[PATCH] configure.ac: Add single --with-crypto= instead of --with-$backend:s

The new option replaces the previous backend-specific options and
fixes several problems while at it:

* libgcrypt and mbedtls would be used if either was found, even if
  --without-libgcrypt or --without-mbedtls were on the command line.

* If --with-$backend was on the command line, configure would not
  fail when the library could not be found, but would instead use
  the first successfully detected crypto library.

* Copypasted code in configure.ac and acinclude.m4 had replicated
  the above bugs for multiple crypto backends.

The new option requires specifying only a backend name in configure.ac.

All crypto backend names are automatically displayed and recognized
as valid --with-crypto= choices, and an uppercase name AM_CONDITIONAL
is automatically created for each name.

acinclude.m4 needs one case stanza within LIBSSH2_CRYPTO_CHECK to
test availability of each library, which must set LIBS as neccessary.

src/Makefile.am still needs an if-block using the AM_CONDITIONAL to
include a backend-specific Makefile.

---
 acinclude.m4    | 150 ++++++++++++++++++++++++++++----------------------------
 configure.ac    | 137 ++++++++++++++++++++++++++++-----------------------
 src/Makefile.am |   8 +--
 3 files changed, 155 insertions(+), 140 deletions(-)
diff --git a/acinclude.m4 b/acinclude.m4
index 734ef07..18a2929 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -382,86 +382,86 @@ AC_DEFUN([CURL_CONFIGURE_REENTRANT], [
   #
 ])
 
-AC_DEFUN([LIBSSH2_CHECKFOR_MBEDTLS], [
-
-  old_LDFLAGS=$LDFLAGS
-  old_CFLAGS=$CFLAGS
-  if test -n "$use_mbedtls" && test "$use_mbedtls" != "no"; then
-    LDFLAGS="$LDFLAGS -L$use_mbedtls/lib"
-    CFLAGS="$CFLAGS -I$use_mbedtls/include"
-  fi
-
-  AC_LIB_HAVE_LINKFLAGS([mbedtls], [], [
-    #include <mbedtls/version.h>
-  ])
-
-  if test "$ac_cv_libmbedtls" = "yes"; then
-    AC_DEFINE(LIBSSH2_MBEDTLS, 1, [Use mbedtls])
-    LIBSREQUIRED= # mbedtls doesn't provide a .pc file
-    LIBS="$LIBS -lmbedtls -lmbedcrypto"
-    found_crypto=libmbedtls
-    support_clear_memory=yes
-  else
-    # restore
-    LDFLAGS=$old_LDFLAGS
-    CFLAGS=$old_CFLAGS
-  fi
-])
-
-AC_DEFUN([LIBSSH2_CHECKFOR_GCRYPT], [
-
-  old_LDFLAGS=$LDFLAGS
-  old_CFLAGS=$CFLAGS
-  if test -n "$use_libgcrypt" && test "$use_libgcrypt" != "no"; then
-    LDFLAGS="$LDFLAGS -L$use_libgcrypt/lib"
-    CFLAGS="$CFLAGS -I$use_libgcrypt/include"
-  fi
-  AC_LIB_HAVE_LINKFLAGS([gcrypt], [], [
-    #include <gcrypt.h>
-  ])
+AC_DEFUN([LIBSSH2_CHECK_CRYPTO], [
+if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_crypto" = "$1"; then
+  case "$1" in
+    openssl)
+      AC_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include <openssl/ssl.h>])
+
+      if test "$ac_cv_libssl" = "yes"; then
+        AC_DEFINE(LIBSSH2_OPENSSL, 1, [Use OpenSSL])
+        LIBSREQUIRED=libssl,libcrypto
+        LIBS="$LIBS $LIBSSL"
+
+        # Not all OpenSSL have AES-CTR functions.
+        AC_CHECK_FUNCS(EVP_aes_128_ctr)
+
+        found_crypto="$1"
+        found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})"
+      fi
+      ;;
 
-  if test "$ac_cv_libgcrypt" = "yes"; then
-    AC_DEFINE(LIBSSH2_LIBGCRYPT, 1, [Use libgcrypt])
-    LIBSREQUIRED= # libgcrypt doesn't provide a .pc file. sad face.
-    LIBS="$LIBS -lgcrypt"
-    found_crypto=libgcrypt
-  else
-    # restore
-    LDFLAGS=$old_LDFLAGS
-    CFLAGS=$old_CFLAGS
-  fi
-])
+    libgcrypt)
+      AC_LIB_HAVE_LINKFLAGS([gcrypt], [], [#include <gcrypt.h>])
 
+      if test "$ac_cv_libgcrypt" = "yes"; then
+        AC_DEFINE(LIBSSH2_LIBGCRYPT, 1, [Use libgcrypt])
+        LIBSREQUIRED= # libgcrypt doesn't provide a .pc file. sad face.
+        LIBS="$LIBS -lgcrypt"
+        found_crypto="$1"
+      fi
+      ;;
 
-AC_DEFUN([LIBSSH2_CHECKFOR_WINCNG], [
+    mbedtls)
+      AC_LIB_HAVE_LINKFLAGS([mbedtls], [], [#include <mbedtls/version.h>])
 
-  # Look for Windows Cryptography API: Next Generation
+      if test "$ac_cv_libmbedtls" = "yes"; then
+        AC_DEFINE(LIBSSH2_MBEDTLS, 1, [Use mbedtls])
+        LIBSREQUIRED= # mbedtls doesn't provide a .pc file
+        LIBS="$LIBS -lmbedtls -lmbedcrypto"
+        found_crypto="$1"
+        support_clear_memory=yes
+      fi
+      ;;
 
-  AC_LIB_HAVE_LINKFLAGS([bcrypt], [], [
-    #include <windows.h>
-    #include <bcrypt.h>
-  ])
-  AC_LIB_HAVE_LINKFLAGS([crypt32], [], [
-    #include <windows.h>
-    #include <wincrypt.h>
-  ])
-  AC_CHECK_HEADERS([ntdef.h ntstatus.h], [], [], [
-    #include <windows.h>
-  ])
-  AC_CHECK_DECLS([SecureZeroMemory], [], [], [
-    #include <windows.h>
-  ])
+    wincng)
+      # Look for Windows Cryptography API: Next Generation
+
+      AC_LIB_HAVE_LINKFLAGS([bcrypt], [], [
+        #include <windows.h>
+        #include <bcrypt.h>
+      ])
+      AC_LIB_HAVE_LINKFLAGS([crypt32], [], [
+        #include <windows.h>
+        #include <wincrypt.h>
+      ])
+      AC_CHECK_HEADERS([ntdef.h ntstatus.h], [], [], [
+        #include <windows.h>
+      ])
+      AC_CHECK_DECLS([SecureZeroMemory], [], [], [
+        #include <windows.h>
+      ])
+
+      if test "$ac_cv_libbcrypt" = "yes"; then
+        AC_DEFINE(LIBSSH2_WINCNG, 1, [Use Windows CNG])
+        LIBSREQUIRED= # wincng doesn't provide a .pc file. sad face.
+        LIBS="$LIBS -lbcrypt"
+        if test "$ac_cv_libcrypt32" = "yes"; then
+          LIBS="$LIBS -lcrypt32"
+        fi
+        found_crypto="$1"
+        found_crypto_str="Windows Cryptography API: Next Generation"
+        if test "$ac_cv_have_decl_SecureZeroMemory" = "yes"; then
+          support_clear_memory=yes
+        fi
+      fi
+      ;;
+  esac
 
-  if test "$ac_cv_libbcrypt" = "yes"; then
-    AC_DEFINE(LIBSSH2_WINCNG, 1, [Use Windows CNG])
-    LIBSREQUIRED= # wincng doesn't provide a .pc file. sad face.
-    LIBS="$LIBS -lbcrypt"
-    if test "$ac_cv_libcrypt32" = "yes"; then
-      LIBS="$LIBS -lcrypt32"
-    fi
-    found_crypto="Windows Cryptography API: Next Generation"
-    if test "$ac_cv_have_decl_SecureZeroMemory" = "yes"; then
-      support_clear_memory=yes
-    fi
+  if test "$found_crypto" = "none"; then
+    test "${crypto_errors}" != "" && crypto_errors="${crypto_errors}
+"
+    crypto_errors="${crypto_errors}No $1 crypto library found!"
   fi
+fi
 ])
diff --git a/configure.ac b/configure.ac
index f7fe247..ba84ddf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -83,81 +83,84 @@ AC_C_BIGENDIAN
 dnl check for how to do large files
 AC_SYS_LARGEFILE
 
-found_crypto=none
-
 # Configure parameters
-AC_ARG_WITH(openssl,
-  AC_HELP_STRING([--with-openssl],[Use OpenSSL for crypto]),
-  use_openssl=$withval,use_openssl=auto)
-AC_ARG_WITH(libgcrypt,
-  AC_HELP_STRING([--with-libgcrypt],[Use libgcrypt for crypto]),
-  [ use_libgcrypt=$withval
-    LIBSSH2_CHECKFOR_GCRYPT
-  ], use_libgcrypt=auto)
-AC_ARG_WITH(wincng,
-  AC_HELP_STRING([--with-wincng],[Use Windows CNG for crypto]),
-  [ use_wincng=$withval
-    LIBSSH2_CHECKFOR_WINCNG
-  ] ,use_wincng=auto)
-AC_ARG_WITH([mbedtls],
-  AC_HELP_STRING([--with-mbedtls],[Use mbedTLS for crypto]),
-  [ use_mbedtls=$withval
-    LIBSSH2_CHECKFOR_MBEDTLS
-  ], use_mbedtls=auto
-)
-AC_ARG_WITH(libz,
-  AC_HELP_STRING([--with-libz],[Use zlib for compression]),
-  use_libz=$withval,use_libz=auto)
-
-support_clear_memory=no
 
-# Look for OpenSSL
-if test "$found_crypto" = "none" && test "$use_openssl" != "no"; then
-  AC_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include <openssl/ssl.h>])
-fi
-if test "$ac_cv_libssl" = "yes"; then
-  AC_DEFINE(LIBSSH2_OPENSSL, 1, [Use OpenSSL])
-  LIBSREQUIRED=libssl,libcrypto
-
-  # Not all OpenSSL have AES-CTR functions.
-  save_LIBS="$LIBS"
-  LIBS="$LIBS $LIBSSL"
-  AC_CHECK_FUNCS(EVP_aes_128_ctr)
-  LIBS="$save_LIBS"
+# libz
 
-  found_crypto="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})"
-fi
+AC_ARG_WITH([libz],
+  AC_HELP_STRING([--with-libz],[Use libz for compression]),
+  use_libz=$withval,
+  use_libz=auto)
 
-AM_CONDITIONAL(OPENSSL, test "$ac_cv_libssl" = "yes")
-AM_CONDITIONAL(WINCNG, test "$ac_cv_libbcrypt" = "yes")
-AM_CONDITIONAL(LIBGCRYPT, test "$ac_cv_libgcrypt" = "yes")
-AM_CONDITIONAL(MBEDTLS, test "$ac_cv_libmbedtls" = "yes")
-
-# Check if crypto library was found
-if test "$found_crypto" = "none"; then
-  AC_MSG_ERROR([No crypto library found!
-Try --with-libssl-prefix=PATH
- or --with-libgcrypt-prefix=PATH
- or --with-libmbedtls-prefix=PATH
- or --with-wincng on Windows\
-])
-fi
+found_libz=no
+libz_errors=""
 
-# Look for Libz
-if test "$use_libz" != "no"; then
+if test "$use_libz" != no; then
   AC_LIB_HAVE_LINKFLAGS([z], [], [#include <zlib.h>])
   if test "$ac_cv_libz" != yes; then
-    AC_MSG_NOTICE([Cannot find zlib, disabling compression])
-    AC_MSG_NOTICE([Try --with-libz-prefix=PATH if you know you have it])
+    if test "$use_libz" = auto; then
+      AC_MSG_NOTICE([Cannot find libz, disabling compression])
+      found_libz="disabled; no libz found"
+    else
+      libz_errors="No libz found!
+Try --with-libz-prefix=PATH if you know that you have it."
+      AS_MESSAGE([ERROR: $libz_errors])
+    fi
   else
     AC_DEFINE(LIBSSH2_HAVE_ZLIB, 1, [Compile in zlib support])
     if test "${LIBSREQUIRED}" != ""; then
       LIBSREQUIRED="${LIBSREQUIRED},"
     fi
     LIBSREQUIRED="${LIBSREQUIRED}zlib"
+    found_libz="yes"
   fi
 fi
 
+
+# Crypto backends
+
+found_crypto=none
+found_crypto_str=""
+support_clear_memory=no
+crypto_errors=""
+
+m4_set_add([crypto_backends], [openssl])
+m4_set_add([crypto_backends], [libgcrypt])
+m4_set_add([crypto_backends], [mbedtls])
+m4_set_add([crypto_backends], [wincng])
+
+AC_ARG_WITH([crypto],
+  AC_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]),
+    [Select crypto backend (default: auto)]),
+  use_crypto=$withval,
+  use_crypto=auto
+)
+
+case "${use_crypto}" in
+  auto|m4_set_contents([crypto_backends], [|]))
+    m4_set_map([crypto_backends], [LIBSSH2_CHECK_CRYPTO])
+    ;;
+  *)
+    crypto_errors="Unknown crypto backend '${use_crypto}' specified!"
+    ;;
+esac
+
+if test "$found_crypto" = "none"; then
+  crypto_errors="${crypto_errors}
+Please specify --with-crypto and/or the neccessary library search prefix.
+
+Run configure --help to see all crypto library options."
+  AS_MESSAGE([ERROR: ${crypto_errors}])
+else
+  if test "$found_crypto_str" = ""; then
+    found_crypto_str="$found_crypto"
+  fi
+fi
+
+m4_set_foreach([crypto_backends], [c_backend],
+  [AM_CONDITIONAL(m4_toupper(c_backend), test "$found_crypto" = "c_backend")]
+)
+
 AC_SUBST(LIBSREQUIRED)
 
 #
@@ -351,6 +354,18 @@ AC_C_INLINE
 
 CURL_CHECK_NONBLOCKING_SOCKET
 
+if test "${libz_errors}" != ""; then
+  AS_MESSAGE([ERROR: ${libz_errors}])
+fi
+
+if test "${crypto_errors}" != ""; then
+  AS_MESSAGE([ERROR: ${crypto_errors}])
+fi
+
+if test "${libz_errors}${crypto_errors}" != ""; then
+  AC_MSG_ERROR([Required dependencies are missing!])
+fi
+
 AC_CONFIG_FILES([Makefile
                  src/Makefile
                  tests/Makefile
@@ -367,10 +382,10 @@ AC_MSG_NOTICE([summary of build options:
   Compiler:         ${CC}
   Compiler flags:   ${CFLAGS}
   Library types:    Shared=${enable_shared}, Static=${enable_static}
-  Crypto library:   ${found_crypto}
+  Crypto library:   ${found_crypto_str}
   Clear memory:     $enable_clear_memory
   Debug build:      $enable_debug
   Build examples:   $build_examples
   Path to sshd:     $ac_cv_path_SSHD (only for self-tests)
-  zlib compression: $ac_cv_libz
+  zlib compression: ${found_libz}
 ])
diff --git a/src/Makefile.am b/src/Makefile.am
index 1fa0751..3532b81 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -8,12 +8,12 @@ endif
 if LIBGCRYPT
 include ../Makefile.libgcrypt.inc
 endif
-if WINCNG
-include ../Makefile.WinCNG.inc
-endif
 if MBEDTLS
 include ../Makefile.mbedTLS.inc
 endif
+if WINCNG
+include ../Makefile.WinCNG.inc
+endif
 
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include ../Makefile.inc
@@ -62,4 +62,4 @@ VERSION=-version-info 1:1:0
 
 libssh2_la_LDFLAGS = $(VERSION) -no-undefined \
 	-export-symbols-regex '^libssh2_.*' \
-	$(LTLIBGCRYPT) $(LTLIBSSL) $(LTLIBZ)
+	$(LIBS) $(LTLIBZ)
-- 
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel