[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 93/256: configure: allow setting the default SSL ba
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 93/256: configure: allow setting the default SSL backend |
|
Date: |
Fri, 06 Oct 2017 19:43:04 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit c7170e20d0a18ec8a514b4daa53bcdbb4dcb3a05
Author: Johannes Schindelin <address@hidden>
AuthorDate: Thu Aug 24 22:26:48 2017 +0200
configure: allow setting the default SSL backend
Previously, we used as default SSL backend whatever was first in the
`available_backends` array.
However, some users may want to override that default without patching
the source code.
Now they can: with the --with-default-ssl-backend=<backend> option of
the ./configure script.
Signed-off-by: Johannes Schindelin <address@hidden>
---
configure.ac | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
lib/vtls/vtls.c | 4 ++++
2 files changed, 58 insertions(+)
diff --git a/configure.ac b/configure.ac
index 5c0747653..e6c72f358 100755
--- a/configure.ac
+++ b/configure.ac
@@ -1334,6 +1334,34 @@ else
CPPFLAGS="$save_CPPFLAGS"
fi
+dnl -------------------------------------------------------------
+dnl parse --with-default-ssl-backend so it can be validated below
+dnl -------------------------------------------------------------
+
+DEFAULT_SSL_BACKEND=no
+VALID_DEFAULT_SSL_BACKEND=
+AC_ARG_WITH(default-ssl-backend,
+AC_HELP_STRING([--with-default-ssl-backend=NAME],[Use NAME as default SSL
backend])
+AC_HELP_STRING([--without-default-ssl-backend],[Use implicit default SSL
backend]),
+ [DEFAULT_SSL_BACKEND=$withval])
+case "$DEFAULT_SSL_BACKEND" in
+ no)
+ dnl --without-default-ssl-backend option used
+ ;;
+ default|yes)
+ dnl --with-default-ssl-backend option used without name
+ AC_MSG_ERROR([The name of the default SSL backend is required.])
+ ;;
+ *)
+ dnl --with-default-ssl-backend option used with name
+ AC_SUBST(DEFAULT_SSL_BACKEND)
+ dnl needs to be validated below
+ VALID_DEFAULT_SSL_BACKEND=no
+ ;;
+esac
+
+dnl **********************************************************************
+
dnl -------------------------------------------------
dnl check winssl option before other SSL libraries
dnl -------------------------------------------------
@@ -1353,6 +1381,7 @@ if test -z "$ssl_backends" -o "x$OPT_WINSSL" != xno; then
AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support])
AC_SUBST(USE_SCHANNEL, [1])
ssl_msg="Windows-native"
+ test schannel != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
WINSSL_ENABLED=1
# --with-winssl implies --enable-sspi
AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support])
@@ -1381,6 +1410,7 @@ if test -z "$ssl_backends" -o "x$OPT_DARWINSSL" != xno;
then
AC_DEFINE(USE_DARWINSSL, 1, [to enable Apple OS native SSL/TLS support])
AC_SUBST(USE_DARWINSSL, [1])
ssl_msg="$ssh_backends, Apple OS-native"
+ test darwinssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
DARWINSSL_ENABLED=1
LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
else
@@ -1589,6 +1619,7 @@ if test -z "$ssl_backends" -o "x$OPT_SSL" != xno &&
AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
openssl/pem.h openssl/ssl.h openssl/err.h,
ssl_msg="OpenSSL"
+ test openssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
OPENSSL_ENABLED=1
AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use]))
@@ -1827,6 +1858,7 @@ if test -z "$ssl_backends" -o "x$OPT_GNUTLS" != xno; then
GNUTLS_ENABLED=1
USE_GNUTLS="yes"
ssl_msg="GnuTLS"
+ test gnutls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
LIBS="$CLEANLIBS"
@@ -1932,6 +1964,7 @@ if test -z "$ssl_backends" -o "x$OPT_POLARSSL" != xno;
then
POLARSSL_ENABLED=1
USE_POLARSSL="yes"
ssl_msg="PolarSSL"
+ test polarssl != "$DEFAULT_SSL_BACKEND" ||
VALID_DEFAULT_SSL_BACKEND=yes
])
fi
@@ -1958,6 +1991,7 @@ if test -z "$ssl_backends" -o "x$OPT_POLARSSL" != xno;
then
POLARSSL_ENABLED=1
USE_POLARSSL="yes"
ssl_msg="PolarSSL"
+ test polarssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
CPPFLAGS=$_cppflags
@@ -2021,6 +2055,7 @@ if test -z "$ssl_backends" -o "x$OPT_MBEDTLS" != xno; then
MBEDTLS_ENABLED=1
USE_MBEDTLS="yes"
ssl_msg="mbedTLS"
+ test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
], [], -lmbedx509 -lmbedcrypto)
fi
@@ -2047,6 +2082,7 @@ if test -z "$ssl_backends" -o "x$OPT_MBEDTLS" != xno; then
MBEDTLS_ENABLED=1
USE_MBEDTLS="yes"
ssl_msg="mbedTLS"
+ test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
CPPFLAGS=$_cppflags
@@ -2115,6 +2151,7 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
CYASSL_ENABLED=1
USE_CYASSL="yes"
ssl_msg="CyaSSL"
+ test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
])
fi
@@ -2141,6 +2178,7 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
CYASSL_ENABLED=1
USE_CYASSL="yes"
ssl_msg="CyaSSL"
+ test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
CPPFLAGS=$_cppflags
@@ -2186,6 +2224,7 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
CYASSL_ENABLED=1
USE_CYASSL="yes"
ssl_msg="WolfSSL"
+ test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
AC_MSG_RESULT(no)
@@ -2331,6 +2370,7 @@ if test -z "$ssl_backends" -o "x$OPT_NSS" != xno; then
USE_NSS="yes"
NSS_ENABLED=1
ssl_msg="NSS"
+ test nss != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
[
LDFLAGS="$CLEANLDFLAGS"
@@ -2405,6 +2445,7 @@ if test -z "$ssl_backends" -o "x$OPT_AXTLS" != xno; then
AXTLS_ENABLED=1
USE_AXTLS="yes"
ssl_msg="axTLS"
+ test axtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
if test "x$cross_compiling" != "xyes"; then
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_AXTLS"
@@ -2444,6 +2485,19 @@ if test -n "$ssl_backends"; then
curl_ssl_msg="enabled ($ssl_backends)"
fi
+if test no = "$VALID_DEFAULT_SSL_BACKEND"
+then
+ if test -n "$SSL_ENABLED"
+ then
+ AC_MSG_ERROR([Default SSL backend $DEFAULT_SSL_BACKEND not enabled!])
+ else
+ AC_MSG_ERROR([Default SSL backend requires SSL!])
+ fi
+elif test yes = "$VALID_DEFAULT_SSL_BACKEND"
+then
+ AC_DEFINE_UNQUOTED([CURL_DEFAULT_SSL_BACKEND], ["$DEFAULT_SSL_BACKEND"],
[Default SSL backend])
+fi
+
dnl **********************************************************************
dnl Check for the CA bundle
dnl **********************************************************************
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 85665b7df..73ed7a31b 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -1246,6 +1246,10 @@ static int multissl_init(const struct Curl_ssl *backend)
return 1;
env = getenv("CURL_SSL_BACKEND");
+#ifdef CURL_DEFAULT_SSL_BACKEND
+ if(!env)
+ env = CURL_DEFAULT_SSL_BACKEND;
+#endif
if(env)
for(i = 0; available_backends[i]; i++)
if(!strcmp(env, available_backends[i]->info.name)) {
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 221/256: imap: quote atoms properly when escaping characters, (continued)
- [GNUnet-SVN] [gnurl] 221/256: imap: quote atoms properly when escaping characters, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 219/256: vtls: provide curl_global_sslset() even in non-SSL builds, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 217/256: openssl: only verify RSA private key if supported, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 59/256: darwinssl: handle long strings in TLS certs, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 73/256: schannel: reorder functions topologically, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 69/256: vtls: move sha256sum into the Curl_ssl struct, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 195/256: rtsp: Segfault in rtsp.c when using WRITEDATA, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 253/256: build-openssl.bat: Warn OpenSSL 1.1.0 not yet supported, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 30/256: metalink: adjust source code style, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 149/256: docs/curl_mime_*.3: added examples, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 93/256: configure: allow setting the default SSL backend,
gnunet <=
- [GNUnet-SVN] [gnurl] 224/256: metalink: fix NSS issue in MultiSSL builds, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 198/256: non-ascii: use iconv() with 'char **' argument, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 136/256: RELEASE-NOTES: synced with 1ab9e9b50, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 189/256: code style: remove wrong uses of multiple spaces, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 166/256: travis: add c-ares enabled builds linux + osx, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 237/256: cookie: fix memory leak on oversized rejection, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 212/256: smtp: fix memory leak in OOM, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 254/256: THANKS: added new 7.56.0 contributors, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 251/256: vtls: compare and clone ssl configs properly, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 203/256: socks: fix incorrect port number in SOCKS4 error message, gnunet, 2017/10/06