diff mbox series

[Openvpn-devel,v3] configure: Try to use pkg-config to detect mbedTLS

Message ID 20240906160510.76387-1-frank@lichtenheld.com
State Accepted
Headers show
Series [Openvpn-devel,v3] configure: Try to use pkg-config to detect mbedTLS | expand

Commit Message

Frank Lichtenheld Sept. 6, 2024, 4:05 p.m. UTC 
mbedTLS does not seem to have pkg-config support on e.g.
Debian/Ubuntu, so we definitely need to keep the
fallback check as well.

Change-Id: I5d0da76018e874cda5dbab9202a2b817ad5e4692
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Yuriy Darnobyt <yura.uddr@gmail.com>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/671
This mail reflects revision 3 of this Change.

Acked-by according to Gerrit (reflected above):
Yuriy Darnobyt <yura.uddr@gmail.com>

Comments

Gert Doering Sept. 8, 2024, 12:24 p.m. UTC | #1 
Lightly tested on a FreeBSD (no .pc) and a Gentoo system (.pc), both
find mbedtls & build fine.

Discovered "<psa/crypto.h>" while at it... in case someone else
wonders what that is, it's part of mbedTLS but is not installed in
the normal mbedtls include path, because, why should it... (*roll eyes*).

Your patch has been applied to the master branch.

commit c829f57096cb6951aa4698eff388aeebf9310334
Author: Frank Lichtenheld
Date:   Fri Sep 6 18:05:10 2024 +0200

     configure: Try to use pkg-config to detect mbedTLS

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Yuriy Darnobyt <yura.uddr@gmail.com>
     Message-Id: <20240906160510.76387-1-frank@lichtenheld.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29090.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/configure.ac b/configure.ac
index 9ce826c..2d74021 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1000,14 +1000,21 @@ 
 
 	if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then
 		# if the user did not explicitly specify flags, try to autodetect
-		LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"
-		AC_CHECK_LIB(
-			[mbedtls],
-			[mbedtls_ssl_init],
-			[MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
-			[AC_MSG_ERROR([Could not find mbed TLS.])],
-			[${PKCS11_HELPER_LIBS}]
+		PKG_CHECK_MODULES([MBEDTLS],
+			[mbedtls >= 2.0.0 mbedx509 >= 2.0.0 mbedcrypto >= 2.0.0],
+			[have_mbedtls="yes"],
+			[LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"]
 		)
+		# mbedtls might not have pkgconfig integration, so try manually
+                if test "${have_mbedtls}" != "yes"; then
+			AC_CHECK_LIB(
+				[mbedtls],
+				[mbedtls_ssl_init],
+				[MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
+				[AC_MSG_ERROR([Could not find mbed TLS.])],
+				[${PKCS11_HELPER_LIBS}]
+			)
+		fi
 	fi
 
 	CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}"