Re #2185: Darwin SSL backend
* Security framework availability will be automatically detected for Mac OS and iOS, and if found, Darwin SSL will be the default SSL backend. * OpenSSL availability will still be checked regardless of the above result, as it may be needed for DTLS. * Add configure option --disable-darwin-ssl to disable the automatic detection git-svn-id: https://svn.pjsip.org/repos/pjproject/trunk@5959 74dad513-b988-da41-8d7b-12977e46ad98
This commit is contained in:
parent
6fcec7b8eb
commit
6814d38f53
63
aconfigure
63
aconfigure
|
@ -820,6 +820,7 @@ with_ipp_samples
|
|||
with_ipp_arch
|
||||
with_ssl
|
||||
with_gnutls
|
||||
enable_darwin_ssl
|
||||
enable_ssl
|
||||
with_opencore_amrnb
|
||||
with_opencore_amr
|
||||
|
@ -1488,6 +1489,7 @@ Optional Features:
|
|||
package and samples location using IPPROOT and
|
||||
IPPSAMPLES env var or with --with-ipp and
|
||||
--with-ipp-samples options
|
||||
--disable-darwin-ssl Exclude Darwin SSL (default: autodetect)
|
||||
--disable-ssl Exclude SSL support the build (default: autodetect)
|
||||
|
||||
--disable-opencore-amr Exclude OpenCORE AMR support from the build
|
||||
|
@ -1542,12 +1544,7 @@ Optional Packages:
|
|||
--with-ipp-samples=DIR Specify the Intel IPP samples location
|
||||
--with-ipp-arch=ARCH Specify the Intel IPP ARCH suffix, e.g. "64" or
|
||||
"em64t. Default is blank for IA32"
|
||||
--with-ssl=SSL_BACKEND/DIR
|
||||
Specify alternate SSL library prefix or SSL
|
||||
native-backend. You can specify "darwin" as the
|
||||
native iOS/MacOS backend using Security framework,
|
||||
or you can specify an alternate SSL library prefix
|
||||
directory. If a directory is specified, this option
|
||||
--with-ssl=DIR Specify alternate SSL library prefix. This option
|
||||
will try to find OpenSSL first, then if not found,
|
||||
GnuTLS. To skip OpenSSL finding, use --with-gnutls
|
||||
option instead.
|
||||
|
@ -7945,18 +7942,17 @@ fi
|
|||
ac_ssl_has_aes_gcm=0
|
||||
|
||||
|
||||
# Check whether --enable-ssl was given.
|
||||
if test "${enable_ssl+set}" = set; then :
|
||||
enableval=$enable_ssl;
|
||||
if test "$enable_ssl" = "no"; then
|
||||
ac_no_ssl=1
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Checking if SSL support is disabled... yes" >&5
|
||||
$as_echo "Checking if SSL support is disabled... yes" >&6; }
|
||||
fi
|
||||
|
||||
# Check whether --enable-darwin-ssl was given.
|
||||
if test "${enable_darwin_ssl+set}" = set; then :
|
||||
enableval=$enable_darwin_ssl; if test "$enable_darwin_ssl" = "no"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Checking if Darwin SSL support is disabled... yes" >&5
|
||||
$as_echo "Checking if Darwin SSL support is disabled... yes" >&6; }
|
||||
fi
|
||||
else
|
||||
|
||||
if test "x$with_ssl" = "xdarwin"; then
|
||||
case $target in
|
||||
*darwin*)
|
||||
SAVED_LIBS="$LIBS"
|
||||
LIBS="-framework Security"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
|
@ -7982,16 +7978,30 @@ rm -f core conftest.err conftest.$ac_objext \
|
|||
$as_echo "#define PJ_SSL_SOCK_IMP PJ_SSL_SOCK_IMP_DARWIN" >>confdefs.h
|
||||
|
||||
LIBS="$LIBS -framework Security"
|
||||
ac_ssl_backend="darwin"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Checking if Security framework for Darwin SSL is available... yes" >&5
|
||||
$as_echo "Checking if Security framework for Darwin SSL is available... yes" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Checking if Security framework for Darwin SSL is available... no" >&5
|
||||
$as_echo "Checking if Security framework for Darwin SSL is available... no" >&6; }
|
||||
fi
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
if test "x$ac_ssl_backend" = "x" -a "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
|
||||
fi
|
||||
|
||||
|
||||
# Check whether --enable-ssl was given.
|
||||
if test "${enable_ssl+set}" = set; then :
|
||||
enableval=$enable_ssl;
|
||||
if test "$enable_ssl" = "no"; then
|
||||
ac_no_ssl=1
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Checking if SSL support is disabled... yes" >&5
|
||||
$as_echo "Checking if SSL support is disabled... yes" >&6; }
|
||||
fi
|
||||
|
||||
else
|
||||
|
||||
if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
|
||||
CFLAGS="$CFLAGS -I$with_ssl/include"
|
||||
CPPFLAGS="$CPPFLAGS -I$with_ssl/include"
|
||||
LDFLAGS="$LDFLAGS -L$with_ssl/lib"
|
||||
|
@ -7999,8 +8009,9 @@ $as_echo "Checking if Security framework for Darwin SSL is available... no" >&6;
|
|||
$as_echo "Using SSL prefix... $with_ssl" >&6; }
|
||||
fi
|
||||
|
||||
if test "x$ac_ssl_backend" = "x" -a "x$with_gnutls" = "xno"; then
|
||||
|
||||
if test "x$with_gnutls" = "xno"; then
|
||||
# We still need to check for OpenSSL installations even if
|
||||
# we find Darwin SSL above since DTLS requires OpenSSL.
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: checking for OpenSSL installations.." >&5
|
||||
$as_echo "checking for OpenSSL installations.." >&6; }
|
||||
|
||||
|
@ -8164,13 +8175,15 @@ $as_echo "OpenSSL has AES GCM support, SRTP will use OpenSSL" >&6; }
|
|||
$as_echo "OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos" >&6; }
|
||||
fi
|
||||
|
||||
# PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK
|
||||
#AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1)
|
||||
$as_echo "#define PJ_HAS_SSL_SOCK 1" >>confdefs.h
|
||||
if test "x$ac_ssl_backend" = "x"; then
|
||||
# PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK
|
||||
#AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1)
|
||||
$as_echo "#define PJ_HAS_SSL_SOCK 1" >>confdefs.h
|
||||
|
||||
$as_echo "#define PJ_SSL_SOCK_IMP PJ_SSL_SOCK_IMP_OPENSSL" >>confdefs.h
|
||||
$as_echo "#define PJ_SSL_SOCK_IMP PJ_SSL_SOCK_IMP_OPENSSL" >>confdefs.h
|
||||
|
||||
ac_ssl_backend="openssl"
|
||||
ac_ssl_backend="openssl"
|
||||
fi
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ** OpenSSL libraries not found **" >&5
|
||||
$as_echo "** OpenSSL libraries not found **" >&6; }
|
||||
|
|
|
@ -1541,14 +1541,10 @@ dnl #
|
|||
|
||||
dnl # SSL alt prefix
|
||||
AC_ARG_WITH(ssl,
|
||||
AS_HELP_STRING([--with-ssl=SSL_BACKEND/DIR],
|
||||
[Specify alternate SSL library prefix or SSL native-backend.
|
||||
You can specify "darwin" as the native iOS/MacOS backend
|
||||
using Security framework, or you can specify an alternate
|
||||
SSL library prefix directory. If a directory
|
||||
is specified, this option will try to find OpenSSL first,
|
||||
then if not found, GnuTLS. To skip OpenSSL finding, use
|
||||
--with-gnutls option instead.]),
|
||||
AS_HELP_STRING([--with-ssl=DIR],
|
||||
[Specify alternate SSL library prefix. This option will try
|
||||
to find OpenSSL first, then if not found, GnuTLS. To skip
|
||||
OpenSSL finding, use --with-gnutls option instead.]),
|
||||
[],
|
||||
[with_ssl=no]
|
||||
)
|
||||
|
@ -1570,6 +1566,33 @@ dnl # Include SSL support
|
|||
AC_SUBST(ac_no_ssl)
|
||||
AC_SUBST(ac_ssl_has_aes_gcm,0)
|
||||
AC_SUBST(ac_ssl_backend)
|
||||
|
||||
AC_ARG_ENABLE(darwin-ssl,
|
||||
AS_HELP_STRING([--disable-darwin-ssl],
|
||||
[Exclude Darwin SSL (default: autodetect)]),
|
||||
[if test "$enable_darwin_ssl" = "no"; then
|
||||
AC_MSG_RESULT([Checking if Darwin SSL support is disabled... yes])
|
||||
fi],
|
||||
[
|
||||
case $target in
|
||||
*darwin*)
|
||||
SAVED_LIBS="$LIBS"
|
||||
LIBS="-framework Security"
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [])],
|
||||
[ac_ssl_backend=darwin],)
|
||||
LIBS="$SAVED_LIBS"
|
||||
if test "x$ac_ssl_backend" = "xdarwin"; then
|
||||
AC_DEFINE(PJ_HAS_SSL_SOCK, 1)
|
||||
AC_DEFINE(PJ_SSL_SOCK_IMP, PJ_SSL_SOCK_IMP_DARWIN)
|
||||
LIBS="$LIBS -framework Security"
|
||||
AC_MSG_RESULT([Checking if Security framework for Darwin SSL is available... yes])
|
||||
else
|
||||
AC_MSG_RESULT([Checking if Security framework for Darwin SSL is available... no])
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
])
|
||||
|
||||
AC_ARG_ENABLE(ssl,
|
||||
AS_HELP_STRING([--disable-ssl],
|
||||
[Exclude SSL support the build (default: autodetect)])
|
||||
|
@ -1581,32 +1604,16 @@ AC_ARG_ENABLE(ssl,
|
|||
fi
|
||||
],
|
||||
[
|
||||
if test "x$with_ssl" = "xdarwin"; then
|
||||
SAVED_LIBS="$LIBS"
|
||||
LIBS="-framework Security"
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [])],
|
||||
[ac_ssl_backend=darwin],)
|
||||
LIBS="$SAVED_LIBS"
|
||||
if test "x$ac_ssl_backend" = "xdarwin"; then
|
||||
AC_DEFINE(PJ_HAS_SSL_SOCK, 1)
|
||||
AC_DEFINE(PJ_SSL_SOCK_IMP, PJ_SSL_SOCK_IMP_DARWIN)
|
||||
LIBS="$LIBS -framework Security"
|
||||
ac_ssl_backend="darwin"
|
||||
AC_MSG_RESULT([Checking if Security framework for Darwin SSL is available... yes])
|
||||
else
|
||||
AC_MSG_RESULT([Checking if Security framework for Darwin SSL is available... no])
|
||||
fi
|
||||
fi
|
||||
|
||||
if test "x$ac_ssl_backend" = "x" -a "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
|
||||
if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
|
||||
CFLAGS="$CFLAGS -I$with_ssl/include"
|
||||
CPPFLAGS="$CPPFLAGS -I$with_ssl/include"
|
||||
LDFLAGS="$LDFLAGS -L$with_ssl/lib"
|
||||
AC_MSG_RESULT([Using SSL prefix... $with_ssl])
|
||||
fi
|
||||
|
||||
if test "x$ac_ssl_backend" = "x" -a "x$with_gnutls" = "xno"; then
|
||||
|
||||
if test "x$with_gnutls" = "xno"; then
|
||||
# We still need to check for OpenSSL installations even if
|
||||
# we find Darwin SSL above since DTLS requires OpenSSL.
|
||||
AC_MSG_RESULT([checking for OpenSSL installations..])
|
||||
AC_SUBST(openssl_h_present)
|
||||
AC_SUBST(libssl_present)
|
||||
|
@ -1632,11 +1639,13 @@ AC_ARG_ENABLE(ssl,
|
|||
AC_MSG_RESULT([OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos])
|
||||
fi
|
||||
|
||||
# PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK
|
||||
#AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1)
|
||||
AC_DEFINE(PJ_HAS_SSL_SOCK, 1)
|
||||
AC_DEFINE(PJ_SSL_SOCK_IMP, PJ_SSL_SOCK_IMP_OPENSSL)
|
||||
ac_ssl_backend="openssl"
|
||||
if test "x$ac_ssl_backend" = "x"; then
|
||||
# PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK
|
||||
#AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1)
|
||||
AC_DEFINE(PJ_HAS_SSL_SOCK, 1)
|
||||
AC_DEFINE(PJ_SSL_SOCK_IMP, PJ_SSL_SOCK_IMP_OPENSSL)
|
||||
ac_ssl_backend="openssl"
|
||||
fi
|
||||
else
|
||||
AC_MSG_RESULT([** OpenSSL libraries not found **])
|
||||
fi
|
||||
|
|
Loading…
Reference in New Issue