Allow building with system wide mbedtls on X11

Using builtin_mbedtls=yes is still the default as many distributions
do not ship with mbedtls included.

SConstruct

@@ -181,6 +181,7 @@ opts.Add(BoolVariable('builtin_libtheora', "Use the builtin libtheora library",
 opts.Add(BoolVariable('builtin_libvorbis', "Use the builtin libvorbis library", True))
 opts.Add(BoolVariable('builtin_libvpx', "Use the builtin libvpx library", True))
 opts.Add(BoolVariable('builtin_libwebp', "Use the builtin libwebp library", True))
+opts.Add(BoolVariable('builtin_mbedtls', "Use the builtin mbedTLS library", True))
 opts.Add(BoolVariable('builtin_opus', "Use the builtin opus library", True))
 opts.Add(BoolVariable('builtin_pcre2', "Use the builtin pcre2 library)", True))
 opts.Add(BoolVariable('builtin_recast', "Use the builtin recast library", True))

modules/mbedtls/SCsub

@@ -5,87 +5,87 @@ Import('env_modules')
 
 env_mbed_tls = env_modules.Clone()
 
-# Thirdparty source files
-thirdparty_dir = "#thirdparty/mbedtls/library/"
+if env['builtin_mbedtls']:
+    # Thirdparty source files
+    thirdparty_sources = [
+        "aes.c",
+        "aesni.c",
+        "arc4.c",
+        "asn1parse.c",
+        "asn1write.c",
+        "base64.c",
+        "bignum.c",
+        "blowfish.c",
+        "camellia.c",
+        "ccm.c",
+        "certs.c",
+        "cipher.c",
+        "cipher_wrap.c",
+        "cmac.c",
+        "ctr_drbg.c",
+        "debug.c",
+        "des.c",
+        "dhm.c",
+        "ecdh.c",
+        "ecdsa.c",
+        "ecjpake.c",
+        "ecp.c",
+        "ecp_curves.c",
+        "entropy.c",
+        "entropy_poll.c",
+        "error.c",
+        "gcm.c",
+        "havege.c",
+        "hmac_drbg.c",
+        "md2.c",
+        "md4.c",
+        "md5.c",
+        "md.c",
+        "md_wrap.c",
+        "memory_buffer_alloc.c",
+        "net_sockets.c",
+        "oid.c",
+        "padlock.c",
+        "pem.c",
+        "pk.c",
+        "pkcs11.c",
+        "pkcs12.c",
+        "pkcs5.c",
+        "pkparse.c",
+        "pk_wrap.c",
+        "pkwrite.c",
+        "platform.c",
+        "ripemd160.c",
+        "rsa.c",
+        "rsa_internal.c",
+        "sha1.c",
+        "sha256.c",
+        "sha512.c",
+        "ssl_cache.c",
+        "ssl_ciphersuites.c",
+        "ssl_cli.c",
+        "ssl_cookie.c",
+        "ssl_srv.c",
+        "ssl_ticket.c",
+        "ssl_tls.c",
+        "threading.c",
+        "timing.c",
+        "version.c",
+        "version_features.c",
+        "x509.c",
+        "x509_create.c",
+        "x509_crl.c",
+        "x509_crt.c",
+        "x509_csr.c",
+        "x509write_crt.c",
+        "x509write_csr.c",
+        "xtea.c"
+    ]
 
-thirdparty_sources = [
-    "aes.c",
-    "aesni.c",
-    "arc4.c",
-    "asn1parse.c",
-    "asn1write.c",
-    "base64.c",
-    "bignum.c",
-    "blowfish.c",
-    "camellia.c",
-    "ccm.c",
-    "certs.c",
-    "cipher.c",
-    "cipher_wrap.c",
-    "cmac.c",
-    "ctr_drbg.c",
-    "debug.c",
-    "des.c",
-    "dhm.c",
-    "ecdh.c",
-    "ecdsa.c",
-    "ecjpake.c",
-    "ecp.c",
-    "ecp_curves.c",
-    "entropy.c",
-    "entropy_poll.c",
-    "error.c",
-    "gcm.c",
-    "havege.c",
-    "hmac_drbg.c",
-    "md2.c",
-    "md4.c",
-    "md5.c",
-    "md.c",
-    "md_wrap.c",
-    "memory_buffer_alloc.c",
-    "net_sockets.c",
-    "oid.c",
-    "padlock.c",
-    "pem.c",
-    "pk.c",
-    "pkcs11.c",
-    "pkcs12.c",
-    "pkcs5.c",
-    "pkparse.c",
-    "pk_wrap.c",
-    "pkwrite.c",
-    "platform.c",
-    "ripemd160.c",
-    "rsa.c",
-    "rsa_internal.c",
-    "sha1.c",
-    "sha256.c",
-    "sha512.c",
-    "ssl_cache.c",
-    "ssl_ciphersuites.c",
-    "ssl_cli.c",
-    "ssl_cookie.c",
-    "ssl_srv.c",
-    "ssl_ticket.c",
-    "ssl_tls.c",
-    "threading.c",
-    "timing.c",
-    "version.c",
-    "version_features.c",
-    "x509.c",
-    "x509_create.c",
-    "x509_crl.c",
-    "x509_crt.c",
-    "x509_csr.c",
-    "x509write_crt.c",
-    "x509write_csr.c",
-    "xtea.c"
-]
-
-thirdparty_sources = [thirdparty_dir + file for file in thirdparty_sources]
-env_mbed_tls.add_source_files(env.modules_sources, thirdparty_sources)
-env_mbed_tls.Append(CPPPATH=["#thirdparty/mbedtls/include/"])
+    thirdparty_dir = "#thirdparty/mbedtls/library/"
+    thirdparty_sources = [thirdparty_dir + file for file in thirdparty_sources]
+    env_mbed_tls.add_source_files(env.modules_sources, thirdparty_sources)
+    env_mbed_tls.Append(CPPPATH=["#thirdparty/mbedtls/include/"])
 
 # Module sources
 env_mbed_tls.add_source_files(env.modules_sources, "*.cpp")

modules/websocket/SCsub

@@ -71,8 +71,9 @@ else:
     wrapper_includes = ["#thirdparty/lws/mbedtls_wrapper/include/" + inc for inc in ["internal", "openssl", "platform", ""]]
     env_lws.Append(CPPPATH=wrapper_includes)
 
-    mbedtls_includes = "#thirdparty/mbedtls/include"
-    env_lws.Append(CPPPATH=[mbedtls_includes])
+    if env['builtin_mbedtls']:
+        mbedtls_includes = "#thirdparty/mbedtls/include"
+        env_lws.Append(CPPPATH=[mbedtls_includes])
 
     if env_lws["platform"] == "windows":
         env_lws.Append(CPPPATH=[thirdparty_dir + helper_dir])

platform/x11/detect.py

@@ -152,6 +152,10 @@ def configure(env):
 
     # FIXME: Check for existence of the libs before parsing their flags with pkg-config
 
+    if not env['builtin_mbedtls']:
+        # mbedTLS does not provide a pkgconfig config yet. See https://github.com/ARMmbed/mbedtls/issues/228
+        env.Append(LIBS=['mbedtls', 'mbedcrypto', 'mbedx509'])
+
     if not env['builtin_libwebp']:
         env.ParseConfig('pkg-config libwebp --cflags --libs')