]> git.ipfire.org Git - thirdparty/openvpn.git/blame - configure.ac
projects / thirdparty / openvpn.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
documentation: improve documentation of --x509-track
[thirdparty/openvpn.git] / configure.ac
CommitLineData
6fbf66fa
JY		 1dnl OpenVPN -- An application to securely tunnel IP networks
2dnl over a single UDP port, with support for SSL/TLS-based
3dnl session authentication and key exchange,
4dnl packet encryption, packet authentication, and
5dnl packet compression.
6dnl
ccf9d572 7dnl Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
51bd56f4 8dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
6fbf66fa
JY		 9dnl
10dnl This program is free software; you can redistribute it and/or modify
11dnl it under the terms of the GNU General Public License as published by
12dnl the Free Software Foundation; either version 2 of the License, or
13dnl (at your option) any later version.
14dnl
15dnl This program is distributed in the hope that it will be useful,
16dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
17dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18dnl GNU General Public License for more details.
19dnl
caa54ac3
DS		 20dnl You should have received a copy of the GNU General Public License along
21dnl with this program; if not, write to the Free Software Foundation, Inc.,
22dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
6fbf66fa
JY		 23
24dnl Process this file with autoconf to produce a configure script.
25
51bd56f4 26AC_PREREQ(2.59)
6fbf66fa 27
ce351583 28m4_include(version.m4)
51bd56f4
ABL		 29AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME])
30m4_include(compat.m4)
98bc1a3e 31AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format])
9de35d46
DS		 32AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version])
33AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version])
34AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer])
6a40276c
DS		 35AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer])
36AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer])
37AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer])
98bc1a3e 38
51bd56f4 39AC_CONFIG_AUX_DIR([.])
631812fe 40AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h])
34cb9132 41AC_CONFIG_SRCDIR([src/openvpn/syshead.h])
0fc5b8b3 42AC_CONFIG_MACRO_DIR([m4])
c615835a 43
8b915c48
SN		 44dnl Automake 1.14+ warns if sources are in sub-directories but subdir-objects
45dnl options is not enabled. However, automake before 1.15a has a bug that causes
46dnl variable expansion to fail in foo_SOURCES when this option is used.
47dnl As most of our build systems are now likely to use automake 1.16+ add a
48dnl work around to conditionally add subdir-objects option.
49m4_define([subdir_objects], [
50 m4_esyscmd([automake --version |
51 head -1 |
52 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 16) { print "subdir-objects" }}'
53 ])
54])
55
83d6da50
MA		 56# This foreign option prevents autoreconf from overriding our COPYING and
57# INSTALL targets:
55d73959 58AM_INIT_AUTOMAKE(foreign subdir_objects 1.9) dnl NB: Do not [quote] this parameter.
51bd56f4
ABL		 59AC_CANONICAL_HOST
60AC_USE_SYSTEM_EXTENSIONS
6fbf66fa 61
51bd56f4
ABL		 62AC_ARG_ENABLE(
63 [lzo],
40a56e79 64 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])],
51bd56f4 65 ,
40a56e79 66 [enable_lzo="yes"]
6c34e74f
JY		 67)
68
24e1d8ff
FL		 69AC_ARG_ENABLE(
70 [lz4],
71 [AS_HELP_STRING([--disable-lz4], [disable LZ4 compression support @<:@default=yes@:>@])],
40efb635
GD		 72 [enable_lz4="$enableval"],
73 [enable_lz4="yes"]
74)
75
24e1d8ff
FL		 76AC_ARG_ENABLE(
77 [comp-stub],
78 [AS_HELP_STRING([--enable-comp-stub], [disable compression support but still allow limited interoperability with compression-enabled peers @<:@default=no@:>@])],
38d96bd7
JY		 79 [enable_comp_stub="$enableval"],
80 [enable_comp_stub="no"]
6fbf66fa
JY		 81)
82
c353af2f
SK		 83AC_ARG_ENABLE(
84 [ofb-cfb],
104360b4 85 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
c353af2f
SK		 86 ,
87 [enable_crypto_ofb_cfb="yes"]
88)
89
51bd56f4
ABL		 90AC_ARG_ENABLE(
91 [x509-alt-username],
709f7a1f 92 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])],
51bd56f4
ABL		 93 ,
94 [enable_x509_alt_username="no"]
6fbf66fa
JY		 95)
96
51bd56f4
ABL		 97AC_ARG_ENABLE(
98 [plugins],
709f7a1f 99 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
51bd56f4
ABL		 100 ,
101 [enable_plugins="yes"]
0c1f7ad5
DS		 102)
103
51bd56f4
ABL		 104AC_ARG_ENABLE(
105 [management],
709f7a1f 106 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])],
51bd56f4
ABL		 107 ,
108 [enable_management="yes"]
ce98fd24
JY		 109)
110
51bd56f4
ABL		 111AC_ARG_ENABLE(
112 [pkcs11],
709f7a1f 113 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])],
51bd56f4 114 ,
18b5fbdf 115 [enable_pkcs11="no"]
6fbf66fa
JY		 116)
117
51bd56f4
ABL		 118AC_ARG_ENABLE(
119 [fragment],
709f7a1f 120 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])],
51bd56f4
ABL		 121 ,
122 [enable_fragment="yes"]
8bc93d7f
JY		 123)
124
51bd56f4
ABL		 125AC_ARG_ENABLE(
126 [port-share],
709f7a1f 127 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])],
51bd56f4
ABL		 128 ,
129 [enable_port_share="yes"]
6fbf66fa
JY		 130)
131
51bd56f4
ABL		 132AC_ARG_ENABLE(
133 [debug],
709f7a1f 134 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])],
51bd56f4
ABL		 135 ,
136 [enable_debug="yes"]
6fbf66fa
JY		 137)
138
51bd56f4
ABL		 139AC_ARG_ENABLE(
140 [small],
104360b4 141 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])],
51bd56f4
ABL		 142 ,
143 [enable_small="no"]
6fbf66fa
JY		 144)
145
e34437c2
AQ		 146AC_ARG_ENABLE(
147 [dco],
2a1a21e3 148 [AS_HELP_STRING([--disable-dco], [disable data channel offload support using the ovpn-dco kernel module @<:@default=yes@:>@ on Linux/FreeBSD, can't disable on Windows])],
e34437c2 149 ,
2a1a21e3
FL		 150 [
151 case "$host" in
152 *-*-linux*)
153 enable_dco="auto"
154 ;;
155 *-*-freebsd*)
156 enable_dco="auto"
157 ;;
158 *)
159 # note that this does not disable it for Windows
160 enable_dco="no"
161 ;;
162 esac
163 ]
e34437c2
AQ		 164)
165
51bd56f4
ABL		 166AC_ARG_ENABLE(
167 [iproute2],
2a1a21e3 168 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 (disables DCO) @<:@default=no@:>@])],
51bd56f4
ABL		 169 ,
170 [enable_iproute2="no"]
fb7aa54a
JY		 171)
172
ce8271f5
ABL		 173AC_ARG_ENABLE(
174 [plugin-auth-pam],
5a57e201 175 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])],
ce8271f5 176 ,
5a57e201
ABL		 177 [
178 case "$host" in
179 *-*-openbsd*) enable_plugin_auth_pam="no";;
180 *-mingw*) enable_plugin_auth_pam="no";;
181 *) enable_plugin_auth_pam="yes";;
182 esac
183 ]
ce8271f5
ABL		 184)
185
186AC_ARG_ENABLE(
187 [plugin-down-root],
5a57e201
ABL		 188 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])],
189 ,
190 [
191 case "$host" in
192 *-mingw*) enable_plugin_down_root="no";;
193 *) enable_plugin_down_root="yes";;
194 esac
195 ]
ce8271f5
ABL		 196)
197
198AC_ARG_ENABLE(
199 [pam-dlopen],
200 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])],
201 ,
202 [enable_pam_dlopen="no"]
203)
204
51bd56f4
ABL		 205AC_ARG_ENABLE(
206 [strict],
709f7a1f 207 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])],
51bd56f4
ABL		 208 ,
209 [enable_strict="no"]
6fbf66fa
JY		 210)
211
51bd56f4
ABL		 212AC_ARG_ENABLE(
213 [pedantic],
709f7a1f 214 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])],
51bd56f4
ABL		 215 ,
216 [enable_pedantic="no"]
6fbf66fa
JY		 217)
218
51194ffd
SK		 219AC_ARG_ENABLE(
220 [werror],
42d9f324 221 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])],
51194ffd
SK		 222 ,
223 [enable_werror="no"]
224)
225
51bd56f4
ABL		 226AC_ARG_ENABLE(
227 [strict-options],
709f7a1f 228 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])],
51bd56f4
ABL		 229 ,
230 [enable_strict_options="no"]
6fbf66fa
JY		 231)
232
51bd56f4
ABL		 233AC_ARG_ENABLE(
234 [selinux],
709f7a1f 235 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])],
51bd56f4
ABL		 236 ,
237 [enable_selinux="no"]
99385447
JY		 238)
239
51bd56f4
ABL		 240AC_ARG_ENABLE(
241 [systemd],
ccb636c7 242 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])],
51bd56f4
ABL		 243 ,
244 [enable_systemd="no"]
9449e6a9
FC		 245)
246
0d1a75bf
LS		 247AC_ARG_ENABLE(
248 [async-push],
1a8f6b91 249 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])],
e62eccf0 250 ,
0d1a75bf
LS		 251 [enable_async_push="no"]
252)
253
10b4b65e
ABL		 254AC_ARG_WITH(
255 [special-build],
256 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
257 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])]
258)
259
51bd56f4
ABL		 260AC_ARG_WITH(
261 [mem-check],
709f7a1f 262 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])],
51bd56f4
ABL		 263 [
264 case "${withval}" in
265 dmalloc|valgrind|ssl|no) ;;
266 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;;
267 esac
268 ],
269 [with_mem_check="no"]
6fbf66fa
JY		 270)
271
51bd56f4 272AC_ARG_WITH(
9b33b5a4 273 [crypto-library],
f6dca235 274 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])],
51bd56f4 275 [
86d8cd68 276 case "${withval}" in
f6dca235 277 openssl|mbedtls|wolfssl) ;;
9b33b5a4 278 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
51bd56f4
ABL		 279 esac
280 ],
9b33b5a4 281 [with_crypto_library="openssl"]
0a180174 282)
0a180174 283
f6dca235
JS		 284AC_ARG_ENABLE(
285 [wolfssl-options-h],
286 [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])],
287 ,
288 [enable_wolfssl_options_h="yes"]
289)
290
0df2261d
AS		 291AC_ARG_WITH(
292 [openssl-engine],
293 [AS_HELP_STRING([--with-openssl-engine], [enable engine support with OpenSSL. Default enabled for OpenSSL < 3.0, auto,yes,no @<:@default=auto@:>@])],
294 [
295 case "${withval}" in
296 auto|yes|no) ;;
297 *) AC_MSG_ERROR([bad value ${withval} for --with-engine]) ;;
298 esac
299 ],
300 [with_openssl_engine="auto"]
301)
302
4590c383
CH		 303AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
304if test -n "${PLUGINDIR}"; then
305 plugindir="${PLUGINDIR}"
306else
307 plugindir="\${libdir}/openvpn/plugins"
308fi
ce8271f5 309
6440083e 310AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
c4d5bcd7 311AM_CONDITIONAL([TARGET_LINUX], [false])
86715242 312case "$host" in
51bd56f4
ABL		 313 *-*-linux*)
314 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?])
c4d5bcd7 315 AM_CONDITIONAL([TARGET_LINUX], [true])
51bd56f4 316 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix])
c6542257 317 have_sitnl="yes"
51bd56f4
ABL		 318 ;;
319 *-*-solaris*)
320 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?])
321 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix])
4e2038ed 322 CPPFLAGS="$CPPFLAGS -D_XPG4_2"
9c490c26 323 test -x /bin/bash && SHELL="/bin/bash"
51bd56f4
ABL		 324 ;;
325 *-*-openbsd*)
326 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
327 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix])
328 ;;
329 *-*-freebsd*)
330 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?])
331 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix])
332 ;;
333 *-*-netbsd*)
334 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?])
335 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix])
336 ;;
337 *-*-darwin*)
338 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?])
339 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix])
05f16e84 340 have_tap_header="yes"
e7303ace 341 ac_cv_type_struct_in_pktinfo=no
51bd56f4
ABL		 342 ;;
343 *-mingw*)
344 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?])
8b80cbc3 345 AC_DEFINE([ENABLE_DCO], [1], [DCO is always enabled on Windows])
51bd56f4 346 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix])
4b1a82db 347 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN"
5fcd4933 348 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA"
51bd56f4 349 WIN32=yes
51bd56f4
ABL		 350 ;;
351 *-*-dragonfly*)
352 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?])
353 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix])
354 ;;
42f13dc0
GD		 355 *-aix*)
356 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?])
357 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix])
358 ROUTE="/usr/sbin/route"
359 have_tap_header="yes"
360 ac_cv_header_net_if_h="no" # exists, but breaks things
361 ;;
51bd56f4
ABL		 362 *)
363 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
05f16e84 364 have_tap_header="yes"
51bd56f4 365 ;;
6fbf66fa
JY		 366esac
367
e3ad1fc4
SN		 368AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes")
369
51bd56f4
ABL		 370PKG_PROG_PKG_CONFIG
371AC_PROG_CPP
6fbf66fa 372AC_PROG_INSTALL
51bd56f4 373AC_PROG_LN_S
7046ff20 374AC_PROG_SED
51bd56f4 375AC_PROG_MAKE_SET
6fbf66fa 376
c3fc703d
ABL		 377AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility])
378AC_ARG_VAR([ROUTE], [full path to route utility])
379AC_ARG_VAR([IPROUTE], [full path to ip utility])
380AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
7046ff20 381AC_ARG_VAR([GIT], [path to git utility])
ba79c71d 382AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
ca5b4c2a 383AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@])
3de7be7b 384AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@])
c3fc703d
ABL		 385AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
386AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
387AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
ba79c71d 388AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin])
c3fc703d 389AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests
7046ff20 390AC_CHECK_PROGS([GIT], [git]) # optional
c3fc703d
ABL		 391AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool])
392AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool])
393AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool])
ba79c71d 394AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool])
c3fc703d 395
f500c49c
DS		 396#
397# man page generation - based on python-docutils
398#
399AC_ARG_VAR([RST2MAN], [path to rst2man utility])
400AC_ARG_VAR([RST2HTML], [path to rst2html utility])
b61d1988
AQ		 401AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py])
402AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py])
f500c49c
DS		 403AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"])
404
9223336a
SK		 405# Set -std=c99 unless user already specified a -std=
406case "${CFLAGS}" in
407 *-std=*) ;;
408 *) CFLAGS="${CFLAGS} -std=c99" ;;
409esac
410
98bc1a3e
ABL		 411#
412# Libtool
413#
414ifdef(
415 [LT_INIT],
416 [
417 LT_INIT([win32-dll])
418 LT_LANG([Windows Resource])
419 ],
420 [
421 AC_LIBTOOL_WIN32_DLL
422 AC_LIBTOOL_RC
423 AC_PROG_LIBTOOL
424 ]
425)
426
6fbf66fa
JY		 427AC_C_CONST
428AC_C_INLINE
429AC_C_VOLATILE
430AC_TYPE_OFF_T
431AC_TYPE_PID_T
432AC_TYPE_SIZE_T
433AC_TYPE_UID_T
0dbd45db 434AX_TYPE_SOCKLEN_T
51bd56f4
ABL		 435AC_CHECK_SIZEOF([unsigned int])
436AC_CHECK_SIZEOF([unsigned long])
437AC_CHECK_HEADERS([ \
8c18d7c9 438 fcntl.h io.h \
b8510baa
AS		 439 sys/types.h sys/socket.h \
440 unistd.h dlfcn.h \
dbd7e3be 441 netinet/in.h \
51bd56f4 442 netinet/tcp.h arpa/inet.h netdb.h \
51bd56f4 443])
cab53332 444AC_CHECK_HEADERS([ \
a2d747bb 445 sys/time.h sys/ioctl.h sys/stat.h \
f641637a 446 sys/mman.h sys/file.h sys/wait.h \
b8510baa 447 unistd.h libgen.h stropts.h \
76ccc62d 448 syslog.h pwd.h grp.h termios.h \
7cacdfd4 449 sys/sockio.h sys/uio.h linux/sockios.h \
4225114b 450 linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \
cab53332 451])
6fbf66fa 452
51bd56f4 453SOCKET_INCLUDES="
51bd56f4 454#include <stdlib.h>
51bd56f4
ABL		 455#ifdef HAVE_SYS_TYPES_H
456#include <sys/types.h>
457#endif
458#ifdef HAVE_SYS_SOCKET_H
459#include <sys/socket.h>
460#endif
7efa60d9
GD		 461#ifdef HAVE_NET_IF_H
462#include <net/if.h>
463#endif
51bd56f4
ABL		 464#ifdef HAVE_NETINET_IN_H
465#include <netinet/in.h>
466#endif
ba49c9a7 467#ifdef _WIN32
51bd56f4
ABL		 468#include <windows.h>
469#endif
ba49c9a7 470#ifdef _WIN32
51bd56f4
ABL		 471#include <winsock2.h>
472#endif
ba49c9a7 473#ifdef _WIN32
51bd56f4
ABL		 474#include <ws2tcpip.h>
475#endif
4025a595
ABL		 476#ifdef HAVE_NETINET_IP_H
477#include <netinet/ip.h>
478#endif
51bd56f4 479"
1bda73a7 480
cab53332 481AC_CHECK_HEADERS(
ddb1f20a 482 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h],
51bd56f4 483 ,
51bd56f4 484 ,
cab53332 485 [[${SOCKET_INCLUDES}]]
51bd56f4
ABL		 486)
487
488AC_CHECK_TYPES(
6fbf66fa 489 [in_addr_t],
51bd56f4
ABL		 490 ,
491 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])],
492 [[${SOCKET_INCLUDES}]]
493)
dd6714ae
GD		 494AC_CHECK_TYPES(
495 [in_port_t],
496 ,
497 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])],
498 [[${SOCKET_INCLUDES}]]
499)
6fbf66fa
JY		 500AC_CHECK_TYPE(
501 [struct iphdr],
7c0a2b5f 502 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])],
51bd56f4
ABL		 503 ,
504 [[${SOCKET_INCLUDES}]]
505)
6fbf66fa
JY		 506AC_CHECK_TYPE(
507 [struct msghdr],
7c0a2b5f 508 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])],
51bd56f4
ABL		 509 ,
510 [[${SOCKET_INCLUDES}]]
511)
6fbf66fa
JY		 512AC_CHECK_TYPE(
513 [struct cmsghdr],
7c0a2b5f 514 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])],
51bd56f4
ABL		 515 ,
516 [[${SOCKET_INCLUDES}]]
517)
8bc93d7f
JY		 518AC_CHECK_TYPE(
519 [struct in_pktinfo],
7c0a2b5f 520 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])],
51bd56f4
ABL		 521 ,
522 [[${SOCKET_INCLUDES}]]
523)
87b468d4
HH		 524AC_CHECK_TYPE(
525 [sa_family_t],
526 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])],
527 ,
528 [[${SOCKET_INCLUDES}]]
529)
7efa60d9
GD		 530AC_CHECK_MEMBER(
531 [struct in_pktinfo.ipi_spec_dst],
532 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])],
533 ,
534 [[${SOCKET_INCLUDES}]]
535)
51bd56f4
ABL		 536AC_CHECK_TYPE(
537 [struct sockaddr_in6],
538 ,
539 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])],
540 [[${SOCKET_INCLUDES}]]
541)
cab53332
ABL		 542AC_CHECK_DECLS(
543 [SO_MARK],
544 ,
545 ,
546 [[${SOCKET_INCLUDES}]]
547)
2a1a21e3 548AC_MSG_CHECKING([anonymous union support])
9223336a
SK		 549AC_COMPILE_IFELSE(
550 [AC_LANG_PROGRAM(
551 [[
552 struct mystruct {
553 union {
554 int m1;
555 char m2;
556 };
557 };
558 ]],
559 [[
560 struct mystruct s;
561 s.m1 = 1; s.m2 = 2;
562 ]]
563 )],
564 [
565 AC_MSG_RESULT([yes])
566 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions])
567 ],
568 [AC_MSG_RESULT([no])]
569)
51bd56f4 570
f91ab283
SN		 571saved_LDFLAGS="$LDFLAGS"
572LDFLAGS="$LDFLAGS -Wl,--wrap=exit"
573AC_MSG_CHECKING([linker supports --wrap])
574AC_LINK_IFELSE(
575 [AC_LANG_PROGRAM(
576 [[
577 void exit(int);
578 void __real_exit(int);
579 void __wrap_exit(int i) {
580 __real_exit(i);
581 }
582 ]],
583 [[
584 exit(0);
585 ]]
586 )],
587 [
588 AC_MSG_RESULT([yes])
589 have_ld_wrap_support=yes
590 ],
591 [AC_MSG_RESULT([no])],
592)
593LDFLAGS="$saved_LDFLAGS"
594
cab53332
ABL		 595dnl We emulate signals in Windows
596AC_CHECK_DECLS(
597 [SIGHUP],
51bd56f4 598 ,
cab53332
ABL		 599 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])],
600 [[
cab53332 601 #include <signal.h>
cab53332 602 ]]
51bd56f4 603)
cab53332
ABL		 604AC_CHECK_DECLS(
605 [SIGINT],
606 ,
607 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])],
608 [[
cab53332 609 #include <signal.h>
cab53332
ABL		 610 ]]
611)
612AC_CHECK_DECLS(
613 [SIGUSR1],
614 ,
615 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])],
616 [[
cab53332 617 #include <signal.h>
cab53332
ABL		 618 ]]
619)
620AC_CHECK_DECLS(
621 [SIGUSR2],
622 ,
623 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])],
624 [[
cab53332 625 #include <signal.h>
cab53332
ABL		 626 ]]
627)
628AC_CHECK_DECLS(
629 [SIGTERM],
630 ,
631 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])],
632 [[
cab53332 633 #include <signal.h>
cab53332
ABL		 634 ]]
635)
636
637AC_FUNC_FORK
638
51bd56f4 639AC_CHECK_FUNCS([ \
84e14209 640 daemon chroot getpwnam setuid nice system dup dup2 \
76ccc62d 641 syslog openlog mlockall getrlimit getgrnam setgid \
28871fec 642 setgroups flock time gettimeofday \
84e14209 643 setsid chdir \
ba49c9a7 644 chsize ftruncate execve getpeereid basename dirname access \
0a88ef8c 645 epoll_create strsep \
51bd56f4 646])
aee7428c
ABL		 647
648AC_CHECK_LIB(
649 [dl],
650 [dlopen],
651 [DL_LIBS="-ldl"]
652)
653AC_SUBST([DL_LIBS])
654
655AC_CHECK_LIB(
656 [nsl],
657 [inet_ntoa],
658 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"]
659)
660AC_CHECK_LIB(
661 [socket],
662 [socket],
663 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"]
664)
665AC_CHECK_LIB(
666 [resolv],
667 [gethostbyname],
668 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"]
669)
670AC_SUBST([SOCKETS_LIBS])
671
672old_LIBS="${LIBS}"
673LIBS="${LIBS} ${SOCKETS_LIBS}"
f96baabc 674AC_CHECK_FUNCS([sendmsg recvmsg])
17f91332 675
aee7428c 676LIBS="${old_LIBS}"
7647a48c 677
403dc434
GD		 678# we assume res_init() always exist, but need to find out *where*...
679AC_SEARCH_LIBS(__res_init, resolv bind, ,
680 AC_SEARCH_LIBS(res_9_init, resolv bind, ,
681 AC_SEARCH_LIBS(res_init, resolv bind, , )))
682
7cacdfd4
ABL		 683AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap])
684old_CFLAGS="${CFLAGS}"
685CFLAGS="${CFLAGS} ${TAP_CFLAGS}"
686AC_CHECK_HEADERS(
687 [ \
688 net/if_tun.h net/tun/if_tun.h \
689 linux/if_tun.h \
690 tap-windows.h \
691 ],
692 [have_tap_header="yes"]
693)
88f3a402
ABL		 694AC_CHECK_DECLS(
695 [TUNSETPERSIST],
696 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])],
697 ,
698 [[
699 #ifdef HAVE_LINUX_IF_TUN_H
700 #include <linux/if_tun.h>
701 #endif
702 ]]
703)
7cacdfd4
ABL		 704CFLAGS="${old_CFLAGS}"
705test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found])
706
cd5990e0
ABL		 707AC_CHECK_LIB(
708 [selinux],
709 [setcon],
710 [SELINUX_LIBS="-lselinux"]
711)
712AC_SUBST([SELINUX_LIBS])
713
ce8271f5
ABL		 714AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam])
715AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam])
716if test -z "${LIBPAM_LIBS}"; then
717 AC_CHECK_LIB(
718 [pam],
719 [pam_start],
720 [LIBPAM_LIBS="-lpam"]
721 )
722fi
723
51bd56f4
ABL		 724case "${with_mem_check}" in
725 valgrind)
fb69bfd0 726 AC_CHECK_HEADERS(
51bd56f4
ABL		 727 [valgrind/memcheck.h],
728 [
729 CFLAGS="${CFLAGS} -g -fno-inline"
730 AC_DEFINE(
731 [USE_VALGRIND],
732 [1],
733 [Use valgrind memory debugging library]
734 )
735 ],
736 [AC_MSG_ERROR([valgrind headers not found.])]
737 )
738 ;;
739 dmalloc)
fb69bfd0 740 AC_CHECK_HEADERS(
51bd56f4
ABL		 741 [dmalloc.h],
742 [AC_CHECK_LIB(
743 [dmalloc],
744 [malloc],
745 [
e02570fd 746 LIBS="${LIBS} -ldmalloc"
51bd56f4
ABL		 747 AC_DEFINE(
748 [DMALLOC],
749 [1],
750 [Use dmalloc memory debugging library]
751 )
752 ],
753 [AC_MSG_ERROR([dmalloc library not found.])]
754 )],
755 [AC_MSG_ERROR([dmalloc headers not found.])]
756 )
757 ;;
758 ssl)
759 AC_CHECK_LIB(
760 [ssl],
761 [CRYPTO_mem_ctrl],
762 [
763 AC_DEFINE(
764 [CRYPTO_MDEBUG],
765 [1],
766 [Use memory debugging function in OpenSSL]
767 )
768 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG])
769 ],
770 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])]
771 )
772 ;;
773esac
6fbf66fa 774
9a3f6702
SK		 775PKG_CHECK_MODULES(
776 [PKCS11_HELPER],
6575ad48 777 [libpkcs11-helper-1 >= 1.11],
9a3f6702
SK		 778 [have_pkcs11_helper="yes"],
779 []
780)
781
e34437c2 782
2a1a21e3
FL		 783if test "$enable_dco" != "no"; then
784 enable_dco_arg="$enable_dco"
785 if test "${enable_iproute2}" = "yes"; then
786 AC_MSG_WARN([DCO cannot be enabled when using iproute2])
787 enable_dco="no"
788 fi
e34437c2
AQ		 789 case "$host" in
790 *-*-linux*)
2a1a21e3
FL		 791 if test "$enable_dco" = "no"; then
792 if test "$enable_dco_arg" = "auto"; then
793 AC_MSG_WARN([DCO support disabled])
794 else
795 AC_MSG_ERROR([DCO support can't be enabled])
796 fi
797 else
798 dnl
799 dnl Include generic netlink library used to talk to ovpn-dco
800 dnl
801 PKG_CHECK_MODULES([LIBNL_GENL],
e34437c2
AQ		 802 [libnl-genl-3.0 >= 3.4.0],
803 [have_libnl="yes"],
2a1a21e3
FL		 804 [
805 AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO])
806 ]
807 )
808 CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}"
809 LIBS="${LIBS} ${LIBNL_GENL_LIBS}"
e34437c2 810
2a1a21e3
FL		 811 AC_DEFINE(ENABLE_DCO, 1, [Enable shared data channel offload])
812 AC_MSG_NOTICE([Enabled ovpn-dco support for Linux])
813 fi
e34437c2 814 ;;
f08fcc2f 815 *-*-freebsd*)
6f261673 816 AC_CHECK_HEADERS([net/if_ovpn.h],
2a1a21e3
FL		 817 [
818 LIBS="${LIBS} -lnv"
819 AC_DEFINE(ENABLE_DCO, 1, [Enable data channel offload for FreeBSD])
820 AC_MSG_NOTICE([Enabled ovpn-dco support for FreeBSD])
821 ],
822 [
823 enable_dco="no"
6f261673 824 AC_MSG_WARN([DCO header not found.])
2a1a21e3
FL		 825 ]
826 )
827 if test "$enable_dco" = "no"; then
828 if test "$enable_dco_arg" = "auto"; then
829 AC_MSG_WARN([DCO support disabled])
830 else
831 AC_MSG_ERROR([DCO support can't be enabled])
832 fi
833 fi
f08fcc2f 834 ;;
8b80cbc3
AQ		 835 *-mingw*)
836 AC_MSG_NOTICE([NOTE: --enable-dco ignored on Windows because it's always enabled])
837 ;;
e34437c2 838 *)
8b80cbc3 839 AC_MSG_NOTICE([Ignoring --enable-dco on non supported platform])
e34437c2
AQ		 840 ;;
841 esac
842fi
843
2e359a08
TR		 844dnl
845dnl Depend on libcap-ng on Linux
846dnl
847case "$host" in
848 *-*-linux*)
849 PKG_CHECK_MODULES([LIBCAPNG],
850 [libcap-ng],
851 [],
852 [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])]
853 )
854 AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])])
855
bd95104a 856 CFLAGS="${CFLAGS} ${LIBCAPNG_CFLAGS}"
2e359a08
TR		 857 LIBS="${LIBS} ${LIBCAPNG_LIBS}"
858 AC_DEFINE(HAVE_LIBCAPNG, 1, [Enable libcap-ng support])
859 ;;
860esac
861
862
cf49ff50 863if test "${with_crypto_library}" = "openssl"; then
31b0bebe
SK		 864 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL])
865 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL])
866
867 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then
868 # if the user did not explicitly specify flags, try to autodetect
869 PKG_CHECK_MODULES(
870 [OPENSSL],
ec7d0e8e 871 [openssl >= 1.0.2],
79ea67f7
DS		 872 [have_openssl="yes"],
873 [] # If this fails, we will do another test next
31b0bebe 874 )
31b0bebe
SK		 875 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
876 fi
9b33b5a4 877
9b33b5a4
ABL		 878 saved_CFLAGS="${CFLAGS}"
879 saved_LIBS="${LIBS}"
31b0bebe
SK		 880 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}"
881 LIBS="${LIBS} ${OPENSSL_LIBS}"
882
79ea67f7
DS		 883 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars
884 # are used, check the version directly in the OpenSSL include file
885 if test "${have_openssl}" != "yes"; then
ec7d0e8e 886 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2])
79ea67f7
DS		 887 AC_COMPILE_IFELSE(
888 [AC_LANG_PROGRAM(
889 [[
890#include <openssl/opensslv.h>
891 ]],
892 [[
893/* Version encoding: MNNFFPPS - see opensslv.h for details */
ec7d0e8e 894#if OPENSSL_VERSION_NUMBER < 0x10002000L
79ea67f7
DS		 895#error OpenSSL too old
896#endif
897 ]]
898 )],
899 [AC_MSG_RESULT([ok])],
900 [AC_MSG_ERROR([OpenSSL version too old])]
901 )
902 fi
903
6ea62d50 904 AC_CHECK_FUNCS([SSL_CTX_new],
31b0bebe
SK		 905 ,
906 [AC_MSG_ERROR([openssl check failed])]
907 )
908
0df2261d
AS		 909 if test "${with_openssl_engine}" = "auto"; then
910 AC_COMPILE_IFELSE(
911 [AC_LANG_PROGRAM(
912 [[
913 #include <openssl/opensslv.h>
34bf473e 914 #include <openssl/opensslconf.h>
0df2261d
AS		 915 ]],
916 [[
917 /* Version encoding: MNNFFPPS - see opensslv.h for details */
918 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
34bf473e 919 #error Engine support disabled by default in OpenSSL 3.0+
920 #endif
921
922 /* BoringSSL and LibreSSL >= 3.8.1 removed engine support */
923 #ifdef OPENSSL_NO_ENGINE
924 #error Engine support disabled in openssl/opensslconf.h
0df2261d
AS		 925 #endif
926 ]]
927 )],
928 [have_openssl_engine="yes"],
929 [have_openssl_engine="no"]
930 )
931 if test "${have_openssl_engine}" = "yes"; then
932 AC_CHECK_FUNCS(
933 [ \
9b33b5a4
ABL		 934 ENGINE_load_builtin_engines \
935 ENGINE_register_all_complete \
0df2261d
AS		 936 ],
937 ,
938 [have_openssl_engine="no"; break]
939 )
940 fi
941 else
942 have_openssl_engine="${with_openssl_engine}"
943 if test "${have_openssl_engine}" = "yes"; then
944 AC_CHECK_FUNCS(
945 [ \
946 ENGINE_load_builtin_engines \
947 ENGINE_register_all_complete \
948 ],
949 ,
950 [AC_MSG_ERROR([OpenSSL engine support not found])]
6b5dbf6c 951 )
0df2261d 952 fi
6b5dbf6c 953 fi
31b0bebe
SK		 954 if test "${have_openssl_engine}" = "yes"; then
955 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available])
956 fi
9b33b5a4 957
91d84530 958 AC_CHECK_FUNC(
66407e11
SK		 959 [EVP_aes_256_gcm],
960 ,
94edc7c5 961 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])]
66407e11
SK		 962 )
963
ec7d0e8e
AS		 964 # All supported OpenSSL version (>= 1.0.2)
965 # have this feature
5defbba4 966 have_export_keying_material="yes"
5defbba4 967
9b33b5a4
ABL		 968 CFLAGS="${saved_CFLAGS}"
969 LIBS="${saved_LIBS}"
9b33b5a4 970
31b0bebe
SK		 971 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
972 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}"
973 CRYPTO_LIBS="${OPENSSL_LIBS}"
cf49ff50 974elif test "${with_crypto_library}" = "mbedtls"; then
86d8cd68
SK		 975 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls])
976 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls])
31b0bebe 977
417fe4a7
SK		 978 saved_CFLAGS="${CFLAGS}"
979 saved_LIBS="${LIBS}"
980
86d8cd68 981 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then
e860059b 982 # if the user did not explicitly specify flags, try to autodetect
1ae17b7e 983 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"
86d8cd68
SK		 984 AC_CHECK_LIB(
985 [mbedtls],
986 [mbedtls_ssl_init],
1ae17b7e 987 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
86d8cd68 988 [AC_MSG_ERROR([Could not find mbed TLS.])],
31b0bebe
SK		 989 [${PKCS11_HELPER_LIBS}]
990 )
991 fi
9b33b5a4 992
86d8cd68
SK		 993 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}"
994 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}"
417fe4a7 995
86d8cd68 996 AC_MSG_CHECKING([mbedtls version])
13b38eb0
ABL		 997 AC_COMPILE_IFELSE(
998 [AC_LANG_PROGRAM(
999 [[
86d8cd68 1000#include <mbedtls/version.h>
13b38eb0
ABL		 1001 ]],
1002 [[
ace7a4f1 1003#if MBEDTLS_VERSION_NUMBER < 0x02000000 || (MBEDTLS_VERSION_NUMBER >= 0x03000000 && MBEDTLS_VERSION_NUMBER < 0x03020100)
9a3f6702 1004#error invalid version
13b38eb0
ABL		 1005#endif
1006 ]]
1007 )],
1008 [AC_MSG_RESULT([ok])],
ace7a4f1 1009 [AC_MSG_ERROR([mbed TLS version >= 2.0.0 or >= 3.2.1 required])]
13b38eb0 1010 )
9a3f6702 1011
b5faf1b2
MF		 1012 AC_CHECK_HEADER(
1013 psa/crypto.h,
1014 [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [1], [yes])],
1015 [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [0], [no])]
1016 )
ace7a4f1 1017
66407e11
SK		 1018 AC_CHECK_FUNCS(
1019 [ \
86d8cd68
SK		 1020 mbedtls_cipher_write_tag \
1021 mbedtls_cipher_check_tag \
66407e11
SK		 1022 ],
1023 ,
94edc7c5 1024 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])]
66407e11
SK		 1025 )
1026
b5faf1b2
MF		 1027 AC_CHECK_FUNC(
1028 [mbedtls_ssl_tls_prf],
1029 [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [1], [yes])],
1030 [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [0], [no])]
1031 )
1032
5defbba4 1033 have_export_keying_material="yes"
91d84530 1034 AC_CHECK_FUNC(
5defbba4 1035 [mbedtls_ssl_conf_export_keys_ext_cb],
b5faf1b2
MF		 1036 [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [1], [yes])],
1037 [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [0], [no])]
5defbba4 1038 )
b5faf1b2
MF		 1039 if test "x$ac_cv_func_mbedtls_ssl_conf_export_keys_ext_cb" != xyes; then
1040 AC_CHECK_FUNC(
1041 [mbedtls_ssl_set_export_keys_cb],
1042 [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [1], [yes])],
1043 [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [0], [no])]
1044 )
1045 if test "x$ac_cv_func_mbedtls_ssl_set_export_keys_cb" != xyes; then
1046 have_export_keying_material="no"
1047 fi
1048 fi
5defbba4 1049
2b9bbaad
AQ		 1050 AC_CHECK_FUNC(
1051 [mbedtls_ctr_drbg_update_ret],
b5faf1b2 1052 AC_DEFINE([HAVE_MBEDTLS_CTR_DRBG_UPDATE_RET], [1],
2b9bbaad
AQ		 1053 [Use mbedtls_ctr_drbg_update_ret from mbed TLS]),
1054 )
1055
31b0bebe
SK		 1056 CFLAGS="${saved_CFLAGS}"
1057 LIBS="${saved_LIBS}"
86d8cd68
SK		 1058 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
1059 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
1060 CRYPTO_LIBS="${MBEDTLS_LIBS}"
f6dca235
JS		 1061
1062elif test "${with_crypto_library}" = "wolfssl"; then
1063 AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should
1064 contain the regular wolfSSL header files but also the
1065 wolfSSL OpenSSL header files. Ex: -I/usr/local/include
1066 -I/usr/local/include/wolfssl])
1067 AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl])
1068
1069 saved_CFLAGS="${CFLAGS}"
1070 saved_LIBS="${LIBS}"
1071
1072 if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then
1073 # if the user did not explicitly specify flags, try to autodetect
1074 PKG_CHECK_MODULES(
1075 [WOLFSSL],
1076 [wolfssl],
1077 [],
1078 [AC_MSG_ERROR([Could not find wolfSSL.])]
1079 )
1080 PKG_CHECK_VAR(
1081 [WOLFSSL_INCLUDEDIR],
1082 [wolfssl],
1083 [includedir],
1084 [],
1085 [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])]
1086 )
1087 WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl"
1088 fi
1089 saved_CFLAGS="${CFLAGS}"
1090 saved_LIBS="${LIBS}"
1091 CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}"
1092 LIBS="${LIBS} ${WOLFSSL_LIBS}"
1093
1094 AC_CHECK_LIB(
1095 [wolfssl],
1096 [wolfSSL_Init],
1097 [],
1098 [AC_MSG_ERROR([Could not link wolfSSL library.])]
1099 )
1100 AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
1101
1102 # wolfSSL signal EKM support
1103 have_export_keying_material="yes"
1104
f6dca235
JS		 1105 if test "${enable_wolfssl_options_h}" = "yes"; then
1106 AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
1107 else
1108 AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library])
1109 fi
1110
1111 have_export_keying_material="yes"
1112
1113 CFLAGS="${saved_CFLAGS}"
1114 LIBS="${saved_LIBS}"
1115
1116 AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library])
1117 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer])
1118 CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}"
1119 CRYPTO_LIBS="${WOLFSSL_LIBS}"
cf49ff50 1120else
31b0bebe 1121 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
13b38eb0
ABL		 1122fi
1123
74bbc71b
ABL		 1124AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo])
1125AC_ARG_VAR([LZO_LIBS], [linker flags for lzo])
1126have_lzo="yes"
1127if test -z "${LZO_LIBS}"; then
1128 AC_CHECK_LIB(
1129 [lzo2],
1130 [lzo1x_1_15_compress],
1131 [LZO_LIBS="-llzo2"],
1132 [AC_CHECK_LIB(
1133 [lzo],
1134 [lzo1x_1_15_compress],
1135 [LZO_LIBS="-llzo"],
1136 [have_lzo="no"]
1137 )]
1138 )
1139fi
1140if test "${have_lzo}" = "yes"; then
1141 saved_CFLAGS="${CFLAGS}"
1142 CFLAGS="${CFLAGS} ${LZO_CFLAGS}"
1143 AC_CHECK_HEADERS(
1144 [lzo/lzoutil.h],
1145 ,
1146 [AC_CHECK_HEADERS(
1147 [lzoutil.h],
1148 ,
1149 [AC_MSG_ERROR([lzoutil.h is missing])]
1150 )]
1151 )
1152 AC_CHECK_HEADERS(
1153 [lzo/lzo1x.h],
1154 ,
1155 [AC_CHECK_HEADERS(
1156 [lzo1x.h],
1157 ,
1158 [AC_MSG_ERROR([lzo1x.h is missing])]
1159 )]
1160 )
1161 CFLAGS="${saved_CFLAGS}"
6fbf66fa
JY		 1162fi
1163
40efb635
GD		 1164dnl
1165dnl check for LZ4 library
1166dnl
1167
1168AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
1169AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
1170if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
5f6225c3
DS		 1171 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
1172 # if the user did not explicitly specify flags, try to autodetect
1173 PKG_CHECK_MODULES([LZ4],
f91e4863 1174 [liblz4 >= 1.7.1 liblz4 < 100],
5f6225c3 1175 [have_lz4="yes"],
e5b279f1
DS		 1176 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
1177 # We also add set LZ4_LIBS otherwise the
1178 # linker will not know about the lz4 library
5f6225c3
DS		 1179 )
1180 fi
1181
1182 saved_CFLAGS="${CFLAGS}"
1183 saved_LIBS="${LIBS}"
1184 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
1185 LIBS="${LIBS} ${LZ4_LIBS}"
1186
1187 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
1188 # are used, check the version directly in the LZ4 include file
1189 if test "${have_lz4}" != "yes"; then
1190 AC_CHECK_HEADERS([lz4.h],
1191 [have_lz4h="yes"],
1192 [])
1193
1194 if test "${have_lz4h}" = "yes" ; then
1195 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
1196 AC_COMPILE_IFELSE(
1197 [AC_LANG_PROGRAM([[
1198#include <lz4.h>
1199 ]],
1200 [[
1201/* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
1202#if LZ4_VERSION_NUMBER < 10701L
1203#error LZ4 is too old
1204#endif
1205 ]]
1206 )],
1207 [
1208 AC_MSG_RESULT([ok])
1209 have_lz4="yes"
1210 ],
24596b25 1211 [AC_MSG_ERROR([system LZ4 library is too old])]
5f6225c3
DS		 1212 )
1213 fi
1214 fi
40efb635 1215
f91e4863
DS		 1216 # Double check we have a few needed functions
1217 if test "${have_lz4}" = "yes" ; then
5f6225c3 1218 AC_CHECK_LIB([lz4],
f91e4863
DS		 1219 [LZ4_compress_default],
1220 [],
1221 [have_lz4="no"])
1222 AC_CHECK_LIB([lz4],
1223 [LZ4_decompress_safe],
1224 [],
5f6225c3 1225 [have_lz4="no"])
40efb635
GD		 1226 fi
1227
5f6225c3 1228 if test "${have_lz4}" != "yes" ; then
24596b25 1229 AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4])
4308f237 1230 LZ4_LIBS=""
40efb635
GD		 1231 fi
1232 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
1233 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
5f6225c3 1234 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
40efb635 1235 CFLAGS="${saved_CFLAGS}"
5f6225c3 1236 LIBS="${saved_LIBS}"
40efb635
GD		 1237fi
1238
1239
f33ee6bc
DS		 1240dnl
1241dnl Check for systemd
1242dnl
3280d8c8 1243AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"])
f33ee6bc
DS		 1244if test "$enable_systemd" = "yes" ; then
1245 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd],
1246 [],
1247 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
1248 )
8ba3e258
DS		 1249
1250 PKG_CHECK_EXISTS( [libsystemd > 216],
1251 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1],
1252 [systemd is newer than v216])]
1253 )
1254
f33ee6bc
DS		 1255 AC_CHECK_HEADERS(systemd/sd-daemon.h,
1256 ,
1257 [
1258 AC_MSG_ERROR([systemd development headers not found.])
1259 ])
1260
1261 saved_LIBS="${LIBS}"
1262 LIBS="${LIBS} ${libsystemd_LIBS}"
1263 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])])
1264 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
1265 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
1266 LIBS="${saved_LIBS}"
ca5b4c2a
CH		 1267
1268 if test -n "${SYSTEMD_UNIT_DIR}"; then
1269 systemdunitdir="${SYSTEMD_UNIT_DIR}"
1270 else
1271 systemdunitdir="\${libdir}/systemd/system"
1272 fi
3de7be7b
CH		 1273
1274 if test -n "${TMPFILES_DIR}"; then
1275 tmpfilesdir="${TMPFILES_DIR}"
1276 else
1277 tmpfilesdir="\${libdir}/tmpfiles.d"
1278 fi
f33ee6bc 1279fi
40efb635 1280
38d96bd7 1281
7046ff20
ABL		 1282AC_MSG_CHECKING([git checkout])
1283GIT_CHECKOUT="no"
1284if test -n "${GIT}" -a -d "${srcdir}/.git"; then
1285 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h])
1286 GIT_CHECKOUT="yes"
1287fi
1288AC_MSG_RESULT([${GIT_CHECKOUT}])
1289
51bd56f4
ABL		 1290dnl enable --x509-username-field feature if requested
1291if test "${enable_x509_alt_username}" = "yes"; then
86d8cd68
SK		 1292 if test "${with_crypto_library}" = "mbedtls" ; then
1293 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature])
51bd56f4
ABL		 1294 fi
1295
1296 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature])
1297fi
1298
51bd56f4 1299test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
51bd56f4
ABL		 1300test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
1301test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size])
1302test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
1303test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
c3fc703d 1304
cf49ff50 1305test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
5defbba4
SK		 1306if test "${have_export_keying_material}" = "yes"; then
1307 AC_DEFINE(
1308 [HAVE_EXPORT_KEYING_MATERIAL], [1],
1309 [Crypto library supports keying material exporter]
1310 )
1311fi
cf49ff50
AQ		 1312OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
1313OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
9b33b5a4 1314
bdae4110 1315if test "${enable_plugins}" = "yes"; then
bdae4110 1316 OPTIONAL_DL_LIBS="${DL_LIBS}"
8065cd1c 1317 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support])
ce8271f5
ABL		 1318else
1319 enable_plugin_auth_pam="no"
1320 enable_plugin_down_root="no"
bdae4110
ABL		 1321fi
1322
1e894662
AQ		 1323AM_CONDITIONAL([HAVE_SITNL], [false])
1324
c3fc703d 1325if test "${enable_iproute2}" = "yes"; then
e34437c2 1326 test "${enable_dco}" = "yes" && AC_MSG_ERROR([iproute2 support cannot be enabled when using DCO])
c3fc703d
ABL		 1327 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing])
1328 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support])
c6542257
AQ		 1329else if test "${have_sitnl}" = "yes"; then
1330 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support])
1e894662 1331 AM_CONDITIONAL([HAVE_SITNL], [true])
c6542257
AQ		 1332else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then
1333 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing])
1334 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing])
1335fi
1336fi
c3fc703d 1337fi
51bd56f4 1338
cd5990e0
ABL		 1339if test "${enable_selinux}" = "yes"; then
1340 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing])
1341 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}"
1342 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support])
1343fi
1344
74bbc71b
ABL		 1345if test "${enable_lzo}" = "yes"; then
1346 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing])
1347 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}"
1348 OPTIONAL_LZO_LIBS="${LZO_LIBS}"
1349 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1350fi
38d96bd7
JY		 1351if test "${enable_comp_stub}" = "yes"; then
1352 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)])
40efb635 1353 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)])
38d96bd7 1354 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability])
07084261
ABL		 1355fi
1356
3013fde1 1357AM_CONDITIONAL([HAVE_SOFTHSM2], [false])
18b5fbdf
ABL		 1358if test "${enable_pkcs11}" = "yes"; then
1359 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
18b5fbdf
ABL		 1360 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
1361 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
1362 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
3c6d3220
DW		 1363 PKG_CHECK_MODULES(
1364 [P11KIT],
1365 [p11-kit-1],
1366 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`"
1367 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])],
1368 []
1369 )
3013fde1
SN		 1370 #
1371 # softhsm2 for pkcs11 tests
1372 #
1373 AC_ARG_VAR([P11TOOL], [full path to p11tool])
1374 AC_PATH_PROGS([P11TOOL], [p11tool],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1375 AC_DEFINE_UNQUOTED([P11TOOL_PATH], ["$P11TOOL"], [Path to p11tool])
1376 AC_ARG_VAR([SOFTHSM2_UTIL], [full path to softhsm2-util])
1377 AC_ARG_VAR([SOFTHSM2_MODULE], [full path to softhsm2 module @<:@default=/usr/lib/softhsm/libsofthsm2.so@:>@])
1378 AC_PATH_PROGS([SOFTHSM2_UTIL], [softhsm2-util],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1379 test -z "$SOFTHSM2_MODULE" && SOFTHSM2_MODULE=/usr/lib/softhsm/libsofthsm2.so
1380 AC_DEFINE_UNQUOTED([SOFTHSM2_UTIL_PATH], ["$SOFTHSM2_UTIL"], [Path to softhsm2-util])
1381 AC_DEFINE_UNQUOTED([SOFTHSM2_MODULE_PATH], ["$SOFTHSM2_MODULE"], [Path to softhsm2 module])
1382 if test "${with_crypto_library}" = "openssl"; then
1383 AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${P11TOOL}" -a "${SOFTHSM2_UTIL}" -a "${SOFTHSM2_MODULE}"])
1384 fi
18b5fbdf
ABL		 1385fi
1386
fb8033d4
SN		 1387# When testing a compiler option, we add -Werror to force
1388# an error when the option is unsupported. This is not
1389# required for gcc, but some compilers such as clang needs it.
6a5d10e9
SK		 1390AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [
1391 old_cflags="$CFLAGS"
fb8033d4
SN		 1392 CFLAGS="$1 -Werror $CFLAGS"
1393 AC_MSG_CHECKING([whether the compiler accepts $1])
1394 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags",
6a5d10e9 1395 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])]
adbf68c0 1396)
6a5d10e9 1397
46d09607 1398ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation])
6a5d10e9 1399ACL_CHECK_ADD_COMPILE_FLAGS([-Wall])
adbf68c0 1400
51bd56f4
ABL		 1401if test "${enable_pedantic}" = "yes"; then
1402 enable_strict="yes"
31444111 1403 CFLAGS="${CFLAGS} -pedantic"
058f0efd 1404 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode])
51bd56f4
ABL		 1405fi
1406if test "${enable_strict}" = "yes"; then
adbf68c0 1407 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized"
99385447 1408fi
51194ffd
SK		 1409if test "${enable_werror}" = "yes"; then
1410 CFLAGS="${CFLAGS} -Werror"
1411fi
99385447 1412
ce8271f5
ABL		 1413if test "${enable_plugin_auth_pam}" = "yes"; then
1414 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}"
1415 if test "${enable_pam_dlopen}" = "yes"; then
1416 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam])
1417 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}"
1418 else
1419 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing])
1420 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}"
1421 fi
1422fi
1423
0d1a75bf 1424if test "${enable_async_push}" = "yes"; then
e1eb630d
LS		 1425 case "$host" in
1426 *-*-freebsd*)
1427 PKG_CHECK_MODULES(
1428 [OPTIONAL_INOTIFY],
1429 [libinotify],
1430 [
1431 AC_DEFINE([HAVE_SYS_INOTIFY_H])
1432 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push])
1433 ]
1434 )
1435 ;;
1436 *)
1437 AC_CHECK_HEADERS(
1438 [sys/inotify.h],
1439 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]),
1440 AC_MSG_ERROR([inotify.h not found.])
1441 )
1442 ;;
1443 esac
0d1a75bf
LS		 1444fi
1445
fcff80aa
ABL		 1446CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
1447AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
1448
ac2447cd
ABL		 1449TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID"
1450TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR"
1451TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR"
1452AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id])
1453AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN])
1454AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN])
1455AC_SUBST([TAP_WIN_COMPONENT_ID])
1456AC_SUBST([TAP_WIN_MIN_MAJOR])
1457AC_SUBST([TAP_WIN_MIN_MINOR])
1bda73a7 1458
bdae4110 1459AC_SUBST([OPTIONAL_DL_LIBS])
cd5990e0 1460AC_SUBST([OPTIONAL_SELINUX_LIBS])
9b33b5a4
ABL		 1461AC_SUBST([OPTIONAL_CRYPTO_CFLAGS])
1462AC_SUBST([OPTIONAL_CRYPTO_LIBS])
74bbc71b
ABL		 1463AC_SUBST([OPTIONAL_LZO_CFLAGS])
1464AC_SUBST([OPTIONAL_LZO_LIBS])
40efb635
GD		 1465AC_SUBST([OPTIONAL_LZ4_CFLAGS])
1466AC_SUBST([OPTIONAL_LZ4_LIBS])
f33ee6bc 1467AC_SUBST([OPTIONAL_SYSTEMD_LIBS])
18b5fbdf
ABL		 1468AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS])
1469AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS])
e1eb630d
LS		 1470AC_SUBST([OPTIONAL_INOTIFY_CFLAGS])
1471AC_SUBST([OPTIONAL_INOTIFY_LIBS])
bdae4110 1472
ce8271f5
ABL		 1473AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS])
1474AC_SUBST([PLUGIN_AUTH_PAM_LIBS])
1475
51bd56f4 1476AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
7046ff20 1477AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
ce8271f5
ABL		 1478AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
1479AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
f91ab283 1480AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"])
542c69c3 1481AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
1bda73a7 1482
880a2ae9 1483sampledir="\$(docdir)/sample"
ce8271f5 1484AC_SUBST([plugindir])
880a2ae9
ABL		 1485AC_SUBST([sampledir])
1486
ca5b4c2a 1487AC_SUBST([systemdunitdir])
3de7be7b 1488AC_SUBST([tmpfilesdir])
ca5b4c2a 1489
222e6917
GD		 1490AC_ARG_ENABLE(
1491 [unit-tests],
1492 [AS_HELP_STRING([--disable-unit-tests],
1493 [Disables building and running the unit tests suite])],
1494 [],
1495 [enable_unit_tests="yes"]
1496)
1497
1498# Check if cmocka is available - needed for unit testing
1499PKG_CHECK_MODULES(
1500 [CMOCKA], [cmocka],
1501 [have_cmocka="yes"],
1502 [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])]
1503)
1504AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ])
1505AC_SUBST([ENABLE_UNITTESTS])
1506
7473f326 1507TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}"
222e6917 1508TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}"
7473f326
SK		 1509TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}"
1510TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}"
222e6917 1511TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}"
40cb4cfc
JN		 1512
1513AC_SUBST([TEST_LDFLAGS])
1514AC_SUBST([TEST_CFLAGS])
1515
51bd56f4 1516AC_CONFIG_FILES([
1bda73a7 1517 Makefile
98bc1a3e 1518 build/Makefile
34cb9132 1519 distro/Makefile
ca5b4c2a 1520 distro/systemd/Makefile
66bf378e
SK		 1521 doc/Makefile
1522 doc/doxygen/Makefile
1523 doc/doxygen/openvpn.doxyfile
34cb9132 1524 include/Makefile
0b5141d8 1525 sample/sample-plugins/Makefile
34cb9132 1526 src/Makefile
dc81e743 1527 src/compat/Makefile
34cb9132 1528 src/openvpn/Makefile
ce68686f 1529 src/openvpnmsica/Makefile
34cb9132 1530 src/openvpnserv/Makefile
ce8271f5
ABL		 1531 src/plugins/Makefile
1532 src/plugins/auth-pam/Makefile
1533 src/plugins/down-root/Makefile
ce68686f 1534 src/tapctl/Makefile
34cb9132 1535 tests/Makefile
40cb4cfc
JN		 1536 tests/unit_tests/Makefile
1537 tests/unit_tests/example_test/Makefile
698e268a 1538 tests/unit_tests/openvpn/Makefile
ac42df1a
SK		 1539 tests/unit_tests/plugins/Makefile
1540 tests/unit_tests/plugins/auth-pam/Makefile
34cb9132 1541 sample/Makefile
1bda73a7 1542])
34cb9132 1543AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])
51bd56f4 1544AC_OUTPUT
Mirror of https://github.com/OpenVPN/openvpn.git