1# ModSecurity configure.ac 2 3 4# Get the hash of the last commit, to be used if it is not an 5# official release. 6AC_DEFUN([MSC_GIT_HASH], m4_esyscmd_s(git log -1 --format="%h" --abbrev-commit)) 7AC_DEFUN([MSC_MAJOR], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_MAJOR " | awk {'print $3'} | sed 's/\"//g')) 8AC_DEFUN([MSC_MINOR], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_MINOR " | awk {'print $3'} | sed 's/\"//g')) 9AC_DEFUN([MSC_PATCHLEVEL], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_PATCHLEVEL " | awk {'print $3'} | sed 's/\"//g')) 10AC_DEFUN([MSC_TAG], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_FTAG " | awk {'print $3'} | sed 's/\"//g')) 11 12 13# Version definition to be further used by AC_INIT and 14# .so file naming. 15m4_define([msc_version_major], [MSC_MAJOR]) 16m4_define([msc_version_minor], [MSC_MINOR]) 17m4_define([msc_version_patchlevel], [MSC_PATCHLEVEL]) 18 19m4_define([msc_version_c_plus_a], [m4_eval(msc_version_major + msc_version_minor)]) 20 21 22m4_define([msc_version], 23 [msc_version_major.msc_version_minor]) 24 25m4_define([msc_version_with_patchlevel], 26 [msc_version_major.msc_version_minor.msc_version_patchlevel]) 27 28m4_define([msc_version_git], 29 [m4_esyscmd_s(git describe)]) 30 31m4_define([msc_version_info], 32 [msc_version_c_plus_a:msc_version_patchlevel:msc_version_minor]) 33 34 35# Project Information 36AC_INIT([modsecurity], [3.0], [security@modsecurity.org]) 37 38 39# General definitions 40AC_CONFIG_MACRO_DIR([build]) 41AC_PREFIX_DEFAULT([/usr/local/modsecurity]) 42 43 44# General automake options. 45AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects]) 46 47 48# Check for dependencies (C++, AR, Lex, Yacc and Make) 49AC_PROG_CXX 50AM_PROG_AR 51AC_PROG_MAKE_SET 52PKG_PROG_PKG_CONFIG 53 54 55# Check if the compiler is c++11 compatible. 56# AX_CXX_COMPILE_STDCXX_11(,mandatory) 57 58# Check for libinjection 59if ! test -f "${srcdir}/others/libinjection/src/libinjection_html5.c"; then 60AC_MSG_ERROR([\ 61 62 63 libInjection was not found within ModSecurity source directory. 64 65 libInjection code is available as part of ModSecurity source code in a format 66 of a git-submodule. git-submodule allow us to specify the correct version of 67 libInjection and still uses the libInjection repository to download it. 68 69 You can download libInjection using git: 70 71 $ git submodule init 72 $ git submodule update 73 74 ]) 75fi 76# Libinjection version 77AC_DEFUN([LIBINJECTION_VERSION], m4_esyscmd_s(cd "others/libinjection" && git describe && cd ../..)) 78 79# SecLang test version 80AC_DEFUN([SECLANG_TEST_VERSION], m4_esyscmd_s(cd "test/test-cases/secrules-language-tests" && git log -1 --format="%h" --abbrev-commit && cd ../../..)) 81 82 83# Check for yajl 84PROG_YAJL 85 86AM_CONDITIONAL([YAJL_VERSION], [test "$YAJL_VERSION" != ""]) 87 88# Check for LibGeoIP 89PROG_GEOIP 90AM_CONDITIONAL([GEOIP_CFLAGS], [test "GEOIP_CFLAGS" != ""]) 91 92# Check for MaxMind 93PROG_MAXMIND 94AM_CONDITIONAL([MAXMIND_CFLAGS], [test "MAXMIND_CFLAGS" != ""]) 95 96 97# Check for LMDB 98PROG_LMDB 99AM_CONDITIONAL([LMDB_CFLAGS], [test "LMDB_CFLAGS" != ""]) 100 101# Check for SSDEEP 102CHECK_SSDEEP 103AM_CONDITIONAL([SSDEEP_CFLAGS], [test "SSDEEP_CFLAGS" != ""]) 104 105# Check for LUA 106CHECK_LUA 107AM_CONDITIONAL([LUA_CFLAGS], [test "LUA_CFLAGS" != ""]) 108 109 110# 111# Check for curl 112# 113CHECK_CURL 114 115if ! test -z "${CURL_VERSION}"; then 116 AC_DEFINE([MSC_WITH_CURL], [1], [Define if libcurl is available]) 117fi 118 119 120# 121# Check for LibXML 122# 123CHECK_LIBXML2 124 125 126# 127# Check for libpcre 128# 129CHECK_PCRE 130 131 132# Checks for header files. 133AC_HEADER_STDC 134AC_CHECK_HEADERS([string]) 135AC_CHECK_HEADERS([iostream]) 136AC_CHECK_HEADERS([sys/utsname.h]) 137 138 139# ?? 140LT_INIT([dlopen]) 141 142# Identify platform 143AC_CANONICAL_HOST 144 145case $host in 146 *-*-aix*) 147 echo "Checking platform... Identified as AIX" 148 AC_DEFINE([AIX], [1], [Define if the operating system is AIX]) 149 PLATFORM="AIX" 150 ;; 151 *-*-hpux*) 152 echo "Checking platform... Identified as HPUX" 153 AC_DEFINE([HPUX], [1], [Define if the operating system is HPUX]) 154 PLATFORM="HPUX" 155 ;; 156 *-*-darwin*) 157 echo "Checking platform... Identified as Macintosh OS X" 158 AC_DEFINE([MACOSX], [1], [Define if the operating system is Macintosh OSX]) 159 PLATFORM="MacOSX" 160 ;; 161 *-*-linux* | *-*uclinux*) 162 echo "Checking platform... Identified as Linux" 163 AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX]) 164 PLATFORM="Linux" 165 ;; 166 *-*-solaris*) 167 echo "Checking platform... Identified as Solaris" 168 AC_DEFINE([SOLARIS], [1], [Define if the operating system is SOLARIS]) 169 PLATFORM="Solaris" 170 ;; 171 *-*-freebsd*) 172 echo "Checking platform... Identified as FreeBSD" 173 AC_DEFINE([FREEBSD], [1], [Define if the operating system is FREEBSD]) 174 PLATFORM="FreeBSD" 175 ;; 176 *-*-netbsd*) 177 echo "Checking platform... Identified as NetBSD" 178 AC_DEFINE([NETBSD], [1], [Define if the operating system is NETBSD]) 179 PLATFORM="NetBSD" 180 ;; 181 *-*-openbsd*) 182 echo "Checking platform... Identified as OpenBSD" 183 AC_DEFINE([OPENBSD], [1], [Define if the operating system is OPENBSD]) 184 PLATFORM="OpenBSD" 185 ;; 186 *-*-kfreebsd*) 187 echo "Checking platform... Identified as kFreeBSD, treating as linux" 188 AC_DEFINE([FREEBSD], [1], [Define if the operating system is FREEBSD]) 189 PLATFORM="kFreeBSD" 190 ;; 191 *-*-dragonfly*) 192 echo "Checking platform... Identified as DragonFlyBSD, treating as linux" 193 AC_DEFINE([DRAGONFLY], [1], [Define if the operating system is DRAGONFLY]) 194 PLATFORM="DragonFly" 195 ;; 196 *-*-gnu*.*) 197 echo "Checking platform... Identified as HURD, treating as linux" 198 AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX]) 199 PLATFORM="HURD" 200 ;; 201 *) 202 echo "Unknown CANONICAL_HOST $host" 203 exit 1 204 ;; 205esac 206 207# Variables to be used inside the Makefile.am files. 208MSC_BASE_DIR=`pwd` 209AC_SUBST([MSC_BASE_DIR]) 210 211MSC_VERSION_INFO=msc_version_info 212AC_SUBST([MSC_VERSION_INFO]) 213 214MSC_VERSION_WITH_PATCHLEVEL=msc_version_with_patchlevel 215AC_SUBST([MSC_VERSION_WITH_PATCHLEVEL]) 216 217MSC_VERSION=msc_version 218AC_SUBST([MSC_VERSION]) 219 220MSC_GIT_VERSION=msc_version_git 221AC_SUBST([MSC_GIT_VERSION]) 222 223 224AC_ARG_ENABLE(debug-logs, 225 [AC_HELP_STRING([--disable-debug-logs],[Turn off the SecDebugLog feature])], 226 227 [case "${enableval}" in 228 yes) debugLogs=true ;; 229 no) debugLogs=false ;; 230 *) AC_MSG_ERROR(bad value ${enableval} for --enable-debug-logs) ;; 231 esac], 232 233 [debugLogs=true] 234 ) 235if test "$debugLogs" != "true"; then 236 MODSEC_NO_LOGS="-DNO_LOGS=1" 237 AC_SUBST(MODSEC_NO_LOGS) 238fi 239 240 241# Fuzzer 242AC_ARG_ENABLE(afl-fuzz, 243 [AC_HELP_STRING([--enable-afl-fuzz],[Turn on the afl fuzzer compilation utilities])], 244 245 [case "${enableval}" in 246 yes) aflFuzzer=true ;; 247 no) aflFuzzer=false ;; 248 *) AC_MSG_ERROR(bad value ${enableval} for --enable-afl-fuzz) ;; 249 esac], 250 251 [aflFuzzer=false] 252 ) 253 254# Examples 255AC_ARG_ENABLE(examples, 256 [AC_HELP_STRING([--enable-examples],[Turn on the examples compilation (default option)])], 257 258 [case "${enableval}" in 259 yes) buildExamples=true ;; 260 no) buildExamples=false ;; 261 *) AC_MSG_ERROR(bad value ${enableval} for --enable-examples) ;; 262 esac], 263 264 [buildExamples=true] 265 ) 266 267# Parser 268AC_ARG_ENABLE(parser-generation, 269 [AC_HELP_STRING([--enable-parser-generation],[Enables parser generation during the build])], 270 271 [case "${enableval}" in 272 yes) buildParser=true ;; 273 no) buildParser=false ;; 274 *) AC_MSG_ERROR(bad value ${enableval} for --enable-parser-generation) ;; 275 esac], 276 277 [buildParser=false] 278 ) 279 280# Mutex 281AC_ARG_ENABLE(mutex-on-pm, 282 [AC_HELP_STRING([--enable-mutex-on-pm],[Treats pm operations as a critical section])], 283 284 [case "${enableval}" in 285 yes) mutexPm=true ;; 286 no) mutexPm=false ;; 287 *) AC_MSG_ERROR(bad value ${enableval} for --enable-mutex-on-pm) ;; 288 esac], 289 290 [mutexPm=false] 291 ) 292if test "$mutexPm" == "true"; then 293 MODSEC_MUTEX_ON_PM="-DMUTEX_ON_PM=1" 294 AC_SUBST(MODSEC_MUTEX_ON_PM) 295fi 296 297 298if test $buildParser = true; then 299 AC_PROG_YACC 300 AC_PROG_LEX 301 AC_PATH_PROG([FLEX], [flex]) 302 test "x$FLEX" = "x" && AC_MSG_ERROR([flex is needed to build ModSecurity]) 303 304 AC_PATH_PROG([BISON], [bison]) 305 test "x$BISON" = "x" && AC_MSG_ERROR([bison is needed to build ModSecurity]) 306 307 AC_PATH_PROG([YACC_INST], $YACC) 308 if test ! -f "$srcdir/gram.c"; then 309 if test -z "$YACC_INST"; then 310 AC_MSG_ERROR([yacc not found - unable to compile ModSecurity]) 311 fi 312 fi 313fi 314 315 316# Decide if we want to build the tests or not. 317buildTestUtilities=false 318if test "x$YAJL_FOUND" = "x1"; then 319 # Regression tests will not be able to run without the logging support. 320 # But we still have the unit tests. 321 # if test "$debugLogs" = "true"; then 322 buildTestUtilities=true 323 # fi 324fi 325 326 327AM_CONDITIONAL([TEST_UTILITIES], [test $buildTestUtilities = true]) 328if test $buildTestUtilities = true; then 329 if test $debugLogs = true; then 330 if test -f ./test/test-list.sh; then 331 TEST_CASES=`./test/test-list.sh` 332 fi 333 fi 334fi 335 336AM_CONDITIONAL([EXAMPLES], [test $buildExamples = true]) 337AM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true]) 338AM_CONDITIONAL([USE_MUTEX_ON_PM], [test $mutexPm = true]) 339 340 341# General link options 342if test "$PLATFORM" != "MacOSX" -a "$PLATFORM" != "OpenBSD"; then 343 GLOBAL_LDADD="-lrt " 344fi 345 346if test "$aflFuzzer" == "true"; then 347 FUZZ_CPPCFLAGS="-fsanitize=address -fsanitize-coverage=4 " 348 GLOBAL_LDADD="$GLOBAL_LDADD -fsanitize=address " 349 GLOBAL_CPPFLAGS="$GLOBAL_CPPFLAGS $FUZZ_CPPCFLAGS" 350 $buildExamples = false 351fi 352AC_SUBST(GLOBAL_LDADD) 353AC_SUBST(GLOBAL_CPPFLAGS) 354 355AM_CONDITIONAL([AFL_FUZZER], [test $aflFuzzer = true]) 356 357GLOBAL_CFLAGS="" 358AC_SUBST(GLOBAL_CFLAGS) 359 360# Files to be generated via autotools. 361AC_CONFIG_FILES([\ 362 modsecurity.pc \ 363 Makefile \ 364 doc/Makefile \ 365 src/Makefile \ 366 others/Makefile \ 367 tools/Makefile \ 368 tools/rules-check/Makefile 369 ]) 370 371AM_COND_IF([TEST_UTILITIES], 372 [AC_CONFIG_FILES([test/Makefile test/benchmark/Makefile])]) 373 374AM_COND_IF([EXAMPLES], 375 [AC_CONFIG_FILES([ \ 376 examples/Makefile \ 377 examples/simple_example_using_c/Makefile \ 378 examples/multiprocess_c/Makefile \ 379 examples/reading_logs_with_offset/Makefile \ 380 examples/reading_logs_via_rule_message/Makefile \ 381 examples/using_bodies_in_chunks/Makefile \ 382 ])]) 383 384AM_COND_IF([AFL_FUZZER], 385 [AC_CONFIG_FILES([test/fuzzer/Makefile])]) 386 387AM_COND_IF([BUILD_PARSER], 388 [AC_CONFIG_FILES([src/parser/Makefile])]) 389 390 391AC_CONFIG_HEADERS([src/config.h]) 392 393 394# Doxygen support 395DX_HTML_FEATURE(ON) 396DX_CHM_FEATURE(OFF) 397DX_CHI_FEATURE(OFF) 398DX_MAN_FEATURE(OFF) 399DX_RTF_FEATURE(OFF) 400DX_XML_FEATURE(OFF) 401DX_PDF_FEATURE(OFF) 402DX_PS_FEATURE(OFF) 403 404DX_INIT_DOXYGEN([ModSecurity],[doc/doxygen.cfg]) 405 406# make check-valgrind 407AX_VALGRIND_DFLT([sgcheck], [off]) 408AX_VALGRIND_CHECK 409 410# Generate the files. 411AC_OUTPUT 412 413 414# Print a fancy summary 415echo " " 416echo " " 417echo "ModSecurity - ${MSC_GIT_VERSION} for $PLATFORM" 418echo " " 419echo " Mandatory dependencies" 420echo -n " + libInjection ...." 421echo LIBINJECTION_VERSION 422echo -n " + SecLang tests ...." 423echo SECLANG_TEST_VERSION 424 425echo " " 426echo " Optional dependencies" 427 428 429 430## GeoIP - MaxMind 431if test "x$GEOIP_FOUND" = "x0" && test "x$MAXMIND_FOUND" = "x0"; then 432 echo " + GeoIP/MaxMind ....not found" 433fi 434if test "x$GEOIP_FOUND" = "x1" || test "x$MAXMIND_FOUND" = "x1"; then 435 echo -n " + GeoIP/MaxMind ....found " 436 echo "" 437 if test "x$MAXMIND_FOUND" = "x1"; then 438 echo " * (MaxMind) v${MAXMIND_VERSION}" 439 echo " ${MAXMIND_DISPLAY}" 440 fi 441 if test "x$GEOIP_FOUND" = "x1"; then 442 echo " * (GeoIP) v${GEOIP_VERSION}" 443 echo " ${GEOIP_DISPLAY}" 444 fi 445fi 446if test "x$GEOIP_FOUND" = "x2" && test "x$MAXMIND_FOUND" = "x2"; then 447 echo " + GeoIP/MaxMind ....disabled" 448fi 449 450 451## LibCurl 452if test "x$CURL_FOUND" = "x0"; then 453 echo " + LibCURL ....not found" 454fi 455if test "x$CURL_FOUND" = "x1"; then 456 echo -n " + LibCURL ....found " 457 if ! test "x$CURL_VERSION" = "x"; then 458 echo "v${CURL_VERSION}" 459 else 460 echo "" 461 fi 462 echo " ${CURL_DISPLAY}" 463fi 464if test "x$CURL_FOUND" = "x2"; then 465 echo " + LibCURL ....disabled" 466fi 467 468 469## YAJL 470if test "x$YAJL_FOUND" = "x0"; then 471 echo " + YAJL ....not found" 472fi 473if test "x$YAJL_FOUND" = "x1"; then 474 echo -n " + YAJL ....found " 475 if ! test "x$YAJL_VERSION" = "x"; then 476 echo "v${YAJL_VERSION}" 477 else 478 echo "" 479 fi 480 echo " ${YAJL_DISPLAY}" 481fi 482if test "x$YAJL_FOUND" = "x2"; then 483 echo " + YAJL ....disabled" 484fi 485 486 487## LMDB 488if test "x$LMDB_FOUND" = "x0"; then 489 echo " + LMDB ....not found" 490fi 491if test "x$LMDB_FOUND" = "x1"; then 492 echo -n " + LMDB ....found " 493 if ! test "x$LMDB_VERSION" = "x"; then 494 echo "v${LMDB_VERSION}" 495 else 496 echo "" 497 fi 498 echo " ${LMDB_DISPLAY}" 499fi 500if test "x$LMDB_FOUND" = "x2"; then 501 echo " + LMDB ....disabled" 502fi 503 504 505## libxml2 506if test "x$LIBXML2_FOUND" = "x0"; then 507 echo " + LibXML2 ....not found" 508fi 509if test "x$LIBXML2_FOUND" = "x1"; then 510 echo -n " + LibXML2 ....found " 511 if ! test "x$LIBXML2_VERSION" = "x"; then 512 echo "v${LIBXML2_VERSION}" 513 else 514 echo "" 515 fi 516 echo " ${LIBXML2_DISPLAY}" 517fi 518if test "x$LIBXML2_FOUND" = "x2"; then 519 echo " + LibXML2 ....disabled" 520fi 521 522 523## SSDEEP 524if test "x$SSDEEP_FOUND" = "x0"; then 525 echo " + SSDEEP ....not found" 526fi 527if test "x$SSDEEP_FOUND" = "x1"; then 528 echo -n " + SSDEEP ....found " 529 if ! test "x$SSDEEP_VERSION" = "x"; then 530 echo "v${SSDEEP_VERSION}" 531 else 532 echo "" 533 fi 534 echo " ${SSDEEP_DISPLAY}" 535fi 536if test "x$SSDEEP_FOUND" = "x2"; then 537 echo " + SSDEEP ....disabled" 538fi 539 540## LUA 541if test "x$LUA_FOUND" = "x0"; then 542 echo " + LUA ....not found" 543fi 544if test "x$LUA_FOUND" = "x1"; then 545 echo -n " + LUA ....found " 546 if ! test "x$LUA_VERSION" = "x"; then 547 echo "v${LUA_VERSION}" 548 else 549 echo "" 550 fi 551 echo " ${LUA_DISPLAY}" 552fi 553if test "x$LUA_FOUND" = "x2"; then 554 echo " + LUA ....disabled" 555fi 556 557 558echo " " 559echo " Other Options" 560if test $buildTestUtilities = true; then 561 if test $debugLogs = true; then 562 echo " + Test Utilities ....enabled" 563 else 564 echo " + Test Utilities ....partially" 565 fi 566else 567 echo " + Test Utilities ....disabled" 568fi 569if test $debugLogs = true; then 570 echo " + SecDebugLog ....enabled" 571else 572 echo " + SecDebugLog ....disabled" 573fi 574 575if test "$aflFuzzer" = "true"; then 576 echo " + afl fuzzer ....enabled" 577 echo " ($FUZZ_CPPCFLAGS)" 578else 579 echo " + afl fuzzer ....disabled" 580fi 581 582if test "$buildExamples" = "true"; then 583 echo " + library examples ....enabled" 584else 585 echo " + library examples ....disabled" 586fi 587 588if test "$buildParser" = "true"; then 589 echo " + Building parser ....enabled" 590else 591 echo " + Building parser ....disabled" 592fi 593 594if test "$mutexPm" = "true"; then 595 echo " + Treating pm operations as critical section ....enabled" 596else 597 echo " + Treating pm operations as critical section ....disabled" 598fi 599 600 601echo " " 602 603 604if test "$aflFuzzer" = "true"; then 605 echo "WARNING: afl fuzzer was enabled. Make sure you are using the" 606 echo " 'afl-clang-fast' as the compiler, otherwise the compilation" 607 echo " will fail." 608 echo " " 609 echo " You can set the compiler using:" 610 echo " " 611 echo " $ export CXX=afl-clang-fast++ " 612 echo " $ export CC=afl-clang-fast " 613 echo " " 614fi 615 616