Better ssl detection on 64-bit systems

Changelog

@@ -4,6 +4,12 @@ NRPE Changelog
 
 
 
+2.11 - ??/??/2007
+-----------------
+- Added lib64 library paths to configure script for 64-bit systems (John Maag)
+- Added --with-ssl-lib configure script option
+
+
 2.10 - 10/19/2007
 -----------------
 - Moved PDF docs to docs/ subdirectory, added OpenOffice source document

configure

@@ -853,6 +853,7 @@ Optional Packages:
   --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
 --with-ssl=DIR sets location of the SSL installation
 --with-ssl-inc=DIR sets location of the SSL include files
+--with-ssl-lib=DIR sets location of the SSL libraries
 --with-kerberos-inc=DIR sets location of the Kerberos include files
 --with-nrpe-user=<user> sets user name to run NRPE
 --with-nrpe-group=<group> sets group name to run NRPE
@@ -1296,9 +1297,9 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 
 PKG_NAME=nrpe
-PKG_VERSION="2.10"
+PKG_VERSION="2.9"
 PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="10-19-2007"
+PKG_REL_DATE="08-13-2007"
 
 ac_aux_dir=
 for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
@@ -6585,7 +6586,9 @@ else
   check_for_ssl=yes
 fi;
 
+ssl_dir=
 ssl_inc_dir=
+ssl_lib_dir=
 
 # Check whether --with-ssl or --without-ssl was given.
 if test "${with_ssl+set}" = set; then
@@ -6603,6 +6606,14 @@ if test "${with_ssl_inc+set}" = set; then
 
 fi;
 
+# Check whether --with-ssl-lib or --without-ssl-lib was given.
+if test "${with_ssl_lib+set}" = set; then
+  withval="$with_ssl_lib"
+
+	ssl_lib_dir=$withval
+
+fi;
+
 # Check whether --with-kerberos-inc or --without-kerberos-inc was given.
 if test "${with_kerberos_inc+set}" = set; then
   withval="$with_kerberos_inc"
@@ -6612,62 +6623,84 @@ if test "${with_kerberos_inc+set}" = set; then
 fi;
 
 if test x$check_for_ssl = xyes; then
-	echo "$as_me:$LINENO: checking for SSL" >&5
-echo $ECHO_N "checking for SSL... $ECHO_C" >&6
+	echo "$as_me:$LINENO: checking for SSL headers" >&5
+echo $ECHO_N "checking for SSL headers... $ECHO_C" >&6
 	found_ssl=no
 	for dir in $ssl_inc_dir $ssl_dir /usr/local/openssl /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr /usr/freeware/lib/openssl; do
 		ssldir="$dir"
 		if test -f "$dir/include/openssl/ssl.h"; then
 			found_ssl=yes
 			CFLAGS="$CFLAGS -I$dir/include/openssl -I$ssldir/include"
+			sslincdir="$dir/include/openssl"
 		        break
 		fi
 		if test -f "$dir/include/ssl.h"; then
 			found_ssl=yes
 			CFLAGS="$CFLAGS -I$dir/include"
+			sslincdir="$dir/include"
 		        break
 		fi
 		if test -f "$dir/ssl.h"; then
 			found_ssl=yes
-			CFLAGS="$CFLAGS -I$dir/include"
+			CFLAGS="$CFLAGS -I$dir"
+			sslincdir="$dir"
 			ssldir="$dir/.."
 		        break
 		fi
 		if test -f "$dir/openssl/ssl.h"; then
 			found_ssl=yes
-			CFLAGS="$CFLAGS -I$dir/include"
+			CFLAGS="$CFLAGS -I$dir/openssl"
+			sslincdir="$dir/openssl"
 			ssldir="$dir/.."
 		        break
 		fi
 	done
 
 	if test x_$found_ssl != x_yes; then
-        	{ { echo "$as_me:$LINENO: error: Cannot find ssl libraries" >&5
-echo "$as_me: error: Cannot find ssl libraries" >&2;}
+        	{ { echo "$as_me:$LINENO: error: Cannot find ssl headers" >&5
+echo "$as_me: error: Cannot find ssl headers" >&2;}
    { (exit 1); exit 1; }; }
 	else
-	        printf "SSL found in $ssldir\n";
-	        LIBS="$LIBS -lssl -lcrypto";
-		if test x$ssl_lib_dir != x; then
-	        	LDFLAGS="$LDFLAGS -L$ssl_lib_dir";
+
+	        printf "SSL headers found in $ssldir\n";
+
+				echo "$as_me:$LINENO: checking for SSL libraries" >&5
+echo $ECHO_N "checking for SSL libraries... $ECHO_C" >&6
+		found_ssl=no
+		for dir in $ssl_lib_dir $ssl_dir /usr/lib64 /usr/lib /usr/local/lib /usr/lib/ssl /usr/ssl/lib /usr/openssl/lib /usr/pkg/lib  /usr/freeware/lib/openssl; do
+			ssllibdir="$dir"
+			if test -f "$dir/libssl.so"; then
+				found_ssl=yes
+			        break
+			fi
+		done
+
+		if test x_$found_ssl != x_yes; then
+        		{ { echo "$as_me:$LINENO: error: Cannot find ssl libraries" >&5
+echo "$as_me: error: Cannot find ssl libraries" >&2;}
+   { (exit 1); exit 1; }; }
 		else
-	        	LDFLAGS="$LDFLAGS -L$ssldir/lib";
-		fi
-		cat >>confdefs.h <<_ACEOF
+		        printf "SSL libraries found in $ssllibdir\n";
+
+			LDFLAGS="$LDFLAGS -L$ssllibdir";
+		        LIBS="$LIBS -lssl -lcrypto";
+
+			cat >>confdefs.h <<_ACEOF
 #define HAVE_SSL 1
 _ACEOF
 
 
 
-				echo ""
-		echo "*** Generating DH Parameters for SSL/TLS ***"
-		if test -f "$ssldir/sbin/openssl"; then
-			sslbin=$ssldir/sbin/openssl
-		else
-			sslbin=$ssldir/bin/openssl
+						echo ""
+			echo "*** Generating DH Parameters for SSL/TLS ***"
+			if test -f "$ssldir/sbin/openssl"; then
+				sslbin=$ssldir/sbin/openssl
+			else
+				sslbin=$ssldir/bin/openssl
+			fi
+			# awk to strip off meta data at bottom of dhparam output
+			$sslbin dhparam -C 512 | awk '/^-----/ {exit} {print}' > include/dh.h
 		fi
-		# awk to strip off meta data at bottom of dhparam output
-		$sslbin dhparam -C 512 | awk '/^-----/ {exit} {print}' > include/dh.h
 	fi
 
 		echo "$as_me:$LINENO: checking for Kerberos include files" >&5
@@ -6721,7 +6754,6 @@ else
 fi;
 
 
-echo "GROUP: $nrpe_group"
 NRPE_INSTALL_OPTS="-o $nrpe_user -g $nrpe_group"
 
 

configure.in

@@ -9,9 +9,9 @@ AC_CONFIG_HEADER(include/config.h)
 AC_PREFIX_DEFAULT(/usr/local/nagios)
 
 PKG_NAME=nrpe
-PKG_VERSION="2.10"
+PKG_VERSION="2.9"
 PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="10-19-2007"
+PKG_REL_DATE="08-13-2007"
 
 dnl Figure out how to invoke "install" and what install options to use.
 AC_PROG_INSTALL
@@ -225,13 +225,18 @@ AC_ARG_ENABLE(ssl,--enable-ssl enables native SSL support,[
 	],check_for_ssl=yes)
 
 dnl Optional SSL library and include paths
+ssl_dir=
 ssl_inc_dir=
+ssl_lib_dir=
 AC_ARG_WITH(ssl,--with-ssl=DIR sets location of the SSL installation,[
 	ssl_dir=$withval
 	])
 AC_ARG_WITH(ssl-inc,--with-ssl-inc=DIR sets location of the SSL include files,[
 	ssl_inc_dir=$withval
 	])
+AC_ARG_WITH(ssl-lib,--with-ssl-lib=DIR sets location of the SSL libraries,[
+	ssl_lib_dir=$withval
+	])
 AC_ARG_WITH(kerberos-inc,--with-kerberos-inc=DIR sets location of the Kerberos include files,[
 	kerberos_inc_dir=$withval
 	])
@@ -239,57 +244,77 @@ AC_ARG_WITH(kerberos-inc,--with-kerberos-inc=DIR sets location of the Kerberos i
 dnl Check for SSL support
 dnl Modified version of Mark Ethan Trostler's macro <trostler@juniper.net>
 if test x$check_for_ssl = xyes; then
-	AC_MSG_CHECKING(for SSL)
+	AC_MSG_CHECKING(for SSL headers)
 	found_ssl=no
 	for dir in $ssl_inc_dir $ssl_dir /usr/local/openssl /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr /usr/freeware/lib/openssl; do
 		ssldir="$dir"
 		if test -f "$dir/include/openssl/ssl.h"; then
 			found_ssl=yes
 			CFLAGS="$CFLAGS -I$dir/include/openssl -I$ssldir/include"
+			sslincdir="$dir/include/openssl"
 		        break
 		fi
 		if test -f "$dir/include/ssl.h"; then
 			found_ssl=yes
 			CFLAGS="$CFLAGS -I$dir/include"
+			sslincdir="$dir/include"
 		        break
 		fi
 		if test -f "$dir/ssl.h"; then
 			found_ssl=yes
-			CFLAGS="$CFLAGS -I$dir/include"
+			CFLAGS="$CFLAGS -I$dir"
+			sslincdir="$dir"
 			ssldir="$dir/.."
 		        break
 		fi
 		if test -f "$dir/openssl/ssl.h"; then
 			found_ssl=yes
-			CFLAGS="$CFLAGS -I$dir/include"
+			CFLAGS="$CFLAGS -I$dir/openssl"
+			sslincdir="$dir/openssl"
 			ssldir="$dir/.."
 		        break
 		fi
 	done
 
 	if test x_$found_ssl != x_yes; then
-        	AC_MSG_ERROR(Cannot find ssl libraries)
+        	AC_MSG_ERROR(Cannot find ssl headers)
 	else
-	        printf "SSL found in $ssldir\n";
-	        LIBS="$LIBS -lssl -lcrypto";
-		if test x$ssl_lib_dir != x; then
-	        	LDFLAGS="$LDFLAGS -L$ssl_lib_dir";
-		else 
-	        	LDFLAGS="$LDFLAGS -L$ssldir/lib";
-		fi
-		AC_DEFINE_UNQUOTED(HAVE_SSL)
-		AC_SUBST(HAVE_SSL)
-		
-		dnl Generate DH parameters
-		echo ""
-		echo "*** Generating DH Parameters for SSL/TLS ***"
-		if test -f "$ssldir/sbin/openssl"; then
-			sslbin=$ssldir/sbin/openssl
+
+	        printf "SSL headers found in $ssldir\n";
+
+		dnl Now try and find SSL libraries
+		AC_MSG_CHECKING(for SSL libraries)
+		found_ssl=no
+		for dir in $ssl_lib_dir $ssl_dir /usr/lib64 /usr/lib /usr/local/lib /usr/lib/ssl /usr/ssl/lib /usr/openssl/lib /usr/pkg/lib  /usr/freeware/lib/openssl; do
+			ssllibdir="$dir"
+			if test -f "$dir/libssl.so"; then
+				found_ssl=yes
+			        break
+			fi
+		done	
+
+		if test x_$found_ssl != x_yes; then
+        		AC_MSG_ERROR(Cannot find ssl libraries)
 		else
-			sslbin=$ssldir/bin/openssl
+		        printf "SSL libraries found in $ssllibdir\n";
+
+			LDFLAGS="$LDFLAGS -L$ssllibdir";
+		        LIBS="$LIBS -lssl -lcrypto";
+
+			AC_DEFINE_UNQUOTED(HAVE_SSL)
+			AC_SUBST(HAVE_SSL)
+	
+			dnl Generate DH parameters
+			echo ""
+			echo "*** Generating DH Parameters for SSL/TLS ***"
+			if test -f "$ssldir/sbin/openssl"; then
+				sslbin=$ssldir/sbin/openssl
+			else
+				sslbin=$ssldir/bin/openssl
+			fi
+			# awk to strip off meta data at bottom of dhparam output
+			$sslbin dhparam -C 512 | awk '/^-----/ {exit} {print}' > include/dh.h
 		fi
-		# awk to strip off meta data at bottom of dhparam output
-		$sslbin dhparam -C 512 | awk '/^-----/ {exit} {print}' > include/dh.h
 	fi
 
 	dnl RedHat 8.0 and 9.0 include openssl compiled with kerberos, so we must include header file
@@ -320,7 +345,6 @@ AC_ARG_WITH(nrpe_group,--with-nrpe-group=<group> sets group name to run NRPE,nrp
 AC_ARG_WITH(nrpe_port,--with-nrpe-port=<port> sets port number for NRPE to listen on,nrpe_port=$withval,nrpe_port=5666)
 AC_SUBST(nrpe_user)
 AC_SUBST(nrpe_group)
-echo "GROUP: $nrpe_group"
 NRPE_INSTALL_OPTS="-o $nrpe_user -g $nrpe_group"
 AC_SUBST(NRPE_INSTALL_OPTS)
 AC_SUBST(nrpe_port)

include/dh.h

@@ -4,12 +4,12 @@
 DH *get_dh512()
 	{
 	static unsigned char dh512_p[]={
-		0x8A,0xA6,0xF0,0xEF,0x5E,0x6E,0x71,0x62,0x1A,0x5F,0xE7,0xA8,
-		0xF8,0x81,0xD3,0x28,0x7E,0x4A,0x57,0x35,0xE3,0x55,0x72,0x9F,
-		0x0F,0xB8,0x39,0x5F,0x80,0x5B,0xA6,0x38,0xB9,0xAB,0xE6,0xCD,
-		0x9A,0x08,0x3E,0x8D,0xE2,0xB4,0xFB,0xC9,0x2B,0x74,0x36,0xD5,
-		0x0E,0x41,0x3F,0x6B,0x99,0xA5,0xB4,0x8E,0x09,0xC2,0x5E,0x81,
-		0xB5,0xB9,0x71,0x93,
+		0xB4,0xC4,0xCB,0xF8,0x94,0xEE,0x4D,0x73,0x23,0xF9,0xB0,0xC4,
+		0x07,0xB5,0x69,0xC8,0x7B,0x85,0x10,0xA6,0xB6,0x56,0x2B,0x52,
+		0xDB,0x7C,0xC6,0x39,0x34,0x1B,0xAB,0x68,0xB2,0x05,0x8F,0x87,
+		0x0D,0x53,0xD1,0x32,0x85,0xDC,0xEE,0xA4,0x92,0xBF,0x1B,0x40,
+		0x99,0x76,0xF5,0x28,0xA4,0xAC,0x35,0xD6,0x3F,0x7C,0x23,0xE0,
+		0xBC,0xE9,0x34,0x03,
 		};
 	static unsigned char dh512_g[]={
 		0x02,