summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTon Voon <tonvoon@users.sourceforge.net>2004-12-07 06:51:53 +0000
committerTon Voon <tonvoon@users.sourceforge.net>2004-12-07 06:51:53 +0000
commit7d25147c1e1cadd11b6ffba18c6d6ba4bb334a7b (patch)
treee7d5f392e7a68906e3d599e0995abe06d2d5b50d
parentb5b298c725f3ed6f4de02f9c624035fa37e2f56a (diff)
downloadmonitoring-plugins-7d25147c1e1cadd11b6ffba18c6d6ba4bb334a7b.tar.gz
Better SSL checking (inspired by curl 7.12.2's configure.ac)
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1011 f882894a-f735-0410-b71e-b25c423dba1c
-rw-r--r--configure.in200
-rw-r--r--plugins/Makefile.am2
2 files changed, 139 insertions, 63 deletions
diff --git a/configure.in b/configure.in
index d409b1c4..33f3e599 100644
--- a/configure.in
+++ b/configure.in
@@ -255,26 +255,144 @@ CPPFLAGS="$_SAVEDCPPFLAGS $MYSQLINCLUDE"
255LIBS="$_SAVEDLIBS" 255LIBS="$_SAVEDLIBS"
256 256
257dnl Check for OpenSSL location 257dnl Check for OpenSSL location
258AC_PATH_PROG(OPENSSL,openssl) 258dnl This whole check is inspired by curl 7.12.2's configure.ac
259if test "$OPENSSL" = "/usr/bin/openssl"; then 259OPT_OPENSSL=off
260 OPENSSL=/usr
261elif test "$OPENSSL" = "/usr/sbin/openssl"; then
262 OPENSSL=/usr
263elif test "$OPENSSL" = "/opt/bin/openssl"; then
264 OPENSSL=/opt
265elif test "$OPENSSL" = "/opt/openssl/bin/openssl"; then
266 OPENSSL=/opt/openssl
267elif test "$OPENSSL" = "/usr/slocal/bin/openssl"; then
268 OPENSSL=/usr/slocal
269elif test "$OPENSSL" = "/usr/local/bin/openssl"; then
270 OPENSSL=/usr/local
271elif test "$OPENSSL" = "/usr/local/ssl/bin/openssl"; then
272 OPENSSL=/usr/local/ssl
273fi
274AC_ARG_WITH(openssl, 260AC_ARG_WITH(openssl,
275 ACX_HELP_STRING([--with-openssl=DIR], 261AC_HELP_STRING([--with-openssl=DIR], [sets path to openssl installation])
276 [sets path to openssl installation]), 262AC_HELP_STRING([--without-openssl], [disable openssl]),
277 OPENSSL=$withval,) 263OPT_OPENSSL=$withval)
264
265if test X"$OPT_OPENSSL" = "Xno"; then
266 AC_MSG_WARN([openssl disabled, you will not be able to use ssl options in some plugins])
267else
268 dnl backup the pre-ssl variables
269 CLEANLDFLAGS="$LDFLAGS"
270 CLEANCPPFLAGS="$CPPFLAGS"
271 CLEANLIBS="$LIBS"
272
273 case "$OPT_OPENSSL" in
274 yes)
275 dnl --with-openssl (without path) used
276 PKGTEST="yes"
277 ;;
278 off)
279 dnl no --with-openssl given, check default places
280 PKGTEST="yes"
281 ;;
282 *)
283 dnl use the given area
284 PKGTEST="no"
285 OPENSSL=$OPT_OPENSSL
286 LDFLAGS="$LDFLAGS -L$OPENSSL/lib"
287 CPPFLAGS="$CPPFLAGS -I$OPENSSL/include/openssl -I$OPENSSL/include"
288 ;;
289 esac
290
291 dnl Check usual areas for openssl
292 if test "$PKGTEST" = "yes"; then
293 AC_PATH_PROG(OPENSSL,openssl)
294 # Don't think 2 tests below are necessary because /usr is always included
295 # if test "$OPENSSL" = "/usr/bin/openssl"; then
296 # OPENSSL=/usr
297 #elif test "$OPENSSL" = "/usr/sbin/openssl"; then
298 # OPENSSL=/usr
299 if test "$OPENSSL" = "/opt/bin/openssl"; then
300 OPENSSL=/opt
301 elif test "$OPENSSL" = "/opt/openssl/bin/openssl"; then
302 OPENSSL=/opt/openssl
303 elif test "$OPENSSL" = "/usr/slocal/bin/openssl"; then
304 OPENSSL=/usr/slocal
305 elif test "$OPENSSL" = "/usr/local/bin/openssl"; then
306 OPENSSL=/usr/local
307 elif test "$OPENSSL" = "/usr/local/ssl/bin/openssl"; then
308 OPENSSL=/usr/local/ssl
309 fi
310 fi
311
312 AC_CHECK_LIB(crypto, CRYPTO_lock,[
313 HAVECRYPTO="yes"
314 ],[
315 LDFLAGS="$CLEANLDFLAGS -L$OPENSSL/lib"
316 CPPFLAGS="$CLEANCPPFLAGS -I$OPENSSL/include/openssl -I$OPENSSL/include"
317 AC_CHECK_LIB(crypto, CRYPTO_add_lock,[
318 HAVECRYPTO="yes" ], [
319 LDFLAGS="$CLEANLDFLAGS"
320 CPPFLAGS="$CLEANCPPFLAGS"
321 LIBS="$CLEANLIBS"
322 ])
323 ])
324
325 if test "$HAVECRYPTO" = "yes"; then
326 dnl This is only reasonable to do if crypto actually is there: check for
327 dnl SSL libs NOTE: it is important to do this AFTER the crypto lib
328
329 dnl This is for Msys/Mingw
330 AC_MSG_CHECKING([for gdi32])
331 my_ac_save_LIBS=$LIBS
332 LIBS="-lgdi32 $LIBS"
333 AC_TRY_LINK([#include <windef.h>
334 #include <wingdi.h>],
335 [GdiFlush();],
336 [ dnl worked!
337 AC_MSG_RESULT([yes])],
338 [ dnl failed, restore LIBS
339 LIBS=$my_ac_save_LIBS
340 AC_MSG_RESULT(no)]
341 )
342
343 AC_CHECK_LIB(crypto, CRYPTO_add_lock)
344 AC_CHECK_LIB(ssl, SSL_connect)
345
346 if test "$ac_cv_lib_ssl_SSL_connect" != yes; then
347 dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff
348 AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use);
349 OLIBS=$LIBS
350 LIBS="$LIBS -lRSAglue -lrsaref"
351 AC_CHECK_LIB(ssl, SSL_connect)
352 if test "$ac_cv_lib_ssl_SSL_connect" != yes; then
353 dnl still no SSL_connect
354 AC_MSG_RESULT(no)
355 LIBS=$OLIBS
356 else
357 AC_MSG_RESULT(yes)
358 fi
359 fi
360
361
362 dnl Check for SSLeay headers
363 AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
364 openssl/pem.h openssl/ssl.h openssl/err.h,
365 OPENSSL_ENABLED=1)
366
367 if test $ac_cv_header_openssl_x509_h = no; then
368 AC_CHECK_HEADERS(x509.h rsa.h crypto.h pem.h ssl.h err.h,
369 OPENSSL_ENABLED=1)
370 fi
371
372 dnl If the ENGINE library seems to be around, check for the OpenSSL engine
373 dnl header, it is kind of "separated" from the main SSL check
374 AC_CHECK_FUNC(ENGINE_init, [ AC_CHECK_HEADERS(openssl/engine.h) ])
375
376 dnl AC_SUBST(OPENSSL_ENABLED)
377
378 dnl these can only exist if openssl exists
379 AC_CHECK_FUNCS( RAND_status \
380 RAND_screen \
381 RAND_egd \
382 CRYPTO_cleanup_all_ex_data )
383
384 fi
385
386 if test X"$OPT_OPENSSL" != Xoff &&
387 test "$OPENSSL_ENABLED" != "1"; then
388 AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!])
389 elif test "$OPENSSL_ENABLED" = "1"; then
390 check_tcp_ssl="check_simap check_spop check_jabber check_nntps"
391 AC_SUBST(check_tcp_ssl)
392 AC_DEFINE(HAVE_SSL,1,[Define if SSL libraries are found])
393 with_openssl="yes"
394 fi
395fi
278 396
279AC_CHECK_HEADERS(unistd.h) 397AC_CHECK_HEADERS(unistd.h)
280 398
@@ -417,49 +535,6 @@ if test "$FOUNDINCLUDE" = "no"; then
417 CPPFLAGS="$_SAVEDCPPFLAGS" 535 CPPFLAGS="$_SAVEDCPPFLAGS"
418fi 536fi
419 537
420dnl Check for OpenSSL header files
421unset FOUNDINCLUDE
422_SAVEDCPPFLAGS="$CPPFLAGS"
423if test "$OPENSSL" != "/usr"; then
424 CPPFLAGS="$CPPFLAGS -I$OPENSSL/include"
425fi
426AC_CHECK_HEADERS(openssl/ssl.h openssl/x509.h openssl/rsa.h openssl/pem.h openssl/crypto.h openssl/err.h,
427 SSLINCLUDE="-I$OPENSSL/include"
428 FOUNDINCLUDE=yes,
429 FOUNDINCLUDE=no)
430if test "$FOUNDINCLUDE" = "no"; then
431 AC_CHECK_HEADERS(ssl.h x509.h rsa.h pem.h crypto.h err.h,
432 SSLINCLUDE="-I$OPENSSL/include"
433 FOUNDINCLUDE=yes,
434 FOUNDINCLUDE=no)
435fi
436AC_SUBST(SSLINCLUDE)
437if test "$FOUNDINCLUDE" = "no"; then
438 CPPFLAGS="$_SAVEDCPPFLAGS"
439fi
440
441dnl Check for crypto lib
442_SAVEDLIBS="$LIBS"
443AC_CHECK_LIB(crypto,CRYPTO_lock,,,-L$OPENSSL/lib)
444if test "$ac_cv_lib_crypto_CRYPTO_lock" = "yes"; then
445 dnl Check for SSL lib
446 AC_CHECK_LIB(ssl,main,LDFLAGS="$LDFLAGS -L$OPENSSL/lib" SSLLIBS="-lssl -lcrypto",AC_CHECK_LIB(ssl,main,LDFLAGS="$LDFLAGS -L$OPENSSL/lib" SSLLIBS="-lssl -lcrypto"),-L$OPENSSL/lib -lcrypto)
447fi
448LIBS="$_SAVEDLIBS"
449
450dnl test headers and libs to decide whether check_http should use SSL
451if test "$ac_cv_lib_crypto_CRYPTO_lock" = "yes"; then
452 if test "$ac_cv_lib_ssl_main" = "yes"; then
453 if test "$FOUNDINCLUDE" = "yes"; then
454 check_tcp_ssl="check_simap check_spop check_jabber check_nntps"
455 AC_SUBST(check_tcp_ssl)
456 AC_SUBST(SSLLIBS)
457 AC_DEFINE(HAVE_SSL,1,[Define if SSL libraries are found])
458 fi
459 fi
460fi
461CPPFLAGS="$_SAVEDCPPFLAGS"
462
463dnl 538dnl
464dnl Checks for header files. 539dnl Checks for header files.
465dnl 540dnl
@@ -1538,4 +1613,5 @@ ACX_FEATURE([with],[ping-command])
1538ACX_FEATURE([with],[ping6-command]) 1613ACX_FEATURE([with],[ping6-command])
1539ACX_FEATURE([with],[lwres]) 1614ACX_FEATURE([with],[lwres])
1540ACX_FEATURE([with],[ipv6]) 1615ACX_FEATURE([with],[ipv6])
1616ACX_FEATURE([with],[openssl])
1541ACX_FEATURE([enable],[emulate-getaddrinfo]) 1617ACX_FEATURE([enable],[emulate-getaddrinfo])
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index ef52baf8..eb67e458 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -3,7 +3,7 @@
3VPATH = $(top_srcdir) $(top_srcdir)/lib $(top_srcdir)/plugins $(top_srcdir)/plugins/t 3VPATH = $(top_srcdir) $(top_srcdir)/lib $(top_srcdir)/plugins $(top_srcdir)/plugins/t
4 4
5INCLUDES = -I.. -I$(top_srcdir)/lib -I$(top_srcdir)/intl \ 5INCLUDES = -I.. -I$(top_srcdir)/lib -I$(top_srcdir)/intl \
6@LDAPINCLUDE@ @PGINCLUDE@ @SSLINCLUDE@ 6@LDAPINCLUDE@ @PGINCLUDE@
7 7
8datadir = @datadir@ 8datadir = @datadir@
9localedir = $(datadir)/locale 9localedir = $(datadir)/locale