changeset 1368:b2bc8bcd546f

Switch from libmhash to OpenSSL
author Adam Chlipala <adam@chlipala.net>
date Sun, 26 Dec 2010 11:13:37 -0500 (2010-12-26)
parents 8301ee4ab58c
children 1a78ca089bd0
files Makefile.in aclocal.m4 configure configure.ac doc/manual.tex m4/ax_check_openssl.m4 src/c/Makefile.am src/c/Makefile.in src/c/mhash.c src/c/openssl.c src/compiler.sml src/config.sig src/config.sml.in
diffstat 13 files changed, 385 insertions(+), 193 deletions(-) [+]
line wrap: on
line diff
--- a/Makefile.in	Sat Dec 25 08:58:25 2010 -0500
+++ b/Makefile.in	Sun Dec 26 11:13:37 2010 -0500
@@ -39,10 +39,10 @@
 	$(top_srcdir)/configure $(top_srcdir)/src/config.sml.in \
 	config.guess config.sub depcomp install-sh ltmain.sh missing
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
-	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
-	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
-	$(top_srcdir)/configure.ac
+am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \
+	$(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
@@ -146,7 +146,6 @@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
 MAKEINFO = @MAKEINFO@
-MHASH_LIB_DIR = @MHASH_LIB_DIR@
 MKDIR_P = @MKDIR_P@
 MLLEX = @MLLEX@
 MLTON := mlton
@@ -155,6 +154,9 @@
 NMEDIT = @NMEDIT@
 OBJDUMP = @OBJDUMP@
 OBJEXT = @OBJEXT@
+OPENSSL_INCLUDES = @OPENSSL_INCLUDES@
+OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@
+OPENSSL_LIBS = @OPENSSL_LIBS@
 OTOOL = @OTOOL@
 OTOOL64 = @OTOOL64@
 PACKAGE = @PACKAGE@
@@ -165,6 +167,7 @@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKG_CONFIG = @PKG_CONFIG@
 RANLIB = @RANLIB@
 SED = @SED@
 SET_MAKE = @SET_MAKE@
--- a/aclocal.m4	Sat Dec 25 08:58:25 2010 -0500
+++ b/aclocal.m4	Sun Dec 26 11:13:37 2010 -0500
@@ -949,6 +949,7 @@
 AC_SUBST([am__untar])
 ]) # _AM_PROG_TAR
 
+m4_include([m4/ax_check_openssl.m4])
 m4_include([m4/libtool.m4])
 m4_include([m4/ltoptions.m4])
 m4_include([m4/ltsugar.m4])
--- a/configure	Sat Dec 25 08:58:25 2010 -0500
+++ b/configure	Sun Dec 26 11:13:37 2010 -0500
@@ -743,7 +743,6 @@
 am__EXEEXT_TRUE
 LTLIBOBJS
 LIBOBJS
-MHASH_LIB_DIR
 GCCARGS
 SITELISP
 INCLUDE
@@ -752,6 +751,10 @@
 MLYACC
 MLLEX
 MLTON
+OPENSSL_LDFLAGS
+OPENSSL_LIBS
+OPENSSL_INCLUDES
+PKG_CONFIG
 OTOOL64
 OTOOL
 LIPO
@@ -867,7 +870,7 @@
 enable_fast_install
 with_gnu_ld
 enable_libtool_lock
-with_mhash_dir
+with_openssl
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1512,7 +1515,7 @@
   --with-pic              try to use only PIC/non-PIC objects [default=use
                           both]
   --with-gnu-ld           assume the C compiler uses GNU ld [default=no]
-  --with-mhash-dir=DIR    mhash directory; default = /usr
+  --with-openssl=DIR      root of the OpenSSL directory
 
 Some influential environment variables:
   CC          C compiler command
@@ -5329,13 +5332,13 @@
 else
   lt_cv_nm_interface="BSD nm"
   echo "int some_variable = 0;" > conftest.$ac_ext
-  (eval echo "\"\$as_me:5332: $ac_compile\"" >&5)
+  (eval echo "\"\$as_me:5335: $ac_compile\"" >&5)
   (eval "$ac_compile" 2>conftest.err)
   cat conftest.err >&5
-  (eval echo "\"\$as_me:5335: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+  (eval echo "\"\$as_me:5338: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
   (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
   cat conftest.err >&5
-  (eval echo "\"\$as_me:5338: output\"" >&5)
+  (eval echo "\"\$as_me:5341: output\"" >&5)
   cat conftest.out >&5
   if $GREP 'External.*some_variable' conftest.out > /dev/null; then
     lt_cv_nm_interface="MS dumpbin"
@@ -6540,7 +6543,7 @@
   ;;
 *-*-irix6*)
   # Find out which ABI we are using.
-  echo '#line 6543 "configure"' > conftest.$ac_ext
+  echo '#line 6546 "configure"' > conftest.$ac_ext
   if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
   (eval $ac_compile) 2>&5
   ac_status=$?
@@ -7802,11 +7805,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:7805: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:7808: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&5
-   echo "$as_me:7809: \$? = $ac_status" >&5
+   echo "$as_me:7812: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
@@ -8141,11 +8144,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:8144: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:8147: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&5
-   echo "$as_me:8148: \$? = $ac_status" >&5
+   echo "$as_me:8151: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
@@ -8246,11 +8249,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:8249: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:8252: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>out/conftest.err)
    ac_status=$?
    cat out/conftest.err >&5
-   echo "$as_me:8253: \$? = $ac_status" >&5
+   echo "$as_me:8256: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s out/conftest2.$ac_objext
    then
      # The compiler can only warn and ignore the option if not recognized
@@ -8301,11 +8304,11 @@
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:8304: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:8307: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>out/conftest.err)
    ac_status=$?
    cat out/conftest.err >&5
-   echo "$as_me:8308: \$? = $ac_status" >&5
+   echo "$as_me:8311: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s out/conftest2.$ac_objext
    then
      # The compiler can only warn and ignore the option if not recognized
@@ -10685,7 +10688,7 @@
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10688 "configure"
+#line 10691 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -10781,7 +10784,7 @@
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10784 "configure"
+#line 10787 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -11013,67 +11016,154 @@
 
 
 
-# Check whether --with-mhash-dir was given.
-if test "${with_mhash_dir+set}" = set; then :
-  withval=$with_mhash_dir; with_mhash_dir="$withval"
-else
-  with_mhash_dir="/usr"
-fi
-
-
-LIBS_save="$LIBS"
-LIBS="-L${with_mhash_dir}/lib/ -lmhash"
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for mhash_get_block_size in -lmhash" >&5
-$as_echo_n "checking for mhash_get_block_size in -lmhash... " >&6; }
-if test "${ac_cv_lib_mhash_mhash_get_block_size+set}" = set; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lmhash  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+    found=false
+
+# Check whether --with-openssl was given.
+if test "${with_openssl+set}" = set; then :
+  withval=$with_openssl;
+            case "$withval" in
+            "" | y | ye | yes | n | no)
+            as_fn_error $? "Invalid --with-openssl value" "$LINENO" 5
+              ;;
+            *) ssldirs="$withval"
+              ;;
+            esac
+
+else
+
+            # if pkg-config is installed and openssl has installed a .pc file,
+            # then use that information and don't search ssldirs
+            # Extract the first word of "pkg-config", so it can be a program name with args.
+set dummy pkg-config; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if test "${ac_cv_path_PKG_CONFIG+set}" = set; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $PKG_CONFIG in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  ;;
+esac
+fi
+PKG_CONFIG=$ac_cv_path_PKG_CONFIG
+if test -n "$PKG_CONFIG"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5
+$as_echo "$PKG_CONFIG" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+            if test x"$PKG_CONFIG" != x""; then
+                OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null`
+                if test $? = 0; then
+                    OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null`
+                    OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null`
+                    found=true
+                fi
+            fi
+
+            # no such luck; use some default ssldirs
+            if ! $found; then
+                ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr"
+            fi
+
+
+fi
+
+
+
+    # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in
+    # an 'openssl' subdirectory
+
+    if ! $found; then
+        OPENSSL_INCLUDES=
+        for ssldir in $ssldirs; do
+            { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openssl/ssl.h in $ssldir" >&5
+$as_echo_n "checking for openssl/ssl.h in $ssldir... " >&6; }
+            if test -f "$ssldir/include/openssl/ssl.h"; then
+                OPENSSL_INCLUDES="-I$ssldir/include"
+                OPENSSL_LDFLAGS="-L$ssldir/lib"
+                OPENSSL_LIBS="-lssl -lcrypto"
+                found=true
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+                break
+            else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+            fi
+        done
+
+        # if the file wasn't found, well, go ahead and try the link anyway -- maybe
+        # it will just work!
+    fi
+
+    # try the preprocessor and linker with our new flags,
+    # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether compiling and linking against OpenSSL works" >&5
+$as_echo_n "checking whether compiling and linking against OpenSSL works... " >&6; }
+    echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \
+        "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&5
+
+    save_LIBS="$LIBS"
+    save_LDFLAGS="$LDFLAGS"
+    save_CPPFLAGS="$CPPFLAGS"
+    LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS"
+    LIBS="$OPENSSL_LIBS $LIBS"
+    CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS"
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char mhash_get_block_size ();
+#include <openssl/ssl.h>
 int
 main ()
 {
-return mhash_get_block_size ();
+SSL_new(NULL)
   ;
   return 0;
 }
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_mhash_mhash_get_block_size=yes
-else
-  ac_cv_lib_mhash_mhash_get_block_size=no
+
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+            echo >/dev/null
+
+else
+
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+            echo "You must install OpenSSL development files."; exit1
+
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_mhash_mhash_get_block_size" >&5
-$as_echo "$ac_cv_lib_mhash_mhash_get_block_size" >&6; }
-if test "x$ac_cv_lib_mhash_mhash_get_block_size" = x""yes; then :
-  MHASH_LIB_DIR="${with_mhash_dir}/lib"
-else
-  echo "You must install libmhash."; exit 1
-fi
-
-LIBS="${LIBS_save}"
-
-as_ac_Header=`$as_echo "ac_cv_header_"${with_mhash_dir}/include/mhash.h"" | $as_tr_sh`
-ac_fn_c_check_header_mongrel "$LINENO" ""${with_mhash_dir}/include/mhash.h"" "$as_ac_Header" "$ac_includes_default"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  CPPFLAGS="${CPPFLAGS} -I${with_mhash_dir}/include"
-else
-  echo "You must install libmhash dev files."; exit 1
-fi
+    CPPFLAGS="$save_CPPFLAGS"
+    LDFLAGS="$save_LDFLAGS"
+    LIBS="$save_LIBS"
+
+
+
 
 
 
@@ -11232,7 +11322,6 @@
 
 
 
-
 ac_config_files="$ac_config_files Makefile src/c/Makefile src/config.sml"
 
 
@@ -13582,6 +13671,5 @@
   lib directory:       LIB            $LIB
   include directory:   INCLUDE        $INCLUDE
   site-lisp directory: SITELISP       $SITELISP
-  mhash lib directory: MHASH_LIB_DIR  $MHASH_LIB_DIR
   Extra GCC args:      GCCARGS        $GCCARGS
 EOF
--- a/configure.ac	Sat Dec 25 08:58:25 2010 -0500
+++ b/configure.ac	Sun Dec 26 11:13:37 2010 -0500
@@ -6,20 +6,7 @@
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_HEADERS([config.h])
 
-dnl Setting the search directory for mhash.
-AC_ARG_WITH(mhash-dir, AS_HELP_STRING([--with-mhash-dir=DIR], [mhash directory; default = /usr]), 
-                          with_mhash_dir="$withval", with_mhash_dir="/usr")
-
-dnl Check for libmhash
-LIBS_save="$LIBS"
-LIBS="-L${with_mhash_dir}/lib/ -lmhash"
-AC_CHECK_LIB(mhash, mhash_get_block_size, 
-                    [MHASH_LIB_DIR="${with_mhash_dir}/lib"], [echo "You must install libmhash."; exit 1])
-LIBS="${LIBS_save}"
-
-dnl Check for mhash.h
-AC_CHECK_HEADER(["${with_mhash_dir}/include/mhash.h"],
-        [CPPFLAGS="${CPPFLAGS} -I${with_mhash_dir}/include"], [echo "You must install libmhash dev files."; exit 1])
+AX_CHECK_OPENSSL([echo >/dev/null], [echo "You must install OpenSSL development files."; exit1])
 
 AC_CHECK_PROG(MLTON, mlton, yes, [])
 
@@ -67,7 +54,6 @@
 AC_SUBST(INCLUDE)
 AC_SUBST(SITELISP)
 AC_SUBST(GCCARGS)
-AC_SUBST(MHASH_LIB_DIR)
 
 AC_CONFIG_FILES([
         Makefile
@@ -84,6 +70,5 @@
   lib directory:       LIB            $LIB
   include directory:   INCLUDE        $INCLUDE
   site-lisp directory: SITELISP       $SITELISP
-  mhash lib directory: MHASH_LIB_DIR  $MHASH_LIB_DIR
   Extra GCC args:      GCCARGS        $GCCARGS  
 EOF
--- a/doc/manual.tex	Sat Dec 25 08:58:25 2010 -0500
+++ b/doc/manual.tex	Sun Dec 26 11:13:37 2010 -0500
@@ -56,9 +56,9 @@
 sudo make install
 \end{verbatim}
 
-Some other packages must be installed for the above to work.  At a minimum, you need a standard UNIX shell, with standard UNIX tools like sed and GCC in your execution path; MLton, the whole-program optimizing compiler for Standard ML; and the mhash C library.  As of this writing, in the ``testing'' version of Debian Linux, this command will install the more uncommon of these dependencies:
+Some other packages must be installed for the above to work.  At a minimum, you need a standard UNIX shell, with standard UNIX tools like sed and GCC in your execution path; MLton, the whole-program optimizing compiler for Standard ML; and the development files for the OpenSSL C library.  As of this writing, in the ``testing'' version of Debian Linux, this command will install the more uncommon of these dependencies:
 \begin{verbatim}
-apt-get install mlton libmhash-dev
+apt-get install mlton libssl-dev
 \end{verbatim}
 
 To build programs that access SQL databases, you also need one of these client libraries for supported backends.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/m4/ax_check_openssl.m4	Sun Dec 26 11:13:37 2010 -0500
@@ -0,0 +1,124 @@
+# ===========================================================================
+#     http://www.gnu.org/software/autoconf-archive/ax_check_openssl.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_CHECK_OPENSSL([action-if-found[, action-if-not-found]])
+#
+# DESCRIPTION
+#
+#   Look for OpenSSL in a number of default spots, or in a user-selected
+#   spot (via --with-openssl).  Sets
+#
+#     OPENSSL_INCLUDES to the include directives required
+#     OPENSSL_LIBS to the -l directives required
+#     OPENSSL_LDFLAGS to the -L or -R flags required
+#
+#   and calls ACTION-IF-FOUND or ACTION-IF-NOT-FOUND appropriately
+#
+#   This macro sets OPENSSL_INCLUDES such that source files should use the
+#   openssl/ directory in include directives:
+#
+#     #include <openssl/hmac.h>
+#
+# LICENSE
+#
+#   Copyright (c) 2009,2010 Zmanda Inc. <http://www.zmanda.com/>
+#   Copyright (c) 2009,2010 Dustin J. Mitchell <dustin@zmanda.com>
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 7
+
+AU_ALIAS([CHECK_SSL], [AX_CHECK_OPENSSL])
+AC_DEFUN([AX_CHECK_OPENSSL], [
+    found=false
+    AC_ARG_WITH(openssl,
+        AS_HELP_STRING([--with-openssl=DIR],
+            [root of the OpenSSL directory]),
+        [
+            case "$withval" in
+            "" | y | ye | yes | n | no)
+            AC_MSG_ERROR([Invalid --with-openssl value])
+              ;;
+            *) ssldirs="$withval"
+              ;;
+            esac
+        ], [
+            # if pkg-config is installed and openssl has installed a .pc file,
+            # then use that information and don't search ssldirs
+            AC_PATH_PROG(PKG_CONFIG, pkg-config)
+            if test x"$PKG_CONFIG" != x""; then
+                OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null`
+                if test $? = 0; then
+                    OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null`
+                    OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null`
+                    found=true
+                fi
+            fi
+
+            # no such luck; use some default ssldirs
+            if ! $found; then
+                ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr"
+            fi
+        ]
+        )
+
+
+    # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in
+    # an 'openssl' subdirectory
+
+    if ! $found; then
+        OPENSSL_INCLUDES=
+        for ssldir in $ssldirs; do
+            AC_MSG_CHECKING([for openssl/ssl.h in $ssldir])
+            if test -f "$ssldir/include/openssl/ssl.h"; then
+                OPENSSL_INCLUDES="-I$ssldir/include"
+                OPENSSL_LDFLAGS="-L$ssldir/lib"
+                OPENSSL_LIBS="-lssl -lcrypto"
+                found=true
+                AC_MSG_RESULT([yes])
+                break
+            else
+                AC_MSG_RESULT([no])
+            fi
+        done
+
+        # if the file wasn't found, well, go ahead and try the link anyway -- maybe
+        # it will just work!
+    fi
+
+    # try the preprocessor and linker with our new flags,
+    # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS
+
+    AC_MSG_CHECKING([whether compiling and linking against OpenSSL works])
+    echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \
+        "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&AS_MESSAGE_LOG_FD
+
+    save_LIBS="$LIBS"
+    save_LDFLAGS="$LDFLAGS"
+    save_CPPFLAGS="$CPPFLAGS"
+    LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS"
+    LIBS="$OPENSSL_LIBS $LIBS"
+    CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS"
+    AC_LINK_IFELSE(
+        AC_LANG_PROGRAM([#include <openssl/ssl.h>], [SSL_new(NULL)]),
+        [
+            AC_MSG_RESULT([yes])
+            $1
+        ], [
+            AC_MSG_RESULT([no])
+            $2
+        ])
+    CPPFLAGS="$save_CPPFLAGS"
+    LDFLAGS="$save_LDFLAGS"
+    LIBS="$save_LIBS"
+
+    AC_SUBST([OPENSSL_INCLUDES])
+    AC_SUBST([OPENSSL_LIBS])
+    AC_SUBST([OPENSSL_LDFLAGS])
+])
--- a/src/c/Makefile.am	Sat Dec 25 08:58:25 2010 -0500
+++ b/src/c/Makefile.am	Sun Dec 26 11:13:37 2010 -0500
@@ -1,9 +1,9 @@
 lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la
 
-liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c
+liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c
 liburweb_http_la_SOURCES = http.c
 liburweb_cgi_la_SOURCES = cgi.c
 liburweb_fastcgi_la_SOURCES = fastcgi.c
 
-AM_CPPFLAGS = -I../../include
+AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@
 AM_CFLAGS = -Wimplicit -Wall -Werror
--- a/src/c/Makefile.in	Sat Dec 25 08:58:25 2010 -0500
+++ b/src/c/Makefile.in	Sun Dec 26 11:13:37 2010 -0500
@@ -37,10 +37,10 @@
 subdir = src/c
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
-	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
-	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
-	$(top_srcdir)/configure.ac
+am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \
+	$(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(install_sh) -d
@@ -71,7 +71,7 @@
 am__installdirs = "$(DESTDIR)$(libdir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 liburweb_la_LIBADD =
-am_liburweb_la_OBJECTS = memmem.lo mhash.lo urweb.lo request.lo \
+am_liburweb_la_OBJECTS = memmem.lo openssl.lo urweb.lo request.lo \
 	queue.lo
 liburweb_la_OBJECTS = $(am_liburweb_la_OBJECTS)
 liburweb_cgi_la_LIBADD =
@@ -145,7 +145,6 @@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
 MAKEINFO = @MAKEINFO@
-MHASH_LIB_DIR = @MHASH_LIB_DIR@
 MKDIR_P = @MKDIR_P@
 MLLEX = @MLLEX@
 MLTON = @MLTON@
@@ -154,6 +153,9 @@
 NMEDIT = @NMEDIT@
 OBJDUMP = @OBJDUMP@
 OBJEXT = @OBJEXT@
+OPENSSL_INCLUDES = @OPENSSL_INCLUDES@
+OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@
+OPENSSL_LIBS = @OPENSSL_LIBS@
 OTOOL = @OTOOL@
 OTOOL64 = @OTOOL64@
 PACKAGE = @PACKAGE@
@@ -164,6 +166,7 @@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKG_CONFIG = @PKG_CONFIG@
 RANLIB = @RANLIB@
 SED = @SED@
 SET_MAKE = @SET_MAKE@
@@ -224,11 +227,11 @@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la
-liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c
+liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c
 liburweb_http_la_SOURCES = http.c
 liburweb_cgi_la_SOURCES = cgi.c
 liburweb_fastcgi_la_SOURCES = fastcgi.c
-AM_CPPFLAGS = -I../../include
+AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@
 AM_CFLAGS = -Wimplicit -Wall -Werror
 all: all-am
 
@@ -314,7 +317,7 @@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fastcgi.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/memmem.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mhash.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/queue.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/request.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urweb.Plo@am__quote@
--- a/src/c/mhash.c	Sat Dec 25 08:58:25 2010 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,84 +0,0 @@
-#include "config.h"
-
-#include <mhash.h>
-#include <fcntl.h>
-
-#define KEYSIZE 16
-#define PASSSIZE 4
-
-#define HASH_ALGORITHM MHASH_SHA256
-#define HASH_BLOCKSIZE 32
-#define KEYGEN_ALGORITHM KEYGEN_MCRYPT
-
-int uw_hash_blocksize = HASH_BLOCKSIZE;
-
-static int password[PASSSIZE];
-static unsigned char private_key[KEYSIZE];
-
-char *uw_sig_file = NULL;
-
-static void random_password() {
-  int i;
-
-  for (i = 0; i < PASSSIZE; ++i)
-    password[i] = rand();
-}
-
-void uw_init_crypto() {
-  KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}};
-
-  assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE);
-
-  if (uw_sig_file) {
-    int fd;
-
-    if (access(uw_sig_file, F_OK)) {
-      random_password();
-      
-      if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) {
-        fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
-        perror("open");
-        exit(1);
-      }
-
-      if (write(fd, &password, sizeof password) != sizeof password) {
-        fprintf(stderr, "Error writing signature file\n");
-        exit(1);
-      }
-
-      close(fd);
-    } else {
-      if ((fd = open(uw_sig_file, O_RDONLY)) < 0) {
-        fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
-        perror("open");
-        exit(1);
-      }
-
-      if (read(fd, &password, sizeof password) != sizeof password) {
-        fprintf(stderr, "Error reading signature file\n");
-        exit(1);
-      }
-
-      close(fd);
-    }
-  } else
-    random_password();
-
-  if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg,
-                       private_key, sizeof(private_key),
-                       (unsigned char*)password, sizeof(password)) < 0) {
-    fprintf(stderr, "Key generation failed\n");
-    exit(1);
-  }
-}
-
-void uw_sign(const char *in, char *out) {
-  MHASH td;
-
-  td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key),
-                       mhash_get_hash_pblock(HASH_ALGORITHM));
-  
-  mhash(td, in, strlen(in));
-  if (mhash_hmac_deinit(td, out) < 0)
-    fprintf(stderr, "Signing failed\n");
-}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/c/openssl.c	Sun Dec 26 11:13:37 2010 -0500
@@ -0,0 +1,72 @@
+#include "config.h"
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/sha.h>
+
+#define PASSSIZE 4
+
+int uw_hash_blocksize = 32;
+
+static int password[PASSSIZE];
+
+char *uw_sig_file = NULL;
+
+static void random_password() {
+  int i;
+
+  for (i = 0; i < PASSSIZE; ++i)
+    password[i] = rand();
+}
+
+void uw_init_crypto() {
+  if (uw_sig_file) {
+    int fd;
+
+    if (access(uw_sig_file, F_OK)) {
+      random_password();
+      
+      if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) {
+        fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
+        perror("open");
+        exit(1);
+      }
+
+      if (write(fd, &password, sizeof password) != sizeof password) {
+        fprintf(stderr, "Error writing signature file\n");
+        exit(1);
+      }
+
+      close(fd);
+    } else {
+      if ((fd = open(uw_sig_file, O_RDONLY)) < 0) {
+        fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
+        perror("open");
+        exit(1);
+      }
+
+      if (read(fd, &password, sizeof password) != sizeof password) {
+        fprintf(stderr, "Error reading signature file\n");
+        exit(1);
+      }
+
+      close(fd);
+    }
+  } else
+    random_password();
+}
+
+void uw_sign(const char *in, unsigned char *out) {
+  SHA256_CTX c;
+
+  SHA256_Init(&c);
+  SHA256_Update(&c, password, sizeof password);
+  SHA256_Update(&c, in, strlen(in));
+  SHA256_Final(out, &c);
+}
--- a/src/compiler.sml	Sat Dec 25 08:58:25 2010 -0500
+++ b/src/compiler.sml	Sun Dec 26 11:13:37 2010 -0500
@@ -1285,16 +1285,16 @@
     let
         val proto = Settings.currentProtocol ()
 
-        val (lib, mhash) = if Settings.getStaticLinking () then
-                               (#linkStatic proto ^ " " ^ Config.lib ^ "/../liburweb.a", Config.libMhash ^ "/libmhash.a")
-                           else
-                               ("-L" ^ Config.lib ^ "/.. -lurweb " ^ #linkDynamic proto, "-L" ^ Config.libMhash ^ " -lmhash")
+        val lib = if Settings.getStaticLinking () then
+                      #linkStatic proto ^ " " ^ Config.lib ^ "/../liburweb.a"
+                  else
+                      "-L" ^ Config.lib ^ "/.. -lurweb " ^ #linkDynamic proto
 
         val compile = "gcc " ^ Config.gccArgs ^ " -Wimplicit -Werror -O3 -fno-inline -I " ^ Config.includ
                       ^ " " ^ #compile proto
                       ^ " -c " ^ cname ^ " -o " ^ oname
 
-        val link = "gcc -Werror -O3 -lm -lcrypt -pthread " ^ Config.gccArgs ^ " " ^ libs ^ " " ^ lib ^ " " ^ mhash ^ " " ^ oname
+        val link = "gcc -Werror -O3 -lm -lcrypt -pthread " ^ Config.gccArgs ^ " " ^ libs ^ " " ^ lib ^ " " ^ Config.openssl ^ " " ^ oname
                    ^ " -o " ^ ename
 
         val (compile, link) =
--- a/src/config.sig	Sat Dec 25 08:58:25 2010 -0500
+++ b/src/config.sig	Sun Dec 26 11:13:37 2010 -0500
@@ -9,5 +9,5 @@
     val libJs : string
 
     val gccArgs : string
-    val libMhash : string
+    val openssl : string
 end
--- a/src/config.sml.in	Sat Dec 25 08:58:25 2010 -0500
+++ b/src/config.sml.in	Sun Dec 26 11:13:37 2010 -0500
@@ -13,6 +13,6 @@
                                  file = "js"}
 
 val gccArgs = "@GCCARGS@"
-val libMhash = "@MHASH_LIB_DIR@"
+val openssl = "@OPENSSL_LDFLAGS@ @OPENSSL_LIBS@"
 
 end