Commit 039a89c331e9b799 changed the OpenSSL check slightly, but that
broke ./configure on systems which do not install the openssl.pc
pkg-config support file. This is typically an issue on most of the BSD
platforms, where the OpenSSL package from the base repository does not
provide that file.
We should anyway in this case have a better check of OpenSSL version
available. So in the case pkg-config fails, it will run an additional
test looking for the OpenSSL version number in the opensslv.h header
file and check against that version number.
I did consider to rip out the pkg-config test all together, but decided
to let it stay. If pkg-config works, it provides much more details to
the ./configure script than just the version number check - such as
include and library paths if those are outside the default system paths.
If the user adds OPENSSL_CFLAGS or OPENSSL_LIBS to the ./configure
script, the pkg-config will not be run. But this patch ensures that the
OpenSSL version is also checked in this situation.
This patch have been tested on Scientic Linux 7.3 (RHEL clone) and
FreeBSD 10.3-RELEASE-p11.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
configure.ac | 24 +++++++++++++++++++++++-
1 file changed, 23 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index acea060..ffffcc6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -861,12 +861,34 @@ if test "${enable_crypto}" = "yes" -a
"${with_crypto_library}" = "openssl"; then
[OPENSSL],
[libcrypto >= 1.0.1, libssl >= 1.0.1],
[have_openssl="yes"],
- [AC_MSG_ERROR([Minimum supported OpenSSL version is
1.0.1])]
+ [] # If this fails, we will do another test next
)
OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
fi
+ # If pkgconfig check failed, add an additional version check
+ if test "${have_openssl}" != "yes"; then
+ AC_MSG_CHECKING([additionally if OpenSSL is available and version
>= 1.0.1])
+ AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[
+#include <openssl/opensslv.h>
+ ]],
+ [[
+/* Strip out some of the version information we don't care about */
+#define OSSLVER OPENSSL_VERSION_NUMBER >> 12
+#if OSSLVER < 0x10001
+#error OpneSSL too old
+#endif
+ ]]
+ )],
+ [AC_MSG_RESULT([ok])],
+ [AC_MSG_ERROR([OpenSSL version too old])]
+ )
+ OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
+ fi
+
saved_CFLAGS="${CFLAGS}"
saved_LIBS="${LIBS}"
CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}"
--
2.11.0
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
