# OpenSSL LIBOPENSSL_CHECK_CONFIG ([DEFAULT-ACTION])
# ----------------------------------------------------------
# Derived from libssh2.m4
#
# Checks for OpenSSL library libssl. DEFAULT-ACTION is the string yes or
# no to specify whether to default to --with-openssl or --without-openssl.
# If not supplied, DEFAULT-ACTION is no.
#
# This macro #defines HAVE_OPENSSL if a required header files are
# found, and sets @OPENSSL_LDFLAGS@, @OPENSSL_CFLAGS@ and @OPENSSL_LIBS@
# to the necessary values.
#
# Users may override the detected values by doing something like:
# OPENSSL_LIBS="-lssl" OPENSSL_CFLAGS="-I/usr/myinclude" ./configure
#
# This macro is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
AC_DEFUN([LIBOPENSSL_TRY_LINK],
[
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <openssl/ssl.h>
#include <openssl/bio.h>
]], [[
/* check that both libssl and libcrypto are available */
SSL *ssl = NULL;
SSL_connect(ssl); /* a function from libssl, present in both OpenSSL 1.0.1 and 1.1.0 */
BIO_new(BIO_s_mem()); /* a function from libcrypto */
]])],[found_openssl="yes"],[])
])dnl
AC_DEFUN([LIBOPENSSL_TRY_LINK_PSK],
[
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <openssl/ssl.h>
]], [[
/* check if OPENSSL_NO_PSK is defined */
#ifdef OPENSSL_NO_PSK
# error "OPENSSL_NO_PSK is defined. PSK support will not be available."
#endif
]])],[found_openssl_with_psk="yes"],[])
])dnl
AC_DEFUN([LIBOPENSSL_ACCEPT_VERSION],
[
# Zabbix minimal supported version of OpenSSL.
# Version numbering scheme is described in /usr/include/openssl/opensslv.h.
# Is it OpenSSL 3? Test OPENSSL_VERSION_MAJOR - it is defined only in OpenSSL 3.0.
found_openssl_version=`grep OPENSSL_VERSION_MAJOR "$1" | head -n 1`
found_openssl_version=`expr "$found_openssl_version" : '^#.*define.*OPENSSL_VERSION_MAJOR.*\(3\)$'`
mt_required="$2"
if test "$found_openssl_version" = "3"; then
# OpenSSL 3.x found
accept_openssl_version="yes"
else # Is it OpenSSL 1.0.1 - 1.1.1 or LibreSSL?
# These versions use similar version numbering scheme:
# specify version number without the last byte (status). E.g., version 1.0.1 is 0x1000100f, but without the
# last byte it is 0x1000100.
minimal_openssl_version=0x1000100
test "$mt_required" = "yes" && minimal_openssl_version=0x1010000
found_openssl_version=`grep OPENSSL_VERSION_NUMBER "$1"`
found_openssl_version=`expr "$found_openssl_version" : '.*\(0x[[0-f]][[0-f]][[0-f]][[0-f]][[0-f]][[0-f]][[0-f]]\).*'`
# compare versions lexicographically
openssl_version_check=`expr $found_openssl_version \>\= $minimal_openssl_version`
if test "$openssl_version_check" = "1"; then
accept_openssl_version="yes"
else
accept_openssl_version="no"
fi;
fi;
])dnl
AC_DEFUN([LIBOPENSSL_CHECK_CONFIG],
[
AC_ARG_WITH(openssl,[
If you want to use encryption provided by OpenSSL library:
AS_HELP_STRING([--with-openssl@<:@=DIR@:>@],[use OpenSSL package @<:@default=no@:>@, DIR is the libssl and libcrypto install directory.])],
[
if test "$withval" = "no"; then
want_openssl="no"
_libopenssl_dir="no"
elif test "$withval" = "yes"; then
want_openssl="yes"