1dnl OpenVPN -- An application to securely tunnel IP networks 2dnl over a single UDP port, with support for SSL/TLS-based 3dnl session authentication and key exchange, 4dnl packet encryption, packet authentication, and 5dnl packet compression. 6dnl 7dnl Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> 8dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com> 9dnl 10dnl This program is free software; you can redistribute it and/or modify 11dnl it under the terms of the GNU General Public License as published by 12dnl the Free Software Foundation; either version 2 of the License, or 13dnl (at your option) any later version. 14dnl 15dnl This program is distributed in the hope that it will be useful, 16dnl but WITHOUT ANY WARRANTY; without even the implied warranty of 17dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18dnl GNU General Public License for more details. 19dnl 20dnl You should have received a copy of the GNU General Public License along 21dnl with this program; if not, write to the Free Software Foundation, Inc., 22dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 23 24dnl Process this file with autoconf to produce a configure script. 25 26AC_PREREQ(2.59) 27 28m4_include(version.m4) 29AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME]) 30m4_include(compat.m4) 31AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format]) 32AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version]) 33AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version]) 34AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer]) 35AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer]) 36AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer]) 37AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer]) 38 39AC_CONFIG_AUX_DIR([.]) 40AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h]) 41AC_CONFIG_SRCDIR([src/openvpn/syshead.h]) 42AC_CONFIG_MACRO_DIR([m4]) 43 44dnl Initialize automake. automake < 1.12 didn't have serial-tests and 45dnl gives an error if it sees this, but for automake >= 1.13 46dnl serial-tests is required so we have to include it. Solution is to 47dnl test for the version of automake (by running an external command) 48dnl and provide it if necessary. Note we have to do this entirely using 49dnl m4 macros since automake queries this macro by running 50dnl 'autoconf --trace ...'. 51m4_define([serial_tests], [ 52 m4_esyscmd([automake --version | 53 head -1 | 54 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 12) { print "serial-tests" }}' 55 ]) 56]) 57# This foreign option prevents autoreconf from overriding our COPYING and 58# INSTALL targets: 59AM_INIT_AUTOMAKE(foreign serial_tests 1.9) dnl NB: Do not [quote] this parameter. 60AC_CANONICAL_HOST 61AC_USE_SYSTEM_EXTENSIONS 62 63AC_ARG_ENABLE( 64 [lzo], 65 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])], 66 , 67 [enable_lzo="yes"] 68) 69 70AC_ARG_ENABLE(lz4, 71 [ --disable-lz4 Disable LZ4 compression support], 72 [enable_lz4="$enableval"], 73 [enable_lz4="yes"] 74) 75 76AC_ARG_ENABLE(comp-stub, 77 [ --enable-comp-stub Don't compile compression support but still allow limited interoperability with compression-enabled peers], 78 [enable_comp_stub="$enableval"], 79 [enable_comp_stub="no"] 80) 81 82AC_ARG_ENABLE( 83 [ofb-cfb], 84 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])], 85 , 86 [enable_crypto_ofb_cfb="yes"] 87) 88 89AC_ARG_ENABLE( 90 [x509-alt-username], 91 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])], 92 , 93 [enable_x509_alt_username="no"] 94) 95 96AC_ARG_ENABLE( 97 [plugins], 98 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])], 99 , 100 [enable_plugins="yes"] 101) 102 103AC_ARG_ENABLE( 104 [management], 105 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])], 106 , 107 [enable_management="yes"] 108) 109 110AC_ARG_ENABLE( 111 [pkcs11], 112 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])], 113 , 114 [enable_pkcs11="no"] 115) 116 117AC_ARG_ENABLE( 118 [fragment], 119 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])], 120 , 121 [enable_fragment="yes"] 122) 123 124AC_ARG_ENABLE( 125 [port-share], 126 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])], 127 , 128 [enable_port_share="yes"] 129) 130 131AC_ARG_ENABLE( 132 [debug], 133 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])], 134 , 135 [enable_debug="yes"] 136) 137 138AC_ARG_ENABLE( 139 [small], 140 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])], 141 , 142 [enable_small="no"] 143) 144 145AC_ARG_ENABLE( 146 [iproute2], 147 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 @<:@default=no@:>@])], 148 , 149 [enable_iproute2="no"] 150) 151 152AC_ARG_ENABLE( 153 [pf], 154 [AS_HELP_STRING([--disable-pf], [disable internal packet filter @<:@default=yes@:>@])], 155 , 156 [enable_pf="yes"] 157) 158 159AC_ARG_ENABLE( 160 [plugin-auth-pam], 161 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])], 162 , 163 [ 164 case "$host" in 165 *-*-openbsd*) enable_plugin_auth_pam="no";; 166 *-mingw*) enable_plugin_auth_pam="no";; 167 *) enable_plugin_auth_pam="yes";; 168 esac 169 ] 170) 171 172AC_ARG_ENABLE( 173 [plugin-down-root], 174 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])], 175 , 176 [ 177 case "$host" in 178 *-mingw*) enable_plugin_down_root="no";; 179 *) enable_plugin_down_root="yes";; 180 esac 181 ] 182) 183 184AC_ARG_ENABLE( 185 [pam-dlopen], 186 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])], 187 , 188 [enable_pam_dlopen="no"] 189) 190 191AC_ARG_ENABLE( 192 [strict], 193 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])], 194 , 195 [enable_strict="no"] 196) 197 198AC_ARG_ENABLE( 199 [pedantic], 200 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])], 201 , 202 [enable_pedantic="no"] 203) 204 205AC_ARG_ENABLE( 206 [werror], 207 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])], 208 , 209 [enable_werror="no"] 210) 211 212AC_ARG_ENABLE( 213 [strict-options], 214 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])], 215 , 216 [enable_strict_options="no"] 217) 218 219AC_ARG_ENABLE( 220 [selinux], 221 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])], 222 , 223 [enable_selinux="no"] 224) 225 226AC_ARG_ENABLE( 227 [systemd], 228 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])], 229 , 230 [enable_systemd="no"] 231) 232 233AC_ARG_ENABLE( 234 [async-push], 235 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])], 236 , 237 [enable_async_push="no"] 238) 239 240AC_ARG_WITH( 241 [special-build], 242 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])], 243 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])] 244) 245 246AC_ARG_WITH( 247 [mem-check], 248 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])], 249 [ 250 case "${withval}" in 251 dmalloc|valgrind|ssl|no) ;; 252 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;; 253 esac 254 ], 255 [with_mem_check="no"] 256) 257 258AC_ARG_WITH( 259 [crypto-library], 260 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])], 261 [ 262 case "${withval}" in 263 openssl|mbedtls|wolfssl) ;; 264 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;; 265 esac 266 ], 267 [with_crypto_library="openssl"] 268) 269 270AC_ARG_ENABLE( 271 [wolfssl-options-h], 272 [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])], 273 , 274 [enable_wolfssl_options_h="yes"] 275) 276 277AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@]) 278if test -n "${PLUGINDIR}"; then 279 plugindir="${PLUGINDIR}" 280else 281 plugindir="\${libdir}/openvpn/plugins" 282fi 283 284AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host]) 285AM_CONDITIONAL([TARGET_LINUX], [false]) 286case "$host" in 287 *-*-linux*) 288 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?]) 289 AM_CONDITIONAL([TARGET_LINUX], [true]) 290 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) 291 have_sitnl="yes" 292 ;; 293 *-*-solaris*) 294 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) 295 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix]) 296 CPPFLAGS="$CPPFLAGS -D_XPG4_2" 297 test -x /bin/bash && SHELL="/bin/bash" 298 ;; 299 *-*-openbsd*) 300 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?]) 301 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix]) 302 ;; 303 *-*-freebsd*) 304 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?]) 305 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix]) 306 ;; 307 *-*-netbsd*) 308 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?]) 309 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix]) 310 ;; 311 *-*-darwin*) 312 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?]) 313 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix]) 314 have_tap_header="yes" 315 ac_cv_type_struct_in_pktinfo=no 316 ;; 317 *-mingw*) 318 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?]) 319 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix]) 320 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN" 321 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA" 322 WIN32=yes 323 ;; 324 *-*-dragonfly*) 325 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?]) 326 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix]) 327 ;; 328 *-aix*) 329 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?]) 330 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix]) 331 ROUTE="/usr/sbin/route" 332 have_tap_header="yes" 333 ac_cv_header_net_if_h="no" # exists, but breaks things 334 ;; 335 *) 336 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix]) 337 have_tap_header="yes" 338 ;; 339esac 340 341PKG_PROG_PKG_CONFIG 342AC_PROG_CPP 343AC_PROG_INSTALL 344AC_PROG_LN_S 345AC_PROG_SED 346AC_PROG_MAKE_SET 347 348AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility]) 349AC_ARG_VAR([ROUTE], [full path to route utility]) 350AC_ARG_VAR([IPROUTE], [full path to ip utility]) 351AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests 352AC_ARG_VAR([GIT], [path to git utility]) 353AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) 354AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@]) 355AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@]) 356AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) 357AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) 358AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) 359AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin]) 360AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests 361AC_CHECK_PROGS([GIT], [git]) # optional 362AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) 363AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) 364AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) 365AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool]) 366 367# 368# man page generation - based on python-docutils 369# 370AC_ARG_VAR([RST2MAN], [path to rst2man utility]) 371AC_ARG_VAR([RST2HTML], [path to rst2html utility]) 372AC_CHECK_PROGS([RST2MAN], [rst2man]) 373AC_CHECK_PROGS([RST2HTML], [rst2html]) 374AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"]) 375 376# Set -std=c99 unless user already specified a -std= 377case "${CFLAGS}" in 378 *-std=*) ;; 379 *) CFLAGS="${CFLAGS} -std=c99" ;; 380esac 381 382# 383# Libtool 384# 385ifdef( 386 [LT_INIT], 387 [ 388 LT_INIT([win32-dll]) 389 LT_LANG([Windows Resource]) 390 ], 391 [ 392 AC_LIBTOOL_WIN32_DLL 393 AC_LIBTOOL_RC 394 AC_PROG_LIBTOOL 395 ] 396) 397 398AC_C_CONST 399AC_C_INLINE 400AC_C_VOLATILE 401AC_TYPE_OFF_T 402AC_TYPE_PID_T 403AC_TYPE_SIZE_T 404AC_TYPE_UID_T 405AC_TYPE_SIGNAL 406AX_TYPE_SOCKLEN_T 407AC_CHECK_SIZEOF([unsigned int]) 408AC_CHECK_SIZEOF([unsigned long]) 409AC_CHECK_HEADERS([ \ 410 fcntl.h io.h \ 411 sys/types.h sys/socket.h \ 412 unistd.h dlfcn.h \ 413 netinet/in.h netinet/in_systm.h \ 414 netinet/tcp.h arpa/inet.h netdb.h \ 415 versionhelpers.h \ 416]) 417AC_CHECK_HEADERS([ \ 418 sys/time.h sys/ioctl.h sys/stat.h \ 419 sys/mman.h sys/file.h sys/wait.h \ 420 unistd.h libgen.h stropts.h \ 421 syslog.h pwd.h grp.h termios.h \ 422 sys/sockio.h sys/uio.h linux/sockios.h \ 423 linux/types.h poll.h sys/epoll.h err.h \ 424]) 425 426SOCKET_INCLUDES=" 427#include <stdlib.h> 428#ifdef HAVE_SYS_TYPES_H 429#include <sys/types.h> 430#endif 431#ifdef HAVE_SYS_SOCKET_H 432#include <sys/socket.h> 433#endif 434#ifdef HAVE_NET_IF_H 435#include <net/if.h> 436#endif 437#ifdef HAVE_NETINET_IN_H 438#include <netinet/in.h> 439#endif 440#ifdef _WIN32 441#include <windows.h> 442#endif 443#ifdef _WIN32 444#include <winsock2.h> 445#endif 446#ifdef _WIN32 447#include <ws2tcpip.h> 448#endif 449#ifdef HAVE_NETINET_IN_SYSTM_H 450#include <netinet/in_systm.h> 451#endif 452#ifdef HAVE_NETINET_IP_H 453#include <netinet/ip.h> 454#endif 455" 456 457AC_CHECK_HEADERS( 458 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h], 459 , 460 , 461 [[${SOCKET_INCLUDES}]] 462) 463 464AC_CHECK_TYPES( 465 [in_addr_t], 466 , 467 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])], 468 [[${SOCKET_INCLUDES}]] 469) 470AC_CHECK_TYPES( 471 [in_port_t], 472 , 473 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])], 474 [[${SOCKET_INCLUDES}]] 475) 476AC_CHECK_TYPE( 477 [struct iphdr], 478 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])], 479 , 480 [[${SOCKET_INCLUDES}]] 481) 482AC_CHECK_TYPE( 483 [struct sock_extended_err], 484 [AC_DEFINE([HAVE_SOCK_EXTENDED_ERR], [1], [struct sock_extended_err needed for extended socket error support])], 485 , 486 [[${SOCKET_INCLUDES}]] 487) 488AC_CHECK_TYPE( 489 [struct msghdr], 490 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])], 491 , 492 [[${SOCKET_INCLUDES}]] 493) 494AC_CHECK_TYPE( 495 [struct cmsghdr], 496 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])], 497 , 498 [[${SOCKET_INCLUDES}]] 499) 500AC_CHECK_TYPE( 501 [struct in_pktinfo], 502 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])], 503 , 504 [[${SOCKET_INCLUDES}]] 505) 506AC_CHECK_TYPE( 507 [sa_family_t], 508 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])], 509 , 510 [[${SOCKET_INCLUDES}]] 511) 512AC_CHECK_MEMBER( 513 [struct in_pktinfo.ipi_spec_dst], 514 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])], 515 , 516 [[${SOCKET_INCLUDES}]] 517) 518AC_CHECK_TYPE( 519 [struct sockaddr_in6], 520 , 521 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])], 522 [[${SOCKET_INCLUDES}]] 523) 524AC_CHECK_DECLS( 525 [SO_MARK], 526 , 527 , 528 [[${SOCKET_INCLUDES}]] 529) 530AC_CHECKING([anonymous union support]) 531AC_COMPILE_IFELSE( 532 [AC_LANG_PROGRAM( 533 [[ 534 struct mystruct { 535 union { 536 int m1; 537 char m2; 538 }; 539 }; 540 ]], 541 [[ 542 struct mystruct s; 543 s.m1 = 1; s.m2 = 2; 544 ]] 545 )], 546 [ 547 AC_MSG_RESULT([yes]) 548 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions]) 549 ], 550 [AC_MSG_RESULT([no])] 551) 552 553saved_LDFLAGS="$LDFLAGS" 554LDFLAGS="$LDFLAGS -Wl,--wrap=exit" 555AC_MSG_CHECKING([linker supports --wrap]) 556AC_LINK_IFELSE( 557 [AC_LANG_PROGRAM( 558 [[ 559 void exit(int); 560 void __real_exit(int); 561 void __wrap_exit(int i) { 562 __real_exit(i); 563 } 564 ]], 565 [[ 566 exit(0); 567 ]] 568 )], 569 [ 570 AC_MSG_RESULT([yes]) 571 have_ld_wrap_support=yes 572 ], 573 [AC_MSG_RESULT([no])], 574) 575LDFLAGS="$saved_LDFLAGS" 576 577dnl We emulate signals in Windows 578AC_CHECK_DECLS( 579 [SIGHUP], 580 , 581 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])], 582 [[ 583 #include <signal.h> 584 ]] 585) 586AC_CHECK_DECLS( 587 [SIGINT], 588 , 589 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])], 590 [[ 591 #include <signal.h> 592 ]] 593) 594AC_CHECK_DECLS( 595 [SIGUSR1], 596 , 597 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])], 598 [[ 599 #include <signal.h> 600 ]] 601) 602AC_CHECK_DECLS( 603 [SIGUSR2], 604 , 605 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])], 606 [[ 607 #include <signal.h> 608 ]] 609) 610AC_CHECK_DECLS( 611 [SIGTERM], 612 , 613 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])], 614 [[ 615 #include <signal.h> 616 ]] 617) 618 619AC_FUNC_FORK 620 621AC_CHECK_FUNCS([ \ 622 daemon chroot getpwnam setuid nice system dup dup2 \ 623 syslog openlog mlockall getrlimit getgrnam setgid \ 624 setgroups flock readv writev time gettimeofday \ 625 setsid chdir \ 626 chsize ftruncate execve getpeereid basename dirname access \ 627 epoll_create strsep \ 628]) 629 630AC_CHECK_LIB( 631 [dl], 632 [dlopen], 633 [DL_LIBS="-ldl"] 634) 635AC_SUBST([DL_LIBS]) 636 637AC_CHECK_LIB( 638 [nsl], 639 [inet_ntoa], 640 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"] 641) 642AC_CHECK_LIB( 643 [socket], 644 [socket], 645 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"] 646) 647AC_CHECK_LIB( 648 [resolv], 649 [gethostbyname], 650 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"] 651) 652AC_SUBST([SOCKETS_LIBS]) 653 654old_LIBS="${LIBS}" 655LIBS="${LIBS} ${SOCKETS_LIBS}" 656AC_CHECK_FUNCS([sendmsg recvmsg]) 657 658LIBS="${old_LIBS}" 659 660# we assume res_init() always exist, but need to find out *where*... 661AC_SEARCH_LIBS(__res_init, resolv bind, , 662 AC_SEARCH_LIBS(res_9_init, resolv bind, , 663 AC_SEARCH_LIBS(res_init, resolv bind, , ))) 664 665AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap]) 666old_CFLAGS="${CFLAGS}" 667CFLAGS="${CFLAGS} ${TAP_CFLAGS}" 668AC_CHECK_HEADERS( 669 [ \ 670 net/if_tun.h net/tun/if_tun.h \ 671 linux/if_tun.h \ 672 tap-windows.h \ 673 ], 674 [have_tap_header="yes"] 675) 676AC_CHECK_DECLS( 677 [TUNSETPERSIST], 678 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])], 679 , 680 [[ 681 #ifdef HAVE_LINUX_IF_TUN_H 682 #include <linux/if_tun.h> 683 #endif 684 ]] 685) 686CFLAGS="${old_CFLAGS}" 687test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found]) 688 689AC_CHECK_LIB( 690 [selinux], 691 [setcon], 692 [SELINUX_LIBS="-lselinux"] 693) 694AC_SUBST([SELINUX_LIBS]) 695 696AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam]) 697AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam]) 698if test -z "${LIBPAM_LIBS}"; then 699 AC_CHECK_LIB( 700 [pam], 701 [pam_start], 702 [LIBPAM_LIBS="-lpam"] 703 ) 704fi 705 706case "${with_mem_check}" in 707 valgrind) 708 AC_CHECK_HEADERS( 709 [valgrind/memcheck.h], 710 [ 711 CFLAGS="${CFLAGS} -g -fno-inline" 712 AC_DEFINE( 713 [USE_VALGRIND], 714 [1], 715 [Use valgrind memory debugging library] 716 ) 717 ], 718 [AC_MSG_ERROR([valgrind headers not found.])] 719 ) 720 ;; 721 dmalloc) 722 AC_CHECK_HEADERS( 723 [dmalloc.h], 724 [AC_CHECK_LIB( 725 [dmalloc], 726 [malloc], 727 [ 728 LIBS="${LIBS} -ldmalloc" 729 AC_DEFINE( 730 [DMALLOC], 731 [1], 732 [Use dmalloc memory debugging library] 733 ) 734 ], 735 [AC_MSG_ERROR([dmalloc library not found.])] 736 )], 737 [AC_MSG_ERROR([dmalloc headers not found.])] 738 ) 739 ;; 740 ssl) 741 AC_CHECK_LIB( 742 [ssl], 743 [CRYPTO_mem_ctrl], 744 [ 745 AC_DEFINE( 746 [CRYPTO_MDEBUG], 747 [1], 748 [Use memory debugging function in OpenSSL] 749 ) 750 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG]) 751 ], 752 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])] 753 ) 754 ;; 755esac 756 757PKG_CHECK_MODULES( 758 [PKCS11_HELPER], 759 [libpkcs11-helper-1 >= 1.11], 760 [have_pkcs11_helper="yes"], 761 [] 762) 763 764if test "${with_crypto_library}" = "openssl"; then 765 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL]) 766 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL]) 767 768 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then 769 # if the user did not explicitly specify flags, try to autodetect 770 PKG_CHECK_MODULES( 771 [OPENSSL], 772 [openssl >= 1.0.2], 773 [have_openssl="yes"], 774 [] # If this fails, we will do another test next 775 ) 776 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} 777 fi 778 779 saved_CFLAGS="${CFLAGS}" 780 saved_LIBS="${LIBS}" 781 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}" 782 LIBS="${LIBS} ${OPENSSL_LIBS}" 783 784 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars 785 # are used, check the version directly in the OpenSSL include file 786 if test "${have_openssl}" != "yes"; then 787 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2]) 788 AC_COMPILE_IFELSE( 789 [AC_LANG_PROGRAM( 790 [[ 791#include <openssl/opensslv.h> 792 ]], 793 [[ 794/* Version encoding: MNNFFPPS - see opensslv.h for details */ 795#if OPENSSL_VERSION_NUMBER < 0x10002000L 796#error OpenSSL too old 797#endif 798 ]] 799 )], 800 [AC_MSG_RESULT([ok])], 801 [AC_MSG_ERROR([OpenSSL version too old])] 802 ) 803 fi 804 805 AC_CHECK_FUNCS([SSL_CTX_new], 806 , 807 [AC_MSG_ERROR([openssl check failed])] 808 ) 809 810 have_openssl_engine="yes" 811 AC_CHECK_FUNCS( 812 [ \ 813 ENGINE_load_builtin_engines \ 814 ENGINE_register_all_complete \ 815 ENGINE_cleanup \ 816 ], 817 , 818 [have_openssl_engine="no"; break] 819 ) 820 if test "${have_openssl_engine}" = "no"; then 821 AC_CHECK_DECL( [ENGINE_cleanup], [have_openssl_engine="yes"],, 822 [[ 823 #include <openssl/engine.h> 824 ]] 825 ) 826 fi 827 if test "${have_openssl_engine}" = "yes"; then 828 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available]) 829 fi 830 831 AC_CHECK_FUNC( 832 [EVP_aes_256_gcm], 833 , 834 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])] 835 ) 836 837 # All supported OpenSSL version (>= 1.0.2) 838 # have this feature 839 have_export_keying_material="yes" 840 841 CFLAGS="${saved_CFLAGS}" 842 LIBS="${saved_LIBS}" 843 844 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library]) 845 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}" 846 CRYPTO_LIBS="${OPENSSL_LIBS}" 847elif test "${with_crypto_library}" = "mbedtls"; then 848 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls]) 849 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls]) 850 851 saved_CFLAGS="${CFLAGS}" 852 saved_LIBS="${LIBS}" 853 854 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then 855 # if the user did not explicitly specify flags, try to autodetect 856 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto" 857 AC_CHECK_LIB( 858 [mbedtls], 859 [mbedtls_ssl_init], 860 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"], 861 [AC_MSG_ERROR([Could not find mbed TLS.])], 862 [${PKCS11_HELPER_LIBS}] 863 ) 864 fi 865 866 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}" 867 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}" 868 869 AC_MSG_CHECKING([mbedtls version]) 870 AC_COMPILE_IFELSE( 871 [AC_LANG_PROGRAM( 872 [[ 873#include <mbedtls/version.h> 874 ]], 875 [[ 876#if MBEDTLS_VERSION_NUMBER < 0x02000000 || MBEDTLS_VERSION_NUMBER >= 0x03000000 877#error invalid version 878#endif 879 ]] 880 )], 881 [AC_MSG_RESULT([ok])], 882 [AC_MSG_ERROR([mbed TLS 2.y.z required])] 883 ) 884 885 AC_CHECK_FUNCS( 886 [ \ 887 mbedtls_cipher_write_tag \ 888 mbedtls_cipher_check_tag \ 889 ], 890 , 891 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])] 892 ) 893 894 have_export_keying_material="yes" 895 AC_CHECK_FUNC( 896 [mbedtls_ssl_conf_export_keys_ext_cb], 897 , 898 [have_export_keying_material="no"] 899 ) 900 901 CFLAGS="${saved_CFLAGS}" 902 LIBS="${saved_LIBS}" 903 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library]) 904 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}" 905 CRYPTO_LIBS="${MBEDTLS_LIBS}" 906 907elif test "${with_crypto_library}" = "wolfssl"; then 908 AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should 909 contain the regular wolfSSL header files but also the 910 wolfSSL OpenSSL header files. Ex: -I/usr/local/include 911 -I/usr/local/include/wolfssl]) 912 AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl]) 913 914 saved_CFLAGS="${CFLAGS}" 915 saved_LIBS="${LIBS}" 916 917 if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then 918 # if the user did not explicitly specify flags, try to autodetect 919 PKG_CHECK_MODULES( 920 [WOLFSSL], 921 [wolfssl], 922 [], 923 [AC_MSG_ERROR([Could not find wolfSSL.])] 924 ) 925 PKG_CHECK_VAR( 926 [WOLFSSL_INCLUDEDIR], 927 [wolfssl], 928 [includedir], 929 [], 930 [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])] 931 ) 932 WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl" 933 fi 934 saved_CFLAGS="${CFLAGS}" 935 saved_LIBS="${LIBS}" 936 CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}" 937 LIBS="${LIBS} ${WOLFSSL_LIBS}" 938 939 AC_CHECK_LIB( 940 [wolfssl], 941 [wolfSSL_Init], 942 [], 943 [AC_MSG_ERROR([Could not link wolfSSL library.])] 944 ) 945 AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])]) 946 947 # wolfSSL signal EKM support 948 have_export_keying_material="yes" 949 950 if test "${enable_wolfssl_options_h}" = "yes"; then 951 AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library]) 952 else 953 AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library]) 954 fi 955 956 have_export_keying_material="yes" 957 958 CFLAGS="${saved_CFLAGS}" 959 LIBS="${saved_LIBS}" 960 961 AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library]) 962 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer]) 963 CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}" 964 CRYPTO_LIBS="${WOLFSSL_LIBS}" 965else 966 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}]) 967fi 968 969AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo]) 970AC_ARG_VAR([LZO_LIBS], [linker flags for lzo]) 971have_lzo="yes" 972if test -z "${LZO_LIBS}"; then 973 AC_CHECK_LIB( 974 [lzo2], 975 [lzo1x_1_15_compress], 976 [LZO_LIBS="-llzo2"], 977 [AC_CHECK_LIB( 978 [lzo], 979 [lzo1x_1_15_compress], 980 [LZO_LIBS="-llzo"], 981 [have_lzo="no"] 982 )] 983 ) 984fi 985if test "${have_lzo}" = "yes"; then 986 saved_CFLAGS="${CFLAGS}" 987 CFLAGS="${CFLAGS} ${LZO_CFLAGS}" 988 AC_CHECK_HEADERS( 989 [lzo/lzoutil.h], 990 , 991 [AC_CHECK_HEADERS( 992 [lzoutil.h], 993 , 994 [AC_MSG_ERROR([lzoutil.h is missing])] 995 )] 996 ) 997 AC_CHECK_HEADERS( 998 [lzo/lzo1x.h], 999 , 1000 [AC_CHECK_HEADERS( 1001 [lzo1x.h], 1002 , 1003 [AC_MSG_ERROR([lzo1x.h is missing])] 1004 )] 1005 ) 1006 CFLAGS="${saved_CFLAGS}" 1007fi 1008 1009dnl 1010dnl check for LZ4 library 1011dnl 1012 1013AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4]) 1014AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4]) 1015if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then 1016 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then 1017 # if the user did not explicitly specify flags, try to autodetect 1018 PKG_CHECK_MODULES([LZ4], 1019 [liblz4 >= 1.7.1 liblz4 < 100], 1020 [have_lz4="yes"], 1021 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next. 1022 # We also add set LZ4_LIBS otherwise the 1023 # linker will not know about the lz4 library 1024 ) 1025 fi 1026 1027 saved_CFLAGS="${CFLAGS}" 1028 saved_LIBS="${LIBS}" 1029 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}" 1030 LIBS="${LIBS} ${LZ4_LIBS}" 1031 1032 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars 1033 # are used, check the version directly in the LZ4 include file 1034 if test "${have_lz4}" != "yes"; then 1035 AC_CHECK_HEADERS([lz4.h], 1036 [have_lz4h="yes"], 1037 []) 1038 1039 if test "${have_lz4h}" = "yes" ; then 1040 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1]) 1041 AC_COMPILE_IFELSE( 1042 [AC_LANG_PROGRAM([[ 1043#include <lz4.h> 1044 ]], 1045 [[ 1046/* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */ 1047#if LZ4_VERSION_NUMBER < 10701L 1048#error LZ4 is too old 1049#endif 1050 ]] 1051 )], 1052 [ 1053 AC_MSG_RESULT([ok]) 1054 have_lz4="yes" 1055 ], 1056 [AC_MSG_ERROR([system LZ4 library is too old])] 1057 ) 1058 fi 1059 fi 1060 1061 # Double check we have a few needed functions 1062 if test "${have_lz4}" = "yes" ; then 1063 AC_CHECK_LIB([lz4], 1064 [LZ4_compress_default], 1065 [], 1066 [have_lz4="no"]) 1067 AC_CHECK_LIB([lz4], 1068 [LZ4_decompress_safe], 1069 [], 1070 [have_lz4="no"]) 1071 fi 1072 1073 if test "${have_lz4}" != "yes" ; then 1074 AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4]) 1075 LZ4_LIBS="" 1076 fi 1077 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}" 1078 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}" 1079 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library]) 1080 CFLAGS="${saved_CFLAGS}" 1081 LIBS="${saved_LIBS}" 1082fi 1083 1084 1085dnl 1086dnl Check for systemd 1087dnl 1088AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"]) 1089if test "$enable_systemd" = "yes" ; then 1090 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd], 1091 [], 1092 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])] 1093 ) 1094 1095 PKG_CHECK_EXISTS( [libsystemd > 216], 1096 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1], 1097 [systemd is newer than v216])] 1098 ) 1099 1100 AC_CHECK_HEADERS(systemd/sd-daemon.h, 1101 , 1102 [ 1103 AC_MSG_ERROR([systemd development headers not found.]) 1104 ]) 1105 1106 saved_LIBS="${LIBS}" 1107 LIBS="${LIBS} ${libsystemd_LIBS}" 1108 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])]) 1109 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" 1110 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) 1111 LIBS="${saved_LIBS}" 1112 1113 if test -n "${SYSTEMD_UNIT_DIR}"; then 1114 systemdunitdir="${SYSTEMD_UNIT_DIR}" 1115 else 1116 systemdunitdir="\${libdir}/systemd/system" 1117 fi 1118 1119 if test -n "${TMPFILES_DIR}"; then 1120 tmpfilesdir="${TMPFILES_DIR}" 1121 else 1122 tmpfilesdir="\${libdir}/tmpfiles.d" 1123 fi 1124fi 1125 1126 1127AC_MSG_CHECKING([git checkout]) 1128GIT_CHECKOUT="no" 1129if test -n "${GIT}" -a -d "${srcdir}/.git"; then 1130 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h]) 1131 GIT_CHECKOUT="yes" 1132fi 1133AC_MSG_RESULT([${GIT_CHECKOUT}]) 1134 1135dnl enable --x509-username-field feature if requested 1136if test "${enable_x509_alt_username}" = "yes"; then 1137 if test "${with_crypto_library}" = "mbedtls" ; then 1138 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature]) 1139 fi 1140 1141 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature]) 1142fi 1143 1144test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability]) 1145test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support]) 1146test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size]) 1147test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support]) 1148test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing]) 1149test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal packet filter]) 1150test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers]) 1151 1152test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes]) 1153if test "${have_export_keying_material}" = "yes"; then 1154 AC_DEFINE( 1155 [HAVE_EXPORT_KEYING_MATERIAL], [1], 1156 [Crypto library supports keying material exporter] 1157 ) 1158fi 1159OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}" 1160OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}" 1161 1162if test "${enable_plugins}" = "yes"; then 1163 OPTIONAL_DL_LIBS="${DL_LIBS}" 1164 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support]) 1165else 1166 enable_plugin_auth_pam="no" 1167 enable_plugin_down_root="no" 1168fi 1169 1170AM_CONDITIONAL([HAVE_SITNL], [false]) 1171 1172if test "${enable_iproute2}" = "yes"; then 1173 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing]) 1174 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support]) 1175else if test "${have_sitnl}" = "yes"; then 1176 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support]) 1177 AM_CONDITIONAL([HAVE_SITNL], [true]) 1178else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then 1179 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing]) 1180 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing]) 1181fi 1182fi 1183fi 1184 1185if test "${enable_selinux}" = "yes"; then 1186 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing]) 1187 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}" 1188 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support]) 1189fi 1190 1191if test "${enable_lzo}" = "yes"; then 1192 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing]) 1193 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}" 1194 OPTIONAL_LZO_LIBS="${LZO_LIBS}" 1195 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library]) 1196fi 1197if test "${enable_comp_stub}" = "yes"; then 1198 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)]) 1199 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)]) 1200 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability]) 1201fi 1202 1203if test "${enable_pkcs11}" = "yes"; then 1204 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing]) 1205 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}" 1206 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}" 1207 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11]) 1208 PKG_CHECK_MODULES( 1209 [P11KIT], 1210 [p11-kit-1], 1211 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`" 1212 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])], 1213 [] 1214 ) 1215fi 1216 1217# When testing a compiler option, we add -Werror to force 1218# an error when the option is unsupported. This is not 1219# required for gcc, but some compilers such as clang needs it. 1220AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [ 1221 old_cflags="$CFLAGS" 1222 CFLAGS="$1 -Werror $CFLAGS" 1223 AC_MSG_CHECKING([whether the compiler accepts $1]) 1224 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags", 1225 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])] 1226) 1227 1228ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation]) 1229ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-unused-function]) 1230ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-unused-parameter]) 1231ACL_CHECK_ADD_COMPILE_FLAGS([-Wall]) 1232 1233if test "${enable_pedantic}" = "yes"; then 1234 enable_strict="yes" 1235 CFLAGS="${CFLAGS} -pedantic" 1236 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode]) 1237fi 1238if test "${enable_strict}" = "yes"; then 1239 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized" 1240fi 1241if test "${enable_werror}" = "yes"; then 1242 CFLAGS="${CFLAGS} -Werror" 1243fi 1244 1245if test "${enable_plugin_auth_pam}" = "yes"; then 1246 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}" 1247 if test "${enable_pam_dlopen}" = "yes"; then 1248 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam]) 1249 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}" 1250 else 1251 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing]) 1252 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}" 1253 fi 1254fi 1255 1256if test "${enable_async_push}" = "yes"; then 1257 case "$host" in 1258 *-*-freebsd*) 1259 PKG_CHECK_MODULES( 1260 [OPTIONAL_INOTIFY], 1261 [libinotify], 1262 [ 1263 AC_DEFINE([HAVE_SYS_INOTIFY_H]) 1264 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]) 1265 ] 1266 ) 1267 ;; 1268 *) 1269 AC_CHECK_HEADERS( 1270 [sys/inotify.h], 1271 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]), 1272 AC_MSG_ERROR([inotify.h not found.]) 1273 ) 1274 ;; 1275 esac 1276fi 1277 1278CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`" 1279AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings]) 1280 1281TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID" 1282TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR" 1283TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR" 1284AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id]) 1285AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN]) 1286AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN]) 1287AC_SUBST([TAP_WIN_COMPONENT_ID]) 1288AC_SUBST([TAP_WIN_MIN_MAJOR]) 1289AC_SUBST([TAP_WIN_MIN_MINOR]) 1290 1291AC_SUBST([OPTIONAL_DL_LIBS]) 1292AC_SUBST([OPTIONAL_SELINUX_LIBS]) 1293AC_SUBST([OPTIONAL_CRYPTO_CFLAGS]) 1294AC_SUBST([OPTIONAL_CRYPTO_LIBS]) 1295AC_SUBST([OPTIONAL_LZO_CFLAGS]) 1296AC_SUBST([OPTIONAL_LZO_LIBS]) 1297AC_SUBST([OPTIONAL_LZ4_CFLAGS]) 1298AC_SUBST([OPTIONAL_LZ4_LIBS]) 1299AC_SUBST([OPTIONAL_SYSTEMD_LIBS]) 1300AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) 1301AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) 1302AC_SUBST([OPTIONAL_INOTIFY_CFLAGS]) 1303AC_SUBST([OPTIONAL_INOTIFY_LIBS]) 1304 1305AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS]) 1306AC_SUBST([PLUGIN_AUTH_PAM_LIBS]) 1307 1308AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"]) 1309AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"]) 1310AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"]) 1311AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"]) 1312AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"]) 1313AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"]) 1314 1315sampledir="\$(docdir)/sample" 1316AC_SUBST([plugindir]) 1317AC_SUBST([sampledir]) 1318 1319AC_SUBST([systemdunitdir]) 1320AC_SUBST([tmpfilesdir]) 1321 1322AC_ARG_ENABLE( 1323 [unit-tests], 1324 [AS_HELP_STRING([--disable-unit-tests], 1325 [Disables building and running the unit tests suite])], 1326 [], 1327 [enable_unit_tests="yes"] 1328) 1329 1330# Check if cmocka is available - needed for unit testing 1331PKG_CHECK_MODULES( 1332 [CMOCKA], [cmocka], 1333 [have_cmocka="yes"], 1334 [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])] 1335) 1336AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ]) 1337AC_SUBST([ENABLE_UNITTESTS]) 1338 1339TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}" 1340TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}" 1341TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}" 1342TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}" 1343TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}" 1344 1345AC_SUBST([TEST_LDFLAGS]) 1346AC_SUBST([TEST_CFLAGS]) 1347 1348AC_CONFIG_FILES([ 1349 version.sh 1350 Makefile 1351 build/Makefile 1352 build/msvc/Makefile 1353 build/msvc/msvc-generate/Makefile 1354 distro/Makefile 1355 distro/systemd/Makefile 1356 doc/Makefile 1357 doc/doxygen/Makefile 1358 doc/doxygen/openvpn.doxyfile 1359 include/Makefile 1360 sample/sample-plugins/Makefile 1361 src/Makefile 1362 src/compat/Makefile 1363 src/openvpn/Makefile 1364 src/openvpnmsica/Makefile 1365 src/openvpnserv/Makefile 1366 src/plugins/Makefile 1367 src/plugins/auth-pam/Makefile 1368 src/plugins/down-root/Makefile 1369 src/tapctl/Makefile 1370 tests/Makefile 1371 tests/unit_tests/Makefile 1372 tests/unit_tests/example_test/Makefile 1373 tests/unit_tests/openvpn/Makefile 1374 tests/unit_tests/plugins/Makefile 1375 tests/unit_tests/plugins/auth-pam/Makefile 1376 tests/unit_tests/engine-key/Makefile 1377 sample/Makefile 1378]) 1379AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh]) 1380AC_OUTPUT 1381