+dnl If --with-ssl was specified, make sure we can link with the
+dnl OpenSSL libs. We should probably auto-detect this by default.
+
+if test x"$with_ssl" != x -a x"$with_ssl" != x"no"; then
+ if test x"$with_ssl" = x"yes"; then
+ dnl OpenSSL's default install location is "/usr/local/ssl". We also
+ dnl allow /usr/local for regular-style install, and /usr for Linux
+ dnl stuff.
+ ssl_all_roots="default /usr/local/ssl /usr/local /opt"
+ else
+ dnl Root has been kindly provided by the user.
+ ssl_all_roots=$with_ssl
+ fi
+
+ wget_save_LIBS=$LIBS
+ wget_save_LDFLAGS=$LDFLAGS
+ wget_save_CC=$CC
+
+ dnl Use libtool for OpenSSL tests to handle the "-R<rpath>" option.
+ CC="$SHELL ./libtool $CC"
+
+ dnl Unfortunately, as of this writing (OpenSSL 0.9.6), the libcrypto
+ dnl shared library doesn't record its dependency on libdl, so we
+ dnl need to check for it ourselves so we won't fail to link due to a
+ dnl lack of -ldl. Most OSes use dlopen(), but HP-UX uses
+ dnl shl_load().
+ AC_CHECK_LIB(dl,dlopen)
+ AC_CHECK_LIB(dl,shl_load)
+
+ ssl_linked=no
+
+ dnl Now try to find SSL libraries in each of the likely SSL roots.
+ for ssl_root in $ssl_all_roots
+ do
+ if test x"$ssl_root" = xdefault; then
+ dnl Try the default library locations.
+ SSL_INCLUDES=
+ else
+ dnl Try this specific root.
+ SSL_INCLUDES=-I$ssl_root/include
+ dnl It's OK to use -R directly because libtool will
+ dnl interpret it for us.
+ LDFLAGS="-L$ssl_root/lib -R$ssl_root/lib $wget_save_LDFLAGS"
+ fi
+
+ ssl_link_failure=no
+
+ AC_MSG_RESULT(["Looking for SSL libraries in $ssl_root"])
+
+ dnl Make sure that the checks don't run afoul of the cache. It
+ dnl would be nicer to temporarily turn off the cache, but
+ dnl apparently Autoconf doesn't allow that.
+
+ unset ac_cv_lib_crypto_RSA_new
+ unset ac_cv_lib_ssl_SSL_new
+
+ dnl These checks need to be in this order, or you'll get a link
+ dnl failure if you use a static libcrypto.a and libssl.a rather
+ dnl than shared libraries.
+
+ AC_CHECK_LIB(crypto, RSA_new, , ssl_link_failure=yes)
+ AC_CHECK_LIB(ssl, SSL_new, , ssl_link_failure=yes)
+
+ dnl If ssl_link_failure is still no, the libraries link. But we
+ dnl still need to check if the program linked with those libraries
+ dnl under these settings with run. On some systems (Solaris), Gcc
+ dnl adds -L/usr/local/lib to the linking line, but fails to add
+ dnl -R/usr/local/lib, thus creating executables that link, but
+ dnl fail to run.
+
+ dnl If we are cross-compiling, just assume that working linkage
+ dnl implies working executable.
+
+ if test x"$ssl_link_failure" = xno; then
+ dnl Now try to run the thing.
+ AC_MSG_CHECKING("whether SSL libs are resolved at runtime")
+ AC_TRY_RUN([
+int RSA_new();
+int SSL_new();
+main(){return 0;}
+],
+ AC_MSG_RESULT("yes"),
+ AC_MSG_RESULT("no"); ssl_link_failure=yes,
+ AC_MSG_RESULT("cross"))
+ fi
+
+ if test x"$ssl_link_failure" = xno; then
+ dnl This echo doesn't look right, but I'm not sure what to use
+ dnl instead.
+ AC_MSG_RESULT("Compiling in support for SSL in $ssl_root")
+ AC_DEFINE(HAVE_SSL)
+ AC_SUBST(SSL_INCLUDES)
+ SSL_OBJ='gen_sslfunc$o'
+ AC_SUBST(SSL_OBJ)
+ ssl_linked=yes
+ break
+ fi
+ done
+
+ if test x"$ssl_linked" = xno; then
+ LD_FLAGS=$wget_save_LDFLAGS
+ LIBS=$wget_save_LIBS
+
+ dnl Perhaps we should abort here. Dan argues that configure
+ dnl scripts shouldn't abort out of principle, but on the other
+ dnl hand remember that the user explicitly requested linking with
+ dnl SSL.
+
+ dnl IMHO there should be a way to specify whether SSL should be
+ dnl avoided, auto-detected, or required, defaulting to
+ dnl `autodetect'. Only in the `require' mode the script would
+ dnl abort if SSL is not found.
+ echo
+ echo "WARNING: Failed to link with OpenSSL libraries in $ssl_root/lib."
+ echo " Wget will be built without support for https://... URLs."
+ echo
+ fi
+
+ CC=$wget_save_CC
+fi
+