--- squid-3.4.4.orig/acinclude/lib-checks.m4 2014-03-09 10:40:56.000000000 +0100 +++ squid-3.4.4/acinclude/lib-checks.m4 2014-03-11 19:44:28.088928982 +0100 @@ -95,69 +95,6 @@ AC_DEFUN([SQUID_CHECK_LIBIPHLPAPI],[ SQUID_STATE_ROLLBACK(iphlpapi) ]) -dnl Checks whether the OpenSSL SSL_get_certificate crashes squid and if a -dnl workaround can be used instead of using the SSL_get_certificate -AC_DEFUN([SQUID_CHECK_OPENSSL_GETCERTIFICATE_WORKS],[ - AH_TEMPLATE(SQUID_SSLGETCERTIFICATE_BUGGY, "Define to 1 if the SSL_get_certificate crashes squid") - AH_TEMPLATE(SQUID_USE_SSLGETCERTIFICATE_HACK, "Define to 1 to use squid workaround for SSL_get_certificate") - SQUID_STATE_SAVE(check_SSL_get_certificate) - LIBS="$SSLLIB $LIBS" - if test "x$SSLLIBDIR" != "x"; then - LIBS="$LIBS -Wl,-rpath -Wl,$SSLLIBDIR" - fi - - AC_MSG_CHECKING(whether the SSL_get_certificate is buggy) - AC_RUN_IFELSE([ - AC_LANG_PROGRAM( - [ - #include - #include - ], - [ - SSLeay_add_ssl_algorithms(); - SSL_CTX *sslContext = SSL_CTX_new(SSLv3_method()); - SSL *ssl = SSL_new(sslContext); - X509* cert = SSL_get_certificate(ssl); - return 0; - ]) - ], - [ - AC_MSG_RESULT([no]) - ], - [ - AC_DEFINE(SQUID_SSLGETCERTIFICATE_BUGGY, 1) - AC_MSG_RESULT([yes]) - ], - []) - - AC_MSG_CHECKING(whether the workaround for SSL_get_certificate works) - AC_RUN_IFELSE([ - AC_LANG_PROGRAM( - [ - #include - #include - ], - [ - SSLeay_add_ssl_algorithms(); - SSL_CTX *sslContext = SSL_CTX_new(SSLv3_method()); - X509 ***pCert = (X509 ***)sslContext->cert; - X509 *sslCtxCert = pCert && *pCert ? **pCert : (X509 *)0x1; - if (sslCtxCert != NULL) - return 1; - return 0; - ]) - ], - [ - AC_MSG_RESULT([yes]) - AC_DEFINE(SQUID_USE_SSLGETCERTIFICATE_HACK, 1) - ], - [ - AC_MSG_RESULT([no]) - ], -[]) - -SQUID_STATE_ROLLBACK(check_SSL_get_certificate) -]) dnl Checks whether the SSL_CTX_new and similar functions require dnl a const 'SSL_METHOD *' argument