# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
-# are also available at http://curl.haxx.se/docs/copyright.html.
+# are also available at https://curl.haxx.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
AC_PREREQ(2.57)
dnl We don't know the version number "statically" so we use a dash here
-AC_INIT([curl], [-], [a suitable curl mailing list: http://curl.haxx.se/mail/])
+AC_INIT([curl], [-], [a suitable curl mailing list: https://curl.haxx.se/mail/])
XC_OVR_ZZ50
XC_OVR_ZZ60
CURL_OVERRIDE_AUTOCONF
dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2014 Daniel Stenberg, <daniel@haxx.se>
+AC_COPYRIGHT([Copyright (c) 1998 - 2016 Daniel Stenberg, <daniel@haxx.se>
This configure script may be copied, distributed and modified under the
terms of the curl license; see COPYING for more details])
AC_CONFIG_HEADERS(lib/curl_config.h include/curl/curlbuild.h)
AC_CONFIG_MACRO_DIR([m4])
AM_MAINTAINER_MODE
+m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
CURL_CHECK_OPTION_DEBUG
CURL_CHECK_OPTION_OPTIMIZE
CURL_CHECK_OPTION_CURLDEBUG
CURL_CHECK_OPTION_SYMBOL_HIDING
CURL_CHECK_OPTION_ARES
+CURL_CHECK_OPTION_RT
XC_CHECK_PATH_SEPARATOR
dnl
dnl initialize all the info variables
- curl_ssl_msg="no (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls,winssl,darwinssl} )"
+ curl_ssl_msg="no (--with-{ssl,gnutls,nss,polarssl,mbedtls,cyassl,axtls,winssl,darwinssl} )"
curl_ssh_msg="no (--with-libssh2)"
curl_zlib_msg="no (--with-zlib)"
curl_gss_msg="no (--with-gssapi)"
curl_rtsp_msg="no (--enable-rtsp)"
curl_rtmp_msg="no (--with-librtmp)"
curl_mtlnk_msg="no (--with-libmetalink)"
+ curl_psl_msg="no (--with-libpsl)"
init_ssl_msg=${curl_ssl_msg}
if test "$LDAPLIBNAME" = "wldap32"; then
curl_ldap_msg="enabled (winldap)"
- AC_DEFINE(CURL_LDAP_WIN, 1, [Use Windows LDAP implementation])
+ AC_DEFINE(USE_WIN32_LDAP, 1, [Use Windows LDAP implementation])
else
curl_ldap_msg="enabled (OpenLDAP)"
if test "x$ac_cv_func_ldap_init_fd" = "xyes"; then
AC_TRY_RUN([ /* is AF_INET6 available? */
#include <sys/types.h>
+#ifdef HAVE_WINSOCK2_H
+#include <winsock2.h>
+#else
#include <sys/socket.h>
+#endif
#include <stdlib.h> /* for exit() */
main()
{
ipv6=yes,
AC_MSG_RESULT(no)
ipv6=no,
- AC_MSG_RESULT(no)
- ipv6=no
+ AC_MSG_RESULT(yes)
+ ipv6=yes
))
if test "$ipv6" = "yes"; then
AC_MSG_CHECKING([if struct sockaddr_in6 has sin6_scope_id member])
AC_TRY_COMPILE([
#include <sys/types.h>
-#include <netinet/in.h>] ,
+#ifdef HAVE_WINSOCK2_H
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#else
+#include <netinet/in.h>
+#endif] ,
struct sockaddr_in6 s; s.sin6_scope_id = 0; , have_sin6_scope_id=yes)
if test "$have_sin6_scope_id" = yes; then
AC_MSG_RESULT([yes])
fi
])
+: ${KRB5CONFIG:="$GSSAPI_ROOT/bin/krb5-config"}
+
save_CPPFLAGS="$CPPFLAGS"
AC_MSG_CHECKING([if GSS-API support is requested])
if test x"$want_gss" = xyes; then
if test -z "$GSSAPI_INCS"; then
if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
- elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
- GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
+ elif test -f "$KRB5CONFIG"; then
+ GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi`
elif test "$GSSAPI_ROOT" != "yes"; then
GSSAPI_INCS="-I$GSSAPI_ROOT/include"
fi
dnl into LIBS
gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
LIBS="$gss_libs $LIBS"
- elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
+ elif test -f "$KRB5CONFIG"; then
dnl krb5-config doesn't have --libs-only-L or similar, put everything
dnl into LIBS
- gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
+ gss_libs=`$KRB5CONFIG --libs gssapi`
LIBS="$gss_libs $LIBS"
else
case $host in
CLEANCPPFLAGS="$CPPFLAGS"
CLEANLIBS="$LIBS"
+ dnl This is for Msys/Mingw
+ case $host in
+ *-*-msys* | *-*-mingw*)
+ AC_MSG_CHECKING([for gdi32])
+ my_ac_save_LIBS=$LIBS
+ LIBS="-lgdi32 $LIBS"
+ AC_TRY_LINK([#include <windef.h>
+ #include <wingdi.h>],
+ [GdiFlush();],
+ [ dnl worked!
+ AC_MSG_RESULT([yes])],
+ [ dnl failed, restore LIBS
+ LIBS=$my_ac_save_LIBS
+ AC_MSG_RESULT(no)]
+ )
+ ;;
+ esac
+
case "$OPT_SSL" in
yes)
dnl --with-ssl (without path) used
SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
$PKGCONFIG --cflags-only-I openssl 2>/dev/null`
+ AC_SUBST(SSL_LIBS)
AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"])
AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"])
AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"])
CPPFLAGS="$CPPFLAGS $SSL_CPPFLAGS"
LDFLAGS="$LDFLAGS $SSL_LDFLAGS"
- dnl This is for Msys/Mingw
- case $host in
- *-*-msys* | *-*-mingw*)
- AC_MSG_CHECKING([for gdi32])
- my_ac_save_LIBS=$LIBS
- LIBS="-lgdi32 $LIBS"
- AC_TRY_LINK([#include <windef.h>
- #include <wingdi.h>],
- [GdiFlush();],
- [ dnl worked!
- AC_MSG_RESULT([yes])],
- [ dnl failed, restore LIBS
- LIBS=$my_ac_save_LIBS
- AC_MSG_RESULT(no)]
- )
- ;;
- esac
-
- AC_CHECK_LIB(crypto, CRYPTO_lock,[
+ AC_CHECK_LIB(crypto, HMAC_Update,[
HAVECRYPTO="yes"
LIBS="-lcrypto $LIBS"
],[
LDFLAGS="$CLEANLDFLAGS -L$LIB_OPENSSL"
CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include/openssl -I$PREFIX_OPENSSL/include"
- AC_CHECK_LIB(crypto, CRYPTO_add_lock,[
+ AC_CHECK_LIB(crypto, HMAC_Init_ex,[
HAVECRYPTO="yes"
LIBS="-lcrypto $LIBS"], [
LDFLAGS="$CLEANLDFLAGS"
if test X"$HAVECRYPTO" = X"yes"; then
+ AC_MSG_CHECKING([OpenSSL linking without -ldl])
+ saved_libs=$LIBS
+ AC_TRY_LINK(
+ [
+ #include <openssl/evp.h>
+ ],
+ [
+ SSLeay_add_all_algorithms();
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ LIBS="$saved_libs"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_CHECKING([OpenSSL linking with -ldl])
+ LIBS="-ldl $LIBS"
+ AC_TRY_LINK(
+ [
+ #include <openssl/evp.h>
+ ],
+ [
+ SSLeay_add_all_algorithms();
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ LIBS="$saved_libs -ldl"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ LIBS="$saved_libs"
+ ]
+ )
+
+ ]
+ )
+
+ fi
+
+ if test X"$HAVECRYPTO" = X"yes"; then
dnl This is only reasonable to do if crypto actually is there: check for
dnl SSL libs NOTE: it is important to do this AFTER the crypto lib
else
- dnl Have the libraries--check for SSLeay/OpenSSL headers
+ dnl Have the libraries--check for OpenSSL headers
AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
openssl/pem.h openssl/ssl.h openssl/err.h,
curl_ssl_msg="enabled (OpenSSL)"
fi
if test X"$OPENSSL_ENABLED" = X"1"; then
- AC_DEFINE(USE_SSLEAY, 1, [if SSL is enabled])
-
dnl is there a pkcs12.h header present?
AC_CHECK_HEADERS(openssl/pkcs12.h)
else
LIBS="$CLEANLIBS"
fi
- dnl USE_SSLEAY is the historical name for what configure calls
- dnl OPENSSL_ENABLED; the names should really be unified
- USE_SSLEAY="$OPENSSL_ENABLED"
- AC_SUBST(USE_SSLEAY)
if test X"$OPT_SSL" != Xoff &&
test "$OPENSSL_ENABLED" != "1"; then
AC_CHECK_FUNCS( ENGINE_load_builtin_engines )
])
- dnl these can only exist if openssl exists
- dnl yassl doesn't have SSL_get_shutdown
+ dnl These can only exist if OpenSSL exists
+ dnl Older versions of Cyassl (some time before 2.9.4) don't have
+ dnl SSL_get_shutdown (but this check won't actually detect it there
+ dnl as it's a macro that needs the header files be included)
AC_CHECK_FUNCS( RAND_status \
RAND_screen \
SSL_get_shutdown \
SSLv2_client_method )
- dnl Make an attempt to detect if this is actually yassl's headers and
- dnl OpenSSL emulation layer. We still leave everything else believing
- dnl and acting like OpenSSL.
+ AC_MSG_CHECKING([for BoringSSL])
+ AC_COMPILE_IFELSE([
+ AC_LANG_PROGRAM([[
+ #include <openssl/base.h>
+ ]],[[
+ #ifndef OPENSSL_IS_BORINGSSL
+ #error not boringssl
+ #endif
+ ]])
+ ],[
+ AC_MSG_RESULT([yes])
+ AC_DEFINE_UNQUOTED(HAVE_BORINGSSL, 1,
+ [Define to 1 if using BoringSSL.])
+ curl_ssl_msg="enabled (BoringSSL)"
+ ],[
+ AC_MSG_RESULT([no])
+ ])
- AC_MSG_CHECKING([for yaSSL using OpenSSL compatibility mode])
+ AC_MSG_CHECKING([for libressl])
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
-#include <openssl/ssl.h>
+#include <openssl/opensslv.h>
]],[[
-#if defined(YASSL_VERSION) && defined(OPENSSL_VERSION_NUMBER)
- int dummy = SSL_ERROR_NONE;
-#else
- Not the yaSSL OpenSSL compatibility header.
-#endif
+ int dummy = LIBRESSL_VERSION_NUMBER;
]])
],[
AC_MSG_RESULT([yes])
- AC_DEFINE_UNQUOTED(USE_YASSLEMUL, 1,
- [Define to 1 if using yaSSL in OpenSSL compatibility mode.])
- curl_ssl_msg="enabled (OpenSSL emulation by yaSSL)"
+ AC_DEFINE_UNQUOTED(HAVE_LIBRESSL, 1,
+ [Define to 1 if using libressl.])
+ curl_ssl_msg="enabled (libressl)"
],[
AC_MSG_RESULT([no])
])
if test "$OPENSSL_ENABLED" = "1"; then
AC_CHECK_LIB(crypto, SRP_Calc_client_key,
[
- AC_DEFINE(HAVE_SSLEAY_SRP, 1, [if you have the function SRP_Calc_client_key])
- AC_SUBST(HAVE_SSLEAY_SRP, [1])
+ AC_DEFINE(HAVE_OPENSSL_SRP, 1, [if you have the function SRP_Calc_client_key])
+ AC_SUBST(HAVE_OPENSSL_SRP, [1])
])
fi
AC_MSG_NOTICE([Added $gtlslib to LD_LIBRARY_PATH])
fi
fi
+ AC_CHECK_FUNCS(gnutls_certificate_set_x509_key_file2)
fi
fi
fi
dnl ----------------------------------------------------
+dnl check for mbedTLS
+dnl ----------------------------------------------------
+
+OPT_MBEDTLS=no
+
+_cppflags=$CPPFLAGS
+_ldflags=$LDFLAGS
+AC_ARG_WITH(mbedtls,dnl
+AC_HELP_STRING([--with-mbedtls=PATH],[where to look for mbedTLS, PATH points to the installation root])
+AC_HELP_STRING([--without-mbedtls], [disable mbedTLS detection]),
+ OPT_MBEDTLS=$withval)
+
+if test "$curl_ssl_msg" = "$init_ssl_msg"; then
+
+ if test X"$OPT_MBEDTLS" != Xno; then
+
+ if test "$OPT_MBEDTLS" = "yes"; then
+ OPT_MBEDTLS=""
+ fi
+
+ if test -z "$OPT_MBEDTLS" ; then
+ dnl check for lib first without setting any new path
+
+ AC_CHECK_LIB(mbedtls, mbedtls_havege_init,
+ dnl libmbedtls found, set the variable
+ [
+ AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled])
+ AC_SUBST(USE_MBEDTLS, [1])
+ MBEDTLS_ENABLED=1
+ USE_MBEDTLS="yes"
+ curl_ssl_msg="enabled (mbedTLS)"
+ ], [], -lmbedx509 -lmbedcrypto)
+ fi
+
+ addld=""
+ addlib=""
+ addcflags=""
+ mbedtlslib=""
+
+ if test "x$USE_MBEDTLS" != "xyes"; then
+ dnl add the path and test again
+ addld=-L$OPT_MBEDTLS/lib$libsuff
+ addcflags=-I$OPT_MBEDTLS/include
+ mbedtlslib=$OPT_MBEDTLS/lib$libsuff
+
+ LDFLAGS="$LDFLAGS $addld"
+ if test "$addcflags" != "-I/usr/include"; then
+ CPPFLAGS="$CPPFLAGS $addcflags"
+ fi
+
+ AC_CHECK_LIB(mbedtls, mbedtls_ssl_init,
+ [
+ AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled])
+ AC_SUBST(USE_MBEDTLS, [1])
+ MBEDTLS_ENABLED=1
+ USE_MBEDTLS="yes"
+ curl_ssl_msg="enabled (mbedTLS)"
+ ],
+ [
+ CPPFLAGS=$_cppflags
+ LDFLAGS=$_ldflags
+ ], -lmbedx509 -lmbedcrypto)
+ fi
+
+ if test "x$USE_MBEDTLS" = "xyes"; then
+ AC_MSG_NOTICE([detected mbedTLS])
+
+ LIBS="-lmbedtls -lmbedx509 -lmbedcrypto $LIBS"
+
+ if test -n "$mbedtlslib"; then
+ dnl when shared libs were found in a path that the run-time
+ dnl linker doesn't search through, we need to add it to
+ dnl LD_LIBRARY_PATH to prevent further configure tests to fail
+ dnl due to this
+ if test "x$cross_compiling" != "xyes"; then
+ LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$mbedtlslib"
+ export LD_LIBRARY_PATH
+ AC_MSG_NOTICE([Added $mbedtlslib to LD_LIBRARY_PATH])
+ fi
+ fi
+ fi
+
+ fi dnl mbedTLS not disabled
+
+fi
+
+dnl ----------------------------------------------------
dnl check for CyaSSL
dnl ----------------------------------------------------
OPT_CYASSL=""
fi
+ dnl This should be reworked to use pkg-config instead
+
+ cyassllibname=cyassl
+
if test -z "$OPT_CYASSL" ; then
dnl check for lib in system default first
[
CPPFLAGS=$_cppflags
LDFLAGS=$_ldflags
+ cyassllib=""
+ ])
+ fi
+
+ addld=""
+ addlib=""
+ addcflags=""
+
+ if test "x$USE_CYASSL" != "xyes"; then
+ dnl libcyassl renamed to libwolfssl as of 3.4.0
+ addld=-L$OPT_CYASSL/lib$libsuff
+ addcflags=-I$OPT_CYASSL/include
+ cyassllib=$OPT_CYASSL/lib$libsuff
+
+ LDFLAGS="$LDFLAGS $addld"
+ if test "$addcflags" != "-I/usr/include"; then
+ CPPFLAGS="$CPPFLAGS $addcflags"
+ fi
+
+ cyassllibname=wolfssl
+ my_ac_save_LIBS="$LIBS"
+ LIBS="-l$cyassllibname -lm $LIBS"
+
+ AC_MSG_CHECKING([for CyaSSL_Init in -lwolfssl])
+ AC_LINK_IFELSE([
+ AC_LANG_PROGRAM([[
+/* These aren't needed for detection and confuse WolfSSL.
+ They are set up properly later if it is detected. */
+#undef SIZEOF_LONG
+#undef SIZEOF_LONG_LONG
+#include <cyassl/ssl.h>
+ ]],[[
+ return CyaSSL_Init();
+ ]])
+ ],[
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(USE_CYASSL, 1, [if CyaSSL/WolfSSL is enabled])
+ AC_SUBST(USE_CYASSL, [1])
+ CYASSL_ENABLED=1
+ USE_CYASSL="yes"
+ curl_ssl_msg="enabled (WolfSSL)"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ CPPFLAGS=$_cppflags
+ LDFLAGS=$_ldflags
+ cyassllib=""
])
+ LIBS="$my_ac_save_LIBS"
fi
if test "x$USE_CYASSL" = "xyes"; then
- AC_MSG_NOTICE([detected CyaSSL])
+ AC_MSG_NOTICE([detected $cyassllibname])
dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
AC_CHECK_SIZEOF(long long)
+ dnl Versions since at least 2.6.0 may have options.h
+ AC_CHECK_HEADERS(cyassl/options.h)
+
dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
AC_CHECK_HEADERS(cyassl/error-ssl.h)
- LIBS="-lcyassl -lm $LIBS"
+ LIBS="-l$cyassllibname -lm $LIBS"
+
+ if test "x$cyassllibname" = "xwolfssl"; then
+ dnl Recent WolfSSL versions build without SSLv3 by default
+ dnl WolfSSL needs configure --enable-opensslextra to have *get_peer*
+ AC_CHECK_FUNCS(wolfSSLv3_client_method \
+ wolfSSL_get_peer_certificate)
+ else
+ dnl Cyassl needs configure --enable-opensslextra to have *get_peer*
+ AC_CHECK_FUNCS(CyaSSL_get_peer_certificate)
+ fi
if test -n "$cyassllib"; then
dnl when shared libs were found in a path that the run-time
fi
fi
else
- # Without pkg-config, we'll kludge in some defaults
- addlib="-L$OPT_NSS/lib -lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl"
- addcflags="-I$OPT_NSS/include"
- version="unknown"
- nssprefix=$OPT_NSS
+ NSS_PCDIR="$OPT_NSS/lib/pkgconfig"
+ if test -f "$NSS_PCDIR/nss.pc"; then
+ CURL_CHECK_PKGCONFIG(nss, [$NSS_PCDIR])
+ if test "$PKGCONFIG" != "no" ; then
+ addld=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-L nss`
+ addlib=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --libs-only-l nss`
+ addcflags=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --cflags nss`
+ version=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --modversion nss`
+ nssprefix=`CURL_EXPORT_PCDIR([$NSS_PCDIR]) $PKGCONFIG --variable=prefix nss`
+ fi
+ fi
fi
- if test -n "$addlib"; then
+ if test -z "$addlib"; then
+ # Without pkg-config, we'll kludge in some defaults
+ AC_MSG_WARN([Using hard-wired libraries and compilation flags for NSS.])
+ addld="-L$OPT_NSS/lib"
+ addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+ addcflags="-I$OPT_NSS/include"
+ version="unknown"
+ nssprefix=$OPT_NSS
+ fi
- CLEANLIBS="$LIBS"
- CLEANCPPFLAGS="$CPPFLAGS"
+ CLEANLDFLAGS="$LDFLAGS"
+ CLEANLIBS="$LIBS"
+ CLEANCPPFLAGS="$CPPFLAGS"
- LIBS="$addlib $LIBS"
- if test "$addcflags" != "-I/usr/include"; then
- CPPFLAGS="$CPPFLAGS $addcflags"
- fi
+ LDFLAGS="$addld $LDFLAGS"
+ LIBS="$addlib $LIBS"
+ if test "$addcflags" != "-I/usr/include"; then
+ CPPFLAGS="$CPPFLAGS $addcflags"
+ fi
- dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
- AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
- [
- AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
- AC_SUBST(USE_NSS, [1])
- USE_NSS="yes"
- NSS_ENABLED=1
- curl_ssl_msg="enabled (NSS)"
- ],
- [
- LIBS="$CLEANLIBS"
- CPPFLAGS="$CLEANCPPFLAGS"
- ])
+ dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
+ AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
+ [
+ AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
+ AC_SUBST(USE_NSS, [1])
+ USE_NSS="yes"
+ NSS_ENABLED=1
+ curl_ssl_msg="enabled (NSS)"
+ ],
+ [
+ LDFLAGS="$CLEANLDFLAGS"
+ LIBS="$CLEANLIBS"
+ CPPFLAGS="$CLEANCPPFLAGS"
+ ])
- if test "x$USE_NSS" = "xyes"; then
- AC_MSG_NOTICE([detected NSS version $version])
+ if test "x$USE_NSS" = "xyes"; then
+ AC_MSG_NOTICE([detected NSS version $version])
- dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
- NSS_LIBS=$addlib
- AC_SUBST([NSS_LIBS])
+ dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
+ NSS_LIBS=$addlib
+ AC_SUBST([NSS_LIBS])
- dnl when shared libs were found in a path that the run-time
- dnl linker doesn't search through, we need to add it to
- dnl LD_LIBRARY_PATH to prevent further configure tests to fail
- dnl due to this
- if test "x$cross_compiling" != "xyes"; then
- LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
- export LD_LIBRARY_PATH
- AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
- fi
+ dnl when shared libs were found in a path that the run-time
+ dnl linker doesn't search through, we need to add it to
+ dnl LD_LIBRARY_PATH to prevent further configure tests to fail
+ dnl due to this
+ if test "x$cross_compiling" != "xyes"; then
+ LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
+ export LD_LIBRARY_PATH
+ AC_MSG_NOTICE([Added $nssprefix/lib$libsuff to LD_LIBRARY_PATH])
fi
- fi
+ fi dnl NSS found
fi dnl NSS not disabled
fi
fi
-if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$AXTLS_ENABLED$CYASSL_ENABLED$WINSSL_ENABLED$DARWINSSL_ENABLED" = "x"; then
+if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$MBEDTLS_ENABLED$AXTLS_ENABLED$CYASSL_ENABLED$WINSSL_ENABLED$DARWINSSL_ENABLED" = "x"; then
AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with-axtls, --with-winssl, or --with-darwinssl to address this.])
else
CURL_CHECK_CA_BUNDLE
dnl **********************************************************************
+dnl Check for libpsl
+dnl **********************************************************************
+
+AC_ARG_WITH(libpsl,
+ AS_HELP_STRING([--without-libpsl],
+ [disable support for libpsl cookie checking]),
+ with_libpsl=$withval,
+ with_libpsl=yes)
+if test $with_libpsl != "no"; then
+ AC_SEARCH_LIBS(psl_builtin, psl,
+ [curl_psl_msg="yes";
+ AC_DEFINE([USE_LIBPSL], [1], [PSL support enabled])
+ ],
+ [curl_psl_msg="no (libpsl not found)";
+ AC_MSG_WARN([libpsl was not found])
+ ]
+ )
+fi
+AM_CONDITIONAL([USE_LIBPSL], [test "$curl_psl_msg" = "yes"])
+
+dnl **********************************************************************
dnl Check for libmetalink
dnl **********************************************************************
CPPFLAGS="$CPPFLAGS $CPP_H2"
LIBS="$LIB_H2 $LIBS"
- AC_CHECK_LIB(nghttp2, nghttp2_session_callbacks_set_send_callback,
+ # use nghttp2_option_set_no_recv_client_magic to require nghttp2
+ # >= 1.0.0
+ AC_CHECK_LIB(nghttp2, nghttp2_option_set_no_recv_client_magic,
[
AC_CHECK_HEADERS(nghttp2/nghttp2.h,
curl_h2_msg="enabled (nghttp2)"
fi
dnl **********************************************************************
+dnl Check for zsh completion path
+dnl **********************************************************************
+
+OPT_ZSH_FPATH=default
+AC_ARG_WITH(zsh-functions-dir,
+AC_HELP_STRING([--with-zsh-functions-dir=PATH],[Install zsh completions to PATH])
+AC_HELP_STRING([--without-zsh-functions-dir],[Do not install zsh completions]),
+ [OPT_ZSH_FPATH=$withval])
+case "$OPT_ZSH_FPATH" in
+ no)
+ dnl --without-zsh-functions-dir option used
+ ;;
+ default|yes)
+ dnl --with-zsh-functions-dir option used without path
+ ZSH_FUNCTIONS_DIR="$datarootdir/zsh/site-functions"
+ AC_SUBST(ZSH_FUNCTIONS_DIR)
+ ;;
+ *)
+ dnl --with-zsh-functions-dir option used with path
+ ZSH_FUNCTIONS_DIR="$withval"
+ AC_SUBST(ZSH_FUNCTIONS_DIR)
+ ;;
+esac
+
+dnl **********************************************************************
dnl Back to "normal" configuring
dnl **********************************************************************
[Options --enable-threaded-resolver and --enable-ares are mutually exclusive])
fi
-if test "$want_thres" = "yes"; then
+if test "$want_thres" = "yes" && test "$dontwant_rt" = "no"; then
AC_CHECK_HEADER(pthread.h,
[ AC_DEFINE(HAVE_PTHREAD_H, 1, [if you have <pthread.h>])
save_CFLAGS="$CFLAGS"
want_tls_srp=yes
)
-if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_SSLEAY_SRP" = "x1") ; then
+if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_OPENSSL_SRP" = "x1") ; then
AC_DEFINE(USE_TLS_SRP, 1, [Use TLS-SRP authentication])
USE_TLS_SRP=1
curl_tls_srp_msg="enabled"
dnl since it is more cross-compile friendly than curl-config
dnl
-if test "x$USE_SSLEAY" = "x1"; then
+if test "x$OPENSSL_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
elif test -n "$SSL_ENABLED"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
SUPPORT_FEATURES="$SUPPORT_FEATURES GSS-API"
fi
+if test "x$curl_psl_msg" = "xyes"; then
+ SUPPORT_FEATURES="$SUPPORT_FEATURES PSL"
+fi
+
if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
\( "x$HAVE_GSSAPI" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \); then
SUPPORT_FEATURES="$SUPPORT_FEATURES SPNEGO"
fi
if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
- if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+ if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
-o "x$DARWINSSL_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
fi
if test "x$CURL_DISABLE_SMB" != "x1" \
-a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \
- -a \( "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+ -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
-o "x$DARWINSSL_ENABLED" = "x1" \); then
SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB"
--libcurl option: ${curl_libcurl_msg}
Verbose errors: ${curl_verbose_msg}
SSPI support: ${curl_sspi_msg}
- ca cert bundle: ${ca}
- ca cert path: ${capath}
+ ca cert bundle: ${ca}${ca_warning}
+ ca cert path: ${capath}${capath_warning}
+ ca fallback: ${with_ca_fallback}
LDAP support: ${curl_ldap_msg}
LDAPS support: ${curl_ldaps_msg}
RTSP support: ${curl_rtsp_msg}
RTMP support: ${curl_rtmp_msg}
metalink support: ${curl_mtlnk_msg}
+ PSL support: ${curl_psl_msg}
HTTP2 support: ${curl_h2_msg}
Protocols: ${SUPPORT_PROTOCOLS}
])