]>
Commit | Line | Data |
---|---|---|
6fbf66fa JY |
1 | dnl OpenVPN -- An application to securely tunnel IP networks |
2 | dnl over a single UDP port, with support for SSL/TLS-based | |
3 | dnl session authentication and key exchange, | |
4 | dnl packet encryption, packet authentication, and | |
5 | dnl packet compression. | |
6 | dnl | |
ccf9d572 | 7 | dnl Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net> |
51bd56f4 | 8 | dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com> |
6fbf66fa JY |
9 | dnl |
10 | dnl This program is free software; you can redistribute it and/or modify | |
11 | dnl it under the terms of the GNU General Public License as published by | |
12 | dnl the Free Software Foundation; either version 2 of the License, or | |
13 | dnl (at your option) any later version. | |
14 | dnl | |
15 | dnl This program is distributed in the hope that it will be useful, | |
16 | dnl but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
18 | dnl GNU General Public License for more details. | |
19 | dnl | |
caa54ac3 DS |
20 | dnl You should have received a copy of the GNU General Public License along |
21 | dnl with this program; if not, write to the Free Software Foundation, Inc., | |
22 | dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
6fbf66fa JY |
23 | |
24 | dnl Process this file with autoconf to produce a configure script. | |
25 | ||
51bd56f4 | 26 | AC_PREREQ(2.59) |
6fbf66fa | 27 | |
ce351583 | 28 | m4_include(version.m4) |
51bd56f4 ABL |
29 | AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME]) |
30 | m4_include(compat.m4) | |
98bc1a3e | 31 | AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format]) |
9de35d46 DS |
32 | AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version]) |
33 | AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version]) | |
34 | AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer]) | |
6a40276c DS |
35 | AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer]) |
36 | AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer]) | |
37 | AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer]) | |
98bc1a3e | 38 | |
51bd56f4 | 39 | AC_CONFIG_AUX_DIR([.]) |
631812fe | 40 | AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h]) |
34cb9132 | 41 | AC_CONFIG_SRCDIR([src/openvpn/syshead.h]) |
0fc5b8b3 | 42 | AC_CONFIG_MACRO_DIR([m4]) |
c615835a | 43 | |
8b915c48 SN |
44 | dnl Automake 1.14+ warns if sources are in sub-directories but subdir-objects |
45 | dnl options is not enabled. However, automake before 1.15a has a bug that causes | |
46 | dnl variable expansion to fail in foo_SOURCES when this option is used. | |
47 | dnl As most of our build systems are now likely to use automake 1.16+ add a | |
48 | dnl work around to conditionally add subdir-objects option. | |
49 | m4_define([subdir_objects], [ | |
50 | m4_esyscmd([automake --version | | |
51 | head -1 | | |
52 | awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 16) { print "subdir-objects" }}' | |
53 | ]) | |
54 | ]) | |
55 | ||
83d6da50 MA |
56 | # This foreign option prevents autoreconf from overriding our COPYING and |
57 | # INSTALL targets: | |
55d73959 | 58 | AM_INIT_AUTOMAKE(foreign subdir_objects 1.9) dnl NB: Do not [quote] this parameter. |
51bd56f4 ABL |
59 | AC_CANONICAL_HOST |
60 | AC_USE_SYSTEM_EXTENSIONS | |
6fbf66fa | 61 | |
51bd56f4 ABL |
62 | AC_ARG_ENABLE( |
63 | [lzo], | |
40a56e79 | 64 | [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])], |
51bd56f4 | 65 | , |
40a56e79 | 66 | [enable_lzo="yes"] |
6c34e74f JY |
67 | ) |
68 | ||
24e1d8ff FL |
69 | AC_ARG_ENABLE( |
70 | [lz4], | |
71 | [AS_HELP_STRING([--disable-lz4], [disable LZ4 compression support @<:@default=yes@:>@])], | |
40efb635 GD |
72 | [enable_lz4="$enableval"], |
73 | [enable_lz4="yes"] | |
74 | ) | |
75 | ||
24e1d8ff FL |
76 | AC_ARG_ENABLE( |
77 | [comp-stub], | |
78 | [AS_HELP_STRING([--enable-comp-stub], [disable compression support but still allow limited interoperability with compression-enabled peers @<:@default=no@:>@])], | |
38d96bd7 JY |
79 | [enable_comp_stub="$enableval"], |
80 | [enable_comp_stub="no"] | |
6fbf66fa JY |
81 | ) |
82 | ||
c353af2f SK |
83 | AC_ARG_ENABLE( |
84 | [ofb-cfb], | |
104360b4 | 85 | [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])], |
c353af2f SK |
86 | , |
87 | [enable_crypto_ofb_cfb="yes"] | |
88 | ) | |
89 | ||
51bd56f4 ABL |
90 | AC_ARG_ENABLE( |
91 | [x509-alt-username], | |
709f7a1f | 92 | [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])], |
51bd56f4 ABL |
93 | , |
94 | [enable_x509_alt_username="no"] | |
6fbf66fa JY |
95 | ) |
96 | ||
51bd56f4 ABL |
97 | AC_ARG_ENABLE( |
98 | [plugins], | |
709f7a1f | 99 | [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])], |
51bd56f4 ABL |
100 | , |
101 | [enable_plugins="yes"] | |
0c1f7ad5 DS |
102 | ) |
103 | ||
51bd56f4 ABL |
104 | AC_ARG_ENABLE( |
105 | [management], | |
709f7a1f | 106 | [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])], |
51bd56f4 ABL |
107 | , |
108 | [enable_management="yes"] | |
ce98fd24 JY |
109 | ) |
110 | ||
51bd56f4 ABL |
111 | AC_ARG_ENABLE( |
112 | [pkcs11], | |
709f7a1f | 113 | [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])], |
51bd56f4 | 114 | , |
18b5fbdf | 115 | [enable_pkcs11="no"] |
6fbf66fa JY |
116 | ) |
117 | ||
51bd56f4 ABL |
118 | AC_ARG_ENABLE( |
119 | [fragment], | |
709f7a1f | 120 | [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])], |
51bd56f4 ABL |
121 | , |
122 | [enable_fragment="yes"] | |
8bc93d7f JY |
123 | ) |
124 | ||
51bd56f4 ABL |
125 | AC_ARG_ENABLE( |
126 | [port-share], | |
709f7a1f | 127 | [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])], |
51bd56f4 ABL |
128 | , |
129 | [enable_port_share="yes"] | |
6fbf66fa JY |
130 | ) |
131 | ||
51bd56f4 ABL |
132 | AC_ARG_ENABLE( |
133 | [debug], | |
709f7a1f | 134 | [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])], |
51bd56f4 ABL |
135 | , |
136 | [enable_debug="yes"] | |
6fbf66fa JY |
137 | ) |
138 | ||
51bd56f4 ABL |
139 | AC_ARG_ENABLE( |
140 | [small], | |
104360b4 | 141 | [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])], |
51bd56f4 ABL |
142 | , |
143 | [enable_small="no"] | |
6fbf66fa JY |
144 | ) |
145 | ||
e34437c2 AQ |
146 | AC_ARG_ENABLE( |
147 | [dco], | |
2a1a21e3 | 148 | [AS_HELP_STRING([--disable-dco], [disable data channel offload support using the ovpn-dco kernel module @<:@default=yes@:>@ on Linux/FreeBSD, can't disable on Windows])], |
e34437c2 | 149 | , |
2a1a21e3 FL |
150 | [ |
151 | case "$host" in | |
152 | *-*-linux*) | |
153 | enable_dco="auto" | |
154 | ;; | |
155 | *-*-freebsd*) | |
156 | enable_dco="auto" | |
157 | ;; | |
158 | *) | |
159 | # note that this does not disable it for Windows | |
160 | enable_dco="no" | |
161 | ;; | |
162 | esac | |
163 | ] | |
e34437c2 AQ |
164 | ) |
165 | ||
51bd56f4 ABL |
166 | AC_ARG_ENABLE( |
167 | [iproute2], | |
2a1a21e3 | 168 | [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 (disables DCO) @<:@default=no@:>@])], |
51bd56f4 ABL |
169 | , |
170 | [enable_iproute2="no"] | |
fb7aa54a JY |
171 | ) |
172 | ||
ce8271f5 ABL |
173 | AC_ARG_ENABLE( |
174 | [plugin-auth-pam], | |
5a57e201 | 175 | [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])], |
ce8271f5 | 176 | , |
5a57e201 ABL |
177 | [ |
178 | case "$host" in | |
179 | *-*-openbsd*) enable_plugin_auth_pam="no";; | |
180 | *-mingw*) enable_plugin_auth_pam="no";; | |
181 | *) enable_plugin_auth_pam="yes";; | |
182 | esac | |
183 | ] | |
ce8271f5 ABL |
184 | ) |
185 | ||
186 | AC_ARG_ENABLE( | |
187 | [plugin-down-root], | |
5a57e201 ABL |
188 | [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])], |
189 | , | |
190 | [ | |
191 | case "$host" in | |
192 | *-mingw*) enable_plugin_down_root="no";; | |
193 | *) enable_plugin_down_root="yes";; | |
194 | esac | |
195 | ] | |
ce8271f5 ABL |
196 | ) |
197 | ||
198 | AC_ARG_ENABLE( | |
199 | [pam-dlopen], | |
200 | [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])], | |
201 | , | |
202 | [enable_pam_dlopen="no"] | |
203 | ) | |
204 | ||
51bd56f4 ABL |
205 | AC_ARG_ENABLE( |
206 | [strict], | |
709f7a1f | 207 | [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])], |
51bd56f4 ABL |
208 | , |
209 | [enable_strict="no"] | |
6fbf66fa JY |
210 | ) |
211 | ||
51bd56f4 ABL |
212 | AC_ARG_ENABLE( |
213 | [pedantic], | |
709f7a1f | 214 | [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])], |
51bd56f4 ABL |
215 | , |
216 | [enable_pedantic="no"] | |
6fbf66fa JY |
217 | ) |
218 | ||
51194ffd SK |
219 | AC_ARG_ENABLE( |
220 | [werror], | |
42d9f324 | 221 | [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])], |
51194ffd SK |
222 | , |
223 | [enable_werror="no"] | |
224 | ) | |
225 | ||
51bd56f4 ABL |
226 | AC_ARG_ENABLE( |
227 | [strict-options], | |
709f7a1f | 228 | [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])], |
51bd56f4 ABL |
229 | , |
230 | [enable_strict_options="no"] | |
6fbf66fa JY |
231 | ) |
232 | ||
51bd56f4 ABL |
233 | AC_ARG_ENABLE( |
234 | [selinux], | |
709f7a1f | 235 | [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])], |
51bd56f4 ABL |
236 | , |
237 | [enable_selinux="no"] | |
99385447 JY |
238 | ) |
239 | ||
51bd56f4 ABL |
240 | AC_ARG_ENABLE( |
241 | [systemd], | |
ccb636c7 | 242 | [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])], |
51bd56f4 ABL |
243 | , |
244 | [enable_systemd="no"] | |
9449e6a9 FC |
245 | ) |
246 | ||
0d1a75bf LS |
247 | AC_ARG_ENABLE( |
248 | [async-push], | |
1a8f6b91 | 249 | [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])], |
e62eccf0 | 250 | , |
0d1a75bf LS |
251 | [enable_async_push="no"] |
252 | ) | |
253 | ||
10b4b65e ABL |
254 | AC_ARG_WITH( |
255 | [special-build], | |
256 | [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])], | |
257 | [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])] | |
258 | ) | |
259 | ||
51bd56f4 ABL |
260 | AC_ARG_WITH( |
261 | [mem-check], | |
709f7a1f | 262 | [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])], |
51bd56f4 ABL |
263 | [ |
264 | case "${withval}" in | |
265 | dmalloc|valgrind|ssl|no) ;; | |
266 | *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;; | |
267 | esac | |
268 | ], | |
269 | [with_mem_check="no"] | |
6fbf66fa JY |
270 | ) |
271 | ||
51bd56f4 | 272 | AC_ARG_WITH( |
9b33b5a4 | 273 | [crypto-library], |
f6dca235 | 274 | [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])], |
51bd56f4 | 275 | [ |
86d8cd68 | 276 | case "${withval}" in |
f6dca235 | 277 | openssl|mbedtls|wolfssl) ;; |
9b33b5a4 | 278 | *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;; |
51bd56f4 ABL |
279 | esac |
280 | ], | |
9b33b5a4 | 281 | [with_crypto_library="openssl"] |
0a180174 | 282 | ) |
0a180174 | 283 | |
f6dca235 JS |
284 | AC_ARG_ENABLE( |
285 | [wolfssl-options-h], | |
286 | [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])], | |
287 | , | |
288 | [enable_wolfssl_options_h="yes"] | |
289 | ) | |
290 | ||
0df2261d AS |
291 | AC_ARG_WITH( |
292 | [openssl-engine], | |
293 | [AS_HELP_STRING([--with-openssl-engine], [enable engine support with OpenSSL. Default enabled for OpenSSL < 3.0, auto,yes,no @<:@default=auto@:>@])], | |
294 | [ | |
295 | case "${withval}" in | |
296 | auto|yes|no) ;; | |
297 | *) AC_MSG_ERROR([bad value ${withval} for --with-engine]) ;; | |
298 | esac | |
299 | ], | |
300 | [with_openssl_engine="auto"] | |
301 | ) | |
302 | ||
4590c383 CH |
303 | AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@]) |
304 | if test -n "${PLUGINDIR}"; then | |
305 | plugindir="${PLUGINDIR}" | |
306 | else | |
307 | plugindir="\${libdir}/openvpn/plugins" | |
308 | fi | |
ce8271f5 | 309 | |
6440083e | 310 | AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host]) |
c4d5bcd7 | 311 | AM_CONDITIONAL([TARGET_LINUX], [false]) |
86715242 | 312 | case "$host" in |
51bd56f4 ABL |
313 | *-*-linux*) |
314 | AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?]) | |
c4d5bcd7 | 315 | AM_CONDITIONAL([TARGET_LINUX], [true]) |
51bd56f4 | 316 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) |
c6542257 | 317 | have_sitnl="yes" |
51bd56f4 ABL |
318 | ;; |
319 | *-*-solaris*) | |
320 | AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) | |
321 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix]) | |
4e2038ed | 322 | CPPFLAGS="$CPPFLAGS -D_XPG4_2" |
9c490c26 | 323 | test -x /bin/bash && SHELL="/bin/bash" |
51bd56f4 ABL |
324 | ;; |
325 | *-*-openbsd*) | |
326 | AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?]) | |
327 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix]) | |
328 | ;; | |
329 | *-*-freebsd*) | |
330 | AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?]) | |
331 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix]) | |
332 | ;; | |
333 | *-*-netbsd*) | |
334 | AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?]) | |
335 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix]) | |
336 | ;; | |
337 | *-*-darwin*) | |
338 | AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?]) | |
339 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix]) | |
05f16e84 | 340 | have_tap_header="yes" |
e7303ace | 341 | ac_cv_type_struct_in_pktinfo=no |
51bd56f4 ABL |
342 | ;; |
343 | *-mingw*) | |
344 | AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?]) | |
8b80cbc3 | 345 | AC_DEFINE([ENABLE_DCO], [1], [DCO is always enabled on Windows]) |
51bd56f4 | 346 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix]) |
4b1a82db | 347 | CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN" |
5fcd4933 | 348 | CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA" |
51bd56f4 | 349 | WIN32=yes |
51bd56f4 ABL |
350 | ;; |
351 | *-*-dragonfly*) | |
352 | AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?]) | |
353 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix]) | |
354 | ;; | |
42f13dc0 GD |
355 | *-aix*) |
356 | AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?]) | |
357 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix]) | |
358 | ROUTE="/usr/sbin/route" | |
359 | have_tap_header="yes" | |
360 | ac_cv_header_net_if_h="no" # exists, but breaks things | |
361 | ;; | |
51bd56f4 ABL |
362 | *) |
363 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix]) | |
05f16e84 | 364 | have_tap_header="yes" |
51bd56f4 | 365 | ;; |
6fbf66fa JY |
366 | esac |
367 | ||
e3ad1fc4 SN |
368 | AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") |
369 | ||
51bd56f4 ABL |
370 | PKG_PROG_PKG_CONFIG |
371 | AC_PROG_CPP | |
6fbf66fa | 372 | AC_PROG_INSTALL |
51bd56f4 | 373 | AC_PROG_LN_S |
7046ff20 | 374 | AC_PROG_SED |
51bd56f4 | 375 | AC_PROG_MAKE_SET |
6fbf66fa | 376 | |
c3fc703d ABL |
377 | AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility]) |
378 | AC_ARG_VAR([ROUTE], [full path to route utility]) | |
379 | AC_ARG_VAR([IPROUTE], [full path to ip utility]) | |
380 | AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests | |
7046ff20 | 381 | AC_ARG_VAR([GIT], [path to git utility]) |
ba79c71d | 382 | AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) |
ca5b4c2a | 383 | AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@]) |
3de7be7b | 384 | AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@]) |
c3fc703d ABL |
385 | AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) |
386 | AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) | |
387 | AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) | |
ba79c71d | 388 | AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin]) |
c3fc703d | 389 | AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests |
7046ff20 | 390 | AC_CHECK_PROGS([GIT], [git]) # optional |
c3fc703d ABL |
391 | AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) |
392 | AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) | |
393 | AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) | |
ba79c71d | 394 | AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool]) |
c3fc703d | 395 | |
f500c49c DS |
396 | # |
397 | # man page generation - based on python-docutils | |
398 | # | |
399 | AC_ARG_VAR([RST2MAN], [path to rst2man utility]) | |
400 | AC_ARG_VAR([RST2HTML], [path to rst2html utility]) | |
b61d1988 AQ |
401 | AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py]) |
402 | AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py]) | |
f500c49c DS |
403 | AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"]) |
404 | ||
9223336a SK |
405 | # Set -std=c99 unless user already specified a -std= |
406 | case "${CFLAGS}" in | |
407 | *-std=*) ;; | |
408 | *) CFLAGS="${CFLAGS} -std=c99" ;; | |
409 | esac | |
410 | ||
98bc1a3e ABL |
411 | # |
412 | # Libtool | |
413 | # | |
414 | ifdef( | |
415 | [LT_INIT], | |
416 | [ | |
417 | LT_INIT([win32-dll]) | |
418 | LT_LANG([Windows Resource]) | |
419 | ], | |
420 | [ | |
421 | AC_LIBTOOL_WIN32_DLL | |
422 | AC_LIBTOOL_RC | |
423 | AC_PROG_LIBTOOL | |
424 | ] | |
425 | ) | |
426 | ||
6fbf66fa JY |
427 | AC_C_CONST |
428 | AC_C_INLINE | |
429 | AC_C_VOLATILE | |
430 | AC_TYPE_OFF_T | |
431 | AC_TYPE_PID_T | |
432 | AC_TYPE_SIZE_T | |
433 | AC_TYPE_UID_T | |
0dbd45db | 434 | AX_TYPE_SOCKLEN_T |
51bd56f4 ABL |
435 | AC_CHECK_SIZEOF([unsigned int]) |
436 | AC_CHECK_SIZEOF([unsigned long]) | |
437 | AC_CHECK_HEADERS([ \ | |
8c18d7c9 | 438 | fcntl.h io.h \ |
b8510baa AS |
439 | sys/types.h sys/socket.h \ |
440 | unistd.h dlfcn.h \ | |
dbd7e3be | 441 | netinet/in.h \ |
51bd56f4 | 442 | netinet/tcp.h arpa/inet.h netdb.h \ |
51bd56f4 | 443 | ]) |
cab53332 | 444 | AC_CHECK_HEADERS([ \ |
a2d747bb | 445 | sys/time.h sys/ioctl.h sys/stat.h \ |
f641637a | 446 | sys/mman.h sys/file.h sys/wait.h \ |
b8510baa | 447 | unistd.h libgen.h stropts.h \ |
76ccc62d | 448 | syslog.h pwd.h grp.h termios.h \ |
7cacdfd4 | 449 | sys/sockio.h sys/uio.h linux/sockios.h \ |
4225114b | 450 | linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \ |
cab53332 | 451 | ]) |
6fbf66fa | 452 | |
51bd56f4 | 453 | SOCKET_INCLUDES=" |
51bd56f4 | 454 | #include <stdlib.h> |
51bd56f4 ABL |
455 | #ifdef HAVE_SYS_TYPES_H |
456 | #include <sys/types.h> | |
457 | #endif | |
458 | #ifdef HAVE_SYS_SOCKET_H | |
459 | #include <sys/socket.h> | |
460 | #endif | |
7efa60d9 GD |
461 | #ifdef HAVE_NET_IF_H |
462 | #include <net/if.h> | |
463 | #endif | |
51bd56f4 ABL |
464 | #ifdef HAVE_NETINET_IN_H |
465 | #include <netinet/in.h> | |
466 | #endif | |
ba49c9a7 | 467 | #ifdef _WIN32 |
51bd56f4 ABL |
468 | #include <windows.h> |
469 | #endif | |
ba49c9a7 | 470 | #ifdef _WIN32 |
51bd56f4 ABL |
471 | #include <winsock2.h> |
472 | #endif | |
ba49c9a7 | 473 | #ifdef _WIN32 |
51bd56f4 ABL |
474 | #include <ws2tcpip.h> |
475 | #endif | |
4025a595 ABL |
476 | #ifdef HAVE_NETINET_IP_H |
477 | #include <netinet/ip.h> | |
478 | #endif | |
51bd56f4 | 479 | " |
1bda73a7 | 480 | |
cab53332 | 481 | AC_CHECK_HEADERS( |
ddb1f20a | 482 | [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h], |
51bd56f4 | 483 | , |
51bd56f4 | 484 | , |
cab53332 | 485 | [[${SOCKET_INCLUDES}]] |
51bd56f4 ABL |
486 | ) |
487 | ||
488 | AC_CHECK_TYPES( | |
6fbf66fa | 489 | [in_addr_t], |
51bd56f4 ABL |
490 | , |
491 | [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])], | |
492 | [[${SOCKET_INCLUDES}]] | |
493 | ) | |
dd6714ae GD |
494 | AC_CHECK_TYPES( |
495 | [in_port_t], | |
496 | , | |
497 | [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])], | |
498 | [[${SOCKET_INCLUDES}]] | |
499 | ) | |
6fbf66fa JY |
500 | AC_CHECK_TYPE( |
501 | [struct iphdr], | |
7c0a2b5f | 502 | [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])], |
51bd56f4 ABL |
503 | , |
504 | [[${SOCKET_INCLUDES}]] | |
505 | ) | |
6fbf66fa JY |
506 | AC_CHECK_TYPE( |
507 | [struct msghdr], | |
7c0a2b5f | 508 | [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])], |
51bd56f4 ABL |
509 | , |
510 | [[${SOCKET_INCLUDES}]] | |
511 | ) | |
6fbf66fa JY |
512 | AC_CHECK_TYPE( |
513 | [struct cmsghdr], | |
7c0a2b5f | 514 | [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])], |
51bd56f4 ABL |
515 | , |
516 | [[${SOCKET_INCLUDES}]] | |
517 | ) | |
8bc93d7f JY |
518 | AC_CHECK_TYPE( |
519 | [struct in_pktinfo], | |
7c0a2b5f | 520 | [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])], |
51bd56f4 ABL |
521 | , |
522 | [[${SOCKET_INCLUDES}]] | |
523 | ) | |
87b468d4 HH |
524 | AC_CHECK_TYPE( |
525 | [sa_family_t], | |
526 | [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])], | |
527 | , | |
528 | [[${SOCKET_INCLUDES}]] | |
529 | ) | |
7efa60d9 GD |
530 | AC_CHECK_MEMBER( |
531 | [struct in_pktinfo.ipi_spec_dst], | |
532 | [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])], | |
533 | , | |
534 | [[${SOCKET_INCLUDES}]] | |
535 | ) | |
51bd56f4 ABL |
536 | AC_CHECK_TYPE( |
537 | [struct sockaddr_in6], | |
538 | , | |
539 | [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])], | |
540 | [[${SOCKET_INCLUDES}]] | |
541 | ) | |
cab53332 ABL |
542 | AC_CHECK_DECLS( |
543 | [SO_MARK], | |
544 | , | |
545 | , | |
546 | [[${SOCKET_INCLUDES}]] | |
547 | ) | |
2a1a21e3 | 548 | AC_MSG_CHECKING([anonymous union support]) |
9223336a SK |
549 | AC_COMPILE_IFELSE( |
550 | [AC_LANG_PROGRAM( | |
551 | [[ | |
552 | struct mystruct { | |
553 | union { | |
554 | int m1; | |
555 | char m2; | |
556 | }; | |
557 | }; | |
558 | ]], | |
559 | [[ | |
560 | struct mystruct s; | |
561 | s.m1 = 1; s.m2 = 2; | |
562 | ]] | |
563 | )], | |
564 | [ | |
565 | AC_MSG_RESULT([yes]) | |
566 | AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions]) | |
567 | ], | |
568 | [AC_MSG_RESULT([no])] | |
569 | ) | |
51bd56f4 | 570 | |
f91ab283 SN |
571 | saved_LDFLAGS="$LDFLAGS" |
572 | LDFLAGS="$LDFLAGS -Wl,--wrap=exit" | |
573 | AC_MSG_CHECKING([linker supports --wrap]) | |
574 | AC_LINK_IFELSE( | |
575 | [AC_LANG_PROGRAM( | |
576 | [[ | |
577 | void exit(int); | |
578 | void __real_exit(int); | |
579 | void __wrap_exit(int i) { | |
580 | __real_exit(i); | |
581 | } | |
582 | ]], | |
583 | [[ | |
584 | exit(0); | |
585 | ]] | |
586 | )], | |
587 | [ | |
588 | AC_MSG_RESULT([yes]) | |
589 | have_ld_wrap_support=yes | |
590 | ], | |
591 | [AC_MSG_RESULT([no])], | |
592 | ) | |
593 | LDFLAGS="$saved_LDFLAGS" | |
594 | ||
cab53332 ABL |
595 | dnl We emulate signals in Windows |
596 | AC_CHECK_DECLS( | |
597 | [SIGHUP], | |
51bd56f4 | 598 | , |
cab53332 ABL |
599 | [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])], |
600 | [[ | |
cab53332 | 601 | #include <signal.h> |
cab53332 | 602 | ]] |
51bd56f4 | 603 | ) |
cab53332 ABL |
604 | AC_CHECK_DECLS( |
605 | [SIGINT], | |
606 | , | |
607 | [AC_DEFINE([SIGINT], [2], [SIGINT replacement])], | |
608 | [[ | |
cab53332 | 609 | #include <signal.h> |
cab53332 ABL |
610 | ]] |
611 | ) | |
612 | AC_CHECK_DECLS( | |
613 | [SIGUSR1], | |
614 | , | |
615 | [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])], | |
616 | [[ | |
cab53332 | 617 | #include <signal.h> |
cab53332 ABL |
618 | ]] |
619 | ) | |
620 | AC_CHECK_DECLS( | |
621 | [SIGUSR2], | |
622 | , | |
623 | [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])], | |
624 | [[ | |
cab53332 | 625 | #include <signal.h> |
cab53332 ABL |
626 | ]] |
627 | ) | |
628 | AC_CHECK_DECLS( | |
629 | [SIGTERM], | |
630 | , | |
631 | [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])], | |
632 | [[ | |
cab53332 | 633 | #include <signal.h> |
cab53332 ABL |
634 | ]] |
635 | ) | |
636 | ||
637 | AC_FUNC_FORK | |
638 | ||
51bd56f4 | 639 | AC_CHECK_FUNCS([ \ |
84e14209 | 640 | daemon chroot getpwnam setuid nice system dup dup2 \ |
76ccc62d | 641 | syslog openlog mlockall getrlimit getgrnam setgid \ |
28871fec | 642 | setgroups flock time gettimeofday \ |
84e14209 | 643 | setsid chdir \ |
ba49c9a7 | 644 | chsize ftruncate execve getpeereid basename dirname access \ |
0a88ef8c | 645 | epoll_create strsep \ |
51bd56f4 | 646 | ]) |
aee7428c ABL |
647 | |
648 | AC_CHECK_LIB( | |
649 | [dl], | |
650 | [dlopen], | |
651 | [DL_LIBS="-ldl"] | |
652 | ) | |
653 | AC_SUBST([DL_LIBS]) | |
654 | ||
655 | AC_CHECK_LIB( | |
656 | [nsl], | |
657 | [inet_ntoa], | |
658 | [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"] | |
659 | ) | |
660 | AC_CHECK_LIB( | |
661 | [socket], | |
662 | [socket], | |
663 | [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"] | |
664 | ) | |
665 | AC_CHECK_LIB( | |
666 | [resolv], | |
667 | [gethostbyname], | |
668 | [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"] | |
669 | ) | |
670 | AC_SUBST([SOCKETS_LIBS]) | |
671 | ||
672 | old_LIBS="${LIBS}" | |
673 | LIBS="${LIBS} ${SOCKETS_LIBS}" | |
f96baabc | 674 | AC_CHECK_FUNCS([sendmsg recvmsg]) |
17f91332 | 675 | |
aee7428c | 676 | LIBS="${old_LIBS}" |
7647a48c | 677 | |
403dc434 GD |
678 | # we assume res_init() always exist, but need to find out *where*... |
679 | AC_SEARCH_LIBS(__res_init, resolv bind, , | |
680 | AC_SEARCH_LIBS(res_9_init, resolv bind, , | |
681 | AC_SEARCH_LIBS(res_init, resolv bind, , ))) | |
682 | ||
7cacdfd4 ABL |
683 | AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap]) |
684 | old_CFLAGS="${CFLAGS}" | |
685 | CFLAGS="${CFLAGS} ${TAP_CFLAGS}" | |
686 | AC_CHECK_HEADERS( | |
687 | [ \ | |
688 | net/if_tun.h net/tun/if_tun.h \ | |
689 | linux/if_tun.h \ | |
690 | tap-windows.h \ | |
691 | ], | |
692 | [have_tap_header="yes"] | |
693 | ) | |
88f3a402 ABL |
694 | AC_CHECK_DECLS( |
695 | [TUNSETPERSIST], | |
696 | [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])], | |
697 | , | |
698 | [[ | |
699 | #ifdef HAVE_LINUX_IF_TUN_H | |
700 | #include <linux/if_tun.h> | |
701 | #endif | |
702 | ]] | |
703 | ) | |
7cacdfd4 ABL |
704 | CFLAGS="${old_CFLAGS}" |
705 | test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found]) | |
706 | ||
cd5990e0 ABL |
707 | AC_CHECK_LIB( |
708 | [selinux], | |
709 | [setcon], | |
710 | [SELINUX_LIBS="-lselinux"] | |
711 | ) | |
712 | AC_SUBST([SELINUX_LIBS]) | |
713 | ||
ce8271f5 ABL |
714 | AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam]) |
715 | AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam]) | |
716 | if test -z "${LIBPAM_LIBS}"; then | |
717 | AC_CHECK_LIB( | |
718 | [pam], | |
719 | [pam_start], | |
720 | [LIBPAM_LIBS="-lpam"] | |
721 | ) | |
722 | fi | |
723 | ||
51bd56f4 ABL |
724 | case "${with_mem_check}" in |
725 | valgrind) | |
fb69bfd0 | 726 | AC_CHECK_HEADERS( |
51bd56f4 ABL |
727 | [valgrind/memcheck.h], |
728 | [ | |
729 | CFLAGS="${CFLAGS} -g -fno-inline" | |
730 | AC_DEFINE( | |
731 | [USE_VALGRIND], | |
732 | [1], | |
733 | [Use valgrind memory debugging library] | |
734 | ) | |
735 | ], | |
736 | [AC_MSG_ERROR([valgrind headers not found.])] | |
737 | ) | |
738 | ;; | |
739 | dmalloc) | |
fb69bfd0 | 740 | AC_CHECK_HEADERS( |
51bd56f4 ABL |
741 | [dmalloc.h], |
742 | [AC_CHECK_LIB( | |
743 | [dmalloc], | |
744 | [malloc], | |
745 | [ | |
e02570fd | 746 | LIBS="${LIBS} -ldmalloc" |
51bd56f4 ABL |
747 | AC_DEFINE( |
748 | [DMALLOC], | |
749 | [1], | |
750 | [Use dmalloc memory debugging library] | |
751 | ) | |
752 | ], | |
753 | [AC_MSG_ERROR([dmalloc library not found.])] | |
754 | )], | |
755 | [AC_MSG_ERROR([dmalloc headers not found.])] | |
756 | ) | |
757 | ;; | |
758 | ssl) | |
759 | AC_CHECK_LIB( | |
760 | [ssl], | |
761 | [CRYPTO_mem_ctrl], | |
762 | [ | |
763 | AC_DEFINE( | |
764 | [CRYPTO_MDEBUG], | |
765 | [1], | |
766 | [Use memory debugging function in OpenSSL] | |
767 | ) | |
768 | AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG]) | |
769 | ], | |
770 | [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])] | |
771 | ) | |
772 | ;; | |
773 | esac | |
6fbf66fa | 774 | |
9a3f6702 SK |
775 | PKG_CHECK_MODULES( |
776 | [PKCS11_HELPER], | |
6575ad48 | 777 | [libpkcs11-helper-1 >= 1.11], |
9a3f6702 SK |
778 | [have_pkcs11_helper="yes"], |
779 | [] | |
780 | ) | |
781 | ||
e34437c2 | 782 | |
2a1a21e3 FL |
783 | if test "$enable_dco" != "no"; then |
784 | enable_dco_arg="$enable_dco" | |
785 | if test "${enable_iproute2}" = "yes"; then | |
786 | AC_MSG_WARN([DCO cannot be enabled when using iproute2]) | |
787 | enable_dco="no" | |
788 | fi | |
e34437c2 AQ |
789 | case "$host" in |
790 | *-*-linux*) | |
2a1a21e3 FL |
791 | if test "$enable_dco" = "no"; then |
792 | if test "$enable_dco_arg" = "auto"; then | |
793 | AC_MSG_WARN([DCO support disabled]) | |
794 | else | |
795 | AC_MSG_ERROR([DCO support can't be enabled]) | |
796 | fi | |
797 | else | |
798 | dnl | |
799 | dnl Include generic netlink library used to talk to ovpn-dco | |
800 | dnl | |
801 | PKG_CHECK_MODULES([LIBNL_GENL], | |
e34437c2 AQ |
802 | [libnl-genl-3.0 >= 3.4.0], |
803 | [have_libnl="yes"], | |
2a1a21e3 FL |
804 | [ |
805 | AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO]) | |
806 | ] | |
807 | ) | |
808 | CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" | |
809 | LIBS="${LIBS} ${LIBNL_GENL_LIBS}" | |
e34437c2 | 810 | |
2a1a21e3 FL |
811 | AC_DEFINE(ENABLE_DCO, 1, [Enable shared data channel offload]) |
812 | AC_MSG_NOTICE([Enabled ovpn-dco support for Linux]) | |
813 | fi | |
e34437c2 | 814 | ;; |
f08fcc2f | 815 | *-*-freebsd*) |
6f261673 | 816 | AC_CHECK_HEADERS([net/if_ovpn.h], |
2a1a21e3 FL |
817 | [ |
818 | LIBS="${LIBS} -lnv" | |
819 | AC_DEFINE(ENABLE_DCO, 1, [Enable data channel offload for FreeBSD]) | |
820 | AC_MSG_NOTICE([Enabled ovpn-dco support for FreeBSD]) | |
821 | ], | |
822 | [ | |
823 | enable_dco="no" | |
6f261673 | 824 | AC_MSG_WARN([DCO header not found.]) |
2a1a21e3 FL |
825 | ] |
826 | ) | |
827 | if test "$enable_dco" = "no"; then | |
828 | if test "$enable_dco_arg" = "auto"; then | |
829 | AC_MSG_WARN([DCO support disabled]) | |
830 | else | |
831 | AC_MSG_ERROR([DCO support can't be enabled]) | |
832 | fi | |
833 | fi | |
f08fcc2f | 834 | ;; |
8b80cbc3 AQ |
835 | *-mingw*) |
836 | AC_MSG_NOTICE([NOTE: --enable-dco ignored on Windows because it's always enabled]) | |
837 | ;; | |
e34437c2 | 838 | *) |
8b80cbc3 | 839 | AC_MSG_NOTICE([Ignoring --enable-dco on non supported platform]) |
e34437c2 AQ |
840 | ;; |
841 | esac | |
842 | fi | |
843 | ||
2e359a08 TR |
844 | dnl |
845 | dnl Depend on libcap-ng on Linux | |
846 | dnl | |
847 | case "$host" in | |
848 | *-*-linux*) | |
849 | PKG_CHECK_MODULES([LIBCAPNG], | |
850 | [libcap-ng], | |
851 | [], | |
852 | [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])] | |
853 | ) | |
854 | AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) | |
855 | ||
bd95104a | 856 | CFLAGS="${CFLAGS} ${LIBCAPNG_CFLAGS}" |
2e359a08 TR |
857 | LIBS="${LIBS} ${LIBCAPNG_LIBS}" |
858 | AC_DEFINE(HAVE_LIBCAPNG, 1, [Enable libcap-ng support]) | |
859 | ;; | |
860 | esac | |
861 | ||
862 | ||
cf49ff50 | 863 | if test "${with_crypto_library}" = "openssl"; then |
31b0bebe SK |
864 | AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL]) |
865 | AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL]) | |
866 | ||
867 | if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then | |
868 | # if the user did not explicitly specify flags, try to autodetect | |
869 | PKG_CHECK_MODULES( | |
870 | [OPENSSL], | |
ec7d0e8e | 871 | [openssl >= 1.0.2], |
79ea67f7 DS |
872 | [have_openssl="yes"], |
873 | [] # If this fails, we will do another test next | |
31b0bebe | 874 | ) |
31b0bebe SK |
875 | OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} |
876 | fi | |
9b33b5a4 | 877 | |
9b33b5a4 ABL |
878 | saved_CFLAGS="${CFLAGS}" |
879 | saved_LIBS="${LIBS}" | |
31b0bebe SK |
880 | CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}" |
881 | LIBS="${LIBS} ${OPENSSL_LIBS}" | |
882 | ||
79ea67f7 DS |
883 | # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars |
884 | # are used, check the version directly in the OpenSSL include file | |
885 | if test "${have_openssl}" != "yes"; then | |
ec7d0e8e | 886 | AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2]) |
79ea67f7 DS |
887 | AC_COMPILE_IFELSE( |
888 | [AC_LANG_PROGRAM( | |
889 | [[ | |
890 | #include <openssl/opensslv.h> | |
891 | ]], | |
892 | [[ | |
893 | /* Version encoding: MNNFFPPS - see opensslv.h for details */ | |
ec7d0e8e | 894 | #if OPENSSL_VERSION_NUMBER < 0x10002000L |
79ea67f7 DS |
895 | #error OpenSSL too old |
896 | #endif | |
897 | ]] | |
898 | )], | |
899 | [AC_MSG_RESULT([ok])], | |
900 | [AC_MSG_ERROR([OpenSSL version too old])] | |
901 | ) | |
902 | fi | |
903 | ||
6ea62d50 | 904 | AC_CHECK_FUNCS([SSL_CTX_new], |
31b0bebe SK |
905 | , |
906 | [AC_MSG_ERROR([openssl check failed])] | |
907 | ) | |
908 | ||
0df2261d AS |
909 | if test "${with_openssl_engine}" = "auto"; then |
910 | AC_COMPILE_IFELSE( | |
911 | [AC_LANG_PROGRAM( | |
912 | [[ | |
913 | #include <openssl/opensslv.h> | |
34bf473e | 914 | #include <openssl/opensslconf.h> |
0df2261d AS |
915 | ]], |
916 | [[ | |
917 | /* Version encoding: MNNFFPPS - see opensslv.h for details */ | |
918 | #if OPENSSL_VERSION_NUMBER >= 0x30000000L | |
34bf473e | 919 | #error Engine support disabled by default in OpenSSL 3.0+ |
920 | #endif | |
921 | ||
922 | /* BoringSSL and LibreSSL >= 3.8.1 removed engine support */ | |
923 | #ifdef OPENSSL_NO_ENGINE | |
924 | #error Engine support disabled in openssl/opensslconf.h | |
0df2261d AS |
925 | #endif |
926 | ]] | |
927 | )], | |
928 | [have_openssl_engine="yes"], | |
929 | [have_openssl_engine="no"] | |
930 | ) | |
931 | if test "${have_openssl_engine}" = "yes"; then | |
932 | AC_CHECK_FUNCS( | |
933 | [ \ | |
9b33b5a4 ABL |
934 | ENGINE_load_builtin_engines \ |
935 | ENGINE_register_all_complete \ | |
0df2261d AS |
936 | ], |
937 | , | |
938 | [have_openssl_engine="no"; break] | |
939 | ) | |
940 | fi | |
941 | else | |
942 | have_openssl_engine="${with_openssl_engine}" | |
943 | if test "${have_openssl_engine}" = "yes"; then | |
944 | AC_CHECK_FUNCS( | |
945 | [ \ | |
946 | ENGINE_load_builtin_engines \ | |
947 | ENGINE_register_all_complete \ | |
948 | ], | |
949 | , | |
950 | [AC_MSG_ERROR([OpenSSL engine support not found])] | |
6b5dbf6c | 951 | ) |
0df2261d | 952 | fi |
6b5dbf6c | 953 | fi |
31b0bebe SK |
954 | if test "${have_openssl_engine}" = "yes"; then |
955 | AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available]) | |
956 | fi | |
9b33b5a4 | 957 | |
91d84530 | 958 | AC_CHECK_FUNC( |
66407e11 SK |
959 | [EVP_aes_256_gcm], |
960 | , | |
94edc7c5 | 961 | [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])] |
66407e11 SK |
962 | ) |
963 | ||
ec7d0e8e AS |
964 | # All supported OpenSSL version (>= 1.0.2) |
965 | # have this feature | |
5defbba4 | 966 | have_export_keying_material="yes" |
5defbba4 | 967 | |
9b33b5a4 ABL |
968 | CFLAGS="${saved_CFLAGS}" |
969 | LIBS="${saved_LIBS}" | |
9b33b5a4 | 970 | |
31b0bebe SK |
971 | AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library]) |
972 | CRYPTO_CFLAGS="${OPENSSL_CFLAGS}" | |
973 | CRYPTO_LIBS="${OPENSSL_LIBS}" | |
cf49ff50 | 974 | elif test "${with_crypto_library}" = "mbedtls"; then |
86d8cd68 SK |
975 | AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls]) |
976 | AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls]) | |
31b0bebe | 977 | |
417fe4a7 SK |
978 | saved_CFLAGS="${CFLAGS}" |
979 | saved_LIBS="${LIBS}" | |
980 | ||
86d8cd68 | 981 | if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then |
e860059b | 982 | # if the user did not explicitly specify flags, try to autodetect |
1ae17b7e | 983 | LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto" |
86d8cd68 SK |
984 | AC_CHECK_LIB( |
985 | [mbedtls], | |
986 | [mbedtls_ssl_init], | |
1ae17b7e | 987 | [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"], |
86d8cd68 | 988 | [AC_MSG_ERROR([Could not find mbed TLS.])], |
31b0bebe SK |
989 | [${PKCS11_HELPER_LIBS}] |
990 | ) | |
991 | fi | |
9b33b5a4 | 992 | |
86d8cd68 SK |
993 | CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}" |
994 | LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}" | |
417fe4a7 | 995 | |
86d8cd68 | 996 | AC_MSG_CHECKING([mbedtls version]) |
13b38eb0 ABL |
997 | AC_COMPILE_IFELSE( |
998 | [AC_LANG_PROGRAM( | |
999 | [[ | |
86d8cd68 | 1000 | #include <mbedtls/version.h> |
13b38eb0 ABL |
1001 | ]], |
1002 | [[ | |
ace7a4f1 | 1003 | #if MBEDTLS_VERSION_NUMBER < 0x02000000 || (MBEDTLS_VERSION_NUMBER >= 0x03000000 && MBEDTLS_VERSION_NUMBER < 0x03020100) |
9a3f6702 | 1004 | #error invalid version |
13b38eb0 ABL |
1005 | #endif |
1006 | ]] | |
1007 | )], | |
1008 | [AC_MSG_RESULT([ok])], | |
ace7a4f1 | 1009 | [AC_MSG_ERROR([mbed TLS version >= 2.0.0 or >= 3.2.1 required])] |
13b38eb0 | 1010 | ) |
9a3f6702 | 1011 | |
b5faf1b2 MF |
1012 | AC_CHECK_HEADER( |
1013 | psa/crypto.h, | |
1014 | [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [1], [yes])], | |
1015 | [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [0], [no])] | |
1016 | ) | |
ace7a4f1 | 1017 | |
66407e11 SK |
1018 | AC_CHECK_FUNCS( |
1019 | [ \ | |
86d8cd68 SK |
1020 | mbedtls_cipher_write_tag \ |
1021 | mbedtls_cipher_check_tag \ | |
66407e11 SK |
1022 | ], |
1023 | , | |
94edc7c5 | 1024 | [AC_MSG_ERROR([mbed TLS check for AEAD support failed])] |
66407e11 SK |
1025 | ) |
1026 | ||
b5faf1b2 MF |
1027 | AC_CHECK_FUNC( |
1028 | [mbedtls_ssl_tls_prf], | |
1029 | [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [1], [yes])], | |
1030 | [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [0], [no])] | |
1031 | ) | |
1032 | ||
5defbba4 | 1033 | have_export_keying_material="yes" |
91d84530 | 1034 | AC_CHECK_FUNC( |
5defbba4 | 1035 | [mbedtls_ssl_conf_export_keys_ext_cb], |
b5faf1b2 MF |
1036 | [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [1], [yes])], |
1037 | [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [0], [no])] | |
5defbba4 | 1038 | ) |
b5faf1b2 MF |
1039 | if test "x$ac_cv_func_mbedtls_ssl_conf_export_keys_ext_cb" != xyes; then |
1040 | AC_CHECK_FUNC( | |
1041 | [mbedtls_ssl_set_export_keys_cb], | |
1042 | [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [1], [yes])], | |
1043 | [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [0], [no])] | |
1044 | ) | |
1045 | if test "x$ac_cv_func_mbedtls_ssl_set_export_keys_cb" != xyes; then | |
1046 | have_export_keying_material="no" | |
1047 | fi | |
1048 | fi | |
5defbba4 | 1049 | |
2b9bbaad AQ |
1050 | AC_CHECK_FUNC( |
1051 | [mbedtls_ctr_drbg_update_ret], | |
b5faf1b2 | 1052 | AC_DEFINE([HAVE_MBEDTLS_CTR_DRBG_UPDATE_RET], [1], |
2b9bbaad AQ |
1053 | [Use mbedtls_ctr_drbg_update_ret from mbed TLS]), |
1054 | ) | |
1055 | ||
31b0bebe SK |
1056 | CFLAGS="${saved_CFLAGS}" |
1057 | LIBS="${saved_LIBS}" | |
86d8cd68 SK |
1058 | AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library]) |
1059 | CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}" | |
1060 | CRYPTO_LIBS="${MBEDTLS_LIBS}" | |
f6dca235 JS |
1061 | |
1062 | elif test "${with_crypto_library}" = "wolfssl"; then | |
1063 | AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should | |
1064 | contain the regular wolfSSL header files but also the | |
1065 | wolfSSL OpenSSL header files. Ex: -I/usr/local/include | |
1066 | -I/usr/local/include/wolfssl]) | |
1067 | AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl]) | |
1068 | ||
1069 | saved_CFLAGS="${CFLAGS}" | |
1070 | saved_LIBS="${LIBS}" | |
1071 | ||
1072 | if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then | |
1073 | # if the user did not explicitly specify flags, try to autodetect | |
1074 | PKG_CHECK_MODULES( | |
1075 | [WOLFSSL], | |
1076 | [wolfssl], | |
1077 | [], | |
1078 | [AC_MSG_ERROR([Could not find wolfSSL.])] | |
1079 | ) | |
1080 | PKG_CHECK_VAR( | |
1081 | [WOLFSSL_INCLUDEDIR], | |
1082 | [wolfssl], | |
1083 | [includedir], | |
1084 | [], | |
1085 | [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])] | |
1086 | ) | |
1087 | WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl" | |
1088 | fi | |
1089 | saved_CFLAGS="${CFLAGS}" | |
1090 | saved_LIBS="${LIBS}" | |
1091 | CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}" | |
1092 | LIBS="${LIBS} ${WOLFSSL_LIBS}" | |
1093 | ||
1094 | AC_CHECK_LIB( | |
1095 | [wolfssl], | |
1096 | [wolfSSL_Init], | |
1097 | [], | |
1098 | [AC_MSG_ERROR([Could not link wolfSSL library.])] | |
1099 | ) | |
1100 | AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])]) | |
1101 | ||
1102 | # wolfSSL signal EKM support | |
1103 | have_export_keying_material="yes" | |
1104 | ||
f6dca235 JS |
1105 | if test "${enable_wolfssl_options_h}" = "yes"; then |
1106 | AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library]) | |
1107 | else | |
1108 | AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library]) | |
1109 | fi | |
1110 | ||
1111 | have_export_keying_material="yes" | |
1112 | ||
1113 | CFLAGS="${saved_CFLAGS}" | |
1114 | LIBS="${saved_LIBS}" | |
1115 | ||
1116 | AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library]) | |
1117 | AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer]) | |
1118 | CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}" | |
1119 | CRYPTO_LIBS="${WOLFSSL_LIBS}" | |
cf49ff50 | 1120 | else |
31b0bebe | 1121 | AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}]) |
13b38eb0 ABL |
1122 | fi |
1123 | ||
74bbc71b ABL |
1124 | AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo]) |
1125 | AC_ARG_VAR([LZO_LIBS], [linker flags for lzo]) | |
1126 | have_lzo="yes" | |
1127 | if test -z "${LZO_LIBS}"; then | |
1128 | AC_CHECK_LIB( | |
1129 | [lzo2], | |
1130 | [lzo1x_1_15_compress], | |
1131 | [LZO_LIBS="-llzo2"], | |
1132 | [AC_CHECK_LIB( | |
1133 | [lzo], | |
1134 | [lzo1x_1_15_compress], | |
1135 | [LZO_LIBS="-llzo"], | |
1136 | [have_lzo="no"] | |
1137 | )] | |
1138 | ) | |
1139 | fi | |
1140 | if test "${have_lzo}" = "yes"; then | |
1141 | saved_CFLAGS="${CFLAGS}" | |
1142 | CFLAGS="${CFLAGS} ${LZO_CFLAGS}" | |
1143 | AC_CHECK_HEADERS( | |
1144 | [lzo/lzoutil.h], | |
1145 | , | |
1146 | [AC_CHECK_HEADERS( | |
1147 | [lzoutil.h], | |
1148 | , | |
1149 | [AC_MSG_ERROR([lzoutil.h is missing])] | |
1150 | )] | |
1151 | ) | |
1152 | AC_CHECK_HEADERS( | |
1153 | [lzo/lzo1x.h], | |
1154 | , | |
1155 | [AC_CHECK_HEADERS( | |
1156 | [lzo1x.h], | |
1157 | , | |
1158 | [AC_MSG_ERROR([lzo1x.h is missing])] | |
1159 | )] | |
1160 | ) | |
1161 | CFLAGS="${saved_CFLAGS}" | |
6fbf66fa JY |
1162 | fi |
1163 | ||
40efb635 GD |
1164 | dnl |
1165 | dnl check for LZ4 library | |
1166 | dnl | |
1167 | ||
1168 | AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4]) | |
1169 | AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4]) | |
1170 | if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then | |
5f6225c3 DS |
1171 | if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then |
1172 | # if the user did not explicitly specify flags, try to autodetect | |
1173 | PKG_CHECK_MODULES([LZ4], | |
f91e4863 | 1174 | [liblz4 >= 1.7.1 liblz4 < 100], |
5f6225c3 | 1175 | [have_lz4="yes"], |
e5b279f1 DS |
1176 | [LZ4_LIBS="-llz4"] # If this fails, we will do another test next. |
1177 | # We also add set LZ4_LIBS otherwise the | |
1178 | # linker will not know about the lz4 library | |
5f6225c3 DS |
1179 | ) |
1180 | fi | |
1181 | ||
1182 | saved_CFLAGS="${CFLAGS}" | |
1183 | saved_LIBS="${LIBS}" | |
1184 | CFLAGS="${CFLAGS} ${LZ4_CFLAGS}" | |
1185 | LIBS="${LIBS} ${LZ4_LIBS}" | |
1186 | ||
1187 | # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars | |
1188 | # are used, check the version directly in the LZ4 include file | |
1189 | if test "${have_lz4}" != "yes"; then | |
1190 | AC_CHECK_HEADERS([lz4.h], | |
1191 | [have_lz4h="yes"], | |
1192 | []) | |
1193 | ||
1194 | if test "${have_lz4h}" = "yes" ; then | |
1195 | AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1]) | |
1196 | AC_COMPILE_IFELSE( | |
1197 | [AC_LANG_PROGRAM([[ | |
1198 | #include <lz4.h> | |
1199 | ]], | |
1200 | [[ | |
1201 | /* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */ | |
1202 | #if LZ4_VERSION_NUMBER < 10701L | |
1203 | #error LZ4 is too old | |
1204 | #endif | |
1205 | ]] | |
1206 | )], | |
1207 | [ | |
1208 | AC_MSG_RESULT([ok]) | |
1209 | have_lz4="yes" | |
1210 | ], | |
24596b25 | 1211 | [AC_MSG_ERROR([system LZ4 library is too old])] |
5f6225c3 DS |
1212 | ) |
1213 | fi | |
1214 | fi | |
40efb635 | 1215 | |
f91e4863 DS |
1216 | # Double check we have a few needed functions |
1217 | if test "${have_lz4}" = "yes" ; then | |
5f6225c3 | 1218 | AC_CHECK_LIB([lz4], |
f91e4863 DS |
1219 | [LZ4_compress_default], |
1220 | [], | |
1221 | [have_lz4="no"]) | |
1222 | AC_CHECK_LIB([lz4], | |
1223 | [LZ4_decompress_safe], | |
1224 | [], | |
5f6225c3 | 1225 | [have_lz4="no"]) |
40efb635 GD |
1226 | fi |
1227 | ||
5f6225c3 | 1228 | if test "${have_lz4}" != "yes" ; then |
24596b25 | 1229 | AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4]) |
4308f237 | 1230 | LZ4_LIBS="" |
40efb635 GD |
1231 | fi |
1232 | OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}" | |
1233 | OPTIONAL_LZ4_LIBS="${LZ4_LIBS}" | |
5f6225c3 | 1234 | AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library]) |
40efb635 | 1235 | CFLAGS="${saved_CFLAGS}" |
5f6225c3 | 1236 | LIBS="${saved_LIBS}" |
40efb635 GD |
1237 | fi |
1238 | ||
1239 | ||
f33ee6bc DS |
1240 | dnl |
1241 | dnl Check for systemd | |
1242 | dnl | |
3280d8c8 | 1243 | AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"]) |
f33ee6bc DS |
1244 | if test "$enable_systemd" = "yes" ; then |
1245 | PKG_CHECK_MODULES([libsystemd], [systemd libsystemd], | |
1246 | [], | |
1247 | [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])] | |
1248 | ) | |
8ba3e258 DS |
1249 | |
1250 | PKG_CHECK_EXISTS( [libsystemd > 216], | |
1251 | [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1], | |
1252 | [systemd is newer than v216])] | |
1253 | ) | |
1254 | ||
f33ee6bc DS |
1255 | AC_CHECK_HEADERS(systemd/sd-daemon.h, |
1256 | , | |
1257 | [ | |
1258 | AC_MSG_ERROR([systemd development headers not found.]) | |
1259 | ]) | |
1260 | ||
1261 | saved_LIBS="${LIBS}" | |
1262 | LIBS="${LIBS} ${libsystemd_LIBS}" | |
1263 | AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])]) | |
1264 | OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" | |
1265 | AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) | |
1266 | LIBS="${saved_LIBS}" | |
ca5b4c2a CH |
1267 | |
1268 | if test -n "${SYSTEMD_UNIT_DIR}"; then | |
1269 | systemdunitdir="${SYSTEMD_UNIT_DIR}" | |
1270 | else | |
1271 | systemdunitdir="\${libdir}/systemd/system" | |
1272 | fi | |
3de7be7b CH |
1273 | |
1274 | if test -n "${TMPFILES_DIR}"; then | |
1275 | tmpfilesdir="${TMPFILES_DIR}" | |
1276 | else | |
1277 | tmpfilesdir="\${libdir}/tmpfiles.d" | |
1278 | fi | |
f33ee6bc | 1279 | fi |
40efb635 | 1280 | |
38d96bd7 | 1281 | |
7046ff20 ABL |
1282 | AC_MSG_CHECKING([git checkout]) |
1283 | GIT_CHECKOUT="no" | |
1284 | if test -n "${GIT}" -a -d "${srcdir}/.git"; then | |
1285 | AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h]) | |
1286 | GIT_CHECKOUT="yes" | |
1287 | fi | |
1288 | AC_MSG_RESULT([${GIT_CHECKOUT}]) | |
1289 | ||
51bd56f4 ABL |
1290 | dnl enable --x509-username-field feature if requested |
1291 | if test "${enable_x509_alt_username}" = "yes"; then | |
86d8cd68 SK |
1292 | if test "${with_crypto_library}" = "mbedtls" ; then |
1293 | AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature]) | |
51bd56f4 ABL |
1294 | fi |
1295 | ||
1296 | AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature]) | |
1297 | fi | |
1298 | ||
51bd56f4 | 1299 | test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability]) |
51bd56f4 ABL |
1300 | test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support]) |
1301 | test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size]) | |
1302 | test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support]) | |
1303 | test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing]) | |
c3fc703d | 1304 | |
cf49ff50 | 1305 | test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes]) |
5defbba4 SK |
1306 | if test "${have_export_keying_material}" = "yes"; then |
1307 | AC_DEFINE( | |
1308 | [HAVE_EXPORT_KEYING_MATERIAL], [1], | |
1309 | [Crypto library supports keying material exporter] | |
1310 | ) | |
1311 | fi | |
cf49ff50 AQ |
1312 | OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}" |
1313 | OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}" | |
9b33b5a4 | 1314 | |
bdae4110 | 1315 | if test "${enable_plugins}" = "yes"; then |
bdae4110 | 1316 | OPTIONAL_DL_LIBS="${DL_LIBS}" |
8065cd1c | 1317 | AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support]) |
ce8271f5 ABL |
1318 | else |
1319 | enable_plugin_auth_pam="no" | |
1320 | enable_plugin_down_root="no" | |
bdae4110 ABL |
1321 | fi |
1322 | ||
1e894662 AQ |
1323 | AM_CONDITIONAL([HAVE_SITNL], [false]) |
1324 | ||
c3fc703d | 1325 | if test "${enable_iproute2}" = "yes"; then |
e34437c2 | 1326 | test "${enable_dco}" = "yes" && AC_MSG_ERROR([iproute2 support cannot be enabled when using DCO]) |
c3fc703d ABL |
1327 | test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing]) |
1328 | AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support]) | |
c6542257 AQ |
1329 | else if test "${have_sitnl}" = "yes"; then |
1330 | AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support]) | |
1e894662 | 1331 | AM_CONDITIONAL([HAVE_SITNL], [true]) |
c6542257 AQ |
1332 | else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then |
1333 | test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing]) | |
1334 | test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing]) | |
1335 | fi | |
1336 | fi | |
c3fc703d | 1337 | fi |
51bd56f4 | 1338 | |
cd5990e0 ABL |
1339 | if test "${enable_selinux}" = "yes"; then |
1340 | test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing]) | |
1341 | OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}" | |
1342 | AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support]) | |
1343 | fi | |
1344 | ||
74bbc71b ABL |
1345 | if test "${enable_lzo}" = "yes"; then |
1346 | test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing]) | |
1347 | OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}" | |
1348 | OPTIONAL_LZO_LIBS="${LZO_LIBS}" | |
1349 | AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library]) | |
1350 | fi | |
38d96bd7 JY |
1351 | if test "${enable_comp_stub}" = "yes"; then |
1352 | test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)]) | |
40efb635 | 1353 | test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)]) |
38d96bd7 | 1354 | AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability]) |
07084261 ABL |
1355 | fi |
1356 | ||
3013fde1 | 1357 | AM_CONDITIONAL([HAVE_SOFTHSM2], [false]) |
18b5fbdf ABL |
1358 | if test "${enable_pkcs11}" = "yes"; then |
1359 | test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing]) | |
18b5fbdf ABL |
1360 | OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}" |
1361 | OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}" | |
1362 | AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11]) | |
3c6d3220 DW |
1363 | PKG_CHECK_MODULES( |
1364 | [P11KIT], | |
1365 | [p11-kit-1], | |
1366 | [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`" | |
1367 | AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])], | |
1368 | [] | |
1369 | ) | |
3013fde1 SN |
1370 | # |
1371 | # softhsm2 for pkcs11 tests | |
1372 | # | |
1373 | AC_ARG_VAR([P11TOOL], [full path to p11tool]) | |
1374 | AC_PATH_PROGS([P11TOOL], [p11tool],, [$PATH:/usr/local/bin:/usr/bin:/bin]) | |
1375 | AC_DEFINE_UNQUOTED([P11TOOL_PATH], ["$P11TOOL"], [Path to p11tool]) | |
1376 | AC_ARG_VAR([SOFTHSM2_UTIL], [full path to softhsm2-util]) | |
1377 | AC_ARG_VAR([SOFTHSM2_MODULE], [full path to softhsm2 module @<:@default=/usr/lib/softhsm/libsofthsm2.so@:>@]) | |
1378 | AC_PATH_PROGS([SOFTHSM2_UTIL], [softhsm2-util],, [$PATH:/usr/local/bin:/usr/bin:/bin]) | |
1379 | test -z "$SOFTHSM2_MODULE" && SOFTHSM2_MODULE=/usr/lib/softhsm/libsofthsm2.so | |
1380 | AC_DEFINE_UNQUOTED([SOFTHSM2_UTIL_PATH], ["$SOFTHSM2_UTIL"], [Path to softhsm2-util]) | |
1381 | AC_DEFINE_UNQUOTED([SOFTHSM2_MODULE_PATH], ["$SOFTHSM2_MODULE"], [Path to softhsm2 module]) | |
1382 | if test "${with_crypto_library}" = "openssl"; then | |
1383 | AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${P11TOOL}" -a "${SOFTHSM2_UTIL}" -a "${SOFTHSM2_MODULE}"]) | |
1384 | fi | |
18b5fbdf ABL |
1385 | fi |
1386 | ||
fb8033d4 SN |
1387 | # When testing a compiler option, we add -Werror to force |
1388 | # an error when the option is unsupported. This is not | |
1389 | # required for gcc, but some compilers such as clang needs it. | |
6a5d10e9 SK |
1390 | AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [ |
1391 | old_cflags="$CFLAGS" | |
fb8033d4 SN |
1392 | CFLAGS="$1 -Werror $CFLAGS" |
1393 | AC_MSG_CHECKING([whether the compiler accepts $1]) | |
1394 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags", | |
6a5d10e9 | 1395 | [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])] |
adbf68c0 | 1396 | ) |
6a5d10e9 | 1397 | |
46d09607 | 1398 | ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation]) |
6a5d10e9 | 1399 | ACL_CHECK_ADD_COMPILE_FLAGS([-Wall]) |
adbf68c0 | 1400 | |
51bd56f4 ABL |
1401 | if test "${enable_pedantic}" = "yes"; then |
1402 | enable_strict="yes" | |
31444111 | 1403 | CFLAGS="${CFLAGS} -pedantic" |
058f0efd | 1404 | AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode]) |
51bd56f4 ABL |
1405 | fi |
1406 | if test "${enable_strict}" = "yes"; then | |
adbf68c0 | 1407 | CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized" |
99385447 | 1408 | fi |
51194ffd SK |
1409 | if test "${enable_werror}" = "yes"; then |
1410 | CFLAGS="${CFLAGS} -Werror" | |
1411 | fi | |
99385447 | 1412 | |
ce8271f5 ABL |
1413 | if test "${enable_plugin_auth_pam}" = "yes"; then |
1414 | PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}" | |
1415 | if test "${enable_pam_dlopen}" = "yes"; then | |
1416 | AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam]) | |
1417 | PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}" | |
1418 | else | |
1419 | test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing]) | |
1420 | PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}" | |
1421 | fi | |
1422 | fi | |
1423 | ||
0d1a75bf | 1424 | if test "${enable_async_push}" = "yes"; then |
e1eb630d LS |
1425 | case "$host" in |
1426 | *-*-freebsd*) | |
1427 | PKG_CHECK_MODULES( | |
1428 | [OPTIONAL_INOTIFY], | |
1429 | [libinotify], | |
1430 | [ | |
1431 | AC_DEFINE([HAVE_SYS_INOTIFY_H]) | |
1432 | AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]) | |
1433 | ] | |
1434 | ) | |
1435 | ;; | |
1436 | *) | |
1437 | AC_CHECK_HEADERS( | |
1438 | [sys/inotify.h], | |
1439 | AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]), | |
1440 | AC_MSG_ERROR([inotify.h not found.]) | |
1441 | ) | |
1442 | ;; | |
1443 | esac | |
0d1a75bf LS |
1444 | fi |
1445 | ||
fcff80aa ABL |
1446 | CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`" |
1447 | AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings]) | |
1448 | ||
ac2447cd ABL |
1449 | TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID" |
1450 | TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR" | |
1451 | TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR" | |
1452 | AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id]) | |
1453 | AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN]) | |
1454 | AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN]) | |
1455 | AC_SUBST([TAP_WIN_COMPONENT_ID]) | |
1456 | AC_SUBST([TAP_WIN_MIN_MAJOR]) | |
1457 | AC_SUBST([TAP_WIN_MIN_MINOR]) | |
1bda73a7 | 1458 | |
bdae4110 | 1459 | AC_SUBST([OPTIONAL_DL_LIBS]) |
cd5990e0 | 1460 | AC_SUBST([OPTIONAL_SELINUX_LIBS]) |
9b33b5a4 ABL |
1461 | AC_SUBST([OPTIONAL_CRYPTO_CFLAGS]) |
1462 | AC_SUBST([OPTIONAL_CRYPTO_LIBS]) | |
74bbc71b ABL |
1463 | AC_SUBST([OPTIONAL_LZO_CFLAGS]) |
1464 | AC_SUBST([OPTIONAL_LZO_LIBS]) | |
40efb635 GD |
1465 | AC_SUBST([OPTIONAL_LZ4_CFLAGS]) |
1466 | AC_SUBST([OPTIONAL_LZ4_LIBS]) | |
f33ee6bc | 1467 | AC_SUBST([OPTIONAL_SYSTEMD_LIBS]) |
18b5fbdf ABL |
1468 | AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) |
1469 | AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) | |
e1eb630d LS |
1470 | AC_SUBST([OPTIONAL_INOTIFY_CFLAGS]) |
1471 | AC_SUBST([OPTIONAL_INOTIFY_LIBS]) | |
bdae4110 | 1472 | |
ce8271f5 ABL |
1473 | AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS]) |
1474 | AC_SUBST([PLUGIN_AUTH_PAM_LIBS]) | |
1475 | ||
51bd56f4 | 1476 | AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"]) |
7046ff20 | 1477 | AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"]) |
ce8271f5 ABL |
1478 | AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"]) |
1479 | AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"]) | |
f91ab283 | 1480 | AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"]) |
542c69c3 | 1481 | AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"]) |
1bda73a7 | 1482 | |
880a2ae9 | 1483 | sampledir="\$(docdir)/sample" |
ce8271f5 | 1484 | AC_SUBST([plugindir]) |
880a2ae9 ABL |
1485 | AC_SUBST([sampledir]) |
1486 | ||
ca5b4c2a | 1487 | AC_SUBST([systemdunitdir]) |
3de7be7b | 1488 | AC_SUBST([tmpfilesdir]) |
ca5b4c2a | 1489 | |
222e6917 GD |
1490 | AC_ARG_ENABLE( |
1491 | [unit-tests], | |
1492 | [AS_HELP_STRING([--disable-unit-tests], | |
1493 | [Disables building and running the unit tests suite])], | |
1494 | [], | |
1495 | [enable_unit_tests="yes"] | |
1496 | ) | |
1497 | ||
1498 | # Check if cmocka is available - needed for unit testing | |
1499 | PKG_CHECK_MODULES( | |
1500 | [CMOCKA], [cmocka], | |
1501 | [have_cmocka="yes"], | |
1502 | [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])] | |
1503 | ) | |
1504 | AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ]) | |
1505 | AC_SUBST([ENABLE_UNITTESTS]) | |
1506 | ||
7473f326 | 1507 | TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}" |
222e6917 | 1508 | TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}" |
7473f326 SK |
1509 | TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}" |
1510 | TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}" | |
222e6917 | 1511 | TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}" |
40cb4cfc JN |
1512 | |
1513 | AC_SUBST([TEST_LDFLAGS]) | |
1514 | AC_SUBST([TEST_CFLAGS]) | |
1515 | ||
51bd56f4 | 1516 | AC_CONFIG_FILES([ |
1bda73a7 | 1517 | Makefile |
98bc1a3e | 1518 | build/Makefile |
34cb9132 | 1519 | distro/Makefile |
ca5b4c2a | 1520 | distro/systemd/Makefile |
66bf378e SK |
1521 | doc/Makefile |
1522 | doc/doxygen/Makefile | |
1523 | doc/doxygen/openvpn.doxyfile | |
34cb9132 | 1524 | include/Makefile |
0b5141d8 | 1525 | sample/sample-plugins/Makefile |
34cb9132 | 1526 | src/Makefile |
dc81e743 | 1527 | src/compat/Makefile |
34cb9132 | 1528 | src/openvpn/Makefile |
ce68686f | 1529 | src/openvpnmsica/Makefile |
34cb9132 | 1530 | src/openvpnserv/Makefile |
ce8271f5 ABL |
1531 | src/plugins/Makefile |
1532 | src/plugins/auth-pam/Makefile | |
1533 | src/plugins/down-root/Makefile | |
ce68686f | 1534 | src/tapctl/Makefile |
34cb9132 | 1535 | tests/Makefile |
40cb4cfc JN |
1536 | tests/unit_tests/Makefile |
1537 | tests/unit_tests/example_test/Makefile | |
698e268a | 1538 | tests/unit_tests/openvpn/Makefile |
ac42df1a SK |
1539 | tests/unit_tests/plugins/Makefile |
1540 | tests/unit_tests/plugins/auth-pam/Makefile | |
34cb9132 | 1541 | sample/Makefile |
1bda73a7 | 1542 | ]) |
34cb9132 | 1543 | AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh]) |
51bd56f4 | 1544 | AC_OUTPUT |