diff options
| author | Futaura <oliver@futaura.co.uk> | 2022-08-07 15:03:32 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2022-08-08 09:16:01 +0200 |
| commit | e1acfafa497333c79247a17a0378855b9de9d2c4 (patch) | |
| tree | 134dc8c45a6e39be54e49d6f6daa41af98bb0e83 /m4 | |
| parent | c7b322aac8decc38b76d1ba358bb22263d231a49 (diff) | |
| download | curl-e1acfafa497333c79247a17a0378855b9de9d2c4.tar.gz | |
amissl: make AmiSSL v5 a minimum requirement
AmiSSL v5 is the latest version, featuring a port of OpenSSL 3.0.
Support for previous OpenSSL 1.1.x versions has been dropped, so
makes sense to enforce v5 as the minimum requirement. This also
allows all the AmiSSL stub workarounds to be removed as they are
now provided in a link library in the AmiSSL SDK.
Closes #9267
Diffstat (limited to 'm4')
| -rw-r--r-- | m4/curl-amissl.m4 | 39 |
1 files changed, 32 insertions, 7 deletions
diff --git a/m4/curl-amissl.m4 b/m4/curl-amissl.m4 index df07bdb29..dfa626da9 100644 --- a/m4/curl-amissl.m4 +++ b/m4/curl-amissl.m4 @@ -23,21 +23,46 @@ #*************************************************************************** AC_DEFUN([CURL_WITH_AMISSL], [ -AC_MSG_CHECKING([whether to enable Amiga native SSL/TLS (AmiSSL)]) +AC_MSG_CHECKING([whether to enable Amiga native SSL/TLS (AmiSSL v5)]) if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then if test "x$OPT_AMISSL" != xno; then ssl_msg= - if test "x$OPT_AMISSL" != "xno"; then - AC_MSG_RESULT(yes) + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM([[ + #include <libraries/amisslmaster.h> + #include <openssl/opensslv.h> + ]],[[ + #if defined(AMISSL_CURRENT_VERSION) && (AMISSL_CURRENT_VERSION >= AMISSL_V303) && \ + defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) && \ + defined(PROTO_AMISSL_H) + return 0; + #else + #error not AmiSSL v5 / OpenSSL 3 + #endif + ]]) + ],[ + AC_MSG_RESULT([yes]) ssl_msg="AmiSSL" test amissl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes AMISSL_ENABLED=1 - LIBS="-lamisslauto $LIBS" + OPENSSL_ENABLED=1 + # Use AmiSSL's built-in ca bundle + check_for_ca_bundle=1 + with_ca_fallback=yes + LIBS="-lamisslstubs -lamisslauto $LIBS" AC_DEFINE(USE_AMISSL, 1, [if AmiSSL is in use]) AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use]) - else - AC_MSG_RESULT(no) - fi + AC_DEFINE_UNQUOTED(HAVE_OPENSSL3, 1, [Define to 1 if using OpenSSL 3 or later.]) + AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ + openssl/pem.h openssl/ssl.h openssl/err.h) + dnl OpenSSLv3 marks the DES functions deprecated but we have no + dnl replacements (yet) so tell the compiler to not warn for them + dnl + dnl Ask OpenSSL to suppress the warnings. + CPPFLAGS="$CPPFLAGS -DOPENSSL_SUPPRESS_DEPRECATED" + ],[ + AC_MSG_RESULT([no]) + ]) test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" else AC_MSG_RESULT(no) |