BuildSystem: Check for alternate openssl packages

OpenSSL is one of those packages that often have alternatives
with later versions.  For instance, CentOS/EL 7 has an
openssl package at version 1.0.2 but there's an openssl11
package from the epel repository that has 1.1.1.  This gets
installed to /usr/include/openssl11 and /usr/lib64/openssl11.
Unfortunately, the existing --with-ssl and --with-crypto
./configure options expect to point to a source tree and
don't work in this situation.  Also unfortunately, the
checks in ./configure don't use pkg-config.

In order to make this work with the existing situation, you'd
have to run...
./configure --with-ssl=/usr/lib64/openssl11 \
    --with-crypto=/usr/lib64/openssl11 \
    CFLAGS=-I/usr/include/openssl11

BUT...  those options don't get passed down to bundled pjproject
so when you run make, you have to include the CFLAGS again
which is a big pain.

Oh...  To make matters worse, although you can specify
PJPROJECT_CONFIGURE_OPTS on the ./configure command line,
they don't get saved so if you do a make clean, which will
force a re-configure of bundled pjproject, those options
don't get used.

So...

* In configure.ac... Since pkg-config is installed by install_prereq
  anyway, we now use it to check for the system openssl >= 1.1.0.
  If that works, great.  If not, we check for the openssl11
  package. If that works, great.  If not, we fall back to just
  checking for any openssl.  If pkg-config isn't installed for some
  reason, or --with-ssl=<dir> or --with-crypto=<dir> were specified
  on the ./configure command line, we fall back to the existing
  logic that uses AST_EXT_LIB_CHECK().

* The whole OpenSSL check process has been moved up before
  THIRD_PARTY_CONFIGURE(), which does the initial pjproject
  bundled configure, is run.  This way the results of the above
  checks, which may result in new include or library directories,
  is included.

* Although not strictly needed for openssl, We now save the value of
  PJPROJECT_CONFIGURE_OPTS in the makeopts file so it can be used
  again if a re-configure is triggered.

ASTERISK-29693

Change-Id: I341ab7603e6b156aa15a66f43675ac5029d5fbde

configure.ac

@@ -313,6 +313,8 @@ AC_PATH_PROG([LDCONFIG], [ldconfig], :)
 AC_PATH_PROG([SHA1SUM], [sha1sum], $ac_aux_dir/build_tools/sha1sum-sh)
 AC_PATH_PROG([OPENSSL], [openssl], :)
 
+PKG_PROG_PKG_CONFIG()
+
 AC_CACHE_CHECK([for bison that supports parse-param], [ac_cv_path_BISON2], [
 	if test "x$BISON" != "x:" ; then
 		# Create a temporary directory $tmp in $TMPDIR (default /tmp).
@@ -458,6 +460,52 @@ if test "${with_pjproject}" == "no" || test "${with_pjproject}" == "n" ; then
 	PJPROJECT_BUNDLED=no
 fi
 
+#
+# OpenSSL stuff has to be done here because we want to pass
+# any resulting CFLAGS and LDFLAGS to the bundled pjproject
+# configure done in THIRD_PARTY_CONFIGURE()
+#
+AST_EXT_LIB_SETUP([CRYPTO], [OpenSSL Cryptography], [crypto])
+AST_EXT_LIB_SETUP([OPENSSL], [OpenSSL Secure Sockets Layer], [ssl])
+AST_EXT_LIB_SETUP_OPTIONAL([OPENSSL_BIO_METHOD], [OpenSSL BIO Method Support], [CRYPTO], [crypto])
+
+# If neither --without-ssl (PBX_OPENSSL=-1) nor --without-crypto (PBX_CRYPTO=-1)
+# and there were no directories atdded to --with-ssl and --with-crypto, and
+# pkg-config is installed (which is should be by install_prereq).
+if test "x$PKG_CONFIG" != "x" -a $PBX_OPENSSL -ge 0 -a $PBX_CRYPTO -ge 0 -a "x$OPENSSL_DIR" == "x" ; then
+	AC_MSG_NOTICE(checking OPENSSL with pkg-config)
+	AC_MSG_NOTICE(checking whether system openssl > 1.1.0)
+	AST_PKG_CONFIG_CHECK([OPENSSL], [openssl >= 1.1.0])
+	if test $PBX_OPENSSL -eq 0 ; then
+		AC_MSG_NOTICE(checking whether alternate openssl11 is installed)
+		AST_PKG_CONFIG_CHECK([OPENSSL], [openssl11])
+	fi
+	if test $PBX_OPENSSL -eq 1 ; then
+		AC_DEFINE([HAVE_OPENSSL_BIO_METHOD], 1)
+		PBX_OPENSSL_BIO_METHOD=1
+	else
+		AC_MSG_NOTICE(checking fallback system openssl)
+		AST_PKG_CONFIG_CHECK([OPENSSL], [openssl])
+	fi
+
+	if test $PBX_OPENSSL -eq 1; then
+		AC_DEFINE([HAVE_CRYPTO], 1)
+		PBX_CRYPTO=1
+	fi
+else
+	AC_MSG_NOTICE(Checking OPENSSL without pkg-config)
+	AST_EXT_LIB_CHECK([CRYPTO], [crypto], [AES_encrypt], [openssl/aes.h])
+	if test "$PBX_CRYPTO" = "1";
+	then
+		AST_EXT_LIB_CHECK([OPENSSL], [ssl], [SSL_connect], [openssl/ssl.h], [-lcrypto])
+		AST_EXT_LIB_CHECK([OPENSSL_BIO_METHOD], [ssl], [BIO_meth_new], [openssl/ssl.h], [-lcrypto])
+	fi
+fi
+if test $PBX_OPENSSL -eq 0 ; then
+	AC_MSG_WARN(OpenSSL does not seem to be installed)
+fi
+
+
 THIRD_PARTY_CONFIGURE()
 
 # AST_EXT_LIB_SETUP is used to tell configure to handle variables for
@@ -482,8 +530,6 @@ AST_EXT_LIB_SETUP([CODEC2], [Codec 2 Audio Decoder/Encoder], [codec2])
 AST_EXT_LIB_SETUP([COROSYNC], [Corosync], [cpg])
 AST_EXT_LIB_SETUP_OPTIONAL([COROSYNC_CFG_STATE_TRACK], [A callback only in corosync 1.x], [COROSYNC], [cfg])
 AST_EXT_LIB_SETUP([CRYPT], [password and data encryption], [crypt])
-AST_EXT_LIB_SETUP([CRYPTO], [OpenSSL Cryptography], [crypto])
-AST_EXT_LIB_SETUP_OPTIONAL([OPENSSL_BIO_METHOD], [OpenSSL BIO Method Support], [CRYPTO], [crypto])
 AST_EXT_LIB_SETUP([DAHDI], [DAHDI], [dahdi])
 AST_EXT_LIB_SETUP([FFMPEG], [Ffmpeg and avcodec], [avcodec])
 AST_EXT_LIB_SETUP([GSM], [External GSM], [gsm], [, use 'internal' GSM otherwise])
@@ -593,7 +639,6 @@ AST_EXT_LIB_SETUP_OPTIONAL([SRTP_192], [SRTP Library AES-192 (ICM)], [SRTP], [sr
 AST_EXT_LIB_SETUP_OPTIONAL([SRTP_GCM], [SRTP Library AES-128 (GCM) and AES-256 (GCM)], [SRTP], [srtp])
 AST_EXT_LIB_SETUP_OPTIONAL([SRTP_SHUTDOWN], [SRTP Library Shutdown Function], [SRTP], [srtp])
 AST_EXT_LIB_SETUP_OPTIONAL([SRTP_GET_VERSION], [SRTP Library Version Function], [SRTP], [srtp])
-AST_EXT_LIB_SETUP([OPENSSL], [OpenSSL Secure Sockets Layer], [ssl])
 AST_EXT_LIB_SETUP_OPTIONAL([RT], [Realtime functions], [rt])
 AST_EXT_LIB_SETUP([SUPPSERV], [mISDN Supplemental Services], [suppserv])
 AST_EXT_LIB_SETUP([FREETDS], [FreeTDS], [tds])
@@ -640,8 +685,6 @@ AC_CHECK_HEADERS([ \
 
 AC_CHECK_HEADERS([arpa/inet.h libintl.h malloc.h netdb.h stddef.h strings.h sys/event.h utime.h])
 
-PKG_PROG_PKG_CONFIG()
-
 # Find required NetBSD Editline library (libedit).
 AST_PKG_CONFIG_CHECK(LIBEDIT, libedit)
 # some platforms do not list libedit via pkg-config, for example OpenBSD 6.2
@@ -2642,14 +2685,6 @@ AC_SUBST(CRYPT_INCLUDE)
 AC_CHECK_LIB([crypt], [crypt_r],
     [AC_DEFINE([HAVE_CRYPT_R], [1], [Define to 1 if you have the 'crypt_r' function.])])
 
-AST_EXT_LIB_CHECK([CRYPTO], [crypto], [AES_encrypt], [openssl/aes.h])
-
-if test "$PBX_CRYPTO" = "1";
-then
-	AST_EXT_LIB_CHECK([OPENSSL], [ssl], [SSL_connect], [openssl/ssl.h], [-lcrypto])
-	AST_EXT_LIB_CHECK([OPENSSL_BIO_METHOD], [ssl], [BIO_meth_new], [openssl/ssl.h], [-lcrypto])
-fi
-
 if test "$PBX_OPENSSL" = "1";
 then
         AST_CHECK_OSPTK([4], [0], [0])

include/asterisk/autoconfig.h.in

@@ -585,7 +585,7 @@
 /* Define to 1 if you have the MFR2 library. */
 #undef HAVE_OPENR2
 
-/* Define to 1 if you have the OpenSSL Secure Sockets Layer library. */
+/* Define if your system has the OPENSSL libraries. */
 #undef HAVE_OPENSSL
 
 /* Define to 1 if CRYPTO has the OpenSSL BIO Method Support feature. */

makeopts.in

@@ -239,6 +239,7 @@ PJPROJECT_BUNDLED=@PJPROJECT_BUNDLED@
 PJPROJECT_INCLUDE=@PJPROJECT_INCLUDE@
 PJPROJECT_LIB=@PJPROJECT_LIB@
 PJPROJECT_DIR=@PJPROJECT_DIR@
+PJPROJECT_CONFIGURE_OPTS=@PJPROJECT_CONFIGURE_OPTS@
 
 POPT_INCLUDE=@POPT_INCLUDE@
 POPT_LIB=@POPT_LIB@

menuselect/configure

@@ -696,6 +696,7 @@ infodir
 docdir
 oldincludedir
 includedir
+runstatedir
 localstatedir
 sharedstatedir
 sysconfdir
@@ -777,6 +778,7 @@ datadir='${datarootdir}'
 sysconfdir='${prefix}/etc'
 sharedstatedir='${prefix}/com'
 localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
 includedir='${prefix}/include'
 oldincludedir='/usr/include'
 docdir='${datarootdir}/doc/${PACKAGE}'
@@ -1029,6 +1031,15 @@ do
   | -silent | --silent | --silen | --sile | --sil)
     silent=yes ;;
 
+  -runstatedir | --runstatedir | --runstatedi | --runstated \
+  | --runstate | --runstat | --runsta | --runst | --runs \
+  | --run | --ru | --r)
+    ac_prev=runstatedir ;;
+  -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+  | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+  | --run=* | --ru=* | --r=*)
+    runstatedir=$ac_optarg ;;
+
   -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
     ac_prev=sbindir ;;
   -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1166,7 +1177,7 @@ fi
 for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
 		datadir sysconfdir sharedstatedir localstatedir includedir \
 		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
-		libdir localedir mandir
+		libdir localedir mandir runstatedir
 do
   eval ac_val=\$$ac_var
   # Remove trailing slashes.
@@ -1319,6 +1330,7 @@ Fine tuning of the installation directories:
   --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
   --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
   --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
+  --runstatedir=DIR       modifiable per-process data [LOCALSTATEDIR/run]
   --libdir=DIR            object code libraries [EPREFIX/lib]
   --includedir=DIR        C header files [PREFIX/include]
   --oldincludedir=DIR     C header files for non-gcc [/usr/include]

third-party/pjproject/Makefile

@@ -88,8 +88,8 @@ else
 endif
 
 export PJ_CFLAGS := $(filter-out -O% -g%,$(PJ_CFLAGS))
-export CFLAGS += $(CF)
-export LDFLAGS += $(CC_LDFLAGS)
+export CFLAGS += $(CF) $(OPENSSL_INCLUDE)
+export LDFLAGS += $(CC_LDFLAGS) $(OPENSSL_LIB)
 
 ECHO_PREFIX := $(ECHO_PREFIX) echo '[pjproject] '
 SHELL_ECHO_PREFIX := echo '[pjproject] '
@@ -129,7 +129,7 @@ source/pjlib/include/pj/%.h: patches/%.h
 	$(CMD_PREFIX) $(MAKE) clean $(REALLY_QUIET)
 
 source/build.mak: Makefile.rules source/version.mak source/user.mak $(addprefix source/pjlib/include/pj/,$(notdir $(wildcard patches/*.h))) .rebuild_needed
-	$(ECHO_PREFIX) Configuring with $(PJPROJECT_CONFIG_OPTS)
+	$(ECHO_PREFIX) Configuring with $(PJPROJECT_CONFIG_OPTS) 
 	$(CMD_PREFIX) (cd source ; ./aconfigure $(QUIET_CONFIGURE) $(PJPROJECT_CONFIG_OPTS))
 
 build.mak: source/build.mak

third-party/pjproject/configure.m4

@@ -117,6 +117,7 @@ AC_DEFUN([_PJPROJECT_CONFIGURE],
 		AC_SUBST([PBX_PJPROJECT])
 		AC_SUBST([PJPROJECT_LIB])
 		AC_SUBST([PJPROJECT_INCLUDE])
+		AC_SUBST([PJPROJECT_CONFIGURE_OPTS])
 		AC_MSG_RESULT(yes)
 
 	fi