From b6254293cc57d90942ed63fcfe5b2be8076b284a Mon Sep 17 00:00:00 2001
From: Tobias Markmann <tm@ayena.de>
Date: Mon, 22 Feb 2016 13:45:35 +0100
Subject: Fix using external OpenSSL on Mac OS X

This commit changes our TLS backend configuration behavior.
It introduces the tls_backend Scons argument, which defaults
to the native backend, but can also explicitly set to
'openssl' to use a project external OpenSSL installation or
'openssl_bundled' to build and configure with the OpenSSL
source in the 3rdParty directory.

Test-Information:

Tested on OS X 10.11.3.

./scons ends up using Secure Transport.

./scons tls_backend=openssl \
	openssl_include=/usr/local/opt/openssl/include \
	openssl_libdir=/usr/local/opt/openssl/lib \
	openssl=/usr/local/opt/openssl successfully builds with
	openssl from Homebrew.

./scons tls_backend=openssl_bundled successfully builds with
	OpenSSL in 3rdParty.

Change-Id: I4fb0ef9d197609afe793554f86e54fe67fc1cab5

diff --git a/BuildTools/SCons/SConscript.boot b/BuildTools/SCons/SConscript.boot
index 3e8ab96..10b0daf 100644
--- a/BuildTools/SCons/SConscript.boot
+++ b/BuildTools/SCons/SConscript.boot
@@ -41,9 +41,9 @@ if os.name == "nt" :
 	vars.Add(PathVariable("wix_bindir", "Path to WiX binaries", "", PathVariable.PathAccept))
 if os.name == "nt" :
 	vars.Add(PackageVariable("bonjour", "Bonjour SDK location", "yes"))
+vars.Add(EnumVariable("tls_backend", "Choose the TLS backend", "native", ["native", "openssl", "openssl_bundled"]))
 vars.Add(PackageVariable("openssl", "OpenSSL location", "yes"))
 vars.Add("openssl_libnames", "Comma-separated openssl library names to override defaults", None)
-vars.Add(BoolVariable("openssl_force_bundled", "Force use of the bundled OpenSSL", "no"))
 vars.Add("openssl_include", "Location of OpenSSL include files (if not under (openssl)/include)", None)
 vars.Add("openssl_libdir", "Location of OpenSSL library files (if not under (openssl)/lib)", None)
 vars.Add(PackageVariable("hunspell_prefix", "Hunspell location", False))
diff --git a/BuildTools/SCons/SConstruct b/BuildTools/SCons/SConstruct
index dafd2b0..3305fd3 100644
--- a/BuildTools/SCons/SConstruct
+++ b/BuildTools/SCons/SConstruct
@@ -507,26 +507,34 @@ conf.Finish()
 if env["qt"] :
 	env["QTDIR"] = env["qt"]
 
-# Check for OS X Secure Transport
-if not env.get("openssl_force_bundled", False) and env["PLATFORM"] == "darwin" and env["target"] == "native"  :
-	env["HAVE_SECURETRANSPORT"] = True
-else :
-	env["HAVE_SECURETRANSPORT"] = False
 
+################################################################################
+# TLS backend selection
+################################################################################
+env["OPENSSL_FLAGS"] = {}
+if env.get("tls_backend") == "native" :
+	if env["PLATFORM"] == "win32" :
+		env["HAVE_SCHANNEL"] = True
+	elif env["PLATFORM"] == "darwin" and env["target"] == "native":
+		env["HAVE_SECURETRANSPORT"] = True
+	elif env["target"] in ("iphone-device", "iphone-simulator", "xcode", "android") :
+		env["tls_backend"] = "openssl_bundled"
+	else :
+		env["tls_backend"] = "openssl"
 # OpenSSL
-openssl_env = conf_env.Clone()
-if env.get("openssl_force_bundled", False) or env["target"] in ("iphone-device", "iphone-simulator", "xcode", "android") :
+if env.get("tls_backend") == "openssl_bundled" :
 	env["OPENSSL_BUNDLED"] = True
 	env["HAVE_OPENSSL"] = True
-elif not env["HAVE_SECURETRANSPORT"] :
+elif env.get("tls_backend") == "openssl" :
+	openssl_env = conf_env.Clone()
 	use_openssl = bool(env["openssl"])
 	openssl_prefix = ""
 	if isinstance(env["openssl"], str) :
 		openssl_prefix = env["openssl"]
 	openssl_flags = {}
 	if openssl_prefix :
-		openssl_include = env.get("openssl_include", None)
-		openssl_libdir = env.get("openssl_libdir", None)
+		openssl_include = env.get("openssl_include")
+		openssl_libdir = env.get("openssl_libdir")
 		if openssl_include:
 			openssl_flags = {"CPPPATH":[openssl_include]}
 		else:
@@ -545,7 +553,7 @@ elif not env["HAVE_SECURETRANSPORT"] :
 	if use_openssl and openssl_conf.CheckCHeader("openssl/ssl.h") :
 		env["HAVE_OPENSSL"] = 1
 		env["OPENSSL_FLAGS"] = openssl_flags
-		openssl_libnames = env.get("openssl_libnames", None)
+		openssl_libnames = env.get("openssl_libnames")
 		if openssl_libnames:
 			env["OPENSSL_FLAGS"]["LIBS"] = openssl_libnames.split(',')
 		elif env["PLATFORM"] == "win32" :
@@ -555,12 +563,6 @@ elif not env["HAVE_SECURETRANSPORT"] :
 			if env["PLATFORM"] == "darwin" :
 				if platform.mac_ver()[0].startswith("10.5") :
 					env["OPENSSL_FLAGS"]["FRAMEWORKS"] = ["Security"]
-	else :
-		env["OPENSSL_FLAGS"] = {}
-		if env["PLATFORM"] == "win32" :
-			# If we're compiling for Windows and OpenSSL isn't being used, use Schannel
-			env["HAVE_SCHANNEL"] = True
-
 	openssl_conf.Finish()
 
 if env["PLATFORM"] == "win32" :
-- 
cgit v0.10.2-6-g49f6