # openssl/ directory in include directives: # # #include # # LICENSE # +# Taken and modified from AX_CHECK_OPENSSL by: # Copyright (c) 2009,2010 Zmanda Inc. # Copyright (c) 2009,2010 Dustin J. Mitchell # @@ -32,18 +29,18 @@ # and this notice are preserved. This file is offered as-is, without any # warranty. -#serial 8 (PowerDNS modified) +#serial 1 -AU_ALIAS([CHECK_SSL], [AX_CHECK_OPENSSL]) -AC_DEFUN([AX_CHECK_OPENSSL], [ +AU_ALIAS([CHECK_LIBCRYPTO], [PDNS_CHECK_LIBCRYPTO]) +AC_DEFUN([PDNS_CHECK_LIBCRYPTO], [ found=false - AC_ARG_WITH([openssl], - [AS_HELP_STRING([--with-openssl=DIR], + AC_ARG_WITH([libcrypto], + [AS_HELP_STRING([--with-libcrypto=DIR], [root of the OpenSSL directory])], [ case "$withval" in "" | y | ye | yes | n | no) - AC_MSG_ERROR([Invalid --with-openssl value]) + AC_MSG_ERROR([Invalid --with-libcrypto value]) ;; *) ssldirs="$withval" ;; @@ -51,12 +48,12 @@ AC_DEFUN([AX_CHECK_OPENSSL], [ ], [ # if pkg-config is installed and openssl has installed a .pc file, # then use that information and don't search ssldirs - AC_PATH_PROG([PKG_CONFIG], [pkg-config]) + AC_CHECK_TOOL([PKG_CONFIG], [pkg-config]) if test x"$PKG_CONFIG" != x""; then - OPENSSL_LDFLAGS=`$PKG_CONFIG libcrypto --libs-only-L 2>/dev/null` + LIBCRYPTO_LDFLAGS=`$PKG_CONFIG libcrypto --libs-only-L 2>/dev/null` if test $? = 0; then - OPENSSL_LIBS=`$PKG_CONFIG libcrypto --libs-only-l 2>/dev/null` - OPENSSL_INCLUDES=`$PKG_CONFIG libcrypto --cflags-only-I 2>/dev/null` + LIBCRYPTO_LIBS=`$PKG_CONFIG libcrypto --libs-only-l 2>/dev/null` + LIBCRYPTO_INCLUDES=`$PKG_CONFIG libcrypto --cflags-only-I 2>/dev/null` found=true fi fi @@ -73,13 +70,13 @@ AC_DEFUN([AX_CHECK_OPENSSL], [ # an 'openssl' subdirectory if ! $found; then - OPENSSL_INCLUDES= + LIBCRYPTO_INCLUDES= for ssldir in $ssldirs; do AC_MSG_CHECKING([for openssl/crypto.h in $ssldir]) if test -f "$ssldir/include/openssl/crypto.h"; then - OPENSSL_INCLUDES="-I$ssldir/include" - OPENSSL_LDFLAGS="-L$ssldir/lib" - OPENSSL_LIBS="-lcrypto" + LIBCRYPTO_INCLUDES="-I$ssldir/include" + LIBCRYPTO_LDFLAGS="-L$ssldir/lib" + LIBCRYPTO_LIBS="-lcrypto" found=true AC_MSG_RESULT([yes]) break @@ -95,32 +92,20 @@ AC_DEFUN([AX_CHECK_OPENSSL], [ # try the preprocessor and linker with our new flags, # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS - AC_MSG_CHECKING([whether compiling and linking against OpenSSL works]) - echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \ - "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&AS_MESSAGE_LOG_FD + AC_MSG_CHECKING([whether compiling and linking against OpenSSL's libcrypto works]) + echo "Trying link with LIBCRYPTO_LDFLAGS=$LIBCRYPTO_LDFLAGS;" \ + "LIBCRYPTO_LIBS=$LIBCRYPTO_LIBS; LIBCRYPTO_INCLUDES=$LIBCRYPTO_INCLUDES" >&AS_MESSAGE_LOG_FD save_LIBS="$LIBS" save_LDFLAGS="$LDFLAGS" save_CPPFLAGS="$CPPFLAGS" - LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS" - LIBS="$OPENSSL_LIBS $LIBS" - CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS" + LDFLAGS="$LDFLAGS $LIBCRYPTO_LDFLAGS" + LIBS="$LIBCRYPTO_LIBS $LIBS" + CPPFLAGS="$LIBCRYPTO_INCLUDES $CPPFLAGS" AC_LINK_IFELSE( - [AC_LANG_PROGRAM([#include ], [CRYPTO_free(NULL)])], + [AC_LANG_PROGRAM([#include ], [ERR_load_CRYPTO_strings()])], [ AC_MSG_RESULT([yes]) - openssl_ecdsa=yes - AC_CHECK_FUNC(ECDSA_do_sign, - [ - AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [ : ], [ openssl_ecdsa=no ], [AC_INCLUDES_DEFAULT -#include - ]) - ], [ - openssl_ecdsa=no - ]) - AS_IF([test "x$openssl_ecdsa" = "xyes"], [ - AC_DEFINE([HAVE_OPENSSL_ECDSA], [1], [define to 1 if OpenSSL ecdsa support is avalable.]) - ]) $1 ], [ AC_MSG_RESULT([no]) @@ -130,7 +115,7 @@ AC_DEFUN([AX_CHECK_OPENSSL], [ LDFLAGS="$save_LDFLAGS" LIBS="$save_LIBS" - AC_SUBST([OPENSSL_INCLUDES]) - AC_SUBST([OPENSSL_LIBS]) - AC_SUBST([OPENSSL_LDFLAGS]) + AC_SUBST([LIBCRYPTO_INCLUDES]) + AC_SUBST([LIBCRYPTO_LIBS]) + AC_SUBST([LIBCRYPTO_LDFLAGS]) ]) diff --git a/m4/pdns_check_libcrypto_ecdsa.m4 b/m4/pdns_check_libcrypto_ecdsa.m4 new file mode 100644 index 0000000000..88aa3530d8 --- /dev/null +++ b/m4/pdns_check_libcrypto_ecdsa.m4 @@ -0,0 +1,17 @@ +AC_DEFUN([PDNS_CHECK_LIBCRYPTO_ECDSA], [ + AC_REQUIRE([PDNS_CHECK_LIBCRYPTO]) + libcrypto_ecdsa=yes + AC_CHECK_HEADER([openssl/ecdsa.h], [ + AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [ : ], [ + libcrypto_ecdsa=no + ], [AC_INCLUDES_DEFAULT +#include + ]) + ], [ + libcrypto_ecdsa=no + ]) + + AS_IF([test "x$libcrypto_ecdsa" = "xyes"], [ + AC_DEFINE([HAVE_LIBCRYPTO_ECDSA], [1], [define to 1 if OpenSSL ecdsa support is avalable.]) + ]) +]) diff --git a/modules/remotebackend/Makefile.am b/modules/remotebackend/Makefile.am index cc4afbbc46..ffe8a353ae 100644 --- a/modules/remotebackend/Makefile.am +++ b/modules/remotebackend/Makefile.am @@ -1,7 +1,7 @@ AM_CPPFLAGS += \ -I$(top_srcdir)/ext/json11 \ $(YAHTTP_CFLAGS) \ - $(OPENSSL_CFLAGS) \ + $(LIBCRYPTO_CFLAGS) \ $(LIBZMQ_CFLAGS) AM_LDFLAGS = $(THREADFLAGS) @@ -131,7 +131,7 @@ libtestremotebackend_la_CPPFLAGS = $(AM_CPPFLAGS) libtestremotebackend_la_LIBADD = \ $(YAHTTP_LIBS) \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_UNIT_TEST_FRAMEWORK_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) \ $(LIBDL) $(JSON11_LIBS) diff --git a/pdns/Makefile.am b/pdns/Makefile.am index 082c6cd959..eee30caf35 100644 --- a/pdns/Makefile.am +++ b/pdns/Makefile.am @@ -4,7 +4,7 @@ AM_CPPFLAGS += \ -I$(top_srcdir)/ext/json11 \ $(YAHTTP_CFLAGS) \ $(LIBEDIT_CFLAGS) \ - $(OPENSSL_INCLUDES) \ + $(LIBCRYPTO_INCLUDES) \ $(SYSTEMD_CFLAGS) AM_CXXFLAGS = \ @@ -211,7 +211,7 @@ pdns_server_SOURCES = \ pdns_server_LDFLAGS = \ $(AM_LDFLAGS) \ $(DYNLINKFLAGS) \ - $(OPENSSL_LDFLAGS) + $(LIBCRYPTO_LDFLAGS) pdns_server_LDADD = \ @moduleobjects@ \ @@ -219,7 +219,7 @@ pdns_server_LDADD = \ $(LIBDL) \ $(YAHTTP_LIBS) \ $(JSON11_LIBS) \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(SYSTEMD_LIBS) if BOTAN110 @@ -302,7 +302,7 @@ pdnsutil_LDFLAGS = \ $(AM_LDFLAGS) \ $(DYNLINKFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) \ - $(OPENSSL_LDFLAGS) + $(LIBCRYPTO_LDFLAGS) pdnsutil_LDADD = \ @moduleobjects@ \ @@ -311,7 +311,7 @@ pdnsutil_LDADD = \ $(JSON11_LIBS) \ $(LIBDL) \ $(BOOST_PROGRAM_OPTIONS_LIBS) \ - $(OPENSSL_LIBS) + $(LIBCRYPTO_LIBS) if BOTAN110 pdnsutil_SOURCES += botan110signers.cc @@ -368,8 +368,8 @@ zone2sql_SOURCES = \ zone2sql.cc \ zoneparser-tng.cc -zone2sql_LDADD = $(OPENSSL_LIBS) $(JSON11_LIBS) -zone2sql_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +zone2sql_LDADD = $(LIBCRYPTO_LIBS) $(JSON11_LIBS) +zone2sql_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) zone2json_SOURCES = \ arguments.cc \ @@ -395,8 +395,8 @@ zone2json_SOURCES = \ zone2json.cc \ zoneparser-tng.cc -zone2json_LDADD = $(OPENSSL_LIBS) $(JSON11_LIBS) -zone2json_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +zone2json_LDADD = $(LIBCRYPTO_LIBS) $(JSON11_LIBS) +zone2json_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) # pkglib_LTLIBRARIES = iputils.la # iputils_la_SOURCES = lua-iputils.cc @@ -431,8 +431,8 @@ zone2ldap_SOURCES = \ zone2ldap.cc \ zoneparser-tng.cc -zone2ldap_LDADD = $(OPENSSL_LIBS) -zone2ldap_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +zone2ldap_LDADD = $(LIBCRYPTO_LIBS) +zone2ldap_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) sdig_SOURCES = \ base32.cc \ @@ -455,8 +455,8 @@ sdig_SOURCES = \ statbag.cc \ unix_utility.cc -sdig_LDADD = $(OPENSSL_LIBS) -sdig_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +sdig_LDADD = $(LIBCRYPTO_LIBS) +sdig_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) calidns_SOURCES = \ base32.cc \ @@ -478,8 +478,8 @@ calidns_SOURCES = \ statbag.cc \ unix_utility.cc -calidns_LDADD = $(OPENSSL_LIBS) -calidns_LDFLAGS = $(AM_LDFLAGS) $(THREADFLAGS) $(OPENSSL_LDFLAGS) +calidns_LDADD = $(LIBCRYPTO_LIBS) +calidns_LDFLAGS = $(AM_LDFLAGS) $(THREADFLAGS) $(LIBCRYPTO_LDFLAGS) dumresp_SOURCES = \ dnslabeltext.cc \ @@ -521,8 +521,8 @@ stubquery_SOURCES = \ stubquery.cc \ unix_utility.cc -stubquery_LDADD = $(OPENSSL_LIBS) -stubquery_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +stubquery_LDADD = $(LIBCRYPTO_LIBS) +stubquery_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) saxfr_SOURCES = \ base32.cc \ @@ -546,8 +546,8 @@ saxfr_SOURCES = \ statbag.cc \ unix_utility.cc -saxfr_LDADD = $(OPENSSL_LIBS) -saxfr_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +saxfr_LDADD = $(LIBCRYPTO_LIBS) +saxfr_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) if PKCS11 saxfr_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -585,8 +585,8 @@ ixplore_SOURCES = \ statbag.cc \ unix_utility.cc zoneparser-tng.cc -ixplore_LDADD = $(OPENSSL_LIBS) -ixplore_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +ixplore_LDADD = $(LIBCRYPTO_LIBS) +ixplore_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) if PKCS11 ixplore_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -619,11 +619,11 @@ dnstcpbench_SOURCES = \ dnstcpbench_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnstcpbench_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) nsec3dig_SOURCES = \ @@ -647,8 +647,8 @@ nsec3dig_SOURCES = \ statbag.cc \ unix_utility.cc -nsec3dig_LDADD = $(OPENSSL_LIBS) -nsec3dig_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +nsec3dig_LDADD = $(LIBCRYPTO_LIBS) +nsec3dig_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) if PKCS11 nsec3dig_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -692,8 +692,8 @@ toysdig_SOURCES = \ toysdig_LDFLAGS = $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) -toysdig_LDADD = $(OPENSSL_LIBS) + $(LIBCRYPTO_LDFLAGS) +toysdig_LDADD = $(LIBCRYPTO_LIBS) if GSS_TSIG toysdig_LDADD += $(GSS_LIBS) @@ -735,8 +735,8 @@ tsig_tests_SOURCES = \ tsig-tests.cc \ unix_utility.cc -tsig_tests_LDADD = $(OPENSSL_LIBS) -tsig_tests_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) +tsig_tests_LDADD = $(LIBCRYPTO_LIBS) +tsig_tests_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) if PKCS11 tsig_tests_SOURCES += pkcs11signers.cc pkcs11signers.hh @@ -765,8 +765,8 @@ speedtest_SOURCES = \ statbag.cc \ unix_utility.cc -speedtest_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) -speedtest_LDADD = $(OPENSSL_LIBS) \ +speedtest_LDFLAGS = $(AM_LDFLAGS) $(LIBCRYPTO_LDFLAGS) +speedtest_LDADD = $(LIBCRYPTO_LIBS) \ $(RT_LIBS) dnswasher_SOURCES = \ @@ -803,11 +803,11 @@ dnsbulktest_SOURCES = \ dnsbulktest_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnsbulktest_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) comfun_SOURCES = \ @@ -832,11 +832,11 @@ comfun_SOURCES = \ comfun_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) comfun_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) @@ -863,9 +863,9 @@ dnsscan_SOURCES = \ dnsscan_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) + $(LIBCRYPTO_LDFLAGS) -dnsscan_LDADD = $(OPENSSL_LIBS) +dnsscan_LDADD = $(LIBCRYPTO_LIBS) dnsreplay_SOURCES = \ anadns.hh \ @@ -892,11 +892,11 @@ dnsreplay_SOURCES = \ dnsreplay_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnsreplay_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) nproxy_SOURCES = \ @@ -921,11 +921,11 @@ nproxy_SOURCES = \ nproxy_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) nproxy_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) pdns_notify_SOURCES = \ @@ -951,11 +951,11 @@ pdns_notify_SOURCES = \ pdns_notify_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) pdns_notify_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) dnsscope_SOURCES = \ @@ -983,11 +983,11 @@ dnsscope_SOURCES = \ dnsscope_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnsscope_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) dnsgram_SOURCES = \ @@ -1012,10 +1012,10 @@ dnsgram_SOURCES = \ dnsgram_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) + $(LIBCRYPTO_LDFLAGS) dnsgram_LDADD = \ - $(OPENSSL_LIBS) + $(LIBCRYPTO_LIBS) dnsdemog_SOURCES = \ base32.cc \ @@ -1039,10 +1039,10 @@ dnsdemog_SOURCES = \ dnsdemog_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) + $(LIBCRYPTO_LDFLAGS) dnsdemog_LDADD = \ - $(OPENSSL_LIBS) + $(LIBCRYPTO_LIBS) if HAVE_PROTOBUF if HAVE_PROTOC @@ -1080,11 +1080,11 @@ nodist_dnspcap2protobuf_SOURCES=dnsmessage.pb.cc dnsmessage.pb.h dnspcap2protobuf_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) dnspcap2protobuf_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(PROTOBUF_LIBS) \ $(BOOST_PROGRAM_OPTIONS_LIBS) endif @@ -1156,11 +1156,11 @@ testrunner_SOURCES = \ testrunner_LDFLAGS = \ $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) \ + $(LIBCRYPTO_LDFLAGS) \ $(BOOST_UNIT_TEST_FRAMEWORK_LDFLAGS) testrunner_LDADD = \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_UNIT_TEST_FRAMEWORK_LIBS) \ $(RT_LIBS) \ $(LIBDL) diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc index fcabd4e128..db2bbedbfa 100644 --- a/pdns/opensslsigners.cc +++ b/pdns/opensslsigners.cc @@ -2,7 +2,7 @@ #include "config.h" #endif #include -#ifdef HAVE_OPENSSL_ECDSA +#ifdef HAVE_LIBCRYPTO_ECDSA #include #endif #include @@ -419,7 +419,7 @@ void OpenSSLRSADNSCryptoKeyEngine::fromPublicKeyString(const std::string& input) d_key = key; } -#ifdef HAVE_OPENSSL_ECDSA +#ifdef HAVE_LIBCRYPTO_ECDSA class OpenSSLECDSADNSCryptoKeyEngine : public DNSCryptoKeyEngine { public: @@ -732,7 +732,7 @@ namespace { DNSCryptoKeyEngine::report(7, &OpenSSLRSADNSCryptoKeyEngine::maker); DNSCryptoKeyEngine::report(8, &OpenSSLRSADNSCryptoKeyEngine::maker); DNSCryptoKeyEngine::report(10, &OpenSSLRSADNSCryptoKeyEngine::maker); -#ifdef HAVE_OPENSSL_ECDSA +#ifdef HAVE_LIBCRYPTO_ECDSA DNSCryptoKeyEngine::report(13, &OpenSSLECDSADNSCryptoKeyEngine::maker); DNSCryptoKeyEngine::report(14, &OpenSSLECDSADNSCryptoKeyEngine::maker); #endif diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am index ab5809c29c..dbed2fad11 100644 --- a/pdns/recursordist/Makefile.am +++ b/pdns/recursordist/Makefile.am @@ -6,7 +6,7 @@ AM_CPPFLAGS += \ -I$(top_srcdir)/ext/json11 \ -I$(top_srcdir)/ext/rapidjson/include \ $(YAHTTP_CFLAGS) \ - $(OPENSSL_INCLUDES) + $(LIBCRYPTO_INCLUDES) AM_CXXFLAGS = \ -DSYSCONFDIR=\"$(sysconfdir)\" \ @@ -145,13 +145,13 @@ endif pdns_recursor_LDADD = \ $(YAHTTP_LIBS) \ $(JSON11_LIBS) \ - $(OPENSSL_LIBS) \ + $(LIBCRYPTO_LIBS) \ $(BOOST_CONTEXT_LIBS) \ $(SYSTEMD_LIBS) \ $(RT_LIBS) pdns_recursor_LDFLAGS = $(AM_LDFLAGS) \ - $(OPENSSL_LDFLAGS) + $(LIBCRYPTO_LDFLAGS) if BOTAN110 pdns_recursor_SOURCES += \ diff --git a/pdns/recursordist/configure.ac b/pdns/recursordist/configure.ac index 0ee0c5a17e..2b563934bc 100644 --- a/pdns/recursordist/configure.ac +++ b/pdns/recursordist/configure.ac @@ -98,10 +98,12 @@ PDNS_ENABLE_VERBOSE_LOGGING # Crypto libraries PDNS_ENABLE_BOTAN -AX_CHECK_OPENSSL([ +PDNS_CHECK_LIBCRYPTO([ ],[ - AC_MSG_ERROR([OpenSSL not found]) -]) + AC_MSG_ERROR([OpenSSL/libcrypto not found]) + ] +) +PDNS_CHECK_LIBCRYPTO_ECDSA # check for tools we might need PDNS_CHECK_RAGEL @@ -187,6 +189,7 @@ AS_IF([test "x$LUAPC" != "x"], [AC_MSG_NOTICE([LuaJit: $LUAJITPC])], [AC_MSG_NOTICE([Lua/LuaJit: no])]) ]) +AC_MSG_NOTICE([OpenSSL ECDSA: $libcrypto_ecdsa]) AS_IF([test "x$PROTOBUF_LIBS" != "x" -a x"$PROTOC" != "x"], [AC_MSG_NOTICE([Protobuf: yes])], [AC_MSG_NOTICE([Protobuf: no])] diff --git a/pdns/recursordist/m4/ax_check_openssl.m4 b/pdns/recursordist/m4/ax_check_openssl.m4 deleted file mode 120000 index f33eaf4add..0000000000 --- a/pdns/recursordist/m4/ax_check_openssl.m4 +++ /dev/null @@ -1 +0,0 @@ -../../../m4/ax_check_openssl.m4 \ No newline at end of file diff --git a/pdns/recursordist/m4/pdns_check_libcrypto.m4 b/pdns/recursordist/m4/pdns_check_libcrypto.m4 new file mode 120000 index 0000000000..b56d43abb3 --- /dev/null +++ b/pdns/recursordist/m4/pdns_check_libcrypto.m4 @@ -0,0 +1 @@ +../../../m4/pdns_check_libcrypto.m4 \ No newline at end of file diff --git a/pdns/recursordist/m4/pdns_check_libcrypto_ecdsa.m4 b/pdns/recursordist/m4/pdns_check_libcrypto_ecdsa.m4 new file mode 120000 index 0000000000..5715217da6 --- /dev/null +++ b/pdns/recursordist/m4/pdns_check_libcrypto_ecdsa.m4 @@ -0,0 +1 @@ +../../../m4/pdns_check_libcrypto_ecdsa.m4 \ No newline at end of file