You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by mt...@apache.org on 2005/05/23 13:43:36 UTC
cvs commit: jakarta-tomcat-connectors/jni/native/build tcnative.m4
mturk 2005/05/23 04:43:36
Modified: jni/native Makefile.in configure.in
jni/native/build tcnative.m4
Log:
Add openssl detection for unix build.
Revision Changes Path
1.3 +2 -3 jakarta-tomcat-connectors/jni/native/Makefile.in
Index: Makefile.in
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/Makefile.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Makefile.in 17 Jan 2005 07:17:06 -0000 1.2
+++ Makefile.in 23 May 2005 11:43:36 -0000 1.3
@@ -1,7 +1,6 @@
#
# Top-level Makefile for TCNATIVE
#
-CPP = @CPP@
# gets substituted into some targets
TCNATIVE_MAJOR_VERSION=@TCNATIVE_MAJOR_VERSION@
@@ -10,7 +9,7 @@
srcdir = @srcdir@
VPATH = @srcdir@
-INCLUDES = @APR_INCLUDES@ @TCNATIVE_INCLUDES@ @TCNATIVE_PRIV_INCLUDES@
+INCLUDES = @SSL_CFLAGS@ @APR_INCLUDES@ @TCNATIVE_INCLUDES@ @TCNATIVE_PRIV_INCLUDES@
TCNATIVE_LDFLAGS = @TCNATIVE_LDFLAGS@
TCNATIVE_LIBS = @TCNATIVE_LIBS@
@@ -56,7 +55,7 @@
$(LIBTOOL) --mode=install $(INSTALL) -m 755 $(TARGET_LIB) $(DESTDIR)$(libdir)
$(TARGET_LIB): $(OBJECTS)
- $(LINK) @lib_target@ @TCNATIVE_LIBS@
+ $(LINK) @lib_target@ @TCNATIVE_LIBS@ @SSL_LIBS@
check: $(TARGET_LIB)
(cd test && $(MAKE) check)
1.2 +5 -2 jakarta-tomcat-connectors/jni/native/configure.in
Index: configure.in
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/configure.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- configure.in 14 Jan 2005 13:49:25 -0000 1.1
+++ configure.in 23 May 2005 11:43:36 -0000 1.2
@@ -30,9 +30,7 @@
fi
AC_SUBST(TCN_CONFIG_LOCATION)
-
AC_CANONICAL_SYSTEM
-
AC_PROG_INSTALL
dnl
@@ -100,6 +98,11 @@
APR_ADDTO(TCNATIVE_PRIV_INCLUDES,[-I$JAVA_HOME/include])
APR_ADDTO(TCNATIVE_PRIV_INCLUDES,[-I$JAVA_HOME/include/$JAVA_OS])
+dnl
+dnl Detect openssl toolkit installation
+dnl
+TCN_CHECK_SSL_TOOLKIT
+
so_ext=$APR_SO_EXT
lib_target=$APR_LIB_TARGET
AC_SUBST(so_ext)
1.2 +132 -0 jakarta-tomcat-connectors/jni/native/build/tcnative.m4
Index: tcnative.m4
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/build/tcnative.m4,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- tcnative.m4 14 Jan 2005 13:47:06 -0000 1.1
+++ tcnative.m4 23 May 2005 11:43:36 -0000 1.2
@@ -194,3 +194,135 @@
fi
])
])
+
+dnl TCN_HELP_STRING(LHS, RHS)
+dnl Autoconf 2.50 can not handle substr correctly. It does have
+dnl AC_HELP_STRING, so let's try to call it if we can.
+dnl Note: this define must be on one line so that it can be properly returned
+dnl as the help string.
+AC_DEFUN(TCN_HELP_STRING,[ifelse(regexp(AC_ACVERSION, 2\.1), -1, AC_HELP_STRING($1,$2),[ ]$1 substr([ ],len($1))$2)])dnl
+
+dnl
+dnl TCN_CHECK_SSL_TOOLKIT
+dnl
+dnl Configure for the detected openssl toolkit installation, giving
+dnl preference to "--with-ssl=<path>" if it was specified.
+dnl
+AC_DEFUN(TCN_CHECK_SSL_TOOLKIT,[
+ dnl initialise the variables we use
+ tcn_ssltk_base=""
+ tcn_ssltk_inc=""
+ tcn_ssltk_lib=""
+ tcn_ssltk_type=""
+ AC_ARG_WITH(ssl, APACHE_HELP_STRING(--with-ssl=DIR,OpenSSL SSL/TLS toolkit), [
+ dnl If --with-ssl specifies a directory, we use that directory or fail
+ if test "x$withval" != "xyes" -a "x$withval" != "x"; then
+ dnl This ensures $withval is actually a directory and that it is absolute
+ tcn_ssltk_base="`cd $withval ; pwd`"
+ fi
+ ])
+ if test "x$tcn_ssltk_base" = "x"; then
+ AC_MSG_RESULT(none)
+ else
+ AC_MSG_RESULT($tcn_ssltk_base)
+ fi
+
+ dnl Run header and version checks
+ saved_CPPFLAGS=$CPPFLAGS
+ if test "x$tcn_ssltk_base" != "x"; then
+ tcn_ssltk_inc="-I$tcn_ssltk_base/include"
+ CPPFLAGS="$CPPFLAGS $tcn_ssltk_inc"
+ fi
+
+ if test "x$tcn_ssltk_type" = "x"; then
+ AC_MSG_CHECKING(for OpenSSL version)
+ dnl First check for manditory headers
+ AC_CHECK_HEADERS([openssl/opensslv.h openssl/ssl.h], [tcn_ssltk_type="openssl"], [])
+ if test "$tcn_ssltk_type" = "openssl"; then
+ dnl so it's OpenSSL - test for a good version
+ AC_TRY_COMPILE([#include <openssl/opensslv.h>],[
+#if !defined(OPENSSL_VERSION_NUMBER)
+#error "Missing openssl version"
+#endif
+#if (OPENSSL_VERSION_NUMBER < 0x009060af) \
+ || ((OPENSSL_VERSION_NUMBER > 0x00907000) && (OPENSSL_VERSION_NUMBER < 0x0090702f))
+#error "Insecure openssl version " OPENSSL_VERSION_TEXT
+#endif],
+ [AC_MSG_RESULT(OK)],
+ [dnl Replace this with OPENSSL_VERSION_TEXT from opensslv.h?
+ AC_MSG_RESULT([not encouraging])
+ echo "WARNING: OpenSSL version may contain security vulnerabilities!"
+ echo " Ensure the latest security patches have been applied!"
+ ])
+ dnl Look for additional, possibly missing headers
+ AC_CHECK_HEADERS(openssl/engine.h)
+ if test -n "$PKGCONFIG"; then
+ $PKGCONFIG openssl
+ if test $? -eq 0; then
+ tcn_ssltk_inc="$tcn_ssltk_inc `$PKGCONFIG --cflags-only-I openssl`"
+ CPPFLAGS="$CPPFLAGS $tcn_ssltk_inc"
+ fi
+ fi
+ else
+ AC_MSG_RESULT([no OpenSSL headers found])
+ fi
+ fi
+ if test "$tcn_ssltk_type" != "openssl"; then
+ AC_MSG_RESULT([no OpenSSL headers found])
+ fi
+ dnl restore
+ CPPFLAGS=$saved_CPPFLAGS
+ if test "x$tcn_ssltk_type" = "x"; then
+ AC_MSG_ERROR([...No recognized SSL/TLS toolkit detected])
+ fi
+
+ dnl Run library and function checks
+ saved_LDFLAGS=$LDFLAGS
+ saved_LIBS=$LIBS
+ if test "x$tcn_ssltk_base" != "x"; then
+ if test -d "$tcn_ssltk_base/lib"; then
+ ap_ssltk_lib="$tcn_ssltk_base/lib"
+ else
+ ap_ssltk_lib="$tcn_ssltk_base"
+ fi
+ LDFLAGS="$LDFLAGS -L$tcn_ssltk_lib"
+ fi
+ dnl make sure "other" flags are available so libcrypto and libssl can link
+ LIBS="$LIBS `$apr_config --libs`"
+ liberrors=""
+ if test "$tcn_ssltk_type" = "openssl"; then
+ AC_CHECK_LIB(crypto, SSLeay_version, [], [liberrors="yes"])
+ AC_CHECK_LIB(ssl, SSL_CTX_new, [], [liberrors="yes"])
+ AC_CHECK_FUNCS(ENGINE_init)
+ AC_CHECK_FUNCS(ENGINE_load_builtin_engines)
+ else
+ AC_CHECK_LIB(sslc, SSLC_library_version, [], [liberrors="yes"])
+ AC_CHECK_LIB(sslc, SSL_CTX_new, [], [liberrors="yes"])
+ AC_CHECK_FUNCS(SSL_set_state)
+ fi
+ AC_CHECK_FUNCS(SSL_set_cert_store)
+ dnl restore
+ LDFLAGS=$saved_LDFLAGS
+ LIBS=$saved_LIBS
+ if test "x$liberrors" != "x"; then
+ AC_MSG_ERROR([... Error, SSL/TLS libraries were missing or unusable])
+ fi
+
+ dnl (b) hook up include paths
+ if test "x$tcn_ssltk_inc" != "x"; then
+ APR_ADDTO(TCNATIVE_PRIV_INCLUDES, [$tcn_ssltk_inc])
+ fi
+ dnl (c) hook up linker paths
+ if test "x$tcn_ssltk_lib" != "x"; then
+ APR_ADDTO(LDFLAGS, ["-L$tcn_ssltk_lib"])
+ fi
+
+ dnl Adjust configuration based on what we found above.
+ dnl (a) define preprocessor symbols
+ if test "$tcn_ssltk_type" = "openssl"; then
+ APR_SETVAR(SSL_LIBS, [-lssl -lcrypto])
+ APR_ADDTO(SSL_CFLAGS, [-DHAVE_OPENSSL])
+ fi
+ AC_SUBST(SSL_LIBS)
+ AC_SUBST(SSL_CFLAGS)
+])
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org