autotools: Try to be clearer about --with-ssl and remove cruft

Change-Id: Iaf8c8a83ead1d6671bb9cadb6add56481ed98aaa Reviewed-on: https://code.wireshark.org/review/24242 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot Reviewed-by: João Valverde <j@v6e.pt>
2017-11-01 09:23:22 +00:00 · 2017-11-01 09:23:22 +00:00 · 62f705e844
parent 711f69c807
commit 62f705e844
5 changed files with 24 additions and 68 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -1659,7 +1659,6 @@ else()
 endif()

 set(LIBEPAN_LIBS
-#		@SSL_LIBS@	# -lcrypto
 		epan
 #		$(plugin_ldadd)	# in case of static
 		${AIRPCAP_LIBRARIES}
--- a/Makefile.am
+++ b/Makefile.am
@ -418,7 +418,6 @@ EXTRALINKFLAGS = -export-dynamic
 endif

 EPAN_EXTRA_LIBS = \
-	@SSL_LIBS@			\
 	@C_ARES_LIBS@			\
 	@KRB5_LIBS@			\
 	@LIBGCRYPT_LIBS@		\
--- a/acinclude.m4
+++ b/acinclude.m4
@ -919,7 +919,7 @@ AC_DEFUN([AC_WIRESHARK_KRB5_CHECK],
 	  ac_krb5_version="$ac_heimdal_version$ac_mit_version_olddir$ac_mit_version_newdir"
 	  if test "x$ac_krb5_version" = "xHEIMDAL"
 	  then
-	      KRB5_LIBS="-L$krb5_dir/lib -lkrb5 -lasn1 $SSL_LIBS -lroken -lcrypt"
+	      KRB5_LIBS="-L$krb5_dir/lib -lkrb5 -lasn1 -lcrypto -lroken -lcrypt"
 	  else
 	      KRB5_LIBS="-L$krb5_dir/lib -lkrb5 -lk5crypto -lcom_err"
 	  fi
@ -933,33 +933,23 @@ AC_DEFUN([AC_WIRESHARK_KRB5_CHECK],
 	  then
 	    KRB5_CFLAGS=`"$KRB5_CONFIG" --cflags`
 	    KRB5_LIBS=`"$KRB5_CONFIG" --libs`
-	    #
-	    # If -lcrypto is in KRB5_FLAGS, we require it to build
-	    # with Heimdal/MIT.  We don't want to built with it by
-	    # default, due to annoying license incompatibilities
-	    # between the OpenSSL license and the GPL, so:
-	    #
-	    #	if SSL_LIBS is set to a non-empty string, we
-	    #	remove -lcrypto from KRB5_LIBS and replace
-	    #	it with SSL_LIBS;
-	    #
-	    #	if SSL_LIBS is not set to a non-empty string
-	    #	we fail with an appropriate error message.
-	    #
-	    case "$KRB5_LIBS" in
-	    *-lcrypto*)
-		if test ! -z "$SSL_LIBS"
-		then
-		    KRB5_LIBS=`echo $KRB5_LIBS | sed 's/-lcrypto//'`
-		    KRB5_LIBS="$KRB5_LIBS $SSL_LIBS"
-		else
-		    AC_MSG_ERROR([Kerberos library requires -lcrypto, so you must specify --with-ssl])
-		fi
-		;;
-	    esac
 	    ac_krb5_version=`"$KRB5_CONFIG" --version | head -n 1 | sed -e 's/^.*heimdal.*$/HEIMDAL/' -e 's/^Kerberos .*$/MIT/' -e 's/^Solaris Kerberos .*$/MIT/'`
 	  fi
 	fi
+	#
+	# If -lcrypto is in KRB5_LIBS, we require it to build
+	# with Heimdal/MIT.  We don't want to built with it by
+	# default, due to annoying license incompatibilities
+	# between the OpenSSL license and the GPL.
+	#
+	case "$KRB5_LIBS" in
+	*-lcrypto*)
+	  if test "x$with_krb5_crypto_openssl" != "xyes"
+	    then
+	      AC_MSG_ERROR([Kerberos library requires -lcrypto, so you must specify --with-krb5-crypto-openssl])
+	    fi
+	    ;;
+	esac

 	CPPFLAGS="$CPPFLAGS $KRB5_CFLAGS"

--- a/configure.ac
+++ b/configure.ac
@ -2134,39 +2134,6 @@ linux*)
 	;;
 esac

-dnl SSL Check
-SSL_LIBS=''
-AC_MSG_CHECKING(whether to use SSL library)
-
-AC_ARG_WITH(ssl,
-  AC_HELP_STRING( [--with-ssl@<:@=DIR@:>@],
-		  [use SSL crypto library (located in directory DIR, if supplied) @<:@default=no@:>@]),
-[
-if test "x$withval" = "xno";  then
-	want_ssl=no
-elif test "x$withval" = "xyes"; then
-	want_ssl=yes
-elif test -d "$withval"; then
-	want_ssl=yes
-	AC_WIRESHARK_ADD_DASH_L(WS_LDFLAGS, ${withval}/lib)
-fi
-],[
-	want_ssl=no
-])
-if test "x$want_ssl" = "xyes"; then
-	AC_MSG_RESULT(yes)
-	AC_CHECK_LIB(crypto,EVP_md5,
-	    [
-		SSL_LIBS=-lcrypto
-	    ],
-	    [
-		AC_MSG_ERROR([SSL crypto library was requested, but is not installed for development])
-	    ])
-else
-	AC_MSG_RESULT(no)
-fi
-AC_SUBST(SSL_LIBS)
-
 dnl kerberos check
 AC_MSG_CHECKING(whether to use Kerberos library)

@ -2198,6 +2165,15 @@ else
 	AC_WIRESHARK_KRB5_CHECK
 fi

+dnl
+dnl We use GnuTLS for SSL decryption but some builds of Kerberos require
+dnl linking with OpenSSL. We don't want to build with it by default due to
+dnl annoying license incompatibilities between the OpenSSL license and the GPL,
+dnl so we require an explicit option to configure.
+dnl
+AC_ARG_WITH(krb5-crypto-openssl,
+  AC_HELP_STRING( [--with-krb5-crypto-openssl],
+		  [Allow linking with OpenSSL for Kerberos crypto backend @<:@default=no@:>@]))

 dnl c-ares Check
 C_ARES_LIBS=''
@ -2936,12 +2912,6 @@ else
 	portaudio_message="no"
 fi

-if test "x$want_ssl" = "xno" ; then
-	ssl_message="no"
-else
-	ssl_message="yes"
-fi
-
 if test "x$want_krb5" = "xno" ; then
 	krb5_message="no"
 else
@ -3044,7 +3014,6 @@ echo "               Use kerberos library : $krb5_message"
 echo "                 Use c-ares library : $c_ares_message"
 echo "                Use SMI MIB library : $libsmi_message"
 echo "             Use GNU gcrypt library : yes"
-echo "             Use SSL crypto library : $ssl_message"
 echo "                 Use GnuTLS library : $tls_message"
 echo "     Use POSIX capabilities library : $libcap_message"
 echo "                  Use GeoIP library : $geoip_message"
--- a/epan/Makefile.am
+++ b/epan/Makefile.am
@ -333,7 +333,6 @@ libwireshark_la_LIBADD = \
 	@LIBSMI_LDFLAGS@	\
 	@LZ4_LIBS@		\
 	@NGHTTP2_LIBS@		\
-	@SSL_LIBS@		\
 	@SNAPPY_LIBS@		\
 	@LIBXML2_LIBS@		\
 	@GLIB_LIBS@