1 dnl OpenVPN -- An application to securely tunnel IP networks
2 dnl over a single UDP port, with support for SSL/TLS-based
3 dnl session authentication and key exchange,
4 dnl packet encryption, packet authentication, and
5 dnl packet compression.
7 dnl Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net>
8 dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
10 dnl This program is free software; you can redistribute it and/or modify
11 dnl it under the terms of the GNU General Public License as published by
12 dnl the Free Software Foundation; either version 2 of the License, or
13 dnl (at your option) any later version.
15 dnl This program is distributed in the hope that it will be useful,
16 dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
17 dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 dnl GNU General Public License for more details.
20 dnl You should have received a copy of the GNU General Public License along
21 dnl with this program; if not, write to the Free Software Foundation, Inc.,
22 dnl 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 dnl Process this file with autoconf to produce a configure script.
28 m4_include(version.m4)
29 AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME])
31 AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format])
32 AC_SUBST([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version])
33 AC_SUBST([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version])
34 AC_SUBST([OPENVPN_VERSION_PATCH], [PRODUCT_VERSION_PATCH], [OpenVPN patch level - may be a string or integer])
35 AC_DEFINE([OPENVPN_VERSION_MAJOR], [PRODUCT_VERSION_MAJOR], [OpenVPN major version - integer])
36 AC_DEFINE([OPENVPN_VERSION_MINOR], [PRODUCT_VERSION_MINOR], [OpenVPN minor version - integer])
37 AC_DEFINE([OPENVPN_VERSION_PATCH], ["PRODUCT_VERSION_PATCH"], [OpenVPN patch level - may be a string or integer])
39 AC_CONFIG_AUX_DIR([.])
40 AC_CONFIG_HEADERS([config.h include/openvpn-plugin.h])
41 AC_CONFIG_SRCDIR([src/openvpn/syshead.h])
42 AC_CONFIG_MACRO_DIR([m4])
44 dnl Automake 1.14+ warns if sources are in sub-directories but subdir-objects
45 dnl options is not enabled. However, automake before 1.15a has a bug that causes
46 dnl variable expansion to fail in foo_SOURCES when this option is used.
47 dnl As most of our build systems are now likely to use automake 1.16+ add a
48 dnl work around to conditionally add subdir-objects option.
49 m4_define([subdir_objects], [
50 m4_esyscmd([automake --version |
52 awk '{split ($NF,a,"."); if (a[1] == 1 && a[2] >= 16) { print "subdir-objects" }}'
56 # This foreign option prevents autoreconf from overriding our COPYING and
58 AM_INIT_AUTOMAKE(foreign subdir_objects 1.9) dnl NB: Do not [quote] this parameter.
59 AM_SILENT_RULES([yes])
61 AC_USE_SYSTEM_EXTENSIONS
65 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])],
72 [AS_HELP_STRING([--disable-lz4], [disable LZ4 compression support @<:@default=yes@:>@])],
73 [enable_lz4="$enableval"],
79 [AS_HELP_STRING([--enable-comp-stub], [disable compression support but still allow limited interoperability with compression-enabled peers @<:@default=no@:>@])],
80 [enable_comp_stub="$enableval"],
81 [enable_comp_stub="no"]
86 [AS_HELP_STRING([--disable-ofb-cfb], [disable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
88 [enable_crypto_ofb_cfb="yes"]
93 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])],
95 [enable_x509_alt_username="no"]
100 [AS_HELP_STRING([--disable-ntlm], [disable NTLMv2 proxy support @<:@default=yes@:>@])],
107 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
109 [enable_plugins="yes"]
114 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])],
116 [enable_management="yes"]
121 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])],
128 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])],
130 [enable_fragment="yes"]
135 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])],
137 [enable_port_share="yes"]
142 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])],
149 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=no@:>@])],
156 [AS_HELP_STRING([--disable-dco], [disable data channel offload support using the ovpn-dco kernel module @<:@default=yes@:>@ on Linux/FreeBSD, can't disable on Windows])],
167 # note that this does not disable it for Windows
176 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 (disables DCO) @<:@default=no@:>@])],
178 [enable_iproute2="no"]
183 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])],
187 *-*-openbsd*) enable_plugin_auth_pam="no";;
188 *-mingw*) enable_plugin_auth_pam="no";;
189 *) enable_plugin_auth_pam="yes";;
196 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])],
200 *-mingw*) enable_plugin_down_root="no";;
201 *) enable_plugin_down_root="yes";;
208 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])],
210 [enable_pam_dlopen="no"]
215 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])],
222 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])],
224 [enable_pedantic="no"]
229 [AS_HELP_STRING([--enable-werror], [promote compiler warnings to errors, will cause builds to fail if the compiler issues warnings (debugging option) @<:@default=no@:>@])],
236 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])],
238 [enable_strict_options="no"]
243 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])],
245 [enable_selinux="no"]
250 [AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])],
252 [enable_systemd="no"]
257 [AS_HELP_STRING([--enable-async-push], [enable async-push support for plugins providing deferred authentication @<:@default=no@:>@])],
259 [enable_async_push="no"]
264 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
265 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])]
270 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])],
273 dmalloc|valgrind|ssl|no) ;;
274 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;;
277 [with_mem_check="no"]
282 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|mbedtls|wolfssl @<:@default=openssl@:>@])],
285 openssl|mbedtls|wolfssl) ;;
286 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
289 [with_crypto_library="openssl"]
294 [AS_HELP_STRING([--disable-wolfssl-options-h], [Disable including options.h in wolfSSL @<:@default=yes@:>@])],
296 [enable_wolfssl_options_h="yes"]
301 [AS_HELP_STRING([--with-openssl-engine], [enable engine support with OpenSSL. Default enabled for OpenSSL < 3.0, auto,yes,no @<:@default=auto@:>@])],
305 *) AC_MSG_ERROR([bad value ${withval} for --with-engine]) ;;
308 [with_openssl_engine="auto"]
311 AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
312 if test -n "${PLUGINDIR}"; then
313 plugindir="${PLUGINDIR}"
315 plugindir="\${libdir}/openvpn/plugins"
318 AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
319 AM_CONDITIONAL([TARGET_LINUX], [false])
322 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?])
323 AM_CONDITIONAL([TARGET_LINUX], [true])
324 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix])
326 pkg_config_required="yes"
329 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?])
330 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix])
331 CPPFLAGS="$CPPFLAGS -D_XPG4_2"
332 test -x /bin/bash && SHELL="/bin/bash"
335 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
336 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix])
339 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?])
340 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix])
343 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?])
344 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix])
347 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?])
348 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix])
349 have_tap_header="yes"
350 ac_cv_type_struct_in_pktinfo=no
353 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?])
354 AC_DEFINE([ENABLE_DCO], [1], [DCO is always enabled on Windows])
355 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix])
356 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN"
357 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA"
361 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?])
362 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix])
365 AC_DEFINE([TARGET_AIX], [1], [Are we running AIX?])
366 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["A"], [Target prefix])
367 ROUTE="/usr/sbin/route"
368 have_tap_header="yes"
369 ac_cv_header_net_if_h="no" # exists, but breaks things
372 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
373 have_tap_header="yes"
377 AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes")
380 # Add variable to print if pkg-config is found or not. Users often miss that
381 if test "${PKG_CONFIG}" = ""; then
382 if test "${pkg_config_required}" = "yes"; then
383 AC_MSG_ERROR([pkg-config is required])
385 pkg_config_found="(not found)"
387 pkg_config_found="(${PKG_CONFIG})"
396 AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility])
397 AC_ARG_VAR([ROUTE], [full path to route utility])
398 AC_ARG_VAR([IPROUTE], [full path to ip utility])
399 AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
400 AC_ARG_VAR([GIT], [path to git utility])
401 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
402 AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@])
403 AC_ARG_VAR([TMPFILES_DIR], [Path of tmpfiles directory @<:@default=LIBDIR/tmpfiles.d@:>@])
404 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
405 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
406 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
407 AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin])
408 AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests
409 AC_CHECK_PROGS([GIT], [git]) # optional
410 AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool])
411 AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool])
412 AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool])
413 AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool])
416 # man page generation - based on python-docutils
418 AC_ARG_VAR([RST2MAN], [path to rst2man utility])
419 AC_ARG_VAR([RST2HTML], [path to rst2html utility])
420 AC_CHECK_PROGS([RST2MAN], [rst2man rst2man.py])
421 AC_CHECK_PROGS([RST2HTML], [rst2html rst2html.py])
422 AM_CONDITIONAL([HAVE_PYDOCUTILS], [test "${RST2MAN}" -a "${RST2HTML}"])
424 # Set -std=c99 unless user already specified a -std=
427 *) CFLAGS="${CFLAGS} -std=c99" ;;
437 LT_LANG([Windows Resource])
454 AC_CHECK_SIZEOF([unsigned int])
455 AC_CHECK_SIZEOF([unsigned long])
458 sys/types.h sys/socket.h \
461 netinet/tcp.h arpa/inet.h netdb.h \
464 sys/time.h sys/ioctl.h sys/stat.h \
465 sys/mman.h sys/file.h sys/wait.h \
466 unistd.h libgen.h stropts.h \
467 syslog.h pwd.h grp.h termios.h \
468 sys/sockio.h sys/uio.h linux/sockios.h \
469 linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \
474 #ifdef HAVE_SYS_TYPES_H
475 #include <sys/types.h>
477 #ifdef HAVE_SYS_SOCKET_H
478 #include <sys/socket.h>
483 #ifdef HAVE_NETINET_IN_H
484 #include <netinet/in.h>
490 #include <winsock2.h>
493 #include <ws2tcpip.h>
495 #ifdef HAVE_NETINET_IP_H
496 #include <netinet/ip.h>
501 [net/if.h netinet/ip.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h],
504 [[${SOCKET_INCLUDES}]]
510 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])],
511 [[${SOCKET_INCLUDES}]]
516 [AC_DEFINE([in_port_t], [uint16_t], [Workaround missing in_port_t])],
517 [[${SOCKET_INCLUDES}]]
521 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])],
523 [[${SOCKET_INCLUDES}]]
527 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])],
529 [[${SOCKET_INCLUDES}]]
533 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])],
535 [[${SOCKET_INCLUDES}]]
539 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])],
541 [[${SOCKET_INCLUDES}]]
545 [AC_DEFINE([HAVE_SA_FAMILY_T], [1], [sa_family_t, needed to hold AF_* info])],
547 [[${SOCKET_INCLUDES}]]
550 [struct in_pktinfo.ipi_spec_dst],
551 [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])],
553 [[${SOCKET_INCLUDES}]]
556 [struct sockaddr_in6],
558 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])],
559 [[${SOCKET_INCLUDES}]]
565 [[${SOCKET_INCLUDES}]]
567 AC_MSG_CHECKING([anonymous union support])
585 AC_DEFINE([HAVE_ANONYMOUS_UNION_SUPPORT], [], [Compiler supports anonymous unions])
587 [AC_MSG_RESULT([no])]
590 saved_LDFLAGS="$LDFLAGS"
591 LDFLAGS="$LDFLAGS -Wl,--wrap=exit"
592 AC_MSG_CHECKING([linker supports --wrap])
597 void __real_exit(int);
598 void __wrap_exit(int i) {
608 have_ld_wrap_support=yes
610 [AC_MSG_RESULT([no])],
612 LDFLAGS="$saved_LDFLAGS"
614 dnl We emulate signals in Windows
618 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])],
626 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])],
634 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])],
642 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])],
650 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])],
659 daemon chroot getpwnam setuid nice system dup dup2 \
660 syslog openlog mlockall getrlimit getgrnam setgid \
661 setgroups flock time gettimeofday \
663 chsize ftruncate execve getpeereid basename dirname access \
664 epoll_create strsep \
677 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"]
682 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"]
687 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"]
689 AC_SUBST([SOCKETS_LIBS])
692 LIBS="${LIBS} ${SOCKETS_LIBS}"
693 AC_CHECK_FUNCS([sendmsg recvmsg])
697 # we assume res_init() always exist, but need to find out *where*...
698 AC_SEARCH_LIBS(__res_init, resolv bind, ,
699 AC_SEARCH_LIBS(res_9_init, resolv bind, ,
700 AC_SEARCH_LIBS(res_init, resolv bind, , )))
702 AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap])
703 old_CFLAGS="${CFLAGS}"
704 CFLAGS="${CFLAGS} ${TAP_CFLAGS}"
707 net/if_tun.h net/tun/if_tun.h \
711 [have_tap_header="yes"]
715 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])],
718 #ifdef HAVE_LINUX_IF_TUN_H
719 #include <linux/if_tun.h>
723 CFLAGS="${old_CFLAGS}"
724 test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found])
729 [SELINUX_LIBS="-lselinux"]
731 AC_SUBST([SELINUX_LIBS])
733 AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam])
734 AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam])
735 if test -z "${LIBPAM_LIBS}"; then
739 [LIBPAM_LIBS="-lpam"]
743 case "${with_mem_check}" in
746 [valgrind/memcheck.h],
748 CFLAGS="${CFLAGS} -g -fno-inline"
752 [Use valgrind memory debugging library]
755 [AC_MSG_ERROR([valgrind headers not found.])]
765 LIBS="${LIBS} -ldmalloc"
769 [Use dmalloc memory debugging library]
772 [AC_MSG_ERROR([dmalloc library not found.])]
774 [AC_MSG_ERROR([dmalloc headers not found.])]
785 [Use memory debugging function in OpenSSL]
787 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG])
789 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])]
796 [libpkcs11-helper-1 >= 1.11],
797 [have_pkcs11_helper="yes"],
802 if test "$enable_dco" != "no"; then
803 enable_dco_arg="$enable_dco"
804 if test "${enable_iproute2}" = "yes"; then
805 AC_MSG_WARN([DCO cannot be enabled when using iproute2])
810 if test "$enable_dco" = "no"; then
811 if test "$enable_dco_arg" = "auto"; then
812 AC_MSG_WARN([DCO support disabled])
814 AC_MSG_ERROR([DCO support can't be enabled])
818 dnl Include generic netlink library used to talk to ovpn-dco
820 PKG_CHECK_MODULES([LIBNL_GENL],
821 [libnl-genl-3.0 >= 3.4.0],
824 AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO])
827 CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}"
828 LIBS="${LIBS} ${LIBNL_GENL_LIBS}"
830 AC_DEFINE(ENABLE_DCO, 1, [Enable shared data channel offload])
831 AC_MSG_NOTICE([Enabled ovpn-dco support for Linux])
835 AC_CHECK_HEADERS([net/if_ovpn.h],
838 AC_DEFINE(ENABLE_DCO, 1, [Enable data channel offload for FreeBSD])
839 AC_MSG_NOTICE([Enabled ovpn-dco support for FreeBSD])
843 AC_MSG_WARN([DCO header not found.])
846 if test "$enable_dco" = "no"; then
847 if test "$enable_dco_arg" = "auto"; then
848 AC_MSG_WARN([DCO support disabled])
850 AC_MSG_ERROR([DCO support can't be enabled])
855 AC_MSG_NOTICE([NOTE: --enable-dco ignored on Windows because it's always enabled])
858 AC_MSG_NOTICE([Ignoring --enable-dco on non supported platform])
864 dnl Depend on libcap-ng on Linux
868 # We require pkg-config
869 PKG_CHECK_MODULES([LIBCAPNG],
872 [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])]
874 AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])])
876 CFLAGS="${CFLAGS} ${LIBCAPNG_CFLAGS}"
877 LIBS="${LIBS} ${LIBCAPNG_LIBS}"
878 AC_DEFINE(HAVE_LIBCAPNG, 1, [Enable libcap-ng support])
883 if test "${with_crypto_library}" = "openssl"; then
884 AC_ARG_VAR([OPENSSL_CFLAGS], [C compiler flags for OpenSSL])
885 AC_ARG_VAR([OPENSSL_LIBS], [linker flags for OpenSSL])
887 if test -z "${OPENSSL_CFLAGS}" -a -z "${OPENSSL_LIBS}"; then
888 # if the user did not explicitly specify flags, try to autodetect
892 [have_openssl="yes"],
893 [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next
895 OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto}
898 saved_CFLAGS="${CFLAGS}"
900 CFLAGS="${CFLAGS} ${OPENSSL_CFLAGS}"
901 LIBS="${LIBS} ${OPENSSL_LIBS}"
903 # If pkgconfig check failed or OPENSSL_CFLAGS/OPENSSL_LIBS env vars
904 # are used, check the version directly in the OpenSSL include file
905 if test "${have_openssl}" != "yes"; then
906 AC_MSG_CHECKING([additionally if OpenSSL is available and version >= 1.0.2])
910 #include <openssl/opensslv.h>
913 /* Version encoding: MNNFFPPS - see opensslv.h for details */
914 #if OPENSSL_VERSION_NUMBER < 0x10002000L
915 #error OpenSSL too old
919 [AC_MSG_RESULT([ok])],
920 [AC_MSG_ERROR([OpenSSL version too old])]
924 AC_CHECK_FUNCS([SSL_CTX_new],
926 [AC_MSG_ERROR([openssl check failed])]
929 if test "${with_openssl_engine}" = "auto"; then
933 #include <openssl/opensslv.h>
934 #include <openssl/opensslconf.h>
937 /* Version encoding: MNNFFPPS - see opensslv.h for details */
938 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
939 #error Engine support disabled by default in OpenSSL 3.0+
942 /* BoringSSL and LibreSSL >= 3.8.1 removed engine support */
943 #ifdef OPENSSL_NO_ENGINE
944 #error Engine support disabled in openssl/opensslconf.h
948 [have_openssl_engine="yes"],
949 [have_openssl_engine="no"]
951 if test "${have_openssl_engine}" = "yes"; then
954 ENGINE_load_builtin_engines \
955 ENGINE_register_all_complete \
958 [have_openssl_engine="no"; break]
962 have_openssl_engine="${with_openssl_engine}"
963 if test "${have_openssl_engine}" = "yes"; then
966 ENGINE_load_builtin_engines \
967 ENGINE_register_all_complete \
970 [AC_MSG_ERROR([OpenSSL engine support not found])]
974 if test "${have_openssl_engine}" = "yes"; then
975 AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available])
981 [AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])]
984 # All supported OpenSSL version (>= 1.0.2)
986 have_export_keying_material="yes"
988 CFLAGS="${saved_CFLAGS}"
991 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
992 CRYPTO_CFLAGS="${OPENSSL_CFLAGS}"
993 CRYPTO_LIBS="${OPENSSL_LIBS}"
994 elif test "${with_crypto_library}" = "mbedtls"; then
995 AC_ARG_VAR([MBEDTLS_CFLAGS], [C compiler flags for mbedtls])
996 AC_ARG_VAR([MBEDTLS_LIBS], [linker flags for mbedtls])
998 saved_CFLAGS="${CFLAGS}"
1001 if test -z "${MBEDTLS_CFLAGS}" -a -z "${MBEDTLS_LIBS}"; then
1002 # if the user did not explicitly specify flags, try to autodetect
1003 LIBS="${LIBS} -lmbedtls -lmbedx509 -lmbedcrypto"
1007 [MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"],
1008 [AC_MSG_ERROR([Could not find mbed TLS.])],
1009 [${PKCS11_HELPER_LIBS}]
1013 CFLAGS="${MBEDTLS_CFLAGS} ${PKCS11_HELPER_CFLAGS} ${CFLAGS}"
1014 LIBS="${MBEDTLS_LIBS} ${PKCS11_HELPER_LIBS} ${LIBS}"
1016 AC_MSG_CHECKING([mbedtls version])
1020 #include <mbedtls/version.h>
1023 #if MBEDTLS_VERSION_NUMBER < 0x02000000 || (MBEDTLS_VERSION_NUMBER >= 0x03000000 && MBEDTLS_VERSION_NUMBER < 0x03020100)
1024 #error invalid version
1028 [AC_MSG_RESULT([ok])],
1029 [AC_MSG_ERROR([mbed TLS version >= 2.0.0 or >= 3.2.1 required])]
1034 [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [1], [yes])],
1035 [AC_DEFINE([HAVE_MBEDTLS_PSA_CRYPTO_H], [0], [no])]
1040 mbedtls_cipher_write_tag \
1041 mbedtls_cipher_check_tag \
1044 [AC_MSG_ERROR([mbed TLS check for AEAD support failed])]
1048 [mbedtls_ssl_tls_prf],
1049 [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [1], [yes])],
1050 [AC_DEFINE([HAVE_MBEDTLS_SSL_TLS_PRF], [0], [no])]
1053 have_export_keying_material="yes"
1055 [mbedtls_ssl_conf_export_keys_ext_cb],
1056 [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [1], [yes])],
1057 [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [0], [no])]
1059 if test "x$ac_cv_func_mbedtls_ssl_conf_export_keys_ext_cb" != xyes; then
1061 [mbedtls_ssl_set_export_keys_cb],
1062 [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [1], [yes])],
1063 [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [0], [no])]
1065 if test "x$ac_cv_func_mbedtls_ssl_set_export_keys_cb" != xyes; then
1066 have_export_keying_material="no"
1071 [mbedtls_ctr_drbg_update_ret],
1072 AC_DEFINE([HAVE_MBEDTLS_CTR_DRBG_UPDATE_RET], [1],
1073 [Use mbedtls_ctr_drbg_update_ret from mbed TLS]),
1076 CFLAGS="${saved_CFLAGS}"
1077 LIBS="${saved_LIBS}"
1078 AC_DEFINE([ENABLE_CRYPTO_MBEDTLS], [1], [Use mbed TLS library])
1079 CRYPTO_CFLAGS="${MBEDTLS_CFLAGS}"
1080 CRYPTO_LIBS="${MBEDTLS_LIBS}"
1082 elif test "${with_crypto_library}" = "wolfssl"; then
1083 AC_ARG_VAR([WOLFSSL_CFLAGS], [C compiler flags for wolfssl. The include directory should
1084 contain the regular wolfSSL header files but also the
1085 wolfSSL OpenSSL header files. Ex: -I/usr/local/include
1086 -I/usr/local/include/wolfssl])
1087 AC_ARG_VAR([WOLFSSL_LIBS], [linker flags for wolfssl])
1089 saved_CFLAGS="${CFLAGS}"
1090 saved_LIBS="${LIBS}"
1092 if test -z "${WOLFSSL_CFLAGS}" -a -z "${WOLFSSL_LIBS}"; then
1093 # if the user did not explicitly specify flags, try to autodetect
1098 [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])]
1101 [WOLFSSL_INCLUDEDIR],
1105 [AC_MSG_ERROR([Could not find wolfSSL includedir variable.])]
1107 WOLFSSL_CFLAGS="${WOLFSSL_CFLAGS} -I${WOLFSSL_INCLUDEDIR}/wolfssl"
1109 saved_CFLAGS="${CFLAGS}"
1110 saved_LIBS="${LIBS}"
1111 CFLAGS="${CFLAGS} ${WOLFSSL_CFLAGS}"
1112 LIBS="${LIBS} ${WOLFSSL_LIBS}"
1118 [AC_MSG_ERROR([Could not link wolfSSL library.])]
1120 AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
1122 # wolfSSL signal EKM support
1123 have_export_keying_material="yes"
1125 if test "${enable_wolfssl_options_h}" = "yes"; then
1126 AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library])
1128 AC_DEFINE([WOLFSSL_USER_SETTINGS], [1], [Use custom user_settings.h file for wolfSSL library])
1131 have_export_keying_material="yes"
1133 CFLAGS="${saved_CFLAGS}"
1134 LIBS="${saved_LIBS}"
1136 AC_DEFINE([ENABLE_CRYPTO_WOLFSSL], [1], [Use wolfSSL crypto library])
1137 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use wolfSSL openssl compatibility layer])
1138 CRYPTO_CFLAGS="${WOLFSSL_CFLAGS}"
1139 CRYPTO_LIBS="${WOLFSSL_LIBS}"
1141 AC_MSG_ERROR([Invalid crypto library: ${with_crypto_library}])
1144 AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo])
1145 AC_ARG_VAR([LZO_LIBS], [linker flags for lzo])
1147 if test -z "${LZO_LIBS}"; then
1150 [lzo1x_1_15_compress],
1151 [LZO_LIBS="-llzo2"],
1154 [lzo1x_1_15_compress],
1160 if test "${have_lzo}" = "yes"; then
1161 saved_CFLAGS="${CFLAGS}"
1162 CFLAGS="${CFLAGS} ${LZO_CFLAGS}"
1169 [AC_MSG_ERROR([lzoutil.h is missing])]
1178 [AC_MSG_ERROR([lzo1x.h is missing])]
1181 CFLAGS="${saved_CFLAGS}"
1185 dnl check for LZ4 library
1188 AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
1189 AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
1190 if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
1191 if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
1192 # if the user did not explicitly specify flags, try to autodetect
1193 PKG_CHECK_MODULES([LZ4],
1194 [liblz4 >= 1.7.1 liblz4 < 100],
1196 [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
1197 # We also add set LZ4_LIBS otherwise the
1198 # linker will not know about the lz4 library
1202 saved_CFLAGS="${CFLAGS}"
1203 saved_LIBS="${LIBS}"
1204 CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
1205 LIBS="${LIBS} ${LZ4_LIBS}"
1207 # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
1208 # are used, check the version directly in the LZ4 include file
1209 if test "${have_lz4}" != "yes"; then
1210 AC_CHECK_HEADERS([lz4.h],
1214 if test "${have_lz4h}" = "yes" ; then
1215 AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
1221 /* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
1222 #if LZ4_VERSION_NUMBER < 10701L
1223 #error LZ4 is too old
1231 [AC_MSG_ERROR([system LZ4 library is too old])]
1236 # Double check we have a few needed functions
1237 if test "${have_lz4}" = "yes" ; then
1239 [LZ4_compress_default],
1243 [LZ4_decompress_safe],
1248 if test "${have_lz4}" != "yes" ; then
1249 AC_MSG_ERROR([No compatible LZ4 compression library found. Consider --disable-lz4])
1252 OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
1253 OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
1254 AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
1255 CFLAGS="${saved_CFLAGS}"
1256 LIBS="${saved_LIBS}"
1261 dnl Check for systemd
1263 AM_CONDITIONAL([ENABLE_SYSTEMD], [test "${enable_systemd}" = "yes"])
1264 if test "$enable_systemd" = "yes" ; then
1265 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd],
1267 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
1270 PKG_CHECK_EXISTS( [libsystemd > 216],
1271 [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1],
1272 [systemd is newer than v216])]
1275 AC_CHECK_HEADERS(systemd/sd-daemon.h,
1278 AC_MSG_ERROR([systemd development headers not found.])
1281 saved_LIBS="${LIBS}"
1282 LIBS="${LIBS} ${libsystemd_LIBS}"
1283 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])])
1284 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
1285 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
1286 LIBS="${saved_LIBS}"
1288 if test -n "${SYSTEMD_UNIT_DIR}"; then
1289 systemdunitdir="${SYSTEMD_UNIT_DIR}"
1291 systemdunitdir="\${libdir}/systemd/system"
1294 if test -n "${TMPFILES_DIR}"; then
1295 tmpfilesdir="${TMPFILES_DIR}"
1297 tmpfilesdir="\${libdir}/tmpfiles.d"
1302 AC_MSG_CHECKING([git checkout])
1304 if test -n "${GIT}" -a -d "${srcdir}/.git"; then
1305 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h])
1308 AC_MSG_RESULT([${GIT_CHECKOUT}])
1310 dnl enable --x509-username-field feature if requested
1311 if test "${enable_x509_alt_username}" = "yes"; then
1312 if test "${with_crypto_library}" = "mbedtls" ; then
1313 AC_MSG_ERROR([mbed TLS does not support the --x509-username-field feature])
1316 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature])
1319 test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
1320 test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
1321 test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size])
1322 test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
1323 test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
1325 test "${enable_ntlm}" = "yes" && AC_DEFINE([ENABLE_NTLM], [1], [Enable NTLMv2 proxy support])
1326 test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
1327 if test "${have_export_keying_material}" = "yes"; then
1329 [HAVE_EXPORT_KEYING_MATERIAL], [1],
1330 [Crypto library supports keying material exporter]
1333 OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CFLAGS}"
1334 OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_LIBS}"
1336 if test "${enable_plugins}" = "yes"; then
1337 OPTIONAL_DL_LIBS="${DL_LIBS}"
1338 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support])
1340 enable_plugin_auth_pam="no"
1341 enable_plugin_down_root="no"
1344 AM_CONDITIONAL([HAVE_SITNL], [false])
1346 if test "${enable_iproute2}" = "yes"; then
1347 test "${enable_dco}" = "yes" && AC_MSG_ERROR([iproute2 support cannot be enabled when using DCO])
1348 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing])
1349 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support])
1350 else if test "${have_sitnl}" = "yes"; then
1351 AC_DEFINE([ENABLE_SITNL], [1], [enable sitnl support])
1352 AM_CONDITIONAL([HAVE_SITNL], [true])
1353 else if test "${WIN32}" != "yes" -a "${have_sitnl}" != "yes"; then
1354 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing])
1355 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing])
1360 if test "${enable_selinux}" = "yes"; then
1361 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing])
1362 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}"
1363 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support])
1366 if test "${enable_lzo}" = "yes"; then
1367 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing])
1368 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}"
1369 OPTIONAL_LZO_LIBS="${LZO_LIBS}"
1370 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1372 if test "${enable_comp_stub}" = "yes"; then
1373 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)])
1374 test "${enable_lz4}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and LZ4 enabled (use --disable-lz4)])
1375 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability])
1378 AM_CONDITIONAL([HAVE_SOFTHSM2], [false])
1379 if test "${enable_pkcs11}" = "yes"; then
1380 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
1381 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
1382 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
1383 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
1387 [proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`"
1388 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])],
1392 # softhsm2 for pkcs11 tests
1394 AC_ARG_VAR([P11TOOL], [full path to p11tool])
1395 AC_PATH_PROGS([P11TOOL], [p11tool],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1396 AC_DEFINE_UNQUOTED([P11TOOL_PATH], ["$P11TOOL"], [Path to p11tool])
1397 AC_ARG_VAR([SOFTHSM2_UTIL], [full path to softhsm2-util])
1398 AC_ARG_VAR([SOFTHSM2_MODULE], [full path to softhsm2 module @<:@default=/usr/lib/softhsm/libsofthsm2.so@:>@])
1399 AC_PATH_PROGS([SOFTHSM2_UTIL], [softhsm2-util],, [$PATH:/usr/local/bin:/usr/bin:/bin])
1400 test -z "$SOFTHSM2_MODULE" && SOFTHSM2_MODULE=/usr/lib/softhsm/libsofthsm2.so
1401 AC_DEFINE_UNQUOTED([SOFTHSM2_UTIL_PATH], ["$SOFTHSM2_UTIL"], [Path to softhsm2-util])
1402 AC_DEFINE_UNQUOTED([SOFTHSM2_MODULE_PATH], ["$SOFTHSM2_MODULE"], [Path to softhsm2 module])
1403 if test "${with_crypto_library}" = "openssl"; then
1404 AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${P11TOOL}" -a "${SOFTHSM2_UTIL}" -a "${SOFTHSM2_MODULE}"])
1408 # When testing a compiler option, we add -Werror to force
1409 # an error when the option is unsupported. This is not
1410 # required for gcc, but some compilers such as clang needs it.
1411 AC_DEFUN([ACL_CHECK_ADD_COMPILE_FLAGS], [
1412 old_cflags="$CFLAGS"
1413 CFLAGS="$1 -Werror $CFLAGS"
1414 AC_MSG_CHECKING([whether the compiler accepts $1])
1415 AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [AC_MSG_RESULT([yes])]; CFLAGS="$1 $old_cflags",
1416 [AC_MSG_RESULT([no]); CFLAGS="$old_cflags"])]
1419 ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation])
1420 ACL_CHECK_ADD_COMPILE_FLAGS([-Wall])
1422 if test "${enable_pedantic}" = "yes"; then
1424 CFLAGS="${CFLAGS} -pedantic"
1425 AC_DEFINE([PEDANTIC], [1], [Enable pedantic mode])
1427 if test "${enable_strict}" = "yes"; then
1428 CFLAGS="${CFLAGS} -Wsign-compare -Wuninitialized"
1430 if test "${enable_werror}" = "yes"; then
1431 CFLAGS="${CFLAGS} -Werror"
1434 if test "${enable_plugin_auth_pam}" = "yes"; then
1435 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}"
1436 if test "${enable_pam_dlopen}" = "yes"; then
1437 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam])
1438 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}"
1440 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing])
1441 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}"
1445 if test "${enable_async_push}" = "yes"; then
1452 AC_DEFINE([HAVE_SYS_INOTIFY_H])
1453 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push])
1460 AC_DEFINE([ENABLE_ASYNC_PUSH], [1], [Enable async push]),
1461 AC_MSG_ERROR([inotify.h not found.])
1467 CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
1468 AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
1470 TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID"
1471 TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR"
1472 TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR"
1473 AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id])
1474 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN])
1475 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN])
1476 AC_SUBST([TAP_WIN_COMPONENT_ID])
1477 AC_SUBST([TAP_WIN_MIN_MAJOR])
1478 AC_SUBST([TAP_WIN_MIN_MINOR])
1480 AC_SUBST([OPTIONAL_DL_LIBS])
1481 AC_SUBST([OPTIONAL_SELINUX_LIBS])
1482 AC_SUBST([OPTIONAL_CRYPTO_CFLAGS])
1483 AC_SUBST([OPTIONAL_CRYPTO_LIBS])
1484 AC_SUBST([OPTIONAL_LZO_CFLAGS])
1485 AC_SUBST([OPTIONAL_LZO_LIBS])
1486 AC_SUBST([OPTIONAL_LZ4_CFLAGS])
1487 AC_SUBST([OPTIONAL_LZ4_LIBS])
1488 AC_SUBST([OPTIONAL_SYSTEMD_LIBS])
1489 AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS])
1490 AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS])
1491 AC_SUBST([OPTIONAL_INOTIFY_CFLAGS])
1492 AC_SUBST([OPTIONAL_INOTIFY_LIBS])
1494 AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS])
1495 AC_SUBST([PLUGIN_AUTH_PAM_LIBS])
1497 AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
1498 AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
1499 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
1500 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
1501 AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = "yes"])
1502 AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
1504 sampledir="\$(docdir)/sample"
1505 AC_SUBST([plugindir])
1506 AC_SUBST([sampledir])
1508 AC_SUBST([systemdunitdir])
1509 AC_SUBST([tmpfilesdir])
1513 [AS_HELP_STRING([--disable-unit-tests],
1514 [Disables building and running the unit tests suite])],
1516 [enable_unit_tests="yes"]
1519 # Check if cmocka is available - needed for unit testing
1522 [have_cmocka="yes"],
1523 [AC_MSG_WARN([cmocka.pc not found on the system using pkg-config ${pkg_config_found}. Unit tests disabled])]
1525 AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ])
1526 AC_SUBST([ENABLE_UNITTESTS])
1528 TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_HELPER_LIBS}"
1529 TEST_LDFLAGS="${TEST_LDFLAGS} ${OPTIONAL_LZO_LIBS} ${CMOCKA_LIBS}"
1530 TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_HELPER_CFLAGS}"
1531 TEST_CFLAGS="${TEST_CFLAGS} ${OPTIONAL_LZO_CFLAGS}"
1532 TEST_CFLAGS="${TEST_CFLAGS} -I\$(top_srcdir)/include ${CMOCKA_CFLAGS}"
1534 AC_SUBST([TEST_LDFLAGS])
1535 AC_SUBST([TEST_CFLAGS])
1540 distro/systemd/Makefile
1542 doc/doxygen/Makefile
1543 doc/doxygen/openvpn.doxyfile
1545 sample/sample-plugins/Makefile
1548 src/openvpn/Makefile
1549 src/openvpnmsica/Makefile
1550 src/openvpnserv/Makefile
1551 src/plugins/Makefile
1552 src/plugins/auth-pam/Makefile
1553 src/plugins/down-root/Makefile
1556 tests/unit_tests/Makefile
1557 tests/unit_tests/example_test/Makefile
1558 tests/unit_tests/openvpn/Makefile
1559 tests/unit_tests/plugins/Makefile
1560 tests/unit_tests/plugins/auth-pam/Makefile
1563 AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])