OpenSystemsDevelopment / qpdf

Commit a99ad2b9007d1775e9598bc78698cbc5d5ba0f60

Authored by Dean Scarff
Committed by Jay Berkenbilt
1 parent 2ff84aa2

Update OpenSSL autoconf checks 

- Checks explicitly for versions >= 1.1.0 with pkg-config
- Refactor the fallback checks.  Previously they were copied
from the gnutls logic, but could be slightly surprising (it's not
obvious that they're for the case where pkg-config returns a false
negative, and it's weird that the linker check overode the header check)
- Fix the AC_SEARCH_LIBS check to try -lcrypto instead of -lopenssl
(-lcrypto is the standard library OpenSSL ships the crypto symbols in).
- Fix the AC_SEARCH_LIBS check to look for EVP_MD_CTX_new, which is not
present in versions prior to 1.1.0.

Fixes qpdf/qpdf#429 (although I haven't verified on cygwin)
Inline Side-by-side
Showing 3 changed files with 40 additions and 39 deletions
autofiles.sums
  View file @a99ad2b
1 -055e54a34d94a0c2ed9451042a1c747e47b29259a9035af9e7327401a5c3fbd1 configure.ac 1 +d2cb3f80935a7e6e265a04da6ba9c0df4eabae3de33c6a48384a9fa50a15143b configure.ac
2 d3f9ee6f6f0846888d9a10fd3dad2e4b1258be84205426cf04d7cef02d61dad7 aclocal.m4 2 d3f9ee6f6f0846888d9a10fd3dad2e4b1258be84205426cf04d7cef02d61dad7 aclocal.m4
3 cf2c764639c4c94abc183a0976eca6ae500b80790ea25e3d0af97b23587363b7 libqpdf/qpdf/qpdf-config.h.in 3 cf2c764639c4c94abc183a0976eca6ae500b80790ea25e3d0af97b23587363b7 libqpdf/qpdf/qpdf-config.h.in
4 5297971a0ef90bcd5563eb3f7127a032bb76d3ae2af7258bf13479caf8983a60 m4/ax_cxx_compile_stdcxx.m4 4 5297971a0ef90bcd5563eb3f7127a032bb76d3ae2af7258bf13479caf8983a60 m4/ax_cxx_compile_stdcxx.m4
configure
  View file @a99ad2b
@@ -1477,7 +1477,7 @@ Optional Features: @@ -1477,7 +1477,7 @@ Optional Features:
1477 are not explicitly requested; true by default 1477 are not explicitly requested; true by default
1478 --enable-crypto-native whether to include support for native crypto 1478 --enable-crypto-native whether to include support for native crypto
1479 provider 1479 provider
1480 - --enable-crypto-openssl whether to include support for the BoringSSL crypto 1480 + --enable-crypto-openssl whether to include support for the openssl crypto
1481 provider 1481 provider
1482 --enable-crypto-gnutls whether to include support for gnutls crypto 1482 --enable-crypto-gnutls whether to include support for gnutls crypto
1483 provider 1483 provider
@@ -17811,12 +17811,12 @@ if test -n "$pc_openssl_CFLAGS"; then @@ -17811,12 +17811,12 @@ if test -n "$pc_openssl_CFLAGS"; then
17811 pkg_cv_pc_openssl_CFLAGS="$pc_openssl_CFLAGS" 17811 pkg_cv_pc_openssl_CFLAGS="$pc_openssl_CFLAGS"
17812 elif test -n "$PKG_CONFIG"; then 17812 elif test -n "$PKG_CONFIG"; then
17813 if test -n "$PKG_CONFIG" && \ 17813 if test -n "$PKG_CONFIG" && \
17814 - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5  
17815 - ($PKG_CONFIG --exists --print-errors "openssl") 2>&5 17814 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.1.0\""; } >&5
  17815 + ($PKG_CONFIG --exists --print-errors "openssl >= 1.1.0") 2>&5
17816 ac_status=$? 17816 ac_status=$?
17817 $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 17817 $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
17818 test $ac_status = 0; }; then 17818 test $ac_status = 0; }; then
17819 - pkg_cv_pc_openssl_CFLAGS=`$PKG_CONFIG --cflags "openssl" 2>/dev/null` 17819 + pkg_cv_pc_openssl_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 1.1.0" 2>/dev/null`
17820 test "x$?" != "x0" && pkg_failed=yes 17820 test "x$?" != "x0" && pkg_failed=yes
17821 else 17821 else
17822 pkg_failed=yes 17822 pkg_failed=yes
@@ -17828,12 +17828,12 @@ if test -n "$pc_openssl_LIBS"; then @@ -17828,12 +17828,12 @@ if test -n "$pc_openssl_LIBS"; then
17828 pkg_cv_pc_openssl_LIBS="$pc_openssl_LIBS" 17828 pkg_cv_pc_openssl_LIBS="$pc_openssl_LIBS"
17829 elif test -n "$PKG_CONFIG"; then 17829 elif test -n "$PKG_CONFIG"; then
17830 if test -n "$PKG_CONFIG" && \ 17830 if test -n "$PKG_CONFIG" && \
17831 - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5  
17832 - ($PKG_CONFIG --exists --print-errors "openssl") 2>&5 17831 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.1.0\""; } >&5
  17832 + ($PKG_CONFIG --exists --print-errors "openssl >= 1.1.0") 2>&5
17833 ac_status=$? 17833 ac_status=$?
17834 $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 17834 $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
17835 test $ac_status = 0; }; then 17835 test $ac_status = 0; }; then
17836 - pkg_cv_pc_openssl_LIBS=`$PKG_CONFIG --libs "openssl" 2>/dev/null` 17836 + pkg_cv_pc_openssl_LIBS=`$PKG_CONFIG --libs "openssl >= 1.1.0" 2>/dev/null`
17837 test "x$?" != "x0" && pkg_failed=yes 17837 test "x$?" != "x0" && pkg_failed=yes
17838 else 17838 else
17839 pkg_failed=yes 17839 pkg_failed=yes
@@ -17854,9 +17854,9 @@ else @@ -17854,9 +17854,9 @@ else
17854 _pkg_short_errors_supported=no 17854 _pkg_short_errors_supported=no
17855 fi 17855 fi
17856 if test $_pkg_short_errors_supported = yes; then 17856 if test $_pkg_short_errors_supported = yes; then
17857 - pc_openssl_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl" 2>&1` 17857 + pc_openssl_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 1.1.0" 2>&1`
17858 else 17858 else
17859 - pc_openssl_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl" 2>&1` 17859 + pc_openssl_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 1.1.0" 2>&1`
17860 fi 17860 fi
17861 # Put the nasty error message in config.log where it belongs 17861 # Put the nasty error message in config.log where it belongs
17862 echo "$pc_openssl_PKG_ERRORS" >&5 17862 echo "$pc_openssl_PKG_ERRORS" >&5
@@ -17873,18 +17873,13 @@ else @@ -17873,18 +17873,13 @@ else
17873 $as_echo "yes" >&6; } 17873 $as_echo "yes" >&6; }
17874 OPENSSL_FOUND=1 17874 OPENSSL_FOUND=1
17875 fi 17875 fi
17876 -if test "$OPENSSL_FOUND" = "0"; then 17876 +
  17877 +if test "$OPENSSL_FOUND" = "0"; then :
17877 ac_fn_c_check_header_mongrel "$LINENO" "openssl/evp.h" "ac_cv_header_openssl_evp_h" "$ac_includes_default" 17878 ac_fn_c_check_header_mongrel "$LINENO" "openssl/evp.h" "ac_cv_header_openssl_evp_h" "$ac_includes_default"
17878 if test "x$ac_cv_header_openssl_evp_h" = xyes; then : 17879 if test "x$ac_cv_header_openssl_evp_h" = xyes; then :
17879 - OPENSSL_FOUND=1  
17880 -else  
17881 - OPENSSL_FOUND=0  
17882 -fi  
17883 -  
17884 -  
17885 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_DigestInit_ex" >&5  
17886 -$as_echo_n "checking for library containing EVP_DigestInit_ex... " >&6; }  
17887 -if ${ac_cv_search_EVP_DigestInit_ex+:} false; then : 17880 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_MD_CTX_new" >&5
  17881 +$as_echo_n "checking for library containing EVP_MD_CTX_new... " >&6; }
  17882 +if ${ac_cv_search_EVP_MD_CTX_new+:} false; then :
17888 $as_echo_n "(cached) " >&6 17883 $as_echo_n "(cached) " >&6
17889 else 17884 else
17890 ac_func_search_save_LIBS=$LIBS 17885 ac_func_search_save_LIBS=$LIBS
@@ -17897,16 +17892,16 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -17897,16 +17892,16 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
17897 #ifdef __cplusplus 17892 #ifdef __cplusplus
17898 extern "C" 17893 extern "C"
17899 #endif 17894 #endif
17900 -char EVP_DigestInit_ex (); 17895 +char EVP_MD_CTX_new ();
17901 int 17896 int
17902 main () 17897 main ()
17903 { 17898 {
17904 -return EVP_DigestInit_ex (); 17899 +return EVP_MD_CTX_new ();
17905 ; 17900 ;
17906 return 0; 17901 return 0;
17907 } 17902 }
17908 _ACEOF 17903 _ACEOF
17909 -for ac_lib in '' openssl; do 17904 +for ac_lib in '' crypto; do
17910 if test -z "$ac_lib"; then 17905 if test -z "$ac_lib"; then
17911 ac_res="none required" 17906 ac_res="none required"
17912 else 17907 else
@@ -17914,34 +17909,36 @@ for ac_lib in '' openssl; do @@ -17914,34 +17909,36 @@ for ac_lib in '' openssl; do
17914 LIBS="-l$ac_lib $ac_func_search_save_LIBS" 17909 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
17915 fi 17910 fi
17916 if ac_fn_c_try_link "$LINENO"; then : 17911 if ac_fn_c_try_link "$LINENO"; then :
17917 - ac_cv_search_EVP_DigestInit_ex=$ac_res 17912 + ac_cv_search_EVP_MD_CTX_new=$ac_res
17918 fi 17913 fi
17919 rm -f core conftest.err conftest.$ac_objext \ 17914 rm -f core conftest.err conftest.$ac_objext \
17920 conftest$ac_exeext 17915 conftest$ac_exeext
17921 - if ${ac_cv_search_EVP_DigestInit_ex+:} false; then : 17916 + if ${ac_cv_search_EVP_MD_CTX_new+:} false; then :
17922 break 17917 break
17923 fi 17918 fi
17924 done 17919 done
17925 -if ${ac_cv_search_EVP_DigestInit_ex+:} false; then : 17920 +if ${ac_cv_search_EVP_MD_CTX_new+:} false; then :
17926 17921
17927 else 17922 else
17928 - ac_cv_search_EVP_DigestInit_ex=no 17923 + ac_cv_search_EVP_MD_CTX_new=no
17929 fi 17924 fi
17930 rm conftest.$ac_ext 17925 rm conftest.$ac_ext
17931 LIBS=$ac_func_search_save_LIBS 17926 LIBS=$ac_func_search_save_LIBS
17932 fi 17927 fi
17933 -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_DigestInit_ex" >&5  
17934 -$as_echo "$ac_cv_search_EVP_DigestInit_ex" >&6; }  
17935 -ac_res=$ac_cv_search_EVP_DigestInit_ex 17928 +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_MD_CTX_new" >&5
  17929 +$as_echo "$ac_cv_search_EVP_MD_CTX_new" >&6; }
  17930 +ac_res=$ac_cv_search_EVP_MD_CTX_new
17936 if test "$ac_res" != no; then : 17931 if test "$ac_res" != no; then :
17937 test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" 17932 test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
17938 OPENSSL_FOUND=1 17933 OPENSSL_FOUND=1
17939 -else  
17940 - OPENSSL_FOUND=0  
17941 fi 17934 fi
17942 17935
17943 fi 17936 fi
17944 17937
  17938 +
  17939 +
  17940 +fi
  17941 +
17945 IMPLICIT_OPENSSL=0 17942 IMPLICIT_OPENSSL=0
17946 USE_CRYPTO_OPENSSL=0 17943 USE_CRYPTO_OPENSSL=0
17947 17944
configure.ac
  View file @a99ad2b
@@ -586,23 +586,27 @@ if test "$USE_CRYPTO_NATIVE" = "1"; then @@ -586,23 +586,27 @@ if test "$USE_CRYPTO_NATIVE" = "1"; then
586 DEFAULT_CRYPTO=native 586 DEFAULT_CRYPTO=native
587 fi 587 fi
588 588
589 -dnl If the openssl/BoringSSL provider is explicitly requested, require openssl 589 +dnl If the openssl/BoringSSL provider is explicitly requested, require openssl.
590 dnl If the openssl provider is not explicitly disabled, enable it if 590 dnl If the openssl provider is not explicitly disabled, enable it if
591 dnl openssl is available. If the openssl provider is explicitly 591 dnl openssl is available. If the openssl provider is explicitly
592 dnl disabled, do not link with openssl even if present. 592 dnl disabled, do not link with openssl even if present.
593 593
594 -PKG_CHECK_MODULES([pc_openssl], [openssl], [OPENSSL_FOUND=1], [OPENSSL_FOUND=0])  
595 -if test "$OPENSSL_FOUND" = "0"; then  
596 - AC_CHECK_HEADER([openssl/evp.h],[OPENSSL_FOUND=1],[OPENSSL_FOUND=0])  
597 - AC_SEARCH_LIBS(EVP_DigestInit_ex,openssl,[OPENSSL_FOUND=1],[OPENSSL_FOUND=0])  
598 -fi 594 +PKG_CHECK_MODULES([pc_openssl], [openssl >= 1.1.0],
  595 + [OPENSSL_FOUND=1], [OPENSSL_FOUND=0])
  596 +
  597 +dnl Override pkg-config if headers and libraries are present.
  598 +AS_IF([test "$OPENSSL_FOUND" = "0"],
  599 + [AC_CHECK_HEADER(
  600 + [openssl/evp.h],
  601 + [AC_SEARCH_LIBS(EVP_MD_CTX_new,crypto,[OPENSSL_FOUND=1])])
  602 + ])
599 603
600 IMPLICIT_OPENSSL=0 604 IMPLICIT_OPENSSL=0
601 USE_CRYPTO_OPENSSL=0 605 USE_CRYPTO_OPENSSL=0
602 AC_SUBST(USE_CRYPTO_OPENSSL) 606 AC_SUBST(USE_CRYPTO_OPENSSL)
603 AC_ARG_ENABLE(crypto-openssl, 607 AC_ARG_ENABLE(crypto-openssl,
604 AS_HELP_STRING([--enable-crypto-openssl], 608 AS_HELP_STRING([--enable-crypto-openssl],
605 - [whether to include support for the BoringSSL crypto provider]), 609 + [whether to include support for the openssl crypto provider]),
606 [if test "$enableval" = "yes"; then 610 [if test "$enableval" = "yes"; then
607 USE_CRYPTO_OPENSSL=1 611 USE_CRYPTO_OPENSSL=1
608 else 612 else