Mercurial > hg > xemacs-beta

changeset 5874:3ed83b4b4882

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix unintended default of TLS to OpenSSL.
author Stephen J. Turnbull <stephen@xemacs.org>
date Sat, 21 Mar 2015 00:15:17 +0900
parents 5a311f1f46aa
children 4949ccab25f1
files ChangeLog configure configure.ac
diffstat 3 files changed, 22 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Fri Mar 20 13:48:16 2015 +0000
+++ b/ChangeLog	Sat Mar 21 00:15:17 2015 +0900
@@ -2,6 +2,11 @@
 
 	* README: fix note about which Bitbucket repository to push to.
 
+2015-03-19  Stephen J. Turnbull  <stephen@xemacs.org>
+
+	* configure.ac (TLS): Prevent unintended fall-through to OpenSSL.
+	* configure: Rebuild.
+
 2015-01-10  Stephen J. Turnbull  <stephen@xemacs.org>
 
 	* configure.ac (Postgresql): Improve Installation text.
--- a/configure	Fri Mar 20 13:48:16 2015 +0000
+++ b/configure	Sat Mar 21 00:15:17 2015 +0900
@@ -21365,8 +21365,6 @@
 
 fi
 if test "$with_tls" != "no"; then
-  $as_echo "#define WITH_TLS 1" >>confdefs.h
-
   if test "$with_tls" = "gnutls"; then
     $as_echo "#define HAVE_GNUTLS 1" >>confdefs.h
 
@@ -21401,7 +21399,7 @@
     if test "$?" = 0; then
       LIBS="$LIBS "$nss_libs"" &&  if test "$verbose" = "yes"; then echo "    Appending \""$nss_libs"\" to \$LIBS"; fi
     fi
-  else
+  elif test "$with_tls" = "openssl"; then
     $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
 
     openssl_cflags=`pkg-config --cflags openssl`
@@ -21418,7 +21416,13 @@
 
 fi
 
-  fi
+  else
+    with_tls=no
+  fi
+fi
+if test "$with_tls" != "no"; then
+  $as_echo "#define WITH_TLS 1" >>confdefs.h
+
 fi
 
 if test "$cross_compiling" = yes; then :
--- a/configure.ac	Fri Mar 20 13:48:16 2015 +0000
+++ b/configure.ac	Sat Mar 21 00:15:17 2015 +0900
@@ -5380,6 +5380,9 @@
     [XE_DIE("Required openssl support cannot be provided.")])
 fi
 dnl Autodetection
+dnl Must be requested explicitly with --with-tls.
+dnl To default to autodetection, change the next three tests to
+dnl if test "$with_tls" != "no".
 if test "$with_tls" = "yes"; then
   AC_CHECK_HEADER([gnutls/gnutls.h],
     [AC_CHECK_LIB(gnutls, gnutls_global_init, [with_tls=gnutls])])
@@ -5393,7 +5396,6 @@
     [AC_CHECK_LIB(ssl, SSL_library_init, [with_tls=openssl], [with_tls=no])])
 fi
 if test "$with_tls" != "no"; then
-  AC_DEFINE(WITH_TLS)
   if test "$with_tls" = "gnutls"; then
     AC_DEFINE(HAVE_GNUTLS)
     gnutls_cflags=`pkg-config --cflags gnutls`
@@ -5418,7 +5420,7 @@
     if test "$?" = 0; then
       XE_APPEND("$nss_libs", LIBS)
     fi
-  else
+  elif test "$with_tls" = "openssl"; then
     AC_DEFINE(HAVE_OPENSSL)
     openssl_cflags=`pkg-config --cflags openssl`
     if test "$?" = 0; then
@@ -5429,8 +5431,13 @@
       XE_APPEND("$openssl_libs", LIBS)
     fi
     AC_CHECK_FUNC(X509_check_host, [AC_DEFINE(HAVE_X509_CHECK_HOST)])
+  else
+    with_tls=no
   fi
 fi
+if test "$with_tls" != "no"; then
+  AC_DEFINE(WITH_TLS)
+fi
 
 dnl Unfortunately, just because we can link doesn't mean we can run.
 dnl One of the above link tests may have succeeded but caused resulting