httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Thorpe <ge...@geoffthorpe.net>
Subject Re: cvs commit: httpd-2.0/modules/ssl ...
Date Mon, 19 May 2003 15:31:57 GMT
Hi there,

This and the previous commit caught my attention;

On May 19, 2003 10:48 am, wrowe@apache.org wrote:
> wrowe       2003/05/19 07:48:47
>
>   Modified:    modules/ssl config.m4 mod_ssl.c mod_ssl.h
>                         ssl_engine_config.c ssl_engine_init.c
>                         ssl_toolkit_compat.h
>   Log:
>     Roll away the SSL_EXPERIMENTAL_ENGINE test in favor of testing for
> the ENGINE_init() function in config.m4, and rely on HAVE_ENGINE_INIT
> instead.
>
>   Reviewed by: Ben Laurie (concept)
>
>   Revision  Changes    Path
>   1.14      +1 -0      httpd-2.0/modules/ssl/config.m4
>
>   Index: config.m4
>   ===================================================================
>   RCS file: /home/cvs/httpd-2.0/modules/ssl/config.m4,v
>   retrieving revision 1.13
>   retrieving revision 1.14
>   diff -u -r1.13 -r1.14
>   --- config.m4	19 May 2003 14:43:20 -0000	1.13
>   +++ config.m4	19 May 2003 14:48:47 -0000	1.14
>   @@ -79,6 +79,7 @@
>        APACHE_CHECK_SSL_TOOLKIT
>        AC_CHECK_FUNCS(SSL_set_state)
>        AC_CHECK_FUNCS(SSL_set_cert_store)
>   +    AC_CHECK_FUNCS(ENGINE_init)
>    ])
>
>    dnl #  end of module specific part

The AC_CHECK_FUNCS stuff is not really useful here because of the 
overhauls made in acinclude.h (which was why they were removed in the 
first place). They actually risk to fail unnecessarily because of the 
issues with dependencies on apr - see the APACHE_CHECK_SSL_TOOLKIT 
implementation. I'd suggest that the ENGIEN test be inserted into 
APACHE_CHECK_SSL_TOOLKIT macro, and it would probably make more sense to 
test for the openssl/engine.h header rather than the ENGINE_init() 
function (eg. future versions might redefine ENGINE_init as a 
backwards-compatibility macro rather than an actual function, but that 
would fail the current autoconf test). As for APACHE_CHECK_SSL_TOOLKIT, 
I'm glancing at viewcvs as I type this and I'd suggest putting the test 
somewhere in the openssl-part of the section marked "dnl Run header and 
version checks", just before the version check. Eg. (this is not diff -u, 
it's me improvising and avoiding line-breaks ...);

<untested>
    ....
    AC_CHECK_HEADERS([openssl/opensslv.h openssl/ssl.h],....
    if test "x$ap_ssltk_type" = "x"; then
      AC_MSG_ERROR([No SSL/TLS headers were available])
    fi
    dnl so it's OpenSSL - report, then test for a good version
    echo "... SSL/TLS support configuring for OpenSSL"
+   AC_CHECK_HEADERS([openssl/engine.h],
+       [AC_DEFINE(HAVE_ENGINE)], [])
    AC_MSG_CHECKING(for OpenSSL version)
    AC_TRY_COMPILE([#include <openssl/opensslv.h>]
    ....
</untested>

Cheers,
Geoff

-- 
Geoff Thorpe
geoff@geoffthorpe.net
http://www.geoffthorpe.net/


Mime
View raw message