APACHE_SUBST(EXTRA_INCLUDES)
APACHE_SUBST(LIBTOOL)
APACHE_SUBST(SHELL)
+ APACHE_SUBST(RSYNC)
APACHE_SUBST(MODULE_DIRS)
APACHE_SUBST(MODULE_CLEANDIRS)
APACHE_SUBST(PORT)
+ APACHE_SUBST(SSLPORT)
APACHE_SUBST(nonssl_listen_stmt_1)
APACHE_SUBST(nonssl_listen_stmt_2)
APACHE_SUBST(CORE_IMPLIB_FILE)
APACHE_SUBST(DSO_MODULES)
APACHE_SUBST(APR_BINDIR)
APACHE_SUBST(APR_INCLUDEDIR)
+ APACHE_SUBST(APR_VERSION)
+ APACHE_SUBST(APR_CONFIG)
APACHE_SUBST(APU_BINDIR)
APACHE_SUBST(APU_INCLUDEDIR)
+ APACHE_SUBST(APU_VERSION)
+ APACHE_SUBST(APU_CONFIG)
abs_srcdir="`(cd $srcdir && pwd)`"
if test -z "$module_standalone"; then
if test -z "$2"; then
- libname="mod_$1.la"
+ # The filename of a convenience library must have a "lib" prefix:
+ libname="libmod_$1.la"
BUILTIN_LIBS="$BUILTIN_LIBS $modpath_current/$libname"
modpath_static="$modpath_static $libname"
cat >>$modpath_current/modules.mk<<EOF
$libname: $objects
- \$(MOD_LINK) $objects
+ \$(MOD_LINK) $objects $5
EOF
+ if test ! -z "$5"; then
+ APR_ADDTO(AP_LIBS, [$5])
+ fi
else
apache_need_shared=yes
libname="mod_$1.la"
if test "$enable_$1" != "no"; then
case "$enable_$1" in
shared*)
- enable_$1=`echo $ac_n $enable_$1$ac_c|sed 's/shared,*//'`
+ enable_$1=`echo $enable_$1|sed 's/shared,*//'`
sharedobjs=yes
shared=yes
DSO_MODULES="$DSO_MODULES $1"
fi
shared="";;
esac
- APACHE_MODPATH_ADD($1, $shared, $3)
+ define([modprefix], [MOD_]translit($1, [a-z-], [A-Z_]))
+ APACHE_MODPATH_ADD($1, $shared, $3,, [\$(]modprefix[_LDADD)])
+ APACHE_SUBST(modprefix[_LDADD])
+ undefine([modprefix])
fi
])dnl
module_default=yes
AC_ARG_ENABLE(modules,
- APACHE_HELP_STRING(--enable-modules=MODULE-LIST,Modules to enable),[
- for i in $enableval; do
- if test "$i" = "all" -o "$i" = "most"; then
- module_selection=$i
- else
- eval "enable_$i=yes"
- fi
- done
+ APACHE_HELP_STRING(--enable-modules=MODULE-LIST,Space-separated list of modules to enable | "all" | "most" | "none"),[
+ if test "$enableval" = "none"; then
+ module_default=no
+ module_selection=none
+ else
+ for i in $enableval; do
+ if test "$i" = "all" -o "$i" = "most"; then
+ module_selection=$i
+ else
+ i=`echo $i | sed 's/-/_/g'`
+ eval "enable_$i=yes"
+ fi
+ done
+ fi
])
AC_ARG_ENABLE(mods-shared,
- APACHE_HELP_STRING(--enable-mods-shared=MODULE-LIST,Shared modules to enable),[
+ APACHE_HELP_STRING(--enable-mods-shared=MODULE-LIST,Space-separated list of shared modules to enable | "all" | "most"),[
for i in $enableval; do
if test "$i" = "all" -o "$i" = "most"; then
module_selection=$i
dnl
dnl APACHE_CHECK_SSL_TOOLKIT
dnl
-dnl Find the openssl toolkit installation and check it for the right
-dnl version, then add its flags to INCLUDES and LIBS. This should
-dnl really be using a custom AC_TRY_COMPILE function to test the includes
-dnl and then AC_TRY_LINK to test the libraries directly for the version,
-dnl but that will require someone who knows how to program openssl.
+dnl Configure for the detected openssl/ssl-c toolkit installation, giving
+dnl preference to "--with-ssl=<path>" if it was specified.
dnl
AC_DEFUN(APACHE_CHECK_SSL_TOOLKIT,[
-if test "x$ap_ssltk_base" = "x"; then
- AC_MSG_CHECKING(for SSL/TLS toolkit base)
+if test "x$ap_ssltk_configured" = "x"; then
+ dnl initialise the variables we use
+ ap_ssltk_found=""
ap_ssltk_base=""
- AC_ARG_WITH(ssl, APACHE_HELP_STRING(--with-ssl=DIR,SSL/TLS toolkit (OpenSSL)), [
+ ap_ssltk_libs=""
+ ap_ssltk_type=""
+
+ dnl Determine the SSL/TLS toolkit's base directory, if any
+ AC_MSG_CHECKING([for user-provided SSL/TLS toolkit base])
+ AC_ARG_WITH(sslc, APACHE_HELP_STRING(--with-sslc=DIR,RSA SSL-C SSL/TLS toolkit), [
+ dnl If --with-sslc specifies a directory, we use that directory or fail
if test "x$withval" != "xyes" -a "x$withval" != "x"; then
- ap_ssltk_base="$withval"
- if test -f "$ap_ssltk_base/bin/openssl"; then
- ap_ssltk_version="`$ap_ssltk_base/bin/openssl version`"
- else
- ap_ssltk_version="unknown"
- fi
+ dnl This ensures $withval is actually a directory and that it is absolute
+ ap_ssltk_base="`cd $withval ; pwd`"
+ fi
+ ap_ssltk_type="sslc"
+ ])
+ AC_ARG_WITH(ssl, APACHE_HELP_STRING(--with-ssl=DIR,OpenSSL SSL/TLS toolkit), [
+ dnl If --with-ssl specifies a directory, we use that directory or fail
+ if test "x$withval" != "xyes" -a "x$withval" != "x"; then
+ dnl This ensures $withval is actually a directory and that it is absolute
+ ap_ssltk_base="`cd $withval ; pwd`"
fi
])
if test "x$ap_ssltk_base" = "x"; then
- AC_CACHE_VAL(ap_cv_ssltk,[
- #
- # shotgun approach: find all occurrences of the openssl program
- #
- # The IFS=... trick eliminates the colons from $PATH, without using an external program
- for p in `IFS=":$IFS"; echo $PATH` /usr/local/openssl/bin /usr/local/ssl/bin; do
- if test -f "$p/openssl"; then
- ap_ssltk_version="`$p/openssl version`"
- if test "x$ap_ssltk_version" != "x"; then
- ap_cv_ssltk="`(cd $p/.. && pwd)`"
- break
- fi
- fi
- done
- if test "x$ap_cv_ssltk" = "x"; then
- AC_MSG_ERROR([requires OpenSSL 0.9.6e or higher])
- fi
- ])
- ap_ssltk_base="$ap_cv_ssltk"
+ AC_MSG_RESULT(none)
+ else
+ AC_MSG_RESULT($ap_ssltk_base)
fi
- if test ! -d $ap_ssltk_base; then
- AC_MSG_ERROR([invalid SSL/TLS toolkit base directory $ap_ssltk_base])
+
+ dnl Run header and version checks
+ saved_CPPFLAGS="$CPPFLAGS"
+ saved_LIBS="$LIBS"
+ saved_LDFLAGS="$LDFLAGS"
+ SSL_LIBS=""
+
+ dnl Before doing anything else, load in pkg-config variables (if not sslc).
+ if test "x$ap_ssltk_type" = "x" -a -n "$PKGCONFIG"; then
+ saved_PKG_CONFIG_PATH="$PKG_CONFIG_PATH"
+ if test "x$ap_ssltk_base" != "x" -a \
+ -f "${ap_ssltk_base}/lib/pkgconfig/openssl.pc"; then
+ dnl Ensure that the given path is used by pkg-config too, otherwise
+ dnl the system openssl.pc might be picked up instead.
+ PKG_CONFIG_PATH="${ap_ssltk_base}/lib/pkgconfig${PKG_CONFIG_PATH+:}${PKG_CONFIG_PATH}"
+ export PKG_CONFIG_PATH
+ fi
+ ap_ssltk_libs="`$PKGCONFIG --libs-only-l openssl 2>&1`"
+ if test $? -eq 0; then
+ ap_ssltk_found="yes"
+ pkglookup="`$PKGCONFIG --cflags-only-I openssl`"
+ APR_ADDTO(CPPFLAGS, [$pkglookup])
+ APR_ADDTO(INCLUDES, [$pkglookup])
+ pkglookup="`$PKGCONFIG --libs-only-L --libs-only-other openssl`"
+ APR_ADDTO(LDFLAGS, [$pkglookup])
+ APR_ADDTO(SSL_LIBS, [$pkglookup])
+ fi
+ PKG_CONFIG_PATH="$saved_PKG_CONFIG_PATH"
fi
- AC_MSG_RESULT($ap_ssltk_base)
-
- AC_MSG_CHECKING(for SSL/TLS toolkit version)
- AC_MSG_RESULT($ap_ssltk_version)
- case "$ap_ssltk_version" in
- "OpenSSL "[[1-9]]* | \
- "OpenSSL "0.9.6[[e-z]]* | \
- "OpenSSL "0.9.[[7-9]]* | \
- "OpenSSL "0.[[1-9]][[0-9]]* )
- # okay versions that do not have known security holes
- ;;
- "OpenSSL"*)
- AC_MSG_WARN([OpenSSL versions prior to 0.9.6e have known security holes])
- ;;
- *)
- # unknown version -- assume the user knows what they are doing
- ;;
- esac
-
- AC_MSG_CHECKING(for SSL/TLS toolkit includes)
- ap_ssltk_incdir=""
- for p in $ap_ssltk_base/include /usr/local/openssl/include \
- /usr/local/ssl/include /usr/local/include /usr/include; do
- if test -f "$p/openssl/ssl.h"; then
- ap_ssltk_incdir="$p"
- break
- elif test -f "$p/ssl.h"; then
- ap_ssltk_incdir="$p"
- break
+ if test "x$ap_ssltk_base" != "x" -a "x$ap_ssltk_found" = "x"; then
+ APR_ADDTO(CPPFLAGS, [-I$ap_ssltk_base/include])
+ APR_ADDTO(INCLUDES, [-I$ap_ssltk_base/include])
+ APR_ADDTO(LDFLAGS, [-L$ap_ssltk_base/lib])
+ APR_ADDTO(SSL_LIBS, [-L$ap_ssltk_base/lib])
+ if test "x$ap_platform_runtime_link_flag" != "x"; then
+ APR_ADDTO(LDFLAGS, [$ap_platform_runtime_link_flag$ap_ssltk_base/lib])
+ APR_ADDTO(SSL_LIBS, [$ap_platform_runtime_link_flag$ap_ssltk_base/lib])
+ fi
+ fi
+ if test "x$ap_ssltk_type" = "x"; then
+ dnl First check for manditory headers
+ AC_CHECK_HEADERS([openssl/opensslv.h openssl/ssl.h], [ap_ssltk_type="openssl"], [])
+ if test "$ap_ssltk_type" = "openssl"; then
+ dnl so it's OpenSSL - test for a good version
+ AC_MSG_CHECKING([for OpenSSL version])
+ AC_TRY_COMPILE([#include <openssl/opensslv.h>],[
+#if !defined(OPENSSL_VERSION_NUMBER)
+#error "Missing openssl version"
+#endif
+#if (OPENSSL_VERSION_NUMBER < 0x009060af) \
+ || ((OPENSSL_VERSION_NUMBER > 0x00907000) && (OPENSSL_VERSION_NUMBER < 0x0090702f))
+#error "Insecure openssl version " OPENSSL_VERSION_TEXT
+#endif],
+ [AC_MSG_RESULT(OK)],
+ [dnl Replace this with OPENSSL_VERSION_TEXT from opensslv.h?
+ AC_MSG_RESULT([not encouraging])
+ AC_MSG_WARN([OpenSSL version may contain security vulnerabilities!]
+ [ Ensure the latest security patches have been applied!])
+ ])
+ else
+ AC_MSG_RESULT([no OpenSSL headers found])
fi
- done
- if test "x$ap_ssltk_incdir" = "x"; then
- AC_MSG_ERROR([OpenSSL headers not found])
fi
- AC_MSG_RESULT($ap_ssltk_incdir)
-
- AC_MSG_CHECKING(for SSL/TLS toolkit libraries)
- ap_ssltk_libdir=""
- for p in $ap_ssltk_base/lib /usr/local/openssl/lib \
- /usr/local/ssl/lib /usr/local/lib /usr/lib /lib /usr/lib64; do
- if test -f "$p/libssl.a" -o -f "$p/libssl.so" -o -f "$p/libssl.dylib"; then
- ap_ssltk_libdir="$p"
- break
+ if test "$ap_ssltk_type" != "openssl"; then
+ dnl Might be SSL-C - report, then test anything relevant
+ AC_CHECK_HEADERS([sslc.h], [ap_ssltk_type="sslc"], [ap_ssltk_type=""])
+ if test "$ap_ssltk_type" = "sslc"; then
+ ap_ssltk_libs="-lsslc"
+ AC_MSG_CHECKING([for SSL-C version])
+ AC_TRY_COMPILE([#include <sslc.h>],[
+#if !defined(SSLC_VERSION_NUMBER)
+#error "Missing SSL-C version"
+#endif
+#if SSLC_VERSION_NUMBER < 0x2310
+#define stringize_ver(x) #x
+#error "Insecure SSL-C version " stringize_ver(SSLC_VERSION_NUMBER)
+#endif],
+ [AC_MSG_RESULT(OK)],
+ [dnl Replace this with SSLC_VERSION_NUMBER?
+ AC_MSG_RESULT([not encouraging])
+ echo "WARNING: SSL-C version may contain security vulnerabilities!"
+ echo " Ensure the latest security patches have been applied!"
+ ])
+ else
+ AC_MSG_RESULT([no SSL-C headers found])
fi
- done
- if test ".$ap_ssltk_libdir" = .; then
- AC_MSG_ERROR([OpenSSL libraries not found])
fi
- AC_MSG_RESULT($ap_ssltk_libdir)
+ if test "x$ap_ssltk_type" = "x"; then
+ AC_MSG_ERROR([...No recognized SSL/TLS toolkit detected])
+ fi
- dnl # annotate the Apache build environment with determined information
- APR_ADDTO(INCLUDES, [-I$ap_ssltk_incdir/openssl])
- if test "x$ap_ssltk_incdir" != "x/usr/include"; then
- APR_ADDTO(INCLUDES, [-I$ap_ssltk_incdir])
+ if test "$ap_ssltk_type" = "openssl" -a "x$ap_ssltk_found" = "x"; then
+ ap_ssltk_found="yes"
+ ap_ssltk_libs="-lssl -lcrypto `$apr_config --libs`"
fi
- if test "x$ap_ssltk_libdir" != "x/usr/lib"; then
- APR_ADDTO(LDFLAGS, [-L$ap_ssltk_libdir])
- if test "x$ap_platform_runtime_link_flag" != "x"; then
- APR_ADDTO(LDFLAGS, [$ap_platform_runtime_link_flag$ap_ssltk_libdir])
- fi
+ APR_ADDTO(SSL_LIBS, [$ap_ssltk_libs])
+ APR_ADDTO(LIBS, [$ap_ssltk_libs])
+ APACHE_SUBST(SSL_LIBS)
+
+ dnl Run library and function checks
+ liberrors=""
+ if test "$ap_ssltk_type" = "openssl"; then
+ AC_CHECK_HEADERS([openssl/engine.h])
+ AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
+ AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines])
+ else
+ AC_CHECK_FUNCS([SSLC_library_version SSL_CTX_new], [], [liberrors="yes"])
+ AC_CHECK_FUNCS(SSL_set_state)
+ fi
+ AC_CHECK_FUNCS(SSL_set_cert_store)
+ dnl restore
+ CPPFLAGS="$saved_CPPFLAGS"
+ LIBS="$saved_LIBS"
+ LDFLAGS="$saved_LDFLAGS"
+ if test "x$liberrors" != "x"; then
+ AC_MSG_ERROR([... Error, SSL/TLS libraries were missing or unusable])
+ fi
+
+ dnl Adjust apache's configuration based on what we found above.
+ dnl (a) define preprocessor symbols
+ if test "$ap_ssltk_type" = "openssl"; then
+ AC_DEFINE(HAVE_OPENSSL, 1, [Define if SSL is supported using OpenSSL])
+ else
+ AC_DEFINE(HAVE_SSLC, 1, [Define if SSL is supported using SSL-C])
fi
- APR_ADDTO(LIBS, [-lssl -lcrypto])
- ap_cv_ssltk="$ap_ssltk_base"
fi
])
APACHE_SUBST_EXPANDED_ARG(proxycachedir)
])
+dnl
+dnl APACHE_CHECK_APxVER({apr|apu}, major, minor,
+dnl [actions-if-ok], [actions-if-not-ok])
+dnl
+dnl Checks for APR or APR-util of given major/minor version or later;
+dnl if so, runs actions-if-ok; otherwise runs actions-if-not-ok if given.
+dnl If the version is not satisfactory and actions-if-not-ok is not
+dnl given, then an error is printed and the configure script is aborted.
+dnl
+dnl The first argument must be [apr] or [apu].
+dnl
+AC_DEFUN([APACHE_CHECK_APxVER], [
+define(ap_ckver_major, translit($1, [apru], [APRU])[_MAJOR_VERSION])
+define(ap_ckver_minor, translit($1, [apru], [APRU])[_MINOR_VERSION])
+define(ap_ckver_cvar, [ap_cv_$1ver$2$3])
+define(ap_ckver_name, ifelse([$1],[apr],[APR],[APR-util]))
+
+ap_ckver_CPPFLAGS="$CPPFLAGS"
+CPPFLAGS="$CPPFLAGS `$[$1]_config --includes`"
+
+AC_CACHE_CHECK([for ap_ckver_name version $2.$3.0 or later], ap_ckver_cvar, [
+AC_EGREP_CPP([good], [
+#include <$1_version.h>
+#if ]ap_ckver_major[ > $2 || (]ap_ckver_major[ == $2 && ]ap_ckver_minor[ >= $3)
+good
+#endif
+], [ap_ckver_cvar=yes], [ap_ckver_cvar=no])])
+
+if test "$ap_ckver_cvar" = "yes"; then
+ ifelse([$4],[],[:],[$4])
+else
+ ifelse([$5],[],[AC_MSG_ERROR([ap_ckver_name version $2.$3.0 or later is required])], [$5])
+fi
+
+CPPFLAGS="$ap_ckver_CPPFLAGS"
+
+undefine([ap_ckver_major])
+undefine([ap_ckver_minor])
+undefine([ap_ckver_cvar])
+undefine([ap_ckver_name])
+])
+
+dnl
+dnl APACHE_CHECK_VOID_PTR_LEN
+dnl
+dnl Checks if the size of a void pointer is at least as big as a "long"
+dnl integer type.
+dnl
+AC_DEFUN([APACHE_CHECK_VOID_PTR_LEN], [
+
+AC_CACHE_CHECK([for void pointer length], [ap_cv_void_ptr_lt_long],
+[AC_TRY_RUN([
+int main(void)
+{
+ return sizeof(void *) < sizeof(long);
+}], [ap_cv_void_ptr_lt_long=no], [ap_cv_void_ptr_lt_long=yes],
+ [ap_cv_void_ptr_lt_long=yes])])
+
+if test "$ap_cv_void_ptr_lt_long" = "yes"; then
+ AC_MSG_ERROR([Size of "void *" is less than size of "long"])
+fi
+])
projects / apache / blobdiff