contrib/ntp/sntp/m4/ntp_openssl.m4

   1 dnl ####################################################################
   2 dnl OpenSSL support shared by top-level and sntp/configure.ac
   3 dnl
   4 dnl Provides command-line option --with-crypto, as well as deprecated
   5 dnl options --with-openssl-incdir, --with-openssl-libdir, and the
   6 dnl latter's suboption --with-rpath.
   7 dnl
   8 dnl Specifying --with-openssl-libdir or --with-openssl-incdir causes any
   9 dnl pkg-config openssl information to be ignored in favor of the legacy
  10 dnl manual search for directories and specified library names.
  11 dnl
  12 dnl Output AC_DEFINEs (for config.h)
  13 dnl     OPENSSL         defined only if using OpenSSL
  14 dnl
  15 dnl Output variables:
  16 dnl     ntp_openssl     yes if using OpenSSL, no otherwise
  17 dnl
  18 dnl Output substitutions:
  19 dnl     CFLAGS_NTP      OpenSSL-specific flags added as needed, and
  20 dnl                     -Wstrict-prototypes for gcc if it does not
  21 dnl                     trigger a flood of warnings for each file
  22 dnl                     including OpenSSL headers.
  23 dnl     CPPFLAGS_NTP    OpenSSL -Iincludedir flags added as needed.
  24 dnl     LDADD_NTP       OpenSSL -L and -l flags added as needed.
  25 dnl     LDFLAGS_NTP     Other OpenSSL link flags added as needed.
  26 dnl
  27 dnl ####################################################################
  28 AC_DEFUN([NTP_OPENSSL], [
  29 AC_REQUIRE([NTP_PKG_CONFIG])dnl
  30 AC_REQUIRE([NTP_VER_SUFFIX])dnl
  31
  32 AC_ARG_WITH(
  33     [crypto],
  34     [AS_HELP_STRING(
  35         [--with-crypto],
  36         [+ =openssl,libcrypto]
  37     )]
  38 )
  39 AC_ARG_WITH(
  40     [openssl-libdir],
  41     [AS_HELP_STRING(
  42         [--with-openssl-libdir],
  43         [+ =/something/reasonable]
  44     )]
  45 )
  46 AC_ARG_WITH(
  47     [openssl-incdir],
  48     [AS_HELP_STRING(
  49         [--with-openssl-incdir],
  50         [+ =/something/reasonable]
  51     )]
  52 )
  53 AC_ARG_WITH(
  54     [rpath],
  55     [AS_HELP_STRING(
  56         [--without-rpath],
  57         [s Disable auto-added -R linker paths]
  58     )]
  59 )
  60
  61 ntp_openssl=no
  62 ntp_openssl_from_pkg_config=no
  63
  64 with_crypto=${with_crypto:-openssl,libcrypto}
  65 case "$with_crypto" in
  66  yes)
  67     with_crypto=openssl,libcrypto
  68 esac
  69
  70 dnl AC_MSG_NOTICE(['%with_crypto:%{PKG_CONFIG:+notempty}:%{with_openssl_libdir-notgiven}:%{with_openssl_incdir-notgiven}'])
  71 dnl str="$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}"
  72 dnl AC_MSG_NOTICE([$str])
  73
  74 case "$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}" in
  75  no:*) ;;
  76  *:notempty:notgiven:notgiven)
  77     for pkg in `echo $with_crypto | sed -e 's/,/ /'`; do
  78         AC_MSG_CHECKING([pkg-config for $pkg])
  79         if $PKG_CONFIG --exists $pkg ; then
  80             CPPFLAGS_NTP="$CPPFLAGS_NTP `$PKG_CONFIG --cflags-only-I $pkg`"
  81             CFLAGS_NTP="$CFLAGS_NTP `$PKG_CONFIG --cflags-only-other $pkg`"
  82             LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-L $pkg`"
  83             LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-l --static $pkg`"
  84             LDFLAGS_NTP="$LDFLAGS_NTP `$PKG_CONFIG --libs-only-other $pkg`"
  85             VER_SUFFIX=o
  86             ntp_openssl=yes
  87             ntp_openssl_from_pkg_config=yes
  88             ntp_openssl_version="`$PKG_CONFIG --modversion $pkg`"
  89             case "$ntp_openssl_version" in
  90              *.*) ;;
  91              *) ntp_openssl_version='(unknown)' ;;
  92             esac
  93             AC_MSG_RESULT([yes, version $ntp_openssl_version])
  94
  95             break
  96         fi
  97         AC_MSG_RESULT([no])
  98     done
  99 esac
 100 dnl AC_MSG_NOTICE([OpenSSL Phase I checks:])
 101 dnl AC_MSG_NOTICE([CPPFLAGS_NTP: $CPPFLAGS_NTP])
 102 dnl AC_MSG_NOTICE([CFLAGS_NTP: $CFLAGS_NTP])
 103 dnl AC_MSG_NOTICE([LDADD_NTP: $LDADD_NTP])
 104 dnl AC_MSG_NOTICE([LDFLAGS_NTP: $LDFLAGS_NTP])
 105 case "$with_crypto:$ntp_openssl" in
 106  no:*) ;;
 107  *:no)
 108     need_dash_r=
 109     need_dash_Wlrpath=
 110     case "${with_rpath-notgiven}" in
 111      yes)
 112         # Lame - what to do if we need -Wl... but not -R?
 113         need_dash_r=1
 114         ;;
 115      notgiven)
 116         case "$host" in
 117          *-*-linux*)
 118             # This may really only be true for gcc
 119             need_dash_Wlrpath=1
 120             ;;
 121          *-*-netbsd*)
 122             need_dash_r=1
 123             ;;
 124          *-*-solaris*)
 125             need_dash_r=1
 126             ;;
 127         esac
 128         ;;
 129     esac
 130
 131     AC_MSG_CHECKING([for openssl library directory])
 132     with_openssl_libdir=${with_openssl_libdir-notgiven}
 133     case "$with_openssl_libdir" in
 134      notgiven)
 135         case "$build" in
 136          $host)
 137             with_openssl_libdir=default
 138             ;;
 139          *)
 140             with_openssl_libdir=no
 141             ;;
 142         esac
 143     esac
 144     case "$with_openssl_libdir" in
 145      default)
 146         # Look in:
 147         with_openssl_libdir="/usr/lib /usr/lib/openssl /usr/sfw/lib"
 148         with_openssl_libdir="$with_openssl_libdir /usr/local/lib"
 149         with_openssl_libdir="$with_openssl_libdir /usr/local/ssl/lib /lib"
 150     esac
 151     case "$with_openssl_libdir" in
 152      no)
 153         ;;
 154      *) # Look for libcrypto.a and libssl.a:
 155         for i in $with_openssl_libdir no
 156         do
 157             case "$host" in
 158              *-*-darwin*)
 159                 test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break
 160                 ;;
 161              *)
 162                 test -f $i/libcrypto.so -a -f $i/libssl.so && break
 163                 test -f $i/libcrypto.a -a -f $i/libssl.a && break
 164                 ;;
 165             esac
 166         done
 167         openssl_libdir=$i
 168         ;;
 169     esac
 170     AC_MSG_RESULT([$openssl_libdir])
 171     case "$openssl_libdir" in
 172      no)
 173         openssl_libdir=
 174         AC_MSG_WARN([libcrypto and libssl not found in any of $with_openssl_libdir])
 175     esac
 176
 177     AC_MSG_CHECKING([for openssl include directory])
 178     with_openssl_incdir=${with_openssl_incdir-notgiven}
 179     case "$with_openssl_incdir" in
 180      notgiven)
 181         # Look in:
 182         with_openssl_incdir="/usr/include /usr/sfw/include"
 183         with_openssl_incdir="$with_openssl_incdir /usr/local/include"
 184         with_openssl_incdir="$with_openssl_incdir /usr/local/ssl/include"
 185     esac
 186     case "$with_openssl_incdir" in
 187      no)
 188         ;;
 189      *) # look for openssl/evp.h:
 190         for i in $with_openssl_incdir no
 191         do
 192             test -f $i/openssl/evp.h && break
 193         done
 194         openssl_incdir=$i
 195         ;;
 196     esac
 197     AS_UNSET([i])
 198     AC_MSG_RESULT([$openssl_incdir])
 199     case "$openssl_incdir" in
 200      no)
 201         openssl_incdir=
 202         AC_MSG_WARN([did not find openssl/evp.h in any of $with_openssl_incdir])
 203     esac
 204     if test -z "$openssl_libdir" -o -z "$openssl_incdir"
 205     then
 206         ntp_openssl=no
 207     else
 208         ntp_openssl=yes
 209         VER_SUFFIX=o
 210     fi
 211     case "$ntp_openssl" in
 212      yes)
 213         # We have OpenSSL inc/lib dirs - use them.
 214         case "$openssl_incdir" in
 215          /usr/include)
 216             ;;
 217          *)
 218             CPPFLAGS_NTP="$CPPFLAGS_NTP -I$openssl_incdir"
 219             ;;
 220         esac
 221         case "$openssl_libdir" in
 222          /usr/lib)
 223             ;;
 224          *)
 225             LDADD_NTP="$LDADD_NTP -L$openssl_libdir"
 226             case "$need_dash_r" in
 227              1)
 228                 LDFLAGS_NTP="$LDFLAGS_NTP -R$openssl_libdir"
 229             esac
 230             case "$need_dash_Wlrpath" in
 231              1)
 232                 LDFLAGS_NTP="$LDFLAGS_NTP -Wl,-rpath,$openssl_libdir"
 233             esac
 234             ;;
 235         esac
 236         LDADD_NTP="$LDADD_NTP -lcrypto"
 237     esac
 238 esac
 239
 240 AC_MSG_CHECKING([if we will use crypto])
 241 AC_MSG_RESULT([$ntp_openssl])
 242
 243 case "$ntp_openssl" in
 244  yes)
 245     AC_DEFINE([OPENSSL], [], [Use OpenSSL?])
 246     case "$VER_SUFFIX" in
 247      *o*) ;;
 248      *) AC_MSG_ERROR([OPENSSL set but no 'o' in VER_SUFFIX!]) ;;
 249     esac
 250     ;;
 251 esac
 252
 253 NTPO_SAVED_CPPFLAGS="$CPPFLAGS"
 254 CPPFLAGS="$CPPFLAGS $CPPFLAGS_NTP"
 255 NTPO_SAVED_LIBS="$LIBS"
 256
 257 #
 258 # check for linking with -lcrypto failure, and try -lcrypto -lz.
 259 # Helps m68k-atari-mint
 260 #
 261 case "$ntp_openssl:$ntp_openssl_from_pkg_config" in
 262  yes:no)
 263     LIBS="$NTPO_SAVED_LIBS $LDADD_NTP"
 264     AC_CACHE_CHECK(
 265         [if linking with -lcrypto alone works],
 266         [ntp_cv_bare_lcrypto],
 267         [AC_LINK_IFELSE(
 268             [AC_LANG_PROGRAM(
 269                 [[
 270                     #include "openssl/err.h"
 271                     #include "openssl/evp.h"
 272                 ]],
 273                 [[
 274                     ERR_load_crypto_strings();
 275                     OpenSSL_add_all_algorithms();
 276                 ]]
 277             )],
 278             [ntp_cv_bare_lcrypto=yes],
 279             [ntp_cv_bare_lcrypto=no]
 280         )]
 281     )
 282     case "$ntp_cv_bare_lcrypto" in
 283      no)
 284         LIBS="$NTPO_SAVED_LIBS $LDADD_NTP -lz"
 285         AC_CACHE_CHECK(
 286             [if linking with -lcrypto -lz works],
 287             [ntp_cv_lcrypto_lz],
 288             [AC_LINK_IFELSE(
 289                 [AC_LANG_PROGRAM(
 290                     [[
 291                         #include "openssl/err.h"
 292                         #include "openssl/evp.h"
 293                     ]],
 294                     [[
 295                         ERR_load_crypto_strings();
 296                         OpenSSL_add_all_algorithms();
 297                     ]]
 298                 )],
 299                 [ntp_cv_lcrypto_lz=yes],
 300                 [ntp_cv_lcrypto_lz=no]
 301             )]
 302         )
 303         case "$ntp_cv_lcrypto_lz" in
 304          yes)
 305              LDADD_NTP="$LDADD_NTP -lz"
 306         esac
 307     esac
 308 esac
 309
 310 #
 311 # Older OpenSSL headers have a number of callback prototypes inside
 312 # other function prototypes which trigger copious warnings with gcc's
 313 # -Wstrict-prototypes, which is included in -Wall.
 314 #
 315 # An example:
 316 #
 317 # int i2d_RSA_NET(const RSA *a, unsigned char **pp,
 318 #                 int (*cb)(), int sgckey);
 319 #                 ^^^^^^^^^^^
 320 #
 321 #
 322 #
 323 openssl_triggers_warnings=unknown
 324 NTPO_SAVED_CFLAGS="$CFLAGS"
 325
 326 case "$ntp_openssl:$GCC" in
 327  yes:yes)
 328     CFLAGS="$CFLAGS -Werror"
 329     AC_COMPILE_IFELSE(
 330         [AC_LANG_PROGRAM(
 331             [[
 332             ]],
 333             [[
 334                 /* see if -Werror breaks gcc */
 335             ]]
 336         )],
 337         [gcc_handles_Werror=yes],
 338         [gcc_handles_Werror=no]
 339     )
 340     case "$gcc_handles_Werror" in
 341      no)
 342         # if this gcc doesn't do -Werror go ahead and use
 343         # -Wstrict-prototypes.
 344         openssl_triggers_warnings=yes
 345         ;;
 346      yes)
 347         CFLAGS="$CFLAGS -Wstrict-prototypes"
 348         AC_COMPILE_IFELSE(
 349             [AC_LANG_PROGRAM(
 350                 [[
 351                     #include "openssl/asn1_mac.h"
 352                     #include "openssl/bn.h"
 353                     #include "openssl/err.h"
 354                     #include "openssl/evp.h"
 355                     #include "openssl/pem.h"
 356                     #include "openssl/rand.h"
 357                     #include "openssl/x509v3.h"
 358                 ]],
 359                 [[
 360                     /* empty body */
 361                 ]]
 362             )],
 363             [openssl_triggers_warnings=no],
 364             [openssl_triggers_warnings=yes]
 365         )
 366     esac
 367     case "$openssl_triggers_warnings" in
 368      yes)
 369         CFLAGS_NTP="$CFLAGS_NTP -Wno-strict-prototypes"
 370         ;;
 371      *)
 372         CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes"
 373     esac
 374     ;;
 375  no:yes)
 376     # gcc without OpenSSL
 377     CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes"
 378 esac
 379
 380 # Because we don't want -Werror for the EVP_MD_do_all_sorted check
 381 CFLAGS="$NTPO_SAVED_CFLAGS"
 382
 383 case "$ntp_openssl" in
 384  yes)
 385     LIBS="$NTPO_SAVED_LIBS $LDADD_NTP"
 386     AC_CHECK_FUNCS([EVP_MD_do_all_sorted])
 387     ;;
 388 esac
 389
 390 dnl AC_MSG_NOTICE([OpenSSL final checks:])
 391 dnl AC_MSG_NOTICE([CPPFLAGS_NTP: $CPPFLAGS_NTP])
 392 dnl AC_MSG_NOTICE([CFLAGS_NTP: $CFLAGS_NTP])
 393 dnl AC_MSG_NOTICE([LDADD_NTP: $LDADD_NTP])
 394 dnl AC_MSG_NOTICE([LDFLAGS_NTP: $LDFLAGS_NTP])
 395
 396 CPPFLAGS="$NTPO_SAVED_CPPFLAGS"
 397 LIBS="$NTPO_SAVED_LIBS"
 398 AS_UNSET([NTPO_SAVED_CFLAGS])
 399 AS_UNSET([NTPO_SAVED_CPPFLAGS])
 400 AS_UNSET([NTPO_SAVED_LIBS])
 401 AS_UNSET([openssl_triggers_warnings])
 402 AS_UNSET([ntp_openssl_from_pkg_config])
 403 ])
 404 dnl ======================================================================