--- ntop-starting/configure.in	Thu Jul 11 09:30:26 2002
+++ ntop-current/configure.in	Thu Jul 11 10:51:27 2002
@@ -117,6 +117,10 @@
 ac_disable_intop=no
 
 dnl>
+dnl> Option to show where we're testing for openssl
+ac_enable_showopenssltests=no
+
+dnl>
 dnl> *** ToBeRocked ***
 dnl> user customizable section
 dnl>
@@ -338,6 +342,11 @@
 dnl>
 AC_ARG_ENABLE(sslv3, [  --enable-sslv3          enable ssl v3 support if available [default=disabled]], ac_enable_sslv3="yes")
 
+dnl>
+dnl> Give the user an option to show the openssl tests...
+dnl>
+AC_ARG_ENABLE(showopenssltests, [  --enable-showopenssltests show tests for openssl libraries [default=disabled]], ac_enable_showopenssltests="yes")
+
 AC_ARG_WITH(void, [  +----------------------------------------------------------------------------+])
 
 dnl>
@@ -556,7 +565,7 @@
 AC_CHECK_HEADERS(syslog.h, [ac_syslog_h="yes"], [ac_syslog_h="no"])
 
 dnl> Test for facilitynames
-AC_MSG_CHECKING([Checking for glibc facilitynames in sys/syslog.h or syslog.h])
+AC_MSG_CHECKING([glibc facilitynames in sys/syslog.h or syslog.h])
 if test $ac_sys_syslog_h = yes ||
    test $ac_syslog_h = yes ; then
     AC_TRY_COMPILE([
@@ -662,21 +671,6 @@
 fi
 
 dnl>
-dnl> Enable SSL Watchdog?
-dnl>
-if test ".$ac_enable_sslwatchdog" = ".yes"; then
-  if test ".$ac_disable_openssl" = ".yes"; then
-    AC_MSG_ERROR([SSL Watchdog requires openSSL. rerun without --disable-openssl])
-  else
-    if test ".$ac_disable_multithread" = ".yes"; then
-      AC_MSG_ERROR([SSL Watchdog requires Multithreading. rerun without --disable-multithread])
-    else
-      AC_DEFINE(USE_SSLWATCHDOG)
-    fi
-  fi
-fi
-
-dnl>
 dnl> Networking libraries
 dnl>
 dnl> check for `gethostname' or `gethostbyname' in -lnsl
@@ -1122,120 +1116,195 @@
 dnl>
 dnl> OpenSSL by Open SLL Project
 dnl>
-dnl> order as follow
-dnl> 1. user defined openssl development tree
-dnl> 2. standard installation in /usr/lib and /usr/include respectively
-dnl> 3. default package installation in /usr/local/lib and /usr/local/include respectively
-dnl> 4. openssl development tree under the same ntop's root source directory or in a subdir
+dnl>  First a macro to encapsulate the tests
+dnl>    Args: 1 - libssl location
+dnl>          2 - ssl.h location
+dnl>
+
+AC_DEFUN(ntop_testopenssl, [
+    if test ".$ac_enable_showopenssltests" = ".yes"; then
+        AC_MSG_CHECKING([for libxxx.a in $1 and ssl.h in $2])
+    fi
+    if test -d $1 &&
+       test -r $1/libssl.a &&
+       test -r $1/libcrypto.a &&
+       test -d $2 &&
+       test -r $2/ssl.h; then
+         if test ".$ac_enable_showopenssltests" = ".yes"; then
+             AC_MSG_CHECKING([test program])
+         fi
+         OSSL_ROOT=`cd $1 && pwd`
+         _MORELIBS="${MORELIBS}"
+         _INCS="${INCS}"
+         MORELIBS="${MORELIBS} -L$1 -lssl -lcrypto"
+         INCS="${INCS} -I$2"
+         AC_TRY_COMPILE([
+#include <openssl/rsa.h>
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+             unsigned long l;
+             char buf[200];],
+             [ERR_error_string_n(l, buf, sizeof(buf));],
+             ac_cv_has_openssl=yes,
+             ac_cv_has_openssl=no)
+         if test ".$ac_cv_has_openssl" = ".yes"; then
+             if test ".$ac_enable_showopenssltests" = ".yes"; then
+                 AC_MSG_RESULT([OK])
+             else
+                 AC_MSG_RESULT([found in $1 and $2])
+             fi
+             AC_DEFINE(HAVE_OPENSSL)
+         else
+             AC_MSG_RESULT([ERROR: older version])
+             MORELIBS="${_MORELIBS}"
+             INCS="${_INCS}"
+         fi
+    else
+        if test ".$ac_enable_showopenssltests" = ".yes"; then
+            AC_MSG_RESULT([not found])
+        fi
+        ac_cv_has_openssl=no
+    fi
+])
 
 dnl>
 dnl> Do not perform any check for the OpenSSL library,
 dnl> if the user decided to compile without HTTPS support.
 dnl>
 if test ".$ac_disable_openssl" = ".no"; then
-  AC_MSG_CHECKING([for OpenSSL Library by Open SLL Project (optional package)])
-  if test ".${OSSL_ROOT}" != .; then
-    if test -d $OSSL_ROOT &&
-       test -r $OSSL_ROOT/libssl.a &&
-       test -r $OSSL_ROOT/openssl/ssl.h; then
-         OSSL_ROOT=`cd ${OSSL_ROOT} && pwd`
-         MORELIBS="${MORELIBS} -L$OSSL_ROOT -lssl"
-         INCS="${INCS} -I$OSSL_ROOT"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
-    elif test -d $OSSL_ROOT &&
-       test -r $OSSL_ROOT/libssl.a &&
-       test -r $OSSL_ROOT/include/openssl/ssl.h; then
-         OSSL_ROOT=`cd ${OSSL_ROOT} && pwd`
-         MORELIBS="${MORELIBS} -L$OSSL_ROOT/crypto -lssl"
-         INCS="${INCS} -I$OSSL_ROOT/include"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
-    else
-      AC_MSG_RESULT([not found in ${OSSL_ROOT}])
-      AC_MSG_WARN([ The Open SSL Library development tree seems corrupted or incomplete!])
-      AC_MSG_RESULT([ It looks that you don't have some files needed to use the Open SSL library.])
-      AC_MSG_RESULT([ Please check the source tree, compile and, optionally, install the software.])
-      AC_MSG_RESULT([ When finished please re-run this program.])
-      AC_MSG_WARN([ You can download the latest source tarball at http://www.openssl.org/])
-      AC_MSG_WARN([ HTTPS disabled!])
-    fi
-  elif test -d /usr/local/ssl &&
-       test -r /usr/local/ssl/lib/libssl.a &&
-       test -r /usr/local/ssl/lib/libcrypto.a &&
-       test -r /usr/local/ssl/include/openssl/ssl.h; then
-         OSSL_ROOT="/usr/local/ssl"
-         MORELIBS="${MORELIBS} -L$OSSL_ROOT/lib -lssl -lcrypto"
-         INCS="${INCS} -I$OSSL_ROOT/include"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
-  elif test -r /usr/lib/ssl/libssl.a &&
-       test -r /usr/include/ssl/ssl.h; then
-         OSSL_ROOT="/usr/lib/ssl"
-         MORELIBS="${MORELIBS} -lssl -lcrypto"
-         INCS="${INCS} -I/usr/include/ssl"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
-  elif test -r /usr/lib/libssl.a &&
-       test -r /usr/include/openssl/ssl.h; then
-         OSSL_ROOT="/usr/lib/"
-         MORELIBS="${MORELIBS} -lssl -lcrypto"
-         INCS="${INCS} -I/usr/include/openssl"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
-  elif test -d ../openssl-0.9.4 &&
-       test -r ../openssl-0.9.4/libssl.a &&
-       test -r ../openssl-0.9.4/libcrypto.a &&
-       test -r ../openssl-0.9.4/openssl/ssl/ssl.h; then
-         OSSL_ROOT="../openssl-0.9.4"
-         OSSL_ROOT=`cd ${OSSL_ROOT} && pwd`
-         MORELIBS="${MORELIBS} -L$OSSL_ROOT -lssl -lcrypto"
-         INCS="${INCS} -I$OSSL_ROOT/ssl"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
-  elif test -d openssl-0.9.4 &&
-       test -r openssl-0.9.4/libssl.a &&
-       test -r openssl-0.9.4/openssl/ssl/ssl.h; then
-         OSSL_ROOT="openssl-0.9.4"
-         OSSL_ROOT=`cd ${OSSL_ROOT} && pwd`
-         MORELIBS="${MORELIBS} -L$OSSL_ROOT -lssl -lcrypto"
-         INCS="${INCS} -I$OSSL_ROOT/ssl"
-         AC_DEFINE(HAVE_OPENSSL)
-         if test ".$ac_enable_sslv3" = ".yes"; then
-             AC_DEFINE(SUPPORT_SSLV3)
-         fi
-         AC_MSG_RESULT([found in $OSSL_ROOT])
+  if test ".$ac_enable_showopenssltests" = ".yes"; then
+      AC_MSG_RESULT([Checking for OpenSSL Library by Open SLL Project (optional package)...])
   else
-      AC_MSG_RESULT([not found!])
+      AC_MSG_CHECKING([Checking for OpenSSL Library by Open SLL Project (optional package)...])
+  fi
+ 
+dnl> Test order as follow
+dnl>
+dnl>     user defined openssl development tree
+dnl> OR:
+dnl>     standard installation in /usr/lib and /usr/include 
+dnl>     semi-standard installation in /usr/lib/ssl and /usr/include/ssl
+dnl>     semi-standard installation in /usr/lib/openssl and /usr/include/openssl
+dnl>     default package installation in /usr/local/lib and /usr/local/include
+dnl>     openssl development tree under the same ntop's root source directory or in a subdir
+
+  if test  ".${OSSL_ROOT}" != .; then
+      ntop_testopenssl(${OSSL_ROOT}, ${OSSL_ROOT})
+      if test ".$ac_cv_has_openssl" = ".no"; then
+	  ntop_testopenssl(${OSSL_ROOT}/lib, ${OSSL_ROOT}/include)
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl(${OSSL_ROOT}/lib, ${OSSL_ROOT}/include/openssl)
+      fi
+  else
+      ntop_testopenssl("/usr/lib", "/usr/include")
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("/usr/lib/ssl", "/usr/include/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("/usr/lib", "/usr/include/openssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("/usr/lib/openssl", "/usr/include/openssl")
+      fi
+
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("/usr/local/lib/ssl", "/usr/local/include/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("/usr/local/lib/ssl", "/usr/local/include/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("/usr/local/lib/ssl", "/usr/local/include/ssl")
+      fi
+
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl", "../openssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.7b", "../openssl-0.9.7b/ssl")
+          if test ".$ac_cv_has_openssl" = ".yes"; then
+              AC_MSG_WARN([ ntop has not been tested with openssl-0.9.7b])
+              AC_MSG_RESULT([          this was unreleased as of 2.1's release date])
+              AC_MSG_RESULT([          (but we'll give it a try anyway])
+          fi
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.7a", "../openssl-0.9.7a/ssl")
+          if test ".$ac_cv_has_openssl" = ".yes"; then
+              AC_MSG_WARN([ ntop has not been tested with openssl-0.9.7a])
+              AC_MSG_RESULT([          this was unreleased as of 2.1's release date])
+              AC_MSG_RESULT([          (but we'll give it a try anyway])
+          fi
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.7", "../openssl-0.9.7/ssl")
+          if test ".$ac_cv_has_openssl" = ".yes"; then
+              AC_MSG_WARN([ ntop has not been tested with openssl-0.9.7a])
+              AC_MSG_RESULT([          this was beta as of 2.1's release date])
+              AC_MSG_RESULT([          (but we'll give it a try anyway])
+          fi
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.6d", "../openssl-0.9.6d/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.6c", "../openssl-0.9.6c/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.6b", "../openssl-0.9.6b/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.6a", "../openssl-0.9.6a/ssl")
+      fi
+      if test ".$ac_cv_has_openssl" = ".no"; then
+          ntop_testopenssl("../openssl-0.9.6", "../openssl-0.9.6/ssl")
+      fi
+  fi
+  if test ".$ac_cv_has_openssl" = ".no"; then
       AC_MSG_WARN([ The Open SSL Library development tree seems corrupted or incomplete!])
       AC_MSG_RESULT([ Download, compile and, optionally, install it.])
       AC_MSG_RESULT([ When finished please re-run this program.])
       AC_MSG_WARN([ You can download the latest source tarball at http://www.openssl.org/])
       AC_MSG_WARN([ HTTPS disabled!])
+      if test ".$ac_enable_sslv3" = ".yes"; then
+          AC_MSG_WARN([--enable-sslv3 irrelevant, ignored!])
+      fi
+      if test ".$ac_enable_sslwatchdog" = ".yes"; then
+          AC_MSG_ERROR([SSL Watchdog requires openSSL. rerun without --disable-openssl])
+      fi
+  else  dnl> Yes, we have openSSL...
+      dnl>
+      dnl> Enable SSL v3
+      dnl>
+      if test ".$ac_enable_sslv3" = ".yes"; then
+         AC_DEFINE(SUPPORT_SSLV3)
+      fi
+      dnl>
+      dnl> Enable SSL Watchdog?
+      dnl>
+      if test ".$ac_enable_sslwatchdog" = ".yes"; then
+         AC_DEFINE(USE_SSLWATCHDOG)
+      fi
   fi
 else
   AC_MSG_WARN([HTTPS support disabled via command line option!])
   if test ".$ac_enable_sslv3" = ".yes"; then
       AC_MSG_WARN([--enable-sslv3 irrelevant, ignored!])
   fi
+  if test ".$ac_enable_sslwatchdog" = ".yes"; then
+      AC_MSG_WARN([--enable-ssl-watchdog irrelevant, ignored!])
+      ac_enable_sslwatchdog = "no"
+  fi
+fi
+
+if test ".$ac_enable_sslwatchdog" = ".yes"; then
+  if test ".$ac_disable_multithread" = ".yes"; then
+      AC_MSG_ERROR([SSL Watchdog requires Multithreading. rerun without --disable-multithread])
+  fi
 fi
 
 dnl>
