aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2017-10-05 10:16:40 +0200
committerDaniel Stenberg <daniel@haxx.se>2017-10-09 11:29:53 +0200
commit62a721ea47e1e697faa7e3d87c8c9025808a8667 (patch)
tree31acc246f817519a1f8373a345bd9430ce12d3ab
parentc95c92da7584483368c8761c8cca276b5401530c (diff)
openssl: enable PKCS12 support for !BoringSSL
Enable PKCS12 for all non-boringssl builds without relying on configure or cmake checks. Bug: https://curl.haxx.se/mail/lib-2017-10/0007.html Reported-by: Christian Schmitz Closes #1948
-rw-r--r--CMakeLists.txt1
-rwxr-xr-xconfigure.ac5
-rw-r--r--lib/vtls/openssl.c6
3 files changed, 5 insertions, 7 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 261baba5c..3bfb5febd 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -366,7 +366,6 @@ if(CMAKE_USE_OPENSSL)
check_include_file("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
check_include_file("openssl/err.h" HAVE_OPENSSL_ERR_H)
check_include_file("openssl/pem.h" HAVE_OPENSSL_PEM_H)
- check_include_file("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
check_include_file("openssl/rsa.h" HAVE_OPENSSL_RSA_H)
check_include_file("openssl/ssl.h" HAVE_OPENSSL_SSL_H)
check_include_file("openssl/x509.h" HAVE_OPENSSL_X509_H)
diff --git a/configure.ac b/configure.ac
index 56b8756ba..8d71bb6fc 100755
--- a/configure.ac
+++ b/configure.ac
@@ -1647,10 +1647,7 @@ if test -z "$ssl_backends" -o "x$OPT_SSL" != xno &&
fi
fi
- if test X"$OPENSSL_ENABLED" = X"1"; then
- dnl is there a pkcs12.h header present?
- AC_CHECK_HEADERS(openssl/pkcs12.h)
- else
+ if test X"$OPENSSL_ENABLED" != X"1"; then
LIBS="$CLEANLIBS"
fi
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 7b41353d0..2ee27d5b5 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -69,7 +69,9 @@
#include <openssl/bio.h>
#include <openssl/buffer.h>
-#ifdef HAVE_OPENSSL_PKCS12_H
+#ifndef OPENSSL_IS_BORINGSSL
+/* BoringSSL does not support PKCS12 */
+#define HAVE_PKCS12_SUPPORT 1
#include <openssl/pkcs12.h>
#endif
@@ -653,7 +655,7 @@ int cert_stuff(struct connectdata *conn,
case SSL_FILETYPE_PKCS12:
{
-#ifdef HAVE_OPENSSL_PKCS12_H
+#ifdef HAVE_PKCS12_SUPPORT
FILE *f;
PKCS12 *p12;
EVP_PKEY *pri;