Mercurial > hg > xemacs-beta

diff configure.ac @ 5887:6eca500211f4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Prototype for X509_check_host() has changed, detect this in configure.ac ChangeLog addition: 2015-04-09 Aidan Kehoe <kehoea@parhasard.net> * configure.ac: If X509_check_host() is available, check the number of arguments it takes. Don't use it if it takes any number of arguments other than five. Also don't use it if <openssl/x509v3.h> does not declare it, since if that is so there is no portable way to tell how many arguments it should take, and so we would end up smashing the stack. * configure: Regenerate. src/ChangeLog addition: 2015-04-09 Aidan Kehoe <kehoea@parhasard.net> * tls.c: #include <openssl/x509v3.h> for its prototype for X509_check_host(). * tls.c (tls_open): Pass the new fifth argument to X509_check_host().
author Aidan Kehoe <kehoea@parhasard.net>
date Thu, 09 Apr 2015 14:27:02 +0100
parents abe88cd200c9
children b2709239b1f6
line wrap: on
line diff
--- a/configure.ac	Wed Apr 08 21:03:18 2015 +0100
+++ b/configure.ac	Thu Apr 09 14:27:02 2015 +0100
@@ -5439,7 +5439,27 @@
     if test "$?" = 0; then
       XE_APPEND("$openssl_libs", LIBS)
     fi
-    AC_CHECK_FUNC(X509_check_host, [AC_DEFINE(HAVE_X509_CHECK_HOST)])
+    dnl Check whether X509_check_host can be linked in.
+    AC_CHECK_FUNC(X509_check_host,
+        AC_COMPILE_IFELSE(
+            dnl It can; check that its declaration is compatible with five
+            dnl arguments. An early version of the function took only four.
+            [AC_LANG_PROGRAM([#include <openssl/x509v3.h>],
+                 [return X509_check_host ((void *) 0,
+                                          (const char *) 0, 0, 0, 
+                                          (void *) 0); ])],
+            dnl Now check that it is *not* compatible with just one argument,
+            dnl as would be the case if no declaration was in the header, and
+            dnl the header was old, compared to the DLL. This sort of version
+            dnl sanity-checking is particularly necessary with OpenSSL. E.g. on
+            dnl OS X there has always been an installed system version of it,
+            dnl but pkg-config, above, will pick up the MacPorts version.
+            [ AC_MSG_CHECKING(that X509_check_host is declared)
+              AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <openssl/x509v3.h>],
+                                               [return X509_check_host (-1);])],
+                                AC_MSG_RESULT(no),
+                                [AC_MSG_RESULT(yes)
+                                 AC_DEFINE(HAVE_X509_CHECK_HOST)])]))
   else
     with_tls=no
   fi