From b3a54f7c2d686dbec049d3788f5096c01360c5c4 Mon Sep 17 00:00:00 2001
From: pixdamix <pixdamix@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358>
Date: Tue, 03 Nov 2009 04:27:03 -0500
Subject: Make `curl' an instance variable and ssl support

This patch adds several new options

  - option ssl_ca_path /path/to/dir
     Tells curl to use the specified certificate directory to verify the
     peer. The certificates must be in PEM format, and the directory
     must have been processed using the c_rehash utility supplied with
     openssl.

  - option ssl_ca_file
     Tells curl to use the specified certificate file to verify the
     peer. The file may contain multiple CA certificates

  - option ssl_key_type
     Tells curl the Private key file type. Specify which type your
     ssl_key provided private key is. PEM (default), DER and ENG
     (see option ssl_engine) are recognized types.

  - option ssl_cert_type
     Tells curl what certificate type the provided certificate is in.
     PEM (default), DER and ENG (see option ssl_engine) are recognized
     types.

  - option ssl_key & option ssl_cert
     Tells curl to use the specified certificate file and private key
     when getting a file with HTTPS

  - option ssl_key_passwd
     Passphrase for the private key

  - option ssl_engine
     Select the OpenSSL crypto engine to use for cipher operations.

  - option ssl_dont_verify_peer
     This option explicitly allows curl to perform "insecure" SSL
     connections and transfers. All SSL connections are attempted to be
     made secure by using the CA certificate. This makes all connections
     considered "insecure" fail unless ssl_dont_verify_peer is used.

git-svn-id: http://opkg.googlecode.com/svn/trunk@251 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
---
(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index 579a105..95233b5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -15,6 +15,9 @@ for top_builddir in . .. ../.. $ac_auxdir $ac_auxdir/..; do
   test -f $top_builddir/configure && break
 done
 
+# large file support can be useful for gpgme
+AC_SYS_LARGEFILE
+
 
 # Checks for programs
 AC_PROG_AWK
@@ -55,8 +58,44 @@ AC_ARG_ENABLE(openssl,
     [want_openssl="$enableval"], [want_openssl="no"])
 
 if test "x$want_openssl" = "xyes"; then
-  PKG_CHECK_MODULES(OPENSSL, openssl)
   AC_DEFINE(HAVE_OPENSSL, 1, [Define if you want OpenSSL support])
+  NEED_SSL_LIBS="yes"
+fi
+
+# check for libssl-curl
+AC_ARG_ENABLE(ssl-curl,
+              AC_HELP_STRING([--enable-ssl-curl], [Enable certificate authentication with curl
+                              [[default="$default_sslcurl"]] ]),
+                              [want_sslcurl="$enableval"], [want_sslcurl="yes"])
+
+if test "x$want_curl" = "xyes" -a "x$want_sslcurl" = "xyes"; then
+  AC_DEFINE(HAVE_CURL, 1, [Define if you want CURL support])
+  AC_DEFINE(HAVE_SSLCURL, 1, [Define if you want certificate authentication with curl])
+  NEED_SSL_LIBS="yes"
+fi
+
+if test "x$NEED_SSL_LIBS" = "xyes"; then
+  AC_MSG_CHECKING([if openssl is available])
+
+  PKG_CHECK_MODULES(OPENSSL, openssl, [:], [:])
+  if test "x$OPENSSL_LIBS" != "x"; then
+          AC_MSG_RESULT(yes)
+  else
+          OPENSSL_LIBS="-lcrypto -lssl"
+          dnl If pkg-config fails, run compile/link test.
+          AC_TRY_LINK([
+#include <openssl/opensslv.h>
+], [
+return OPENSSL_VERSION_NUMBER; ],
+          [
+            AC_MSG_RESULT(yes)
+
+          ], [
+            AC_MSG_RESULT(no)
+            AC_MSG_ERROR(OpenSSL not found)
+          ])
+  fi
+  AC_SUBST(OPENSSL_LIBS)
 fi
 
 
--
cgit v0.9.1