From aebc4bfde332ff50b220af6c93383fcf7e1d53d7 Mon Sep 17 00:00:00 2001 From: Patrick McDermott Date: Wed, 31 Jul 2019 02:16:37 -0400 Subject: build: Search several possible CA certificate paths --- diff --git a/configure.ac b/configure.ac index 0d82862..bdbf6d9 100644 --- a/configure.ac +++ b/configure.ac @@ -90,35 +90,49 @@ for flag in -Os -s -fno-unwind-tables -fno-asynchronous-unwind-tables \ AX_CHECK_COMPILE_FLAG([${flag}], [AX_APPEND_FLAG([${flag}])]) done -CA_CERTS='/etc/ssl/certs' AC_ARG_WITH([ca-certificates], [AS_HELP_STRING([--with-ca-certificates=PATH], [path to CA root certificates])], [ case "${withval}" in 'yes'|'') - HAVE_CA_CERTS=1 + HAVE_CA_CERTS='1' + CA_CERTS='' ;; 'no') - HAVE_CA_CERTS=0 + HAVE_CA_CERTS='0' + CA_CERTS='' ;; *) - HAVE_CA_CERTS=1 + HAVE_CA_CERTS='1' CA_CERTS="${withval}" ;; esac ], [ - AC_MSG_CHECKING([for CA root certificates]) - if test -d "${CA_CERTS}"; then - AC_MSG_RESULT([${CA_CERTS}]) - HAVE_CA_CERTS=1 - else - AC_MSG_RESULT([no]) - HAVE_CA_CERTS=0 - fi + HAVE_CA_CERTS='?' + CA_CERTS='' ] ) +if test x"${HAVE_CA_CERTS}" != x'0' && test x"${CA_CERTS}" = x''; then + AC_MSG_CHECKING([for CA root certificates]) + for d in /etc/ssl/certs /usr/lib/ssl/certs /usr/share/ssl \ + /usr/local/ssl /etc/ssl /usr/share/ca-certificates; do + if test -d "${d}"; then + AC_MSG_RESULT([${d}]) + HAVE_CA_CERTS='1' + CA_CERTS="${d}" + break + fi + done + if test x"${CA_CERTS}" = x''; then + AC_MSG_RESULT([no]) + if test x"${HAVE_CA_CERTS}" = x'1'; then + AC_MSG_ERROR([CA root certificates not found]) + fi + HAVE_CA_CERTS='0' + fi +fi AC_DEFINE_UNQUOTED([HAVE_CA_CERTS], [${HAVE_CA_CERTS}], [Define to 1 to verify certificates against installed CA root certificates.]) -- cgit v0.9.1