1dnl OpenVPN -- An application to securely tunnel IP networks 2dnl over a single UDP port, with support for SSL/TLS-based 3dnl session authentication and key exchange, 4dnl packet encryption, packet authentication, and 5dnl packet compression. 6dnl 7dnl Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net> 8dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com> 9dnl 10dnl This program is free software; you can redistribute it and/or modify 11dnl it under the terms of the GNU General Public License as published by 12dnl the Free Software Foundation; either version 2 of the License, or 13dnl (at your option) any later version. 14dnl 15dnl This program is distributed in the hope that it will be useful, 16dnl but WITHOUT ANY WARRANTY; without even the implied warranty of 17dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18dnl GNU General Public License for more details. 19dnl 20dnl You should have received a copy of the GNU General Public License along 21dnl with this program; if not, write to the Free Software Foundation, Inc., 22dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 23 24dnl Process this file with autoconf to produce a configure script. 25 26AC_PREREQ(2.59) 27 28m4_include(version.m4) 29AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME]) 30m4_include(compat.m4) 31AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format]) 32AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version]) 33AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version]) 34AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer]) 35AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer]) 36AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer]) 37AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer]) 38 39AC_CONFIG_AUX_DIR([.]) 40AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h]) 41AC_CONFIG_SRCDIR([src/openvpn/syshead.h]) 42AC_CONFIG_MACRO_DIR([m4]) 43 44dnl Initialize automake. automake < 1.12 didn't have serial-tests and 45dnl gives an error if it sees this, but for automake >= 1.13 46dnl serial-tests is required so we have to include it. Solution is to 47dnl test for the version of automake (by running an external command) 48dnl and provide it if necessary. Note we have to do this entirely using 49dnl m4 macros since automake queries this macro by running 50dnl 'autoconf --trace ...'. 51m4_define([serial_tests], [ 52 m4_esyscmd([automake --version | 53 head -1 | 54 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 12) { print "serial-tests" }}' 55 ]) 56]) 57# This foreign option prevents autoreconf from overriding our COPYING and 58# INSTALL targets: 59AM_INIT_AUTOMAKE(foreign serial_tests 1.9) dnl NB: Do not [quote] this parameter. 60AC_CANONICAL_HOST 61AC_USE_SYSTEM_EXTENSIONS 62 63AC_ARG_ENABLE( 64 [lzo], 65 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])], 66 , 67 [enable_lzo="yes"] 68) 69 70AC_ARG_ENABLE(lz4, 71 [ --disable-lz4 Disable LZ4 compression support], 72 [enable_lz4="$enableval"], 73 [enable_lz4="yes"] 74) 75 76AC_ARG_ENABLE(comp-stub, 77 [ --enable-comp-stub Don't compile compression support but still allow limited interoperability with compression-enabled peers], 78 [enable_comp_stub="$enableval"], 79 [enable_comp_stub="no"] 80) 81 82AC_ARG_ENABLE( 83 [ofb-cfb], 84 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])], 85 , 86 [enable_crypto_ofb_cfb="yes"] 87) 88 89AC_ARG_ENABLE( 90 [x509-alt-username], 91 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])], 92 , 93 [enable_x509_alt_username="no"] 94) 95 96AC_ARG_ENABLE( 97 [plugins], 98 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])], 99 , 100 [enable_plugins="yes"] 101) 102 103AC_ARG_ENABLE( 104 [management], 105 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])], 106 , 107 [enable_management="yes"] 108) 109 110AC_ARG_ENABLE( 111 [pkcs11], 112 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])], 113 , 114 [enable_pkcs11="no"] 115) 116 117AC_ARG_ENABLE( 118 [fragment], 119 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])], 120 , 121 [enable_fragment="yes"] 122) 123 124AC_ARG_ENABLE( 125 [multihome], 126 [AS_HELP_STRING([--disable-multihome], [disable multi-homed UDP server support (--multihome) @<:@default=yes@:>@])], 127 , 128 [enable_multihome="yes"] 129) 130 131AC_ARG_ENABLE( 132 [port-share], 133 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])], 134 , 135 [enable_port_share="yes"] 136) 137 138AC_ARG_ENABLE( 139 [debug], 140 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])], 141 , 142 [enable_debug="yes"] 143) 144 145AC_ARG_ENABLE( 146 [small], 147 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])], 148 , 149 [enable_small="no"] 150) 151 152AC_ARG_ENABLE( 153 [iproute2], 154 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 @<:@default=no@:>@])], 155 , 156 [enable_iproute2="no"] 157) 158 159AC_ARG_ENABLE( 160 [def-auth], 161 [AS_HELP_STRING([--disable-def-auth], [disable deferred authentication @<:@default=yes@:>@])], 162 , 163 [enable_def_auth="yes"] 164) 165 166AC_ARG_ENABLE( 167 [pf], 168 [AS_HELP_STRING([--disable-pf], [disable internal packet filter @<:@default=yes@:>@])], 169 , 170 [enable_pf="yes"] 171) 172 173AC_ARG_ENABLE( 174 [plugin-auth-pam], 175 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])], 176 , 177 [ 178 case "$host" in 179 *-*-openbsd*) enable_plugin_auth_pam="no";; 180 *-mingw*) enable_plugin_auth_pam="no";; 181 *) enable_plugin_auth_pam="yes";; 182 esac 183 ] 184) 185 186AC_ARG_ENABLE( 187 [plugin-down-root], 188 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])], 189 , 190 [ 191 case "$host" in 192 *-mingw*) enable_plugin_down_root="no";; 193 *) enable_plugin_down_root="yes";; 194 esac 195 ] 196) 197 198AC_ARG_ENABLE( 199 [pam-dlopen], 200 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])], 201 , 202 [enable_pam_dlopen="no"] 203) 204 205AC_ARG_ENABLE( 206 [strict], 207 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])], 208 , 209 [enable_strict="no"] 210) 211 212AC_ARG_ENABLE( 213 [pedantic], 214 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])], 215 , 216 [enable_pedantic="no"] 217) 218 219AC_ARG_ENABLE( 220 [werror], 221 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])], 222 , 223 [enable_werror="no"] 224) 225 226AC_ARG_ENABLE( 227 [strict-options], 228 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])], 229 , 230 [enable_strict_options="no"] 231) 232 233AC_ARG_ENABLE( 234 [selinux], 235 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])], 236 , 237 [enable_selinux="no"] 238) 239 240AC_ARG_ENABLE( 241 [systemd], 242 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])], 243 , 244 [enable_systemd="no"] 245) 246 247AC_ARG_ENABLE( 248 [async-push], 249 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])], 250 , 251 [enable_async_push="no"] 252) 253 254AC_ARG_WITH( 255 [special-build], 256 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])], 257 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])] 258) 259 260AC_ARG_WITH( 261 [mem-check], 262 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])], 263 [ 264 case "${withval}" in 265 dmalloc|valgrind|ssl|no) ;; 266 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;; 267 esac 268 ], 269 [with_mem_check="no"] 270) 271 272AC_ARG_WITH( 273 [crypto-library], 274 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls @<:@default=openssl@:>@])], 275 [ 276 case "${withval}" in 277 openssl|mbedtls) ;; 278 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;; 279 esac 280 ], 281 [with_crypto_library="openssl"] 282) 283 284AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@]) 285if test -n "${PLUGINDIR}"; then 286 plugindir="${PLUGINDIR}" 287else 288 plugindir="\${libdir}/openvpn/plugins" 289fi 290 291AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host]) 292AM_CONDITIONAL([TARGET_LINUX], [false]) 293case "$host" in 294 *-*-linux*) 295 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?]) 296 AM_CONDITIONAL([TARGET_LINUX], [true]) 297 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) 298 have_sitnl="yes" 299 ;; 300 *-*-solaris*) 301 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) 302 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix]) 303 CPPFLAGS="$CPPFLAGS -D_XPG4_2" 304 test -x /bin/bash && SHELL="/bin/bash" 305 ;; 306 *-*-openbsd*) 307 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?]) 308 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix]) 309 ;; 310 *-*-freebsd*) 311 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?]) 312 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix]) 313 ;; 314 *-*-netbsd*) 315 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?]) 316 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix]) 317 ;; 318 *-*-darwin*) 319 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?]) 320 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix]) 321 have_tap_header="yes" 322 ac_cv_type_struct_in_pktinfo=no 323 ;; 324 *-mingw*) 325 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?]) 326 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix]) 327 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN" 328 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA" 329 WIN32=yes 330 ;; 331 *-*-dragonfly*) 332 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?]) 333 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix]) 334 ;; 335 *-aix*) 336 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?]) 337 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix]) 338 ROUTE="/usr/sbin/route" 339 have_tap_header="yes" 340 ac_cv_header_net_if_h="no" # exists, but breaks things 341 ;; 342 *) 343 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix]) 344 have_tap_header="yes" 345 ;; 346esac 347 348PKG_PROG_PKG_CONFIG 349AC_PROG_CPP 350AC_PROG_INSTALL 351AC_PROG_LN_S 352AC_PROG_SED 353AC_PROG_MAKE_SET 354 355AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility]) 356AC_ARG_VAR([ROUTE], [full path to route utility]) 357AC_ARG_VAR([IPROUTE], [full path to ip utility]) 358AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests 359AC_ARG_VAR([GIT], [path to git utility]) 360AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) 361AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@]) 362AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@]) 363AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) 364AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) 365AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) 366AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin]) 367AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests 368AC_CHECK_PROGS([GIT], [git]) # optional 369AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) 370AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) 371AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) 372AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool]) 373 374# 375# man page generation - based on python-docutils 376# 377AC_ARG_VAR([RST2MAN], [path to rst2man utility]) 378AC_ARG_VAR([RST2HTML], [path to rst2html utility]) 379AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py]) 380AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py]) 381AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"]) 382 383# Set -std=c99 unless user already specified a -std= 384case "${CFLAGS}" in 385 *-std=*) ;; 386 *) CFLAGS="${CFLAGS} -std=c99" ;; 387esac 388 389# 390# Libtool 391# 392ifdef( 393 [LT_INIT], 394 [ 395 LT_INIT([win32-dll]) 396 LT_LANG([Windows Resource]) 397 ], 398 [ 399 AC_LIBTOOL_WIN32_DLL 400 AC_LIBTOOL_RC 401 AC_PROG_LIBTOOL 402 ] 403) 404 405AC_C_CONST 406AC_C_INLINE 407AC_C_VOLATILE 408AC_TYPE_OFF_T 409AC_TYPE_PID_T 410AC_TYPE_SIZE_T 411AC_TYPE_UID_T 412AC_TYPE_INT8_T 413AC_TYPE_INT16_T 414AC_TYPE_INT32_T 415AC_TYPE_INT64_T 416AC_TYPE_UINT8_T 417AC_TYPE_UINT16_T 418AC_TYPE_UINT32_T 419AC_TYPE_UINT64_T 420AC_TYPE_SIGNAL 421AX_CPP_VARARG_MACRO_ISO 422AX_CPP_VARARG_MACRO_GCC 423AX_TYPE_SOCKLEN_T 424AX_EMPTY_ARRAY 425AC_CHECK_SIZEOF([unsigned int]) 426AC_CHECK_SIZEOF([unsigned long]) 427AC_CHECK_HEADERS([ \ 428 stdio.h stdarg.h limits.h \ 429 time.h errno.h fcntl.h io.h direct.h \ 430 ctype.h sys/types.h sys/socket.h \ 431 signal.h unistd.h dlfcn.h \ 432 netinet/in.h netinet/in_systm.h \ 433 netinet/tcp.h arpa/inet.h netdb.h \ 434 windows.h winsock2.h ws2tcpip.h \ 435 versionhelpers.h \ 436]) 437AC_CHECK_HEADERS([ \ 438 sys/time.h sys/ioctl.h sys/stat.h \ 439 sys/mman.h sys/file.h sys/wait.h \ 440 unistd.h signal.h libgen.h stropts.h \ 441 syslog.h pwd.h grp.h \ 442 sys/sockio.h sys/uio.h linux/sockios.h \ 443 linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \ 444]) 445 446SOCKET_INCLUDES=" 447#ifdef HAVE_STDLIB_H 448#include <stdlib.h> 449#endif 450#ifdef HAVE_SYS_TYPES_H 451#include <sys/types.h> 452#endif 453#ifdef HAVE_SYS_SOCKET_H 454#include <sys/socket.h> 455#endif 456#ifdef HAVE_NET_IF_H 457#include <net/if.h> 458#endif 459#ifdef HAVE_NETINET_IN_H 460#include <netinet/in.h> 461#endif 462#ifdef HAVE_WINDOWS_H 463#include <windows.h> 464#endif 465#ifdef HAVE_WINSOCK2_H 466#include <winsock2.h> 467#endif 468#ifdef HAVE_WS2TCPIP_H 469#include <ws2tcpip.h> 470#endif 471#ifdef HAVE_NETINET_IN_SYSTM_H 472#include <netinet/in_systm.h> 473#endif 474#ifdef HAVE_NETINET_IP_H 475#include <netinet/ip.h> 476#endif 477" 478 479AC_CHECK_HEADERS( 480 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h], 481 , 482 , 483 [[${SOCKET_INCLUDES}]] 484) 485 486AC_CHECK_TYPES( 487 [in_addr_t], 488 , 489 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])], 490 [[${SOCKET_INCLUDES}]] 491) 492AC_CHECK_TYPES( 493 [in_port_t], 494 , 495 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])], 496 [[${SOCKET_INCLUDES}]] 497) 498AC_CHECK_TYPE( 499 [struct iphdr], 500 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])], 501 , 502 [[${SOCKET_INCLUDES}]] 503) 504AC_CHECK_TYPE( 505 [struct msghdr], 506 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])], 507 , 508 [[${SOCKET_INCLUDES}]] 509) 510AC_CHECK_TYPE( 511 [struct cmsghdr], 512 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])], 513 , 514 [[${SOCKET_INCLUDES}]] 515) 516AC_CHECK_TYPE( 517 [struct in_pktinfo], 518 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])], 519 , 520 [[${SOCKET_INCLUDES}]] 521) 522AC_CHECK_TYPE( 523 [sa_family_t], 524 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])], 525 , 526 [[${SOCKET_INCLUDES}]] 527) 528AC_CHECK_MEMBER( 529 [struct in_pktinfo.ipi_spec_dst], 530 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])], 531 , 532 [[${SOCKET_INCLUDES}]] 533) 534AC_CHECK_TYPE( 535 [struct sockaddr_in6], 536 , 537 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])], 538 [[${SOCKET_INCLUDES}]] 539) 540AC_CHECK_DECLS( 541 [SO_MARK], 542 , 543 , 544 [[${SOCKET_INCLUDES}]] 545) 546AC_CHECKING([anonymous union support]) 547AC_COMPILE_IFELSE( 548 [AC_LANG_PROGRAM( 549 [[ 550 struct mystruct { 551 union { 552 int m1; 553 char m2; 554 }; 555 }; 556 ]], 557 [[ 558 struct mystruct s; 559 s.m1 = 1; s.m2 = 2; 560 ]] 561 )], 562 [ 563 AC_MSG_RESULT([yes]) 564 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions]) 565 ], 566 [AC_MSG_RESULT([no])] 567) 568 569saved_LDFLAGS="$LDFLAGS" 570LDFLAGS="$LDFLAGS -Wl,--wrap=exit" 571AC_MSG_CHECKING([linker supports --wrap]) 572AC_LINK_IFELSE( 573 [AC_LANG_PROGRAM( 574 [[ 575 void exit(int); 576 void __real_exit(int); 577 void __wrap_exit(int i) { 578 __real_exit(i); 579 } 580 ]], 581 [[ 582 exit(0); 583 ]] 584 )], 585 [ 586 AC_MSG_RESULT([yes]) 587 have_ld_wrap_support=yes 588 ], 589 [AC_MSG_RESULT([no])], 590) 591LDFLAGS="$saved_LDFLAGS" 592 593dnl We emulate signals in Windows 594AC_CHECK_DECLS( 595 [SIGHUP], 596 , 597 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])], 598 [[ 599 #ifdef HAVE_SIGNAL_H 600 #include <signal.h> 601 #endif 602 ]] 603) 604AC_CHECK_DECLS( 605 [SIGINT], 606 , 607 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])], 608 [[ 609 #ifdef HAVE_SIGNAL_H 610 #include <signal.h> 611 #endif 612 ]] 613) 614AC_CHECK_DECLS( 615 [SIGUSR1], 616 , 617 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])], 618 [[ 619 #ifdef HAVE_SIGNAL_H 620 #include <signal.h> 621 #endif 622 ]] 623) 624AC_CHECK_DECLS( 625 [SIGUSR2], 626 , 627 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])], 628 [[ 629 #ifdef HAVE_SIGNAL_H 630 #include <signal.h> 631 #endif 632 ]] 633) 634AC_CHECK_DECLS( 635 [SIGTERM], 636 , 637 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])], 638 [[ 639 #ifdef HAVE_SIGNAL_H 640 #include <signal.h> 641 #endif 642 ]] 643) 644 645AC_FUNC_FORK 646 647AC_CHECK_FUNCS([ \ 648 daemon chroot getpwnam setuid nice system getpid dup dup2 \ 649 getpass syslog openlog mlockall getgrnam setgid \ 650 setgroups stat flock readv writev time gettimeofday \ 651 ctime memset vsnprintf strdup \ 652 setsid chdir putenv getpeername unlink \ 653 chsize ftruncate execve getpeereid umask basename dirname access \ 654 epoll_create strsep \ 655]) 656 657AC_CHECK_LIB( 658 [dl], 659 [dlopen], 660 [DL_LIBS="-ldl"] 661) 662AC_SUBST([DL_LIBS]) 663 664AC_CHECK_LIB( 665 [nsl], 666 [inet_ntoa], 667 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"] 668) 669AC_CHECK_LIB( 670 [socket], 671 [socket], 672 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"] 673) 674AC_CHECK_LIB( 675 [resolv], 676 [gethostbyname], 677 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"] 678) 679AC_SUBST([SOCKETS_LIBS]) 680 681old_LIBS="${LIBS}" 682LIBS="${LIBS} ${SOCKETS_LIBS}" 683AC_CHECK_FUNCS([sendmsg recvmsg]) 684# Windows use stdcall for winsock so we cannot auto detect these 685m4_define( 686 [SOCKET_FUNCS], 687[socket recv recvfrom send sendto listen dnl 688accept connect bind select gethostbyname inet_ntoa]dnl 689) 690m4_define( 691 [SOCKET_OPT_FUNCS], 692 [setsockopt getsockopt getsockname poll]dnl 693) 694if test "${WIN32}" = "yes"; then 695# normal autoconf function checking does not find inet_ntop/inet_pton 696# because they need to include the actual header file and link ws2_32.dll 697 LIBS="${LIBS} -lws2_32" 698 AC_MSG_CHECKING([for MinGW inet_ntop()/inet_pton()]) 699 AC_LINK_IFELSE( 700 [AC_LANG_PROGRAM( 701 [[ 702#include <ws2tcpip.h> 703 ]], 704 [[ 705int r = (int) inet_ntop (0, NULL, NULL, 0); 706 r += inet_pton(AF_INET, NULL, NULL); 707return r; 708 ]] 709 )], 710 [AC_MSG_RESULT([OK]) 711 AC_DEFINE([HAVE_INET_NTOP],[1],[MinGW inet_ntop]) 712 AC_DEFINE([HAVE_INET_PTON],[1],[MinGW inet_pton]) 713 ], 714 [AC_MSG_RESULT([not found])] 715 ) 716 m4_foreach( 717 [F], 718 m4_split(SOCKET_FUNCS SOCKET_OPT_FUNCS), 719 m4_define([UF], [[m4_join([_], [HAVE], m4_toupper(F))]]) 720 AC_DEFINE([UF], [1], [Win32 builtin]) 721 ) 722else 723 AC_CHECK_FUNCS([inet_ntop inet_pton]) 724 AC_CHECK_FUNCS( 725 SOCKET_FUNCS, 726 , 727 [AC_MSG_ERROR([Required library function not found])] 728 ) 729 AC_CHECK_FUNCS(SOCKET_OPT_FUNCS) 730fi 731LIBS="${old_LIBS}" 732 733# we assume res_init() always exist, but need to find out *where*... 734AC_SEARCH_LIBS(__res_init, resolv bind, , 735 AC_SEARCH_LIBS(res_9_init, resolv bind, , 736 AC_SEARCH_LIBS(res_init, resolv bind, , ))) 737 738AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap]) 739old_CFLAGS="${CFLAGS}" 740CFLAGS="${CFLAGS} ${TAP_CFLAGS}" 741AC_CHECK_HEADERS( 742 [ \ 743 net/if_tun.h net/tun/if_tun.h \ 744 linux/if_tun.h \ 745 tap-windows.h \ 746 ], 747 [have_tap_header="yes"] 748) 749AC_CHECK_DECLS( 750 [TUNSETPERSIST], 751 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])], 752 , 753 [[ 754 #ifdef HAVE_LINUX_IF_TUN_H 755 #include <linux/if_tun.h> 756 #endif 757 ]] 758) 759CFLAGS="${old_CFLAGS}" 760test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found]) 761 762AC_CHECK_LIB( 763 [selinux], 764 [setcon], 765 [SELINUX_LIBS="-lselinux"] 766) 767AC_SUBST([SELINUX_LIBS]) 768 769AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam]) 770AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam]) 771if test -z "${LIBPAM_LIBS}"; then 772 AC_CHECK_LIB( 773 [pam], 774 [pam_start], 775 [LIBPAM_LIBS="-lpam"] 776 ) 777fi 778 779case "${with_mem_check}" in 780 valgrind) 781 AC_CHECK_HEADERS( 782 [valgrind/memcheck.h], 783 [ 784 CFLAGS="${CFLAGS} -g -fno-inline" 785 AC_DEFINE( 786 [USE_VALGRIND], 787 [1], 788 [Use valgrind memory debugging library] 789 ) 790 ], 791 [AC_MSG_ERROR([valgrind headers not found.])] 792 ) 793 ;; 794 dmalloc) 795 AC_CHECK_HEADERS( 796 [dmalloc.h], 797 [AC_CHECK_LIB( 798 [dmalloc], 799 [malloc], 800 [ 801 LIBS="${LIBS} -ldmalloc" 802 AC_DEFINE( 803 [DMALLOC], 804 [1], 805 [Use dmalloc memory debugging library] 806 ) 807 ], 808 [AC_MSG_ERROR([dmalloc library not found.])] 809 )], 810 [AC_MSG_ERROR([dmalloc headers not found.])] 811 ) 812 ;; 813 ssl) 814 AC_CHECK_LIB( 815 [ssl], 816 [CRYPTO_mem_ctrl], 817 [ 818 AC_DEFINE( 819 [CRYPTO_MDEBUG], 820 [1], 821 [Use memory debugging function in OpenSSL] 822 ) 823 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG]) 824 ], 825 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])] 826 ) 827 ;; 828esac 829 830PKG_CHECK_MODULES( 831 [PKCS11_HELPER], 832 [libpkcs11-helper-1 >= 1.11], 833 [have_pkcs11_helper="yes"], 834 [] 835) 836 837if test "${with_crypto_library}" = "openssl"; then 838 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL]) 839 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL]) 840 841 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then 842 # if the user did not explicitly specify flags, try to autodetect 843 PKG_CHECK_MODULES( 844 [OPENSSL], 845 [openssl >= 1.0.2], 846 [have_openssl="yes"], 847 [] # If this fails, we will do another test next 848 ) 849 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} 850 fi 851 852 saved_CFLAGS="${CFLAGS}" 853 saved_LIBS="${LIBS}" 854 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}" 855 LIBS="${LIBS} ${OPENSSL_LIBS}" 856 857 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars 858 # are used, check the version directly in the OpenSSL include file 859 if test "${have_openssl}" != "yes"; then 860 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2]) 861 AC_COMPILE_IFELSE( 862 [AC_LANG_PROGRAM( 863 [[ 864#include <openssl/opensslv.h> 865 ]], 866 [[ 867/* Version encoding: MNNFFPPS - see opensslv.h for details */ 868#if OPENSSL_VERSION_NUMBER < 0x10002000L 869#error OpenSSL too old 870#endif 871 ]] 872 )], 873 [AC_MSG_RESULT([ok])], 874 [AC_MSG_ERROR([OpenSSL version too old])] 875 ) 876 fi 877 878 AC_CHECK_FUNCS([SSL_CTX_new EVP_CIPHER_CTX_set_key_length], 879 , 880 [AC_MSG_ERROR([openssl check failed])] 881 ) 882 883 have_openssl_engine="yes" 884 AC_CHECK_FUNCS( 885 [ \ 886 ENGINE_load_builtin_engines \ 887 ENGINE_register_all_complete \ 888 ENGINE_cleanup \ 889 ], 890 , 891 [have_openssl_engine="no"; break] 892 ) 893 if test "${have_openssl_engine}" = "no"; then 894 AC_CHECK_DECL( [ENGINE_cleanup], [have_openssl_engine="yes"],, 895 [[ 896 #include <openssl/engine.h> 897 ]] 898 ) 899 fi 900 if test "${have_openssl_engine}" = "yes"; then 901 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available]) 902 fi 903 904 AC_CHECK_FUNC( 905 [EVP_aes_256_gcm], 906 , 907 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])] 908 ) 909 910 # All supported OpenSSL version (>= 1.0.2) 911 # have this feature 912 have_export_keying_material="yes" 913 914 AC_CHECK_FUNCS( 915 [ \ 916 HMAC_CTX_new \ 917 HMAC_CTX_free \ 918 HMAC_CTX_reset \ 919 EVP_MD_CTX_new \ 920 EVP_MD_CTX_free \ 921 EVP_MD_CTX_reset \ 922 EVP_CIPHER_CTX_reset \ 923 OpenSSL_version \ 924 SSL_CTX_get_default_passwd_cb \ 925 SSL_CTX_get_default_passwd_cb_userdata \ 926 SSL_CTX_set1_groups \ 927 SSL_CTX_set_security_level \ 928 X509_get0_notBefore \ 929 X509_get0_notAfter \ 930 X509_get0_pubkey \ 931 X509_STORE_get0_objects \ 932 X509_OBJECT_free \ 933 X509_OBJECT_get_type \ 934 EVP_PKEY_get0_RSA \ 935 EVP_PKEY_get0_DSA \ 936 EVP_PKEY_get0_EC_KEY \ 937 RSA_set_flags \ 938 RSA_bits \ 939 RSA_get0_key \ 940 RSA_set0_key \ 941 DSA_get0_pqg \ 942 DSA_bits \ 943 RSA_meth_new \ 944 RSA_meth_free \ 945 RSA_meth_set_pub_enc \ 946 RSA_meth_set_pub_dec \ 947 RSA_meth_set_priv_enc \ 948 RSA_meth_set_priv_dec \ 949 RSA_meth_set_init \ 950 RSA_meth_set_sign \ 951 RSA_meth_set_finish \ 952 RSA_meth_set0_app_data \ 953 RSA_meth_get0_app_data \ 954 EC_GROUP_order_bits 955 ] 956 ) 957 958 CFLAGS="${saved_CFLAGS}" 959 LIBS="${saved_LIBS}" 960 961 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library]) 962 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}" 963 CRYPTO_LIBS="${OPENSSL_LIBS}" 964elif test "${with_crypto_library}" = "mbedtls"; then 965 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls]) 966 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls]) 967 968 saved_CFLAGS="${CFLAGS}" 969 saved_LIBS="${LIBS}" 970 971 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then 972 # if the user did not explicitly specify flags, try to autodetect 973 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto" 974 AC_CHECK_LIB( 975 [mbedtls], 976 [mbedtls_ssl_init], 977 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"], 978 [AC_MSG_ERROR([Could not find mbed TLS.])], 979 [${PKCS11_HELPER_LIBS}] 980 ) 981 fi 982 983 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}" 984 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}" 985 986 AC_MSG_CHECKING([mbedtls version]) 987 AC_COMPILE_IFELSE( 988 [AC_LANG_PROGRAM( 989 [[ 990#include <mbedtls/version.h> 991 ]], 992 [[ 993#if MBEDTLS_VERSION_NUMBER < 0x02000000 || MBEDTLS_VERSION_NUMBER >= 0x03000000 994#error invalid version 995#endif 996 ]] 997 )], 998 [AC_MSG_RESULT([ok])], 999 [AC_MSG_ERROR([mbed TLS 2.y.z required])] 1000 ) 1001 1002 AC_CHECK_FUNCS( 1003 [ \ 1004 mbedtls_cipher_write_tag \ 1005 mbedtls_cipher_check_tag \ 1006 ], 1007 , 1008 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])] 1009 ) 1010 1011 have_export_keying_material="yes" 1012 AC_CHECK_FUNC( 1013 [mbedtls_ssl_conf_export_keys_ext_cb], 1014 , 1015 [have_export_keying_material="no"] 1016 ) 1017 1018 CFLAGS="${saved_CFLAGS}" 1019 LIBS="${saved_LIBS}" 1020 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library]) 1021 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}" 1022 CRYPTO_LIBS="${MBEDTLS_LIBS}" 1023else 1024 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}]) 1025fi 1026 1027AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo]) 1028AC_ARG_VAR([LZO_LIBS], [linker flags for lzo]) 1029have_lzo="yes" 1030if test -z "${LZO_LIBS}"; then 1031 AC_CHECK_LIB( 1032 [lzo2], 1033 [lzo1x_1_15_compress], 1034 [LZO_LIBS="-llzo2"], 1035 [AC_CHECK_LIB( 1036 [lzo], 1037 [lzo1x_1_15_compress], 1038 [LZO_LIBS="-llzo"], 1039 [have_lzo="no"] 1040 )] 1041 ) 1042fi 1043if test "${have_lzo}" = "yes"; then 1044 saved_CFLAGS="${CFLAGS}" 1045 CFLAGS="${CFLAGS} ${LZO_CFLAGS}" 1046 AC_CHECK_HEADERS( 1047 [lzo/lzoutil.h], 1048 , 1049 [AC_CHECK_HEADERS( 1050 [lzoutil.h], 1051 , 1052 [AC_MSG_ERROR([lzoutil.h is missing])] 1053 )] 1054 ) 1055 AC_CHECK_HEADERS( 1056 [lzo/lzo1x.h], 1057 , 1058 [AC_CHECK_HEADERS( 1059 [lzo1x.h], 1060 , 1061 [AC_MSG_ERROR([lzo1x.h is missing])] 1062 )] 1063 ) 1064 CFLAGS="${saved_CFLAGS}" 1065fi 1066 1067dnl 1068dnl check for LZ4 library 1069dnl 1070 1071AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4]) 1072AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4]) 1073if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then 1074 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then 1075 # if the user did not explicitly specify flags, try to autodetect 1076 PKG_CHECK_MODULES([LZ4], 1077 [liblz4 >= 1.7.1 liblz4 < 100], 1078 [have_lz4="yes"], 1079 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next. 1080 # We also add set LZ4_LIBS otherwise the 1081 # linker will not know about the lz4 library 1082 ) 1083 fi 1084 1085 saved_CFLAGS="${CFLAGS}" 1086 saved_LIBS="${LIBS}" 1087 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}" 1088 LIBS="${LIBS} ${LZ4_LIBS}" 1089 1090 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars 1091 # are used, check the version directly in the LZ4 include file 1092 if test "${have_lz4}" != "yes"; then 1093 AC_CHECK_HEADERS([lz4.h], 1094 [have_lz4h="yes"], 1095 []) 1096 1097 if test "${have_lz4h}" = "yes" ; then 1098 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1]) 1099 AC_COMPILE_IFELSE( 1100 [AC_LANG_PROGRAM([[ 1101#include <lz4.h> 1102 ]], 1103 [[ 1104/* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */ 1105#if LZ4_VERSION_NUMBER < 10701L 1106#error LZ4 is too old 1107#endif 1108 ]] 1109 )], 1110 [ 1111 AC_MSG_RESULT([ok]) 1112 have_lz4="yes" 1113 ], 1114 [AC_MSG_RESULT([system LZ4 library is too old])] 1115 ) 1116 fi 1117 fi 1118 1119 # Double check we have a few needed functions 1120 if test "${have_lz4}" = "yes" ; then 1121 AC_CHECK_LIB([lz4], 1122 [LZ4_compress_default], 1123 [], 1124 [have_lz4="no"]) 1125 AC_CHECK_LIB([lz4], 1126 [LZ4_decompress_safe], 1127 [], 1128 [have_lz4="no"]) 1129 fi 1130 1131 if test "${have_lz4}" != "yes" ; then 1132 AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*]) 1133 AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/]) 1134 LZ4_LIBS="" 1135 fi 1136 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}" 1137 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}" 1138 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library]) 1139 CFLAGS="${saved_CFLAGS}" 1140 LIBS="${saved_LIBS}" 1141fi 1142 1143 1144dnl 1145dnl Check for systemd 1146dnl 1147AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"]) 1148if test "$enable_systemd" = "yes" ; then 1149 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd], 1150 [], 1151 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])] 1152 ) 1153 1154 PKG_CHECK_EXISTS( [libsystemd > 216], 1155 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1], 1156 [systemd is newer than v216])] 1157 ) 1158 1159 AC_CHECK_HEADERS(systemd/sd-daemon.h, 1160 , 1161 [ 1162 AC_MSG_ERROR([systemd development headers not found.]) 1163 ]) 1164 1165 saved_LIBS="${LIBS}" 1166 LIBS="${LIBS} ${libsystemd_LIBS}" 1167 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])]) 1168 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" 1169 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) 1170 LIBS="${saved_LIBS}" 1171 1172 if test -n "${SYSTEMD_UNIT_DIR}"; then 1173 systemdunitdir="${SYSTEMD_UNIT_DIR}" 1174 else 1175 systemdunitdir="\${libdir}/systemd/system" 1176 fi 1177 1178 if test -n "${TMPFILES_DIR}"; then 1179 tmpfilesdir="${TMPFILES_DIR}" 1180 else 1181 tmpfilesdir="\${libdir}/tmpfiles.d" 1182 fi 1183fi 1184 1185 1186AC_MSG_CHECKING([git checkout]) 1187GIT_CHECKOUT="no" 1188if test -n "${GIT}" -a -d "${srcdir}/.git"; then 1189 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h]) 1190 GIT_CHECKOUT="yes" 1191fi 1192AC_MSG_RESULT([${GIT_CHECKOUT}]) 1193 1194if test -n "${SP_PLATFORM_WINDOWS}"; then 1195 AC_DEFINE_UNQUOTED([PATH_SEPARATOR], ['\\\\'], [Path separator]) #" 1196 AC_DEFINE_UNQUOTED([PATH_SEPARATOR_STR], ["\\\\"], [Path separator]) #" 1197else 1198 AC_DEFINE_UNQUOTED([PATH_SEPARATOR], ['/'], [Path separator]) 1199 AC_DEFINE_UNQUOTED([PATH_SEPARATOR_STR], ["/"], [Path separator]) 1200fi 1201 1202dnl enable --x509-username-field feature if requested 1203if test "${enable_x509_alt_username}" = "yes"; then 1204 if test "${with_crypto_library}" = "mbedtls" ; then 1205 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature]) 1206 fi 1207 1208 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature]) 1209fi 1210 1211test "${ac_cv_header_sys_uio_h}" = "yes" && AC_DEFINE([HAVE_IOVEC], [1], [struct iovec needed for IPv6 support]) 1212test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability]) 1213test "${enable_multihome}" = "yes" && AC_DEFINE([ENABLE_MULTIHOME], [1], [Enable multi-homed UDP server capability]) 1214test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support]) 1215test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size]) 1216test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support]) 1217test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing]) 1218test "${enable_def_auth}" = "yes" && AC_DEFINE([ENABLE_DEF_AUTH], [1], [Enable deferred authentication]) 1219test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal packet filter]) 1220test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers]) 1221 1222test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes]) 1223if test "${have_export_keying_material}" = "yes"; then 1224 AC_DEFINE( 1225 [HAVE_EXPORT_KEYING_MATERIAL], [1], 1226 [Crypto library supports keying material exporter] 1227 ) 1228fi 1229OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}" 1230OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}" 1231 1232if test "${enable_plugins}" = "yes"; then 1233 OPTIONAL_DL_LIBS="${DL_LIBS}" 1234 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support]) 1235else 1236 enable_plugin_auth_pam="no" 1237 enable_plugin_down_root="no" 1238fi 1239 1240AM_CONDITIONAL([HAVE_SITNL], [false]) 1241 1242if test "${enable_iproute2}" = "yes"; then 1243 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing]) 1244 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support]) 1245else if test "${have_sitnl}" = "yes"; then 1246 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support]) 1247 AM_CONDITIONAL([HAVE_SITNL], [true]) 1248else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then 1249 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing]) 1250 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing]) 1251fi 1252fi 1253fi 1254 1255if test "${enable_selinux}" = "yes"; then 1256 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing]) 1257 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}" 1258 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support]) 1259fi 1260 1261if test "${enable_lzo}" = "yes"; then 1262 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing]) 1263 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}" 1264 OPTIONAL_LZO_LIBS="${LZO_LIBS}" 1265 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library]) 1266fi 1267if test "${enable_comp_stub}" = "yes"; then 1268 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)]) 1269 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)]) 1270 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability]) 1271fi 1272 1273if test "${enable_pkcs11}" = "yes"; then 1274 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing]) 1275 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}" 1276 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}" 1277 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11]) 1278 PKG_CHECK_MODULES( 1279 [P11KIT], 1280 [p11-kit-1], 1281 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`" 1282 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])], 1283 [] 1284 ) 1285fi 1286 1287# When testing a compiler option, we add -Werror to force 1288# an error when the option is unsupported. This is not 1289# required for gcc, but some compilers such as clang needs it. 1290AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [ 1291 old_cflags="$CFLAGS" 1292 CFLAGS="$1 -Werror $CFLAGS" 1293 AC_MSG_CHECKING([whether the compiler accepts $1]) 1294 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags", 1295 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])] 1296) 1297 1298ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation]) 1299ACL_CHECK_ADD_COMPILE_FLAGS([-Wall]) 1300 1301if test "${enable_pedantic}" = "yes"; then 1302 enable_strict="yes" 1303 CFLAGS="${CFLAGS} -pedantic" 1304 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode]) 1305fi 1306if test "${enable_strict}" = "yes"; then 1307 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized" 1308fi 1309if test "${enable_werror}" = "yes"; then 1310 CFLAGS="${CFLAGS} -Werror" 1311fi 1312 1313if test "${enable_plugin_auth_pam}" = "yes"; then 1314 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}" 1315 if test "${enable_pam_dlopen}" = "yes"; then 1316 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam]) 1317 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}" 1318 else 1319 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing]) 1320 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}" 1321 fi 1322fi 1323 1324if test "${enable_async_push}" = "yes"; then 1325 case "$host" in 1326 *-*-freebsd*) 1327 PKG_CHECK_MODULES( 1328 [OPTIONAL_INOTIFY], 1329 [libinotify], 1330 [ 1331 AC_DEFINE([HAVE_SYS_INOTIFY_H]) 1332 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]) 1333 ] 1334 ) 1335 ;; 1336 *) 1337 AC_CHECK_HEADERS( 1338 [sys/inotify.h], 1339 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]), 1340 AC_MSG_ERROR([inotify.h not found.]) 1341 ) 1342 ;; 1343 esac 1344fi 1345 1346CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`" 1347AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings]) 1348 1349TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID" 1350TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR" 1351TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR" 1352AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id]) 1353AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN]) 1354AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN]) 1355AC_SUBST([TAP_WIN_COMPONENT_ID]) 1356AC_SUBST([TAP_WIN_MIN_MAJOR]) 1357AC_SUBST([TAP_WIN_MIN_MINOR]) 1358 1359AC_SUBST([OPTIONAL_DL_LIBS]) 1360AC_SUBST([OPTIONAL_SELINUX_LIBS]) 1361AC_SUBST([OPTIONAL_CRYPTO_CFLAGS]) 1362AC_SUBST([OPTIONAL_CRYPTO_LIBS]) 1363AC_SUBST([OPTIONAL_LZO_CFLAGS]) 1364AC_SUBST([OPTIONAL_LZO_LIBS]) 1365AC_SUBST([OPTIONAL_LZ4_CFLAGS]) 1366AC_SUBST([OPTIONAL_LZ4_LIBS]) 1367AC_SUBST([OPTIONAL_SYSTEMD_LIBS]) 1368AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) 1369AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) 1370AC_SUBST([OPTIONAL_INOTIFY_CFLAGS]) 1371AC_SUBST([OPTIONAL_INOTIFY_LIBS]) 1372 1373AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS]) 1374AC_SUBST([PLUGIN_AUTH_PAM_LIBS]) 1375 1376AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"]) 1377AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"]) 1378AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"]) 1379AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"]) 1380AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"]) 1381AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"]) 1382 1383sampledir="\$(docdir)/sample" 1384AC_SUBST([plugindir]) 1385AC_SUBST([sampledir]) 1386 1387AC_SUBST([systemdunitdir]) 1388AC_SUBST([tmpfilesdir]) 1389 1390AC_ARG_ENABLE( 1391 [unit-tests], 1392 [AS_HELP_STRING([--disable-unit-tests], 1393 [Disables building and running the unit tests suite])], 1394 [], 1395 [enable_unit_tests="yes"] 1396) 1397 1398# Check if cmocka is available - needed for unit testing 1399PKG_CHECK_MODULES( 1400 [CMOCKA], [cmocka], 1401 [have_cmocka="yes"], 1402 [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])] 1403) 1404AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ]) 1405AC_SUBST([ENABLE_UNITTESTS]) 1406 1407TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}" 1408TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}" 1409TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}" 1410TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}" 1411TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}" 1412 1413AC_SUBST([TEST_LDFLAGS]) 1414AC_SUBST([TEST_CFLAGS]) 1415 1416AC_CONFIG_FILES([ 1417 version.sh 1418 Makefile 1419 build/Makefile 1420 build/msvc/Makefile 1421 build/msvc/msvc-generate/Makefile 1422 distro/Makefile 1423 distro/systemd/Makefile 1424 doc/Makefile 1425 doc/doxygen/Makefile 1426 doc/doxygen/openvpn.doxyfile 1427 include/Makefile 1428 sample/sample-plugins/Makefile 1429 src/Makefile 1430 src/compat/Makefile 1431 src/openvpn/Makefile 1432 src/openvpnmsica/Makefile 1433 src/openvpnserv/Makefile 1434 src/plugins/Makefile 1435 src/plugins/auth-pam/Makefile 1436 src/plugins/down-root/Makefile 1437 src/tapctl/Makefile 1438 tests/Makefile 1439 tests/unit_tests/Makefile 1440 tests/unit_tests/example_test/Makefile 1441 tests/unit_tests/openvpn/Makefile 1442 tests/unit_tests/plugins/Makefile 1443 tests/unit_tests/plugins/auth-pam/Makefile 1444 tests/unit_tests/engine-key/Makefile 1445 sample/Makefile 1446]) 1447AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh]) 1448AC_OUTPUT 1449