# DNET_FOUND - True if dnet found.
# HAVE_DUMBNET_H - True if found dumnet rather than dnet
-
-
set(ERROR_MESSAGE
"
ERROR! dnet header not found, go get it from
http://code.google.com/p/libdnet/ or use the --with-dnet-*
- options, if you have it installed in an unusual place. You can also
- set the DNET_DIR shell variable to dnets root installation directory"
+ options, if you have it installed in an unusual place.
+ "
)
-
# Check for libdumbnet first, then libdnet
-unset (DNET_INCLUDE_DIR CACHE)
-find_path(DNET_INCLUDE_DIR
- NAMES dumbnet.h
- HINTS ENV DNETDIR
-)
+find_path(DNET_INCLUDE_DIR dumbnet.h
+ HINTS ${DNET_INCLUDE_DIR_HINT})
-# If we found libdument header, define HAVE_DUMBNET_H for config.h generation.
+# If we found libdument header, define HAVE_DUMBNET_H for config.h generation
+# and search for libdumnet.
if (DNET_INCLUDE_DIR)
- set(HAVE_DUMBNET_H "YES")
+ set(HAVE_DUMBNET_H "1")
+ find_library(DNET_LIBRARIES NAMES dumbnet
+ HINTS ${DNET_LIBRARIES_DIR_HINT})
+else ()
+ find_path(DNET_INCLUDE_DIR dnet.h
+ HINTS ${DNET_INCLUDE_DIR_HINT})
+ find_library(DNET_LIBRARIES NAMES dnet
+ HINTS ${DNET_LIBRARIES_DIR_HINT})
endif()
-
-# Search for library twice. The first time using the custom path, second time
-# using standard paths
-find_library(DNET_LIBRARIES
- NAMES dumbnet
- HINTS ${DNET_LIBRARIES_DIR} # user specified option in ./configure_cmake.sh
- NO_DEFAULT_PATH
- NO_CMAKE_ENVIRONMENT_PATH
-)
-find_library(DNET_LIBRARIES
- NAMES dumbnet
-)
-
-
-find_path(DNET_INCLUDE_DIR
- NAMES dnet.h
- HINTS ENV DNETDIR
-)
-
-find_library(DNET_LIBRARIES
- NAMES dnet
- HINTS ${DNET_LIBRARIES_DIR}
- NO_DEFAULT_PATH
- NO_CMAKE_ENVIRONMENT_PATH
-)
-find_library(DNET_LIBRARIES
- NAMES dnet
-)
-
-
-
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(DNET
REQUIRED_VARS DNET_INCLUDE_DIR DNET_LIBRARIES
# LUAJIT_FOUND, if false, do not try to link to Lua
# LUAJIT_LIBRARIES
# LUAJIT_INCLUDE_DIR, where to find lua.h
-# LUAJIT_VERSION_STRING, the version of Lua found (since CMake 2.8.8)
-
-## Copied from default CMake FindLua51.cmake
-set( LUA_PATHS
- ~/Library/Frameworks
- /Library/Frameworks
- /sw
- /opt/local
- /opt/csw
- /opt
-)
+# LUAJIT_VERSION_STRING, the version of LuaJIT found
set(ERROR_MESSAGE
"\n\tCan't Find luajit! Get it from
http://luajit.org/download.html or use the --with-luajit-*
- options if you have it installed inn an unusual place. You can
- also set the LUA_DIR environment variablet to the daqs root installation directory\n"
+ options if you have it installed inn an unusual place.\n"
)
+find_package(PkgConfig)
+pkg_check_modules(PC_LUAJIT luajit)
-find_path(LUAJIT_INCLUDE_DIR
- NAMES luajit.h
- HINTS ENV LUA_DIR
- PATH_SUFFIXES include include/luajit-2.0
- PATHS ${LUA_PATHS}
-)
-
-find_library(LUAJIT_LIBRARIES
- NAMES luajit-5.1
- HINTS ${LUAJIT_LIBRARIES_DIR}
- DOC "Lua Libraries"
- NO_DEFAULT_PATH
- NO_CMAKE_ENVIRONMENT_PATH
-)
-find_library(LUAJIT_LIBRARIES
- NAMES luajit-5.1
- HINTS ENV LUA_DIR
- PATH_SUFFIXES luajit-5.1
- PATHS ${LUA_PATHS}
- DOC "Lua Libraries"
-)
+# Use LUAJIT_INCLUDE_DIR_HINT and LUAJIT_LIBRARY_DIR_HINT from configure_cmake.sh as primary hints
+# and then package config information after that.
+find_path(LUAJIT_INCLUDE_DIR luajit.h
+ HINTS ${LUAJIT_INCLUDE_DIR_HINT} ${PC_LUAJIT_INCLUDEDIR} ${PC_LUAJIT_INCLUDE_DIRS})
+find_library(LUAJIT_LIBRARIES NAMES luajit-5.1
+ HINTS ${LUAJIT_LIBRARIES_DIR_HINT} ${PC_LUAJIT_LIBDIR} ${PC_LUAJIT_LIBRARY_DIRS})
if (APPLE)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${LUAJIT_LIBRARIES} -pagezero_size 10000 -image_base 100000000")
endif()
-if(LUAJIT_LIBRARIES)
- # include the math library for Unix
- if(UNIX AND NOT APPLE)
- find_library(MATH_LIBRARY m)
- list(APPEND LUAJIT_LIBRARIES "${MATH_LIBRARY}")
- endif()
-endif()
-
-
if(LUAJIT_INCLUDE_DIR AND EXISTS "${LUAJIT_INCLUDE_DIR}/luajit.h")
file(STRINGS "${LUAJIT_INCLUDE_DIR}/luajit.h" luajit_version_str REGEX "^#define[ \t]+LUAJIT_VERSION[ \t]+\"LuaJIT .+\"")
FAIL_MESSAGE "${ERROR_MESSAGE}"
)
-mark_as_advanced(
- LUAJIT_INCLUDE_DIR
- LUAJIT_LIBRARIES
- MATH_LIBRARY
-)
+mark_as_advanced(LUAJIT_INCLUDE_DIR LUAJIT_LIBRARIES)
#
# PCAP_FOUND System has libpcap, include and library dirs found
# PCAP_INCLUDE_DIR The libpcap include directories.
-# PCAP_LIBRARIES The libpcap library (possibly includes a thread
-# library e.g. required by pf_ring's libpcap)
-# HAVE_LIBPFRING If a found version of libpcap supports PF_RING
+# PCAP_LIBRARIES The libpcap library
set(ERROR_MESSAGE
endif ()
endif ()
-include(CheckFunctionExists)
-set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARIES})
-check_function_exists(pcap_get_pfring_id HAVE_LIBPFRING)
-set(CMAKE_REQUIRED_LIBRARIES)
-
mark_as_advanced(
PCAP_INCLUDE_DIR
PCAP_LIBRARIES
\tGet it from http://www.pcre.org\n"
)
-find_path(PCRE_INCLUDE_DIR
- NAMES pcre.h
-)
-
-
-find_library(PCRE_LIBRARIES
- NAMES pcre
- HINTS ${PCRE_LIBRARIES_DIR} # from ./configure_cmake.sh script
- NO_DEFAULT_PATH
- NO_CMAKE_ENVIRONMENT_PATH
-)
-
-find_library(PCRE_LIBRARIES
- NAMES pcre
-)
+find_package(PkgConfig)
+pkg_check_modules(PC_PCRE libpcre)
+# Use PCRE_INCLUDE_DIR_HINT and PCRE_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints
+# and then package config information after that.
+find_path(PCRE_INCLUDE_DIR pcre.h
+ HINTS ${PCRE_INCLUDE_DIR_HINT} ${PC_PCRE_INCLUDEDIR} ${PC_PCRE_INCLUDE_DIRS})
+find_library(PCRE_LIBRARIES NAMES pcre
+ HINTS ${PCRE_LIBRARIES_DIR_HINT} ${PC_PCRE_LIBDIR} ${PC_PCRE_LIBRARY_DIRS})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(PCRE
FAIL_MESSAGE "${ERROR_MESSAGE}"
)
-set(bindir "${CMAKE_CURRENT_BINARY_DIR}/pcre_version")
-set(srcfile "${CMAKE_CURRENT_LIST_DIR}/Pcre/check_pcre_version.cpp")
-
-try_compile(VALID_PCRE_VERSION "${bindir}" "${srcfile}"
- CMAKE_FLAGS
- "-DLINK_LIBRARIES:STRING=${PCRE_LIBRARIES}"
- "-DINCLUDE_DIRECTORIES:STRING=${PCRE_INCLUDE_DIR}"
-)
-
-
-if(NOT VALID_PCRE_VERSION)
- # unset these variables to ensure we search for PCRE again
- unset(PCRE_FOUND CACHE)
- unset(PCRE_INCLUDE_DIR CACHE)
- unset(PCRE_LIBRARIES CACHE)
- message(SEND_ERROR
- "\nERROR! Libpcre library version >= 6.0 not found."
- " Get it from http://www.pcre.org\n\n"
- )
-endif()
-
-
mark_as_advanced(
PCRE_LIBRARIES
PCRE_INCLUDE_DIR
+++ /dev/null
-#include <pcre.h>
-
-#if (PCRE_MAJOR < 6)
-#error "Version failure."
-#else
-int main(void)
-{
- int a, b = 0, c = 0, d = 0;
- pcre *tmp = NULL;
- a = pcre_copy_named_substring(tmp, "", &b, c, "", "", d);
-}
-#endif
set ( MAKE_TEXT_DOC OFF CACHE BOOL ${MAKE_TEXT_DOC_HELP_STRING} FORCE )
endif()
+# security
+
+if ( ENABLE_HARDENED_BUILD )
+
+ check_cxx_compiler_flag ( "-Wdate-time" HAS_WDATE_TIME_CPPFLAG )
+ if ( HAS_WDATE_TIME_CPPFLAG )
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wdate-time" )
+ endif ()
+
+ check_cxx_compiler_flag ( "-D_FORTIFY_SOURCE=2" HAS_FORTIFY_SOURCE_2_CPPFLAG )
+ if ( HAS_FORTIFY_SOURCE_2_CPPFLAG )
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -D_FORTIFY_SOURCE=2" )
+ endif ()
+
+ check_cxx_compiler_flag ( "-fstack-protector-strong" HAS_FSTACK_PROTECTOR_STRONG_CXXFLAG )
+ if ( HAS_FSTACK_PROTECTOR_STRONG_CXXFLAG )
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fstack-protector-strong" )
+ endif ()
+
+ check_cxx_compiler_flag ( "-Wformat" HAS_WFORMAT_CXXFLAG )
+ if ( HAS_WFORMAT_CXXFLAG )
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wformat" )
+ endif ()
+
+ check_cxx_compiler_flag ( "-Werror=format-security" HAS_WERROR_FORMAT_SECURITY_CXXFLAG )
+ if ( HAS_WERROR_FORMAT_SECURITY_CXXFLAG )
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror=format-security" )
+ endif ()
+
+ set ( CMAKE_REQUIRED_FLAGS "-Wl,-z,relro" )
+ check_cxx_compiler_flag ( "" HAS_ZRELRO_LDFLAG )
+ if ( HAS_ZRELRO_LDFLAG )
+ set ( CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro" )
+ set ( CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,-z,relro" )
+ endif ()
+ unset ( CMAKE_REQUIRED_FLAGS )
+
+ set ( CMAKE_REQUIRED_FLAGS "-Wl,-z,now" )
+ check_cxx_compiler_flag ( "-Wl,-z,now" HAS_ZNOW_LDFLAG )
+ if ( HAS_ZNOW_LDFLAG )
+ set ( CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,now" )
+ set ( CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,-z,now" )
+ endif ()
+ unset ( CMAKE_REQUIRED_FLAGS )
+
+endif ( ENABLE_HARDENED_BUILD )
+
+if ( ENABLE_PIE )
+ check_cxx_compiler_flag ( "-fPIE -pie" HAS_PIE_SUPPORT )
+ if ( HAS_PIE_SUPPORT )
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE" )
+ set ( CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie" )
+ set ( CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -fPIE -pie" )
+ endif ()
+endif ( ENABLE_PIE )
+
# debugging
set ( DEBUG_MSGS ${ENABLE_DEBUG_MSGS} )
option ( ENABLE_UNIT_TESTS "enable unit tests" OFF )
option ( ENABLE_PIGLET "enable piglet test harness" OFF )
-option ( ENABLE_PTHREAD "enable pthread support" ON )
option ( ENABLE_COREFILES "Prevent Snort from generating core files" ON )
option ( ENABLE_INTEL_SOFT_CPM "Enable Intel Soft CPM support" OFF )
option ( ENABLE_LARGE_PCAP "Enable support for pcaps larger than 2 GB" OFF )
option ( MAKE_PDF_DOC "Create the PDF documentation" ON )
option ( MAKE_TEXT_DOC "Create the text documentation" ON )
+# security
+option ( ENABLE_HARDENED_BUILD "Detect and use compile-time hardening options" OFF )
+option ( ENABLE_PIE "Attempt to produce a position-independent executable" OFF )
+
# debugging
option ( ENABLE_DEBUG_MSGS "Enable debug printing options (bugreports and developers only)" OFF )
option ( ENABLE_DEBUG "Enable debugging options (bugreports and developers only)" OFF )
# set library variables
-
-if (DEFINED OPENSSL_CRYPTO_LIBRARIES)
+if (OPENSSL_FOUND AND DEFINED OPENSSL_CRYPTO_LIBRARIES)
check_library_exists (${OPENSSL_CRYPTO_LIBRARIES} SHA256_Init "" HAVE_OPENSSL_SHA)
check_library_exists (${OPENSSL_CRYPTO_LIBRARIES} MD5_Init "" HAVE_OPENSSL_MD5)
endif()
check_library_exists (${LIBLZMA_LIBRARIES} lzma_code "" HAVE_LZMA)
endif()
-# FIXIT-L J is this necessary?
-set ( HAVE___FUNCTION__ HAS_CXX11_FUNC )
check_library_exists (pcap pcap_lib_version "${PCAP_LIBRARIES}" HAVE_PCAP_LIB_VERSION)
-check_library_exists (pcap pcap_lex_destroy "${PCAP_LIBRARIES}" HAVE_PCAP_LEX_DESTROY)
# fi
#fi
+#--------------------------------------------------------------------------
+# compile-time security features
+#--------------------------------------------------------------------------
+
+# Based on Debian's hardening options (https://wiki.debian.org/Hardening)
+# Desired options:
+# CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2
+# CFLAGS/CXXFLAGS: -fPIE -fstack-protector-strong -Wformat -Werror=format-security
+# LDFLAGS: -fPIE -pie -Wl,-z,relro -Wl,-z,now
+
+AC_ARG_ENABLE(hardened_build,
+ AS_HELP_STRING([--enable-hardened-build], [Detect and use compile-time hardening options]))
+
+if test "x$enable_hardened_build" = "xyes"; then
+
+ AX_CHECK_PREPROC_FLAG([-Wdate-time], [HARD_CPPFLAGS="$HARD_CPPFLAGS -Wdate-time"])
+
+ AX_CHECK_PREPROC_FLAG([-D_FORTIFY_SOURCE=2], [HARD_CPPFLAGS="$HARD_CPPFLAGS -D_FORTIFY_SOURCE=2"])
+
+ AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [HARD_CFLAGS="$HARD_CFLAGS -fstack-protector-strong"])
+
+ AX_CHECK_COMPILE_FLAG([-Wformat], [HARD_CFLAGS="$HARD_CFLAGS -Wformat"])
+
+ AX_CHECK_COMPILE_FLAG([-Werror=format-security], [HARD_CFLAGS="$HARD_CFLAGS -Werror=format-security"])
+
+ AX_CHECK_LINK_FLAG([-Wl,-z,relro], [HARD_LDFLAGS="$HARD_LDFLAGS -Wl,-z,relro"])
+
+ AX_CHECK_LINK_FLAG([-Wl,-z,now], [HARD_LDFLAGS="$HARD_LDFLAGS -Wl,-z,now"])
+
+fi
+
+# PIE support gets its own switch since it requires any static libraries Snort wants to link in to
+# be built with PIC, which may or may not be feasible for the user.
+
+AC_ARG_ENABLE(pie,
+ AS_HELP_STRING([--enable-pie], [Attempt to produce a position-independent executable]))
+
+if test "x$enable_pie" = "xyes"; then
+
+ AX_CHECK_COMPILE_FLAG([-fPIE], [HARD_CFLAGS="$HARD_CFLAGS -fPIE"])
+
+ AX_CHECK_LINK_FLAG([-fPIE -pie], [HARD_LDFLAGS="$HARD_LDFLAGS -fPIE -pie"])
+
+fi
+
#--------------------------------------------------------------------------
# typedefs, structures, and compiler characteristics
#--------------------------------------------------------------------------
fi
LPCAP=""
+AC_CHECK_HEADERS([pcap.h],, LPCAP="no")
AC_CHECK_LIB(pcap, pcap_datalink,, LPCAP="no")
-# If both the AC_CHECK_LIB for normal pcap and pfring-enabled pcap fail then exit.
if test "x$LPCAP" = "xno"; then
- if test "x$LPFRING_PCAP" = "xno"; then
echo
echo " ERROR: Libpcap library/headers (libpcap.a (or .so)/pcap.h)"
echo " not found, go get it from http://www.tcpdump.org"
echo " in unusual place. Also check if your libpcap depends on another"
echo " shared library that may be installed in an unusual place"
exit 1
- fi
fi
AC_MSG_CHECKING([for pcap_lib_version])
# Verify that we have the library
PCRE_L=""
-pcre_version_six=""
AC_CHECK_LIB(pcre, pcre_compile, ,PCRE_L="no")
if test "x$PCRE_L" = "xno"; then
echo
echo " Get it from http://www.pcre.org"
echo
exit 1
-else
- AC_MSG_CHECKING(for libpcre version 6.0 or greater)
- AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <pcre.h>]], [[
- #if (PCRE_MAJOR < 6)
- #error "Version failure"
- #else
- int a, b = 0, c = 0, d = 0;
- pcre *tmp = NULL;
- a = pcre_copy_named_substring(tmp, "", &b, c, "", "", d);
- #endif
- ]])],[pcre_version_six="yes"],[pcre_version_six="no"])
-fi
-
-if test "x$pcre_version_six" != "xyes"; then
- AC_MSG_RESULT(no)
- echo
- echo " ERROR: Libpcre library version >= 6.0 not found."
- echo " Get it from http://www.pcre.org"
- echo
- exit 1
-else
- AC_MSG_RESULT(yes)
fi
#--------------------------------------------------------------------------
fi
AC_ARG_ENABLE(static_daq,
- AS_HELP_STRING([--disable-static-daq],[link static DAQ modules.]),
+ AS_HELP_STRING([--disable-static-daq],[link static DAQ modules]),
enable_static_daq="$enableval", enable_static_daq="yes")
if test "$DLLIB" != "no"; then
LDFLAGS="${LDFLAGS} -L${with_openssl_libraries}"
fi
-AC_CHECK_LIB([crypto],[SHA256_Init],AC_DEFINE([HAVE_OPENSSL_SHA],[1],openssl SHA available),)
-AC_CHECK_LIB([crypto],[MD5_Init],AC_DEFINE([HAVE_OPENSSL_MD5],[1],openssl MD5 available),)
+AC_CHECK_HEADERS([openssl/md5.h],
+ AC_CHECK_LIB([crypto],[MD5_Init],
+ AC_DEFINE([HAVE_OPENSSL_MD5],[1],openssl MD5 available)
+ BUILD_SSL_MD5="yes",
+ ))
+AM_CONDITIONAL([BUILD_SSL_MD5], test "x$BUILD_SSL_MD5" != "xyes" )
-AM_CONDITIONAL([BUILD_SSL_MD5], test "x$ac_cv_lib_crypto_MD5_Init" != "xyes" )
-AM_CONDITIONAL([BUILD_SSL_SHA], test "x$ac_cv_lib_crypto_SHA256_Init" != "xyes" )
+AC_CHECK_HEADERS([openssl/sha.h],
+ AC_CHECK_LIB([crypto],[SHA256_Init],
+ AC_DEFINE([HAVE_OPENSSL_SHA],[1],openssl SHA available)
+ BUILD_SSL_SHA="yes",
+ ))
+AM_CONDITIONAL([BUILD_SSL_SHA], test "x$BUILD_SSL_SHA" != "xyes" )
-if test "x$ac_cv_lib_crypto_MD5_Init" = "xyes"; then
+if test "x$BUILD_SSL_MD5" = "xyes" || test "x$BUILD_SSL_SHA" = "xyes" ; then
LIBS="${LIBS} -lcrypto"
fi
# Global defaults for AM_* flags. Can be overridden on a per-Makefile.am basis.
AM_CPPFLAGS='-I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/src/network_inspectors'
-AM_CPPFLAGS="${AM_CPPFLAGS} ${CODE_COVERAGE_CPPFLAGS}"
-AM_CFLAGS="${CODE_COVERAGE_CFLAGS}"
-AM_CXXFLAGS="${CODE_COVERAGE_CXXFLAGS}"
-AM_LDFLAGS="${CODE_COVERAGE_LDFLAGS}"
+AM_CPPFLAGS="${AM_CPPFLAGS} ${CODE_COVERAGE_CPPFLAGS} ${HARD_CPPFLAGS}"
+AM_CFLAGS="${CODE_COVERAGE_CFLAGS} ${HARD_CFLAGS}"
+AM_CXXFLAGS="${CODE_COVERAGE_CXXFLAGS} ${HARD_CFLAGS}"
+AM_LDFLAGS="${CODE_COVERAGE_LDFLAGS} ${HARD_LDFLAGS}"
# Special AM_CPPFLAGS for snort2lua.
snort2lua_CPPFLAGS='-I$(top_builddir) -I$(top_srcdir)/tools/snort2lua'
Optional Features:
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --disable-static-ips-actions do not include ips actions in binary
- --disable-static-inspectors do not include inspectors in binary
- --disable-static-loggers do not include loggers in binary
- --disable-static-ips-options do not include ips options in binary
- --disable-static-search-engines do not include search engines in binary
- --disable-static-codecs do not include codecs in binary
- --enable-valgrind Only use if you are testing with valgrind.
- --enable-shell enable command line shell support
- --enable-linux-smp-stats Enable statistics reporting through proc
- --enable-debug-msgs Enable debug printing options (bugreports and developers only)
- --enable-large-pcap Enable support for pcaps larger than 2 GB
- --enable-address-sanitizer Enable address sanitizer support
- --enable-code-coverage Whether to enable code coverage support
- --enable-debug Enable debugging options (bugreports and developers only)
- --enable-gdb Enable gdb debugging information
- --enable-gprof-profile Enable gprof profiling options (developers only)
- --disable-corefiles Prevent Snort from generating core files
- --enable-unit-tests Build unit tests
- --enable-piglet Build piglet test capability
- --disable-static-daq Link static DAQ modules.
+ --enable-code-coverage Whether to enable code coverage support
+ --enable-hardened-build Detect and use compile-time hardening options
+ --enable-pie Attempt to produce a position-independent executable
+ --disable-static-ips-actions
+ do not include ips actions in binary
+ --disable-static-inspectors
+ do not include inspectors in binary
+ --disable-static-loggers
+ do not include loggers in binary
+ --disable-static-ips-options
+ do not include ips options in binary
+ --disable-static-search-engines
+ do not include search engines in binary
+ --disable-static-codecs do not include codecs in binary
+ --enable-shell enable command line shell support
+ --enable-large-pcap enable support for pcaps larger than 2 GB
+ --enable-debug-msgs enable debug printing options (bugreports and
+ developers only)
+ --enable-debug enable debugging options (bugreports and developers
+ only)
+ --enable-gdb enable gdb debugging information
+ --enable-gprof-profile enable gprof profiling options (developers only)
+ --disable-corefiles prevent Snort from generating core files
+ --enable-address-sanitizer
+ enable address sanitizer support
+ --enable-unit-tests build unit tests
+ --enable-piglet build piglet test harness
+ --disable-static-daq link static DAQ modules
+ --disable-html-docs don't create the HTML documentation
+ --disable-pdf-docs don't create the PDF documentation
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use
- both]
- --with-gnu-ld assume the C compiler uses GNU ld [default=no]
- --with-sysroot=DIR Search for dependent libraries within DIR
- (or the compiler's sysroot if not specified).
- --with-pcap-includes=DIR libpcap include directory
- --with-pcap-libraries=DIR libpcap library directory
- --with-luajit-includes=DIR luajit include directory
- --with-luajit-libraries=DIR luajit library directory
- --with-pcre-includes=DIR libpcre include directory
- --with-pcre-libraries=DIR libpcre library directory
- --with-openssl-includes=DIR openssl include directory
- --with-openssl-library=LIB openssl library library - NOT THE DIRECTORY
- --with-crypto-library=LIB openssl crypto library - NOT THE DIRECTORY
- --with-dnet-includes=DIR libdnet include directory
- --with-dnet-libraries=DIR libdnet library directory
- --with-daq-includes=DIR DAQ include directory
- --with-daq-libraries=DIR DAQ library directory
- --with-hyperscan-includes=DIR libhs include directory
- --with-hyperscan-libraries=DIR libhs library directory
+ --with-pcap-includes=DIR
+ libpcap include directory
+ --with-pcap-libraries=DIR
+ libpcap library directory
+ --with-luajit-includes=DIR
+ luajit include directory
+ --with-luajit-libraries=DIR
+ luajit library directory
+ --with-pcre-includes=DIR
+ libpcre include directory
+ --with-pcre-libraries=DIR
+ libpcre library directory
+ --with-dnet-includes=DIR
+ libdnet include directory
+ --with-dnet-libraries=DIR
+ libdnet library directory
+ --with-daq-includes=DIR DAQ include directory
+ --with-daq-libraries=DIR
+ DAQ library directory
+ --with-openssl=DIR openssl installation root directory
+ --with-hyperscan-includes=DIR
+ libhs include directory
+ --with-hyperscan-libraries=DIR
+ libhs library directory
Some influential environment variables:
SIGNAL_SNORT_RELOAD=<value>
prefix=$optarg
append_cache_entry CMAKE_INSTALL_PREFIX PATH $optarg
;;
- --disable-static-codecs)
- append_cache_entry STATIC_CODECS BOOL false
+ --enable-code-coverage)
+ append_cache_entry ENABLE_CODE_COVERAGE BOOL true
;;
- --enable-static-codecs)
- append_cache_entry STATIC_CODECS BOOL true
+ --disable-code-coverage)
+ append_cache_entry ENABLE_CODE_COVERAGE BOOL false
+ ;;
+ --enable-hardened-build)
+ append_cache_entry ENABLE_HARDENED_BUILD BOOL true
+ ;;
+ --disable-hardened-build)
+ append_cache_entry ENABLE_HARDENED_BUILD BOOL false
+ ;;
+ --enable-pie)
+ append_cache_entry ENABLE_PIE BOOL true
+ ;;
+ --disable-pie)
+ append_cache_entry ENABLE_PIE BOOL false
+ ;;
+ --disable-static-ips-actions)
+ append_cache_entry STATIC_IPS_ACTIONS BOOL false
+ ;;
+ --enable-static-ips-actions)
+ append_cache_entry STATIC_IPS_ACTIONS BOOL true
;;
--disable-static-inspectors)
- append_cache_entry STATIC_INSPECTORS BOOL false
+ append_cache_entry STATIC_INSPECTORS BOOL false
;;
--enable-static-inspectors)
- append_cache_entry STATIC_INSPECTORS BOOL true
+ append_cache_entry STATIC_INSPECTORS BOOL true
;;
--disable-static-loggers)
- append_cache_entry STATIC_LOGGERS BOOL false
+ append_cache_entry STATIC_LOGGERS BOOL false
;;
--enable-static-loggers)
- append_cache_entry STATIC_LOGGERS BOOL true
+ append_cache_entry STATIC_LOGGERS BOOL true
;;
--disable-static-ips-options)
- append_cache_entry STATIC_IPS_OPTIONS BOOL false
- ;;
- --enable-static-ips-actions)
- append_cache_entry STATIC_IPS_ACTIONS BOOL true
- ;;
- --disable-static-ips-actions)
- append_cache_entry STATIC_IPS_ACTIONS BOOL false
+ append_cache_entry STATIC_IPS_OPTIONS BOOL false
;;
--enable-static-ips-options)
- append_cache_entry STATIC_IPS_OPTIONS BOOL true
+ append_cache_entry STATIC_IPS_OPTIONS BOOL true
;;
--disable-static-search-engines)
- append_cache_entry STATIC_SEARCH_ENGINES BOOL false
+ append_cache_entry STATIC_SEARCH_ENGINES BOOL false
;;
--enable-static-search-engines)
- append_cache_entry STATIC_SEARCH_ENGINES BOOL true
+ append_cache_entry STATIC_SEARCH_ENGINES BOOL true
;;
- --disable-static-daq)
- append_cache_entry ENABLE_STATIC_DAQ BOOL false
+ --disable-static-codecs)
+ append_cache_entry STATIC_CODECS BOOL false
;;
- --enable-static-daq)
- append_cache_entry ENABLE_STATIC_DAQ BOOL true
+ --enable-static-codecs)
+ append_cache_entry STATIC_CODECS BOOL true
;;
- --disable-pthread)
- append_cache_entry ENABLE_PTHREAD BOOL false
+ --enable-shell)
+ append_cache_entry ENABLE_SHELL BOOL true
;;
- --enable-pthread)
- append_cache_entry ENABLE_PTHREAD BOOL true
+ --disable-shell)
+ append_cache_entry ENABLE_SHELL BOOL false
;;
- --disable-debug-msgs)
- append_cache_entry ENABLE_DEBUG_MSGS BOOL false
+ --enable-large-pcap)
+ append_cache_entry ENABLE_LARGE_PCAP BOOL true
+ ;;
+ --disable-large-pcap)
+ append_cache_entry ENABLE_LARGE_PCAP BOOL false
;;
--enable-debug-msgs)
- append_cache_entry ENABLE_DEBUG_MSGS BOOL true
+ append_cache_entry ENABLE_DEBUG_MSGS BOOL true
;;
- --disable-gdb)
- append_cache_entry ENABLE_GDB BOOL false
+ --disable-debug-msgs)
+ append_cache_entry ENABLE_DEBUG_MSGS BOOL false
+ ;;
+ --enable-debug)
+ append_cache_entry ENABLE_DEBUG BOOL true
+ ;;
+ --disable-debug)
+ append_cache_entry ENABLE_DEBUG BOOL false
;;
--enable-gdb)
- append_cache_entry ENABLE_GDB BOOL true
+ append_cache_entry ENABLE_GDB BOOL true
;;
- --disable-gprof-profile)
- append_cache_entry ENABLE_PROFILE BOOL false
+ --disable-gdb)
+ append_cache_entry ENABLE_GDB BOOL false
;;
--enable-gprof-profile)
- append_cache_entry ENABLE_PROFILE BOOL true
- ;;
- --disable-debug)
- append_cache_entry ENABLE_DEBUG BOOL false
+ append_cache_entry ENABLE_PROFILE BOOL true
;;
- --enable-debug)
- append_cache_entry ENABLE_DEBUG BOOL true
+ --disable-gprof-profile)
+ append_cache_entry ENABLE_PROFILE BOOL false
;;
--disable-corefiles)
- append_cache_entry ENABLE_COREFILES BOOL false
+ append_cache_entry ENABLE_COREFILES BOOL false
;;
--enable-corefiles)
- append_cache_entry ENABLE_COREFILES BOOL true
- ;;
- --disable-large-pcap)
- append_cache_entry ENABLE_LARGE_PCAP BOOL false
- ;;
- --enable-large-pcap)
- append_cache_entry ENABLE_LARGE_PCAP BOOL true
+ append_cache_entry ENABLE_COREFILES BOOL true
;;
--enable-address-sanitizer)
- append_cache_entry ENABLE_ADDRESS_SANITIZER BOOL true
+ append_cache_entry ENABLE_ADDRESS_SANITIZER BOOL true
;;
--disable-address-sanitizer)
- append_cache_entry ENABLE_ADDRESS_SANITIZER BOOL false
- ;;
- --enable-code-coverage)
- append_cache_entry ENABLE_CODE_COVERAGE BOOL true
- ;;
- --disable-code-coverage)
- append_cache_entry ENABLE_CODE_COVERAGE BOOL false
+ append_cache_entry ENABLE_ADDRESS_SANITIZER BOOL false
;;
- --enable-shell)
- append_cache_entry ENABLE_SHELL BOOL true
- ;;
- --disable-shell)
- append_cache_entry ENABLE_SHELL BOOL false
+ --enable-unit-tests)
+ append_cache_entry ENABLE_UNIT_TESTS BOOL true
;;
--disable-unit-tests)
- append_cache_entry ENABLE_UNIT_TESTS BOOL false
+ append_cache_entry ENABLE_UNIT_TESTS BOOL false
;;
- --enable-unit-tests)
- append_cache_entry ENABLE_UNIT_TESTS BOOL true
+ --enable-piglet)
+ append_cache_entry ENABLE_PIGLET BOOL true
;;
--disable-piglet)
- append_cache_entry ENABLE_PIGLET BOOL false
+ append_cache_entry ENABLE_PIGLET BOOL false
;;
- --enable-piglet)
- append_cache_entry ENABLE_PIGLET BOOL true
+ --disable-static-daq)
+ append_cache_entry ENABLE_STATIC_DAQ BOOL false
+ ;;
+ --enable-static-daq)
+ append_cache_entry ENABLE_STATIC_DAQ BOOL true
;;
--disable-html-docs)
- append_cache_entry MAKE_HTML_DOC BOOL false
+ append_cache_entry MAKE_HTML_DOC BOOL false
;;
--enable-html-docs)
- append_cache_entry MAKE_HTML_DOC BOOL true
+ append_cache_entry MAKE_HTML_DOC BOOL true
;;
--disable-pdf-docs)
- append_cache_entry MAKE_PDF_DOC BOOL false
+ append_cache_entry MAKE_PDF_DOC BOOL false
;;
--enable-pdf-docs)
- append_cache_entry MAKE_PDF_DOC BOOL true
- ;;
- --with-openssl-includes=*)
- append_cache_entry OPENSSL_INCLUDE_DIR PATH $optarg
- ;;
- --with-openssl-library=*)
- check_and_append_cache_entry OPENSSL_SSL_LIBRARY FILEPATH $optarg
- ;;
- --with-crypto-library=*)
- check_and_append_cache_entry OPENSSL_CRYPTO_LIBRARY FILEPATH $optarg
+ append_cache_entry MAKE_PDF_DOC BOOL true
;;
--with-pcap-includes=*)
append_cache_entry PCAP_INCLUDE_DIR PATH $optarg
append_cache_entry PCAP_LIBRARIES_DIR PATH $optarg
;;
--with-luajit-includes=*)
- append_cache_entry LUAJIT_INCLUDE_DIR PATH $optarg
+ append_cache_entry LUAJIT_INCLUDE_DIR_HINT PATH $optarg
;;
--with-luajit-libraries=*)
- append_cache_entry LUAJIT_LIBRARIES_DIR PATH $optarg
+ append_cache_entry LUAJIT_LIBRARIES_DIR_HINT PATH $optarg
;;
--with-pcre-includes=*)
- append_cache_entry PCRE_INCLUDE_DIR PATH $optarg
+ append_cache_entry PCRE_INCLUDE_DIR_HINT PATH $optarg
;;
--with-pcre-libraries=*)
- append_cache_entry PCRE_LIBRARIES_DIR PATH $optarg
+ append_cache_entry PCRE_LIBRARIES_DIR_HINT PATH $optarg
;;
--with-dnet-includes=*)
- append_cache_entry DNET_INCLUDE_DIR PATH $optarg
+ append_cache_entry DNET_INCLUDE_DIR_HINT PATH $optarg
;;
--with-dnet-libraries=*)
- append_cache_entry DNET_LIBRARIES_DIR PATH $optarg
+ append_cache_entry DNET_LIBRARIES_DIR_HINT PATH $optarg
;;
--with-daq-includes=*)
append_cache_entry DAQ_INCLUDE_DIR PATH $optarg
--with-daq-libraries=*)
append_cache_entry DAQ_LIBRARIES_DIR PATH $optarg
;;
+ --with-openssl=*)
+ append_cache_entry OPENSSL_ROOT_DIR PATH $optarg
+ ;;
# Currently unsupported
# --with-intel-soft-cpm-includes=*)
# append_cache_entry INTEL_SOFT_CPM_INCLUDE_DIR PATH $optarg
--with-hyperscan-libraries=*)
append_cache_entry HS_LIBRARIES_DIR PATH $optarg
;;
- --with-flex=*)
- append_cache_entry FLEX_EXECUTABLE PATH $optarg
- ;;
- --with-bison=*)
- append_cache_entry BISON_EXECUTABLE PATH $optarg
- ;;
SIGNAL_SNORT_RELOAD=*)
append_cache_entry SIGNAL_SNORT_RELOAD STRING $optarg
;;
[ "$CMakeGenerator" ] && gen+=" -G $CMakeGenerator"
cmake $gen \
- -DCOMPILE_DEFINITIONS:STRING="$CPPFLAGS" \
-DCMAKE_CXX_FLAGS:STRING="$CXXFLAGS $CPPFLAGS" \
-DCMAKE_C_FLAGS:STRING="$CFLAGS $CPPFLAGS" \
$CMakeCacheEntries $sourcedir
--- /dev/null
+# ===========================================================================
+# http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT])
+#
+# DESCRIPTION
+#
+# Check whether the given FLAG works with the current language's compiler
+# or gives an error. (Warnings, however, are ignored)
+#
+# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
+# success/failure.
+#
+# If EXTRA-FLAGS is defined, it is added to the current language's default
+# flags (e.g. CFLAGS) when the check is done. The check is thus made with
+# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to
+# force the compiler to issue an error when a bad flag is given.
+#
+# INPUT gives an alternative input source to AC_COMPILE_IFELSE.
+#
+# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
+# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
+#
+# LICENSE
+#
+# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
+# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation, either version 3 of the License, or (at your
+# option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+# Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# As a special exception, the respective Autoconf Macro's copyright owner
+# gives unlimited permission to copy, distribute and modify the configure
+# scripts that are the output of Autoconf when processing the Macro. You
+# need not follow the terms of the GNU General Public License when using
+# or distributing such scripts, even though portions of the text of the
+# Macro appear in them. The GNU General Public License (GPL) does govern
+# all other use of the material that constitutes the Autoconf Macro.
+#
+# This special exception to the GPL applies to versions of the Autoconf
+# Macro released by the Autoconf Archive. When you make and distribute a
+# modified version of the Autoconf Macro, you may extend this special
+# exception to the GPL to apply to your modified version as well.
+
+#serial 4
+
+AC_DEFUN([AX_CHECK_COMPILE_FLAG],
+[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF
+AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
+AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
+ ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
+ _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"
+ AC_COMPILE_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])],
+ [AS_VAR_SET(CACHEVAR,[yes])],
+ [AS_VAR_SET(CACHEVAR,[no])])
+ _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags])
+AS_VAR_IF(CACHEVAR,yes,
+ [m4_default([$2], :)],
+ [m4_default([$3], :)])
+AS_VAR_POPDEF([CACHEVAR])dnl
+])dnl AX_CHECK_COMPILE_FLAGS
--- /dev/null
+# ===========================================================================
+# http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+# AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT])
+#
+# DESCRIPTION
+#
+# Check whether the given FLAG works with the linker or gives an error.
+# (Warnings, however, are ignored)
+#
+# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
+# success/failure.
+#
+# If EXTRA-FLAGS is defined, it is added to the linker's default flags
+# when the check is done. The check is thus made with the flags: "LDFLAGS
+# EXTRA-FLAGS FLAG". This can for example be used to force the linker to
+# issue an error when a bad flag is given.
+#
+# INPUT gives an alternative input source to AC_LINK_IFELSE.
+#
+# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
+# macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG.
+#
+# LICENSE
+#
+# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
+# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation, either version 3 of the License, or (at your
+# option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+# Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# As a special exception, the respective Autoconf Macro's copyright owner
+# gives unlimited permission to copy, distribute and modify the configure
+# scripts that are the output of Autoconf when processing the Macro. You
+# need not follow the terms of the GNU General Public License when using
+# or distributing such scripts, even though portions of the text of the
+# Macro appear in them. The GNU General Public License (GPL) does govern
+# all other use of the material that constitutes the Autoconf Macro.
+#
+# This special exception to the GPL applies to versions of the Autoconf
+# Macro released by the Autoconf Archive. When you make and distribute a
+# modified version of the Autoconf Macro, you may extend this special
+# exception to the GPL to apply to your modified version as well.
+
+#serial 4
+
+AC_DEFUN([AX_CHECK_LINK_FLAG],
+[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF
+AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl
+AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [
+ ax_check_save_flags=$LDFLAGS
+ LDFLAGS="$LDFLAGS $4 $1"
+ AC_LINK_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])],
+ [AS_VAR_SET(CACHEVAR,[yes])],
+ [AS_VAR_SET(CACHEVAR,[no])])
+ LDFLAGS=$ax_check_save_flags])
+AS_VAR_IF(CACHEVAR,yes,
+ [m4_default([$2], :)],
+ [m4_default([$3], :)])
+AS_VAR_POPDEF([CACHEVAR])dnl
+])dnl AX_CHECK_LINK_FLAGS
--- /dev/null
+# ===========================================================================
+# http://www.gnu.org/software/autoconf-archive/ax_check_preproc_flag.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+# AX_CHECK_PREPROC_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT])
+#
+# DESCRIPTION
+#
+# Check whether the given FLAG works with the current language's
+# preprocessor or gives an error. (Warnings, however, are ignored)
+#
+# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
+# success/failure.
+#
+# If EXTRA-FLAGS is defined, it is added to the preprocessor's default
+# flags when the check is done. The check is thus made with the flags:
+# "CPPFLAGS EXTRA-FLAGS FLAG". This can for example be used to force the
+# preprocessor to issue an error when a bad flag is given.
+#
+# INPUT gives an alternative input source to AC_PREPROC_IFELSE.
+#
+# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
+# macro in sync with AX_CHECK_{COMPILE,LINK}_FLAG.
+#
+# LICENSE
+#
+# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
+# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation, either version 3 of the License, or (at your
+# option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+# Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# As a special exception, the respective Autoconf Macro's copyright owner
+# gives unlimited permission to copy, distribute and modify the configure
+# scripts that are the output of Autoconf when processing the Macro. You
+# need not follow the terms of the GNU General Public License when using
+# or distributing such scripts, even though portions of the text of the
+# Macro appear in them. The GNU General Public License (GPL) does govern
+# all other use of the material that constitutes the Autoconf Macro.
+#
+# This special exception to the GPL applies to versions of the Autoconf
+# Macro released by the Autoconf Archive. When you make and distribute a
+# modified version of the Autoconf Macro, you may extend this special
+# exception to the GPL to apply to your modified version as well.
+
+#serial 4
+
+AC_DEFUN([AX_CHECK_PREPROC_FLAG],
+[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF
+AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]cppflags_$4_$1])dnl
+AC_CACHE_CHECK([whether _AC_LANG preprocessor accepts $1], CACHEVAR, [
+ ax_check_save_flags=$CPPFLAGS
+ CPPFLAGS="$CPPFLAGS $4 $1"
+ AC_PREPROC_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])],
+ [AS_VAR_SET(CACHEVAR,[yes])],
+ [AS_VAR_SET(CACHEVAR,[no])])
+ CPPFLAGS=$ax_check_save_flags])
+AS_VAR_IF(CACHEVAR,yes,
+ [m4_default([$2], :)],
+ [m4_default([$3], :)])
+AS_VAR_POPDEF([CACHEVAR])dnl
+])dnl AX_CHECK_PREPROC_FLAGS
${HWLOC_LIBRARIES}
${LIBLZMA_LIBRARIES}
${LUAJIT_LIBRARIES}
- ${OPENSSL_LIBRARIES}
-# ${OPENSSL_CRYPTO_LIBRARY} -- part of OPENSSL_LIBRARIES
${PCAP_LIBRARIES}
${PCRE_LIBRARIES}
${SFBPF_LIBRARIES}
${DAQ_INCLUDE_DIR}
${DNET_INCLUDE_DIR}
${HWLOC_INCLUDE_DIRS}
- ${OPENSSL_INCLUDE_DIR}
${PCAP_INCLUDE_DIR}
${PCRE_INCLUDE_DIR}
${SFBPF_INCLUDE_DIR}
${ZLIB_INCLUDE_DIRS}
)
+if ( HAVE_OPENSSL_SHA OR HAVE_OPENSSL_MD5 )
+ LIST(APPEND EXTERNAL_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
+ LIST(APPEND EXTERNAL_INCLUDES ${OPENSSL_INCLUDE_DIR})
+endif()
+
if ( HS_FOUND )
LIST(APPEND EXTERNAL_LIBRARIES ${HS_LIBRARIES})
LIST(APPEND EXTERNAL_INCLUDES ${HS_INCLUDE_DIRS})
if ( ENABLE_UNIT_TESTS )
-find_package(CHECK REQUIRED)
-include_directories(AFTER ${CHECK_INCLUDE_DIR})
-
-if ( LINUX )
- find_library(LIBRT rt)
-
- if ( NOT LIBRT )
- message(SEND_ERROR "librt required.")
- endif()
-endif()
-
-# FIXIT-L why do these custom commands always run?
-add_custom_command(
- OUTPUT suite_decl.h
- COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/build_decl.sh ${CMAKE_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}
- DEPENDS build_decl.sh
-)
-
-add_custom_command(
- OUTPUT suite_list.h
- COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/build_list.sh ${CMAKE_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}
- DEPENDS build_list.sh
-)
-
add_library(catch_tests STATIC
catch.hpp
unit_test.cc
unit_test.h
)
-target_link_libraries(catch_tests
- ${CHECK_LIBRARIES}
- ${LIBRT}
-)
+target_link_libraries(catch_tests)
endif()
projects / thirdparty / snort3.git / commitdiff
