]>
Commit | Line | Data |
---|---|---|
6fbf66fa JY |
1 | dnl OpenVPN -- An application to securely tunnel IP networks |
2 | dnl over a single UDP port, with support for SSL/TLS-based | |
3 | dnl session authentication and key exchange, | |
4 | dnl packet encryption, packet authentication, and | |
5 | dnl packet compression. | |
6 | dnl | |
ccf9d572 | 7 | dnl Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net> |
51bd56f4 | 8 | dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com> |
6fbf66fa JY |
9 | dnl |
10 | dnl This program is free software; you can redistribute it and/or modify | |
11 | dnl it under the terms of the GNU General Public License as published by | |
12 | dnl the Free Software Foundation; either version 2 of the License, or | |
13 | dnl (at your option) any later version. | |
14 | dnl | |
15 | dnl This program is distributed in the hope that it will be useful, | |
16 | dnl but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
18 | dnl GNU General Public License for more details. | |
19 | dnl | |
caa54ac3 DS |
20 | dnl You should have received a copy of the GNU General Public License along |
21 | dnl with this program; if not, write to the Free Software Foundation, Inc., | |
22 | dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
6fbf66fa JY |
23 | |
24 | dnl Process this file with autoconf to produce a configure script. | |
25 | ||
51bd56f4 | 26 | AC_PREREQ(2.59) |
6fbf66fa | 27 | |
ce351583 | 28 | m4_include(version.m4) |
51bd56f4 ABL |
29 | AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME]) |
30 | m4_include(compat.m4) | |
98bc1a3e | 31 | AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format]) |
9de35d46 DS |
32 | AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version]) |
33 | AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version]) | |
34 | AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer]) | |
6a40276c DS |
35 | AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer]) |
36 | AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer]) | |
37 | AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer]) | |
98bc1a3e | 38 | |
51bd56f4 | 39 | AC_CONFIG_AUX_DIR([.]) |
631812fe | 40 | AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h]) |
34cb9132 | 41 | AC_CONFIG_SRCDIR([src/openvpn/syshead.h]) |
0fc5b8b3 | 42 | AC_CONFIG_MACRO_DIR([m4]) |
c615835a | 43 | |
8b915c48 SN |
44 | dnl Automake 1.14+ warns if sources are in sub-directories but subdir-objects |
45 | dnl options is not enabled. However, automake before 1.15a has a bug that causes | |
46 | dnl variable expansion to fail in foo_SOURCES when this option is used. | |
47 | dnl As most of our build systems are now likely to use automake 1.16+ add a | |
48 | dnl work around to conditionally add subdir-objects option. | |
49 | m4_define([subdir_objects], [ | |
50 | m4_esyscmd([automake --version | | |
51 | head -1 | | |
52 | awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 16) { print "subdir-objects" }}' | |
53 | ]) | |
54 | ]) | |
55 | ||
83d6da50 MA |
56 | # This foreign option prevents autoreconf from overriding our COPYING and |
57 | # INSTALL targets: | |
55d73959 | 58 | AM_INIT_AUTOMAKE(foreign subdir_objects 1.9) dnl NB: Do not [quote] this parameter. |
bfcad5cd | 59 | AM_SILENT_RULES([yes]) |
51bd56f4 ABL |
60 | AC_CANONICAL_HOST |
61 | AC_USE_SYSTEM_EXTENSIONS | |
6fbf66fa | 62 | |
51bd56f4 ABL |
63 | AC_ARG_ENABLE( |
64 | [lzo], | |
40a56e79 | 65 | [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])], |
51bd56f4 | 66 | , |
40a56e79 | 67 | [enable_lzo="yes"] |
6c34e74f JY |
68 | ) |
69 | ||
24e1d8ff FL |
70 | AC_ARG_ENABLE( |
71 | [lz4], | |
72 | [AS_HELP_STRING([--disable-lz4], [disable LZ4 compression support @<:@default=yes@:>@])], | |
40efb635 GD |
73 | [enable_lz4="$enableval"], |
74 | [enable_lz4="yes"] | |
75 | ) | |
76 | ||
24e1d8ff FL |
77 | AC_ARG_ENABLE( |
78 | [comp-stub], | |
79 | [AS_HELP_STRING([--enable-comp-stub], [disable compression support but still allow limited interoperability with compression-enabled peers @<:@default=no@:>@])], | |
38d96bd7 JY |
80 | [enable_comp_stub="$enableval"], |
81 | [enable_comp_stub="no"] | |
6fbf66fa JY |
82 | ) |
83 | ||
c353af2f SK |
84 | AC_ARG_ENABLE( |
85 | [ofb-cfb], | |
104360b4 | 86 | [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])], |
c353af2f SK |
87 | , |
88 | [enable_crypto_ofb_cfb="yes"] | |
89 | ) | |
90 | ||
51bd56f4 ABL |
91 | AC_ARG_ENABLE( |
92 | [x509-alt-username], | |
709f7a1f | 93 | [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])], |
51bd56f4 ABL |
94 | , |
95 | [enable_x509_alt_username="no"] | |
6fbf66fa JY |
96 | ) |
97 | ||
1da3496a FL |
98 | AC_ARG_ENABLE( |
99 | [ntlm], | |
100 | [AS_HELP_STRING([--disable-ntlm], [disable NTLMv2 proxy support @<:@default=yes@:>@])], | |
101 | , | |
102 | [enable_ntlm="yes"] | |
103 | ) | |
104 | ||
51bd56f4 ABL |
105 | AC_ARG_ENABLE( |
106 | [plugins], | |
709f7a1f | 107 | [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])], |
51bd56f4 ABL |
108 | , |
109 | [enable_plugins="yes"] | |
0c1f7ad5 DS |
110 | ) |
111 | ||
51bd56f4 ABL |
112 | AC_ARG_ENABLE( |
113 | [management], | |
709f7a1f | 114 | [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])], |
51bd56f4 ABL |
115 | , |
116 | [enable_management="yes"] | |
ce98fd24 JY |
117 | ) |
118 | ||
51bd56f4 ABL |
119 | AC_ARG_ENABLE( |
120 | [pkcs11], | |
709f7a1f | 121 | [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])], |
51bd56f4 | 122 | , |
18b5fbdf | 123 | [enable_pkcs11="no"] |
6fbf66fa JY |
124 | ) |
125 | ||
51bd56f4 ABL |
126 | AC_ARG_ENABLE( |
127 | [fragment], | |
709f7a1f | 128 | [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])], |
51bd56f4 ABL |
129 | , |
130 | [enable_fragment="yes"] | |
8bc93d7f JY |
131 | ) |
132 | ||
51bd56f4 ABL |
133 | AC_ARG_ENABLE( |
134 | [port-share], | |
709f7a1f | 135 | [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])], |
51bd56f4 ABL |
136 | , |
137 | [enable_port_share="yes"] | |
6fbf66fa JY |
138 | ) |
139 | ||
51bd56f4 ABL |
140 | AC_ARG_ENABLE( |
141 | [debug], | |
709f7a1f | 142 | [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])], |
51bd56f4 ABL |
143 | , |
144 | [enable_debug="yes"] | |
6fbf66fa JY |
145 | ) |
146 | ||
51bd56f4 ABL |
147 | AC_ARG_ENABLE( |
148 | [small], | |
104360b4 | 149 | [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])], |
51bd56f4 ABL |
150 | , |
151 | [enable_small="no"] | |
6fbf66fa JY |
152 | ) |
153 | ||
e34437c2 AQ |
154 | AC_ARG_ENABLE( |
155 | [dco], | |
2a1a21e3 | 156 | [AS_HELP_STRING([--disable-dco], [disable data channel offload support using the ovpn-dco kernel module @<:@default=yes@:>@ on Linux/FreeBSD, can't disable on Windows])], |
e34437c2 | 157 | , |
2a1a21e3 FL |
158 | [ |
159 | case "$host" in | |
160 | *-*-linux*) | |
161 | enable_dco="auto" | |
162 | ;; | |
163 | *-*-freebsd*) | |
164 | enable_dco="auto" | |
165 | ;; | |
166 | *) | |
167 | # note that this does not disable it for Windows | |
168 | enable_dco="no" | |
169 | ;; | |
170 | esac | |
171 | ] | |
e34437c2 AQ |
172 | ) |
173 | ||
51bd56f4 ABL |
174 | AC_ARG_ENABLE( |
175 | [iproute2], | |
2a1a21e3 | 176 | [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 (disables DCO) @<:@default=no@:>@])], |
51bd56f4 ABL |
177 | , |
178 | [enable_iproute2="no"] | |
fb7aa54a JY |
179 | ) |
180 | ||
ce8271f5 ABL |
181 | AC_ARG_ENABLE( |
182 | [plugin-auth-pam], | |
5a57e201 | 183 | [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])], |
ce8271f5 | 184 | , |
5a57e201 ABL |
185 | [ |
186 | case "$host" in | |
187 | *-*-openbsd*) enable_plugin_auth_pam="no";; | |
188 | *-mingw*) enable_plugin_auth_pam="no";; | |
189 | *) enable_plugin_auth_pam="yes";; | |
190 | esac | |
191 | ] | |
ce8271f5 ABL |
192 | ) |
193 | ||
194 | AC_ARG_ENABLE( | |
195 | [plugin-down-root], | |
5a57e201 ABL |
196 | [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])], |
197 | , | |
198 | [ | |
199 | case "$host" in | |
200 | *-mingw*) enable_plugin_down_root="no";; | |
201 | *) enable_plugin_down_root="yes";; | |
202 | esac | |
203 | ] | |
ce8271f5 ABL |
204 | ) |
205 | ||
206 | AC_ARG_ENABLE( | |
207 | [pam-dlopen], | |
208 | [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])], | |
209 | , | |
210 | [enable_pam_dlopen="no"] | |
211 | ) | |
212 | ||
51bd56f4 ABL |
213 | AC_ARG_ENABLE( |
214 | [strict], | |
709f7a1f | 215 | [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])], |
51bd56f4 ABL |
216 | , |
217 | [enable_strict="no"] | |
6fbf66fa JY |
218 | ) |
219 | ||
51bd56f4 ABL |
220 | AC_ARG_ENABLE( |
221 | [pedantic], | |
709f7a1f | 222 | [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])], |
51bd56f4 ABL |
223 | , |
224 | [enable_pedantic="no"] | |
6fbf66fa JY |
225 | ) |
226 | ||
51194ffd SK |
227 | AC_ARG_ENABLE( |
228 | [werror], | |
42d9f324 | 229 | [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])], |
51194ffd SK |
230 | , |
231 | [enable_werror="no"] | |
232 | ) | |
233 | ||
51bd56f4 ABL |
234 | AC_ARG_ENABLE( |
235 | [strict-options], | |
709f7a1f | 236 | [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])], |
51bd56f4 ABL |
237 | , |
238 | [enable_strict_options="no"] | |
6fbf66fa JY |
239 | ) |
240 | ||
51bd56f4 ABL |
241 | AC_ARG_ENABLE( |
242 | [selinux], | |
709f7a1f | 243 | [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])], |
51bd56f4 ABL |
244 | , |
245 | [enable_selinux="no"] | |
99385447 JY |
246 | ) |
247 | ||
51bd56f4 ABL |
248 | AC_ARG_ENABLE( |
249 | [systemd], | |
ccb636c7 | 250 | [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])], |
51bd56f4 ABL |
251 | , |
252 | [enable_systemd="no"] | |
9449e6a9 FC |
253 | ) |
254 | ||
0d1a75bf LS |
255 | AC_ARG_ENABLE( |
256 | [async-push], | |
1a8f6b91 | 257 | [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])], |
e62eccf0 | 258 | , |
0d1a75bf LS |
259 | [enable_async_push="no"] |
260 | ) | |
261 | ||
10b4b65e ABL |
262 | AC_ARG_WITH( |
263 | [special-build], | |
264 | [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])], | |
265 | [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])] | |
266 | ) | |
267 | ||
51bd56f4 ABL |
268 | AC_ARG_WITH( |
269 | [mem-check], | |
709f7a1f | 270 | [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])], |
51bd56f4 ABL |
271 | [ |
272 | case "${withval}" in | |
273 | dmalloc|valgrind|ssl|no) ;; | |
274 | *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;; | |
275 | esac | |
276 | ], | |
277 | [with_mem_check="no"] | |
6fbf66fa JY |
278 | ) |
279 | ||
51bd56f4 | 280 | AC_ARG_WITH( |
9b33b5a4 | 281 | [crypto-library], |
f6dca235 | 282 | [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])], |
51bd56f4 | 283 | [ |
86d8cd68 | 284 | case "${withval}" in |
f6dca235 | 285 | openssl|mbedtls|wolfssl) ;; |
9b33b5a4 | 286 | *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;; |
51bd56f4 ABL |
287 | esac |
288 | ], | |
9b33b5a4 | 289 | [with_crypto_library="openssl"] |
0a180174 | 290 | ) |
0a180174 | 291 | |
f6dca235 JS |
292 | AC_ARG_ENABLE( |
293 | [wolfssl-options-h], | |
294 | [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])], | |
295 | , | |
296 | [enable_wolfssl_options_h="yes"] | |
297 | ) | |
298 | ||
0df2261d AS |
299 | AC_ARG_WITH( |
300 | [openssl-engine], | |
301 | [AS_HELP_STRING([--with-openssl-engine], [enable engine support with OpenSSL. Default enabled for OpenSSL < 3.0, auto,yes,no @<:@default=auto@:>@])], | |
302 | [ | |
303 | case "${withval}" in | |
304 | auto|yes|no) ;; | |
305 | *) AC_MSG_ERROR([bad value ${withval} for --with-engine]) ;; | |
306 | esac | |
307 | ], | |
308 | [with_openssl_engine="auto"] | |
309 | ) | |
310 | ||
4590c383 CH |
311 | AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@]) |
312 | if test -n "${PLUGINDIR}"; then | |
313 | plugindir="${PLUGINDIR}" | |
314 | else | |
315 | plugindir="\${libdir}/openvpn/plugins" | |
316 | fi | |
ce8271f5 | 317 | |
6440083e | 318 | AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host]) |
c4d5bcd7 | 319 | AM_CONDITIONAL([TARGET_LINUX], [false]) |
86715242 | 320 | case "$host" in |
51bd56f4 ABL |
321 | *-*-linux*) |
322 | AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?]) | |
c4d5bcd7 | 323 | AM_CONDITIONAL([TARGET_LINUX], [true]) |
51bd56f4 | 324 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) |
c6542257 | 325 | have_sitnl="yes" |
c0f38019 | 326 | pkg_config_required="yes" |
51bd56f4 ABL |
327 | ;; |
328 | *-*-solaris*) | |
329 | AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) | |
330 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix]) | |
4e2038ed | 331 | CPPFLAGS="$CPPFLAGS -D_XPG4_2" |
9c490c26 | 332 | test -x /bin/bash && SHELL="/bin/bash" |
51bd56f4 ABL |
333 | ;; |
334 | *-*-openbsd*) | |
335 | AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?]) | |
336 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix]) | |
337 | ;; | |
338 | *-*-freebsd*) | |
339 | AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?]) | |
340 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix]) | |
341 | ;; | |
342 | *-*-netbsd*) | |
343 | AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?]) | |
344 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix]) | |
345 | ;; | |
346 | *-*-darwin*) | |
347 | AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?]) | |
348 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix]) | |
05f16e84 | 349 | have_tap_header="yes" |
e7303ace | 350 | ac_cv_type_struct_in_pktinfo=no |
51bd56f4 ABL |
351 | ;; |
352 | *-mingw*) | |
353 | AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?]) | |
8b80cbc3 | 354 | AC_DEFINE([ENABLE_DCO], [1], [DCO is always enabled on Windows]) |
51bd56f4 | 355 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix]) |
4b1a82db | 356 | CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN" |
5fcd4933 | 357 | CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA" |
51bd56f4 | 358 | WIN32=yes |
51bd56f4 ABL |
359 | ;; |
360 | *-*-dragonfly*) | |
361 | AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?]) | |
362 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix]) | |
363 | ;; | |
42f13dc0 GD |
364 | *-aix*) |
365 | AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?]) | |
366 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix]) | |
367 | ROUTE="/usr/sbin/route" | |
368 | have_tap_header="yes" | |
369 | ac_cv_header_net_if_h="no" # exists, but breaks things | |
370 | ;; | |
51bd56f4 ABL |
371 | *) |
372 | AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix]) | |
05f16e84 | 373 | have_tap_header="yes" |
51bd56f4 | 374 | ;; |
6fbf66fa JY |
375 | esac |
376 | ||
e3ad1fc4 SN |
377 | AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") |
378 | ||
51bd56f4 | 379 | PKG_PROG_PKG_CONFIG |
c0f38019 AS |
380 | # Add variable to print if pkg-config is found or not. Users often miss that |
381 | if test "${PKG_CONFIG}" = ""; then | |
382 | if test "${pkg_config_required}" = "yes"; then | |
383 | AC_MSG_ERROR([pkg-config is required]) | |
384 | fi | |
385 | pkg_config_found="(not found)" | |
386 | else | |
387 | pkg_config_found="(${PKG_CONFIG})" | |
388 | fi | |
389 | ||
51bd56f4 | 390 | AC_PROG_CPP |
6fbf66fa | 391 | AC_PROG_INSTALL |
51bd56f4 | 392 | AC_PROG_LN_S |
7046ff20 | 393 | AC_PROG_SED |
51bd56f4 | 394 | AC_PROG_MAKE_SET |
6fbf66fa | 395 | |
c3fc703d ABL |
396 | AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility]) |
397 | AC_ARG_VAR([ROUTE], [full path to route utility]) | |
398 | AC_ARG_VAR([IPROUTE], [full path to ip utility]) | |
399 | AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests | |
7046ff20 | 400 | AC_ARG_VAR([GIT], [path to git utility]) |
ba79c71d | 401 | AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) |
ca5b4c2a | 402 | AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@]) |
3de7be7b | 403 | AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@]) |
c3fc703d ABL |
404 | AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) |
405 | AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) | |
406 | AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) | |
ba79c71d | 407 | AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin]) |
c3fc703d | 408 | AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests |
7046ff20 | 409 | AC_CHECK_PROGS([GIT], [git]) # optional |
c3fc703d ABL |
410 | AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) |
411 | AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) | |
412 | AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) | |
ba79c71d | 413 | AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool]) |
c3fc703d | 414 | |
f500c49c DS |
415 | # |
416 | # man page generation - based on python-docutils | |
417 | # | |
418 | AC_ARG_VAR([RST2MAN], [path to rst2man utility]) | |
419 | AC_ARG_VAR([RST2HTML], [path to rst2html utility]) | |
b61d1988 AQ |
420 | AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py]) |
421 | AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py]) | |
f500c49c DS |
422 | AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"]) |
423 | ||
9223336a SK |
424 | # Set -std=c99 unless user already specified a -std= |
425 | case "${CFLAGS}" in | |
426 | *-std=*) ;; | |
427 | *) CFLAGS="${CFLAGS} -std=c99" ;; | |
428 | esac | |
429 | ||
98bc1a3e ABL |
430 | # |
431 | # Libtool | |
432 | # | |
433 | ifdef( | |
434 | [LT_INIT], | |
435 | [ | |
436 | LT_INIT([win32-dll]) | |
437 | LT_LANG([Windows Resource]) | |
438 | ], | |
439 | [ | |
440 | AC_LIBTOOL_WIN32_DLL | |
441 | AC_LIBTOOL_RC | |
442 | AC_PROG_LIBTOOL | |
443 | ] | |
444 | ) | |
445 | ||
6fbf66fa JY |
446 | AC_C_CONST |
447 | AC_C_INLINE | |
448 | AC_C_VOLATILE | |
449 | AC_TYPE_OFF_T | |
450 | AC_TYPE_PID_T | |
451 | AC_TYPE_SIZE_T | |
452 | AC_TYPE_UID_T | |
0dbd45db | 453 | AX_TYPE_SOCKLEN_T |
51bd56f4 ABL |
454 | AC_CHECK_SIZEOF([unsigned int]) |
455 | AC_CHECK_SIZEOF([unsigned long]) | |
456 | AC_CHECK_HEADERS([ \ | |
8c18d7c9 | 457 | fcntl.h io.h \ |
b8510baa AS |
458 | sys/types.h sys/socket.h \ |
459 | unistd.h dlfcn.h \ | |
dbd7e3be | 460 | netinet/in.h \ |
51bd56f4 | 461 | netinet/tcp.h arpa/inet.h netdb.h \ |
51bd56f4 | 462 | ]) |
cab53332 | 463 | AC_CHECK_HEADERS([ \ |
a2d747bb | 464 | sys/time.h sys/ioctl.h sys/stat.h \ |
f641637a | 465 | sys/mman.h sys/file.h sys/wait.h \ |
b8510baa | 466 | unistd.h libgen.h stropts.h \ |
76ccc62d | 467 | syslog.h pwd.h grp.h termios.h \ |
7cacdfd4 | 468 | sys/sockio.h sys/uio.h linux/sockios.h \ |
4225114b | 469 | linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \ |
cab53332 | 470 | ]) |
6fbf66fa | 471 | |
51bd56f4 | 472 | SOCKET_INCLUDES=" |
51bd56f4 | 473 | #include <stdlib.h> |
51bd56f4 ABL |
474 | #ifdef HAVE_SYS_TYPES_H |
475 | #include <sys/types.h> | |
476 | #endif | |
477 | #ifdef HAVE_SYS_SOCKET_H | |
478 | #include <sys/socket.h> | |
479 | #endif | |
7efa60d9 GD |
480 | #ifdef HAVE_NET_IF_H |
481 | #include <net/if.h> | |
482 | #endif | |
51bd56f4 ABL |
483 | #ifdef HAVE_NETINET_IN_H |
484 | #include <netinet/in.h> | |
485 | #endif | |
ba49c9a7 | 486 | #ifdef _WIN32 |
51bd56f4 ABL |
487 | #include <windows.h> |
488 | #endif | |
ba49c9a7 | 489 | #ifdef _WIN32 |
51bd56f4 ABL |
490 | #include <winsock2.h> |
491 | #endif | |
ba49c9a7 | 492 | #ifdef _WIN32 |
51bd56f4 ABL |
493 | #include <ws2tcpip.h> |
494 | #endif | |
4025a595 ABL |
495 | #ifdef HAVE_NETINET_IP_H |
496 | #include <netinet/ip.h> | |
497 | #endif | |
51bd56f4 | 498 | " |
1bda73a7 | 499 | |
cab53332 | 500 | AC_CHECK_HEADERS( |
ddb1f20a | 501 | [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h], |
51bd56f4 | 502 | , |
51bd56f4 | 503 | , |
cab53332 | 504 | [[${SOCKET_INCLUDES}]] |
51bd56f4 ABL |
505 | ) |
506 | ||
507 | AC_CHECK_TYPES( | |
6fbf66fa | 508 | [in_addr_t], |
51bd56f4 ABL |
509 | , |
510 | [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])], | |
511 | [[${SOCKET_INCLUDES}]] | |
512 | ) | |
dd6714ae GD |
513 | AC_CHECK_TYPES( |
514 | [in_port_t], | |
515 | , | |
516 | [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])], | |
517 | [[${SOCKET_INCLUDES}]] | |
518 | ) | |
6fbf66fa JY |
519 | AC_CHECK_TYPE( |
520 | [struct iphdr], | |
7c0a2b5f | 521 | [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])], |
51bd56f4 ABL |
522 | , |
523 | [[${SOCKET_INCLUDES}]] | |
524 | ) | |
6fbf66fa JY |
525 | AC_CHECK_TYPE( |
526 | [struct msghdr], | |
7c0a2b5f | 527 | [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])], |
51bd56f4 ABL |
528 | , |
529 | [[${SOCKET_INCLUDES}]] | |
530 | ) | |
6fbf66fa JY |
531 | AC_CHECK_TYPE( |
532 | [struct cmsghdr], | |
7c0a2b5f | 533 | [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])], |
51bd56f4 ABL |
534 | , |
535 | [[${SOCKET_INCLUDES}]] | |
536 | ) | |
8bc93d7f JY |
537 | AC_CHECK_TYPE( |
538 | [struct in_pktinfo], | |
7c0a2b5f | 539 | [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])], |
51bd56f4 ABL |
540 | , |
541 | [[${SOCKET_INCLUDES}]] | |
542 | ) | |
87b468d4 HH |
543 | AC_CHECK_TYPE( |
544 | [sa_family_t], | |
545 | [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])], | |
546 | , | |
547 | [[${SOCKET_INCLUDES}]] | |
548 | ) | |
7efa60d9 GD |
549 | AC_CHECK_MEMBER( |
550 | [struct in_pktinfo.ipi_spec_dst], | |
551 | [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])], | |
552 | , | |
553 | [[${SOCKET_INCLUDES}]] | |
554 | ) | |
51bd56f4 ABL |
555 | AC_CHECK_TYPE( |
556 | [struct sockaddr_in6], | |
557 | , | |
558 | [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])], | |
559 | [[${SOCKET_INCLUDES}]] | |
560 | ) | |
cab53332 ABL |
561 | AC_CHECK_DECLS( |
562 | [SO_MARK], | |
563 | , | |
564 | , | |
565 | [[${SOCKET_INCLUDES}]] | |
566 | ) | |
2a1a21e3 | 567 | AC_MSG_CHECKING([anonymous union support]) |
9223336a SK |
568 | AC_COMPILE_IFELSE( |
569 | [AC_LANG_PROGRAM( | |
570 | [[ | |
571 | struct mystruct { | |
572 | union { | |
573 | int m1; | |
574 | char m2; | |
575 | }; | |
576 | }; | |
577 | ]], | |
578 | [[ | |
579 | struct mystruct s; | |
580 | s.m1 = 1; s.m2 = 2; | |
581 | ]] | |
582 | )], | |
583 | [ | |
584 | AC_MSG_RESULT([yes]) | |
585 | AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions]) | |
586 | ], | |
587 | [AC_MSG_RESULT([no])] | |
588 | ) | |
51bd56f4 | 589 | |
f91ab283 SN |
590 | saved_LDFLAGS="$LDFLAGS" |
591 | LDFLAGS="$LDFLAGS -Wl,--wrap=exit" | |
592 | AC_MSG_CHECKING([linker supports --wrap]) | |
593 | AC_LINK_IFELSE( | |
594 | [AC_LANG_PROGRAM( | |
595 | [[ | |
596 | void exit(int); | |
597 | void __real_exit(int); | |
598 | void __wrap_exit(int i) { | |
599 | __real_exit(i); | |
600 | } | |
601 | ]], | |
602 | [[ | |
603 | exit(0); | |
604 | ]] | |
605 | )], | |
606 | [ | |
607 | AC_MSG_RESULT([yes]) | |
608 | have_ld_wrap_support=yes | |
609 | ], | |
610 | [AC_MSG_RESULT([no])], | |
611 | ) | |
612 | LDFLAGS="$saved_LDFLAGS" | |
613 | ||
cab53332 ABL |
614 | dnl We emulate signals in Windows |
615 | AC_CHECK_DECLS( | |
616 | [SIGHUP], | |
51bd56f4 | 617 | , |
cab53332 ABL |
618 | [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])], |
619 | [[ | |
cab53332 | 620 | #include <signal.h> |
cab53332 | 621 | ]] |
51bd56f4 | 622 | ) |
cab53332 ABL |
623 | AC_CHECK_DECLS( |
624 | [SIGINT], | |
625 | , | |
626 | [AC_DEFINE([SIGINT], [2], [SIGINT replacement])], | |
627 | [[ | |
cab53332 | 628 | #include <signal.h> |
cab53332 ABL |
629 | ]] |
630 | ) | |
631 | AC_CHECK_DECLS( | |
632 | [SIGUSR1], | |
633 | , | |
634 | [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])], | |
635 | [[ | |
cab53332 | 636 | #include <signal.h> |
cab53332 ABL |
637 | ]] |
638 | ) | |
639 | AC_CHECK_DECLS( | |
640 | [SIGUSR2], | |
641 | , | |
642 | [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])], | |
643 | [[ | |
cab53332 | 644 | #include <signal.h> |
cab53332 ABL |
645 | ]] |
646 | ) | |
647 | AC_CHECK_DECLS( | |
648 | [SIGTERM], | |
649 | , | |
650 | [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])], | |
651 | [[ | |
cab53332 | 652 | #include <signal.h> |
cab53332 ABL |
653 | ]] |
654 | ) | |
655 | ||
656 | AC_FUNC_FORK | |
657 | ||
51bd56f4 | 658 | AC_CHECK_FUNCS([ \ |
84e14209 | 659 | daemon chroot getpwnam setuid nice system dup dup2 \ |
76ccc62d | 660 | syslog openlog mlockall getrlimit getgrnam setgid \ |
28871fec | 661 | setgroups flock time gettimeofday \ |
84e14209 | 662 | setsid chdir \ |
ba49c9a7 | 663 | chsize ftruncate execve getpeereid basename dirname access \ |
0a88ef8c | 664 | epoll_create strsep \ |
51bd56f4 | 665 | ]) |
aee7428c ABL |
666 | |
667 | AC_CHECK_LIB( | |
668 | [dl], | |
669 | [dlopen], | |
670 | [DL_LIBS="-ldl"] | |
671 | ) | |
672 | AC_SUBST([DL_LIBS]) | |
673 | ||
674 | AC_CHECK_LIB( | |
675 | [nsl], | |
676 | [inet_ntoa], | |
677 | [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"] | |
678 | ) | |
679 | AC_CHECK_LIB( | |
680 | [socket], | |
681 | [socket], | |
682 | [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"] | |
683 | ) | |
684 | AC_CHECK_LIB( | |
685 | [resolv], | |
686 | [gethostbyname], | |
687 | [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"] | |
688 | ) | |
689 | AC_SUBST([SOCKETS_LIBS]) | |
690 | ||
691 | old_LIBS="${LIBS}" | |
692 | LIBS="${LIBS} ${SOCKETS_LIBS}" | |
f96baabc | 693 | AC_CHECK_FUNCS([sendmsg recvmsg]) |
17f91332 | 694 | |
aee7428c | 695 | LIBS="${old_LIBS}" |
7647a48c | 696 | |
403dc434 GD |
697 | # we assume res_init() always exist, but need to find out *where*... |
698 | AC_SEARCH_LIBS(__res_init, resolv bind, , | |
699 | AC_SEARCH_LIBS(res_9_init, resolv bind, , | |
700 | AC_SEARCH_LIBS(res_init, resolv bind, , ))) | |
701 | ||
7cacdfd4 ABL |
702 | AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap]) |
703 | old_CFLAGS="${CFLAGS}" | |
704 | CFLAGS="${CFLAGS} ${TAP_CFLAGS}" | |
705 | AC_CHECK_HEADERS( | |
706 | [ \ | |
707 | net/if_tun.h net/tun/if_tun.h \ | |
708 | linux/if_tun.h \ | |
709 | tap-windows.h \ | |
710 | ], | |
711 | [have_tap_header="yes"] | |
712 | ) | |
88f3a402 ABL |
713 | AC_CHECK_DECLS( |
714 | [TUNSETPERSIST], | |
715 | [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])], | |
716 | , | |
717 | [[ | |
718 | #ifdef HAVE_LINUX_IF_TUN_H | |
719 | #include <linux/if_tun.h> | |
720 | #endif | |
721 | ]] | |
722 | ) | |
7cacdfd4 ABL |
723 | CFLAGS="${old_CFLAGS}" |
724 | test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found]) | |
725 | ||
cd5990e0 ABL |
726 | AC_CHECK_LIB( |
727 | [selinux], | |
728 | [setcon], | |
729 | [SELINUX_LIBS="-lselinux"] | |
730 | ) | |
731 | AC_SUBST([SELINUX_LIBS]) | |
732 | ||
ce8271f5 ABL |
733 | AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam]) |
734 | AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam]) | |
735 | if test -z "${LIBPAM_LIBS}"; then | |
736 | AC_CHECK_LIB( | |
737 | [pam], | |
738 | [pam_start], | |
739 | [LIBPAM_LIBS="-lpam"] | |
740 | ) | |
741 | fi | |
742 | ||
51bd56f4 ABL |
743 | case "${with_mem_check}" in |
744 | valgrind) | |
fb69bfd0 | 745 | AC_CHECK_HEADERS( |
51bd56f4 ABL |
746 | [valgrind/memcheck.h], |
747 | [ | |
748 | CFLAGS="${CFLAGS} -g -fno-inline" | |
749 | AC_DEFINE( | |
750 | [USE_VALGRIND], | |
751 | [1], | |
752 | [Use valgrind memory debugging library] | |
753 | ) | |
754 | ], | |
755 | [AC_MSG_ERROR([valgrind headers not found.])] | |
756 | ) | |
757 | ;; | |
758 | dmalloc) | |
fb69bfd0 | 759 | AC_CHECK_HEADERS( |
51bd56f4 ABL |
760 | [dmalloc.h], |
761 | [AC_CHECK_LIB( | |
762 | [dmalloc], | |
763 | [malloc], | |
764 | [ | |
e02570fd | 765 | LIBS="${LIBS} -ldmalloc" |
51bd56f4 ABL |
766 | AC_DEFINE( |
767 | [DMALLOC], | |
768 | [1], | |
769 | [Use dmalloc memory debugging library] | |
770 | ) | |
771 | ], | |
772 | [AC_MSG_ERROR([dmalloc library not found.])] | |
773 | )], | |
774 | [AC_MSG_ERROR([dmalloc headers not found.])] | |
775 | ) | |
776 | ;; | |
777 | ssl) | |
778 | AC_CHECK_LIB( | |
779 | [ssl], | |
780 | [CRYPTO_mem_ctrl], | |
781 | [ | |
782 | AC_DEFINE( | |
783 | [CRYPTO_MDEBUG], | |
784 | [1], | |
785 | [Use memory debugging function in OpenSSL] | |
786 | ) | |
787 | AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG]) | |
788 | ], | |
789 | [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])] | |
790 | ) | |
791 | ;; | |
792 | esac | |
6fbf66fa | 793 | |
9a3f6702 SK |
794 | PKG_CHECK_MODULES( |
795 | [PKCS11_HELPER], | |
6575ad48 | 796 | [libpkcs11-helper-1 >= 1.11], |
9a3f6702 SK |
797 | [have_pkcs11_helper="yes"], |
798 | [] | |
799 | ) | |
800 | ||
e34437c2 | 801 | |
2a1a21e3 FL |
802 | if test "$enable_dco" != "no"; then |
803 | enable_dco_arg="$enable_dco" | |
804 | if test "${enable_iproute2}" = "yes"; then | |
805 | AC_MSG_WARN([DCO cannot be enabled when using iproute2]) | |
806 | enable_dco="no" | |
807 | fi | |
e34437c2 AQ |
808 | case "$host" in |
809 | *-*-linux*) | |
2a1a21e3 FL |
810 | if test "$enable_dco" = "no"; then |
811 | if test "$enable_dco_arg" = "auto"; then | |
812 | AC_MSG_WARN([DCO support disabled]) | |
813 | else | |
814 | AC_MSG_ERROR([DCO support can't be enabled]) | |
815 | fi | |
816 | else | |
817 | dnl | |
818 | dnl Include generic netlink library used to talk to ovpn-dco | |
819 | dnl | |
820 | PKG_CHECK_MODULES([LIBNL_GENL], | |
e34437c2 AQ |
821 | [libnl-genl-3.0 >= 3.4.0], |
822 | [have_libnl="yes"], | |
2a1a21e3 | 823 | [ |
c0f38019 | 824 | AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO]) |
2a1a21e3 FL |
825 | ] |
826 | ) | |
827 | CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" | |
828 | LIBS="${LIBS} ${LIBNL_GENL_LIBS}" | |
e34437c2 | 829 | |
2a1a21e3 FL |
830 | AC_DEFINE(ENABLE_DCO, 1, [Enable shared data channel offload]) |
831 | AC_MSG_NOTICE([Enabled ovpn-dco support for Linux]) | |
832 | fi | |
e34437c2 | 833 | ;; |
f08fcc2f | 834 | *-*-freebsd*) |
6f261673 | 835 | AC_CHECK_HEADERS([net/if_ovpn.h], |
2a1a21e3 FL |
836 | [ |
837 | LIBS="${LIBS} -lnv" | |
838 | AC_DEFINE(ENABLE_DCO, 1, [Enable data channel offload for FreeBSD]) | |
839 | AC_MSG_NOTICE([Enabled ovpn-dco support for FreeBSD]) | |
840 | ], | |
841 | [ | |
842 | enable_dco="no" | |
6f261673 | 843 | AC_MSG_WARN([DCO header not found.]) |
2a1a21e3 FL |
844 | ] |
845 | ) | |
846 | if test "$enable_dco" = "no"; then | |
847 | if test "$enable_dco_arg" = "auto"; then | |
848 | AC_MSG_WARN([DCO support disabled]) | |
849 | else | |
850 | AC_MSG_ERROR([DCO support can't be enabled]) | |
851 | fi | |
852 | fi | |
f08fcc2f | 853 | ;; |
8b80cbc3 AQ |
854 | *-mingw*) |
855 | AC_MSG_NOTICE([NOTE: --enable-dco ignored on Windows because it's always enabled]) | |
856 | ;; | |
e34437c2 | 857 | *) |
8b80cbc3 | 858 | AC_MSG_NOTICE([Ignoring --enable-dco on non supported platform]) |
e34437c2 AQ |
859 | ;; |
860 | esac | |
861 | fi | |
862 | ||
2e359a08 TR |
863 | dnl |
864 | dnl Depend on libcap-ng on Linux | |
865 | dnl | |
866 | case "$host" in | |
867 | *-*-linux*) | |
c0f38019 | 868 | # We require pkg-config |
2e359a08 TR |
869 | PKG_CHECK_MODULES([LIBCAPNG], |
870 | [libcap-ng], | |
871 | [], | |
c0f38019 | 872 | [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])] |
2e359a08 TR |
873 | ) |
874 | AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) | |
875 | ||
bd95104a | 876 | CFLAGS="${CFLAGS} ${LIBCAPNG_CFLAGS}" |
2e359a08 TR |
877 | LIBS="${LIBS} ${LIBCAPNG_LIBS}" |
878 | AC_DEFINE(HAVE_LIBCAPNG, 1, [Enable libcap-ng support]) | |
879 | ;; | |
880 | esac | |
881 | ||
882 | ||
cf49ff50 | 883 | if test "${with_crypto_library}" = "openssl"; then |
31b0bebe SK |
884 | AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL]) |
885 | AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL]) | |
886 | ||
887 | if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then | |
888 | # if the user did not explicitly specify flags, try to autodetect | |
889 | PKG_CHECK_MODULES( | |
890 | [OPENSSL], | |
ec7d0e8e | 891 | [openssl >= 1.0.2], |
79ea67f7 | 892 | [have_openssl="yes"], |
c0f38019 | 893 | [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next |
31b0bebe | 894 | ) |
31b0bebe SK |
895 | OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} |
896 | fi | |
9b33b5a4 | 897 | |
9b33b5a4 ABL |
898 | saved_CFLAGS="${CFLAGS}" |
899 | saved_LIBS="${LIBS}" | |
31b0bebe SK |
900 | CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}" |
901 | LIBS="${LIBS} ${OPENSSL_LIBS}" | |
902 | ||
79ea67f7 DS |
903 | # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars |
904 | # are used, check the version directly in the OpenSSL include file | |
905 | if test "${have_openssl}" != "yes"; then | |
ec7d0e8e | 906 | AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2]) |
79ea67f7 DS |
907 | AC_COMPILE_IFELSE( |
908 | [AC_LANG_PROGRAM( | |
909 | [[ | |
910 | #include <openssl/opensslv.h> | |
911 | ]], | |
912 | [[ | |
913 | /* Version encoding: MNNFFPPS - see opensslv.h for details */ | |
ec7d0e8e | 914 | #if OPENSSL_VERSION_NUMBER < 0x10002000L |
79ea67f7 DS |
915 | #error OpenSSL too old |
916 | #endif | |
917 | ]] | |
918 | )], | |
919 | [AC_MSG_RESULT([ok])], | |
920 | [AC_MSG_ERROR([OpenSSL version too old])] | |
921 | ) | |
922 | fi | |
923 | ||
6ea62d50 | 924 | AC_CHECK_FUNCS([SSL_CTX_new], |
31b0bebe SK |
925 | , |
926 | [AC_MSG_ERROR([openssl check failed])] | |
927 | ) | |
928 | ||
0df2261d AS |
929 | if test "${with_openssl_engine}" = "auto"; then |
930 | AC_COMPILE_IFELSE( | |
931 | [AC_LANG_PROGRAM( | |
932 | [[ | |
933 | #include <openssl/opensslv.h> | |
34bf473e | 934 | #include <openssl/opensslconf.h> |
0df2261d AS |
935 | ]], |
936 | [[ | |
937 | /* Version encoding: MNNFFPPS - see opensslv.h for details */ | |
938 | #if OPENSSL_VERSION_NUMBER >= 0x30000000L | |
34bf473e | 939 | #error Engine support disabled by default in OpenSSL 3.0+ |
940 | #endif | |
941 | ||
942 | /* BoringSSL and LibreSSL >= 3.8.1 removed engine support */ | |
943 | #ifdef OPENSSL_NO_ENGINE | |
944 | #error Engine support disabled in openssl/opensslconf.h | |
0df2261d AS |
945 | #endif |
946 | ]] | |
947 | )], | |
948 | [have_openssl_engine="yes"], | |
949 | [have_openssl_engine="no"] | |
950 | ) | |
951 | if test "${have_openssl_engine}" = "yes"; then | |
952 | AC_CHECK_FUNCS( | |
953 | [ \ | |
9b33b5a4 ABL |
954 | ENGINE_load_builtin_engines \ |
955 | ENGINE_register_all_complete \ | |
0df2261d AS |
956 | ], |
957 | , | |
958 | [have_openssl_engine="no"; break] | |
959 | ) | |
960 | fi | |
961 | else | |
962 | have_openssl_engine="${with_openssl_engine}" | |
963 | if test "${have_openssl_engine}" = "yes"; then | |
964 | AC_CHECK_FUNCS( | |
965 | [ \ | |
966 | ENGINE_load_builtin_engines \ | |
967 | ENGINE_register_all_complete \ | |
968 | ], | |
969 | , | |
970 | [AC_MSG_ERROR([OpenSSL engine support not found])] | |
6b5dbf6c | 971 | ) |
0df2261d | 972 | fi |
6b5dbf6c | 973 | fi |
31b0bebe SK |
974 | if test "${have_openssl_engine}" = "yes"; then |
975 | AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available]) | |
976 | fi | |
9b33b5a4 | 977 | |
91d84530 | 978 | AC_CHECK_FUNC( |
66407e11 SK |
979 | [EVP_aes_256_gcm], |
980 | , | |
94edc7c5 | 981 | [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])] |
66407e11 SK |
982 | ) |
983 | ||
ec7d0e8e AS |
984 | # All supported OpenSSL version (>= 1.0.2) |
985 | # have this feature | |
5defbba4 | 986 | have_export_keying_material="yes" |
5defbba4 | 987 | |
9b33b5a4 ABL |
988 | CFLAGS="${saved_CFLAGS}" |
989 | LIBS="${saved_LIBS}" | |
9b33b5a4 | 990 | |
31b0bebe SK |
991 | AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library]) |
992 | CRYPTO_CFLAGS="${OPENSSL_CFLAGS}" | |
993 | CRYPTO_LIBS="${OPENSSL_LIBS}" | |
cf49ff50 | 994 | elif test "${with_crypto_library}" = "mbedtls"; then |
86d8cd68 SK |
995 | AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls]) |
996 | AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls]) | |
31b0bebe | 997 | |
417fe4a7 SK |
998 | saved_CFLAGS="${CFLAGS}" |
999 | saved_LIBS="${LIBS}" | |
1000 | ||
86d8cd68 | 1001 | if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then |
e860059b | 1002 | # if the user did not explicitly specify flags, try to autodetect |
1ae17b7e | 1003 | LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto" |
86d8cd68 SK |
1004 | AC_CHECK_LIB( |
1005 | [mbedtls], | |
1006 | [mbedtls_ssl_init], | |
1ae17b7e | 1007 | [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"], |
86d8cd68 | 1008 | [AC_MSG_ERROR([Could not find mbed TLS.])], |
31b0bebe SK |
1009 | [${PKCS11_HELPER_LIBS}] |
1010 | ) | |
1011 | fi | |
9b33b5a4 | 1012 | |
86d8cd68 SK |
1013 | CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}" |
1014 | LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}" | |
417fe4a7 | 1015 | |
86d8cd68 | 1016 | AC_MSG_CHECKING([mbedtls version]) |
13b38eb0 ABL |
1017 | AC_COMPILE_IFELSE( |
1018 | [AC_LANG_PROGRAM( | |
1019 | [[ | |
86d8cd68 | 1020 | #include <mbedtls/version.h> |
13b38eb0 ABL |
1021 | ]], |
1022 | [[ | |
ace7a4f1 | 1023 | #if MBEDTLS_VERSION_NUMBER < 0x02000000 || (MBEDTLS_VERSION_NUMBER >= 0x03000000 && MBEDTLS_VERSION_NUMBER < 0x03020100) |
9a3f6702 | 1024 | #error invalid version |
13b38eb0 ABL |
1025 | #endif |
1026 | ]] | |
1027 | )], | |
1028 | [AC_MSG_RESULT([ok])], | |
ace7a4f1 | 1029 | [AC_MSG_ERROR([mbed TLS version >= 2.0.0 or >= 3.2.1 required])] |
13b38eb0 | 1030 | ) |
9a3f6702 | 1031 | |
b5faf1b2 MF |
1032 | AC_CHECK_HEADER( |
1033 | psa/crypto.h, | |
1034 | [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [1], [yes])], | |
1035 | [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [0], [no])] | |
1036 | ) | |
ace7a4f1 | 1037 | |
66407e11 SK |
1038 | AC_CHECK_FUNCS( |
1039 | [ \ | |
86d8cd68 SK |
1040 | mbedtls_cipher_write_tag \ |
1041 | mbedtls_cipher_check_tag \ | |
66407e11 SK |
1042 | ], |
1043 | , | |
94edc7c5 | 1044 | [AC_MSG_ERROR([mbed TLS check for AEAD support failed])] |
66407e11 SK |
1045 | ) |
1046 | ||
b5faf1b2 MF |
1047 | AC_CHECK_FUNC( |
1048 | [mbedtls_ssl_tls_prf], | |
1049 | [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [1], [yes])], | |
1050 | [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [0], [no])] | |
1051 | ) | |
1052 | ||
5defbba4 | 1053 | have_export_keying_material="yes" |
91d84530 | 1054 | AC_CHECK_FUNC( |
5defbba4 | 1055 | [mbedtls_ssl_conf_export_keys_ext_cb], |
b5faf1b2 MF |
1056 | [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [1], [yes])], |
1057 | [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [0], [no])] | |
5defbba4 | 1058 | ) |
b5faf1b2 MF |
1059 | if test "x$ac_cv_func_mbedtls_ssl_conf_export_keys_ext_cb" != xyes; then |
1060 | AC_CHECK_FUNC( | |
1061 | [mbedtls_ssl_set_export_keys_cb], | |
1062 | [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [1], [yes])], | |
1063 | [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [0], [no])] | |
1064 | ) | |
1065 | if test "x$ac_cv_func_mbedtls_ssl_set_export_keys_cb" != xyes; then | |
1066 | have_export_keying_material="no" | |
1067 | fi | |
1068 | fi | |
5defbba4 | 1069 | |
2b9bbaad AQ |
1070 | AC_CHECK_FUNC( |
1071 | [mbedtls_ctr_drbg_update_ret], | |
b5faf1b2 | 1072 | AC_DEFINE([HAVE_MBEDTLS_CTR_DRBG_UPDATE_RET], [1], |
2b9bbaad AQ |
1073 | [Use mbedtls_ctr_drbg_update_ret from mbed TLS]), |
1074 | ) | |
1075 | ||
31b0bebe SK |
1076 | CFLAGS="${saved_CFLAGS}" |
1077 | LIBS="${saved_LIBS}" | |
86d8cd68 SK |
1078 | AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library]) |
1079 | CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}" | |
1080 | CRYPTO_LIBS="${MBEDTLS_LIBS}" | |
f6dca235 JS |
1081 | |
1082 | elif test "${with_crypto_library}" = "wolfssl"; then | |
1083 | AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should | |
1084 | contain the regular wolfSSL header files but also the | |
1085 | wolfSSL OpenSSL header files. Ex: -I/usr/local/include | |
1086 | -I/usr/local/include/wolfssl]) | |
1087 | AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl]) | |
1088 | ||
1089 | saved_CFLAGS="${CFLAGS}" | |
1090 | saved_LIBS="${LIBS}" | |
1091 | ||
1092 | if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then | |
1093 | # if the user did not explicitly specify flags, try to autodetect | |
1094 | PKG_CHECK_MODULES( | |
1095 | [WOLFSSL], | |
1096 | [wolfssl], | |
1097 | [], | |
c0f38019 | 1098 | [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])] |
f6dca235 JS |
1099 | ) |
1100 | PKG_CHECK_VAR( | |
1101 | [WOLFSSL_INCLUDEDIR], | |
1102 | [wolfssl], | |
1103 | [includedir], | |
1104 | [], | |
1105 | [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])] | |
1106 | ) | |
1107 | WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl" | |
1108 | fi | |
1109 | saved_CFLAGS="${CFLAGS}" | |
1110 | saved_LIBS="${LIBS}" | |
1111 | CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}" | |
1112 | LIBS="${LIBS} ${WOLFSSL_LIBS}" | |
1113 | ||
1114 | AC_CHECK_LIB( | |
1115 | [wolfssl], | |
1116 | [wolfSSL_Init], | |
1117 | [], | |
1118 | [AC_MSG_ERROR([Could not link wolfSSL library.])] | |
1119 | ) | |
1120 | AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])]) | |
1121 | ||
1122 | # wolfSSL signal EKM support | |
1123 | have_export_keying_material="yes" | |
1124 | ||
f6dca235 JS |
1125 | if test "${enable_wolfssl_options_h}" = "yes"; then |
1126 | AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library]) | |
1127 | else | |
1128 | AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library]) | |
1129 | fi | |
1130 | ||
1131 | have_export_keying_material="yes" | |
1132 | ||
1133 | CFLAGS="${saved_CFLAGS}" | |
1134 | LIBS="${saved_LIBS}" | |
1135 | ||
1136 | AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library]) | |
1137 | AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer]) | |
1138 | CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}" | |
1139 | CRYPTO_LIBS="${WOLFSSL_LIBS}" | |
cf49ff50 | 1140 | else |
31b0bebe | 1141 | AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}]) |
13b38eb0 ABL |
1142 | fi |
1143 | ||
74bbc71b ABL |
1144 | AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo]) |
1145 | AC_ARG_VAR([LZO_LIBS], [linker flags for lzo]) | |
1146 | have_lzo="yes" | |
1147 | if test -z "${LZO_LIBS}"; then | |
1148 | AC_CHECK_LIB( | |
1149 | [lzo2], | |
1150 | [lzo1x_1_15_compress], | |
1151 | [LZO_LIBS="-llzo2"], | |
1152 | [AC_CHECK_LIB( | |
1153 | [lzo], | |
1154 | [lzo1x_1_15_compress], | |
1155 | [LZO_LIBS="-llzo"], | |
1156 | [have_lzo="no"] | |
1157 | )] | |
1158 | ) | |
1159 | fi | |
1160 | if test "${have_lzo}" = "yes"; then | |
1161 | saved_CFLAGS="${CFLAGS}" | |
1162 | CFLAGS="${CFLAGS} ${LZO_CFLAGS}" | |
1163 | AC_CHECK_HEADERS( | |
1164 | [lzo/lzoutil.h], | |
1165 | , | |
1166 | [AC_CHECK_HEADERS( | |
1167 | [lzoutil.h], | |
1168 | , | |
1169 | [AC_MSG_ERROR([lzoutil.h is missing])] | |
1170 | )] | |
1171 | ) | |
1172 | AC_CHECK_HEADERS( | |
1173 | [lzo/lzo1x.h], | |
1174 | , | |
1175 | [AC_CHECK_HEADERS( | |
1176 | [lzo1x.h], | |
1177 | , | |
1178 | [AC_MSG_ERROR([lzo1x.h is missing])] | |
1179 | )] | |
1180 | ) | |
1181 | CFLAGS="${saved_CFLAGS}" | |
6fbf66fa JY |
1182 | fi |
1183 | ||
40efb635 GD |
1184 | dnl |
1185 | dnl check for LZ4 library | |
1186 | dnl | |
1187 | ||
1188 | AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4]) | |
1189 | AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4]) | |
1190 | if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then | |
5f6225c3 DS |
1191 | if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then |
1192 | # if the user did not explicitly specify flags, try to autodetect | |
1193 | PKG_CHECK_MODULES([LZ4], | |
f91e4863 | 1194 | [liblz4 >= 1.7.1 liblz4 < 100], |
5f6225c3 | 1195 | [have_lz4="yes"], |
e5b279f1 DS |
1196 | [LZ4_LIBS="-llz4"] # If this fails, we will do another test next. |
1197 | # We also add set LZ4_LIBS otherwise the | |
1198 | # linker will not know about the lz4 library | |
5f6225c3 DS |
1199 | ) |
1200 | fi | |
1201 | ||
1202 | saved_CFLAGS="${CFLAGS}" | |
1203 | saved_LIBS="${LIBS}" | |
1204 | CFLAGS="${CFLAGS} ${LZ4_CFLAGS}" | |
1205 | LIBS="${LIBS} ${LZ4_LIBS}" | |
1206 | ||
1207 | # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars | |
1208 | # are used, check the version directly in the LZ4 include file | |
1209 | if test "${have_lz4}" != "yes"; then | |
1210 | AC_CHECK_HEADERS([lz4.h], | |
1211 | [have_lz4h="yes"], | |
1212 | []) | |
1213 | ||
1214 | if test "${have_lz4h}" = "yes" ; then | |
1215 | AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1]) | |
1216 | AC_COMPILE_IFELSE( | |
1217 | [AC_LANG_PROGRAM([[ | |
1218 | #include <lz4.h> | |
1219 | ]], | |
1220 | [[ | |
1221 | /* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */ | |
1222 | #if LZ4_VERSION_NUMBER < 10701L | |
1223 | #error LZ4 is too old | |
1224 | #endif | |
1225 | ]] | |
1226 | )], | |
1227 | [ | |
1228 | AC_MSG_RESULT([ok]) | |
1229 | have_lz4="yes" | |
1230 | ], | |
24596b25 | 1231 | [AC_MSG_ERROR([system LZ4 library is too old])] |
5f6225c3 DS |
1232 | ) |
1233 | fi | |
1234 | fi | |
40efb635 | 1235 | |
f91e4863 DS |
1236 | # Double check we have a few needed functions |
1237 | if test "${have_lz4}" = "yes" ; then | |
5f6225c3 | 1238 | AC_CHECK_LIB([lz4], |
f91e4863 DS |
1239 | [LZ4_compress_default], |
1240 | [], | |
1241 | [have_lz4="no"]) | |
1242 | AC_CHECK_LIB([lz4], | |
1243 | [LZ4_decompress_safe], | |
1244 | [], | |
5f6225c3 | 1245 | [have_lz4="no"]) |
40efb635 GD |
1246 | fi |
1247 | ||
5f6225c3 | 1248 | if test "${have_lz4}" != "yes" ; then |
24596b25 | 1249 | AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4]) |
4308f237 | 1250 | LZ4_LIBS="" |
40efb635 GD |
1251 | fi |
1252 | OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}" | |
1253 | OPTIONAL_LZ4_LIBS="${LZ4_LIBS}" | |
5f6225c3 | 1254 | AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library]) |
40efb635 | 1255 | CFLAGS="${saved_CFLAGS}" |
5f6225c3 | 1256 | LIBS="${saved_LIBS}" |
40efb635 GD |
1257 | fi |
1258 | ||
1259 | ||
f33ee6bc DS |
1260 | dnl |
1261 | dnl Check for systemd | |
1262 | dnl | |
3280d8c8 | 1263 | AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"]) |
f33ee6bc DS |
1264 | if test "$enable_systemd" = "yes" ; then |
1265 | PKG_CHECK_MODULES([libsystemd], [systemd libsystemd], | |
1266 | [], | |
1267 | [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])] | |
1268 | ) | |
8ba3e258 DS |
1269 | |
1270 | PKG_CHECK_EXISTS( [libsystemd > 216], | |
1271 | [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1], | |
1272 | [systemd is newer than v216])] | |
1273 | ) | |
1274 | ||
f33ee6bc DS |
1275 | AC_CHECK_HEADERS(systemd/sd-daemon.h, |
1276 | , | |
1277 | [ | |
1278 | AC_MSG_ERROR([systemd development headers not found.]) | |
1279 | ]) | |
1280 | ||
1281 | saved_LIBS="${LIBS}" | |
1282 | LIBS="${LIBS} ${libsystemd_LIBS}" | |
1283 | AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])]) | |
1284 | OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" | |
1285 | AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) | |
1286 | LIBS="${saved_LIBS}" | |
ca5b4c2a CH |
1287 | |
1288 | if test -n "${SYSTEMD_UNIT_DIR}"; then | |
1289 | systemdunitdir="${SYSTEMD_UNIT_DIR}" | |
1290 | else | |
1291 | systemdunitdir="\${libdir}/systemd/system" | |
1292 | fi | |
3de7be7b CH |
1293 | |
1294 | if test -n "${TMPFILES_DIR}"; then | |
1295 | tmpfilesdir="${TMPFILES_DIR}" | |
1296 | else | |
1297 | tmpfilesdir="\${libdir}/tmpfiles.d" | |
1298 | fi | |
f33ee6bc | 1299 | fi |
40efb635 | 1300 | |
38d96bd7 | 1301 | |
7046ff20 ABL |
1302 | AC_MSG_CHECKING([git checkout]) |
1303 | GIT_CHECKOUT="no" | |
1304 | if test -n "${GIT}" -a -d "${srcdir}/.git"; then | |
1305 | AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h]) | |
1306 | GIT_CHECKOUT="yes" | |
1307 | fi | |
1308 | AC_MSG_RESULT([${GIT_CHECKOUT}]) | |
1309 | ||
51bd56f4 ABL |
1310 | dnl enable --x509-username-field feature if requested |
1311 | if test "${enable_x509_alt_username}" = "yes"; then | |
86d8cd68 SK |
1312 | if test "${with_crypto_library}" = "mbedtls" ; then |
1313 | AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature]) | |
51bd56f4 ABL |
1314 | fi |
1315 | ||
1316 | AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature]) | |
1317 | fi | |
1318 | ||
51bd56f4 | 1319 | test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability]) |
51bd56f4 ABL |
1320 | test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support]) |
1321 | test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size]) | |
1322 | test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support]) | |
1323 | test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing]) | |
c3fc703d | 1324 | |
1da3496a | 1325 | test "${enable_ntlm}" = "yes" && AC_DEFINE([ENABLE_NTLM], [1], [Enable NTLMv2 proxy support]) |
cf49ff50 | 1326 | test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes]) |
5defbba4 SK |
1327 | if test "${have_export_keying_material}" = "yes"; then |
1328 | AC_DEFINE( | |
1329 | [HAVE_EXPORT_KEYING_MATERIAL], [1], | |
1330 | [Crypto library supports keying material exporter] | |
1331 | ) | |
1332 | fi | |
cf49ff50 AQ |
1333 | OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}" |
1334 | OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}" | |
9b33b5a4 | 1335 | |
bdae4110 | 1336 | if test "${enable_plugins}" = "yes"; then |
bdae4110 | 1337 | OPTIONAL_DL_LIBS="${DL_LIBS}" |
8065cd1c | 1338 | AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support]) |
ce8271f5 ABL |
1339 | else |
1340 | enable_plugin_auth_pam="no" | |
1341 | enable_plugin_down_root="no" | |
bdae4110 ABL |
1342 | fi |
1343 | ||
1e894662 AQ |
1344 | AM_CONDITIONAL([HAVE_SITNL], [false]) |
1345 | ||
c3fc703d | 1346 | if test "${enable_iproute2}" = "yes"; then |
e34437c2 | 1347 | test "${enable_dco}" = "yes" && AC_MSG_ERROR([iproute2 support cannot be enabled when using DCO]) |
c3fc703d ABL |
1348 | test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing]) |
1349 | AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support]) | |
c6542257 AQ |
1350 | else if test "${have_sitnl}" = "yes"; then |
1351 | AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support]) | |
1e894662 | 1352 | AM_CONDITIONAL([HAVE_SITNL], [true]) |
c6542257 AQ |
1353 | else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then |
1354 | test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing]) | |
1355 | test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing]) | |
1356 | fi | |
1357 | fi | |
c3fc703d | 1358 | fi |
51bd56f4 | 1359 | |
cd5990e0 ABL |
1360 | if test "${enable_selinux}" = "yes"; then |
1361 | test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing]) | |
1362 | OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}" | |
1363 | AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support]) | |
1364 | fi | |
1365 | ||
74bbc71b ABL |
1366 | if test "${enable_lzo}" = "yes"; then |
1367 | test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing]) | |
1368 | OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}" | |
1369 | OPTIONAL_LZO_LIBS="${LZO_LIBS}" | |
1370 | AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library]) | |
1371 | fi | |
38d96bd7 JY |
1372 | if test "${enable_comp_stub}" = "yes"; then |
1373 | test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)]) | |
40efb635 | 1374 | test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)]) |
38d96bd7 | 1375 | AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability]) |
07084261 ABL |
1376 | fi |
1377 | ||
3013fde1 | 1378 | AM_CONDITIONAL([HAVE_SOFTHSM2], [false]) |
18b5fbdf ABL |
1379 | if test "${enable_pkcs11}" = "yes"; then |
1380 | test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing]) | |
18b5fbdf ABL |
1381 | OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}" |
1382 | OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}" | |
1383 | AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11]) | |
3c6d3220 DW |
1384 | PKG_CHECK_MODULES( |
1385 | [P11KIT], | |
1386 | [p11-kit-1], | |
1387 | [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`" | |
1388 | AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])], | |
1389 | [] | |
1390 | ) | |
3013fde1 SN |
1391 | # |
1392 | # softhsm2 for pkcs11 tests | |
1393 | # | |
1394 | AC_ARG_VAR([P11TOOL], [full path to p11tool]) | |
1395 | AC_PATH_PROGS([P11TOOL], [p11tool],, [$PATH:/usr/local/bin:/usr/bin:/bin]) | |
1396 | AC_DEFINE_UNQUOTED([P11TOOL_PATH], ["$P11TOOL"], [Path to p11tool]) | |
1397 | AC_ARG_VAR([SOFTHSM2_UTIL], [full path to softhsm2-util]) | |
1398 | AC_ARG_VAR([SOFTHSM2_MODULE], [full path to softhsm2 module @<:@default=/usr/lib/softhsm/libsofthsm2.so@:>@]) | |
1399 | AC_PATH_PROGS([SOFTHSM2_UTIL], [softhsm2-util],, [$PATH:/usr/local/bin:/usr/bin:/bin]) | |
1400 | test -z "$SOFTHSM2_MODULE" && SOFTHSM2_MODULE=/usr/lib/softhsm/libsofthsm2.so | |
1401 | AC_DEFINE_UNQUOTED([SOFTHSM2_UTIL_PATH], ["$SOFTHSM2_UTIL"], [Path to softhsm2-util]) | |
1402 | AC_DEFINE_UNQUOTED([SOFTHSM2_MODULE_PATH], ["$SOFTHSM2_MODULE"], [Path to softhsm2 module]) | |
1403 | if test "${with_crypto_library}" = "openssl"; then | |
1404 | AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${P11TOOL}" -a "${SOFTHSM2_UTIL}" -a "${SOFTHSM2_MODULE}"]) | |
1405 | fi | |
18b5fbdf ABL |
1406 | fi |
1407 | ||
fb8033d4 SN |
1408 | # When testing a compiler option, we add -Werror to force |
1409 | # an error when the option is unsupported. This is not | |
1410 | # required for gcc, but some compilers such as clang needs it. | |
6a5d10e9 SK |
1411 | AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [ |
1412 | old_cflags="$CFLAGS" | |
fb8033d4 SN |
1413 | CFLAGS="$1 -Werror $CFLAGS" |
1414 | AC_MSG_CHECKING([whether the compiler accepts $1]) | |
1415 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags", | |
6a5d10e9 | 1416 | [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])] |
adbf68c0 | 1417 | ) |
6a5d10e9 | 1418 | |
46d09607 | 1419 | ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation]) |
6a5d10e9 | 1420 | ACL_CHECK_ADD_COMPILE_FLAGS([-Wall]) |
adbf68c0 | 1421 | |
51bd56f4 ABL |
1422 | if test "${enable_pedantic}" = "yes"; then |
1423 | enable_strict="yes" | |
31444111 | 1424 | CFLAGS="${CFLAGS} -pedantic" |
058f0efd | 1425 | AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode]) |
51bd56f4 ABL |
1426 | fi |
1427 | if test "${enable_strict}" = "yes"; then | |
adbf68c0 | 1428 | CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized" |
99385447 | 1429 | fi |
51194ffd SK |
1430 | if test "${enable_werror}" = "yes"; then |
1431 | CFLAGS="${CFLAGS} -Werror" | |
1432 | fi | |
99385447 | 1433 | |
ce8271f5 ABL |
1434 | if test "${enable_plugin_auth_pam}" = "yes"; then |
1435 | PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}" | |
1436 | if test "${enable_pam_dlopen}" = "yes"; then | |
1437 | AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam]) | |
1438 | PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}" | |
1439 | else | |
1440 | test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing]) | |
1441 | PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}" | |
1442 | fi | |
1443 | fi | |
1444 | ||
0d1a75bf | 1445 | if test "${enable_async_push}" = "yes"; then |
e1eb630d LS |
1446 | case "$host" in |
1447 | *-*-freebsd*) | |
1448 | PKG_CHECK_MODULES( | |
1449 | [OPTIONAL_INOTIFY], | |
1450 | [libinotify], | |
1451 | [ | |
1452 | AC_DEFINE([HAVE_SYS_INOTIFY_H]) | |
1453 | AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]) | |
1454 | ] | |
1455 | ) | |
1456 | ;; | |
1457 | *) | |
1458 | AC_CHECK_HEADERS( | |
1459 | [sys/inotify.h], | |
1460 | AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]), | |
1461 | AC_MSG_ERROR([inotify.h not found.]) | |
1462 | ) | |
1463 | ;; | |
1464 | esac | |
0d1a75bf LS |
1465 | fi |
1466 | ||
fcff80aa ABL |
1467 | CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`" |
1468 | AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings]) | |
1469 | ||
ac2447cd ABL |
1470 | TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID" |
1471 | TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR" | |
1472 | TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR" | |
1473 | AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id]) | |
1474 | AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN]) | |
1475 | AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN]) | |
1476 | AC_SUBST([TAP_WIN_COMPONENT_ID]) | |
1477 | AC_SUBST([TAP_WIN_MIN_MAJOR]) | |
1478 | AC_SUBST([TAP_WIN_MIN_MINOR]) | |
1bda73a7 | 1479 | |
bdae4110 | 1480 | AC_SUBST([OPTIONAL_DL_LIBS]) |
cd5990e0 | 1481 | AC_SUBST([OPTIONAL_SELINUX_LIBS]) |
9b33b5a4 ABL |
1482 | AC_SUBST([OPTIONAL_CRYPTO_CFLAGS]) |
1483 | AC_SUBST([OPTIONAL_CRYPTO_LIBS]) | |
74bbc71b ABL |
1484 | AC_SUBST([OPTIONAL_LZO_CFLAGS]) |
1485 | AC_SUBST([OPTIONAL_LZO_LIBS]) | |
40efb635 GD |
1486 | AC_SUBST([OPTIONAL_LZ4_CFLAGS]) |
1487 | AC_SUBST([OPTIONAL_LZ4_LIBS]) | |
f33ee6bc | 1488 | AC_SUBST([OPTIONAL_SYSTEMD_LIBS]) |
18b5fbdf ABL |
1489 | AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) |
1490 | AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) | |
e1eb630d LS |
1491 | AC_SUBST([OPTIONAL_INOTIFY_CFLAGS]) |
1492 | AC_SUBST([OPTIONAL_INOTIFY_LIBS]) | |
bdae4110 | 1493 | |
ce8271f5 ABL |
1494 | AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS]) |
1495 | AC_SUBST([PLUGIN_AUTH_PAM_LIBS]) | |
1496 | ||
51bd56f4 | 1497 | AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"]) |
7046ff20 | 1498 | AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"]) |
ce8271f5 ABL |
1499 | AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"]) |
1500 | AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"]) | |
f91ab283 | 1501 | AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"]) |
542c69c3 | 1502 | AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"]) |
1bda73a7 | 1503 | |
880a2ae9 | 1504 | sampledir="\$(docdir)/sample" |
ce8271f5 | 1505 | AC_SUBST([plugindir]) |
880a2ae9 ABL |
1506 | AC_SUBST([sampledir]) |
1507 | ||
ca5b4c2a | 1508 | AC_SUBST([systemdunitdir]) |
3de7be7b | 1509 | AC_SUBST([tmpfilesdir]) |
ca5b4c2a | 1510 | |
222e6917 GD |
1511 | AC_ARG_ENABLE( |
1512 | [unit-tests], | |
1513 | [AS_HELP_STRING([--disable-unit-tests], | |
1514 | [Disables building and running the unit tests suite])], | |
1515 | [], | |
1516 | [enable_unit_tests="yes"] | |
1517 | ) | |
1518 | ||
1519 | # Check if cmocka is available - needed for unit testing | |
1520 | PKG_CHECK_MODULES( | |
1521 | [CMOCKA], [cmocka], | |
1522 | [have_cmocka="yes"], | |
c0f38019 | 1523 | [AC_MSG_WARN([cmocka.pc not found on the system using pkg-config ${pkg_config_found}. Unit tests disabled])] |
222e6917 GD |
1524 | ) |
1525 | AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ]) | |
1526 | AC_SUBST([ENABLE_UNITTESTS]) | |
1527 | ||
7473f326 | 1528 | TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}" |
222e6917 | 1529 | TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}" |
7473f326 SK |
1530 | TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}" |
1531 | TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}" | |
222e6917 | 1532 | TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}" |
40cb4cfc JN |
1533 | |
1534 | AC_SUBST([TEST_LDFLAGS]) | |
1535 | AC_SUBST([TEST_CFLAGS]) | |
1536 | ||
51bd56f4 | 1537 | AC_CONFIG_FILES([ |
1bda73a7 | 1538 | Makefile |
98bc1a3e | 1539 | build/Makefile |
34cb9132 | 1540 | distro/Makefile |
ca5b4c2a | 1541 | distro/systemd/Makefile |
66bf378e SK |
1542 | doc/Makefile |
1543 | doc/doxygen/Makefile | |
1544 | doc/doxygen/openvpn.doxyfile | |
34cb9132 | 1545 | include/Makefile |
0b5141d8 | 1546 | sample/sample-plugins/Makefile |
34cb9132 | 1547 | src/Makefile |
dc81e743 | 1548 | src/compat/Makefile |
34cb9132 | 1549 | src/openvpn/Makefile |
ce68686f | 1550 | src/openvpnmsica/Makefile |
34cb9132 | 1551 | src/openvpnserv/Makefile |
ce8271f5 ABL |
1552 | src/plugins/Makefile |
1553 | src/plugins/auth-pam/Makefile | |
1554 | src/plugins/down-root/Makefile | |
ce68686f | 1555 | src/tapctl/Makefile |
34cb9132 | 1556 | tests/Makefile |
40cb4cfc JN |
1557 | tests/unit_tests/Makefile |
1558 | tests/unit_tests/example_test/Makefile | |
698e268a | 1559 | tests/unit_tests/openvpn/Makefile |
ac42df1a SK |
1560 | tests/unit_tests/plugins/Makefile |
1561 | tests/unit_tests/plugins/auth-pam/Makefile | |
34cb9132 | 1562 | sample/Makefile |
1bda73a7 | 1563 | ]) |
34cb9132 | 1564 | AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh]) |
51bd56f4 | 1565 | AC_OUTPUT |