diff --git a/Makefile.common b/Makefile.common index 34320a2991..af43d28b56 100644 --- a/Makefile.common +++ b/Makefile.common @@ -536,8 +536,7 @@ ifeq ($(HAVE_LIBRETRODB), 1) endif endif -HAVE_BEARSSL := 0 -ifeq ($(HAVE_BEARSSL), 1) +ifeq ($(HAVE_BUILTINBEARSSL), 1) HAVE_SSL = 1 DEFINES += -DHAVE_SSL -DHAVE_BEARSSL @@ -2017,7 +2016,7 @@ ifeq ($(HAVE_NETWORKING), 1) OBJ += tasks/task_core_updater.o endif - ifeq ($(HAVE_BEARSSL), 1) + ifeq ($(HAVE_BUILTINBEARSSL), 1) OBJ += $(LIBRETRO_COMM_DIR)/net/net_socket_ssl_bear.o else ifeq ($(HAVE_SSL), 1) OBJ += $(LIBRETRO_COMM_DIR)/net/net_socket_ssl_mbed.o diff --git a/qb/config.libs.sh b/qb/config.libs.sh index 866dbdc799..6c472e5135 100644 --- a/qb/config.libs.sh +++ b/qb/config.libs.sh @@ -300,34 +300,56 @@ check_enabled FLAC BUILTINFLAC 'builtin flac' 'flac is' true check_val '' FLAC '-lFLAC' '' flac '' '' false -check_enabled SSL BUILTINMBEDTLS 'builtin mbedtls' 'ssl is' true -if [ "$HAVE_SSL" != 'no' ]; then - check_header '' MBEDTLS \ - mbedtls/config.h \ - mbedtls/certs.h \ - mbedtls/debug.h \ - mbedtls/platform.h \ - mbedtls/net_sockets.h \ - mbedtls/ssl.h \ - mbedtls/ctr_drbg.h \ - mbedtls/entropy.h +check_enabled SSL SYSTEMMBEDTLS 'system mbedtls' 'ssl is' false +check_enabled SSL BUILTINMBEDTLS 'builtin mbedtls' 'ssl is' false +check_enabled SSL BUILTINBEARSSL 'builtin bearssl' 'ssl is' false - check_lib '' MBEDTLS -lmbedtls - check_lib '' MBEDX509 -lmbedx509 - check_lib '' MBEDCRYPTO -lmbedcrypto +if [ "$HAVE_SYSTEMMBEDTLS" = "auto" ]; then SYSTEMMBEDTLS_IS_AUTO=yes; else SYSTEMMBEDTLS_IS_AUTO=no; fi +check_lib '' SYSTEMMBEDTLS '-lmbedtls -lmbedx509 -lmbedcrypto' +check_header '' SYSTEMMBEDTLS \ + mbedtls/config.h \ + mbedtls/certs.h \ + mbedtls/debug.h \ + mbedtls/platform.h \ + mbedtls/net_sockets.h \ + mbedtls/ssl.h \ + mbedtls/ctr_drbg.h \ + mbedtls/entropy.h +if [ "$SYSTEMMBEDTLS_IS_AUTO" = "yes" ] && [ "$HAVE_SYSTEMMBEDTLS" = "yes" ]; then HAVE_SYSTEMMBEDTLS=auto; fi - if [ "$HAVE_MBEDTLS" = 'no' ] || - [ "$HAVE_MBEDX509" = 'no' ] || - [ "$HAVE_MBEDCRYPTO" = 'no' ]; then - if [ "$HAVE_BUILTINMBEDTLS" != 'yes' ]; then - die : 'Notice: System mbedtls libraries not found, disabling SSL support.' - HAVE_SSL=no - fi - else - HAVE_SSL=yes - fi +SSL_BACKEND_CHOSEN=no +if [ "$HAVE_SYSTEMMBEDTLS" = "yes" ]; then + if [ "$SSL_BACKEND_CHOSEN" = "yes" ]; then die 1 "Can't enable multiple SSL backends"; fi + SSL_BACKEND_CHOSEN=yes fi +if [ "$HAVE_BUILTINMBEDTLS" = "yes" ]; then + if [ "$SSL_BACKEND_CHOSEN" = "yes" ]; then die 1 "Can't enable multiple SSL backends"; fi + SSL_BACKEND_CHOSEN=yes +fi +if [ "$HAVE_BUILTINBEARSSL" = "yes" ]; then + if [ "$SSL_BACKEND_CHOSEN" = "yes" ]; then die 1 "Can't enable multiple SSL backends"; fi + SSL_BACKEND_CHOSEN=yes +fi +if [ "$SSL_BACKEND_CHOSEN" = "no" ] && [ "$HAVE_SYSTEMMBEDTLS" = "auto" ]; then + HAVE_SYSTEMMBEDTLS=yes + SSL_BACKEND_CHOSEN=yes +fi +if [ "$SSL_BACKEND_CHOSEN" = "no" ] && [ "$HAVE_BUILTINMBEDTLS" = "auto" ]; then + HAVE_BUILTINMBEDTLS=yes + SSL_BACKEND_CHOSEN=yes +fi +if [ "$SSL_BACKEND_CHOSEN" = "no" ] && [ "$HAVE_BUILTINBEARSSL" = "auto" ]; then + HAVE_BUILTINBEARSSL=yes + SSL_BACKEND_CHOSEN=yes +fi +if [ "$HAVE_SYSTEMMBEDTLS" = "auto" ]; then HAVE_SYSTEMMBEDTLS=no; fi +if [ "$HAVE_BUILTINMBEDTLS" = "auto" ]; then HAVE_BUILTINMBEDTLS=no; fi +if [ "$HAVE_BUILTINBEARSSL" = "auto" ]; then HAVE_BUILTINBEARSSL=no; fi + +if [ "$HAVE_SSL" = "auto" ]; then HAVE_SSL=$SSL_BACKEND_CHOSEN; fi +if [ "$HAVE_SSL" = "yes" ] && [ "$SSL_BACKEND_CHOSEN" = "no" ]; then die 1 "error: SSL enabled, but all backends disabled"; fi + check_enabled THREADS LIBUSB libusb 'Threads are' false check_enabled HID LIBUSB libusb 'HID is' false diff --git a/qb/config.params.sh b/qb/config.params.sh index 821e5b58b0..e19b9610d5 100644 --- a/qb/config.params.sh +++ b/qb/config.params.sh @@ -30,10 +30,14 @@ HAVE_WASAPI=auto # WASAPI support HAVE_WINMM=auto # WinMM support HAVE_NEAREST_RESAMPLER=yes # Nearest resampler HAVE_CC_RESAMPLER=yes # CC Resampler -HAVE_SSL=auto # SSL/mbedtls support +HAVE_SSL=auto # SSL support C89_SSL=no -HAVE_BUILTINMBEDTLS=auto # Bake in the mbedtls library +HAVE_SYSTEMMBEDTLS=auto # Use system mbedTLS +C89_SYSTEMMBEDTLS=no +HAVE_BUILTINMBEDTLS=auto # Use builtin mbedTLS C89_BUILTINMBEDTLS=no +HAVE_BUILTINBEARSSL=auto # Use builtin BearSSL +C89_BUILTINBEARSSL=no HAVE_OVERLAY=yes # Overlay support HAVE_VIDEO_LAYOUT=yes # Layout support HAVE_DYNAMIC=yes # Dynamic loading of libretro library diff --git a/qb/qb.libs.sh b/qb/qb.libs.sh index 658487750b..f784160d5d 100644 --- a/qb/qb.libs.sh +++ b/qb/qb.libs.sh @@ -54,6 +54,9 @@ check_compiler() # $3 = lib # $4 = feature # $5 = enable lib when true, disable errors with 'user' [checked only if non-empty] +# if any HAVE_$1 is true, HAVE_$2 is enabled +# if USER_$2 is false, HAVE_$2 is disabled +# if neither of the above, it's an error check_enabled() { add_opt "$2" setval="$(eval "printf %s \"\$HAVE_$2\"")"