diff options
Diffstat (limited to 'ext/openssl/extconf.rb')
-rw-r--r-- | ext/openssl/extconf.rb | 134 |
1 files changed, 42 insertions, 92 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 39543f30..14daae97 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -19,12 +19,15 @@ dir_config("kerberos") Logging::message "=== OpenSSL for Ruby configurator ===\n" +# Add -Werror=deprecated-declarations to $warnflags if available +OpenSSL.deprecated_warning_flag + ## # Adds -DOSSL_DEBUG for compilation and some more targets when GCC is used # To turn it on, use: --with-debug or --enable-debug # if with_config("debug") or enable_config("debug") - $defs.push("-DOSSL_DEBUG") unless $defs.include? "-DOSSL_DEBUG" + $defs.push("-DOSSL_DEBUG") end Logging::message "=== Checking for system dependent stuff... ===\n" @@ -39,7 +42,6 @@ if $mingw end result = pkg_config("openssl") && have_header("openssl/ssl.h") - unless result result = have_header("openssl/ssl.h") result &&= %w[crypto libeay32].any? {|lib| have_library(lib, "OpenSSL_add_all_digests")} @@ -51,111 +53,59 @@ unless result end end -unless have_header("openssl/conf_api.h") - raise "OpenSSL 0.9.6 or later required." +result = checking_for("OpenSSL version is 0.9.8 or later") { + try_static_assert("OPENSSL_VERSION_NUMBER >= 0x00908000L", "openssl/opensslv.h") +} +unless result + raise "OpenSSL 0.9.8 or later required." end + unless OpenSSL.check_func("SSL_library_init()", "openssl/ssl.h") raise "Ignore OpenSSL broken by Apple.\nPlease use another openssl. (e.g. using `configure --with-openssl-dir=/path/to/openssl')" end Logging::message "=== Checking for OpenSSL features... ===\n" -have_func("ERR_peek_last_error") -have_func("ASN1_put_eoc") -have_func("BN_mod_add") -have_func("BN_mod_sqr") -have_func("BN_mod_sub") -have_func("BN_pseudo_rand_range") -have_func("BN_rand_range") -have_func("CONF_get1_default_config_file") -have_func("EVP_CIPHER_CTX_copy") -have_func("EVP_CIPHER_CTX_set_padding") -have_func("EVP_CipherFinal_ex") -have_func("EVP_CipherInit_ex") -have_func("EVP_DigestFinal_ex") -have_func("EVP_DigestInit_ex") -have_func("EVP_MD_CTX_cleanup") -have_func("EVP_MD_CTX_create") -have_func("EVP_MD_CTX_destroy") -have_func("EVP_MD_CTX_init") -have_func("HMAC_CTX_cleanup") -have_func("HMAC_CTX_copy") -have_func("HMAC_CTX_init") -have_func("PEM_def_callback") -have_func("PKCS5_PBKDF2_HMAC") -have_func("PKCS5_PBKDF2_HMAC_SHA1") -have_func("RAND_egd") -have_func("X509V3_set_nconf") -have_func("X509V3_EXT_nconf_nid") -have_func("X509_CRL_add0_revoked") -have_func("X509_CRL_set_issuer_name") -have_func("X509_CRL_set_version") -have_func("X509_CRL_sort") -have_func("X509_NAME_hash_old") -have_func("X509_STORE_get_ex_data") -have_func("X509_STORE_set_ex_data") -have_func("OBJ_NAME_do_all_sorted") -have_func("SSL_SESSION_get_id") -have_func("SSL_SESSION_cmp") -have_func("OPENSSL_cleanse") -unless have_macro("OPENSSL_NO_SSL2","openssl/opensslconf.h") +# compile options + +# check OPENSSL_NO_{SSL2,SSL3_METHOD} macro: on some environment, these symbols +# exist even if compiled with no-ssl2 or no-ssl3-method. +unless have_macro("OPENSSL_NO_SSL2", "openssl/opensslconf.h") have_func("SSLv2_method") - have_func("SSLv2_server_method") - have_func("SSLv2_client_method") end -unless have_macro("OPENSSL_NO_SSL3_METHOD","openssl/opensslconf.h") +unless have_macro("OPENSSL_NO_SSL3_METHOD", "openssl/opensslconf.h") have_func("SSLv3_method") - have_func("SSLv3_server_method") - have_func("SSLv3_client_method") end have_func("TLSv1_1_method") -have_func("TLSv1_1_server_method") -have_func("TLSv1_1_client_method") have_func("TLSv1_2_method") -have_func("TLSv1_2_server_method") -have_func("TLSv1_2_client_method") -have_func("SSL_CTX_set_alpn_select_cb") -have_func("SSL_CTX_set_next_proto_select_cb") -have_macro("SSL_get_server_tmp_key", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_GET_SERVER_TMP_KEY") -unless have_func("SSL_set_tlsext_host_name", ['openssl/ssl.h']) - have_macro("SSL_set_tlsext_host_name", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_SET_TLSEXT_HOST_NAME") -end -if have_header("openssl/engine.h") - have_func("ENGINE_add") - have_func("ENGINE_load_builtin_engines") - have_func("ENGINE_load_openbsd_dev_crypto") - have_func("ENGINE_get_digest") - have_func("ENGINE_get_cipher") - have_func("ENGINE_cleanup") - have_func("ENGINE_load_dynamic") - have_func("ENGINE_load_4758cca") - have_func("ENGINE_load_aep") - have_func("ENGINE_load_atalla") - have_func("ENGINE_load_chil") - have_func("ENGINE_load_cswift") - have_func("ENGINE_load_nuron") - have_func("ENGINE_load_sureware") - have_func("ENGINE_load_ubsec") - have_func("ENGINE_load_padlock") - have_func("ENGINE_load_capi") - have_func("ENGINE_load_gmp") - have_func("ENGINE_load_gost") - have_func("ENGINE_load_cryptodev") - have_func("ENGINE_load_aesni") -end -have_func("DH_generate_parameters_ex") -have_func("DSA_generate_parameters_ex") -have_func("RSA_generate_key_ex") -if checking_for('OpenSSL version is 0.9.7 or later') { - try_static_assert('OPENSSL_VERSION_NUMBER >= 0x00907000L', 'openssl/opensslv.h') - } - have_header("openssl/ocsp.h") -end +have_func("RAND_egd") +engines = %w{builtin_engines openbsd_dev_crypto dynamic 4758cca aep atalla chil + cswift nuron sureware ubsec padlock capi gmp gost cryptodev aesni} +engines.each { |name| + OpenSSL.check_func_or_macro("ENGINE_load_#{name}", "openssl/engine.h") +} + +# added in 1.0.0 +have_func("EVP_CIPHER_CTX_copy") +have_func("HMAC_CTX_copy") +have_func("PKCS5_PBKDF2_HMAC") +have_func("X509_NAME_hash_old") +have_func("SSL_SESSION_cmp") # removed +OpenSSL.check_func_or_macro("SSL_set_tlsext_host_name", "openssl/ssl.h") have_struct_member("CRYPTO_THREADID", "ptr", "openssl/crypto.h") -have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h") -have_struct_member("EVP_CIPHER_CTX", "engine", "openssl/evp.h") -have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h") + +# added in 1.0.1 +have_func("SSL_CTX_set_next_proto_select_cb") have_macro("EVP_CTRL_GCM_GET_TAG", ['openssl/evp.h']) && $defs.push("-DHAVE_AUTHENTICATED_ENCRYPTION") +# added in 1.0.2 +have_func("X509_REVOKED_dup") +have_func("SSL_CTX_set_alpn_select_cb") +OpenSSL.check_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") + +# added in 1.1.0 +have_func("X509_STORE_get_ex_data") +have_func("X509_STORE_set_ex_data") + Logging::message "=== Checking done. ===\n" create_header |