configure.ac revision 1.1.1.1
1dnl -*- mode: m4 -*- 2dnl $Id: configure.ac,v 1.1.1.1 2005/02/12 11:11:16 manu Exp $ 3 4AC_PREREQ(2.52) 5AC_INIT(ipsec-tools, 0.5pre) 6AC_CONFIG_SRCDIR([configure.ac]) 7AM_CONFIG_HEADER(config.h) 8 9AM_INIT_AUTOMAKE(dist-bzip2) 10 11AC_ENABLE_SHARED(no) 12 13AC_PROG_CC 14AM_PROG_CC_STDC 15AC_HEADER_STDC 16AC_PROG_LIBTOOL 17AC_PROG_YACC 18AM_PROG_LEX 19AC_SUBST(LEXLIB) 20AC_PROG_EGREP 21 22CFLAGS_ADD="$CFLAGS_ADD -Wall -Werror -Wno-unused" 23 24case $host in 25*netbsd*) 26 LDFLAGS="-Wl,-R/usr/pkg/lib $LDFLAGS" 27 ;; 28*linux*) 29 LIBS="$LIBS -lresolv" 30 INSTALL_OPTS="-o bin -g bin" 31 INCLUDE_GLIBC="include-glibc" 32 RPM="rpm" 33 AC_SUBST(INSTALL_OPTS) 34 AC_SUBST(INCLUDE_GLIBC) 35 AC_SUBST(RPM) 36 ;; 37esac 38 39# Look up some IPsec-related headers 40AC_CHECK_HEADER(net/pfkeyv2.h, [have_net_pfkey=yes], [have_net_pfkey=no]) 41AC_CHECK_HEADER(netinet/ipsec.h, [have_netinet_ipsec=yes], [have_netinet_ipsec=no]) 42AC_CHECK_HEADER(netinet6/ipsec.h, [have_netinet6_ipsec=yes], [have_netinet6_ipsec=no]) 43 44# NetBSD has <netinet6/ipsec.h> but not <netinet/ipsec.h> 45if test "$have_netinet_ipsec$have_netinet6_ipsec" = noyes; then 46 have_netinet_ipsec=yes 47 AC_DEFINE(HAVE_NETINET6_IPSEC, [], [Use <netinet6/ipsec.h>]) 48fi 49 50case "$host_os" in 51 *linux*) 52 AC_ARG_WITH(kernel-headers, 53 AC_HELP_STRING([--with-kernel-headers=/lib/modules/<uname>/build/include], 54 [where your Linux Kernel headers are installed]), 55 [ KERNEL_INCLUDE="$with_kernel_headers" 56 CONFIGURE_AMFLAGS="--with-kernel-headers=$with_kernel_headers" 57 AC_SUBST(CONFIGURE_AMFLAGS) ], 58 [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ]) 59 60 AC_CHECK_FILE($KERNEL_INCLUDE/linux/pfkeyv2.h, , 61 [ AC_CHECK_FILE(/usr/src/linux/include/linux/pfkeyv2.h, 62 KERNEL_INCLUDE=/usr/src/linux/include , 63 [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) 64 AC_SUBST(KERNEL_INCLUDE) 65 # We need the configure script to run with correct kernel headers. 66 # However we don't want to point to kernel source tree in compile time, 67 # i.e. this will be removed from CPPFLAGS at the end of configure. 68 CPPFLAGS="-I$KERNEL_INCLUDE $CPPFLAGS" 69 70 AC_CHECK_MEMBER(struct sadb_x_policy.sadb_x_policy_priority, 71 [AC_DEFINE(HAVE_PFKEY_POLICY_PRIORITY, [], 72 [Are PF_KEY policy priorities supported?])], [], 73 [#include "$KERNEL_INCLUDE/linux/pfkeyv2.h"]) 74 75 GLIBC_BUGS='-include ${top_srcdir}/src/include-glibc/glibc-bugs.h -I${top_srcdir}/src/include-glibc -I${top_builddir}/src/include-glibc' 76 AC_SUBST(GLIBC_BUGS) 77 GLIBC_BUGS_LOCAL="-include ${srcdir-.}/src/include-glibc/glibc-bugs.h -I${srcdir-.}/src/include-glibc -I./src/include-glibc" 78 CPPFLAGS="$GLIBC_BUGS_LOCAL $CPPFLAGS" 79 ;; 80 *) 81 if test "$have_net_pfkey$have_netinet_ipsec" != yesyes; then 82 if test "$have_net_pfkey" = yes; then 83 AC_MSG_ERROR([Found net/pfkeyv2.h but not netinet/ipsec.h. Aborting.]) 84 else 85 AC_MSG_ERROR([Found netinet/ipsec.h but not net/pfkeyv2.h. Aborting.]) 86 fi 87 fi 88 ;; 89esac 90 91### Some basic toolchain checks 92 93# Checks for header files. 94AC_HEADER_STDC 95AC_HEADER_SYS_WAIT 96AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h) 97 98# Checks for typedefs, structures, and compiler characteristics. 99AC_C_CONST 100AC_TYPE_PID_T 101AC_TYPE_SIZE_T 102AC_HEADER_TIME 103AC_STRUCT_TM 104 105# Checks for library functions. 106AC_FUNC_MEMCMP 107AC_TYPE_SIGNAL 108AC_FUNC_VPRINTF 109AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul strlcpy) 110AC_REPLACE_FUNCS(strdup) 111RACOON_CHECK_VA_COPY 112 113# Check if printf accepts "%z" type modifier for size_t argument 114AC_MSG_CHECKING(if printf accepts %z) 115saved_CFLAGS=$CFLAGS 116CFLAGS="$CFLAGS -Wall -Werror" 117AC_TRY_COMPILE([ 118#include <stdio.h> 119], [ 120printf("%zu\n", (size_t)-1); 121], 122 [AC_MSG_RESULT(yes)], 123 [AC_MSG_RESULT(no); CFLAGS_ADD="$CFLAGS_ADD -Wno-format"]) 124CFLAGS=$saved_CFLAGS 125 126# Can we use __func__ macro? 127AC_MSG_CHECKING(if __func__ is available) 128AC_TRY_COMPILE( 129[#include <stdio.h> 130], [char *x = __func__;], 131 [AC_DEFINE([HAVE_FUNC_MACRO], [], [Have __func__ macro]) 132 AC_MSG_RESULT(yes)], 133 [AC_MSG_RESULT(no)]) 134 135# Check if readline support is requested 136AC_MSG_CHECKING(if readline support is requested) 137AC_ARG_WITH(readline, 138 [ --with-readline support readline input (yes by default)], 139 [with_readline="$withval"], [with_readline="yes"]) 140AC_MSG_RESULT($with_readline) 141 142# Is readline available? 143if test $with_readline != "no"; then 144 AC_CHECK_HEADER([readline/readline.h], 145 [AC_CHECK_LIB(readline, readline, [ 146 AC_DEFINE(HAVE_READLINE, [], 147 [Is readline available?]) 148 LIBS="$LIBS -lreadline" 149 ], [])], []) 150fi 151 152# Check if a different OpenSSL directory was specified 153AC_MSG_CHECKING(if --with-openssl option is specified) 154AC_ARG_WITH(openssl, [ --with-openssl=DIR specify OpenSSL directory], 155 [crypto_dir=$withval]) 156AC_MSG_RESULT(${crypto_dir-default}) 157 158if test "x$crypto_dir" != "x"; then 159 LIBS="$LIBS -L${crypto_dir}/lib" 160 CPPFLAGS_ADD="-I${crypto_dir}/include $CPPFLAGS_ADD" 161fi 162AC_MSG_CHECKING(openssl version) 163AC_EGREP_CPP(yes, [#include <openssl/opensslv.h> 164#if OPENSSL_VERSION_NUMBER >= 0x0090602fL 165yes 166#endif], [AC_MSG_RESULT(ok)], [AC_MSG_RESULT(too old) 167 AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.]) 168 ]) 169AC_CHECK_HEADERS(openssl/engine.h) 170 171# checking rijndael 172AC_CHECK_HEADERS([openssl/aes.h], [], 173 [CRYPTOBJS="$CRYPTOBJS rijndael-api-fst.o rijndael-alg-fst.o"]) 174 175# checking sha2 176AC_MSG_CHECKING(sha2 support) 177AC_DEFINE([WITH_SHA2], [], [SHA2 support]) 178AC_CHECK_HEADER(openssl/sha2.h, [], [ 179 CPPFLAGS_ADD="$CPPFLAGS_ADD -I./\${top_srcdir}/src/racoon/missing" 180 AC_LIBOBJ([sha2]) 181 CRYPTOBJS="$CRYPTOBJS sha2.o"]) 182AC_SUBST(CRYPTOBJS) 183 184# Option --enable-adminport 185AC_MSG_CHECKING(if --enable-adminport option is specified) 186AC_ARG_ENABLE(adminport, 187 [ --enable-adminport enable admin port], 188 [], [enable_adminport=no]) 189if test $enable_adminport = "yes"; then 190 AC_DEFINE([ENABLE_ADMINPORT], [], [Enable admin port]) 191fi 192AC_MSG_RESULT($enable_adminport) 193 194# Check for Kerberos5 support 195AC_MSG_CHECKING(if --enable-gssapi option is specified) 196AC_ARG_ENABLE(gssapi, 197 [ --enable-gssapi enable GSS-API authentication], 198 [], [enable_gssapi=no]) 199AC_MSG_RESULT($enable_gssapi) 200AC_PATH_PROG(KRB5_CONFIG,krb5-config,no) 201if test "x$enable_gssapi" = "xyes"; then 202 if test "$KRB5_CONFIG" != "no"; then 203 krb5_incdir="`$KRB5_CONFIG --cflags gssapi`" 204 krb5_libs="`$KRB5_CONFIG --libs gssapi`" 205 else 206 # No krb5-config; let's make some assumptions based on 207 # the OS. 208 case $host_os in 209 netbsd*) 210 krb5_incdir="-I/usr/include/krb5" 211 krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1" 212 ;; 213 *) 214 AC_MSG_ERROR([krb5-config not found, but needed for GSSAPI support. Aborting.]) 215 ;; 216 esac 217 fi 218 LIBS="$LIBS $krb5_libs" 219 CPPFLAGS_ADD="$krb5_incdir $CPPFLAGS_ADD" 220 AC_DEFINE([HAVE_GSSAPI], [], [Enable GSS API]) 221fi 222 223AC_MSG_CHECKING([if --enable-hybrid option is specified]) 224AC_ARG_ENABLE(hybrid, 225 [ --enable-hybrid enable hybrid, both mode-cfg and xauth support], 226 [ 227 LIBS="$LIBS -lcrypt"; 228 enable_hybrid=yes; 229 HYBRID_OBJS="isakmp_xauth.o isakmp_cfg.o isakmp_unity.o throttle.o" 230 AC_SUBST(HYBRID_OBJS) 231 AC_DEFINE([ENABLE_HYBRID], [], [Hybrid authentication support]) 232 ], 233 [enable_hybrid=no]) 234AC_MSG_RESULT($enable_hybrid) 235 236AC_MSG_CHECKING([if --enable-frag option is specified]) 237AC_ARG_ENABLE(frag, 238 [ --enable-frag enable IKE fragmentation payload support], 239 [ 240 LIBS="$LIBS -lcrypt"; 241 enable_frag=yes; 242 FRAG_OBJS="isakmp_frag.o" 243 AC_SUBST(FRAG_OBJS) 244 AC_DEFINE([ENABLE_FRAG], [], [IKE fragmentation support]) 245 ], 246 [enable_frag=no]) 247AC_MSG_RESULT($enable_frag) 248 249AC_MSG_CHECKING(if --with-libradius option is specified) 250AC_ARG_WITH(libradius, 251 [ --with-libradius=DIR specify libradius path (like/usr/pkg)], 252 [libradius_dir=$withval], 253 [libradius_dir=no]) 254AC_MSG_RESULT($libradius_dir) 255if test "$libradius_dir" != "no"; then 256 if test "$libradius_dir" = "yes" ; then 257 libradius_dir=""; 258 fi; 259 if test "x$libradius_dir" = "x"; then 260 RACOON_PATH_LIBS(rad_create_request, lradius) 261 else 262 if test -d "$libradius_dir/lib" -a \ 263 -d "$libradius_dir/include" ; then 264 RACOON_PATH_LIBS(rad_create_request, lradius, "$libradius_dir/lib") 265 CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include" 266 else 267 AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.]) 268 fi 269 fi 270 AC_DEFINE([HAVE_LIBRADIUS], [], [Hybrid authentication uses RADIUS]) 271 LIBS="$LIBS -L$libradius_dir/lib -R$libradius_dir/lib -lradius" 272 AC_CHECK_FUNCS(rad_create_request) 273fi 274 275AC_MSG_CHECKING(if --with-libpam option is specified) 276AC_ARG_WITH(libpam, 277 [ --with-libpam=DIR specify libpam path (like/usr/pkg)], 278 [libpam_dir=$withval], 279 [libpam_dir=no]) 280AC_MSG_RESULT($libpam_dir) 281if test "$libpam_dir" != "no"; then 282 if test "$libpam_dir" = "yes" ; then 283 libpam_dir=""; 284 fi; 285 if test "x$libpam_dir" = "x"; then 286 RACOON_PATH_LIBS(rad_create_request, lpam) 287 else 288 if test -d "$libpam_dir/lib" -a \ 289 -d "$libpam_dir/include" ; then 290 RACOON_PATH_LIBS(rad_create_request, lpam, "$libpam_dir/lib") 291 CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include" 292 else 293 AC_MSG_ERROR([PAM libs or includes not found. Aborting.]) 294 fi 295 fi 296 AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM]) 297 LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam" 298 AC_CHECK_FUNCS(rad_create_request) 299fi 300 301AC_MSG_CHECKING(if --enable-stats option is specified) 302AC_ARG_ENABLE(stats, 303 [ --enable-stats enable statistics logging function], 304 [], [enable_stats=no]) 305if test "x$enable_stats" = "xyes"; then 306 AC_DEFINE([ENABLE_STATS], [], [Enable statictics]) 307fi 308AC_MSG_RESULT($enable_stats) 309 310AC_MSG_CHECKING(if --enable-dpd option is specified) 311AC_ARG_ENABLE(dpd, 312 [ --enable-dpd enable dead peer detection], 313 [], [enable_dpd=no]) 314if test "x$enable_dpd" = "xyes"; then 315 AC_DEFINE([ENABLE_DPD], [], [Enable dead peer detection]) 316fi 317AC_MSG_RESULT($enable_dpd) 318 319 320AC_MSG_CHECKING(if --enable-samode-unspec option is specified) 321AC_ARG_ENABLE(samode-unspec, 322 [ --enable-samode-unspec enable to use unspecified a mode of SA], 323 [], [enable_samode_unspec=no]) 324if test "x$enable_samode_unspec" = "xyes"; then 325 AC_DEFINE([ENABLE_SAMODE_UNSPECIFIED], [], [Enable samode-unspec]) 326fi 327AC_MSG_RESULT($enable_samode_unspec) 328 329# Checks if IPv6 is requested 330AC_MSG_CHECKING([whether to enable ipv6]) 331AC_ARG_ENABLE(ipv6, 332[ --disable-ipv6 disable ipv6 support], 333[ case "$enableval" in 334 no) 335 AC_MSG_RESULT(no) 336 ipv6=no 337 ;; 338 *) AC_MSG_RESULT(yes) 339 ipv6=yes 340 ;; 341 esac ], 342 343 AC_TRY_RUN([ /* AF_INET6 avalable check */ 344#include <sys/types.h> 345#include <sys/socket.h> 346main() 347{ 348 exit(0); 349 if (socket(AF_INET6, SOCK_STREAM, 0) < 0) 350 exit(1); 351 else 352 exit(0); 353} 354], 355 AC_MSG_RESULT(yes) 356 AC_DEFINE([INET6], [], [Support IPv6]) 357 ipv6=yes, 358 AC_MSG_RESULT(no) 359 ipv6=no, 360 AC_MSG_RESULT(no) 361 ipv6=no 362)) 363 364if test "$ipv6" = "yes"; then 365 AC_MSG_CHECKING(for advanced API support) 366 AC_TRY_COMPILE([#ifndef INET6 367#define INET6 368#endif 369#include <sys/types.h> 370#include <netinet/in.h>], 371 [struct in6_pktinfo a;], 372 [AC_MSG_RESULT(yes) 373 AC_DEFINE([INET6_ADVAPI], [], [Use advanced IPv6 API])], 374 [AC_MSG_RESULT(no)]) 375fi 376 377RACOON_CHECK_BUGGY_GETADDRINFO 378if test "$buggygetaddrinfo" = "yes"; then 379 AC_MSG_ERROR([Broken getaddrinfo() is no longer supported. Aborting.]) 380fi 381 382# Check if kernel support is available for NAT-T, defaults to no. 383kernel_natt="no" 384 385AC_MSG_CHECKING(kernel NAT-Traversal support) 386case $host_os in 387linux*) 388# Linux kernel NAT-T check 389AC_EGREP_CPP(yes, 390[#include <linux/pfkeyv2.h> 391#ifdef SADB_X_EXT_NAT_T_TYPE 392yes 393#endif 394], [kernel_natt="yes"]) 395 ;; 396freebsd*|netbsd*) 397# NetBSD case 398# Same check for FreeBSD 399AC_CHECK_MEMBER(struct sadb_x_nat_t_type.sadb_x_nat_t_type_len, 400 [kernel_natt="yes"],, [ 401#define _KERNEL 402#include <sys/types.h> 403#include <net/pfkeyv2.h> 404]) 405 ;; 406esac 407AC_MSG_RESULT($kernel_natt) 408 409AC_MSG_CHECKING(whether to support NAT-T) 410AC_ARG_ENABLE(natt, 411 [ --enable-natt enable NAT-Traversal (yes/no/kernel)], 412 [if test "$enable_natt" = "kernel"; then enable_natt=$kernel_natt; fi], 413 [enable_natt=$kernel_natt]) 414AC_MSG_RESULT($enable_natt) 415 416if test "$enable_natt" = "yes"; then 417 if test "$kernel_natt" = "no" ; then 418 AC_MSG_ERROR([NAT-T requested, but no kernel support! Aborting.]) 419 else 420 AC_DEFINE([ENABLE_NATT], [], [Enable NAT-Traversal]) 421 NATT_OBJS="nattraversal.o" 422 AC_SUBST(NATT_OBJS) 423 fi 424fi 425 426AC_ARG_ENABLE(natt_00, 427 [ --enable-natt_00 enable NAT-Traversal Draft 00 (yes/no)], 428 [], 429 [enable_natt_00=no]) 430 431if test "$enable_natt_00" = "yes"; then 432 AC_DEFINE([ENABLE_NATT_00], [], [Enable NAT-Traversal draft 00]) 433fi 434 435 436AC_ARG_ENABLE(natt_01, 437 [ --enable-natt_01 enable NAT-Traversal Draft 01 (yes/no)], 438 [], 439 [enable_natt_01=no]) 440 441if test "$enable_natt_01" = "yes"; then 442 AC_DEFINE([ENABLE_NATT_01], [], [Enable NAT-Traversal draft 01]) 443fi 444 445 446AC_ARG_ENABLE(natt_02, 447 [ --enable-natt_02 enable NAT-Traversal Draft 02 (yes/no)], 448 [], 449 [enable_natt_02=no]) 450 451if test "$enable_natt_02" = "yes"; then 452 AC_DEFINE([ENABLE_NATT_02], [], [Enable NAT-Traversal draft 02]) 453fi 454 455 456AC_ARG_ENABLE(natt_03, 457 [ --enable-natt_03 enable NAT-Traversal Draft 03 (yes/no)], 458 [], 459 [enable_natt_03=no]) 460 461if test "$enable_natt_03" = "yes"; then 462 AC_DEFINE([ENABLE_NATT_03], [], [Enable NAT-Traversal draft 03]) 463fi 464 465 466AC_ARG_ENABLE(natt_04, 467 [ --enable-natt_04 enable NAT-Traversal Draft 04 (yes/no)], 468 [], 469 [enable_natt_05=no]) 470 471if test "$enable_natt_04" = "yes"; then 472 AC_DEFINE([ENABLE_NATT_04], [], [Enable NAT-Traversal draft 04]) 473fi 474 475 476AC_ARG_ENABLE(natt_05, 477 [ --enable-natt_05 enable NAT-Traversal Draft 05 (yes/no)], 478 [], 479 [enable_natt_05=no]) 480 481if test "$enable_natt_05" = "yes"; then 482 AC_DEFINE([ENABLE_NATT_05], [], [Enable NAT-Traversal draft 05]) 483fi 484 485 486AC_ARG_ENABLE(natt_06, 487 [ --enable-natt_06 enable NAT-Traversal Draft 06 (yes/no)], 488 [], 489 [enable_natt_06=no]) 490 491if test "$enable_natt_06" = "yes"; then 492 AC_DEFINE([ENABLE_NATT_06], [], [Enable NAT-Traversal draft 06]) 493fi 494 495 496AC_ARG_ENABLE(natt_07, 497 [ --enable-natt_07 enable NAT-Traversal Draft 07 (yes/no)], 498 [], 499 [enable_natt_07=no]) 500 501if test "$enable_natt_07" = "yes"; then 502 AC_DEFINE([ENABLE_NATT_07], [], [Enable NAT-Traversal draft 07]) 503fi 504 505 506AC_ARG_ENABLE(natt_08, 507 [ --enable-natt_08 enable NAT-Traversal Draft 08 (yes/no)], 508 [], 509 [enable_natt_08=no]) 510 511if test "$enable_natt_08" = "yes"; then 512 AC_DEFINE([ENABLE_NATT_08], [], [Enable NAT-Traversal draft 08]) 513fi 514 515 516AC_MSG_CHECKING(whether we support FWD policy) 517case $host in 518 *linux*) 519 AC_TRY_COMPILE([ 520 #include <inttypes.h> 521 #include <linux/ipsec.h> 522 ], [ 523 int fwd = IPSEC_DIR_FWD; 524 ], 525 [AC_MSG_RESULT(yes) 526 AC_DEFINE([HAVE_POLICY_FWD], [], [Have forward policy])], 527 [AC_MSG_RESULT(no)]) 528 ;; 529 *) 530 AC_MSG_RESULT(no) 531 ;; 532esac 533 534CFLAGS="$CFLAGS $CFLAGS_ADD" 535CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 536 537case $host in 538 *linux*) 539 # Remove KERNEL_INCLUDE from CPPFLAGS. It will 540 # be symlinked to src/include-glibc/linux in 541 # compile time. 542 CPPFLAGS=`echo $CPPFLAGS | sed "s,-I$KERNEL_INCLUDE,,"` 543 ;; 544esac 545 546include_racoondir=${includedir}/racoon 547AC_SUBST(include_racoondir) 548 549AC_CONFIG_FILES([ 550 Makefile 551 package_version.h 552 src/Makefile 553 src/include-glibc/Makefile 554 src/libipsec/Makefile 555 src/setkey/Makefile 556 src/racoon/Makefile 557 src/racoon/samples/psk.txt 558 src/racoon/samples/racoon.conf 559 rpm/Makefile 560 rpm/suse/Makefile 561 ]) 562AC_OUTPUT 563