From b6254293cc57d90942ed63fcfe5b2be8076b284a Mon Sep 17 00:00:00 2001 From: Tobias Markmann Date: Mon, 22 Feb 2016 13:45:35 +0100 Subject: Fix using external OpenSSL on Mac OS X This commit changes our TLS backend configuration behavior. It introduces the tls_backend Scons argument, which defaults to the native backend, but can also explicitly set to 'openssl' to use a project external OpenSSL installation or 'openssl_bundled' to build and configure with the OpenSSL source in the 3rdParty directory. Test-Information: Tested on OS X 10.11.3. ./scons ends up using Secure Transport. ./scons tls_backend=openssl \ openssl_include=/usr/local/opt/openssl/include \ openssl_libdir=/usr/local/opt/openssl/lib \ openssl=/usr/local/opt/openssl successfully builds with openssl from Homebrew. ./scons tls_backend=openssl_bundled successfully builds with OpenSSL in 3rdParty. Change-Id: I4fb0ef9d197609afe793554f86e54fe67fc1cab5 diff --git a/BuildTools/SCons/SConscript.boot b/BuildTools/SCons/SConscript.boot index 3e8ab96..10b0daf 100644 --- a/BuildTools/SCons/SConscript.boot +++ b/BuildTools/SCons/SConscript.boot @@ -41,9 +41,9 @@ if os.name == "nt" : vars.Add(PathVariable("wix_bindir", "Path to WiX binaries", "", PathVariable.PathAccept)) if os.name == "nt" : vars.Add(PackageVariable("bonjour", "Bonjour SDK location", "yes")) +vars.Add(EnumVariable("tls_backend", "Choose the TLS backend", "native", ["native", "openssl", "openssl_bundled"])) vars.Add(PackageVariable("openssl", "OpenSSL location", "yes")) vars.Add("openssl_libnames", "Comma-separated openssl library names to override defaults", None) -vars.Add(BoolVariable("openssl_force_bundled", "Force use of the bundled OpenSSL", "no")) vars.Add("openssl_include", "Location of OpenSSL include files (if not under (openssl)/include)", None) vars.Add("openssl_libdir", "Location of OpenSSL library files (if not under (openssl)/lib)", None) vars.Add(PackageVariable("hunspell_prefix", "Hunspell location", False)) diff --git a/BuildTools/SCons/SConstruct b/BuildTools/SCons/SConstruct index dafd2b0..3305fd3 100644 --- a/BuildTools/SCons/SConstruct +++ b/BuildTools/SCons/SConstruct @@ -507,26 +507,34 @@ conf.Finish() if env["qt"] : env["QTDIR"] = env["qt"] -# Check for OS X Secure Transport -if not env.get("openssl_force_bundled", False) and env["PLATFORM"] == "darwin" and env["target"] == "native" : - env["HAVE_SECURETRANSPORT"] = True -else : - env["HAVE_SECURETRANSPORT"] = False +################################################################################ +# TLS backend selection +################################################################################ +env["OPENSSL_FLAGS"] = {} +if env.get("tls_backend") == "native" : + if env["PLATFORM"] == "win32" : + env["HAVE_SCHANNEL"] = True + elif env["PLATFORM"] == "darwin" and env["target"] == "native": + env["HAVE_SECURETRANSPORT"] = True + elif env["target"] in ("iphone-device", "iphone-simulator", "xcode", "android") : + env["tls_backend"] = "openssl_bundled" + else : + env["tls_backend"] = "openssl" # OpenSSL -openssl_env = conf_env.Clone() -if env.get("openssl_force_bundled", False) or env["target"] in ("iphone-device", "iphone-simulator", "xcode", "android") : +if env.get("tls_backend") == "openssl_bundled" : env["OPENSSL_BUNDLED"] = True env["HAVE_OPENSSL"] = True -elif not env["HAVE_SECURETRANSPORT"] : +elif env.get("tls_backend") == "openssl" : + openssl_env = conf_env.Clone() use_openssl = bool(env["openssl"]) openssl_prefix = "" if isinstance(env["openssl"], str) : openssl_prefix = env["openssl"] openssl_flags = {} if openssl_prefix : - openssl_include = env.get("openssl_include", None) - openssl_libdir = env.get("openssl_libdir", None) + openssl_include = env.get("openssl_include") + openssl_libdir = env.get("openssl_libdir") if openssl_include: openssl_flags = {"CPPPATH":[openssl_include]} else: @@ -545,7 +553,7 @@ elif not env["HAVE_SECURETRANSPORT"] : if use_openssl and openssl_conf.CheckCHeader("openssl/ssl.h") : env["HAVE_OPENSSL"] = 1 env["OPENSSL_FLAGS"] = openssl_flags - openssl_libnames = env.get("openssl_libnames", None) + openssl_libnames = env.get("openssl_libnames") if openssl_libnames: env["OPENSSL_FLAGS"]["LIBS"] = openssl_libnames.split(',') elif env["PLATFORM"] == "win32" : @@ -555,12 +563,6 @@ elif not env["HAVE_SECURETRANSPORT"] : if env["PLATFORM"] == "darwin" : if platform.mac_ver()[0].startswith("10.5") : env["OPENSSL_FLAGS"]["FRAMEWORKS"] = ["Security"] - else : - env["OPENSSL_FLAGS"] = {} - if env["PLATFORM"] == "win32" : - # If we're compiling for Windows and OpenSSL isn't being used, use Schannel - env["HAVE_SCHANNEL"] = True - openssl_conf.Finish() if env["PLATFORM"] == "win32" : -- cgit v0.10.2-6-g49f6