cvs commit: jakarta-tomcat-connectors/jni/native/build tcnative.m4

Mon, 23 May 2005 04:43:39 -0700 

mturk       2005/05/23 04:43:36

  Modified:    jni/native Makefile.in configure.in
               jni/native/build tcnative.m4
  Log:
  Add openssl detection for unix build.
  
  Revision  Changes    Path
  1.3       +2 -3      jakarta-tomcat-connectors/jni/native/Makefile.in
  
  Index: Makefile.in
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/Makefile.in,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- Makefile.in       17 Jan 2005 07:17:06 -0000      1.2
  +++ Makefile.in       23 May 2005 11:43:36 -0000      1.3
  @@ -1,7 +1,6 @@
   #
   # Top-level Makefile for TCNATIVE
   #
  -CPP = @CPP@
   
   # gets substituted into some targets
   [EMAIL PROTECTED]@
  @@ -10,7 +9,7 @@
   srcdir = @srcdir@
   VPATH = @srcdir@
   
  -INCLUDES = @APR_INCLUDES@ @TCNATIVE_INCLUDES@ @TCNATIVE_PRIV_INCLUDES@
  +INCLUDES = @SSL_CFLAGS@ @APR_INCLUDES@ @TCNATIVE_INCLUDES@ 
@TCNATIVE_PRIV_INCLUDES@
   TCNATIVE_LDFLAGS = @TCNATIVE_LDFLAGS@
   TCNATIVE_LIBS = @TCNATIVE_LIBS@
   
  @@ -56,7 +55,7 @@
        $(LIBTOOL) --mode=install $(INSTALL) -m 755 $(TARGET_LIB) 
$(DESTDIR)$(libdir)
   
   $(TARGET_LIB): $(OBJECTS)
  -     $(LINK) @lib_target@ @TCNATIVE_LIBS@
  +     $(LINK) @lib_target@ @TCNATIVE_LIBS@ @SSL_LIBS@
   
   check: $(TARGET_LIB)
        (cd test && $(MAKE) check)
  
  
  
  1.2       +5 -2      jakarta-tomcat-connectors/jni/native/configure.in
  
  Index: configure.in
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/configure.in,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- configure.in      14 Jan 2005 13:49:25 -0000      1.1
  +++ configure.in      23 May 2005 11:43:36 -0000      1.2
  @@ -30,9 +30,7 @@
   fi
   
   AC_SUBST(TCN_CONFIG_LOCATION)
  -
   AC_CANONICAL_SYSTEM
  -
   AC_PROG_INSTALL
   
   dnl
  @@ -100,6 +98,11 @@
   APR_ADDTO(TCNATIVE_PRIV_INCLUDES,[-I$JAVA_HOME/include])
   APR_ADDTO(TCNATIVE_PRIV_INCLUDES,[-I$JAVA_HOME/include/$JAVA_OS]) 
   
  +dnl
  +dnl Detect openssl toolkit installation
  +dnl 
  +TCN_CHECK_SSL_TOOLKIT
  +
   so_ext=$APR_SO_EXT
   lib_target=$APR_LIB_TARGET
   AC_SUBST(so_ext)
  
  
  
  1.2       +132 -0    jakarta-tomcat-connectors/jni/native/build/tcnative.m4
  
  Index: tcnative.m4
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/build/tcnative.m4,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- tcnative.m4       14 Jan 2005 13:47:06 -0000      1.1
  +++ tcnative.m4       23 May 2005 11:43:36 -0000      1.2
  @@ -194,3 +194,135 @@
           fi
         ])
     ])
  +
  +dnl TCN_HELP_STRING(LHS, RHS)
  +dnl Autoconf 2.50 can not handle substr correctly.  It does have 
  +dnl AC_HELP_STRING, so let's try to call it if we can.
  +dnl Note: this define must be on one line so that it can be properly returned
  +dnl as the help string.
  +AC_DEFUN(TCN_HELP_STRING,[ifelse(regexp(AC_ACVERSION, 2\.1), -1, 
AC_HELP_STRING($1,$2),[  ]$1 substr([                       ],len($1))$2)])dnl
  +
  +dnl
  +dnl TCN_CHECK_SSL_TOOLKIT
  +dnl
  +dnl Configure for the detected openssl toolkit installation, giving
  +dnl preference to "--with-ssl=<path>" if it was specified.
  +dnl
  +AC_DEFUN(TCN_CHECK_SSL_TOOLKIT,[
  +  dnl initialise the variables we use
  +  tcn_ssltk_base=""
  +  tcn_ssltk_inc=""
  +  tcn_ssltk_lib=""
  +  tcn_ssltk_type=""
  +  AC_ARG_WITH(ssl, APACHE_HELP_STRING(--with-ssl=DIR,OpenSSL SSL/TLS 
toolkit), [
  +    dnl If --with-ssl specifies a directory, we use that directory or fail
  +    if test "x$withval" != "xyes" -a "x$withval" != "x"; then
  +      dnl This ensures $withval is actually a directory and that it is 
absolute
  +      tcn_ssltk_base="`cd $withval ; pwd`"
  +    fi
  +  ])
  +  if test "x$tcn_ssltk_base" = "x"; then
  +    AC_MSG_RESULT(none)
  +  else
  +    AC_MSG_RESULT($tcn_ssltk_base)
  +  fi
  +
  +  dnl Run header and version checks
  +  saved_CPPFLAGS=$CPPFLAGS
  +  if test "x$tcn_ssltk_base" != "x"; then
  +    tcn_ssltk_inc="-I$tcn_ssltk_base/include"
  +    CPPFLAGS="$CPPFLAGS $tcn_ssltk_inc"
  +  fi
  +
  +  if test "x$tcn_ssltk_type" = "x"; then
  +    AC_MSG_CHECKING(for OpenSSL version)
  +    dnl First check for manditory headers
  +    AC_CHECK_HEADERS([openssl/opensslv.h openssl/ssl.h], 
[tcn_ssltk_type="openssl"], [])
  +    if test "$tcn_ssltk_type" = "openssl"; then
  +      dnl so it's OpenSSL - test for a good version
  +      AC_TRY_COMPILE([#include <openssl/opensslv.h>],[
  +#if !defined(OPENSSL_VERSION_NUMBER)
  +#error "Missing openssl version"
  +#endif
  +#if  (OPENSSL_VERSION_NUMBER < 0x009060af) \
  + || ((OPENSSL_VERSION_NUMBER > 0x00907000) && (OPENSSL_VERSION_NUMBER < 
0x0090702f))
  +#error "Insecure openssl version " OPENSSL_VERSION_TEXT
  +#endif],
  +      [AC_MSG_RESULT(OK)],
  +      [dnl Replace this with OPENSSL_VERSION_TEXT from opensslv.h?
  +       AC_MSG_RESULT([not encouraging])
  +       echo "WARNING: OpenSSL version may contain security vulnerabilities!"
  +       echo "         Ensure the latest security patches have been applied!"
  +      ])
  +      dnl Look for additional, possibly missing headers
  +      AC_CHECK_HEADERS(openssl/engine.h)
  +      if test -n "$PKGCONFIG"; then
  +        $PKGCONFIG openssl
  +        if test $? -eq 0; then
  +          tcn_ssltk_inc="$tcn_ssltk_inc `$PKGCONFIG --cflags-only-I openssl`"
  +          CPPFLAGS="$CPPFLAGS $tcn_ssltk_inc"
  +        fi
  +      fi
  +    else
  +      AC_MSG_RESULT([no OpenSSL headers found])
  +    fi
  +  fi
  +  if test "$tcn_ssltk_type" != "openssl"; then
  +      AC_MSG_RESULT([no OpenSSL headers found])
  +  fi
  +  dnl restore
  +  CPPFLAGS=$saved_CPPFLAGS
  +  if test "x$tcn_ssltk_type" = "x"; then
  +    AC_MSG_ERROR([...No recognized SSL/TLS toolkit detected])
  +  fi
  +
  +  dnl Run library and function checks
  +  saved_LDFLAGS=$LDFLAGS
  +  saved_LIBS=$LIBS
  +  if test "x$tcn_ssltk_base" != "x"; then
  +    if test -d "$tcn_ssltk_base/lib"; then
  +      ap_ssltk_lib="$tcn_ssltk_base/lib"
  +    else
  +      ap_ssltk_lib="$tcn_ssltk_base"
  +    fi
  +    LDFLAGS="$LDFLAGS -L$tcn_ssltk_lib"
  +  fi
  +  dnl make sure "other" flags are available so libcrypto and libssl can link
  +  LIBS="$LIBS `$apr_config --libs`"
  +  liberrors=""
  +  if test "$tcn_ssltk_type" = "openssl"; then
  +    AC_CHECK_LIB(crypto, SSLeay_version, [], [liberrors="yes"])
  +    AC_CHECK_LIB(ssl, SSL_CTX_new, [], [liberrors="yes"])
  +    AC_CHECK_FUNCS(ENGINE_init)
  +    AC_CHECK_FUNCS(ENGINE_load_builtin_engines)
  +  else
  +    AC_CHECK_LIB(sslc, SSLC_library_version, [], [liberrors="yes"])
  +    AC_CHECK_LIB(sslc, SSL_CTX_new, [], [liberrors="yes"])
  +    AC_CHECK_FUNCS(SSL_set_state)
  +  fi
  +  AC_CHECK_FUNCS(SSL_set_cert_store)
  +  dnl restore
  +  LDFLAGS=$saved_LDFLAGS
  +  LIBS=$saved_LIBS
  +  if test "x$liberrors" != "x"; then
  +    AC_MSG_ERROR([... Error, SSL/TLS libraries were missing or unusable])
  +  fi
  +
  +  dnl (b) hook up include paths
  +  if test "x$tcn_ssltk_inc" != "x"; then
  +    APR_ADDTO(TCNATIVE_PRIV_INCLUDES, [$tcn_ssltk_inc])
  +  fi
  +  dnl (c) hook up linker paths
  +  if test "x$tcn_ssltk_lib" != "x"; then
  +    APR_ADDTO(LDFLAGS, ["-L$tcn_ssltk_lib"])
  +  fi
  +
  +  dnl Adjust configuration based on what we found above.
  +  dnl (a) define preprocessor symbols
  +  if test "$tcn_ssltk_type" = "openssl"; then
  +    APR_SETVAR(SSL_LIBS, [-lssl -lcrypto])
  +    APR_ADDTO(SSL_CFLAGS, [-DHAVE_OPENSSL])
  +  fi
  +  AC_SUBST(SSL_LIBS)
  +  AC_SUBST(SSL_CFLAGS)
  +])
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to