From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 28 Jan 2016 11:02:42 +0000 (+1300)
Subject: Rename cert_valid.pl helper to security_fake_crtv
X-Git-Tag: SQUID_4_0_5~17^2~6
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a27cfbe041babf81d6e3525648296fc01261126a;p=thirdparty%2Fsquid.git

Rename cert_valid.pl helper to security_fake_crtv

Also, shuffles the helper to the src/security/ area and creates necessary
infrastructure for bundling other certificate verifier helpers.
---

diff --git a/configure.ac b/configure.ac
index cbe1eda9e1..9e4cb28e7c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2586,6 +2586,18 @@ AC_ARG_ENABLE(url-rewrite-helpers,
 ])
 m4_include([helpers/url_rewrite/modules.m4])
 
+dnl Select security helpers to build
+AC_ARG_ENABLE(security-certv-helpers,
+  AS_HELP_STRING([--enable-security-certv-helpers="list of helpers"],
+                 [This option selects which security certificate verify helpers
+                  to build and install as part of the normal build
+                  process. The default is to attempt the build of all possible
+                  helpers. Use --disable-security-certv-helpers to build none.
+                  For a list of available helpers see the
+                  src/security/certv/ directory.]),[
+])
+m4_include([src/security/certv/modules.m4])
+
 dnl Select storeid_rewrite helpers to build
 AC_ARG_ENABLE(storeid-rewrite-helpers,
   AS_HELP_STRING([--enable-storeid-rewrite-helpers="list of helpers"],
diff --git a/helpers/Makefile.am b/helpers/Makefile.am
index ab53a7cf18..671a75d0e0 100644
--- a/helpers/Makefile.am
+++ b/helpers/Makefile.am
@@ -15,7 +15,6 @@ DIST_SUBDIRS = \
 	negotiate_auth \
 	ntlm_auth \
 	url_rewrite \
-	ssl \
 	storeid_rewrite
 
 SUBDIRS = \
@@ -30,8 +29,3 @@ SUBDIRS = \
 if ENABLE_AUTH_NTLM
 SUBDIRS += ntlm_auth
 endif
-
-if ENABLE_SSL
-SUBDIRS += ssl
-endif
-
diff --git a/src/security/Makefile.am b/src/security/Makefile.am
index 17affaff1c..bc8a644d25 100644
--- a/src/security/Makefile.am
+++ b/src/security/Makefile.am
@@ -8,6 +8,8 @@
 include $(top_srcdir)/src/Common.am
 include $(top_srcdir)/src/TestHeaders.am
 
+SUBDIRS= certv
+
 noinst_LTLIBRARIES = libsecurity.la
 
 libsecurity_la_SOURCES= \
diff --git a/helpers/ssl/Makefile.am b/src/security/certv/Makefile.am
similarity index 73%
rename from helpers/ssl/Makefile.am
rename to src/security/certv/Makefile.am
index 1770c73417..3f94cd87b4 100644
--- a/helpers/ssl/Makefile.am
+++ b/src/security/certv/Makefile.am
@@ -5,8 +5,6 @@
 ## Please see the COPYING and CONTRIBUTORS files for details.
 ##
 
-include $(top_srcdir)/src/Common.am
+DIST_SUBDIRS= fake
+SUBDIRS= $(SECURITY_CERTV_HELPERS)
 
-libexec_SCRIPTS = cert_valid.pl
-EXTRA_DIST= \
-	cert_valid.pl
diff --git a/src/security/certv/fake/Makefile.am b/src/security/certv/fake/Makefile.am
new file mode 100644
index 0000000000..e379a9af38
--- /dev/null
+++ b/src/security/certv/fake/Makefile.am
@@ -0,0 +1,27 @@
+## Copyright (C) 1996-2016 The Squid Software Foundation and contributors
+##
+## Squid software is distributed under GPLv2+ license and includes
+## contributions from numerous individuals and organizations.
+## Please see the COPYING and CONTRIBUTORS files for details.
+##
+
+include $(top_srcdir)/src/Common.am
+
+libexec_SCRIPTS = security_fake_crtv
+CLEANFILES += security_fake_crtv
+EXTRA_DIST= \
+	security_fake_crtv.pl.in \
+	required.m4
+
+security_fake_crtv: security_fake_crtv.pl.in
+	$(subst_perlshell)
+
+if ENABLE_POD2MAN_DOC
+man_MANS = security_fake_crtv.8
+CLEANFILES += security_fake_crtv.8
+EXTRA_DIST += security_fake_crtv.8
+
+security_fake_crtv.8: security_fake_crtv
+	pod2man --section=8 security_fake_crtv security_fake_crtv.8
+
+endif
diff --git a/src/security/certv/fake/required.m4 b/src/security/certv/fake/required.m4
new file mode 100755
index 0000000000..2048d7bc2c
--- /dev/null
+++ b/src/security/certv/fake/required.m4
@@ -0,0 +1,14 @@
+## Copyright (C) 1996-2016 The Squid Software Foundation and contributors
+##
+## Squid software is distributed under GPLv2+ license and includes
+## contributions from numerous individuals and organizations.
+## Please see the COPYING and CONTRIBUTORS files for details.
+##
+
+if test "x$PERL" != "x"; then
+  BUILD_HELPER="fake"
+fi
+if test "x$POD2MAN" = "x"; then
+  AC_MSG_WARN([pod2man not found. security_fake_certv man(8) page will not be built])
+fi
+
diff --git a/helpers/ssl/cert_valid.pl b/src/security/certv/fake/security_fake_crtv.pl.in
similarity index 98%
rename from helpers/ssl/cert_valid.pl
rename to src/security/certv/fake/security_fake_crtv.pl.in
index e95a2aa2ad..f33a0c082b 100755
--- a/helpers/ssl/cert_valid.pl
+++ b/src/security/certv/fake/security_fake_crtv.pl.in
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!@PERL@
 #
 # A dummy SSL certificate validator helper that
 # echos back all the SSL errors sent by Squid.
@@ -19,11 +19,11 @@ my $help = 0;
 
 =head1 NAME
 
-cert_valid.pl - A fake cert validation helper for Squid
+security_fake_crtv - A fake cert validation helper for Squid
 
 =head1 SYNOPSIS
 
-cert_valid.pl [-d | --debug] [-h | --help]
+security_fake_crtv [-d | --debug] [-h | --help]
 
 =over 8
 
diff --git a/src/security/certv/modules.m4 b/src/security/certv/modules.m4
new file mode 100644
index 0000000000..ee36fe420d
--- /dev/null
+++ b/src/security/certv/modules.m4
@@ -0,0 +1,53 @@
+## Copyright (C) 1996-2016 The Squid Software Foundation and contributors
+##
+## Squid software is distributed under GPLv2+ license and includes
+## contributions from numerous individuals and organizations.
+## Please see the COPYING and CONTRIBUTORS files for details.
+##
+
+# This file is supposed to run all the tests required to identify which
+# configured modules are able to be built in this environment
+
+# FIXME: de-duplicate $enable_security_certv_helpers list containing double entries.
+
+#define list of modules to build
+auto_security_modules=no
+if test "x${enable_security_certv_helpers:=yes}" = "xyes" ; then
+  SQUID_LOOK_FOR_MODULES([$srcdir/src/security/certv],[enable_security_certv_helpers])
+  auto_security_modules=yes
+fi
+
+enable_security_certv_helpers="`echo $enable_security_certv_helpers| sed -e 's/,/ /g;s/  */ /g'`"
+AC_MSG_NOTICE([Security certificate verify helper candidates: $enable_security_certv_helpers])
+SECURITY_CERTV_HELPERS=""
+if test "x$enable_security_certv_helpers" != "xno" ; then
+  for helper in $enable_security_certv_helpers; do
+    dir="$srcdir/src/security/certv/$helper"
+
+    # modules converted to autoconf macros already
+    # NP: we only need this list because m4_include() does not accept variables
+    if test "x$helper" = "xfake" ; then
+      m4_include([src/security/certv/fake/required.m4])
+
+    # modules not yet converted to autoconf macros (or third party drop-in's)
+    elif test -f "$dir/config.test" && sh "$dir/config.test" "$squid_host_os"; then
+      BUILD_HELPER="$helper"
+    fi
+
+    if test -d "$srcdir/src/security/certv/$helper"; then
+      if test "$BUILD_HELPER" != "$helper"; then
+        if test "x$auto_security_modules" = "xyes"; then
+          AC_MSG_NOTICE([Security certificate verify helper $helper ... found but cannot be built])
+        else
+          AC_MSG_ERROR([Security certificate verify helper $helper ... found but cannot be built])
+        fi
+      else
+        SECURITY_CERTV_HELPERS="$SECURITY_CERTV_HELPERS $BUILD_HELPER"
+      fi
+    else
+      AC_MSG_ERROR([Security certificate verify helper $helper ... not found])
+    fi
+  done
+fi
+AC_MSG_NOTICE([Security certificate verify helpers to be built: $SECURITY_CERTV_HELPERS])
+AC_SUBST(SECURITY_CERTV_HELPERS)