From 6209d47f7b41040b213d7b0c5fc0fa1046fc0b99 Mon Sep 17 00:00:00 2001
From: casado <casado@minimac.nicira.com>
Date: Thu, 27 Mar 2008 19:48:54 -0700
Subject: [PATCH] - Turn off ssl support by default - Update docs - Add ldl to
 link line (needed from non-ssl builds)

---
 INSTALL                |  5 +++--
 configure.ac           | 14 ++++++++++++++
 controller/Makefile.am |  2 +-
 secchan/Makefile.am    |  2 +-
 switch/Makefile.am     |  2 +-
 5 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/INSTALL b/INSTALL
index d0065a85..f9fc43f2 100644
--- a/INSTALL
+++ b/INSTALL
@@ -20,7 +20,7 @@ distribution, you will need the following software:
     - libssl, from OpenSSL (http://www.openssl.org/), is optional but
       recommended.  libssl is required to establish confidentiality
       and authenticity in the connections among OpenFlow switches and
-      controllers.
+      controllers.  To enable, compile with --enable-ssl=yes
 
 If you are working from a Git tree or snapshot (instead of from a
 distribution tarball), or if you modify the OpenFlow build system, you
@@ -136,7 +136,8 @@ Secure operation over SSL
 The instructions above set up OpenFlow for operation over a plaintext
 TCP connection.  Production use of OpenFlow should use SSL[*] to
 ensure confidentiality and authenticity of traffic among switches and
-controllers.
+controllers.  The source must be configured with --enable-ssl=yes to
+build with ssl support.
 
 To use SSL with OpenFlow, you must set up a public-key infrastructure
 (PKI) including a pair of certificate authorities (CAs), one for
diff --git a/configure.ac b/configure.ac
index b03d669f..0dec077e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -43,6 +43,18 @@ if test "$HAVE_IF_PACKET" = yes; then
              [Define to 1 if net/if_packet.h is available.])
 fi
 
+AC_ARG_ENABLE(
+  [ssl],
+  [AC_HELP_STRING([--enable-ssl], 
+                  [Enable ssl support (requires libssl)])],
+  [case "${enableval}" in # (
+     yes) ssl=true ;;  # (
+     no)  ssl=false ;; # (
+     *) AC_MSG_ERROR([bad value ${enableval} for --enable-ssl]) ;;
+   esac],
+  [ssl=false])
+
+if test "$ssl" = true; then
 PKG_CHECK_MODULES([SSL], [libssl], 
   [HAVE_OPENSSL=yes],
   [HAVE_OPENSSL=no
@@ -51,6 +63,8 @@ PKG_CHECK_MODULES([SSL], [libssl],
 $SSL_PKG_ERRORS
 
 OpenFlow will not support SSL connections.])])
+
+fi
 AM_CONDITIONAL([HAVE_OPENSSL], [test "$HAVE_OPENSSL" = yes])
 if test "$HAVE_OPENSSL" = yes; then
    AC_DEFINE([HAVE_OPENSSL], [1], [Define to 1 if OpenSSL is installed.])
diff --git a/controller/Makefile.am b/controller/Makefile.am
index 1a22d525..87642e98 100644
--- a/controller/Makefile.am
+++ b/controller/Makefile.am
@@ -3,4 +3,4 @@ include ../Make.vars
 bin_PROGRAMS = controller
 
 controller_SOURCES = controller.c
-controller_LDADD = ../lib/libopenflow.la
+controller_LDADD = ../lib/libopenflow.la -ldl
diff --git a/secchan/Makefile.am b/secchan/Makefile.am
index bfb0d262..13ddb044 100644
--- a/secchan/Makefile.am
+++ b/secchan/Makefile.am
@@ -3,4 +3,4 @@ include ../Make.vars
 bin_PROGRAMS = secchan
 
 secchan_SOURCES = secchan.c
-secchan_LDADD = ../lib/libopenflow.la
+secchan_LDADD = ../lib/libopenflow.la -ldl
diff --git a/switch/Makefile.am b/switch/Makefile.am
index 5e84a996..727d1bea 100644
--- a/switch/Makefile.am
+++ b/switch/Makefile.am
@@ -23,4 +23,4 @@ switch_SOURCES = \
 	table-linear.c \
 	table-mac.c 
 
-switch_LDADD = ../lib/libopenflow.la
+switch_LDADD = ../lib/libopenflow.la -ldl
-- 
2.30.2