diff options
| author | pixdamix <pixdamix@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2009-11-03 04:27:03 (EST) |
|---|---|---|
| committer | pixdamix <pixdamix@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2009-11-03 04:27:03 (EST) |
| commit | b3a54f7c2d686dbec049d3788f5096c01360c5c4 (patch) | |
| tree | f7a52361829f8217214e0c232aa09a35be2e5a67 /configure.ac | |
| parent | 99caa6bb08baa6762a09547844277f77848b76c8 (diff) | |
Make `curl' an instance variable and ssl support
This patch adds several new options
- option ssl_ca_path /path/to/dir
Tells curl to use the specified certificate directory to verify the
peer. The certificates must be in PEM format, and the directory
must have been processed using the c_rehash utility supplied with
openssl.
- option ssl_ca_file
Tells curl to use the specified certificate file to verify the
peer. The file may contain multiple CA certificates
- option ssl_key_type
Tells curl the Private key file type. Specify which type your
ssl_key provided private key is. PEM (default), DER and ENG
(see option ssl_engine) are recognized types.
- option ssl_cert_type
Tells curl what certificate type the provided certificate is in.
PEM (default), DER and ENG (see option ssl_engine) are recognized
types.
- option ssl_key & option ssl_cert
Tells curl to use the specified certificate file and private key
when getting a file with HTTPS
- option ssl_key_passwd
Passphrase for the private key
- option ssl_engine
Select the OpenSSL crypto engine to use for cipher operations.
- option ssl_dont_verify_peer
This option explicitly allows curl to perform "insecure" SSL
connections and transfers. All SSL connections are attempted to be
made secure by using the CA certificate. This makes all connections
considered "insecure" fail unless ssl_dont_verify_peer is used.
git-svn-id: http://opkg.googlecode.com/svn/trunk@251 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 41 |
1 files changed, 40 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index 579a105..95233b5 100644 --- a/configure.ac +++ b/configure.ac @@ -15,6 +15,9 @@ for top_builddir in . .. ../.. $ac_auxdir $ac_auxdir/..; do test -f $top_builddir/configure && break done +# large file support can be useful for gpgme +AC_SYS_LARGEFILE + # Checks for programs AC_PROG_AWK @@ -55,8 +58,44 @@ AC_ARG_ENABLE(openssl, [want_openssl="$enableval"], [want_openssl="no"]) if test "x$want_openssl" = "xyes"; then - PKG_CHECK_MODULES(OPENSSL, openssl) AC_DEFINE(HAVE_OPENSSL, 1, [Define if you want OpenSSL support]) + NEED_SSL_LIBS="yes" +fi + +# check for libssl-curl +AC_ARG_ENABLE(ssl-curl, + AC_HELP_STRING([--enable-ssl-curl], [Enable certificate authentication with curl + [[default="$default_sslcurl"]] ]), + [want_sslcurl="$enableval"], [want_sslcurl="yes"]) + +if test "x$want_curl" = "xyes" -a "x$want_sslcurl" = "xyes"; then + AC_DEFINE(HAVE_CURL, 1, [Define if you want CURL support]) + AC_DEFINE(HAVE_SSLCURL, 1, [Define if you want certificate authentication with curl]) + NEED_SSL_LIBS="yes" +fi + +if test "x$NEED_SSL_LIBS" = "xyes"; then + AC_MSG_CHECKING([if openssl is available]) + + PKG_CHECK_MODULES(OPENSSL, openssl, [:], [:]) + if test "x$OPENSSL_LIBS" != "x"; then + AC_MSG_RESULT(yes) + else + OPENSSL_LIBS="-lcrypto -lssl" + dnl If pkg-config fails, run compile/link test. + AC_TRY_LINK([ +#include <openssl/opensslv.h> +], [ +return OPENSSL_VERSION_NUMBER; ], + [ + AC_MSG_RESULT(yes) + + ], [ + AC_MSG_RESULT(no) + AC_MSG_ERROR(OpenSSL not found) + ]) + fi + AC_SUBST(OPENSSL_LIBS) fi |