AC_DEFINE_UNQUOTED(RECV_ARG_TYPE,$squid_cv_recv_second_arg_type,
[Base type of the second argument to recv(2)])
])
+
+
+dnl check whether Solaris has broken IPFilter headers (Solaris 10 at least does)
+AC_DEFUN([SQUID_CHECK_BROKEN_SOLARIS_IPFILTER],[
+ if test "x$squid_cv_broken_ipfilter_minor_t" = "x"; then
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+# include <sys/types.h>
+# include <sys/ioccom.h>
+# include <netinet/in.h>
+
+# include <netinet/ip_compat.h>
+# include <netinet/ip_fil.h>
+# include <netinet/ip_nat.h>
+ ]])],[
+ AC_MSG_RESULT(no)
+ squid_cv_broken_ipfilter_minor_t=0
+ ],[
+ ## on fail, test the hack
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#define minor_t fubaar
+# include <sys/types.h>
+# include <sys/ioccom.h>
+# include <netinet/in.h>
+#undef minor_t
+# include <netinet/ip_compat.h>
+# include <netinet/ip_fil.h>
+# include <netinet/ip_nat.h>
+ ]])],[
+ AC_MSG_RESULT(yes)
+ squid_cv_broken_ipfilter_minor_t=1
+ ],[
+ AC_MSG_RESULT(unable to make IPFilter work with netinet/ headers)
+ ])
+ ])
+ fi
+
+ AC_DEFINE_UNQUOTED(USE_SOLARIS_IPFILTER_MINOR_T_HACK,$squid_cv_broken_ipfilter_minor_t,
+ [Workaround IPFilter minor_t breakage])
+
+## check for IPFilter headers that require this hack
+## (but first netinet/in.h and sys/ioccom.h which they depend on)
+ AC_CHECK_HEADERS( \
+ netinet/in.h \
+ sys/ioccom.h \
+ ip_compat.h \
+ ip_fil_compat.h \
+ ip_fil.h \
+ ip_nat.h \
+ netinet/ip_compat.h \
+ netinet/ip_fil_compat.h \
+ netinet/ip_fil.h \
+ netinet/ip_nat.h \
+ ,,,[
+#if USE_SOLARIS_IPFILTER_MINOR_T_HACK
+#define minor_t fubar
+#endif
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#if HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#if HAVE_SYS_IOCCOM_H
+#include <sys/ioccom.h>
+#endif
+#if USE_SOLARIS_IPFILTER_MINOR_T_HACK
+#undef minor_t
+#endif
+#if HAVE_IP_COMPAT_H
+#include <ip_compat.h>
+#elif HAVE_NETINET_IP_COMPAT_H
+#include <netinet/ip_compat.h>
+#endif
+#if HAVE_IP_FIL_H
+#include <ip_fil.h>
+#elif HAVE_NETINET_IP_FIL_H
+#include <netinet/ip_fil.h>
+#endif
+#if !defined(IPFILTER_VERSION)
+#define IPFILTER_VERSION 5000004
+#endif
+ ])
+])
#endif
#endif
+/* Solaris 10 has a broken definition for minor_t in IPFilter compat.
+ * We must pre-define before doing anything with OS headers so the OS
+ * do not. Then un-define it before using the IPFilter *_compat.h headers.
+ */
+#if IPF_TRANSPARENT && USE_SOLARIS_IPFILTER_MINOR_T_HACK
+/* But we only need do this nasty thing for src/ip/Intercept.cc */
+#if BUILDING_SQUID_IP_INTERCEPT_CC
+#define minor_t solaris_minor_t_fubar
+#endif
+#endif
+
/*****************************************************/
/* FDSETSIZE is messy and needs to be done before */
/* sys/types.h are defined. */
iostream \
fstream \
climits \
- ip_compat.h \
- ip_fil_compat.h \
- ip_fil.h \
- ip_nat.h \
ipl.h \
lber.h \
ldap.h \
netdb.h \
netinet/in.h \
netinet/in_systm.h \
- netinet/ip_fil_compat.h \
openssl/err.h \
openssl/md5.h \
openssl/opensslv.h \
netinet/in.h \
netinet/ip.h \
netinet/ip6.h \
- netinet/ip_compat.h\
- netinet/ip_fil_compat.h\
- netinet/ip_fil.h\
netinet/ip_icmp.h \
netinet/ipl.h \
- netinet/ip_nat.h\
net/pf/pfvar.h \
net/pfvar.h \
sys/mount.h\
SQUID_CHECK_FUNC_VACOPY
SQUID_CHECK_FUNC___VACOPY
-
dnl IP-Filter support requires ipf header files. These aren't
dnl installed by default, so we need to check for them
if test "x$enable_ipf_transparent" != "xno" ; then
+ SQUID_CHECK_BROKEN_SOLARIS_IPFILTER
AC_MSG_CHECKING(for availability of IP-Filter header files)
# hold on to your hats...
if test "x$ac_cv_header_ip_compat_h" = "xyes" -o \
"x$ac_cv_header_netinet_ip_compat_h" = "xyes" -o \
"x$ac_cv_header_netinet_ip_fil_compat_h" = "xyes" ; then
have_ipfilter_compat_header="yes"
- fi
- if test "x$have_ipfilter_compat_header" = "xyes" -a \
+ fi
+ if test "x$have_ipfilter_compat_header" = "xyes" -a \
"x$ac_cv_header_ip_fil_h" = "xyes" -a \
"x$ac_cv_header_ip_nat_h" = "xyes" ; then
enable_ipf_transparent="yes"
enable_ipf_transparent="no"
fi
AC_MSG_RESULT($IPF_TRANSPARENT)
+
+## On Solaris Ipfilter includes expect that SOLARIS2 is defined with the
+## Solaris minor version (8, 9, 10, ...)
+ if test "x$enable_ipf_transparent" = "xyes" -a "x$squid_host_os" = "xsolaris" ; then
+ solrev=`uname -r | sh -c 'IFS=. read j n x; echo $n'`
+ CFLAGS="-DSOLARIS2=$solrev $CFLAGS"
+ CXXFLAGS="-DSOLARIS2=$solrev $CXXFLAGS"
+ fi
+
fi
AC_MSG_NOTICE([IPF-based transparent proxying enabled: $enable_ipf_transparent])
SQUID_DEFINE_BOOL(IPF_TRANSPARENT,$enable_ipf_transparent,
[Enable support for IPF-style transparent proxying])
-if test "x$enable_ipf_transparent" = "xyes" -a "x$squid_host_os" = "xsolaris" ; then
-dnl On Solaris Ipfilter includes expect that SOLARIS2 is defined with the
-dnl Solaris minor version (8, 9, 10, ...)
- solrev=`uname -r | sh -c 'IFS=. read j n x; echo $n'`
- CFLAGS="-DSOLARIS2=$solrev $CFLAGS"
- CXXFLAGS="-DSOLARIS2=$solrev $CXXFLAGS"
-fi
-
dnl PF /dev/pf support requires a header file.
if test "x$with_nat_devpf" != "xno" ; then
if test "x$ac_cv_header_net_pfvar_h" = "xyes" -o \
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
+
+// Enable hack to workaround Solaris 10 IPFilter breakage
+#define BUILDING_SQUID_IP_INTERCEPT_CC 1
+
#include "squid.h"
#include "comm/Connection.h"
#include "ip/Intercept.h"
#if IPF_TRANSPARENT
+#if !defined(IPFILTER_VERSION)
+#define IPFILTER_VERSION 5000004
+#endif
+
+#if HAVE_SYS_IOCCOM_H
+#include <sys/ioccom.h>
+#endif
#if HAVE_SYS_IOCTL_H
#include <sys/ioctl.h>
#endif
+#if HAVE_NETINET_IP6_H
+#include <netinet/ip6.h>
+#endif
#if HAVE_NETINET_TCP_H
#include <netinet/tcp.h>
#endif
#elif HAVE_NETINET_IPL_H
#include <netinet/ipl.h>
#endif
+#if USE_SOLARIS_IPFILTER_MINOR_T_HACK
+#undef minor_t
+#endif
#if HAVE_IP_FIL_COMPAT_H
#include <ip_fil_compat.h>
#elif HAVE_NETINET_IP_FIL_COMPAT_H
projects / thirdparty / squid.git / commitdiff
