Re: [PATCH] configure.ac: Use pkg-config to determine engines directory

Fredrik Ternerot
 

On Tue, Jan 22, 2019 at 4:19 PM James Bottomley
<James.Bottomley@...> wrote:

On Tue, 2019-01-22 at 15:12 +0100, Fredrik Ternerot wrote:
Use pkg-config to determine engines directory based on libcrypto.pc.
Previously the directory was determined by compiling and executing a
test program which caused problem when cross compiling.

Signed-off-by: Fredrik Ternerot <fredrikt@...>
---
configure.ac | 15 +--------------
1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/configure.ac b/configure.ac
index 3c4127d..a2ff6e4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -52,20 +52,7 @@ AC_ARG_WITH(openssl,
AC_SUBST(OPENSSL_LIB_DIR)
AC_SUBST(OPENSSL_INCLUDE_DIR)])

-AC_LANG(C)
-AC_LANG_CONFTEST(
- [AC_LANG_PROGRAM(
- [[#define HEADER_CRYPTLIB_H
- #include <openssl/crypto.h>
- #include <stdio.h>]],
- [[#if OPENSSL_VERSION_NUMBER < 0x10100000
- puts(ENGINESDIR);
- #else
- puts(OpenSSL_version(OPENSSL_ENGINES_DIR));
- #endif
- ]])])
-gcc $CFLAGS conftest.c -lcrypto
-enginesdir=`./a.out|sed 's/ENGINESDIR: //'`
+PKG_CHECK_VAR([enginesdir], [libcrypto], [enginesdir])
if test -z "$enginesdir" ; then
AC_MSG_FAILURE([Failed to find SSL engines directory])
fi
I'm afraid I already tried this. It doesn't work on older versions of
openSUSE because the package config bug in openssl isn't fixed there.
Would this work instead? It's what I currently have for fixing all the
engine problems (including naming). It allows you to pass in the
engines directory as --with-enginesdir=<dir>?
This is definitely in the right direction. I would however still need
to use pkg-config because I need to support building for different
openssl versions (using a common recipe in OpenEmbedded). What do you
think about adding a configure option to control whether pkg-config or
test program should be used? The default could then be test program
but would allow overriding when feasible.

Is there a way to detect if the enginesdir from pkg-config in old
openSUSE is wrong and in that case fallback to use test program? Would
it be as easy as checking if the directory exists? Then maybe we
wouldn't need any extra configure option for this.

Also, when using test program, it should probably be conditional on
NATIVE_BUILD.

Fredrik

---

From b90ea81c299282e1ab59761464bfb2a9df34ecf7 Mon Sep 17 00:00:00 2001
From: James Bottomley <James.Bottomley@...>
Date: Mon, 21 Jan 2019 12:59:06 -0800
Subject: [PATCH] Fix up engine installation

Add an additional --with-enginesdir parameter to allow for specifying
the engine directory instad of probing for it. In addition install both
engine.so and libengine.so because we don't know which one openssl
will be looking for since it depends on the openssl version.

Signed-off-by: James Bottomley <James.Bottomley@...>
---
Makefile.am | 4 ++++
configure.ac | 41 +++++++++++++++++++++++++++++++----------
2 files changed, 35 insertions(+), 10 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 7d3b645..48c6189 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,4 +23,8 @@ create_tpm2_key_CFLAGS=${DEPS_CFLAGS} -Werror
$(builddir)/%.1: $(srcdir)/%.1.in $(top_builddir)/%
$(HELP2MAN) --no-info -i $< -o $@ $(top_builddir)/$*

+# openssl from 1.1.0 looks for engine.so not libengine.so
+install-data-hook:
+ cd '$(DESTDIR)$(openssl_enginedir)' && $(LN_S) -f libtpm2@SHREXT@ tpm2@SHREXT@
+
SUBDIRS = tests
diff --git a/configure.ac b/configure.ac
index 3c4127d..5260ff4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,9 +3,10 @@
#

AC_INIT(openssl-tpm2-engine, 2.1.1, <James.Bottomley@...>)
-AM_INIT_AUTOMAKE(1.6.3)
+AM_INIT_AUTOMAKE([foreign 1.6.3])
AC_CANONICAL_HOST
AM_CONDITIONAL(NATIVE_BUILD, test "x$cross_compiling" = "xno")
+PKG_PROG_PKG_CONFIG

AM_MISSING_PROG(HELP2MAN, help2man)

@@ -28,6 +29,7 @@ fi
##
# ibmtss >= 1234 now requires TPM_POSIX be set
CFLAGS="$CFLAGS -DTPM_POSIX"
+CPPFLAGS="$CPPFLAGS -DTPM_POSIX"

#if test "${OPENSSL_LIB_DIR+set}" != set; then
# OPENSSL_LIB_DIR="/usr/local/ssl/lib"
@@ -53,26 +55,35 @@ AC_ARG_WITH(openssl,
AC_SUBST(OPENSSL_INCLUDE_DIR)])

AC_LANG(C)
-AC_LANG_CONFTEST(
- [AC_LANG_PROGRAM(
- [[#define HEADER_CRYPTLIB_H
+AC_ARG_WITH(
+ [enginesdir],
+ [AC_HELP_STRING([--with-enginesdir], [OpenSSL engines directory])],
+ [enginesdir="${withval}"],
+ [AC_LANG_CONFTEST([AC_LANG_PROGRAM(
+ [[
+ #define HEADER_CRYPTLIB_H
#include <openssl/crypto.h>
- #include <stdio.h>]],
- [[#if OPENSSL_VERSION_NUMBER < 0x10100000
+ #include <stdio.h>
+ ]],
+ [[
+ #if OPENSSL_VERSION_NUMBER < 0x10100000
puts(ENGINESDIR);
#else
puts(OpenSSL_version(OPENSSL_ENGINES_DIR));
#endif
- ]])])
-gcc $CFLAGS conftest.c -lcrypto
-enginesdir=`./a.out|sed 's/ENGINESDIR: //'`
+ ]]
+ )])
+ gcc $CFLAGS conftest.c -lcrypto
+ enginesdir=`./a.out|sed 's/ENGINESDIR: //'`
+ ]
+ )
+
if test -z "$enginesdir" ; then
AC_MSG_FAILURE([Failed to find SSL engines directory])
fi

AC_SUBST(enginesdir)

-PKG_PROG_PKG_CONFIG
PKG_CHECK_MODULES([DEPS], [libcrypto])

AC_SEARCH_LIBS([TSS_Create], [tss ibmtss], [], [
@@ -85,14 +96,24 @@ AM_PROG_CC_C_O
AC_USE_SYSTEM_EXTENSIONS
AC_SYS_LARGEFILE
AC_PROG_LIBTOOL
+AC_PROG_LN_S

AC_CHECK_HEADER([tss2/tss.h],[AC_DEFINE(TSS_INCLUDE,tss2)],
AC_CHECK_HEADER([ibmtss/tss.h],[AC_DEFINE(TSS_INCLUDE,ibmtss)],
AC_MSG_ERROR([No TSS2 include directory found])))

CFLAGS="$CFLAGS -Wall"
+SHREXT=$shrext_cmds
AC_SUBST(CFLAGS)
AC_SUBST(TSS_INCLUDE)
+AC_SUBST(SHREXT)

AC_OUTPUT([Makefile tests/Makefile])

+cat <<EOF
+
+CFLAGS: ${CFLAGS}
+openssl engines directory: ${enginesdir}
+
+EOF
+
--
2.16.4



Join openssl-tpm2-engine@groups.io to automatically receive all group messages.