"Roy T. Fielding" wrote:
>
> On Sun, Jun 03, 2001 at 11:01:01PM -0700, Ryan Morgan wrote:
> > On Fri, Jun 01, 2001 at 02:24:26PM -0700, Roy T. Fielding wrote:
> > > > So now all the user needs to specify is --enable-tls, and only --with-ssl=dir
> > > > if configure cannot find the SSL toolkit.
> > >
> > > That's a reasonable theory, but note that the existing tls check allows
> > > more options than the openssl check. I think we need to head in this
> > > direction but replace the existing "search for openssl" code with a
> > > simpler AC_TRY_LINK check that was specific to the minimum SSL library
> > > needed to compile those modules.
> >
> > Yep, an all-in-one check is what is needed, although mod_tls only works
> > with OpenSSL at the moment. (Correct me if I'm wrong)
> >
> > The reason I submitted the patch is because the current checks for OpenSSL
> > are incorrect. $SSLDIR/include/openssl is added to INCLUDES causing the
> > compile to break when trying to include "openssl/ssl.h".
> >
> > I just figured it would be easier to move over to the CHECK_SSL_TOOLKIT
> > macro than try to maintain two checks that should do the same thing.
>
> No question about that -- it is what I said in the commitlog when I
> created that macro. The point is that we have to get Ben Laurie to
> check if the macro is sufficient for mod_tls, as it was specifically
> written for the very latest version of openssl (I do not know why
> mod_ssl depends on that version) and I only tested it with mod_ssl.
The latest version of OpenSSL is pretty much a requirement for security
reasons, which is why...
> I would prefer a real autoconf macro that actually checks for the
> feature needed by our use of SSL.
...is not really the way to go (at least at this point).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
