]> git.ipfire.org Git - thirdparty/openvpn.git/blob - configure.ac
projects / thirdparty / openvpn.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
ntlm: Clarify details on NTLM phase 3 decoding
[thirdparty/openvpn.git] / configure.ac
1 dnl OpenVPN -- An application to securely tunnel IP networks
2 dnl over a single UDP port, with support for SSL/TLS-based
3 dnl session authentication and key exchange,
4 dnl packet encryption, packet authentication, and
5 dnl packet compression.
6 dnl
7 dnl Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
8 dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
9 dnl
10 dnl This program is free software; you can redistribute it and/or modify
11 dnl it under the terms of the GNU General Public License as published by
12 dnl the Free Software Foundation; either version 2 of the License, or
13 dnl (at your option) any later version.
14 dnl
15 dnl This program is distributed in the hope that it will be useful,
16 dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
17 dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 dnl GNU General Public License for more details.
19 dnl
20 dnl You should have received a copy of the GNU General Public License along
21 dnl with this program; if not, write to the Free Software Foundation, Inc.,
22 dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23
24 dnl Process this file with autoconf to produce a configure script.
25
26 AC_PREREQ(2.59)
27
28 m4_include(version.m4)
29 AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME])
30 m4_include(compat.m4)
31 AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format])
32 AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version])
33 AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version])
34 AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer])
35 AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer])
36 AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer])
37 AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer])
38
39 AC_CONFIG_AUX_DIR([.])
40 AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h])
41 AC_CONFIG_SRCDIR([src/openvpn/syshead.h])
42 AC_CONFIG_MACRO_DIR([m4])
43
44 dnl Initialize automake. automake < 1.12 didn't have serial-tests and
45 dnl gives an error if it sees this, but for automake >= 1.13
46 dnl serial-tests is required so we have to include it. Solution is to
47 dnl test for the version of automake (by running an external command)
48 dnl and provide it if necessary. Note we have to do this entirely using
49 dnl m4 macros since automake queries this macro by running
50 dnl 'autoconf --trace ...'.
51 m4_define([serial_tests], [
52 m4_esyscmd([automake --version |
53 head -1 |
54 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 12) { print "serial-tests" }}'
55 ])
56 ])
57
58 dnl Automake 1.14+ warns if sources are in sub-directories but subdir-objects
59 dnl options is not enabled. However, automake before 1.15a has a bug that causes
60 dnl variable expansion to fail in foo_SOURCES when this option is used.
61 dnl As most of our build systems are now likely to use automake 1.16+ add a
62 dnl work around to conditionally add subdir-objects option.
63 m4_define([subdir_objects], [
64 m4_esyscmd([automake --version |
65 head -1 |
66 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 16) { print "subdir-objects" }}'
67 ])
68 ])
69
70 # This foreign option prevents autoreconf from overriding our COPYING and
71 # INSTALL targets:
72 AM_INIT_AUTOMAKE(foreign serial_tests subdir_objects 1.9) dnl NB: Do not [quote] this parameter.
73 AC_CANONICAL_HOST
74 AC_USE_SYSTEM_EXTENSIONS
75
76 AC_ARG_ENABLE(
77 [lzo],
78 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])],
79 ,
80 [enable_lzo="yes"]
81 )
82
83 AC_ARG_ENABLE(
84 [lz4],
85 [AS_HELP_STRING([--disable-lz4], [disable LZ4 compression support @<:@default=yes@:>@])],
86 [enable_lz4="$enableval"],
87 [enable_lz4="yes"]
88 )
89
90 AC_ARG_ENABLE(
91 [comp-stub],
92 [AS_HELP_STRING([--enable-comp-stub], [disable compression support but still allow limited interoperability with compression-enabled peers @<:@default=no@:>@])],
93 [enable_comp_stub="$enableval"],
94 [enable_comp_stub="no"]
95 )
96
97 AC_ARG_ENABLE(
98 [ofb-cfb],
99 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
100 ,
101 [enable_crypto_ofb_cfb="yes"]
102 )
103
104 AC_ARG_ENABLE(
105 [x509-alt-username],
106 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])],
107 ,
108 [enable_x509_alt_username="no"]
109 )
110
111 AC_ARG_ENABLE(
112 [plugins],
113 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
114 ,
115 [enable_plugins="yes"]
116 )
117
118 AC_ARG_ENABLE(
119 [management],
120 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])],
121 ,
122 [enable_management="yes"]
123 )
124
125 AC_ARG_ENABLE(
126 [pkcs11],
127 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])],
128 ,
129 [enable_pkcs11="no"]
130 )
131
132 AC_ARG_ENABLE(
133 [fragment],
134 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])],
135 ,
136 [enable_fragment="yes"]
137 )
138
139 AC_ARG_ENABLE(
140 [port-share],
141 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])],
142 ,
143 [enable_port_share="yes"]
144 )
145
146 AC_ARG_ENABLE(
147 [debug],
148 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])],
149 ,
150 [enable_debug="yes"]
151 )
152
153 AC_ARG_ENABLE(
154 [small],
155 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])],
156 ,
157 [enable_small="no"]
158 )
159
160 AC_ARG_ENABLE(
161 [dco],
162 [AS_HELP_STRING([--disable-dco], [disable data channel offload support using the ovpn-dco kernel module @<:@default=yes@:>@ on Linux/FreeBSD, can't disable on Windows])],
163 ,
164 [
165 case "$host" in
166 *-*-linux*)
167 enable_dco="auto"
168 ;;
169 *-*-freebsd*)
170 enable_dco="auto"
171 ;;
172 *)
173 # note that this does not disable it for Windows
174 enable_dco="no"
175 ;;
176 esac
177 ]
178 )
179
180 AC_ARG_ENABLE(
181 [iproute2],
182 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 (disables DCO) @<:@default=no@:>@])],
183 ,
184 [enable_iproute2="no"]
185 )
186
187 AC_ARG_ENABLE(
188 [plugin-auth-pam],
189 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])],
190 ,
191 [
192 case "$host" in
193 *-*-openbsd*) enable_plugin_auth_pam="no";;
194 *-mingw*) enable_plugin_auth_pam="no";;
195 *) enable_plugin_auth_pam="yes";;
196 esac
197 ]
198 )
199
200 AC_ARG_ENABLE(
201 [plugin-down-root],
202 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])],
203 ,
204 [
205 case "$host" in
206 *-mingw*) enable_plugin_down_root="no";;
207 *) enable_plugin_down_root="yes";;
208 esac
209 ]
210 )
211
212 AC_ARG_ENABLE(
213 [pam-dlopen],
214 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])],
215 ,
216 [enable_pam_dlopen="no"]
217 )
218
219 AC_ARG_ENABLE(
220 [strict],
221 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])],
222 ,
223 [enable_strict="no"]
224 )
225
226 AC_ARG_ENABLE(
227 [pedantic],
228 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])],
229 ,
230 [enable_pedantic="no"]
231 )
232
233 AC_ARG_ENABLE(
234 [werror],
235 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])],
236 ,
237 [enable_werror="no"]
238 )
239
240 AC_ARG_ENABLE(
241 [strict-options],
242 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])],
243 ,
244 [enable_strict_options="no"]
245 )
246
247 AC_ARG_ENABLE(
248 [selinux],
249 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])],
250 ,
251 [enable_selinux="no"]
252 )
253
254 AC_ARG_ENABLE(
255 [systemd],
256 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])],
257 ,
258 [enable_systemd="no"]
259 )
260
261 AC_ARG_ENABLE(
262 [async-push],
263 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])],
264 ,
265 [enable_async_push="no"]
266 )
267
268 AC_ARG_WITH(
269 [special-build],
270 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
271 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])]
272 )
273
274 AC_ARG_WITH(
275 [mem-check],
276 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])],
277 [
278 case "${withval}" in
279 dmalloc|valgrind|ssl|no) ;;
280 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;;
281 esac
282 ],
283 [with_mem_check="no"]
284 )
285
286 AC_ARG_WITH(
287 [crypto-library],
288 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])],
289 [
290 case "${withval}" in
291 openssl|mbedtls|wolfssl) ;;
292 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
293 esac
294 ],
295 [with_crypto_library="openssl"]
296 )
297
298 AC_ARG_ENABLE(
299 [wolfssl-options-h],
300 [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])],
301 ,
302 [enable_wolfssl_options_h="yes"]
303 )
304
305 AC_ARG_WITH(
306 [openssl-engine],
307 [AS_HELP_STRING([--with-openssl-engine], [enable engine support with OpenSSL. Default enabled for OpenSSL < 3.0, auto,yes,no @<:@default=auto@:>@])],
308 [
309 case "${withval}" in
310 auto|yes|no) ;;
311 *) AC_MSG_ERROR([bad value ${withval} for --with-engine]) ;;
312 esac
313 ],
314 [with_openssl_engine="auto"]
315 )
316
317 AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
318 if test -n "${PLUGINDIR}"; then
319 plugindir="${PLUGINDIR}"
320 else
321 plugindir="\${libdir}/openvpn/plugins"
322 fi
323
324 AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
325 AM_CONDITIONAL([TARGET_LINUX], [false])
326 case "$host" in
327 *-*-linux*)
328 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?])
329 AM_CONDITIONAL([TARGET_LINUX], [true])
330 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix])
331 have_sitnl="yes"
332 ;;
333 *-*-solaris*)
334 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?])
335 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix])
336 CPPFLAGS="$CPPFLAGS -D_XPG4_2"
337 test -x /bin/bash && SHELL="/bin/bash"
338 ;;
339 *-*-openbsd*)
340 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
341 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix])
342 ;;
343 *-*-freebsd*)
344 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?])
345 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix])
346 ;;
347 *-*-netbsd*)
348 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?])
349 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix])
350 ;;
351 *-*-darwin*)
352 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?])
353 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix])
354 have_tap_header="yes"
355 ac_cv_type_struct_in_pktinfo=no
356 ;;
357 *-mingw*)
358 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?])
359 AC_DEFINE([ENABLE_DCO], [1], [DCO is always enabled on Windows])
360 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix])
361 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN"
362 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA"
363 WIN32=yes
364 ;;
365 *-*-dragonfly*)
366 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?])
367 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix])
368 ;;
369 *-aix*)
370 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?])
371 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix])
372 ROUTE="/usr/sbin/route"
373 have_tap_header="yes"
374 ac_cv_header_net_if_h="no" # exists, but breaks things
375 ;;
376 *)
377 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
378 have_tap_header="yes"
379 ;;
380 esac
381
382 AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes")
383
384 PKG_PROG_PKG_CONFIG
385 AC_PROG_CPP
386 AC_PROG_INSTALL
387 AC_PROG_LN_S
388 AC_PROG_SED
389 AC_PROG_MAKE_SET
390
391 AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility])
392 AC_ARG_VAR([ROUTE], [full path to route utility])
393 AC_ARG_VAR([IPROUTE], [full path to ip utility])
394 AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
395 AC_ARG_VAR([GIT], [path to git utility])
396 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
397 AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@])
398 AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@])
399 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
400 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
401 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
402 AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin])
403 AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests
404 AC_CHECK_PROGS([GIT], [git]) # optional
405 AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool])
406 AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool])
407 AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool])
408 AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool])
409
410 #
411 # man page generation - based on python-docutils
412 #
413 AC_ARG_VAR([RST2MAN], [path to rst2man utility])
414 AC_ARG_VAR([RST2HTML], [path to rst2html utility])
415 AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py])
416 AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py])
417 AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"])
418
419 # Set -std=c99 unless user already specified a -std=
420 case "${CFLAGS}" in
421 *-std=*) ;;
422 *) CFLAGS="${CFLAGS} -std=c99" ;;
423 esac
424
425 #
426 # Libtool
427 #
428 ifdef(
429 [LT_INIT],
430 [
431 LT_INIT([win32-dll])
432 LT_LANG([Windows Resource])
433 ],
434 [
435 AC_LIBTOOL_WIN32_DLL
436 AC_LIBTOOL_RC
437 AC_PROG_LIBTOOL
438 ]
439 )
440
441 AC_C_CONST
442 AC_C_INLINE
443 AC_C_VOLATILE
444 AC_TYPE_OFF_T
445 AC_TYPE_PID_T
446 AC_TYPE_SIZE_T
447 AC_TYPE_UID_T
448 AC_TYPE_SIGNAL
449 AX_TYPE_SOCKLEN_T
450 AC_CHECK_SIZEOF([unsigned int])
451 AC_CHECK_SIZEOF([unsigned long])
452 AC_CHECK_HEADERS([ \
453 fcntl.h io.h \
454 sys/types.h sys/socket.h \
455 unistd.h dlfcn.h \
456 netinet/in.h \
457 netinet/tcp.h arpa/inet.h netdb.h \
458 versionhelpers.h \
459 ])
460 AC_CHECK_HEADERS([ \
461 sys/time.h sys/ioctl.h sys/stat.h \
462 sys/mman.h sys/file.h sys/wait.h \
463 unistd.h libgen.h stropts.h \
464 syslog.h pwd.h grp.h termios.h \
465 sys/sockio.h sys/uio.h linux/sockios.h \
466 linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \
467 ])
468
469 SOCKET_INCLUDES="
470 #include <stdlib.h>
471 #ifdef HAVE_SYS_TYPES_H
472 #include <sys/types.h>
473 #endif
474 #ifdef HAVE_SYS_SOCKET_H
475 #include <sys/socket.h>
476 #endif
477 #ifdef HAVE_NET_IF_H
478 #include <net/if.h>
479 #endif
480 #ifdef HAVE_NETINET_IN_H
481 #include <netinet/in.h>
482 #endif
483 #ifdef _WIN32
484 #include <windows.h>
485 #endif
486 #ifdef _WIN32
487 #include <winsock2.h>
488 #endif
489 #ifdef _WIN32
490 #include <ws2tcpip.h>
491 #endif
492 #ifdef HAVE_NETINET_IP_H
493 #include <netinet/ip.h>
494 #endif
495 "
496
497 AC_CHECK_HEADERS(
498 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h],
499 ,
500 ,
501 [[${SOCKET_INCLUDES}]]
502 )
503
504 AC_CHECK_TYPES(
505 [in_addr_t],
506 ,
507 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])],
508 [[${SOCKET_INCLUDES}]]
509 )
510 AC_CHECK_TYPES(
511 [in_port_t],
512 ,
513 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])],
514 [[${SOCKET_INCLUDES}]]
515 )
516 AC_CHECK_TYPE(
517 [struct iphdr],
518 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])],
519 ,
520 [[${SOCKET_INCLUDES}]]
521 )
522 AC_CHECK_TYPE(
523 [struct msghdr],
524 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])],
525 ,
526 [[${SOCKET_INCLUDES}]]
527 )
528 AC_CHECK_TYPE(
529 [struct cmsghdr],
530 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])],
531 ,
532 [[${SOCKET_INCLUDES}]]
533 )
534 AC_CHECK_TYPE(
535 [struct in_pktinfo],
536 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])],
537 ,
538 [[${SOCKET_INCLUDES}]]
539 )
540 AC_CHECK_TYPE(
541 [sa_family_t],
542 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])],
543 ,
544 [[${SOCKET_INCLUDES}]]
545 )
546 AC_CHECK_MEMBER(
547 [struct in_pktinfo.ipi_spec_dst],
548 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])],
549 ,
550 [[${SOCKET_INCLUDES}]]
551 )
552 AC_CHECK_TYPE(
553 [struct sockaddr_in6],
554 ,
555 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])],
556 [[${SOCKET_INCLUDES}]]
557 )
558 AC_CHECK_DECLS(
559 [SO_MARK],
560 ,
561 ,
562 [[${SOCKET_INCLUDES}]]
563 )
564 AC_MSG_CHECKING([anonymous union support])
565 AC_COMPILE_IFELSE(
566 [AC_LANG_PROGRAM(
567 [[
568 struct mystruct {
569 union {
570 int m1;
571 char m2;
572 };
573 };
574 ]],
575 [[
576 struct mystruct s;
577 s.m1 = 1; s.m2 = 2;
578 ]]
579 )],
580 [
581 AC_MSG_RESULT([yes])
582 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions])
583 ],
584 [AC_MSG_RESULT([no])]
585 )
586
587 saved_LDFLAGS="$LDFLAGS"
588 LDFLAGS="$LDFLAGS -Wl,--wrap=exit"
589 AC_MSG_CHECKING([linker supports --wrap])
590 AC_LINK_IFELSE(
591 [AC_LANG_PROGRAM(
592 [[
593 void exit(int);
594 void __real_exit(int);
595 void __wrap_exit(int i) {
596 __real_exit(i);
597 }
598 ]],
599 [[
600 exit(0);
601 ]]
602 )],
603 [
604 AC_MSG_RESULT([yes])
605 have_ld_wrap_support=yes
606 ],
607 [AC_MSG_RESULT([no])],
608 )
609 LDFLAGS="$saved_LDFLAGS"
610
611 dnl We emulate signals in Windows
612 AC_CHECK_DECLS(
613 [SIGHUP],
614 ,
615 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])],
616 [[
617 #include <signal.h>
618 ]]
619 )
620 AC_CHECK_DECLS(
621 [SIGINT],
622 ,
623 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])],
624 [[
625 #include <signal.h>
626 ]]
627 )
628 AC_CHECK_DECLS(
629 [SIGUSR1],
630 ,
631 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])],
632 [[
633 #include <signal.h>
634 ]]
635 )
636 AC_CHECK_DECLS(
637 [SIGUSR2],
638 ,
639 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])],
640 [[
641 #include <signal.h>
642 ]]
643 )
644 AC_CHECK_DECLS(
645 [SIGTERM],
646 ,
647 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])],
648 [[
649 #include <signal.h>
650 ]]
651 )
652
653 AC_FUNC_FORK
654
655 AC_CHECK_FUNCS([ \
656 daemon chroot getpwnam setuid nice system dup dup2 \
657 syslog openlog mlockall getrlimit getgrnam setgid \
658 setgroups flock readv writev time gettimeofday \
659 setsid chdir \
660 chsize ftruncate execve getpeereid basename dirname access \
661 epoll_create strsep \
662 ])
663
664 AC_CHECK_LIB(
665 [dl],
666 [dlopen],
667 [DL_LIBS="-ldl"]
668 )
669 AC_SUBST([DL_LIBS])
670
671 AC_CHECK_LIB(
672 [nsl],
673 [inet_ntoa],
674 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"]
675 )
676 AC_CHECK_LIB(
677 [socket],
678 [socket],
679 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"]
680 )
681 AC_CHECK_LIB(
682 [resolv],
683 [gethostbyname],
684 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"]
685 )
686 AC_SUBST([SOCKETS_LIBS])
687
688 old_LIBS="${LIBS}"
689 LIBS="${LIBS} ${SOCKETS_LIBS}"
690 AC_CHECK_FUNCS([sendmsg recvmsg])
691
692 LIBS="${old_LIBS}"
693
694 # we assume res_init() always exist, but need to find out *where*...
695 AC_SEARCH_LIBS(__res_init, resolv bind, ,
696 AC_SEARCH_LIBS(res_9_init, resolv bind, ,
697 AC_SEARCH_LIBS(res_init, resolv bind, , )))
698
699 AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap])
700 old_CFLAGS="${CFLAGS}"
701 CFLAGS="${CFLAGS} ${TAP_CFLAGS}"
702 AC_CHECK_HEADERS(
703 [ \
704 net/if_tun.h net/tun/if_tun.h \
705 linux/if_tun.h \
706 tap-windows.h \
707 ],
708 [have_tap_header="yes"]
709 )
710 AC_CHECK_DECLS(
711 [TUNSETPERSIST],
712 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])],
713 ,
714 [[
715 #ifdef HAVE_LINUX_IF_TUN_H
716 #include <linux/if_tun.h>
717 #endif
718 ]]
719 )
720 CFLAGS="${old_CFLAGS}"
721 test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found])
722
723 AC_CHECK_LIB(
724 [selinux],
725 [setcon],
726 [SELINUX_LIBS="-lselinux"]
727 )
728 AC_SUBST([SELINUX_LIBS])
729
730 AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam])
731 AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam])
732 if test -z "${LIBPAM_LIBS}"; then
733 AC_CHECK_LIB(
734 [pam],
735 [pam_start],
736 [LIBPAM_LIBS="-lpam"]
737 )
738 fi
739
740 case "${with_mem_check}" in
741 valgrind)
742 AC_CHECK_HEADERS(
743 [valgrind/memcheck.h],
744 [
745 CFLAGS="${CFLAGS} -g -fno-inline"
746 AC_DEFINE(
747 [USE_VALGRIND],
748 [1],
749 [Use valgrind memory debugging library]
750 )
751 ],
752 [AC_MSG_ERROR([valgrind headers not found.])]
753 )
754 ;;
755 dmalloc)
756 AC_CHECK_HEADERS(
757 [dmalloc.h],
758 [AC_CHECK_LIB(
759 [dmalloc],
760 [malloc],
761 [
762 LIBS="${LIBS} -ldmalloc"
763 AC_DEFINE(
764 [DMALLOC],
765 [1],
766 [Use dmalloc memory debugging library]
767 )
768 ],
769 [AC_MSG_ERROR([dmalloc library not found.])]
770 )],
771 [AC_MSG_ERROR([dmalloc headers not found.])]
772 )
773 ;;
774 ssl)
775 AC_CHECK_LIB(
776 [ssl],
777 [CRYPTO_mem_ctrl],
778 [
779 AC_DEFINE(
780 [CRYPTO_MDEBUG],
781 [1],
782 [Use memory debugging function in OpenSSL]
783 )
784 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG])
785 ],
786 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])]
787 )
788 ;;
789 esac
790
791 PKG_CHECK_MODULES(
792 [PKCS11_HELPER],
793 [libpkcs11-helper-1 >= 1.11],
794 [have_pkcs11_helper="yes"],
795 []
796 )
797
798
799 if test "$enable_dco" != "no"; then
800 enable_dco_arg="$enable_dco"
801 if test "${enable_iproute2}" = "yes"; then
802 AC_MSG_WARN([DCO cannot be enabled when using iproute2])
803 enable_dco="no"
804 fi
805 case "$host" in
806 *-*-linux*)
807 if test "$enable_dco" = "no"; then
808 if test "$enable_dco_arg" = "auto"; then
809 AC_MSG_WARN([DCO support disabled])
810 else
811 AC_MSG_ERROR([DCO support can't be enabled])
812 fi
813 else
814 dnl
815 dnl Include generic netlink library used to talk to ovpn-dco
816 dnl
817 PKG_CHECK_MODULES([LIBNL_GENL],
818 [libnl-genl-3.0 >= 3.4.0],
819 [have_libnl="yes"],
820 [
821 AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO])
822 ]
823 )
824 CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}"
825 LIBS="${LIBS} ${LIBNL_GENL_LIBS}"
826
827 AC_DEFINE(ENABLE_DCO, 1, [Enable shared data channel offload])
828 AC_MSG_NOTICE([Enabled ovpn-dco support for Linux])
829 fi
830 ;;
831 *-*-freebsd*)
832 AC_CHECK_HEADERS([net/if_ovpn.h],
833 [
834 LIBS="${LIBS} -lnv"
835 AC_DEFINE(ENABLE_DCO, 1, [Enable data channel offload for FreeBSD])
836 AC_MSG_NOTICE([Enabled ovpn-dco support for FreeBSD])
837 ],
838 [
839 enable_dco="no"
840 AC_MSG_WARN([DCO header not found.])
841 ]
842 )
843 if test "$enable_dco" = "no"; then
844 if test "$enable_dco_arg" = "auto"; then
845 AC_MSG_WARN([DCO support disabled])
846 else
847 AC_MSG_ERROR([DCO support can't be enabled])
848 fi
849 fi
850 ;;
851 *-mingw*)
852 AC_MSG_NOTICE([NOTE: --enable-dco ignored on Windows because it's always enabled])
853 ;;
854 *)
855 AC_MSG_NOTICE([Ignoring --enable-dco on non supported platform])
856 ;;
857 esac
858 fi
859
860 dnl
861 dnl Depend on libcap-ng on Linux
862 dnl
863 case "$host" in
864 *-*-linux*)
865 PKG_CHECK_MODULES([LIBCAPNG],
866 [libcap-ng],
867 [],
868 [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])]
869 )
870 AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])])
871
872 CFLAGS="${CFLAGS} ${LIBCAPNG_CFLAGS}"
873 LIBS="${LIBS} ${LIBCAPNG_LIBS}"
874 AC_DEFINE(HAVE_LIBCAPNG, 1, [Enable libcap-ng support])
875 ;;
876 esac
877
878
879 if test "${with_crypto_library}" = "openssl"; then
880 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL])
881 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL])
882
883 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then
884 # if the user did not explicitly specify flags, try to autodetect
885 PKG_CHECK_MODULES(
886 [OPENSSL],
887 [openssl >= 1.0.2],
888 [have_openssl="yes"],
889 [] # If this fails, we will do another test next
890 )
891 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
892 fi
893
894 saved_CFLAGS="${CFLAGS}"
895 saved_LIBS="${LIBS}"
896 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}"
897 LIBS="${LIBS} ${OPENSSL_LIBS}"
898
899 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars
900 # are used, check the version directly in the OpenSSL include file
901 if test "${have_openssl}" != "yes"; then
902 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2])
903 AC_COMPILE_IFELSE(
904 [AC_LANG_PROGRAM(
905 [[
906 #include <openssl/opensslv.h>
907 ]],
908 [[
909 /* Version encoding: MNNFFPPS - see opensslv.h for details */
910 #if OPENSSL_VERSION_NUMBER < 0x10002000L
911 #error OpenSSL too old
912 #endif
913 ]]
914 )],
915 [AC_MSG_RESULT([ok])],
916 [AC_MSG_ERROR([OpenSSL version too old])]
917 )
918 fi
919
920 AC_CHECK_FUNCS([SSL_CTX_new],
921 ,
922 [AC_MSG_ERROR([openssl check failed])]
923 )
924
925 if test "${with_openssl_engine}" = "auto"; then
926 AC_COMPILE_IFELSE(
927 [AC_LANG_PROGRAM(
928 [[
929 #include <openssl/opensslv.h>
930 ]],
931 [[
932 /* Version encoding: MNNFFPPS - see opensslv.h for details */
933 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
934 #error Engine supported disabled by default in OpenSSL 3.0+
935 #endif
936 ]]
937 )],
938 [have_openssl_engine="yes"],
939 [have_openssl_engine="no"]
940 )
941 if test "${have_openssl_engine}" = "yes"; then
942 AC_CHECK_FUNCS(
943 [ \
944 ENGINE_load_builtin_engines \
945 ENGINE_register_all_complete \
946 ],
947 ,
948 [have_openssl_engine="no"; break]
949 )
950 fi
951 else
952 have_openssl_engine="${with_openssl_engine}"
953 if test "${have_openssl_engine}" = "yes"; then
954 AC_CHECK_FUNCS(
955 [ \
956 ENGINE_load_builtin_engines \
957 ENGINE_register_all_complete \
958 ],
959 ,
960 [AC_MSG_ERROR([OpenSSL engine support not found])]
961 )
962 fi
963 fi
964 if test "${have_openssl_engine}" = "yes"; then
965 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available])
966 fi
967
968 AC_CHECK_FUNC(
969 [EVP_aes_256_gcm],
970 ,
971 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])]
972 )
973
974 # All supported OpenSSL version (>= 1.0.2)
975 # have this feature
976 have_export_keying_material="yes"
977
978 CFLAGS="${saved_CFLAGS}"
979 LIBS="${saved_LIBS}"
980
981 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
982 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}"
983 CRYPTO_LIBS="${OPENSSL_LIBS}"
984 elif test "${with_crypto_library}" = "mbedtls"; then
985 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls])
986 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls])
987
988 saved_CFLAGS="${CFLAGS}"
989 saved_LIBS="${LIBS}"
990
991 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then
992 # if the user did not explicitly specify flags, try to autodetect
993 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"
994 AC_CHECK_LIB(
995 [mbedtls],
996 [mbedtls_ssl_init],
997 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
998 [AC_MSG_ERROR([Could not find mbed TLS.])],
999 [${PKCS11_HELPER_LIBS}]
1000 )
1001 fi
1002
1003 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}"
1004 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}"
1005
1006 AC_MSG_CHECKING([mbedtls version])
1007 AC_COMPILE_IFELSE(
1008 [AC_LANG_PROGRAM(
1009 [[
1010 #include <mbedtls/version.h>
1011 ]],
1012 [[
1013 #if MBEDTLS_VERSION_NUMBER < 0x02000000 || MBEDTLS_VERSION_NUMBER >= 0x03000000
1014 #error invalid version
1015 #endif
1016 ]]
1017 )],
1018 [AC_MSG_RESULT([ok])],
1019 [AC_MSG_ERROR([mbed TLS 2.y.z required])]
1020 )
1021
1022 AC_CHECK_FUNCS(
1023 [ \
1024 mbedtls_cipher_write_tag \
1025 mbedtls_cipher_check_tag \
1026 ],
1027 ,
1028 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])]
1029 )
1030
1031 have_export_keying_material="yes"
1032 AC_CHECK_FUNC(
1033 [mbedtls_ssl_conf_export_keys_ext_cb],
1034 ,
1035 [have_export_keying_material="no"]
1036 )
1037
1038 AC_CHECK_FUNC(
1039 [mbedtls_ctr_drbg_update_ret],
1040 AC_DEFINE([HAVE_CTR_DRBG_UPDATE_RET], [1],
1041 [Use mbedtls_ctr_drbg_update_ret from mbed TLS]),
1042 )
1043
1044 CFLAGS="${saved_CFLAGS}"
1045 LIBS="${saved_LIBS}"
1046 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
1047 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
1048 CRYPTO_LIBS="${MBEDTLS_LIBS}"
1049
1050 elif test "${with_crypto_library}" = "wolfssl"; then
1051 AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should
1052 contain the regular wolfSSL header files but also the
1053 wolfSSL OpenSSL header files. Ex: -I/usr/local/include
1054 -I/usr/local/include/wolfssl])
1055 AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl])
1056
1057 saved_CFLAGS="${CFLAGS}"
1058 saved_LIBS="${LIBS}"
1059
1060 if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then
1061 # if the user did not explicitly specify flags, try to autodetect
1062 PKG_CHECK_MODULES(
1063 [WOLFSSL],
1064 [wolfssl],
1065 [],
1066 [AC_MSG_ERROR([Could not find wolfSSL.])]
1067 )
1068 PKG_CHECK_VAR(
1069 [WOLFSSL_INCLUDEDIR],
1070 [wolfssl],
1071 [includedir],
1072 [],
1073 [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])]
1074 )
1075 WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl"
1076 fi
1077 saved_CFLAGS="${CFLAGS}"
1078 saved_LIBS="${LIBS}"
1079 CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}"
1080 LIBS="${LIBS} ${WOLFSSL_LIBS}"
1081
1082 AC_CHECK_LIB(
1083 [wolfssl],
1084 [wolfSSL_Init],
1085 [],
1086 [AC_MSG_ERROR([Could not link wolfSSL library.])]
1087 )
1088 AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
1089
1090 # wolfSSL signal EKM support
1091 have_export_keying_material="yes"
1092
1093 if test "${enable_wolfssl_options_h}" = "yes"; then
1094 AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
1095 else
1096 AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library])
1097 fi
1098
1099 have_export_keying_material="yes"
1100
1101 CFLAGS="${saved_CFLAGS}"
1102 LIBS="${saved_LIBS}"
1103
1104 AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library])
1105 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer])
1106 CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}"
1107 CRYPTO_LIBS="${WOLFSSL_LIBS}"
1108 else
1109 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
1110 fi
1111
1112 AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo])
1113 AC_ARG_VAR([LZO_LIBS], [linker flags for lzo])
1114 have_lzo="yes"
1115 if test -z "${LZO_LIBS}"; then
1116 AC_CHECK_LIB(
1117 [lzo2],
1118 [lzo1x_1_15_compress],
1119 [LZO_LIBS="-llzo2"],
1120 [AC_CHECK_LIB(
1121 [lzo],
1122 [lzo1x_1_15_compress],
1123 [LZO_LIBS="-llzo"],
1124 [have_lzo="no"]
1125 )]
1126 )
1127 fi
1128 if test "${have_lzo}" = "yes"; then
1129 saved_CFLAGS="${CFLAGS}"
1130 CFLAGS="${CFLAGS} ${LZO_CFLAGS}"
1131 AC_CHECK_HEADERS(
1132 [lzo/lzoutil.h],
1133 ,
1134 [AC_CHECK_HEADERS(
1135 [lzoutil.h],
1136 ,
1137 [AC_MSG_ERROR([lzoutil.h is missing])]
1138 )]
1139 )
1140 AC_CHECK_HEADERS(
1141 [lzo/lzo1x.h],
1142 ,
1143 [AC_CHECK_HEADERS(
1144 [lzo1x.h],
1145 ,
1146 [AC_MSG_ERROR([lzo1x.h is missing])]
1147 )]
1148 )
1149 CFLAGS="${saved_CFLAGS}"
1150 fi
1151
1152 dnl
1153 dnl check for LZ4 library
1154 dnl
1155
1156 AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
1157 AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
1158 if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
1159 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
1160 # if the user did not explicitly specify flags, try to autodetect
1161 PKG_CHECK_MODULES([LZ4],
1162 [liblz4 >= 1.7.1 liblz4 < 100],
1163 [have_lz4="yes"],
1164 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
1165 # We also add set LZ4_LIBS otherwise the
1166 # linker will not know about the lz4 library
1167 )
1168 fi
1169
1170 saved_CFLAGS="${CFLAGS}"
1171 saved_LIBS="${LIBS}"
1172 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
1173 LIBS="${LIBS} ${LZ4_LIBS}"
1174
1175 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
1176 # are used, check the version directly in the LZ4 include file
1177 if test "${have_lz4}" != "yes"; then
1178 AC_CHECK_HEADERS([lz4.h],
1179 [have_lz4h="yes"],
1180 [])
1181
1182 if test "${have_lz4h}" = "yes" ; then
1183 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
1184 AC_COMPILE_IFELSE(
1185 [AC_LANG_PROGRAM([[
1186 #include <lz4.h>
1187 ]],
1188 [[
1189 /* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
1190 #if LZ4_VERSION_NUMBER < 10701L
1191 #error LZ4 is too old
1192 #endif
1193 ]]
1194 )],
1195 [
1196 AC_MSG_RESULT([ok])
1197 have_lz4="yes"
1198 ],
1199 [AC_MSG_ERROR([system LZ4 library is too old])]
1200 )
1201 fi
1202 fi
1203
1204 # Double check we have a few needed functions
1205 if test "${have_lz4}" = "yes" ; then
1206 AC_CHECK_LIB([lz4],
1207 [LZ4_compress_default],
1208 [],
1209 [have_lz4="no"])
1210 AC_CHECK_LIB([lz4],
1211 [LZ4_decompress_safe],
1212 [],
1213 [have_lz4="no"])
1214 fi
1215
1216 if test "${have_lz4}" != "yes" ; then
1217 AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4])
1218 LZ4_LIBS=""
1219 fi
1220 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
1221 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
1222 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
1223 CFLAGS="${saved_CFLAGS}"
1224 LIBS="${saved_LIBS}"
1225 fi
1226
1227
1228 dnl
1229 dnl Check for systemd
1230 dnl
1231 AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"])
1232 if test "$enable_systemd" = "yes" ; then
1233 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd],
1234 [],
1235 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
1236 )
1237
1238 PKG_CHECK_EXISTS( [libsystemd > 216],
1239 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1],
1240 [systemd is newer than v216])]
1241 )
1242
1243 AC_CHECK_HEADERS(systemd/sd-daemon.h,
1244 ,
1245 [
1246 AC_MSG_ERROR([systemd development headers not found.])
1247 ])
1248
1249 saved_LIBS="${LIBS}"
1250 LIBS="${LIBS} ${libsystemd_LIBS}"
1251 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])])
1252 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
1253 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
1254 LIBS="${saved_LIBS}"
1255
1256 if test -n "${SYSTEMD_UNIT_DIR}"; then
1257 systemdunitdir="${SYSTEMD_UNIT_DIR}"
1258 else
1259 systemdunitdir="\${libdir}/systemd/system"
1260 fi
1261
1262 if test -n "${TMPFILES_DIR}"; then
1263 tmpfilesdir="${TMPFILES_DIR}"
1264 else
1265 tmpfilesdir="\${libdir}/tmpfiles.d"
1266 fi
1267 fi
1268
1269
1270 AC_MSG_CHECKING([git checkout])
1271 GIT_CHECKOUT="no"
1272 if test -n "${GIT}" -a -d "${srcdir}/.git"; then
1273 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h])
1274 GIT_CHECKOUT="yes"
1275 fi
1276 AC_MSG_RESULT([${GIT_CHECKOUT}])
1277
1278 dnl enable --x509-username-field feature if requested
1279 if test "${enable_x509_alt_username}" = "yes"; then
1280 if test "${with_crypto_library}" = "mbedtls" ; then
1281 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature])
1282 fi
1283
1284 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature])
1285 fi
1286
1287 test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
1288 test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
1289 test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size])
1290 test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
1291 test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
1292
1293 test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
1294 if test "${have_export_keying_material}" = "yes"; then
1295 AC_DEFINE(
1296 [HAVE_EXPORT_KEYING_MATERIAL], [1],
1297 [Crypto library supports keying material exporter]
1298 )
1299 fi
1300 OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
1301 OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
1302
1303 if test "${enable_plugins}" = "yes"; then
1304 OPTIONAL_DL_LIBS="${DL_LIBS}"
1305 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support])
1306 else
1307 enable_plugin_auth_pam="no"
1308 enable_plugin_down_root="no"
1309 fi
1310
1311 AM_CONDITIONAL([HAVE_SITNL], [false])
1312
1313 if test "${enable_iproute2}" = "yes"; then
1314 test "${enable_dco}" = "yes" && AC_MSG_ERROR([iproute2 support cannot be enabled when using DCO])
1315 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing])
1316 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support])
1317 else if test "${have_sitnl}" = "yes"; then
1318 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support])
1319 AM_CONDITIONAL([HAVE_SITNL], [true])
1320 else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then
1321 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing])
1322 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing])
1323 fi
1324 fi
1325 fi
1326
1327 if test "${enable_selinux}" = "yes"; then
1328 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing])
1329 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}"
1330 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support])
1331 fi
1332
1333 if test "${enable_lzo}" = "yes"; then
1334 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing])
1335 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}"
1336 OPTIONAL_LZO_LIBS="${LZO_LIBS}"
1337 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1338 fi
1339 if test "${enable_comp_stub}" = "yes"; then
1340 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)])
1341 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)])
1342 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability])
1343 fi
1344
1345 AM_CONDITIONAL([HAVE_SOFTHSM2], [false])
1346 if test "${enable_pkcs11}" = "yes"; then
1347 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
1348 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
1349 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
1350 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
1351 PKG_CHECK_MODULES(
1352 [P11KIT],
1353 [p11-kit-1],
1354 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`"
1355 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])],
1356 []
1357 )
1358 #
1359 # softhsm2 for pkcs11 tests
1360 #
1361 AC_ARG_VAR([P11TOOL], [full path to p11tool])
1362 AC_PATH_PROGS([P11TOOL], [p11tool],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1363 AC_DEFINE_UNQUOTED([P11TOOL_PATH], ["$P11TOOL"], [Path to p11tool])
1364 AC_ARG_VAR([SOFTHSM2_UTIL], [full path to softhsm2-util])
1365 AC_ARG_VAR([SOFTHSM2_MODULE], [full path to softhsm2 module @<:@default=/usr/lib/softhsm/libsofthsm2.so@:>@])
1366 AC_PATH_PROGS([SOFTHSM2_UTIL], [softhsm2-util],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1367 test -z "$SOFTHSM2_MODULE" && SOFTHSM2_MODULE=/usr/lib/softhsm/libsofthsm2.so
1368 AC_DEFINE_UNQUOTED([SOFTHSM2_UTIL_PATH], ["$SOFTHSM2_UTIL"], [Path to softhsm2-util])
1369 AC_DEFINE_UNQUOTED([SOFTHSM2_MODULE_PATH], ["$SOFTHSM2_MODULE"], [Path to softhsm2 module])
1370 if test "${with_crypto_library}" = "openssl"; then
1371 AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${P11TOOL}" -a "${SOFTHSM2_UTIL}" -a "${SOFTHSM2_MODULE}"])
1372 fi
1373 fi
1374
1375 # When testing a compiler option, we add -Werror to force
1376 # an error when the option is unsupported. This is not
1377 # required for gcc, but some compilers such as clang needs it.
1378 AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [
1379 old_cflags="$CFLAGS"
1380 CFLAGS="$1 -Werror $CFLAGS"
1381 AC_MSG_CHECKING([whether the compiler accepts $1])
1382 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags",
1383 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])]
1384 )
1385
1386 ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation])
1387 ACL_CHECK_ADD_COMPILE_FLAGS([-Wall])
1388
1389 if test "${enable_pedantic}" = "yes"; then
1390 enable_strict="yes"
1391 CFLAGS="${CFLAGS} -pedantic"
1392 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode])
1393 fi
1394 if test "${enable_strict}" = "yes"; then
1395 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized"
1396 fi
1397 if test "${enable_werror}" = "yes"; then
1398 CFLAGS="${CFLAGS} -Werror"
1399 fi
1400
1401 if test "${enable_plugin_auth_pam}" = "yes"; then
1402 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}"
1403 if test "${enable_pam_dlopen}" = "yes"; then
1404 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam])
1405 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}"
1406 else
1407 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing])
1408 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}"
1409 fi
1410 fi
1411
1412 if test "${enable_async_push}" = "yes"; then
1413 case "$host" in
1414 *-*-freebsd*)
1415 PKG_CHECK_MODULES(
1416 [OPTIONAL_INOTIFY],
1417 [libinotify],
1418 [
1419 AC_DEFINE([HAVE_SYS_INOTIFY_H])
1420 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push])
1421 ]
1422 )
1423 ;;
1424 *)
1425 AC_CHECK_HEADERS(
1426 [sys/inotify.h],
1427 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]),
1428 AC_MSG_ERROR([inotify.h not found.])
1429 )
1430 ;;
1431 esac
1432 fi
1433
1434 CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
1435 AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
1436
1437 TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID"
1438 TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR"
1439 TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR"
1440 AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id])
1441 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN])
1442 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN])
1443 AC_SUBST([TAP_WIN_COMPONENT_ID])
1444 AC_SUBST([TAP_WIN_MIN_MAJOR])
1445 AC_SUBST([TAP_WIN_MIN_MINOR])
1446
1447 AC_SUBST([OPTIONAL_DL_LIBS])
1448 AC_SUBST([OPTIONAL_SELINUX_LIBS])
1449 AC_SUBST([OPTIONAL_CRYPTO_CFLAGS])
1450 AC_SUBST([OPTIONAL_CRYPTO_LIBS])
1451 AC_SUBST([OPTIONAL_LZO_CFLAGS])
1452 AC_SUBST([OPTIONAL_LZO_LIBS])
1453 AC_SUBST([OPTIONAL_LZ4_CFLAGS])
1454 AC_SUBST([OPTIONAL_LZ4_LIBS])
1455 AC_SUBST([OPTIONAL_SYSTEMD_LIBS])
1456 AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS])
1457 AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS])
1458 AC_SUBST([OPTIONAL_INOTIFY_CFLAGS])
1459 AC_SUBST([OPTIONAL_INOTIFY_LIBS])
1460
1461 AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS])
1462 AC_SUBST([PLUGIN_AUTH_PAM_LIBS])
1463
1464 AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
1465 AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
1466 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
1467 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
1468 AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"])
1469 AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
1470
1471 sampledir="\$(docdir)/sample"
1472 AC_SUBST([plugindir])
1473 AC_SUBST([sampledir])
1474
1475 AC_SUBST([systemdunitdir])
1476 AC_SUBST([tmpfilesdir])
1477
1478 AC_ARG_ENABLE(
1479 [unit-tests],
1480 [AS_HELP_STRING([--disable-unit-tests],
1481 [Disables building and running the unit tests suite])],
1482 [],
1483 [enable_unit_tests="yes"]
1484 )
1485
1486 # Check if cmocka is available - needed for unit testing
1487 PKG_CHECK_MODULES(
1488 [CMOCKA], [cmocka],
1489 [have_cmocka="yes"],
1490 [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])]
1491 )
1492 AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ])
1493 AC_SUBST([ENABLE_UNITTESTS])
1494
1495 TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}"
1496 TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}"
1497 TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}"
1498 TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}"
1499 TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}"
1500
1501 AC_SUBST([TEST_LDFLAGS])
1502 AC_SUBST([TEST_CFLAGS])
1503
1504 AC_CONFIG_FILES([
1505 Makefile
1506 build/Makefile
1507 distro/Makefile
1508 distro/systemd/Makefile
1509 doc/Makefile
1510 doc/doxygen/Makefile
1511 doc/doxygen/openvpn.doxyfile
1512 include/Makefile
1513 sample/sample-plugins/Makefile
1514 src/Makefile
1515 src/compat/Makefile
1516 src/openvpn/Makefile
1517 src/openvpnmsica/Makefile
1518 src/openvpnserv/Makefile
1519 src/plugins/Makefile
1520 src/plugins/auth-pam/Makefile
1521 src/plugins/down-root/Makefile
1522 src/tapctl/Makefile
1523 tests/Makefile
1524 tests/unit_tests/Makefile
1525 tests/unit_tests/example_test/Makefile
1526 tests/unit_tests/openvpn/Makefile
1527 tests/unit_tests/plugins/Makefile
1528 tests/unit_tests/plugins/auth-pam/Makefile
1529 tests/unit_tests/engine-key/Makefile
1530 sample/Makefile
1531 ])
1532 AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])
1533 AC_OUTPUT
Mirror of https://github.com/OpenVPN/openvpn.git