Updated Branches: refs/heads/master 4db27ec47 -> 1ae99c020
TS-2504: replace OpenSSL detection with AX_CHECK_OPENSSL Use the ax_check_openssl.m4 macro from the autoconf archive so that we don't need to carry around custom OpenSSL detection logic. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/6d3670be Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/6d3670be Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/6d3670be Branch: refs/heads/master Commit: 6d3670bef7b274e51738a07ba61205431bf0aad7 Parents: 4db27ec Author: James Peach <[email protected]> Authored: Sat Jan 18 21:14:54 2014 -0800 Committer: James Peach <[email protected]> Committed: Tue Jan 21 15:45:33 2014 -0800 ---------------------------------------------------------------------- build/ax_check_openssl.m4 | 124 +++++++++++++++++++++++++++++++++++++ build/crypto.m4 | 97 ++++------------------------- cmd/traffic_cop/Makefile.am | 2 +- cmd/traffic_line/Makefile.am | 2 +- cmd/traffic_shell/Makefile.am | 2 +- configure.ac | 3 - iocore/net/Makefile.am | 2 +- lib/ts/Makefile.am | 2 +- mgmt/Makefile.am | 2 +- mgmt/api/Makefile.am | 2 +- proxy/Makefile.am | 8 +-- tools/Makefile.am | 2 +- 12 files changed, 147 insertions(+), 101 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/build/ax_check_openssl.m4 ---------------------------------------------------------------------- diff --git a/build/ax_check_openssl.m4 b/build/ax_check_openssl.m4 new file mode 100644 index 0000000..85605b1 --- /dev/null +++ b/build/ax_check_openssl.m4 @@ -0,0 +1,124 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_openssl.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_OPENSSL([action-if-found[, action-if-not-found]]) +# +# DESCRIPTION +# +# Look for OpenSSL in a number of default spots, or in a user-selected +# spot (via --with-openssl). Sets +# +# OPENSSL_INCLUDES to the include directives required +# OPENSSL_LIBS to the -l directives required +# OPENSSL_LDFLAGS to the -L or -R flags required +# +# and calls ACTION-IF-FOUND or ACTION-IF-NOT-FOUND appropriately +# +# This macro sets OPENSSL_INCLUDES such that source files should use the +# openssl/ directory in include directives: +# +# #include <openssl/hmac.h> +# +# LICENSE +# +# Copyright (c) 2009,2010 Zmanda Inc. <http://www.zmanda.com/> +# Copyright (c) 2009,2010 Dustin J. Mitchell <[email protected]> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 8 + +AU_ALIAS([CHECK_SSL], [AX_CHECK_OPENSSL]) +AC_DEFUN([AX_CHECK_OPENSSL], [ + found=false + AC_ARG_WITH([openssl], + [AS_HELP_STRING([--with-openssl=DIR], + [root of the OpenSSL directory])], + [ + case "$withval" in + "" | y | ye | yes | n | no) + AC_MSG_ERROR([Invalid --with-openssl value]) + ;; + *) ssldirs="$withval" + ;; + esac + ], [ + # if pkg-config is installed and openssl has installed a .pc file, + # then use that information and don't search ssldirs + AC_PATH_PROG([PKG_CONFIG], [pkg-config]) + if test x"$PKG_CONFIG" != x""; then + OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null` + if test $? = 0; then + OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null` + OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null` + found=true + fi + fi + + # no such luck; use some default ssldirs + if ! $found; then + ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/sfw /usr/local /opt/local /usr" + fi + ] + ) + + + # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in + # an 'openssl' subdirectory + + if ! $found; then + OPENSSL_INCLUDES= + for ssldir in $ssldirs; do + AC_MSG_CHECKING([for openssl/ssl.h in $ssldir]) + if test -f "$ssldir/include/openssl/ssl.h"; then + OPENSSL_INCLUDES="-I$ssldir/include" + OPENSSL_LDFLAGS="-L$ssldir/lib" + OPENSSL_LIBS="-lssl -lcrypto" + found=true + AC_MSG_RESULT([yes]) + break + else + AC_MSG_RESULT([no]) + fi + done + + # if the file wasn't found, well, go ahead and try the link anyway -- maybe + # it will just work! + fi + + # try the preprocessor and linker with our new flags, + # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS + + AC_MSG_CHECKING([whether compiling and linking against OpenSSL works]) + echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \ + "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&AS_MESSAGE_LOG_FD + + save_LIBS="$LIBS" + save_LDFLAGS="$LDFLAGS" + save_CPPFLAGS="$CPPFLAGS" + LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS" + LIBS="$OPENSSL_LIBS $LIBS" + CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS" + AC_LINK_IFELSE( + [AC_LANG_PROGRAM([#include <openssl/ssl.h>], [SSL_new(NULL)])], + [ + AC_MSG_RESULT([yes]) + $1 + ], [ + AC_MSG_RESULT([no]) + $2 + ]) + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + + AC_SUBST([OPENSSL_INCLUDES]) + AC_SUBST([OPENSSL_LIBS]) + AC_SUBST([OPENSSL_LDFLAGS]) +]) http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/build/crypto.m4 ---------------------------------------------------------------------- diff --git a/build/crypto.m4 b/build/crypto.m4 index 0b8db8f..94919dc 100644 --- a/build/crypto.m4 +++ b/build/crypto.m4 @@ -25,95 +25,20 @@ AC_DEFUN([TS_CHECK_CRYPTO], [ enable_crypto=no AC_SEARCH_LIBS([crypt], [crypt], [AC_SUBST([LIBCRYPT],["-lcrypt"])]) - TS_CHECK_CRYPTO_OPENSSL - dnl add checks for other varieties of ssl here -]) -dnl - -AC_DEFUN([TS_CHECK_CRYPTO_OPENSSL], [ -enable_openssl=no -AC_ARG_WITH(openssl, [AC_HELP_STRING([--with-openssl=DIR],[use a specific OpenSSL library])], -[ - if test "x$withval" != "xyes" && test "x$withval" != "x"; then - openssl_base_dir="$withval" - if test "$withval" != "no"; then - enable_openssl=yes - case "$withval" in - *":"*) - openssl_include="`echo $withval |sed -e 's/:.*$//'`" - openssl_ldflags="`echo $withval |sed -e 's/^.*://'`" - AC_MSG_CHECKING(checking for OpenSSL includes in $openssl_include libs in $openssl_ldflags ) - ;; - *) - openssl_include="$withval/include" - openssl_ldflags="$withval/lib" - AC_MSG_CHECKING(checking for OpenSSL includes in $withval) - ;; - esac - fi - fi -]) - -if test "x$openssl_base_dir" = "x"; then - AC_MSG_CHECKING([for OpenSSL location]) - AC_CACHE_VAL(ats_cv_openssl_dir,[ - for dir in /usr/local/ssl /usr/pkg /usr/sfw /usr/local /usr; do - if test -d $dir && test -f $dir/include/openssl/x509.h; then - ats_cv_openssl_dir=$dir - break - fi - done + AX_CHECK_OPENSSL([ + TS_ADDTO(CPPFLAGS, [$OPENSSL_INCLUDES]) + TS_ADDTO(LDFLAGS, [$OPENSSL_LDFLAGS]) + ], [ + AC_ERROR(failed to find OpenSSL) ]) - openssl_base_dir=$ats_cv_openssl_dir - if test "x$openssl_base_dir" = "x"; then - enable_openssl=no - AC_MSG_RESULT([not found]) - else - enable_openssl=yes - openssl_include="$openssl_base_dir/include" - openssl_ldflags="$openssl_base_dir/lib" - AC_MSG_RESULT([${openssl_base_dir}]) - fi -else - if test -d $openssl_include/openssl && test -d $openssl_ldflags && test -f $openssl_include/openssl/x509.h; then - AC_MSG_RESULT([ok]) - else - AC_MSG_RESULT([not found]) - fi -fi - -if test "$enable_openssl" != "no"; then - saved_ldflags=$LDFLAGS - saved_cppflags=$CPPFLAGS - openssl_have_headers=0 - openssl_have_libs=0 - if test "$openssl_base_dir" != "/usr"; then - TS_ADDTO(CPPFLAGS, [-I${openssl_include}]) - TS_ADDTO(LDFLAGS, [-L${openssl_ldflags}]) - TS_ADDTO(LIBTOOL_LINK_FLAGS, [-R${openssl_ldflags}]) - fi - AC_SEARCH_LIBS([BN_init],[crypto], - AC_SEARCH_LIBS([SSL_accept], [ssl], [openssl_have_libs=1], [], [-lcrypto])) - if test "$openssl_have_libs" != "0"; then - AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1]) - fi - if test "$openssl_have_headers" != "0"; then - AC_CHECK_DECLS([EVP_PKEY_CTX_new], [], [], - [#include <openssl/evp.h>]) - enable_crypto=yes - AC_SUBST([LIBSSL],["-lssl -lcrypto"]) - else - enable_openssl=no - CPPFLAGS=$saved_cppflags - LDFLAGS=$saved_ldflags - fi -fi + dnl add checks for other varieties of ssl here ]) +dnl AC_DEFUN([TS_CHECK_CRYPTO_EC_KEYS], [ _eckeys_saved_LIBS=$LIBS - TS_ADDTO(LIBS, [$LIBSSL]) + TS_ADDTO(LIBS, [$OPENSSL_LIBS]) AC_CHECK_HEADERS(openssl/ec.h) AC_CHECK_FUNCS(EC_KEY_new_by_curve_name, [enable_tls_eckey=yes], [enable_tls_eckey=no]) LIBS=$_eckeys_saved_LIBS @@ -127,7 +52,7 @@ AC_DEFUN([TS_CHECK_CRYPTO_EC_KEYS], [ AC_DEFUN([TS_CHECK_CRYPTO_NEXTPROTONEG], [ enable_tls_npn=yes _npn_saved_LIBS=$LIBS - TS_ADDTO(LIBS, [$LIBSSL]) + TS_ADDTO(LIBS, [$OPENSSL_LIBS]) AC_CHECK_FUNCS(SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_proto_select_cb SSL_select_next_proto SSL_get0_next_proto_negotiated, [], [enable_tls_npn=no] ) @@ -143,7 +68,7 @@ AC_DEFUN([TS_CHECK_CRYPTO_TICKETS], [ _tickets_saved_LIBS=$LIBS enable_tls_tickets=yes - TS_ADDTO(LIBS, [$LIBSSL]) + TS_ADDTO(LIBS, [$OPENSSL_LIBS]) AC_CHECK_HEADERS(openssl/tls1.h openssl/ssl.h openssl/ts.h openssl/hmac.h openssl/evp.h) AC_MSG_CHECKING([for SSL_CTX_set_tlsext_ticket_key_cb]) AC_COMPILE_IFELSE( @@ -178,7 +103,7 @@ AC_DEFUN([TS_CHECK_CRYPTO_SNI], [ _sni_saved_LIBS=$LIBS enable_tls_sni=yes - TS_ADDTO(LIBS, [$LIBSSL]) + TS_ADDTO(LIBS, [$OPENSSL_LIBS]) AC_CHECK_HEADERS(openssl/tls1.h openssl/ssl.h openssl/ts.h) # We are looking for SSL_CTX_set_tlsext_servername_callback, but it's a # macro, so AC_CHECK_FUNCS is not going to do the business. http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/cmd/traffic_cop/Makefile.am ---------------------------------------------------------------------- diff --git a/cmd/traffic_cop/Makefile.am b/cmd/traffic_cop/Makefile.am index f5a25a4..482075a 100644 --- a/cmd/traffic_cop/Makefile.am +++ b/cmd/traffic_cop/Makefile.am @@ -40,4 +40,4 @@ traffic_cop_LDADD = \ $(top_builddir)/mgmt/api/libtsmgmt.la \ $(top_builddir)/lib/ts/libtsutil.la \ $(top_builddir)/lib/records/librec4cop.a \ - @LIBRESOLV@ @LIBSSL@ + @LIBRESOLV@ @OPENSSL_LIBS@ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/cmd/traffic_line/Makefile.am ---------------------------------------------------------------------- diff --git a/cmd/traffic_line/Makefile.am b/cmd/traffic_line/Makefile.am index debf8bd..594a874 100644 --- a/cmd/traffic_line/Makefile.am +++ b/cmd/traffic_line/Makefile.am @@ -33,4 +33,4 @@ traffic_line_LDADD = \ $(top_builddir)/mgmt/api/libtsmgmtshare.la \ $(top_builddir)/mgmt/api/libtsmgmt.la \ $(top_builddir)/lib/ts/libtsutil.la \ - @LIBRESOLV@ @LIBTCL@ @LIBSSL@ + @LIBRESOLV@ @LIBTCL@ @OPENSSL_LIBS@ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/cmd/traffic_shell/Makefile.am ---------------------------------------------------------------------- diff --git a/cmd/traffic_shell/Makefile.am b/cmd/traffic_shell/Makefile.am index 09574cd..2a28086 100644 --- a/cmd/traffic_shell/Makefile.am +++ b/cmd/traffic_shell/Makefile.am @@ -72,6 +72,6 @@ traffic_shell_LDADD = \ $(top_builddir)/mgmt/utils/libutils_lm.a \ $(top_builddir)/lib/ts/libtsutil.la \ $(LIBTCL) $(LIBREADLINE) \ - @LIBRESOLV@ @LIBEXPAT@ @LIBSSL@ \ + @LIBRESOLV@ @LIBEXPAT@ @OPENSSL_LIBS@ \ @LIBPCRE@ @LIBREADLINE@ \ -lm http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/configure.ac ---------------------------------------------------------------------- diff --git a/configure.ac b/configure.ac index 5552594..5823f2a 100644 --- a/configure.ac +++ b/configure.ac @@ -1107,9 +1107,6 @@ AX_BOOST_BASE([1.33], # # Check for SSL presence and usability TS_CHECK_CRYPTO -if test "x${enable_crypto}" != "xyes"; then - AC_MSG_ERROR([Need at least one SSL library, --with-openssl is supported]) -fi # # Check for NextProtocolNegotiation TLS extension support. http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/iocore/net/Makefile.am ---------------------------------------------------------------------- diff --git a/iocore/net/Makefile.am b/iocore/net/Makefile.am index b3e1d52..4575e9e 100644 --- a/iocore/net/Makefile.am +++ b/iocore/net/Makefile.am @@ -40,7 +40,7 @@ test_certlookup_SOURCES = \ test_certlookup_LDADD = \ $(top_builddir)/lib/ts/libtsutil.la \ $(top_builddir)/iocore/eventsystem/libinkevent.a \ - @LIBSSL@ + @OPENSSL_LIBS@ libinknet_a_SOURCES = \ Connection.cc \ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/lib/ts/Makefile.am ---------------------------------------------------------------------- diff --git a/lib/ts/Makefile.am b/lib/ts/Makefile.am index 18461b0..b5b5fb5 100644 --- a/lib/ts/Makefile.am +++ b/lib/ts/Makefile.am @@ -29,7 +29,7 @@ libtsutil_la_LIBADD = \ @hwloc_LIBS@ \ @LIBOBJS@ \ @LIBPCRE@ \ - @LIBSSL@ \ + @OPENSSL_LIBS@ \ @LIBTCL@ \ @LIBRESOLV@ \ @LIBCAP@ \ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/mgmt/Makefile.am ---------------------------------------------------------------------- diff --git a/mgmt/Makefile.am b/mgmt/Makefile.am index 30c8609..db485c8 100644 --- a/mgmt/Makefile.am +++ b/mgmt/Makefile.am @@ -114,5 +114,5 @@ traffic_manager_LDADD += \ $(top_builddir)/lib/tsconfig/libtsconfig.la endif -traffic_manager_LDADD += @LIBSSL@ +traffic_manager_LDADD += @OPENSSL_LIBS@ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/mgmt/api/Makefile.am ---------------------------------------------------------------------- diff --git a/mgmt/api/Makefile.am b/mgmt/api/Makefile.am index bb311a3..7d1bc31 100644 --- a/mgmt/api/Makefile.am +++ b/mgmt/api/Makefile.am @@ -88,4 +88,4 @@ traffic_api_cli_remote_LDADD = \ libtsmgmtshare.la \ libtsmgmt.la \ $(top_builddir)/lib/ts/libtsutil.la \ - @LIBTCL@ @LIBSSL@ + @LIBTCL@ @OPENSSL_LIBS@ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/proxy/Makefile.am ---------------------------------------------------------------------- diff --git a/proxy/Makefile.am b/proxy/Makefile.am index 04d72c8..88f8d54 100644 --- a/proxy/Makefile.am +++ b/proxy/Makefile.am @@ -148,7 +148,7 @@ traffic_server_LDADD = \ $(which_libts) \ @hwloc_LIBS@ \ @LIBPCRE@ \ - @LIBSSL@ \ + @OPENSSL_LIBS@ \ @LIBTCL@ \ @LIBEXPAT@ \ @LIBDEMANGLE@ \ @@ -176,7 +176,7 @@ traffic_logcat_LDADD = \ $(top_builddir)/lib/records/librecprocess.a \ $(top_builddir)/iocore/eventsystem/libinkevent.a \ $(top_builddir)/lib/ts/libtsutil.la \ - @LIBRESOLV@ @LIBPCRE@ @LIBSSL@ @LIBTCL@ \ + @LIBRESOLV@ @LIBPCRE@ @OPENSSL_LIBS@ @LIBTCL@ \ @LIBEXPAT@ @LIBDEMANGLE@ @LIBPROFILER@ -lm traffic_logstats_SOURCES = logstats.cc @@ -192,7 +192,7 @@ traffic_logstats_LDADD = \ $(top_builddir)/lib/records/librecprocess.a \ $(top_builddir)/iocore/eventsystem/libinkevent.a \ $(top_builddir)/lib/ts/libtsutil.la \ - @LIBRESOLV@ @LIBPCRE@ @LIBSSL@ @LIBTCL@ \ + @LIBRESOLV@ @LIBPCRE@ @OPENSSL_LIBS@ @LIBTCL@ \ @LIBEXPAT@ @LIBDEMANGLE@ @LIBPROFILER@ -lm traffic_sac_SOURCES = \ @@ -246,7 +246,7 @@ traffic_sac_LDADD = \ $(top_builddir)/iocore/eventsystem/libinkevent.a \ $(top_builddir)/lib/records/librecprocess.a \ $(top_builddir)/lib/ts/libtsutil.la \ - @LIBRESOLV@ @LIBPCRE@ @LIBSSL@ @LIBTCL@ \ + @LIBRESOLV@ @LIBPCRE@ @OPENSSL_LIBS@ @LIBTCL@ \ @LIBEXPAT@ @LIBDEMANGLE@ @LIBZ@ @LIBLZMA@ @LIBPROFILER@ -lm if BUILD_TESTS http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6d3670be/tools/Makefile.am ---------------------------------------------------------------------- diff --git a/tools/Makefile.am b/tools/Makefile.am index 9038212..d18c0bf 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -31,7 +31,7 @@ jtest_jtest_LDADD = $(top_builddir)/lib/ts/libtsutil.la if BUILD_HTTP_LOAD noinst_PROGRAMS += http_load/http_load -http_load_http_load_LDADD = @LIBSSL@ +http_load_http_load_LDADD = @OPENSSL_LIBS@ http_load_http_load_SOURCES = \ http_load/http_load.c \ http_load/timers.c \
