Check that openssl has ECC support during configure

This allows builds on machines with a crippled openssl to fail early during configure. Bugfix on 0.2.7.1-alpha, which introduced the requirement for ECC support. Fixes bug 17109.
author: Sebastian Hahn <sebastian@torproject.org> 2015-09-19 16:36:55 +0200
committer: Nick Mathewson <nickm@torproject.org> 2015-09-22 08:36:28 -0400
commit: ae98dd255b3db5585c0eab17dab702f72046ee57 (patch)
tree: a833f89da6b350198401c7f4adff8557b65cb0cf /configure.ac
parent: c84f3c917735caf073ee97935687c1ba8ee3639e (diff)
download: tor-ae98dd255b3db5585c0eab17dab702f72046ee57.tar.gz
tor-ae98dd255b3db5585c0eab17dab702f72046ee57.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index bf818ac4eb..2220c18fdb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -642,6 +642,19 @@ AC_TRY_COMPILE([
    [ : ],
    [ AC_ERROR([OpenSSL is too old. We require 1.0.0 or later. You can specify a path to a newer one with --with-openssl-dir.]) ])
 
+AC_TRY_COMPILE([
+#include <openssl/opensslv.h>
+#include <openssl/evp.h>
+#if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_ECDSA)
+#error "no ECC"
+#endif
+#if !defined(NID_X9_62_prime256v1) || !defined(NID_secp224r1)
+#error "curves unavailable"
+#endif
+   ], [],
+   [ : ],
+   [ AC_ERROR([OpenSSL is built without full ECC support, including curves P256 and P224. You can specify a path to one with ECC support with --with-openssl-dir.]) ])
+
 AC_CHECK_MEMBERS([struct ssl_method_st.get_cipher_by_char], , ,
 [#include <openssl/ssl.h>
 ])
author	Sebastian Hahn <sebastian@torproject.org>	2015-09-19 16:36:55 +0200
committer	Nick Mathewson <nickm@torproject.org>	2015-09-22 08:36:28 -0400
commit	ae98dd255b3db5585c0eab17dab702f72046ee57 (patch)
tree	a833f89da6b350198401c7f4adff8557b65cb0cf /configure.ac
parent	c84f3c917735caf073ee97935687c1ba8ee3639e (diff)
download	tor-ae98dd255b3db5585c0eab17dab702f72046ee57.tar.gz tor-ae98dd255b3db5585c0eab17dab702f72046ee57.zip