diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2021-11-28 16:27:51 +0100 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2021-11-28 16:27:51 +0100 |
commit | bcc521c0d5e8b11f05c0f2458330ba5537765fd0 (patch) | |
tree | fcd41f8e2eefc38cee297509583acd6c90e57775 | |
parent | abfc13cfed4534279d5ba7abcce80ceea26a7cc0 (diff) | |
download | fetchmail-bcc521c0d5e8b11f05c0f2458330ba5537765fd0.tar.gz fetchmail-bcc521c0d5e8b11f05c0f2458330ba5537765fd0.tar.bz2 fetchmail-bcc521c0d5e8b11f05c0f2458330ba5537765fd0.zip |
Further SSL configure tweaks.
-rw-r--r-- | NEWS | 6 | ||||
-rw-r--r-- | configure.ac | 25 |
2 files changed, 21 insertions, 10 deletions
@@ -102,6 +102,12 @@ fetchmail-6.4.25.rc2 (release candidate 2021-11-27, 31633 LoC): the obsolete OpenSSL flag SSL_OP_SINGLE_DH_USE. This blocks out 1.0.2e and older 1.0.2 versions. 1.0.2f was a security fix release, and 1.0.2u is publicly available from https://www.openssl.org/source/old/1.0.2/ +* Some of the configure.ac fiddling MIGHT have broken cross-compilation + again. The maintainer does not test cross-compiling fetchmail; if you + have difficulties, try setting PKG_CONFIG_LIBDIR to the pkg-config path + containing your target/host libraries, or see if --with-ssl-prefix or + --with-wolfssl-prefix, or overriding LDFLAGS/LIBS/CPPFLAGS, can help. + Feedback solicited on compliant systems that are before end-of-life. # BUG FIXES: * 6.4.24's workaround for OpenSSL 1.0.2's X509_V_FLAG_TRUSTED_FIRST flag diff --git a/configure.ac b/configure.ac index 0b40bb93..35e0cecf 100644 --- a/configure.ac +++ b/configure.ac @@ -759,7 +759,7 @@ if test "$with_wolfssl" != "no" ; then LIBS="$LIBWOLFSSL $LIBS" openssldefault=no AC_DEFINE(SSL_ENABLE, 1) - AS_MESSAGE(Enabling SSL support through wolfSSL.) + AS_MESSAGE([Enabling wolfSSL support.]) with_ssl=yes if test -z "$WOLFSSL_TRUST_FILE" ; then AC_MSG_ERROR([You must define WOLFSSL_TRUST_FILE and point it to the default CA certificate file (PEM format)]) @@ -838,13 +838,15 @@ then PKG_CHECK_MODULES([SSL],[$i],[ set -- $SSL_LIBS while test $# -ge 1 ; do - case $1 in -l*|lib*) LIBS="$LIBS $1" ;; + case $1 in -l*|lib*) : ;; *) LDFLAGS="$LDFLAGS $1" ;; esac shift done CPPFLAGS="$SSL_CFLAGS $CPPFLAGS" AC_LIB_LINKFLAGS([ssl], [crypto]) + AS_MESSAGE([From pkg-config: Adding $LIBSSL to LIBS. LDFLAGS=$LDFLAGS]) + LIBS="$LIBS $LIBSSL" found=1 break],[: ignore-error]) done @@ -852,9 +854,11 @@ then AS_MESSAGE([SSL-check: pkg-config check failed, using traditional probe in $with_ssl]) LDFLAGS="$LDFLAGS -L$with_ssl/lib" CPPFLAGS="$CPPFLAGS -I$with_ssl/include" - LIBS="$LIBS -lssl -lcrypto" + AC_LIB_LINKFLAGS([ssl], [crypto]) + AS_MESSAGE([From probing: Adding $LIBSSL to LIBS. LDFLAGS=$LDFLAGS]) + LIBS="$LIBS $LIBSSL" dnl check if -ldl is needed - AC_MSG_CHECKING([for additional library dependencies of SSL]) + AC_MSG_CHECKING([for additional library dependencies of SSL (-ldl?)]) found=0 save_LIBS="$LIBS" for i in "" "-ldl" ; do @@ -870,18 +874,19 @@ then AC_MSG_RESULT($i) fi AC_DEFINE(SSL_ENABLE, 1, [Define if you want SSL support compiled in]) - AS_MESSAGE(Enabling SSL support.) + AS_MESSAGE([Enabling OpenSSL support.]) else AC_MSG_WARN(Disabling SSL support.) AC_MSG_WARN(Consider re-running configure --with-ssl.) fi fi -if test "$cross_compiling" != yes -a "$with_ssl" != "no" -a "$with_wolfssl" = "no" -then - AC_LIB_LINKFLAGS([ssl], [crypto]) -fi -AC_MSG_NOTICE([LIBS:] "$LIBS") +AS_MESSAGE([ + CC: $CC + CPPFLAGS: $CPPFLAGS + CFLAGS: $CFLAGS + LDFLAGS: $LDFLAGS + LIBS: $LIBS]) case "$LIBS" in *-lssl*|*libssl*|*-lwolfssl*|*libwolfssl*) AC_CHECK_DECLS([LIBRESSL_VERSION_NUMBER], |