1 dnl OpenVPN -- An application to securely tunnel IP networks
2 dnl over a single UDP port, with support for SSL/TLS-based
3 dnl session authentication and key exchange,
4 dnl packet encryption, packet authentication, and
5 dnl packet compression.
7 dnl Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
8 dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
10 dnl This program is free software; you can redistribute it and/or modify
11 dnl it under the terms of the GNU General Public License as published by
12 dnl the Free Software Foundation; either version 2 of the License, or
13 dnl (at your option) any later version.
15 dnl This program is distributed in the hope that it will be useful,
16 dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
17 dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 dnl GNU General Public License for more details.
20 dnl You should have received a copy of the GNU General Public License along
21 dnl with this program; if not, write to the Free Software Foundation, Inc.,
22 dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 dnl Process this file with autoconf to produce a configure script.
28 m4_include(version.m4)
29 AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME])
31 AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format])
32 AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version])
33 AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version])
34 AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer])
35 AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer])
36 AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer])
37 AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer])
39 AC_CONFIG_AUX_DIR([.])
40 AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h])
41 AC_CONFIG_SRCDIR([src/openvpn/syshead.h])
42 AC_CONFIG_MACRO_DIR([m4])
44 dnl Initialize automake. automake < 1.12 didn't have serial-tests and
45 dnl gives an error if it sees this, but for automake >= 1.13
46 dnl serial-tests is required so we have to include it. Solution is to
47 dnl test for the version of automake (by running an external command)
48 dnl and provide it if necessary. Note we have to do this entirely using
49 dnl m4 macros since automake queries this macro by running
50 dnl 'autoconf --trace ...'.
51 m4_define([serial_tests], [
52 m4_esyscmd([automake --version |
54 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 12) { print "serial-tests" }}'
58 dnl Automake 1.14+ warns if sources are in sub-directories but subdir-objects
59 dnl options is not enabled. However, automake before 1.15a has a bug that causes
60 dnl variable expansion to fail in foo_SOURCES when this option is used.
61 dnl As most of our build systems are now likely to use automake 1.16+ add a
62 dnl work around to conditionally add subdir-objects option.
63 m4_define([subdir_objects], [
64 m4_esyscmd([automake --version |
66 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 16) { print "subdir-objects" }}'
70 # This foreign option prevents autoreconf from overriding our COPYING and
72 AM_INIT_AUTOMAKE(foreign serial_tests subdir_objects 1.9) dnl NB: Do not [quote] this parameter.
74 AC_USE_SYSTEM_EXTENSIONS
78 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])],
85 [AS_HELP_STRING([--disable-lz4], [disable LZ4 compression support @<:@default=yes@:>@])],
86 [enable_lz4="$enableval"],
92 [AS_HELP_STRING([--enable-comp-stub], [disable compression support but still allow limited interoperability with compression-enabled peers @<:@default=no@:>@])],
93 [enable_comp_stub="$enableval"],
94 [enable_comp_stub="no"]
99 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
101 [enable_crypto_ofb_cfb="yes"]
106 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])],
108 [enable_x509_alt_username="no"]
113 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
115 [enable_plugins="yes"]
120 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])],
122 [enable_management="yes"]
127 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])],
134 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])],
136 [enable_fragment="yes"]
141 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])],
143 [enable_port_share="yes"]
148 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])],
155 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])],
162 [AS_HELP_STRING([--disable-dco], [disable data channel offload support using the ovpn-dco kernel module @<:@default=yes@:>@ on Linux/FreeBSD, can't disable on Windows])],
173 # note that this does not disable it for Windows
182 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 (disables DCO) @<:@default=no@:>@])],
184 [enable_iproute2="no"]
189 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])],
193 *-*-openbsd*) enable_plugin_auth_pam="no";;
194 *-mingw*) enable_plugin_auth_pam="no";;
195 *) enable_plugin_auth_pam="yes";;
202 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])],
206 *-mingw*) enable_plugin_down_root="no";;
207 *) enable_plugin_down_root="yes";;
214 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])],
216 [enable_pam_dlopen="no"]
221 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])],
228 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])],
230 [enable_pedantic="no"]
235 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])],
242 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])],
244 [enable_strict_options="no"]
249 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])],
251 [enable_selinux="no"]
256 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])],
258 [enable_systemd="no"]
263 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])],
265 [enable_async_push="no"]
270 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
271 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])]
276 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])],
279 dmalloc|valgrind|ssl|no) ;;
280 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;;
283 [with_mem_check="no"]
288 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])],
291 openssl|mbedtls|wolfssl) ;;
292 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
295 [with_crypto_library="openssl"]
300 [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])],
302 [enable_wolfssl_options_h="yes"]
307 [AS_HELP_STRING([--with-openssl-engine], [enable engine support with OpenSSL. Default enabled for OpenSSL < 3.0, auto,yes,no @<:@default=auto@:>@])],
311 *) AC_MSG_ERROR([bad value ${withval} for --with-engine]) ;;
314 [with_openssl_engine="auto"]
317 AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
318 if test -n "${PLUGINDIR}"; then
319 plugindir="${PLUGINDIR}"
321 plugindir="\${libdir}/openvpn/plugins"
324 AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
325 AM_CONDITIONAL([TARGET_LINUX], [false])
328 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?])
329 AM_CONDITIONAL([TARGET_LINUX], [true])
330 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix])
334 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?])
335 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix])
336 CPPFLAGS="$CPPFLAGS -D_XPG4_2"
337 test -x /bin/bash && SHELL="/bin/bash"
340 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
341 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix])
344 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?])
345 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix])
348 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?])
349 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix])
352 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?])
353 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix])
354 have_tap_header="yes"
355 ac_cv_type_struct_in_pktinfo=no
358 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?])
359 AC_DEFINE([ENABLE_DCO], [1], [DCO is always enabled on Windows])
360 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix])
361 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN"
362 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA"
366 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?])
367 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix])
370 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?])
371 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix])
372 ROUTE="/usr/sbin/route"
373 have_tap_header="yes"
374 ac_cv_header_net_if_h="no" # exists, but breaks things
377 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
378 have_tap_header="yes"
382 AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes")
391 AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility])
392 AC_ARG_VAR([ROUTE], [full path to route utility])
393 AC_ARG_VAR([IPROUTE], [full path to ip utility])
394 AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
395 AC_ARG_VAR([GIT], [path to git utility])
396 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
397 AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@])
398 AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@])
399 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
400 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
401 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
402 AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin])
403 AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests
404 AC_CHECK_PROGS([GIT], [git]) # optional
405 AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool])
406 AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool])
407 AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool])
408 AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool])
411 # man page generation - based on python-docutils
413 AC_ARG_VAR([RST2MAN], [path to rst2man utility])
414 AC_ARG_VAR([RST2HTML], [path to rst2html utility])
415 AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py])
416 AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py])
417 AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"])
419 # Set -std=c99 unless user already specified a -std=
422 *) CFLAGS="${CFLAGS} -std=c99" ;;
432 LT_LANG([Windows Resource])
450 AC_CHECK_SIZEOF([unsigned int])
451 AC_CHECK_SIZEOF([unsigned long])
454 sys/types.h sys/socket.h \
457 netinet/tcp.h arpa/inet.h netdb.h \
461 sys/time.h sys/ioctl.h sys/stat.h \
462 sys/mman.h sys/file.h sys/wait.h \
463 unistd.h libgen.h stropts.h \
464 syslog.h pwd.h grp.h termios.h \
465 sys/sockio.h sys/uio.h linux/sockios.h \
466 linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \
471 #ifdef HAVE_SYS_TYPES_H
472 #include <sys/types.h>
474 #ifdef HAVE_SYS_SOCKET_H
475 #include <sys/socket.h>
480 #ifdef HAVE_NETINET_IN_H
481 #include <netinet/in.h>
487 #include <winsock2.h>
490 #include <ws2tcpip.h>
492 #ifdef HAVE_NETINET_IP_H
493 #include <netinet/ip.h>
498 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h],
501 [[${SOCKET_INCLUDES}]]
507 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])],
508 [[${SOCKET_INCLUDES}]]
513 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])],
514 [[${SOCKET_INCLUDES}]]
518 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])],
520 [[${SOCKET_INCLUDES}]]
524 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])],
526 [[${SOCKET_INCLUDES}]]
530 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])],
532 [[${SOCKET_INCLUDES}]]
536 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])],
538 [[${SOCKET_INCLUDES}]]
542 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])],
544 [[${SOCKET_INCLUDES}]]
547 [struct in_pktinfo.ipi_spec_dst],
548 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])],
550 [[${SOCKET_INCLUDES}]]
553 [struct sockaddr_in6],
555 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])],
556 [[${SOCKET_INCLUDES}]]
562 [[${SOCKET_INCLUDES}]]
564 AC_MSG_CHECKING([anonymous union support])
582 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions])
584 [AC_MSG_RESULT([no])]
587 saved_LDFLAGS="$LDFLAGS"
588 LDFLAGS="$LDFLAGS -Wl,--wrap=exit"
589 AC_MSG_CHECKING([linker supports --wrap])
594 void __real_exit(int);
595 void __wrap_exit(int i) {
605 have_ld_wrap_support=yes
607 [AC_MSG_RESULT([no])],
609 LDFLAGS="$saved_LDFLAGS"
611 dnl We emulate signals in Windows
615 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])],
623 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])],
631 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])],
639 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])],
647 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])],
656 daemon chroot getpwnam setuid nice system dup dup2 \
657 syslog openlog mlockall getrlimit getgrnam setgid \
658 setgroups flock readv writev time gettimeofday \
660 chsize ftruncate execve getpeereid basename dirname access \
661 epoll_create strsep \
674 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"]
679 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"]
684 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"]
686 AC_SUBST([SOCKETS_LIBS])
689 LIBS="${LIBS} ${SOCKETS_LIBS}"
690 AC_CHECK_FUNCS([sendmsg recvmsg])
694 # we assume res_init() always exist, but need to find out *where*...
695 AC_SEARCH_LIBS(__res_init, resolv bind, ,
696 AC_SEARCH_LIBS(res_9_init, resolv bind, ,
697 AC_SEARCH_LIBS(res_init, resolv bind, , )))
699 AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap])
700 old_CFLAGS="${CFLAGS}"
701 CFLAGS="${CFLAGS} ${TAP_CFLAGS}"
704 net/if_tun.h net/tun/if_tun.h \
708 [have_tap_header="yes"]
712 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])],
715 #ifdef HAVE_LINUX_IF_TUN_H
716 #include <linux/if_tun.h>
720 CFLAGS="${old_CFLAGS}"
721 test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found])
726 [SELINUX_LIBS="-lselinux"]
728 AC_SUBST([SELINUX_LIBS])
730 AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam])
731 AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam])
732 if test -z "${LIBPAM_LIBS}"; then
736 [LIBPAM_LIBS="-lpam"]
740 case "${with_mem_check}" in
743 [valgrind/memcheck.h],
745 CFLAGS="${CFLAGS} -g -fno-inline"
749 [Use valgrind memory debugging library]
752 [AC_MSG_ERROR([valgrind headers not found.])]
762 LIBS="${LIBS} -ldmalloc"
766 [Use dmalloc memory debugging library]
769 [AC_MSG_ERROR([dmalloc library not found.])]
771 [AC_MSG_ERROR([dmalloc headers not found.])]
782 [Use memory debugging function in OpenSSL]
784 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG])
786 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])]
793 [libpkcs11-helper-1 >= 1.11],
794 [have_pkcs11_helper="yes"],
799 if test "$enable_dco" != "no"; then
800 enable_dco_arg="$enable_dco"
801 if test "${enable_iproute2}" = "yes"; then
802 AC_MSG_WARN([DCO cannot be enabled when using iproute2])
807 if test "$enable_dco" = "no"; then
808 if test "$enable_dco_arg" = "auto"; then
809 AC_MSG_WARN([DCO support disabled])
811 AC_MSG_ERROR([DCO support can't be enabled])
815 dnl Include generic netlink library used to talk to ovpn-dco
817 PKG_CHECK_MODULES([LIBNL_GENL],
818 [libnl-genl-3.0 >= 3.4.0],
821 AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO])
824 CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}"
825 LIBS="${LIBS} ${LIBNL_GENL_LIBS}"
827 AC_DEFINE(ENABLE_DCO, 1, [Enable shared data channel offload])
828 AC_MSG_NOTICE([Enabled ovpn-dco support for Linux])
832 AC_CHECK_HEADERS([net/if_ovpn.h],
835 AC_DEFINE(ENABLE_DCO, 1, [Enable data channel offload for FreeBSD])
836 AC_MSG_NOTICE([Enabled ovpn-dco support for FreeBSD])
840 AC_MSG_WARN([DCO header not found.])
843 if test "$enable_dco" = "no"; then
844 if test "$enable_dco_arg" = "auto"; then
845 AC_MSG_WARN([DCO support disabled])
847 AC_MSG_ERROR([DCO support can't be enabled])
852 AC_MSG_NOTICE([NOTE: --enable-dco ignored on Windows because it's always enabled])
855 AC_MSG_NOTICE([Ignoring --enable-dco on non supported platform])
861 dnl Depend on libcap-ng on Linux
865 PKG_CHECK_MODULES([LIBCAPNG],
868 [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])]
870 AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])])
872 CFLAGS="${CFLAGS} ${LIBCAPNG_CFLAGS}"
873 LIBS="${LIBS} ${LIBCAPNG_LIBS}"
874 AC_DEFINE(HAVE_LIBCAPNG, 1, [Enable libcap-ng support])
879 if test "${with_crypto_library}" = "openssl"; then
880 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL])
881 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL])
883 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then
884 # if the user did not explicitly specify flags, try to autodetect
888 [have_openssl="yes"],
889 [] # If this fails, we will do another test next
891 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
894 saved_CFLAGS="${CFLAGS}"
896 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}"
897 LIBS="${LIBS} ${OPENSSL_LIBS}"
899 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars
900 # are used, check the version directly in the OpenSSL include file
901 if test "${have_openssl}" != "yes"; then
902 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2])
906 #include <openssl/opensslv.h>
909 /* Version encoding: MNNFFPPS - see opensslv.h for details */
910 #if OPENSSL_VERSION_NUMBER < 0x10002000L
911 #error OpenSSL too old
915 [AC_MSG_RESULT([ok])],
916 [AC_MSG_ERROR([OpenSSL version too old])]
920 AC_CHECK_FUNCS([SSL_CTX_new],
922 [AC_MSG_ERROR([openssl check failed])]
925 if test "${with_openssl_engine}" = "auto"; then
929 #include <openssl/opensslv.h>
932 /* Version encoding: MNNFFPPS - see opensslv.h for details */
933 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
934 #error Engine supported disabled by default in OpenSSL 3.0+
938 [have_openssl_engine="yes"],
939 [have_openssl_engine="no"]
941 if test "${have_openssl_engine}" = "yes"; then
944 ENGINE_load_builtin_engines \
945 ENGINE_register_all_complete \
948 [have_openssl_engine="no"; break]
952 have_openssl_engine="${with_openssl_engine}"
953 if test "${have_openssl_engine}" = "yes"; then
956 ENGINE_load_builtin_engines \
957 ENGINE_register_all_complete \
960 [AC_MSG_ERROR([OpenSSL engine support not found])]
964 if test "${have_openssl_engine}" = "yes"; then
965 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available])
971 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])]
974 # All supported OpenSSL version (>= 1.0.2)
976 have_export_keying_material="yes"
978 CFLAGS="${saved_CFLAGS}"
981 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
982 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}"
983 CRYPTO_LIBS="${OPENSSL_LIBS}"
984 elif test "${with_crypto_library}" = "mbedtls"; then
985 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls])
986 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls])
988 saved_CFLAGS="${CFLAGS}"
991 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then
992 # if the user did not explicitly specify flags, try to autodetect
993 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"
997 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
998 [AC_MSG_ERROR([Could not find mbed TLS.])],
999 [${PKCS11_HELPER_LIBS}]
1003 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}"
1004 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}"
1006 AC_MSG_CHECKING([mbedtls version])
1010 #include <mbedtls/version.h>
1013 #if MBEDTLS_VERSION_NUMBER < 0x02000000 || MBEDTLS_VERSION_NUMBER >= 0x03000000
1014 #error invalid version
1018 [AC_MSG_RESULT([ok])],
1019 [AC_MSG_ERROR([mbed TLS 2.y.z required])]
1024 mbedtls_cipher_write_tag \
1025 mbedtls_cipher_check_tag \
1028 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])]
1031 have_export_keying_material="yes"
1033 [mbedtls_ssl_conf_export_keys_ext_cb],
1035 [have_export_keying_material="no"]
1039 [mbedtls_ctr_drbg_update_ret],
1040 AC_DEFINE([HAVE_CTR_DRBG_UPDATE_RET], [1],
1041 [Use mbedtls_ctr_drbg_update_ret from mbed TLS]),
1044 CFLAGS="${saved_CFLAGS}"
1045 LIBS="${saved_LIBS}"
1046 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
1047 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
1048 CRYPTO_LIBS="${MBEDTLS_LIBS}"
1050 elif test "${with_crypto_library}" = "wolfssl"; then
1051 AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should
1052 contain the regular wolfSSL header files but also the
1053 wolfSSL OpenSSL header files. Ex: -I/usr/local/include
1054 -I/usr/local/include/wolfssl])
1055 AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl])
1057 saved_CFLAGS="${CFLAGS}"
1058 saved_LIBS="${LIBS}"
1060 if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then
1061 # if the user did not explicitly specify flags, try to autodetect
1066 [AC_MSG_ERROR([Could not find wolfSSL.])]
1069 [WOLFSSL_INCLUDEDIR],
1073 [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])]
1075 WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl"
1077 saved_CFLAGS="${CFLAGS}"
1078 saved_LIBS="${LIBS}"
1079 CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}"
1080 LIBS="${LIBS} ${WOLFSSL_LIBS}"
1086 [AC_MSG_ERROR([Could not link wolfSSL library.])]
1088 AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
1090 # wolfSSL signal EKM support
1091 have_export_keying_material="yes"
1093 if test "${enable_wolfssl_options_h}" = "yes"; then
1094 AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
1096 AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library])
1099 have_export_keying_material="yes"
1101 CFLAGS="${saved_CFLAGS}"
1102 LIBS="${saved_LIBS}"
1104 AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library])
1105 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer])
1106 CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}"
1107 CRYPTO_LIBS="${WOLFSSL_LIBS}"
1109 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
1112 AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo])
1113 AC_ARG_VAR([LZO_LIBS], [linker flags for lzo])
1115 if test -z "${LZO_LIBS}"; then
1118 [lzo1x_1_15_compress],
1119 [LZO_LIBS="-llzo2"],
1122 [lzo1x_1_15_compress],
1128 if test "${have_lzo}" = "yes"; then
1129 saved_CFLAGS="${CFLAGS}"
1130 CFLAGS="${CFLAGS} ${LZO_CFLAGS}"
1137 [AC_MSG_ERROR([lzoutil.h is missing])]
1146 [AC_MSG_ERROR([lzo1x.h is missing])]
1149 CFLAGS="${saved_CFLAGS}"
1153 dnl check for LZ4 library
1156 AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
1157 AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
1158 if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
1159 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
1160 # if the user did not explicitly specify flags, try to autodetect
1161 PKG_CHECK_MODULES([LZ4],
1162 [liblz4 >= 1.7.1 liblz4 < 100],
1164 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
1165 # We also add set LZ4_LIBS otherwise the
1166 # linker will not know about the lz4 library
1170 saved_CFLAGS="${CFLAGS}"
1171 saved_LIBS="${LIBS}"
1172 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
1173 LIBS="${LIBS} ${LZ4_LIBS}"
1175 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
1176 # are used, check the version directly in the LZ4 include file
1177 if test "${have_lz4}" != "yes"; then
1178 AC_CHECK_HEADERS([lz4.h],
1182 if test "${have_lz4h}" = "yes" ; then
1183 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
1189 /* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
1190 #if LZ4_VERSION_NUMBER < 10701L
1191 #error LZ4 is too old
1199 [AC_MSG_ERROR([system LZ4 library is too old])]
1204 # Double check we have a few needed functions
1205 if test "${have_lz4}" = "yes" ; then
1207 [LZ4_compress_default],
1211 [LZ4_decompress_safe],
1216 if test "${have_lz4}" != "yes" ; then
1217 AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4])
1220 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
1221 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
1222 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
1223 CFLAGS="${saved_CFLAGS}"
1224 LIBS="${saved_LIBS}"
1229 dnl Check for systemd
1231 AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"])
1232 if test "$enable_systemd" = "yes" ; then
1233 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd],
1235 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
1238 PKG_CHECK_EXISTS( [libsystemd > 216],
1239 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1],
1240 [systemd is newer than v216])]
1243 AC_CHECK_HEADERS(systemd/sd-daemon.h,
1246 AC_MSG_ERROR([systemd development headers not found.])
1249 saved_LIBS="${LIBS}"
1250 LIBS="${LIBS} ${libsystemd_LIBS}"
1251 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])])
1252 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
1253 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
1254 LIBS="${saved_LIBS}"
1256 if test -n "${SYSTEMD_UNIT_DIR}"; then
1257 systemdunitdir="${SYSTEMD_UNIT_DIR}"
1259 systemdunitdir="\${libdir}/systemd/system"
1262 if test -n "${TMPFILES_DIR}"; then
1263 tmpfilesdir="${TMPFILES_DIR}"
1265 tmpfilesdir="\${libdir}/tmpfiles.d"
1270 AC_MSG_CHECKING([git checkout])
1272 if test -n "${GIT}" -a -d "${srcdir}/.git"; then
1273 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h])
1276 AC_MSG_RESULT([${GIT_CHECKOUT}])
1278 dnl enable --x509-username-field feature if requested
1279 if test "${enable_x509_alt_username}" = "yes"; then
1280 if test "${with_crypto_library}" = "mbedtls" ; then
1281 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature])
1284 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature])
1287 test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
1288 test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
1289 test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size])
1290 test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
1291 test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
1293 test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
1294 if test "${have_export_keying_material}" = "yes"; then
1296 [HAVE_EXPORT_KEYING_MATERIAL], [1],
1297 [Crypto library supports keying material exporter]
1300 OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
1301 OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
1303 if test "${enable_plugins}" = "yes"; then
1304 OPTIONAL_DL_LIBS="${DL_LIBS}"
1305 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support])
1307 enable_plugin_auth_pam="no"
1308 enable_plugin_down_root="no"
1311 AM_CONDITIONAL([HAVE_SITNL], [false])
1313 if test "${enable_iproute2}" = "yes"; then
1314 test "${enable_dco}" = "yes" && AC_MSG_ERROR([iproute2 support cannot be enabled when using DCO])
1315 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing])
1316 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support])
1317 else if test "${have_sitnl}" = "yes"; then
1318 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support])
1319 AM_CONDITIONAL([HAVE_SITNL], [true])
1320 else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then
1321 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing])
1322 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing])
1327 if test "${enable_selinux}" = "yes"; then
1328 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing])
1329 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}"
1330 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support])
1333 if test "${enable_lzo}" = "yes"; then
1334 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing])
1335 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}"
1336 OPTIONAL_LZO_LIBS="${LZO_LIBS}"
1337 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1339 if test "${enable_comp_stub}" = "yes"; then
1340 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)])
1341 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)])
1342 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability])
1345 AM_CONDITIONAL([HAVE_SOFTHSM2], [false])
1346 if test "${enable_pkcs11}" = "yes"; then
1347 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
1348 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
1349 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
1350 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
1354 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`"
1355 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])],
1359 # softhsm2 for pkcs11 tests
1361 AC_ARG_VAR([P11TOOL], [full path to p11tool])
1362 AC_PATH_PROGS([P11TOOL], [p11tool],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1363 AC_DEFINE_UNQUOTED([P11TOOL_PATH], ["$P11TOOL"], [Path to p11tool])
1364 AC_ARG_VAR([SOFTHSM2_UTIL], [full path to softhsm2-util])
1365 AC_ARG_VAR([SOFTHSM2_MODULE], [full path to softhsm2 module @<:@default=/usr/lib/softhsm/libsofthsm2.so@:>@])
1366 AC_PATH_PROGS([SOFTHSM2_UTIL], [softhsm2-util],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1367 test -z "$SOFTHSM2_MODULE" && SOFTHSM2_MODULE=/usr/lib/softhsm/libsofthsm2.so
1368 AC_DEFINE_UNQUOTED([SOFTHSM2_UTIL_PATH], ["$SOFTHSM2_UTIL"], [Path to softhsm2-util])
1369 AC_DEFINE_UNQUOTED([SOFTHSM2_MODULE_PATH], ["$SOFTHSM2_MODULE"], [Path to softhsm2 module])
1370 if test "${with_crypto_library}" = "openssl"; then
1371 AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${P11TOOL}" -a "${SOFTHSM2_UTIL}" -a "${SOFTHSM2_MODULE}"])
1375 # When testing a compiler option, we add -Werror to force
1376 # an error when the option is unsupported. This is not
1377 # required for gcc, but some compilers such as clang needs it.
1378 AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [
1379 old_cflags="$CFLAGS"
1380 CFLAGS="$1 -Werror $CFLAGS"
1381 AC_MSG_CHECKING([whether the compiler accepts $1])
1382 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags",
1383 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])]
1386 ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation])
1387 ACL_CHECK_ADD_COMPILE_FLAGS([-Wall])
1389 if test "${enable_pedantic}" = "yes"; then
1391 CFLAGS="${CFLAGS} -pedantic"
1392 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode])
1394 if test "${enable_strict}" = "yes"; then
1395 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized"
1397 if test "${enable_werror}" = "yes"; then
1398 CFLAGS="${CFLAGS} -Werror"
1401 if test "${enable_plugin_auth_pam}" = "yes"; then
1402 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}"
1403 if test "${enable_pam_dlopen}" = "yes"; then
1404 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam])
1405 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}"
1407 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing])
1408 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}"
1412 if test "${enable_async_push}" = "yes"; then
1419 AC_DEFINE([HAVE_SYS_INOTIFY_H])
1420 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push])
1427 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]),
1428 AC_MSG_ERROR([inotify.h not found.])
1434 CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
1435 AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
1437 TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID"
1438 TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR"
1439 TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR"
1440 AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id])
1441 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN])
1442 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN])
1443 AC_SUBST([TAP_WIN_COMPONENT_ID])
1444 AC_SUBST([TAP_WIN_MIN_MAJOR])
1445 AC_SUBST([TAP_WIN_MIN_MINOR])
1447 AC_SUBST([OPTIONAL_DL_LIBS])
1448 AC_SUBST([OPTIONAL_SELINUX_LIBS])
1449 AC_SUBST([OPTIONAL_CRYPTO_CFLAGS])
1450 AC_SUBST([OPTIONAL_CRYPTO_LIBS])
1451 AC_SUBST([OPTIONAL_LZO_CFLAGS])
1452 AC_SUBST([OPTIONAL_LZO_LIBS])
1453 AC_SUBST([OPTIONAL_LZ4_CFLAGS])
1454 AC_SUBST([OPTIONAL_LZ4_LIBS])
1455 AC_SUBST([OPTIONAL_SYSTEMD_LIBS])
1456 AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS])
1457 AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS])
1458 AC_SUBST([OPTIONAL_INOTIFY_CFLAGS])
1459 AC_SUBST([OPTIONAL_INOTIFY_LIBS])
1461 AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS])
1462 AC_SUBST([PLUGIN_AUTH_PAM_LIBS])
1464 AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
1465 AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
1466 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
1467 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
1468 AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"])
1469 AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
1471 sampledir="\$(docdir)/sample"
1472 AC_SUBST([plugindir])
1473 AC_SUBST([sampledir])
1475 AC_SUBST([systemdunitdir])
1476 AC_SUBST([tmpfilesdir])
1480 [AS_HELP_STRING([--disable-unit-tests],
1481 [Disables building and running the unit tests suite])],
1483 [enable_unit_tests="yes"]
1486 # Check if cmocka is available - needed for unit testing
1489 [have_cmocka="yes"],
1490 [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])]
1492 AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ])
1493 AC_SUBST([ENABLE_UNITTESTS])
1495 TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}"
1496 TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}"
1497 TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}"
1498 TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}"
1499 TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}"
1501 AC_SUBST([TEST_LDFLAGS])
1502 AC_SUBST([TEST_CFLAGS])
1508 distro/systemd/Makefile
1510 doc/doxygen/Makefile
1511 doc/doxygen/openvpn.doxyfile
1513 sample/sample-plugins/Makefile
1516 src/openvpn/Makefile
1517 src/openvpnmsica/Makefile
1518 src/openvpnserv/Makefile
1519 src/plugins/Makefile
1520 src/plugins/auth-pam/Makefile
1521 src/plugins/down-root/Makefile
1524 tests/unit_tests/Makefile
1525 tests/unit_tests/example_test/Makefile
1526 tests/unit_tests/openvpn/Makefile
1527 tests/unit_tests/plugins/Makefile
1528 tests/unit_tests/plugins/auth-pam/Makefile
1529 tests/unit_tests/engine-key/Makefile
1532 AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])