configure: Enable OpenSSL support by default.

Years ago some users had broken OpenSSL libraries that didn't actually
work, so we disabled OpenSSL by default.  By now, I hope that those users
have fixed their systems.

diff --git a/INSTALL.Linux b/INSTALL.Linux
index 3088f8cbec3b671aec34e3f785d6bd4413e15ce3..3ae67d04ef097660ab86ed4f638ef31f81451c93 100644 (file)
--- a/INSTALL.Linux
+++ b/INSTALL.Linux
@@ -24,8 +24,9 @@ you will need the following software:
     - libssl, from OpenSSL, is optional but recommended if you plan to
       connect the Open vSwitch to an OpenFlow controller.  libssl is
       required to establish confidentiality and authenticity in the
-      connections from an Open vSwitch to an OpenFlow controller.  To
-      enable, configure with --enable-ssl=yes.
+      connections from an Open vSwitch to an OpenFlow controller.  If
+      libssl is installed, then Open vSwitch will automatically build
+      with support for it.
 
 To compile the kernel module, you must also install the following.  If
 you cannot build or install the kernel module, you may use the

diff --git a/INSTALL.SSL b/INSTALL.SSL
index 3b625fbd949bfb745ae8bad39266a7c709056fd3..f322b41315bfef638b9a513d19027204862b0a18 100644 (file)
--- a/INSTALL.SSL
+++ b/INSTALL.SSL
@@ -2,15 +2,13 @@
                    ================================
 
 If you plan to configure Open vSwitch to connect across the network to
-an OpenFlow controller, then we recommend that you configure and
-enable SSL support in Open vSwitch.  SSL support ensures integrity and
-confidentiality of the OpenFlow connections, increasing network
-security.
+an OpenFlow controller, then we recommend that you build Open vSwitch
+with OpenSSL.  SSL support ensures integrity and confidentiality of
+the OpenFlow connections, increasing network security.
 
 This file explains how to configure an Open vSwitch to connect to an
 OpenFlow controller over SSL.  Refer to INSTALL.Linux for instructions
-on building Open vSwitch with SSL support.  (In particular, you must
-pass --enable-ssl to the "configure" script to use SSL.)
+on building Open vSwitch with SSL support.
 
 Open vSwitch uses TLS version 1.0 or later (TLSv1), as specified by
 RFC 2246, which is very similar to SSL version 3.0.  TLSv1 was

diff --git a/m4/openvswitch.m4 b/m4/openvswitch.m4
index d3e9f9f0ed53cfc0ca78ff814bfc26df9d5d697e..5d77ca24b4296373d59fb8fe6ea098b09659b86d 100644 (file)
--- a/m4/openvswitch.m4
+++ b/m4/openvswitch.m4
@@ -60,30 +60,34 @@ AC_DEFUN([OVS_CHECK_NETLINK],
                 [Define to 1 if Netlink protocol is available.])
    fi])
 
-dnl Checks for OpenSSL, if --enable-ssl is passed in.
+dnl Checks for OpenSSL.
 AC_DEFUN([OVS_CHECK_OPENSSL],
   [AC_ARG_ENABLE(
      [ssl],
-     [AC_HELP_STRING([--enable-ssl], 
-                     [Enable ssl support (requires libssl)])],
+     [AC_HELP_STRING([--disable-ssl], [Disable OpenSSL support])],
      [case "${enableval}" in
         (yes) ssl=true ;;
         (no)  ssl=false ;;
         (*) AC_MSG_ERROR([bad value ${enableval} for --enable-ssl]) ;;
       esac],
-     [ssl=false])
+     [ssl=check])
 
-   if test "$ssl" = true; then
+   if test "$ssl" != false; then
        dnl Make sure that pkg-config is installed.
        m4_pattern_forbid([PKG_CHECK_MODULES])
        PKG_CHECK_MODULES([SSL], [libssl], 
          [HAVE_OPENSSL=yes],
          [HAVE_OPENSSL=no
-          AC_MSG_WARN([Cannot find libssl:
+          if test "$ssl" = check; then
+            AC_MSG_WARN([Cannot find libssl:
 
 $SSL_PKG_ERRORS
 
-OpenFlow connections over SSL will not be supported.])])
+OpenFlow connections over SSL will not be supported.
+(You may use --disable-ssl to suppress this warning.)])
+          else
+            AC_MSG_ERROR([Cannot find libssl (use --disable-ssl to configure without SSL support)])
+          fi])
    else
        HAVE_OPENSSL=no
    fi