contrib/ntp/sntp/m4/ntp_openssl.m4

   1 dnl ####################################################################
   2 dnl OpenSSL support shared by top-level and sntp/configure.ac
   3 dnl
   4 dnl Provides command-line option --with-crypto, as well as deprecated
   5 dnl options --with-openssl-incdir, --with-openssl-libdir, and the
   6 dnl latter's suboption --with-rpath.
   7 dnl
   8 dnl Specifying --with-openssl-libdir or --with-openssl-incdir causes any
   9 dnl pkg-config openssl information to be ignored in favor of the legacy
  10 dnl manual search for directories and specified library names.
  11 dnl
  12 dnl Output AC_DEFINEs (for config.h)
  13 dnl     OPENSSL         defined only if using OpenSSL
  14 dnl
  15 dnl Output variables:
  16 dnl     ntp_openssl     yes if using OpenSSL, no otherwise
  17 dnl
  18 dnl Output substitutions:
  19 dnl     CFLAGS_NTP      OpenSSL-specific flags added as needed, and
  20 dnl                     -Wstrict-prototypes for gcc if it does not
  21 dnl                     trigger a flood of warnings for each file
  22 dnl                     including OpenSSL headers.
  23 dnl     CPPFLAGS_NTP    OpenSSL -Iincludedir flags added as needed.
  24 dnl     LDADD_NTP       OpenSSL -L and -l flags added as needed.
  25 dnl     LDFLAGS_NTP     Other OpenSSL link flags added as needed.
  26 dnl
  27 dnl ####################################################################
  28 AC_DEFUN([NTP_OPENSSL], [
  29 AC_REQUIRE([NTP_PKG_CONFIG])dnl
  30 AC_REQUIRE([NTP_VER_SUFFIX])dnl
  31
  32 AC_ARG_WITH(
  33     [crypto],
  34     [AS_HELP_STRING(
  35         [--with-crypto],
  36         [+ =openssl,libcrypto]
  37     )]
  38 )
  39 AC_ARG_WITH(
  40     [openssl-libdir],
  41     [AS_HELP_STRING(
  42         [--with-openssl-libdir],
  43         [+ =/something/reasonable]
  44     )]
  45 )
  46 AC_ARG_WITH(
  47     [openssl-incdir],
  48     [AS_HELP_STRING(
  49         [--with-openssl-incdir],
  50         [+ =/something/reasonable]
  51     )]
  52 )
  53 AC_ARG_WITH(
  54     [rpath],
  55     [AS_HELP_STRING(
  56         [--without-rpath],
  57         [s Disable auto-added -R linker paths]
  58     )]
  59 )
  60
  61 ntp_openssl=no
  62 ntp_openssl_from_pkg_config=no
  63
  64 with_crypto=${with_crypto:-openssl,libcrypto}
  65 case "$with_crypto" in
  66  yes)
  67     with_crypto=openssl,libcrypto
  68 esac
  69
  70 dnl AC_MSG_NOTICE(['%with_crypto:%{PKG_CONFIG:+notempty}:%{with_openssl_libdir-notgiven}:%{with_openssl_incdir-notgiven}'])
  71 dnl str="$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}"
  72 dnl AC_MSG_NOTICE([$str])
  73
  74 case "$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}" in
  75  no:*) ;;
  76  *:notempty:notgiven:notgiven)
  77     for pkg in `echo $with_crypto | sed -e 's/,/ /'`; do
  78         AC_MSG_CHECKING([pkg-config for $pkg])
  79         if $PKG_CONFIG --exists $pkg ; then
  80             CPPFLAGS_NTP="$CPPFLAGS_NTP `$PKG_CONFIG --cflags-only-I $pkg`"
  81             CFLAGS_NTP="$CFLAGS_NTP `$PKG_CONFIG --cflags-only-other $pkg`"
  82             LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-L $pkg`"
  83             LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-l --static $pkg`"
  84             LDFLAGS_NTP="$LDFLAGS_NTP `$PKG_CONFIG --libs-only-other $pkg`"
  85             VER_SUFFIX=o
  86             ntp_openssl=yes
  87             ntp_openssl_from_pkg_config=yes
  88             AC_MSG_RESULT([yes])
  89
  90             break
  91         fi
  92         AC_MSG_RESULT([no])
  93     done
  94 esac
  95 dnl AC_MSG_NOTICE([OpenSSL Phase I checks:])
  96 dnl AC_MSG_NOTICE([CPPFLAGS_NTP: $CPPFLAGS_NTP])
  97 dnl AC_MSG_NOTICE([CFLAGS_NTP: $CFLAGS_NTP])
  98 dnl AC_MSG_NOTICE([LDADD_NTP: $LDADD_NTP])
  99 dnl AC_MSG_NOTICE([LDFLAGS_NTP: $LDFLAGS_NTP])
 100 case "$with_crypto:$ntp_openssl" in
 101  no:*) ;;
 102  *:no)
 103     need_dash_r=
 104     need_dash_Wlrpath=
 105     case "${with_rpath-notgiven}" in
 106      yes)
 107         # Lame - what to do if we need -Wl... but not -R?
 108         need_dash_r=1
 109         ;;
 110      notgiven)
 111         case "$host" in
 112          *-*-linux*)
 113             # This may really only be true for gcc
 114             need_dash_Wlrpath=1
 115             ;;
 116          *-*-netbsd*)
 117             need_dash_r=1
 118             ;;
 119          *-*-solaris*)
 120             need_dash_r=1
 121             ;;
 122         esac
 123         ;;
 124     esac
 125
 126     AC_MSG_CHECKING([for openssl library directory])
 127     with_openssl_libdir=${with_openssl_libdir-notgiven}
 128     case "$with_openssl_libdir" in
 129      notgiven)
 130         case "$build" in
 131          $host)
 132             with_openssl_libdir=default
 133             ;;
 134          *)
 135             with_openssl_libdir=no
 136             ;;
 137         esac
 138     esac
 139     case "$with_openssl_libdir" in
 140      default)
 141         # Look in:
 142         with_openssl_libdir="/usr/lib /usr/lib/openssl /usr/sfw/lib"
 143         with_openssl_libdir="$with_openssl_libdir /usr/local/lib"
 144         with_openssl_libdir="$with_openssl_libdir /usr/local/ssl/lib /lib"
 145     esac
 146     case "$with_openssl_libdir" in
 147      no)
 148         ;;
 149      *) # Look for libcrypto.a and libssl.a:
 150         for i in $with_openssl_libdir no
 151         do
 152             case "$host" in
 153              *-*-darwin*)
 154                 test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break
 155                 ;;
 156              *)
 157                 test -f $i/libcrypto.so -a -f $i/libssl.so && break
 158                 test -f $i/libcrypto.a -a -f $i/libssl.a && break
 159                 ;;
 160             esac
 161         done
 162         openssl_libdir=$i
 163         ;;
 164     esac
 165     AC_MSG_RESULT([$openssl_libdir])
 166     case "$openssl_libdir" in
 167      no)
 168         openssl_libdir=
 169         AC_MSG_WARN([libcrypto and libssl not found in any of $with_openssl_libdir])
 170     esac
 171
 172     AC_MSG_CHECKING([for openssl include directory])
 173     with_openssl_incdir=${with_openssl_incdir-notgiven}
 174     case "$with_openssl_incdir" in
 175      notgiven)
 176         # Look in:
 177         with_openssl_incdir="/usr/include /usr/sfw/include"
 178         with_openssl_incdir="$with_openssl_incdir /usr/local/include"
 179         with_openssl_incdir="$with_openssl_incdir /usr/local/ssl/include"
 180     esac
 181     case "$with_openssl_incdir" in
 182      no)
 183         ;;
 184      *) # look for openssl/evp.h:
 185         for i in $with_openssl_incdir no
 186         do
 187             test -f $i/openssl/evp.h && break
 188         done
 189         openssl_incdir=$i
 190         ;;
 191     esac
 192     AS_UNSET([i])
 193     AC_MSG_RESULT([$openssl_incdir])
 194     case "$openssl_incdir" in
 195      no)
 196         openssl_incdir=
 197         AC_MSG_WARN([did not find openssl/evp.h in any of $with_openssl_incdir])
 198     esac
 199     if test -z "$openssl_libdir" -o -z "$openssl_incdir"
 200     then
 201         ntp_openssl=no
 202     else
 203         ntp_openssl=yes
 204         VER_SUFFIX=o
 205     fi
 206     case "$ntp_openssl" in
 207      yes)
 208         # We have OpenSSL inc/lib dirs - use them.
 209         case "$openssl_incdir" in
 210          /usr/include)
 211             ;;
 212          *)
 213             CPPFLAGS_NTP="$CPPFLAGS_NTP -I$openssl_incdir"
 214             ;;
 215         esac
 216         case "$openssl_libdir" in
 217          /usr/lib)
 218             ;;
 219          *)
 220             LDADD_NTP="$LDADD_NTP -L$openssl_libdir"
 221             case "$need_dash_r" in
 222              1)
 223                 LDFLAGS_NTP="$LDFLAGS_NTP -R$openssl_libdir"
 224             esac
 225             case "$need_dash_Wlrpath" in
 226              1)
 227                 LDFLAGS_NTP="$LDFLAGS_NTP -Wl,-rpath,$openssl_libdir"
 228             esac
 229             ;;
 230         esac
 231         LDADD_NTP="$LDADD_NTP -lcrypto"
 232     esac
 233 esac
 234
 235 AC_MSG_CHECKING([if we will use crypto])
 236 AC_MSG_RESULT([$ntp_openssl])
 237
 238 case "$ntp_openssl" in
 239  yes)
 240     AC_DEFINE([OPENSSL], [], [Use OpenSSL?])
 241     case "$VER_SUFFIX" in
 242      *o*) ;;
 243      *) AC_MSG_ERROR([OPENSSL set but no 'o' in VER_SUFFIX!]) ;;
 244     esac
 245     ;;
 246 esac
 247
 248 NTPO_SAVED_CPPFLAGS="$CPPFLAGS"
 249 CPPFLAGS="$CPPFLAGS $CPPFLAGS_NTP"
 250 NTPO_SAVED_LIBS="$LIBS"
 251
 252 #
 253 # check for linking with -lcrypto failure, and try -lcrypto -lz.
 254 # Helps m68k-atari-mint
 255 #
 256 case "$ntp_openssl:$ntp_openssl_from_pkg_config" in
 257  yes:no)
 258     LIBS="$NTPO_SAVED_LIBS $LDADD_NTP"
 259     AC_CACHE_CHECK(
 260         [if linking with -lcrypto alone works],
 261         [ntp_cv_bare_lcrypto],
 262         [AC_LINK_IFELSE(
 263             [AC_LANG_PROGRAM(
 264                 [[
 265                     #include "openssl/err.h"
 266                     #include "openssl/evp.h"
 267                 ]],
 268                 [[
 269                     ERR_load_crypto_strings();
 270                     OpenSSL_add_all_algorithms();
 271                 ]]
 272             )],
 273             [ntp_cv_bare_lcrypto=yes],
 274             [ntp_cv_bare_lcrypto=no]
 275         )]
 276     )
 277     case "$ntp_cv_bare_lcrypto" in
 278      no)
 279         LIBS="$NTPO_SAVED_LIBS $LDADD_NTP -lz"
 280         AC_CACHE_CHECK(
 281             [if linking with -lcrypto -lz works],
 282             [ntp_cv_lcrypto_lz],
 283             [AC_LINK_IFELSE(
 284                 [AC_LANG_PROGRAM(
 285                     [[
 286                         #include "openssl/err.h"
 287                         #include "openssl/evp.h"
 288                     ]],
 289                     [[
 290                         ERR_load_crypto_strings();
 291                         OpenSSL_add_all_algorithms();
 292                     ]]
 293                 )],
 294                 [ntp_cv_lcrypto_lz=yes],
 295                 [ntp_cv_lcrypto_lz=no]
 296             )]
 297         )
 298         case "$ntp_cv_lcrypto_lz" in
 299          yes)
 300              LDADD_NTP="$LDADD_NTP -lz"
 301         esac
 302     esac
 303 esac
 304
 305 #
 306 # Older OpenSSL headers have a number of callback prototypes inside
 307 # other function prototypes which trigger copious warnings with gcc's
 308 # -Wstrict-prototypes, which is included in -Wall.
 309 #
 310 # An example:
 311 #
 312 # int i2d_RSA_NET(const RSA *a, unsigned char **pp,
 313 #                 int (*cb)(), int sgckey);
 314 #                 ^^^^^^^^^^^
 315 #
 316 #
 317 #
 318 openssl_triggers_warnings=unknown
 319 NTPO_SAVED_CFLAGS="$CFLAGS"
 320
 321 case "$ntp_openssl:$GCC" in
 322  yes:yes)
 323     CFLAGS="$CFLAGS -Werror"
 324     AC_COMPILE_IFELSE(
 325         [AC_LANG_PROGRAM(
 326             [[
 327             ]],
 328             [[
 329                 /* see if -Werror breaks gcc */
 330             ]]
 331         )],
 332         [gcc_handles_Werror=yes],
 333         [gcc_handles_Werror=no]
 334     )
 335     case "$gcc_handles_Werror" in
 336      no)
 337         # if this gcc doesn't do -Werror go ahead and use
 338         # -Wstrict-prototypes.
 339         openssl_triggers_warnings=yes
 340         ;;
 341      yes)
 342         CFLAGS="$CFLAGS -Wstrict-prototypes"
 343         AC_COMPILE_IFELSE(
 344             [AC_LANG_PROGRAM(
 345                 [[
 346                     #include "openssl/asn1_mac.h"
 347                     #include "openssl/bn.h"
 348                     #include "openssl/err.h"
 349                     #include "openssl/evp.h"
 350                     #include "openssl/pem.h"
 351                     #include "openssl/rand.h"
 352                     #include "openssl/x509v3.h"
 353                 ]],
 354                 [[
 355                     /* empty body */
 356                 ]]
 357             )],
 358             [openssl_triggers_warnings=no],
 359             [openssl_triggers_warnings=yes]
 360         )
 361     esac
 362     case "$openssl_triggers_warnings" in
 363      yes)
 364         CFLAGS_NTP="$CFLAGS_NTP -Wno-strict-prototypes"
 365         ;;
 366      *)
 367         CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes"
 368     esac
 369     ;;
 370  no:yes)
 371     # gcc without OpenSSL
 372     CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes"
 373 esac
 374
 375 # Because we don't want -Werror for the EVP_MD_do_all_sorted check
 376 CFLAGS="$NTPO_SAVED_CFLAGS"
 377
 378 case "$ntp_openssl" in
 379  yes)
 380     LIBS="$NTPO_SAVED_LIBS $LDADD_NTP"
 381     AC_CHECK_FUNCS([EVP_MD_do_all_sorted])
 382     ;;
 383 esac
 384
 385 dnl AC_MSG_NOTICE([OpenSSL final checks:])
 386 dnl AC_MSG_NOTICE([CPPFLAGS_NTP: $CPPFLAGS_NTP])
 387 dnl AC_MSG_NOTICE([CFLAGS_NTP: $CFLAGS_NTP])
 388 dnl AC_MSG_NOTICE([LDADD_NTP: $LDADD_NTP])
 389 dnl AC_MSG_NOTICE([LDFLAGS_NTP: $LDFLAGS_NTP])
 390
 391 CPPFLAGS="$NTPO_SAVED_CPPFLAGS"
 392 LIBS="$NTPO_SAVED_LIBS"
 393 AS_UNSET([NTPO_SAVED_CFLAGS])
 394 AS_UNSET([NTPO_SAVED_CPPFLAGS])
 395 AS_UNSET([NTPO_SAVED_LIBS])
 396 AS_UNSET([openssl_triggers_warnings])
 397 AS_UNSET([ntp_openssl_from_pkg_config])
 398 ])
 399 dnl ======================================================================