1# Copyright (C) 2000-2012 Free Software Foundation, Inc.
2#
3# Author: Nikos Mavrogiannopoulos, Simon Josefsson
4#
5# This file is part of GnuTLS.
6#
7# The GnuTLS is free software; you can redistribute it and/or
8# modify it under the terms of the GNU Lesser General Public License
9# as published by the Free Software Foundation; either version 2.1 of
10# the License, or (at your option) any later version.
11#
12# The GnuTLS is distributed in the hope that it will be
13# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
14# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15# Lesser General Public License for more details.
16#
17# You should have received a copy of the GNU Lesser General Public License
18# along with this program.  If not, see <https://www.gnu.org/licenses/>
19
20AC_DEFUN([LIBGNUTLS_EXTRA_HOOKS],
21[
22  AC_MSG_CHECKING([whether to build OpenSSL compatibility layer])
23  AC_ARG_ENABLE(openssl-compatibility,
24    AS_HELP_STRING([--enable-openssl-compatibility],
25                   [enable the OpenSSL compatibility library]),
26    enable_openssl=$enableval, enable_openssl=no)
27  AC_MSG_RESULT($enable_openssl)
28  AM_CONDITIONAL(ENABLE_OPENSSL, test "$enable_openssl" = "yes")
29
30  # We link to ../lib's gnulib, which needs -lws2_32 via LIBSOCKET in Makefile.am.
31  gl_SOCKETS
32])
33
34AC_DEFUN([LIBGNUTLS_HOOKS],
35[
36  # Library code modified:                              REVISION++
37  # Interfaces changed/added/removed:   CURRENT++       REVISION=0
38  # Interfaces added:                             AGE++
39  #   + add new version symbol in libgnutls.map, see Symbol and library versioning
40  #     in CONTRIBUTION.md for more info.
41  #
42  # Interfaces removed:                           AGE=0 (+bump all symbol versions in .map)
43  AC_SUBST(LT_CURRENT, 58)
44  AC_SUBST(LT_REVISION, 2)
45  AC_SUBST(LT_AGE, 28)
46
47  AC_SUBST(LT_SSL_CURRENT, 27)
48  AC_SUBST(LT_SSL_REVISION, 2)
49  AC_SUBST(LT_SSL_AGE, 0)
50
51  AC_SUBST(LT_DANE_CURRENT, 4)
52  AC_SUBST(LT_DANE_REVISION, 1)
53  AC_SUBST(LT_DANE_AGE, 4)
54
55  AC_SUBST(LT_XSSL_CURRENT, 0)
56  AC_SUBST(LT_XSSL_REVISION, 0)
57  AC_SUBST(LT_XSSL_AGE, 0)
58
59  AC_SUBST(CXX_LT_CURRENT, 29)
60  AC_SUBST(CXX_LT_REVISION, 0)
61  AC_SUBST(CXX_LT_AGE, 1)
62
63  AC_SUBST(CRYWRAP_PATCHLEVEL, 3)
64
65  # Used when creating the Windows libgnutls-XX.def files.
66  DLL_VERSION=`expr ${LT_CURRENT} - ${LT_AGE}`
67  AC_SUBST(DLL_VERSION)
68  DLL_SSL_VERSION=`expr ${LT_SSL_CURRENT} - ${LT_SSL_AGE}`
69  AC_SUBST(DLL_SSL_VERSION)
70
71NETTLE_MINIMUM=3.4.1
72  PKG_CHECK_MODULES(NETTLE, [nettle >= $NETTLE_MINIMUM], [cryptolib="nettle"], [
73AC_MSG_ERROR([[
74  ***
75  *** Libnettle $NETTLE_MINIMUM was not found.
76]])
77  ])
78  PKG_CHECK_MODULES(HOGWEED, [hogweed >= $NETTLE_MINIMUM ], [], [
79AC_MSG_ERROR([[
80  ***
81  *** Libhogweed (nettle's companion library) $NETTLE_MINIMUM was not found. Note that you must compile nettle with gmp support.
82]])
83  ])
84  AM_CONDITIONAL(ENABLE_NETTLE, test "$cryptolib" = "nettle")
85  AC_DEFINE([HAVE_LIBNETTLE], 1, [nettle is enabled])
86
87  GNUTLS_REQUIRES_PRIVATE="Requires.private: nettle, hogweed"
88
89  AC_ARG_WITH(nettle-mini,
90    AS_HELP_STRING([--with-nettle-mini], [Link against a mini-nettle (that includes mini-gmp)]),
91      mini_nettle=$withval,
92      mini_nettle=no)
93
94  AC_ARG_VAR(GMP_CFLAGS, [C compiler flags for gmp])
95  AC_ARG_VAR(GMP_LIBS, [linker flags for gmp])
96  if test "$mini_nettle" != no;then
97    GMP_CFLAGS=""
98    GMP_LIBS=""
99  else
100    if test x$GMP_LIBS = x; then
101	AC_CHECK_LIB(gmp, __gmpz_cmp, [GMP_LIBS="-lgmp"], [AC_MSG_ERROR([[
102***
103*** gmp was not found.
104]])])
105    fi
106  fi
107  AC_SUBST(GMP_CFLAGS)
108  AC_SUBST(GMP_LIBS)
109
110LIBTASN1_MINIMUM=4.9
111  AC_ARG_WITH(included-libtasn1,
112    AS_HELP_STRING([--with-included-libtasn1], [use the included libtasn1]),
113      included_libtasn1=$withval,
114      included_libtasn1=no)
115  if test "$included_libtasn1" = "no"; then
116    PKG_CHECK_MODULES(LIBTASN1, [libtasn1 >= $LIBTASN1_MINIMUM], [], [included_libtasn1=yes])
117    if test "$included_libtasn1" = yes; then
118      AC_MSG_ERROR([[
119  ***
120  *** Libtasn1 $LIBTASN1_MINIMUM was not found. To use the included one, use --with-included-libtasn1
121  ]])
122    fi
123  fi
124  AC_MSG_CHECKING([whether to use the included minitasn1])
125  AC_MSG_RESULT($included_libtasn1)
126  AM_CONDITIONAL(ENABLE_MINITASN1, test "$included_libtasn1" = "yes")
127
128  if test "$included_libtasn1" = "no"; then
129    GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libtasn1"
130  fi
131
132  AC_MSG_CHECKING([whether C99 macros are supported])
133  AC_TRY_COMPILE(,
134  [
135    #define test_mac(...)
136    int z,y,x;
137    test_mac(x,y,z);
138    return 0;
139  ], [
140    AC_DEFINE([C99_MACROS], 1, [C99 macros are supported])
141    AC_MSG_RESULT(yes)
142  ], [
143    AC_MSG_RESULT(no)
144    AC_MSG_WARN([C99 macros not supported. This may affect compiling.])
145  ])
146
147  ac_strict_der_time=yes
148  AC_MSG_CHECKING([whether to disable strict DER time encodings for backwards compatibility])
149  AC_ARG_ENABLE(strict-der-time,
150    AS_HELP_STRING([--disable-strict-der-time],
151                   [allow non compliant DER time values]),
152    ac_strict_der_time=$enableval)
153  if test x$ac_strict_der_time != xno; then
154   AC_MSG_RESULT(no)
155   AC_DEFINE([STRICT_DER_TIME], 1, [force strict DER time constraints])
156  else
157   AC_MSG_RESULT(yes)
158  fi
159  AM_CONDITIONAL(STRICT_DER_TIME, test "$ac_strict_der_time" != "no")
160
161  ac_allow_sha1=no
162  AC_MSG_CHECKING([whether to allow SHA1 as an acceptable hash for cert digital signatures])
163  AC_ARG_ENABLE(sha1-support,
164    AS_HELP_STRING([--enable-sha1-support],
165                   [allow SHA1 as an acceptable hash for cert digital signatures]),
166    ac_allow_sha1=$enableval)
167  if test x$ac_allow_sha1 != xno; then
168   AC_MSG_RESULT(no)
169   AC_DEFINE([ALLOW_SHA1], 1, [allow SHA1 as an acceptable hash for digital signatures])
170  else
171   AC_MSG_RESULT(yes)
172  fi
173  AM_CONDITIONAL(ALLOW_SHA1, test "$ac_allow_sha1" != "no")
174
175  ac_enable_ssl3=no
176  AC_MSG_CHECKING([whether to disable the SSL 3.0 protocol])
177  AC_ARG_ENABLE(ssl3-support,
178    AS_HELP_STRING([--enable-ssl3-support],
179                   [enable support for the SSL 3.0 protocol]),
180    ac_enable_ssl3=$enableval)
181  if test x$ac_enable_ssl3 != xno; then
182   AC_MSG_RESULT(no)
183   AC_DEFINE([ENABLE_SSL3], 1, [enable SSL3.0 support])
184  else
185   ac_full=0
186   AC_MSG_RESULT(yes)
187  fi
188
189  AM_CONDITIONAL(ENABLE_SSL3, test "$ac_enable_ssl3" != "no")
190
191  ac_enable_ssl2=yes
192  AC_MSG_CHECKING([whether to disable the SSL 2.0 client hello])
193  AC_ARG_ENABLE(ssl2-support,
194    AS_HELP_STRING([--disable-ssl2-support],
195                   [disable support for the SSL 2.0 client hello]),
196    ac_enable_ssl2=$enableval)
197  if test x$ac_enable_ssl2 != xno; then
198   AC_MSG_RESULT(no)
199   AC_DEFINE([ENABLE_SSL2], 1, [enable SSL2.0 support for client hello])
200  else
201   ac_full=0
202   AC_MSG_RESULT(yes)
203  fi
204  AM_CONDITIONAL(ENABLE_SSL2, test "$ac_enable_ssl2" != "no")
205
206  ac_enable_srtp=yes
207  AC_MSG_CHECKING([whether to disable DTLS-SRTP extension])
208  AC_ARG_ENABLE(dtls-srtp-support,
209    AS_HELP_STRING([--disable-dtls-srtp-support],
210                   [disable support for the DTLS-SRTP extension]),
211    ac_enable_srtp=$enableval)
212  if test x$ac_enable_srtp != xno; then
213   AC_MSG_RESULT(no)
214   AC_DEFINE([ENABLE_DTLS_SRTP], 1, [enable DTLS-SRTP support])
215  else
216   ac_full=0
217   AC_MSG_RESULT(yes)
218  fi
219  AM_CONDITIONAL(ENABLE_DTLS_SRTP, test "$ac_enable_srtp" != "no")
220
221  AC_MSG_CHECKING([whether to disable ALPN extension])
222  AC_ARG_ENABLE(alpn-support,
223    AS_HELP_STRING([--disable-alpn-support],
224                   [disable support for the Application Layer Protocol Negotiation (ALPN) extension]),
225    ac_enable_alpn=$enableval,ac_enable_alpn=yes)
226  if test x$ac_enable_alpn != xno; then
227   AC_MSG_RESULT(no)
228   AC_DEFINE([ENABLE_ALPN], 1, [enable ALPN support])
229  else
230   ac_full=0
231   AC_MSG_RESULT(yes)
232  fi
233  AM_CONDITIONAL(ENABLE_ALPN, test "$ac_enable_alpn" != "no")
234
235  ac_enable_heartbeat=yes
236  AC_MSG_CHECKING([whether to enable TLS heartbeat support])
237  AC_ARG_ENABLE(heartbeat-support,
238    AS_HELP_STRING([--disable-heartbeat-support],
239                   [disable support for the heartbeat extension]),
240    ac_enable_heartbeat=$enableval)
241  if test x$ac_enable_heartbeat != xno; then
242   AC_MSG_RESULT(yes)
243   AC_DEFINE([ENABLE_HEARTBEAT], 1, [enable heartbeat support])
244  else
245   AC_MSG_RESULT(no)
246  fi
247  AM_CONDITIONAL(ENABLE_HEARTBEAT, test "$ac_enable_heartbeat" != "no")
248
249  ac_enable_srp=yes
250  AC_MSG_CHECKING([whether to disable SRP authentication support])
251  AC_ARG_ENABLE(srp-authentication,
252    AS_HELP_STRING([--disable-srp-authentication],
253                   [disable the SRP authentication support]),
254    ac_enable_srp=$enableval)
255  if test x$ac_enable_srp != xno; then
256   AC_MSG_RESULT(no)
257   AC_DEFINE([ENABLE_SRP], 1, [enable SRP authentication])
258  else
259   ac_full=0
260   AC_MSG_RESULT(yes)
261  fi
262  AM_CONDITIONAL(ENABLE_SRP, test "$ac_enable_srp" != "no")
263
264  ac_enable_psk=yes
265  AC_MSG_CHECKING([whether to disable PSK authentication support])
266  AC_ARG_ENABLE(psk-authentication,
267    AS_HELP_STRING([--disable-psk-authentication],
268                   [disable the PSK authentication support]),
269    ac_enable_psk=$enableval)
270  if test x$ac_enable_psk != xno; then
271   AC_MSG_RESULT(no)
272   AC_DEFINE([ENABLE_PSK], 1, [enable PSK authentication])
273  else
274   ac_full=0
275   AC_MSG_RESULT(yes)
276  fi
277  AM_CONDITIONAL(ENABLE_PSK, test "$ac_enable_psk" != "no")
278
279  ac_enable_anon=yes
280  AC_MSG_CHECKING([whether to disable anonymous authentication support])
281  AC_ARG_ENABLE(anon-authentication,
282    AS_HELP_STRING([--disable-anon-authentication],
283                   [disable the anonymous authentication support]),
284    ac_enable_anon=$enableval)
285  if test x$ac_enable_anon != xno; then
286   AC_MSG_RESULT(no)
287   AC_DEFINE([ENABLE_ANON], 1, [enable anonymous authentication])
288  else
289   ac_full=0
290   AC_MSG_RESULT(yes)
291  fi
292  AM_CONDITIONAL(ENABLE_ANON, test "$ac_enable_anon" != "no")
293
294  AC_MSG_CHECKING([whether to disable DHE support])
295  AC_ARG_ENABLE(dhe,
296    AS_HELP_STRING([--disable-dhe],
297                   [disable the DHE support]),
298    ac_enable_dhe=$enableval, ac_enable_dhe=yes)
299  if test x$ac_enable_dhe != xno; then
300   AC_MSG_RESULT(no)
301   AC_DEFINE([ENABLE_DHE], 1, [enable DHE])
302  else
303   ac_full=0
304   AC_MSG_RESULT(yes)
305  fi
306  AM_CONDITIONAL(ENABLE_DHE, test "$ac_enable_dhe" != "no")
307
308  AC_MSG_CHECKING([whether to disable ECDHE support])
309  AC_ARG_ENABLE(ecdhe,
310    AS_HELP_STRING([--disable-ecdhe],
311                   [disable the ECDHE support]),
312    ac_enable_ecdhe=$enableval, ac_enable_ecdhe=yes)
313  if test x$ac_enable_ecdhe != xno; then
314   AC_MSG_RESULT(no)
315   AC_DEFINE([ENABLE_ECDHE], 1, [enable DHE])
316  else
317   ac_full=0
318   AC_MSG_RESULT(yes)
319  fi
320  AM_CONDITIONAL(ENABLE_ECDHE, test "$ac_enable_ecdhe" != "no")
321
322  AC_MSG_CHECKING([whether to disable GOST support])
323  AC_ARG_ENABLE(gost,
324    AS_HELP_STRING([--disable-gost],
325                   [disable the GOST support]),
326    ac_enable_gost=$enableval, ac_enable_gost=yes)
327  if test x$ac_enable_gost != xno; then
328   AC_MSG_RESULT(no)
329   AC_DEFINE([ENABLE_GOST], 1, [enable GOST])
330  else
331   ac_full=0
332   AC_MSG_RESULT(yes)
333  fi
334  AM_CONDITIONAL(ENABLE_GOST, test "$ac_enable_gost" != "no")
335
336  # For cryptodev
337  AC_MSG_CHECKING([whether to add cryptodev support])
338  AC_ARG_ENABLE(cryptodev,
339    AS_HELP_STRING([--enable-cryptodev], [enable cryptodev support]),
340  enable_cryptodev=$enableval,enable_cryptodev=no)
341  AC_MSG_RESULT($enable_cryptodev)
342
343  if test "$enable_cryptodev" = "yes"; then
344    AC_DEFINE([ENABLE_CRYPTODEV], 1, [Enable cryptodev support])
345  fi
346
347  AC_MSG_CHECKING([whether to disable OCSP support])
348  AC_ARG_ENABLE(ocsp,
349    AS_HELP_STRING([--disable-ocsp],
350                   [disable OCSP support]),
351    ac_enable_ocsp=$enableval,ac_enable_ocsp=yes)
352  if test x$ac_enable_ocsp != xno; then
353   ac_enable_ocsp=yes
354   AC_MSG_RESULT(no)
355   AC_DEFINE([ENABLE_OCSP], 1, [enable OCSP support])
356  else
357   ac_full=0
358   AC_MSG_RESULT(yes)
359  fi
360  AM_CONDITIONAL(ENABLE_OCSP, test "$ac_enable_ocsp" != "no")
361
362  # For storing integers in pointers without warnings
363  # https://developer.gnome.org/doc/API/2.0/glib/glib-Type-Conversion-Macros.html#desc
364  AC_CHECK_SIZEOF(void *)
365  AC_CHECK_SIZEOF(long long)
366  AC_CHECK_SIZEOF(long)
367  AC_CHECK_SIZEOF(int)
368  if test x$ac_cv_sizeof_void_p = x$ac_cv_sizeof_long;then
369      AC_DEFINE([GNUTLS_POINTER_TO_INT_CAST], [(long)],
370                [Additional cast to bring void* to a type castable to int.])
371  elif test x$ac_cv_sizeof_void_p = x$ac_cv_sizeof_long_long;then
372      AC_DEFINE([GNUTLS_POINTER_TO_INT_CAST], [(long long)],
373                [Additional cast to bring void* to a type castable to int.])
374   else
375      AC_DEFINE([GNUTLS_POINTER_TO_INT_CAST], [])
376   fi
377
378dnl this is called from somewhere else
379dnl #AM_ICONV
380dnl m4_ifdef([gl_ICONV_MODULE_INDICATOR],
381dnl  [gl_ICONV_MODULE_INDICATOR([iconv])])
382])
383