diff options
Diffstat (limited to 'ext/openssl/extconf.rb')
-rw-r--r-- | ext/openssl/extconf.rb | 79 |
1 files changed, 13 insertions, 66 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 87138512dd..511d7b18d3 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -51,8 +51,9 @@ unless result end end -unless have_header("openssl/conf_api.h") - raise "OpenSSL 0.9.6 or later required." +unless checking_for("OpenSSL version is 0.9.8 or later") { + try_static_assert("OPENSSL_VERSION_NUMBER >= 0x00908000L", "openssl/opensslv.h") } + raise "OpenSSL 0.9.8 or later required." end unless OpenSSL.check_func("SSL_library_init()", "openssl/ssl.h") raise "Ignore OpenSSL broken by Apple.\nPlease use another openssl. (e.g. using `configure --with-openssl-dir=/path/to/openssl')" @@ -63,11 +64,6 @@ def have_func_or_macro(name, header) have_macro(name, [header]) && $defs.push("-DHAVE_#{name.upcase}") end -def have_funcish(name) - have_func(name) || - have_macro(name, [header]) && $defs.push("-DHAVE_#{name.upcase}") -end - Logging::message "=== Checking for OpenSSL features... ===\n" # OpenSSL compile options have_func("SSLv2_method") # removed in 1.1.0 @@ -75,66 +71,15 @@ have_func("SSLv3_method") have_func("TLSv1_1_method") # added in 1.0.1 have_func("TLSv1_2_method") # added in 1.0.1 have_macro("OPENSSL_FIPS", ['openssl/opensslconf.h']) && $defs.push("-DHAVE_OPENSSL_FIPS") -have_func("EC_KEY_new") && $defs.push("-DHAVE_SUPPORT_EC") -# HMAC can't be disabled -have_func("ENGINE_new") && $defs.push("-DHAVE_SUPPORT_ENGINE") - -# added in 0.9.6a-0.9.7 -have_func("OPENSSL_cleanse") -have_func("ERR_peek_last_error") -have_func("CONF_get1_default_config_file") -have_func("ASN1_put_eoc") -have_func("OBJ_NAME_do_all_sorted") -have_func("PEM_def_callback") -have_func("BN_rand_range") -have_func("BN_pseudo_rand_range") -have_func("BN_nnmod") -have_func("BN_mod_add") -have_func("BN_mod_sub") -have_func("BN_mod_sqr") -have_func("EVP_MD_CTX_init") -have_func("EVP_MD_CTX_create") -have_func("EVP_MD_CTX_destroy") -have_func("EVP_CIPHER_CTX_set_padding") -have_func("EVP_DigestInit_ex") -have_func("EVP_DigestFinal_ex") -have_func("EVP_CipherInit_ex") -have_func("EVP_CipherFinal_ex") -have_func("HMAC_Init_ex") -have_func("HMAC_CTX_init") -have_func("HMAC_CTX_cleanup") -have_func("X509_CRL_set_nextUpdate") -have_func("X509_CRL_add0_revoked") -have_func("X509_CRL_set_issuer_name") -have_func("X509_CRL_set_version") -have_func("X509_CRL_sort") -have_func("X509_REVOKED_set_serialNumber") -have_func("X509V3_set_nconf") -have_func("X509V3_EXT_nconf_nid") - -have_func("ENGINE_add") -have_func("ENGINE_get_digest") -have_func("ENGINE_get_cipher") # ENGINE_load_xx is deprecated in OpenSSL 1.1.0 and become a macro engines = %w{builtin_engines openbsd_dev_crypto dynamic 4758cca aep atalla chil cswift nuron sureware ubsec padlock capi gmp gost cryptodev aesni} engines.each { |name| have_func_or_macro("ENGINE_load_#{name}", "openssl/engine.h") } -have_header("openssl/ocsp.h") - -# added in -0.9.8 -have_func("BN_GENCB_call") && $defs.push("-DHAVE_BN_GENCB") -have_func("BN_is_prime_ex") -have_func("BN_is_prime_fasttest_ex") -have_func("BN_generate_prime_ex") +# added in 0.9.8X have_func("EVP_CIPHER_CTX_new") have_func("EVP_CIPHER_CTX_free") -have_func("DH_generate_parameters_ex") -have_func("DSA_generate_parameters_ex") -have_func("RSA_generate_key_ex") -have_func("SSL_SESSION_get_id") -have_func("SSL_CTX_set_tmp_ecdh_callback") # removed in 1.1.0 -have_func("OCSP_SINGLERESP_delete_ext") +have_func_or_macro("SSL_CTX_clear_options", "openssl/ssl.h") # added in 1.0.0 have_struct_member("CRYPTO_THREADID", "ptr", "openssl/crypto.h") # check if CRYPTO_THREADID exists @@ -152,8 +97,10 @@ have_func("SSL_CTX_set_next_proto_select_cb") have_macro("EVP_CTRL_GCM_GET_TAG", ['openssl/evp.h']) && $defs.push("-DHAVE_AUTHENTICATED_ENCRYPTION") # added in 1.0.2 +have_func("CRYPTO_memcmp") have_func("EC_curve_nist2nid") have_func("X509_STORE_CTX_get0_store") +have_func("X509_REVOKED_dup") have_func("SSL_CTX_set_alpn_select_cb") have_func_or_macro("SSL_CTX_set1_curves_list", "openssl/ssl.h") have_func_or_macro("SSL_CTX_set_ecdh_auto", "openssl/ssl.h") # removed in 1.1.0 @@ -161,6 +108,7 @@ have_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") # added in 1.1.0 have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API") +have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_OPENSSL") have_func("BN_GENCB_new") have_func("BN_GENCB_free") have_func("BN_GENCB_get_arg") @@ -178,21 +126,20 @@ have_func("X509_REVOKED_get0_revocationDate") have_func("X509_STORE_CTX_get0_untrusted") have_func("X509_STORE_CTX_get0_cert") have_func("X509_STORE_CTX_get0_chain") - -# doesn't exist on any version of OpenSSL -have_func("X509_STORE_get_ex_data") -have_func("X509_STORE_set_ex_data") - have_func("TLS_method") # renamed from SSLv23_method have_func("SSL_CTX_get_ciphers") have_func("SSL_CTX_get_security_level") +have_func("SSL_CTX_set_tmp_ecdh_callback") # removed have_func("OCSP_SINGLERESP_get0_id") have_struct_member("EVP_PKEY", "type", "openssl/evp.h") # removed - # LibreSSL support have_func("RAND_egd") # removed +# doesn't exist on any version of OpenSSL +have_func("X509_STORE_get_ex_data") +have_func("X509_STORE_set_ex_data") + Logging::message "=== Checking done. ===\n" create_header |