]> git.ipfire.org Git - thirdparty/openvpn.git/blob - configure.ac
projects / thirdparty / openvpn.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Update copyrights
[thirdparty/openvpn.git] / configure.ac
1 dnl OpenVPN -- An application to securely tunnel IP networks
2 dnl over a single UDP port, with support for SSL/TLS-based
3 dnl session authentication and key exchange,
4 dnl packet encryption, packet authentication, and
5 dnl packet compression.
6 dnl
7 dnl Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
8 dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
9 dnl
10 dnl This program is free software; you can redistribute it and/or modify
11 dnl it under the terms of the GNU General Public License as published by
12 dnl the Free Software Foundation; either version 2 of the License, or
13 dnl (at your option) any later version.
14 dnl
15 dnl This program is distributed in the hope that it will be useful,
16 dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
17 dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 dnl GNU General Public License for more details.
19 dnl
20 dnl You should have received a copy of the GNU General Public License along
21 dnl with this program; if not, write to the Free Software Foundation, Inc.,
22 dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23
24 dnl Process this file with autoconf to produce a configure script.
25
26 AC_PREREQ(2.59)
27
28 m4_include(version.m4)
29 AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME])
30 m4_include(compat.m4)
31 AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format])
32 AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version])
33 AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version])
34 AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer])
35 AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer])
36 AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer])
37 AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer])
38
39 AC_CONFIG_AUX_DIR([.])
40 AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h])
41 AC_CONFIG_SRCDIR([src/openvpn/syshead.h])
42 AC_CONFIG_MACRO_DIR([m4])
43
44 dnl Initialize automake. automake < 1.12 didn't have serial-tests and
45 dnl gives an error if it sees this, but for automake >= 1.13
46 dnl serial-tests is required so we have to include it. Solution is to
47 dnl test for the version of automake (by running an external command)
48 dnl and provide it if necessary. Note we have to do this entirely using
49 dnl m4 macros since automake queries this macro by running
50 dnl 'autoconf --trace ...'.
51 m4_define([serial_tests], [
52 m4_esyscmd([automake --version |
53 head -1 |
54 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 12) { print "serial-tests" }}'
55 ])
56 ])
57 # This foreign option prevents autoreconf from overriding our COPYING and
58 # INSTALL targets:
59 AM_INIT_AUTOMAKE(foreign serial_tests 1.9) dnl NB: Do not [quote] this parameter.
60 AC_CANONICAL_HOST
61 AC_USE_SYSTEM_EXTENSIONS
62
63 AC_ARG_ENABLE(
64 [lzo],
65 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])],
66 ,
67 [enable_lzo="yes"]
68 )
69
70 AC_ARG_ENABLE(lz4,
71 [ --disable-lz4 Disable LZ4 compression support],
72 [enable_lz4="$enableval"],
73 [enable_lz4="yes"]
74 )
75
76 AC_ARG_ENABLE(comp-stub,
77 [ --enable-comp-stub Don't compile compression support but still allow limited interoperability with compression-enabled peers],
78 [enable_comp_stub="$enableval"],
79 [enable_comp_stub="no"]
80 )
81
82 AC_ARG_ENABLE(
83 [ofb-cfb],
84 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
85 ,
86 [enable_crypto_ofb_cfb="yes"]
87 )
88
89 AC_ARG_ENABLE(
90 [x509-alt-username],
91 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])],
92 ,
93 [enable_x509_alt_username="no"]
94 )
95
96 AC_ARG_ENABLE(
97 [plugins],
98 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
99 ,
100 [enable_plugins="yes"]
101 )
102
103 AC_ARG_ENABLE(
104 [management],
105 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])],
106 ,
107 [enable_management="yes"]
108 )
109
110 AC_ARG_ENABLE(
111 [pkcs11],
112 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])],
113 ,
114 [enable_pkcs11="no"]
115 )
116
117 AC_ARG_ENABLE(
118 [fragment],
119 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])],
120 ,
121 [enable_fragment="yes"]
122 )
123
124 AC_ARG_ENABLE(
125 [port-share],
126 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])],
127 ,
128 [enable_port_share="yes"]
129 )
130
131 AC_ARG_ENABLE(
132 [debug],
133 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])],
134 ,
135 [enable_debug="yes"]
136 )
137
138 AC_ARG_ENABLE(
139 [small],
140 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])],
141 ,
142 [enable_small="no"]
143 )
144
145 AC_ARG_ENABLE(
146 [iproute2],
147 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 @<:@default=no@:>@])],
148 ,
149 [enable_iproute2="no"]
150 )
151
152 AC_ARG_ENABLE(
153 [pf],
154 [AS_HELP_STRING([--disable-pf], [disable internal packet filter @<:@default=yes@:>@])],
155 ,
156 [enable_pf="yes"]
157 )
158
159 AC_ARG_ENABLE(
160 [plugin-auth-pam],
161 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])],
162 ,
163 [
164 case "$host" in
165 *-*-openbsd*) enable_plugin_auth_pam="no";;
166 *-mingw*) enable_plugin_auth_pam="no";;
167 *) enable_plugin_auth_pam="yes";;
168 esac
169 ]
170 )
171
172 AC_ARG_ENABLE(
173 [plugin-down-root],
174 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])],
175 ,
176 [
177 case "$host" in
178 *-mingw*) enable_plugin_down_root="no";;
179 *) enable_plugin_down_root="yes";;
180 esac
181 ]
182 )
183
184 AC_ARG_ENABLE(
185 [pam-dlopen],
186 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])],
187 ,
188 [enable_pam_dlopen="no"]
189 )
190
191 AC_ARG_ENABLE(
192 [strict],
193 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])],
194 ,
195 [enable_strict="no"]
196 )
197
198 AC_ARG_ENABLE(
199 [pedantic],
200 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])],
201 ,
202 [enable_pedantic="no"]
203 )
204
205 AC_ARG_ENABLE(
206 [werror],
207 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])],
208 ,
209 [enable_werror="no"]
210 )
211
212 AC_ARG_ENABLE(
213 [strict-options],
214 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])],
215 ,
216 [enable_strict_options="no"]
217 )
218
219 AC_ARG_ENABLE(
220 [selinux],
221 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])],
222 ,
223 [enable_selinux="no"]
224 )
225
226 AC_ARG_ENABLE(
227 [systemd],
228 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])],
229 ,
230 [enable_systemd="no"]
231 )
232
233 AC_ARG_ENABLE(
234 [async-push],
235 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])],
236 ,
237 [enable_async_push="no"]
238 )
239
240 AC_ARG_WITH(
241 [special-build],
242 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
243 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])]
244 )
245
246 AC_ARG_WITH(
247 [mem-check],
248 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])],
249 [
250 case "${withval}" in
251 dmalloc|valgrind|ssl|no) ;;
252 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;;
253 esac
254 ],
255 [with_mem_check="no"]
256 )
257
258 AC_ARG_WITH(
259 [crypto-library],
260 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])],
261 [
262 case "${withval}" in
263 openssl|mbedtls|wolfssl) ;;
264 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
265 esac
266 ],
267 [with_crypto_library="openssl"]
268 )
269
270 AC_ARG_ENABLE(
271 [wolfssl-options-h],
272 [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])],
273 ,
274 [enable_wolfssl_options_h="yes"]
275 )
276
277 AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
278 if test -n "${PLUGINDIR}"; then
279 plugindir="${PLUGINDIR}"
280 else
281 plugindir="\${libdir}/openvpn/plugins"
282 fi
283
284 AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
285 AM_CONDITIONAL([TARGET_LINUX], [false])
286 case "$host" in
287 *-*-linux*)
288 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?])
289 AM_CONDITIONAL([TARGET_LINUX], [true])
290 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix])
291 have_sitnl="yes"
292 ;;
293 *-*-solaris*)
294 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?])
295 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix])
296 CPPFLAGS="$CPPFLAGS -D_XPG4_2"
297 test -x /bin/bash && SHELL="/bin/bash"
298 ;;
299 *-*-openbsd*)
300 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
301 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix])
302 ;;
303 *-*-freebsd*)
304 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?])
305 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix])
306 ;;
307 *-*-netbsd*)
308 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?])
309 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix])
310 ;;
311 *-*-darwin*)
312 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?])
313 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix])
314 have_tap_header="yes"
315 ac_cv_type_struct_in_pktinfo=no
316 ;;
317 *-mingw*)
318 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?])
319 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix])
320 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN"
321 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA"
322 WIN32=yes
323 ;;
324 *-*-dragonfly*)
325 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?])
326 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix])
327 ;;
328 *-aix*)
329 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?])
330 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix])
331 ROUTE="/usr/sbin/route"
332 have_tap_header="yes"
333 ac_cv_header_net_if_h="no" # exists, but breaks things
334 ;;
335 *)
336 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
337 have_tap_header="yes"
338 ;;
339 esac
340
341 PKG_PROG_PKG_CONFIG
342 AC_PROG_CPP
343 AC_PROG_INSTALL
344 AC_PROG_LN_S
345 AC_PROG_SED
346 AC_PROG_MAKE_SET
347
348 AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility])
349 AC_ARG_VAR([ROUTE], [full path to route utility])
350 AC_ARG_VAR([IPROUTE], [full path to ip utility])
351 AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
352 AC_ARG_VAR([GIT], [path to git utility])
353 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
354 AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@])
355 AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@])
356 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
357 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
358 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
359 AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin])
360 AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests
361 AC_CHECK_PROGS([GIT], [git]) # optional
362 AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool])
363 AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool])
364 AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool])
365 AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool])
366
367 #
368 # man page generation - based on python-docutils
369 #
370 AC_ARG_VAR([RST2MAN], [path to rst2man utility])
371 AC_ARG_VAR([RST2HTML], [path to rst2html utility])
372 AC_CHECK_PROGS([RST2MAN], [rst2man])
373 AC_CHECK_PROGS([RST2HTML], [rst2html])
374 AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"])
375
376 # Set -std=c99 unless user already specified a -std=
377 case "${CFLAGS}" in
378 *-std=*) ;;
379 *) CFLAGS="${CFLAGS} -std=c99" ;;
380 esac
381
382 #
383 # Libtool
384 #
385 ifdef(
386 [LT_INIT],
387 [
388 LT_INIT([win32-dll])
389 LT_LANG([Windows Resource])
390 ],
391 [
392 AC_LIBTOOL_WIN32_DLL
393 AC_LIBTOOL_RC
394 AC_PROG_LIBTOOL
395 ]
396 )
397
398 AC_C_CONST
399 AC_C_INLINE
400 AC_C_VOLATILE
401 AC_TYPE_OFF_T
402 AC_TYPE_PID_T
403 AC_TYPE_SIZE_T
404 AC_TYPE_UID_T
405 AC_TYPE_SIGNAL
406 AX_TYPE_SOCKLEN_T
407 AC_CHECK_SIZEOF([unsigned int])
408 AC_CHECK_SIZEOF([unsigned long])
409 AC_CHECK_HEADERS([ \
410 fcntl.h io.h \
411 sys/types.h sys/socket.h \
412 unistd.h dlfcn.h \
413 netinet/in.h netinet/in_systm.h \
414 netinet/tcp.h arpa/inet.h netdb.h \
415 versionhelpers.h \
416 ])
417 AC_CHECK_HEADERS([ \
418 sys/time.h sys/ioctl.h sys/stat.h \
419 sys/mman.h sys/file.h sys/wait.h \
420 unistd.h libgen.h stropts.h \
421 syslog.h pwd.h grp.h termios.h \
422 sys/sockio.h sys/uio.h linux/sockios.h \
423 linux/types.h poll.h sys/epoll.h err.h \
424 ])
425
426 SOCKET_INCLUDES="
427 #include <stdlib.h>
428 #ifdef HAVE_SYS_TYPES_H
429 #include <sys/types.h>
430 #endif
431 #ifdef HAVE_SYS_SOCKET_H
432 #include <sys/socket.h>
433 #endif
434 #ifdef HAVE_NET_IF_H
435 #include <net/if.h>
436 #endif
437 #ifdef HAVE_NETINET_IN_H
438 #include <netinet/in.h>
439 #endif
440 #ifdef _WIN32
441 #include <windows.h>
442 #endif
443 #ifdef _WIN32
444 #include <winsock2.h>
445 #endif
446 #ifdef _WIN32
447 #include <ws2tcpip.h>
448 #endif
449 #ifdef HAVE_NETINET_IN_SYSTM_H
450 #include <netinet/in_systm.h>
451 #endif
452 #ifdef HAVE_NETINET_IP_H
453 #include <netinet/ip.h>
454 #endif
455 "
456
457 AC_CHECK_HEADERS(
458 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h],
459 ,
460 ,
461 [[${SOCKET_INCLUDES}]]
462 )
463
464 AC_CHECK_TYPES(
465 [in_addr_t],
466 ,
467 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])],
468 [[${SOCKET_INCLUDES}]]
469 )
470 AC_CHECK_TYPES(
471 [in_port_t],
472 ,
473 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])],
474 [[${SOCKET_INCLUDES}]]
475 )
476 AC_CHECK_TYPE(
477 [struct iphdr],
478 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])],
479 ,
480 [[${SOCKET_INCLUDES}]]
481 )
482 AC_CHECK_TYPE(
483 [struct sock_extended_err],
484 [AC_DEFINE([HAVE_SOCK_EXTENDED_ERR], [1], [struct sock_extended_err needed for extended socket error support])],
485 ,
486 [[${SOCKET_INCLUDES}]]
487 )
488 AC_CHECK_TYPE(
489 [struct msghdr],
490 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])],
491 ,
492 [[${SOCKET_INCLUDES}]]
493 )
494 AC_CHECK_TYPE(
495 [struct cmsghdr],
496 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])],
497 ,
498 [[${SOCKET_INCLUDES}]]
499 )
500 AC_CHECK_TYPE(
501 [struct in_pktinfo],
502 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])],
503 ,
504 [[${SOCKET_INCLUDES}]]
505 )
506 AC_CHECK_TYPE(
507 [sa_family_t],
508 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])],
509 ,
510 [[${SOCKET_INCLUDES}]]
511 )
512 AC_CHECK_MEMBER(
513 [struct in_pktinfo.ipi_spec_dst],
514 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])],
515 ,
516 [[${SOCKET_INCLUDES}]]
517 )
518 AC_CHECK_TYPE(
519 [struct sockaddr_in6],
520 ,
521 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])],
522 [[${SOCKET_INCLUDES}]]
523 )
524 AC_CHECK_DECLS(
525 [SO_MARK],
526 ,
527 ,
528 [[${SOCKET_INCLUDES}]]
529 )
530 AC_CHECKING([anonymous union support])
531 AC_COMPILE_IFELSE(
532 [AC_LANG_PROGRAM(
533 [[
534 struct mystruct {
535 union {
536 int m1;
537 char m2;
538 };
539 };
540 ]],
541 [[
542 struct mystruct s;
543 s.m1 = 1; s.m2 = 2;
544 ]]
545 )],
546 [
547 AC_MSG_RESULT([yes])
548 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions])
549 ],
550 [AC_MSG_RESULT([no])]
551 )
552
553 saved_LDFLAGS="$LDFLAGS"
554 LDFLAGS="$LDFLAGS -Wl,--wrap=exit"
555 AC_MSG_CHECKING([linker supports --wrap])
556 AC_LINK_IFELSE(
557 [AC_LANG_PROGRAM(
558 [[
559 void exit(int);
560 void __real_exit(int);
561 void __wrap_exit(int i) {
562 __real_exit(i);
563 }
564 ]],
565 [[
566 exit(0);
567 ]]
568 )],
569 [
570 AC_MSG_RESULT([yes])
571 have_ld_wrap_support=yes
572 ],
573 [AC_MSG_RESULT([no])],
574 )
575 LDFLAGS="$saved_LDFLAGS"
576
577 dnl We emulate signals in Windows
578 AC_CHECK_DECLS(
579 [SIGHUP],
580 ,
581 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])],
582 [[
583 #include <signal.h>
584 ]]
585 )
586 AC_CHECK_DECLS(
587 [SIGINT],
588 ,
589 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])],
590 [[
591 #include <signal.h>
592 ]]
593 )
594 AC_CHECK_DECLS(
595 [SIGUSR1],
596 ,
597 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])],
598 [[
599 #include <signal.h>
600 ]]
601 )
602 AC_CHECK_DECLS(
603 [SIGUSR2],
604 ,
605 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])],
606 [[
607 #include <signal.h>
608 ]]
609 )
610 AC_CHECK_DECLS(
611 [SIGTERM],
612 ,
613 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])],
614 [[
615 #include <signal.h>
616 ]]
617 )
618
619 AC_FUNC_FORK
620
621 AC_CHECK_FUNCS([ \
622 daemon chroot getpwnam setuid nice system dup dup2 \
623 syslog openlog mlockall getrlimit getgrnam setgid \
624 setgroups flock readv writev time gettimeofday \
625 setsid chdir \
626 chsize ftruncate execve getpeereid basename dirname access \
627 epoll_create strsep \
628 ])
629
630 AC_CHECK_LIB(
631 [dl],
632 [dlopen],
633 [DL_LIBS="-ldl"]
634 )
635 AC_SUBST([DL_LIBS])
636
637 AC_CHECK_LIB(
638 [nsl],
639 [inet_ntoa],
640 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"]
641 )
642 AC_CHECK_LIB(
643 [socket],
644 [socket],
645 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"]
646 )
647 AC_CHECK_LIB(
648 [resolv],
649 [gethostbyname],
650 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"]
651 )
652 AC_SUBST([SOCKETS_LIBS])
653
654 old_LIBS="${LIBS}"
655 LIBS="${LIBS} ${SOCKETS_LIBS}"
656 AC_CHECK_FUNCS([sendmsg recvmsg])
657
658 LIBS="${old_LIBS}"
659
660 # we assume res_init() always exist, but need to find out *where*...
661 AC_SEARCH_LIBS(__res_init, resolv bind, ,
662 AC_SEARCH_LIBS(res_9_init, resolv bind, ,
663 AC_SEARCH_LIBS(res_init, resolv bind, , )))
664
665 AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap])
666 old_CFLAGS="${CFLAGS}"
667 CFLAGS="${CFLAGS} ${TAP_CFLAGS}"
668 AC_CHECK_HEADERS(
669 [ \
670 net/if_tun.h net/tun/if_tun.h \
671 linux/if_tun.h \
672 tap-windows.h \
673 ],
674 [have_tap_header="yes"]
675 )
676 AC_CHECK_DECLS(
677 [TUNSETPERSIST],
678 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])],
679 ,
680 [[
681 #ifdef HAVE_LINUX_IF_TUN_H
682 #include <linux/if_tun.h>
683 #endif
684 ]]
685 )
686 CFLAGS="${old_CFLAGS}"
687 test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found])
688
689 AC_CHECK_LIB(
690 [selinux],
691 [setcon],
692 [SELINUX_LIBS="-lselinux"]
693 )
694 AC_SUBST([SELINUX_LIBS])
695
696 AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam])
697 AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam])
698 if test -z "${LIBPAM_LIBS}"; then
699 AC_CHECK_LIB(
700 [pam],
701 [pam_start],
702 [LIBPAM_LIBS="-lpam"]
703 )
704 fi
705
706 case "${with_mem_check}" in
707 valgrind)
708 AC_CHECK_HEADERS(
709 [valgrind/memcheck.h],
710 [
711 CFLAGS="${CFLAGS} -g -fno-inline"
712 AC_DEFINE(
713 [USE_VALGRIND],
714 [1],
715 [Use valgrind memory debugging library]
716 )
717 ],
718 [AC_MSG_ERROR([valgrind headers not found.])]
719 )
720 ;;
721 dmalloc)
722 AC_CHECK_HEADERS(
723 [dmalloc.h],
724 [AC_CHECK_LIB(
725 [dmalloc],
726 [malloc],
727 [
728 LIBS="${LIBS} -ldmalloc"
729 AC_DEFINE(
730 [DMALLOC],
731 [1],
732 [Use dmalloc memory debugging library]
733 )
734 ],
735 [AC_MSG_ERROR([dmalloc library not found.])]
736 )],
737 [AC_MSG_ERROR([dmalloc headers not found.])]
738 )
739 ;;
740 ssl)
741 AC_CHECK_LIB(
742 [ssl],
743 [CRYPTO_mem_ctrl],
744 [
745 AC_DEFINE(
746 [CRYPTO_MDEBUG],
747 [1],
748 [Use memory debugging function in OpenSSL]
749 )
750 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG])
751 ],
752 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])]
753 )
754 ;;
755 esac
756
757 PKG_CHECK_MODULES(
758 [PKCS11_HELPER],
759 [libpkcs11-helper-1 >= 1.11],
760 [have_pkcs11_helper="yes"],
761 []
762 )
763
764 if test "${with_crypto_library}" = "openssl"; then
765 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL])
766 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL])
767
768 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then
769 # if the user did not explicitly specify flags, try to autodetect
770 PKG_CHECK_MODULES(
771 [OPENSSL],
772 [openssl >= 1.0.2],
773 [have_openssl="yes"],
774 [] # If this fails, we will do another test next
775 )
776 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
777 fi
778
779 saved_CFLAGS="${CFLAGS}"
780 saved_LIBS="${LIBS}"
781 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}"
782 LIBS="${LIBS} ${OPENSSL_LIBS}"
783
784 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars
785 # are used, check the version directly in the OpenSSL include file
786 if test "${have_openssl}" != "yes"; then
787 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2])
788 AC_COMPILE_IFELSE(
789 [AC_LANG_PROGRAM(
790 [[
791 #include <openssl/opensslv.h>
792 ]],
793 [[
794 /* Version encoding: MNNFFPPS - see opensslv.h for details */
795 #if OPENSSL_VERSION_NUMBER < 0x10002000L
796 #error OpenSSL too old
797 #endif
798 ]]
799 )],
800 [AC_MSG_RESULT([ok])],
801 [AC_MSG_ERROR([OpenSSL version too old])]
802 )
803 fi
804
805 AC_CHECK_FUNCS([SSL_CTX_new],
806 ,
807 [AC_MSG_ERROR([openssl check failed])]
808 )
809
810 have_openssl_engine="yes"
811 AC_CHECK_FUNCS(
812 [ \
813 ENGINE_load_builtin_engines \
814 ENGINE_register_all_complete \
815 ENGINE_cleanup \
816 ],
817 ,
818 [have_openssl_engine="no"; break]
819 )
820 if test "${have_openssl_engine}" = "no"; then
821 AC_CHECK_DECL( [ENGINE_cleanup], [have_openssl_engine="yes"],,
822 [[
823 #include <openssl/engine.h>
824 ]]
825 )
826 fi
827 if test "${have_openssl_engine}" = "yes"; then
828 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available])
829 fi
830
831 AC_CHECK_FUNC(
832 [EVP_aes_256_gcm],
833 ,
834 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])]
835 )
836
837 # All supported OpenSSL version (>= 1.0.2)
838 # have this feature
839 have_export_keying_material="yes"
840
841 CFLAGS="${saved_CFLAGS}"
842 LIBS="${saved_LIBS}"
843
844 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
845 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}"
846 CRYPTO_LIBS="${OPENSSL_LIBS}"
847 elif test "${with_crypto_library}" = "mbedtls"; then
848 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls])
849 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls])
850
851 saved_CFLAGS="${CFLAGS}"
852 saved_LIBS="${LIBS}"
853
854 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then
855 # if the user did not explicitly specify flags, try to autodetect
856 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"
857 AC_CHECK_LIB(
858 [mbedtls],
859 [mbedtls_ssl_init],
860 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
861 [AC_MSG_ERROR([Could not find mbed TLS.])],
862 [${PKCS11_HELPER_LIBS}]
863 )
864 fi
865
866 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}"
867 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}"
868
869 AC_MSG_CHECKING([mbedtls version])
870 AC_COMPILE_IFELSE(
871 [AC_LANG_PROGRAM(
872 [[
873 #include <mbedtls/version.h>
874 ]],
875 [[
876 #if MBEDTLS_VERSION_NUMBER < 0x02000000 || MBEDTLS_VERSION_NUMBER >= 0x03000000
877 #error invalid version
878 #endif
879 ]]
880 )],
881 [AC_MSG_RESULT([ok])],
882 [AC_MSG_ERROR([mbed TLS 2.y.z required])]
883 )
884
885 AC_CHECK_FUNCS(
886 [ \
887 mbedtls_cipher_write_tag \
888 mbedtls_cipher_check_tag \
889 ],
890 ,
891 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])]
892 )
893
894 have_export_keying_material="yes"
895 AC_CHECK_FUNC(
896 [mbedtls_ssl_conf_export_keys_ext_cb],
897 ,
898 [have_export_keying_material="no"]
899 )
900
901 CFLAGS="${saved_CFLAGS}"
902 LIBS="${saved_LIBS}"
903 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
904 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
905 CRYPTO_LIBS="${MBEDTLS_LIBS}"
906
907 elif test "${with_crypto_library}" = "wolfssl"; then
908 AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should
909 contain the regular wolfSSL header files but also the
910 wolfSSL OpenSSL header files. Ex: -I/usr/local/include
911 -I/usr/local/include/wolfssl])
912 AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl])
913
914 saved_CFLAGS="${CFLAGS}"
915 saved_LIBS="${LIBS}"
916
917 if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then
918 # if the user did not explicitly specify flags, try to autodetect
919 PKG_CHECK_MODULES(
920 [WOLFSSL],
921 [wolfssl],
922 [],
923 [AC_MSG_ERROR([Could not find wolfSSL.])]
924 )
925 PKG_CHECK_VAR(
926 [WOLFSSL_INCLUDEDIR],
927 [wolfssl],
928 [includedir],
929 [],
930 [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])]
931 )
932 WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl"
933 fi
934 saved_CFLAGS="${CFLAGS}"
935 saved_LIBS="${LIBS}"
936 CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}"
937 LIBS="${LIBS} ${WOLFSSL_LIBS}"
938
939 AC_CHECK_LIB(
940 [wolfssl],
941 [wolfSSL_Init],
942 [],
943 [AC_MSG_ERROR([Could not link wolfSSL library.])]
944 )
945 AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
946
947 # wolfSSL signal EKM support
948 have_export_keying_material="yes"
949
950 if test "${enable_wolfssl_options_h}" = "yes"; then
951 AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
952 else
953 AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library])
954 fi
955
956 have_export_keying_material="yes"
957
958 CFLAGS="${saved_CFLAGS}"
959 LIBS="${saved_LIBS}"
960
961 AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library])
962 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer])
963 CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}"
964 CRYPTO_LIBS="${WOLFSSL_LIBS}"
965 else
966 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
967 fi
968
969 AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo])
970 AC_ARG_VAR([LZO_LIBS], [linker flags for lzo])
971 have_lzo="yes"
972 if test -z "${LZO_LIBS}"; then
973 AC_CHECK_LIB(
974 [lzo2],
975 [lzo1x_1_15_compress],
976 [LZO_LIBS="-llzo2"],
977 [AC_CHECK_LIB(
978 [lzo],
979 [lzo1x_1_15_compress],
980 [LZO_LIBS="-llzo"],
981 [have_lzo="no"]
982 )]
983 )
984 fi
985 if test "${have_lzo}" = "yes"; then
986 saved_CFLAGS="${CFLAGS}"
987 CFLAGS="${CFLAGS} ${LZO_CFLAGS}"
988 AC_CHECK_HEADERS(
989 [lzo/lzoutil.h],
990 ,
991 [AC_CHECK_HEADERS(
992 [lzoutil.h],
993 ,
994 [AC_MSG_ERROR([lzoutil.h is missing])]
995 )]
996 )
997 AC_CHECK_HEADERS(
998 [lzo/lzo1x.h],
999 ,
1000 [AC_CHECK_HEADERS(
1001 [lzo1x.h],
1002 ,
1003 [AC_MSG_ERROR([lzo1x.h is missing])]
1004 )]
1005 )
1006 CFLAGS="${saved_CFLAGS}"
1007 fi
1008
1009 dnl
1010 dnl check for LZ4 library
1011 dnl
1012
1013 AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
1014 AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
1015 if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
1016 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
1017 # if the user did not explicitly specify flags, try to autodetect
1018 PKG_CHECK_MODULES([LZ4],
1019 [liblz4 >= 1.7.1 liblz4 < 100],
1020 [have_lz4="yes"],
1021 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
1022 # We also add set LZ4_LIBS otherwise the
1023 # linker will not know about the lz4 library
1024 )
1025 fi
1026
1027 saved_CFLAGS="${CFLAGS}"
1028 saved_LIBS="${LIBS}"
1029 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
1030 LIBS="${LIBS} ${LZ4_LIBS}"
1031
1032 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
1033 # are used, check the version directly in the LZ4 include file
1034 if test "${have_lz4}" != "yes"; then
1035 AC_CHECK_HEADERS([lz4.h],
1036 [have_lz4h="yes"],
1037 [])
1038
1039 if test "${have_lz4h}" = "yes" ; then
1040 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
1041 AC_COMPILE_IFELSE(
1042 [AC_LANG_PROGRAM([[
1043 #include <lz4.h>
1044 ]],
1045 [[
1046 /* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
1047 #if LZ4_VERSION_NUMBER < 10701L
1048 #error LZ4 is too old
1049 #endif
1050 ]]
1051 )],
1052 [
1053 AC_MSG_RESULT([ok])
1054 have_lz4="yes"
1055 ],
1056 [AC_MSG_ERROR([system LZ4 library is too old])]
1057 )
1058 fi
1059 fi
1060
1061 # Double check we have a few needed functions
1062 if test "${have_lz4}" = "yes" ; then
1063 AC_CHECK_LIB([lz4],
1064 [LZ4_compress_default],
1065 [],
1066 [have_lz4="no"])
1067 AC_CHECK_LIB([lz4],
1068 [LZ4_decompress_safe],
1069 [],
1070 [have_lz4="no"])
1071 fi
1072
1073 if test "${have_lz4}" != "yes" ; then
1074 AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4])
1075 LZ4_LIBS=""
1076 fi
1077 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
1078 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
1079 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
1080 CFLAGS="${saved_CFLAGS}"
1081 LIBS="${saved_LIBS}"
1082 fi
1083
1084
1085 dnl
1086 dnl Check for systemd
1087 dnl
1088 AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"])
1089 if test "$enable_systemd" = "yes" ; then
1090 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd],
1091 [],
1092 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
1093 )
1094
1095 PKG_CHECK_EXISTS( [libsystemd > 216],
1096 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1],
1097 [systemd is newer than v216])]
1098 )
1099
1100 AC_CHECK_HEADERS(systemd/sd-daemon.h,
1101 ,
1102 [
1103 AC_MSG_ERROR([systemd development headers not found.])
1104 ])
1105
1106 saved_LIBS="${LIBS}"
1107 LIBS="${LIBS} ${libsystemd_LIBS}"
1108 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])])
1109 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
1110 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
1111 LIBS="${saved_LIBS}"
1112
1113 if test -n "${SYSTEMD_UNIT_DIR}"; then
1114 systemdunitdir="${SYSTEMD_UNIT_DIR}"
1115 else
1116 systemdunitdir="\${libdir}/systemd/system"
1117 fi
1118
1119 if test -n "${TMPFILES_DIR}"; then
1120 tmpfilesdir="${TMPFILES_DIR}"
1121 else
1122 tmpfilesdir="\${libdir}/tmpfiles.d"
1123 fi
1124 fi
1125
1126
1127 AC_MSG_CHECKING([git checkout])
1128 GIT_CHECKOUT="no"
1129 if test -n "${GIT}" -a -d "${srcdir}/.git"; then
1130 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h])
1131 GIT_CHECKOUT="yes"
1132 fi
1133 AC_MSG_RESULT([${GIT_CHECKOUT}])
1134
1135 dnl enable --x509-username-field feature if requested
1136 if test "${enable_x509_alt_username}" = "yes"; then
1137 if test "${with_crypto_library}" = "mbedtls" ; then
1138 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature])
1139 fi
1140
1141 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature])
1142 fi
1143
1144 test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
1145 test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
1146 test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size])
1147 test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
1148 test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
1149 test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal packet filter])
1150 test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers])
1151
1152 test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
1153 if test "${have_export_keying_material}" = "yes"; then
1154 AC_DEFINE(
1155 [HAVE_EXPORT_KEYING_MATERIAL], [1],
1156 [Crypto library supports keying material exporter]
1157 )
1158 fi
1159 OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
1160 OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
1161
1162 if test "${enable_plugins}" = "yes"; then
1163 OPTIONAL_DL_LIBS="${DL_LIBS}"
1164 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support])
1165 else
1166 enable_plugin_auth_pam="no"
1167 enable_plugin_down_root="no"
1168 fi
1169
1170 AM_CONDITIONAL([HAVE_SITNL], [false])
1171
1172 if test "${enable_iproute2}" = "yes"; then
1173 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing])
1174 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support])
1175 else if test "${have_sitnl}" = "yes"; then
1176 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support])
1177 AM_CONDITIONAL([HAVE_SITNL], [true])
1178 else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then
1179 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing])
1180 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing])
1181 fi
1182 fi
1183 fi
1184
1185 if test "${enable_selinux}" = "yes"; then
1186 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing])
1187 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}"
1188 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support])
1189 fi
1190
1191 if test "${enable_lzo}" = "yes"; then
1192 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing])
1193 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}"
1194 OPTIONAL_LZO_LIBS="${LZO_LIBS}"
1195 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1196 fi
1197 if test "${enable_comp_stub}" = "yes"; then
1198 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)])
1199 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)])
1200 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability])
1201 fi
1202
1203 if test "${enable_pkcs11}" = "yes"; then
1204 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
1205 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
1206 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
1207 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
1208 PKG_CHECK_MODULES(
1209 [P11KIT],
1210 [p11-kit-1],
1211 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`"
1212 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])],
1213 []
1214 )
1215 fi
1216
1217 # When testing a compiler option, we add -Werror to force
1218 # an error when the option is unsupported. This is not
1219 # required for gcc, but some compilers such as clang needs it.
1220 AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [
1221 old_cflags="$CFLAGS"
1222 CFLAGS="$1 -Werror $CFLAGS"
1223 AC_MSG_CHECKING([whether the compiler accepts $1])
1224 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags",
1225 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])]
1226 )
1227
1228 ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation])
1229 ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-unused-function])
1230 ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-unused-parameter])
1231 ACL_CHECK_ADD_COMPILE_FLAGS([-Wall])
1232
1233 if test "${enable_pedantic}" = "yes"; then
1234 enable_strict="yes"
1235 CFLAGS="${CFLAGS} -pedantic"
1236 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode])
1237 fi
1238 if test "${enable_strict}" = "yes"; then
1239 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized"
1240 fi
1241 if test "${enable_werror}" = "yes"; then
1242 CFLAGS="${CFLAGS} -Werror"
1243 fi
1244
1245 if test "${enable_plugin_auth_pam}" = "yes"; then
1246 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}"
1247 if test "${enable_pam_dlopen}" = "yes"; then
1248 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam])
1249 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}"
1250 else
1251 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing])
1252 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}"
1253 fi
1254 fi
1255
1256 if test "${enable_async_push}" = "yes"; then
1257 case "$host" in
1258 *-*-freebsd*)
1259 PKG_CHECK_MODULES(
1260 [OPTIONAL_INOTIFY],
1261 [libinotify],
1262 [
1263 AC_DEFINE([HAVE_SYS_INOTIFY_H])
1264 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push])
1265 ]
1266 )
1267 ;;
1268 *)
1269 AC_CHECK_HEADERS(
1270 [sys/inotify.h],
1271 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]),
1272 AC_MSG_ERROR([inotify.h not found.])
1273 )
1274 ;;
1275 esac
1276 fi
1277
1278 CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
1279 AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
1280
1281 TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID"
1282 TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR"
1283 TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR"
1284 AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id])
1285 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN])
1286 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN])
1287 AC_SUBST([TAP_WIN_COMPONENT_ID])
1288 AC_SUBST([TAP_WIN_MIN_MAJOR])
1289 AC_SUBST([TAP_WIN_MIN_MINOR])
1290
1291 AC_SUBST([OPTIONAL_DL_LIBS])
1292 AC_SUBST([OPTIONAL_SELINUX_LIBS])
1293 AC_SUBST([OPTIONAL_CRYPTO_CFLAGS])
1294 AC_SUBST([OPTIONAL_CRYPTO_LIBS])
1295 AC_SUBST([OPTIONAL_LZO_CFLAGS])
1296 AC_SUBST([OPTIONAL_LZO_LIBS])
1297 AC_SUBST([OPTIONAL_LZ4_CFLAGS])
1298 AC_SUBST([OPTIONAL_LZ4_LIBS])
1299 AC_SUBST([OPTIONAL_SYSTEMD_LIBS])
1300 AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS])
1301 AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS])
1302 AC_SUBST([OPTIONAL_INOTIFY_CFLAGS])
1303 AC_SUBST([OPTIONAL_INOTIFY_LIBS])
1304
1305 AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS])
1306 AC_SUBST([PLUGIN_AUTH_PAM_LIBS])
1307
1308 AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
1309 AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
1310 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
1311 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
1312 AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"])
1313 AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
1314
1315 sampledir="\$(docdir)/sample"
1316 AC_SUBST([plugindir])
1317 AC_SUBST([sampledir])
1318
1319 AC_SUBST([systemdunitdir])
1320 AC_SUBST([tmpfilesdir])
1321
1322 AC_ARG_ENABLE(
1323 [unit-tests],
1324 [AS_HELP_STRING([--disable-unit-tests],
1325 [Disables building and running the unit tests suite])],
1326 [],
1327 [enable_unit_tests="yes"]
1328 )
1329
1330 # Check if cmocka is available - needed for unit testing
1331 PKG_CHECK_MODULES(
1332 [CMOCKA], [cmocka],
1333 [have_cmocka="yes"],
1334 [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])]
1335 )
1336 AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ])
1337 AC_SUBST([ENABLE_UNITTESTS])
1338
1339 TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}"
1340 TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}"
1341 TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}"
1342 TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}"
1343 TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}"
1344
1345 AC_SUBST([TEST_LDFLAGS])
1346 AC_SUBST([TEST_CFLAGS])
1347
1348 AC_CONFIG_FILES([
1349 version.sh
1350 Makefile
1351 build/Makefile
1352 build/msvc/Makefile
1353 build/msvc/msvc-generate/Makefile
1354 distro/Makefile
1355 distro/systemd/Makefile
1356 doc/Makefile
1357 doc/doxygen/Makefile
1358 doc/doxygen/openvpn.doxyfile
1359 include/Makefile
1360 sample/sample-plugins/Makefile
1361 src/Makefile
1362 src/compat/Makefile
1363 src/openvpn/Makefile
1364 src/openvpnmsica/Makefile
1365 src/openvpnserv/Makefile
1366 src/plugins/Makefile
1367 src/plugins/auth-pam/Makefile
1368 src/plugins/down-root/Makefile
1369 src/tapctl/Makefile
1370 tests/Makefile
1371 tests/unit_tests/Makefile
1372 tests/unit_tests/example_test/Makefile
1373 tests/unit_tests/openvpn/Makefile
1374 tests/unit_tests/plugins/Makefile
1375 tests/unit_tests/plugins/auth-pam/Makefile
1376 tests/unit_tests/engine-key/Makefile
1377 sample/Makefile
1378 ])
1379 AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])
1380 AC_OUTPUT
Mirror of https://github.com/OpenVPN/openvpn.git