xref: /curl/m4/curl-gnutls.m4 (revision 26ab9027)
1#***************************************************************************
2#                                  _   _ ____  _
3#  Project                     ___| | | |  _ \| |
4#                             / __| | | | |_) | |
5#                            | (__| |_| |  _ <| |___
6#                             \___|\___/|_| \_\_____|
7#
8# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9#
10# This software is licensed as described in the file COPYING, which
11# you should have received as part of this distribution. The terms
12# are also available at https://curl.se/docs/copyright.html.
13#
14# You may opt to use, copy, modify, merge, publish, distribute and/or sell
15# copies of the Software, and permit persons to whom the Software is
16# furnished to do so, under the terms of the COPYING file.
17#
18# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19# KIND, either express or implied.
20#
21# SPDX-License-Identifier: curl
22#
23#***************************************************************************
24
25dnl ----------------------------------------------------
26dnl check for GnuTLS
27dnl ----------------------------------------------------
28
29AC_DEFUN([CURL_WITH_GNUTLS], [
30if test "x$OPT_GNUTLS" != xno; then
31  ssl_msg=
32
33  if test X"$OPT_GNUTLS" != Xno; then
34
35    addld=""
36    addlib=""
37    gtlslib=""
38    version=""
39    addcflags=""
40
41    if test "x$OPT_GNUTLS" = "xyes"; then
42      dnl this is with no particular path given
43      CURL_CHECK_PKGCONFIG(gnutls)
44
45      if test "$PKGCONFIG" != "no" ; then
46        addlib=`$PKGCONFIG --libs-only-l gnutls`
47        addld=`$PKGCONFIG --libs-only-L gnutls`
48        addcflags=`$PKGCONFIG --cflags-only-I gnutls`
49        version=`$PKGCONFIG --modversion gnutls`
50        gtlslib=`echo $addld | $SED -e 's/^-L//'`
51      else
52        dnl without pkg-config, we try libgnutls-config as that was how it
53        dnl used to be done
54        check=`libgnutls-config --version 2>/dev/null`
55        if test -n "$check"; then
56          addlib=`libgnutls-config --libs`
57          addcflags=`libgnutls-config --cflags`
58          version=`libgnutls-config --version`
59          gtlslib=`libgnutls-config --prefix`/lib$libsuff
60        fi
61      fi
62    else
63      dnl this is with a given path, first check if there's a libgnutls-config
64      dnl there and if not, make an educated guess
65      cfg=$OPT_GNUTLS/bin/libgnutls-config
66      check=`$cfg --version 2>/dev/null`
67      if test -n "$check"; then
68        addlib=`$cfg --libs`
69        addcflags=`$cfg --cflags`
70        version=`$cfg --version`
71        gtlslib=`$cfg --prefix`/lib$libsuff
72      else
73        dnl without pkg-config and libgnutls-config, we guess a lot!
74        addlib=-lgnutls
75        addld=-L$OPT_GNUTLS/lib$libsuff
76        addcflags=-I$OPT_GNUTLS/include
77        version="" # we just don't know
78        gtlslib=$OPT_GNUTLS/lib$libsuff
79      fi
80    fi
81
82    if test -z "$version"; then
83      dnl lots of efforts, still no go
84      version="unknown"
85    fi
86
87    if test -n "$addlib"; then
88
89      CLEANLIBS="$LIBS"
90      CLEANCPPFLAGS="$CPPFLAGS"
91      CLEANLDFLAGS="$LDFLAGS"
92
93      LIBS="$addlib $LIBS"
94      LDFLAGS="$LDFLAGS $addld"
95      if test "$addcflags" != "-I/usr/include"; then
96        CPPFLAGS="$CPPFLAGS $addcflags"
97      fi
98
99      dnl this function is selected since it was introduced in 3.1.10
100      AC_CHECK_LIB(gnutls, gnutls_x509_crt_get_dn2,
101        [
102        AC_DEFINE(USE_GNUTLS, 1, [if GnuTLS is enabled])
103        AC_SUBST(USE_GNUTLS, [1])
104        GNUTLS_ENABLED=1
105        USE_GNUTLS="yes"
106        ssl_msg="GnuTLS"
107        QUIC_ENABLED=yes
108        test gnutls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
109        ],
110        [
111          LIBS="$CLEANLIBS"
112          CPPFLAGS="$CLEANCPPFLAGS"
113        ])
114
115      if test "x$USE_GNUTLS" = "xyes"; then
116        AC_MSG_NOTICE([detected GnuTLS version $version])
117        check_for_ca_bundle=1
118        if test -n "$gtlslib"; then
119          dnl when shared libs were found in a path that the run-time
120          dnl linker doesn't search through, we need to add it to
121          dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
122          dnl due to this
123          if test "x$cross_compiling" != "xyes"; then
124            CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$gtlslib"
125            export CURL_LIBRARY_PATH
126            AC_MSG_NOTICE([Added $gtlslib to CURL_LIBRARY_PATH])
127          fi
128        fi
129        LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE gnutls nettle"
130      fi
131
132    fi
133
134  fi dnl GNUTLS not disabled
135
136  test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
137fi
138
139dnl ---
140dnl Check which crypto backend GnuTLS uses
141dnl ---
142
143if test "$GNUTLS_ENABLED" = "1"; then
144  USE_GNUTLS_NETTLE=
145  # First check if we can detect either crypto library via transitive linking
146  AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
147
148  # If not, try linking directly to both of them to see if they are available
149  if test "$USE_GNUTLS_NETTLE" = ""; then
150    AC_CHECK_LIB(nettle, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
151  fi
152  if test "$USE_GNUTLS_NETTLE" = ""; then
153    AC_MSG_ERROR([GnuTLS found, but nettle was not found])
154  fi
155  LIBS="-lnettle $LIBS"
156fi
157
158dnl ---
159dnl We require GnuTLS with SRP support.
160dnl ---
161if test "$GNUTLS_ENABLED" = "1"; then
162  AC_CHECK_LIB(gnutls, gnutls_srp_verifier,
163    [
164      AC_DEFINE(HAVE_GNUTLS_SRP, 1, [if you have the function gnutls_srp_verifier])
165      AC_SUBST(HAVE_GNUTLS_SRP, [1])
166    ])
167fi
168
169])
170