configure.ac revision 1.1.1.4.2.3
1dnl -*- mode: m4 -*- 2dnl Id: configure.ac,v 1.47.2.31 2005/11/21 11:11:41 manubsd Exp 3 4AC_PREREQ(2.52) 5AC_INIT(ipsec-tools, 0.6.3) 6AC_CONFIG_SRCDIR([configure.ac]) 7AM_CONFIG_HEADER(config.h) 8 9AM_INIT_AUTOMAKE(dist-bzip2) 10 11AC_ENABLE_SHARED(no) 12 13AC_PROG_CC 14AM_PROG_CC_STDC 15AC_HEADER_STDC 16AC_PROG_LIBTOOL 17AC_PROG_YACC 18AM_PROG_LEX 19AC_SUBST(LEXLIB) 20AC_PROG_EGREP 21 22CFLAGS_ADD="$CFLAGS_ADD -Wall -Werror -Wno-unused" 23 24case $host in 25*netbsd*) 26 LDFLAGS="-Wl,-R/usr/pkg/lib $LDFLAGS" 27 ;; 28*linux*) 29 LIBS="$LIBS -lresolv" 30 INSTALL_OPTS="-o bin -g bin" 31 INCLUDE_GLIBC="include-glibc" 32 RPM="rpm" 33 AC_SUBST(INSTALL_OPTS) 34 AC_SUBST(INCLUDE_GLIBC) 35 AC_SUBST(RPM) 36 ;; 37esac 38 39# Look up some IPsec-related headers 40AC_CHECK_HEADER(net/pfkeyv2.h, [have_net_pfkey=yes], [have_net_pfkey=no]) 41AC_CHECK_HEADER(netinet/ipsec.h, [have_netinet_ipsec=yes], [have_netinet_ipsec=no]) 42AC_CHECK_HEADER(netinet6/ipsec.h, [have_netinet6_ipsec=yes], [have_netinet6_ipsec=no]) 43 44# NetBSD has <netinet6/ipsec.h> but not <netinet/ipsec.h> 45if test "$have_netinet_ipsec$have_netinet6_ipsec" = noyes; then 46 have_netinet_ipsec=yes 47 AC_DEFINE(HAVE_NETINET6_IPSEC, [], [Use <netinet6/ipsec.h>]) 48fi 49 50case "$host_os" in 51 *linux*) 52 AC_ARG_WITH(kernel-headers, 53 AC_HELP_STRING([--with-kernel-headers=/lib/modules/<uname>/build/include], 54 [where your Linux Kernel headers are installed]), 55 [ KERNEL_INCLUDE="$with_kernel_headers" 56 CONFIGURE_AMFLAGS="--with-kernel-headers=$with_kernel_headers" 57 AC_SUBST(CONFIGURE_AMFLAGS) ], 58 [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ]) 59 60 AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, , 61 [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, 62 KERNEL_INCLUDE=/usr/src/linux/include , 63 [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) 64 AC_SUBST(KERNEL_INCLUDE) 65 # We need the configure script to run with correct kernel headers. 66 # However we don't want to point to kernel source tree in compile time, 67 # i.e. this will be removed from CPPFLAGS at the end of configure. 68 CPPFLAGS="-I$KERNEL_INCLUDE $CPPFLAGS" 69 70 AC_CHECK_MEMBER(struct sadb_x_policy.sadb_x_policy_priority, 71 [AC_DEFINE(HAVE_PFKEY_POLICY_PRIORITY, [], 72 [Are PF_KEY policy priorities supported?])], [], 73 [#include "$KERNEL_INCLUDE/linux/pfkeyv2.h"]) 74 75 GLIBC_BUGS='-include ${top_srcdir}/src/include-glibc/glibc-bugs.h -I${top_srcdir}/src/include-glibc -I${top_builddir}/src/include-glibc' 76 GLIBC_BUGS_LOCAL="-include ${srcdir-.}/src/include-glibc/glibc-bugs.h -I${srcdir-.}/src/include-glibc -I./src/include-glibc" 77 CPPFLAGS="$GLIBC_BUGS_LOCAL $CPPFLAGS" 78 CPPFLAGS="-D_GNU_SOURCE $CPPFLAGS" 79 AC_SUBST(GLIBC_BUGS) 80 ;; 81 *) 82 if test "$have_net_pfkey$have_netinet_ipsec" != yesyes; then 83 if test "$have_net_pfkey" = yes; then 84 AC_MSG_ERROR([Found net/pfkeyv2.h but not netinet/ipsec.h. Aborting.]) 85 else 86 AC_MSG_ERROR([Found netinet/ipsec.h but not net/pfkeyv2.h. Aborting.]) 87 fi 88 fi 89 ;; 90esac 91 92### Some basic toolchain checks 93 94# Checks for header files. 95AC_HEADER_STDC 96AC_HEADER_SYS_WAIT 97AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h) 98AC_CHECK_HEADERS(shadow.h) 99 100# Checks for typedefs, structures, and compiler characteristics. 101AC_C_CONST 102AC_TYPE_PID_T 103AC_TYPE_SIZE_T 104AC_HEADER_TIME 105AC_STRUCT_TM 106 107# Checks for library functions. 108AC_FUNC_MEMCMP 109AC_TYPE_SIGNAL 110AC_FUNC_VPRINTF 111AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul strlcpy strlcat) 112AC_REPLACE_FUNCS(strdup) 113RACOON_CHECK_VA_COPY 114 115# Check if printf accepts "%z" type modifier for size_t argument 116AC_MSG_CHECKING(if printf accepts %z) 117saved_CFLAGS=$CFLAGS 118CFLAGS="$CFLAGS -Wall -Werror" 119AC_TRY_COMPILE([ 120#include <stdio.h> 121], [ 122printf("%zu\n", (size_t)-1); 123], 124 [AC_MSG_RESULT(yes)], 125 [AC_MSG_RESULT(no); CFLAGS_ADD="$CFLAGS_ADD -Wno-format"]) 126CFLAGS=$saved_CFLAGS 127 128# Can we use __func__ macro? 129AC_MSG_CHECKING(if __func__ is available) 130AC_TRY_COMPILE( 131[#include <stdio.h> 132], [char *x = __func__;], 133 [AC_DEFINE([HAVE_FUNC_MACRO], [], [Have __func__ macro]) 134 AC_MSG_RESULT(yes)], 135 [AC_MSG_RESULT(no)]) 136 137# Check if readline support is requested 138AC_MSG_CHECKING(if readline support is requested) 139AC_ARG_WITH(readline, 140 [ --with-readline support readline input (yes by default)], 141 [with_readline="$withval"], [with_readline="yes"]) 142AC_MSG_RESULT($with_readline) 143 144# Is readline available? 145if test $with_readline != "no"; then 146 AC_CHECK_HEADER([readline/readline.h], 147 [AC_CHECK_LIB(readline, readline, [ 148 AC_DEFINE(HAVE_READLINE, [], 149 [Is readline available?]) 150 LIBS="$LIBS -lreadline" 151 ], [])], []) 152fi 153 154 155AC_MSG_CHECKING(if --with-flex option is specified) 156AC_ARG_WITH(flexdir, 157 [AC_HELP_STRING([--with-flex], [use directiory (default: no)])], 158 [flexdir="$withval"]) 159AC_MSG_RESULT(${flexdir-dirdefault}) 160 161if test "x$flexdir" != "x"; then 162 LIBS="$LIBS $flexdir/libfl.a" 163fi 164 165AC_MSG_CHECKING(if --with-flexlib option is specified) 166AC_ARG_WITH(flexlib, 167 [ --with-flexlib=<LIB> specify flex library.], 168 [flexlib="$withval"]) 169AC_MSG_RESULT(${flexlib-default}) 170 171if test "x$flexlib" != "x"; then 172 LIBS="$LIBS $flexlib" 173fi 174 175# Check if a different OpenSSL directory was specified 176AC_MSG_CHECKING(if --with-openssl option is specified) 177AC_ARG_WITH(openssl, [ --with-openssl=DIR specify OpenSSL directory], 178 [crypto_dir=$withval]) 179AC_MSG_RESULT(${crypto_dir-default}) 180 181if test "x$crypto_dir" != "x"; then 182 LIBS="$LIBS -L${crypto_dir}/lib" 183 CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" 184fi 185AC_MSG_CHECKING(openssl version) 186 187AC_TRY_COMPILE( 188[#include <openssl/opensslv.h> 189], 190[#if OPENSSL_VERSION_NUMBER < 0x0090602fL 191#error OpenSSL version is too old ... 192#endif], 193[AC_MSG_RESULT([ok])], 194[AC_MSG_RESULT(too old) 195AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.]) 196]) 197 198AC_CHECK_HEADERS(openssl/engine.h) 199 200# checking rijndael 201AC_CHECK_HEADERS([openssl/aes.h], [], 202 [CRYPTOBJS="$CRYPTOBJS rijndael-api-fst.o rijndael-alg-fst.o"]) 203 204# checking sha2 205AC_MSG_CHECKING(sha2 support) 206AC_DEFINE([WITH_SHA2], [], [SHA2 support]) 207AC_MSG_RESULT(yes) 208AC_CHECK_HEADER(openssl/sha2.h, [], [ 209 AC_MSG_CHECKING(if sha2 is defined in openssl/sha.h) 210 AC_TRY_COMPILE([ 211 #include <openssl/sha.h> 212 ], [ 213 SHA256_CTX ctx; 214 ], [ 215 AC_MSG_RESULT(yes) 216 AC_DEFINE([HAVE_SHA2_IN_SHA_H], [], [sha2 is defined in sha.h]) 217 ], [AC_MSG_RESULT(no) 218 AC_LIBOBJ([sha2]) 219 CRYPTOBJS="$CRYPTOBJS sha2.o" 220 ]) 221 222 CPPFLAGS_ADD="$CPPFLAGS_ADD -I./\${top_srcdir}/src/racoon/missing" 223]) 224AC_SUBST(CRYPTOBJS) 225 226# Option --enable-adminport 227AC_MSG_CHECKING(if --enable-adminport option is specified) 228AC_ARG_ENABLE(adminport, 229 [ --enable-adminport enable admin port], 230 [], [enable_adminport=no]) 231if test $enable_adminport = "yes"; then 232 AC_DEFINE([ENABLE_ADMINPORT], [], [Enable admin port]) 233fi 234AC_MSG_RESULT($enable_adminport) 235 236# Option RC5 237AC_MSG_CHECKING(if --enable-rc5 option is specified) 238AC_ARG_ENABLE(rc5, 239 [ --enable-rc5 enable RC5 encryption (patented)], 240 [], [enable_rc5=no]) 241AC_MSG_RESULT($enable_rc5) 242 243if test $enable_rc5 = "yes"; then 244 AC_CHECK_HEADERS([openssl/rc5.h]) 245 AC_CHECK_LIB([crypto_rc5], [RC5_32_encrypt], 246 [EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_rc5"]) 247fi 248 249# Option IDEA 250AC_MSG_CHECKING(if --enable-idea option is specified) 251AC_ARG_ENABLE(idea, 252 [ --enable-idea enable IDEA encryption (patented)], 253 [], [enable_idea=no]) 254AC_MSG_RESULT($enable_idea) 255 256if test $enable_idea = "yes"; then 257 AC_CHECK_HEADERS([openssl/idea.h]) 258 AC_CHECK_LIB([crypto_idea], [idea_encrypt], 259 [EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_idea"]) 260fi 261AC_SUBST(EXTRA_CRYPTO) 262 263# For dynamic libradius 264RACOON_PATH_LIBS([MD5_Init], [crypto]) 265 266# Check for Kerberos5 support 267AC_MSG_CHECKING(if --enable-gssapi option is specified) 268AC_ARG_ENABLE(gssapi, 269 [ --enable-gssapi enable GSS-API authentication], 270 [], [enable_gssapi=no]) 271AC_MSG_RESULT($enable_gssapi) 272AC_PATH_PROG(KRB5_CONFIG,krb5-config,no) 273if test "x$enable_gssapi" = "xyes"; then 274 if test "$KRB5_CONFIG" != "no"; then 275 krb5_incdir="`$KRB5_CONFIG --cflags gssapi`" 276 krb5_libs="`$KRB5_CONFIG --libs gssapi`" 277 else 278 # No krb5-config; let's make some assumptions based on 279 # the OS. 280 case $host_os in 281 netbsd*) 282 krb5_incdir="-I/usr/include/krb5" 283 krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1" 284 ;; 285 *) 286 AC_MSG_ERROR([krb5-config not found, but needed for GSSAPI support. Aborting.]) 287 ;; 288 esac 289 fi 290 LIBS="$LIBS $krb5_libs" 291 CPPFLAGS_ADD="$krb5_incdir $CPPFLAGS_ADD" 292 AC_DEFINE([HAVE_GSSAPI], [], [Enable GSS API]) 293 294 # Check if iconv 2nd argument needs const 295 AC_CHECK_HEADER([iconv.h], [], [AC_MSG_ERROR([iconv.h not found, but needed for GSSAPI support. Aborting.])]) 296 AC_MSG_CHECKING([if iconv second argument needs const]) 297 saved_CFLAGS=$CFLAGS 298 CFLAGS="$CFLAGS -Wall -Werror" 299 AC_TRY_COMPILE([ 300 #include <iconv.h> 301 #include <stdio.h> 302 ], [ 303 iconv_t cd = NULL; 304 const char **src = NULL; 305 size_t *srcleft = NULL; 306 char **dst = NULL; 307 size_t *dstleft = NULL; 308 309 (void)iconv(cd, src, srcleft, dst, dstleft); 310 ], [AC_MSG_RESULT(yes) 311 AC_DEFINE([HAVE_ICONV_2ND_CONST], [], [Have iconv using const]) 312 ], [AC_MSG_RESULT(no)]) 313 CFLAGS=$saved_CFLAGS 314fi 315 316AC_MSG_CHECKING([if --enable-hybrid option is specified]) 317AC_ARG_ENABLE(hybrid, 318 [ --enable-hybrid enable hybrid, both mode-cfg and xauth support], 319 [], [enable_hybrid=no]) 320AC_MSG_RESULT($enable_hybrid) 321 322if test "x$enable_hybrid" = "xyes"; then 323 LIBS="$LIBS -lcrypt"; 324 HYBRID_OBJS="isakmp_xauth.o isakmp_cfg.o isakmp_unity.o throttle.o" 325 AC_SUBST(HYBRID_OBJS) 326 AC_DEFINE([ENABLE_HYBRID], [], [Hybrid authentication support]) 327fi 328 329AC_MSG_CHECKING([if --enable-frag option is specified]) 330AC_ARG_ENABLE(frag, 331 [ --enable-frag enable IKE fragmentation payload support], 332 [], [enable_frag=no]) 333AC_MSG_RESULT($enable_frag) 334 335if test "x$enable_frag" = "xyes"; then 336 LIBS="$LIBS -lcrypt"; 337 FRAG_OBJS="isakmp_frag.o" 338 AC_SUBST(FRAG_OBJS) 339 AC_DEFINE([ENABLE_FRAG], [], [IKE fragmentation support]) 340fi 341 342AC_MSG_CHECKING(if --with-libradius option is specified) 343AC_ARG_WITH(libradius, 344 [ --with-libradius=DIR specify libradius path (like/usr/pkg)], 345 [libradius_dir=$withval], 346 [libradius_dir=no]) 347AC_MSG_RESULT($libradius_dir) 348if test "$libradius_dir" != "no"; then 349 if test "$libradius_dir" = "yes" ; then 350 libradius_dir=""; 351 fi; 352 if test "x$libradius_dir" = "x"; then 353 RACOON_PATH_LIBS([rad_create_request], [radius]) 354 else 355 if test -d "$libradius_dir/lib" -a \ 356 -d "$libradius_dir/include" ; then 357 RACOON_PATH_LIBS([rad_create_request], [radius], ["$libradius_dir/lib"]) 358 CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include" 359 else 360 AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.]) 361 fi 362 fi 363 AC_DEFINE([HAVE_LIBRADIUS], [], [Hybrid authentication uses RADIUS]) 364 LIBS="$LIBS -L$libradius_dir/lib -R$libradius_dir/lib -lradius" 365 AC_CHECK_FUNCS(rad_create_request) 366fi 367 368AC_MSG_CHECKING(if --with-libpam option is specified) 369AC_ARG_WITH(libpam, 370 [ --with-libpam=DIR specify libpam path (like/usr/pkg)], 371 [libpam_dir=$withval], 372 [libpam_dir=no]) 373AC_MSG_RESULT($libpam_dir) 374if test "$libpam_dir" != "no"; then 375 if test "$libpam_dir" = "yes" ; then 376 libpam_dir=""; 377 fi; 378 if test "x$libpam_dir" = "x"; then 379 RACOON_PATH_LIBS([pam_start], [pam]) 380 else 381 if test -d "$libpam_dir/lib" -a \ 382 -d "$libpam_dir/include" ; then 383 RACOON_PATH_LIBS([pam_start], [pam], ["$libpam_dir/lib"]) 384 CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include" 385 else 386 AC_MSG_ERROR([PAM libs or includes not found. Aborting.]) 387 fi 388 fi 389 AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM]) 390 LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam" 391 AC_CHECK_FUNCS(pam_start) 392fi 393 394AC_MSG_CHECKING(if --enable-stats option is specified) 395AC_ARG_ENABLE(stats, 396 [ --enable-stats enable statistics logging function], 397 [], [enable_stats=no]) 398if test "x$enable_stats" = "xyes"; then 399 AC_DEFINE([ENABLE_STATS], [], [Enable statictics]) 400fi 401AC_MSG_RESULT($enable_stats) 402 403AC_MSG_CHECKING(if --enable-dpd option is specified) 404AC_ARG_ENABLE(dpd, 405 [ --enable-dpd enable dead peer detection], 406 [], [enable_dpd=no]) 407if test "x$enable_dpd" = "xyes"; then 408 AC_DEFINE([ENABLE_DPD], [], [Enable dead peer detection]) 409fi 410AC_MSG_RESULT($enable_dpd) 411 412 413AC_MSG_CHECKING(if --enable-samode-unspec option is specified) 414AC_ARG_ENABLE(samode-unspec, 415 [ --enable-samode-unspec enable to use unspecified a mode of SA], 416 [], [enable_samode_unspec=no]) 417if test "x$enable_samode_unspec" = "xyes"; then 418 case $host_os in 419 *linux*) 420 cat << EOC 421 422ERROR: --enable-samode-unspec is not supported under linux 423because linux kernel do not support it. This option is disabled 424to prevent mysterious problems. 425 426If you REALLY know what your are doing, remove this check. 427EOC 428 exit 1; 429 ;; 430 esac 431 AC_DEFINE([ENABLE_SAMODE_UNSPECIFIED], [], [Enable samode-unspec]) 432fi 433AC_MSG_RESULT($enable_samode_unspec) 434 435# Checks if IPv6 is requested 436AC_MSG_CHECKING([whether to enable ipv6]) 437AC_ARG_ENABLE(ipv6, 438[ --disable-ipv6 disable ipv6 support], 439[ case "$enableval" in 440 no) 441 AC_MSG_RESULT(no) 442 ipv6=no 443 ;; 444 *) AC_MSG_RESULT(yes) 445 ipv6=yes 446 ;; 447 esac ], 448 449 AC_TRY_RUN([ /* AF_INET6 avalable check */ 450#include <sys/types.h> 451#include <sys/socket.h> 452main() 453{ 454 exit(0); 455 if (socket(AF_INET6, SOCK_STREAM, 0) < 0) 456 exit(1); 457 else 458 exit(0); 459} 460], 461 AC_MSG_RESULT(yes) 462 AC_DEFINE([INET6], [], [Support IPv6]) 463 ipv6=yes, 464 AC_MSG_RESULT(no) 465 ipv6=no, 466 AC_MSG_RESULT(no) 467 ipv6=no 468)) 469 470if test "$ipv6" = "yes"; then 471 AC_DEFINE([INET6], [], [Support IPv6]) 472 AC_MSG_CHECKING(for advanced API support) 473 AC_TRY_COMPILE([#ifndef INET6 474#define INET6 475#endif 476#include <sys/types.h> 477#include <netinet/in.h>], 478 [struct in6_pktinfo a;], 479 [AC_MSG_RESULT(yes) 480 AC_DEFINE([INET6_ADVAPI], [], [Use advanced IPv6 API])], 481 [AC_MSG_RESULT(no)]) 482fi 483 484RACOON_CHECK_BUGGY_GETADDRINFO 485if test "$buggygetaddrinfo" = "yes"; then 486 AC_MSG_ERROR([Broken getaddrinfo() is no longer supported. Aborting.]) 487fi 488 489# Check if kernel support is available for NAT-T, defaults to no. 490kernel_natt="no" 491 492AC_MSG_CHECKING(kernel NAT-Traversal support) 493case $host_os in 494linux*) 495# Linux kernel NAT-T check 496AC_EGREP_CPP(yes, 497[#include <linux/pfkeyv2.h> 498#ifdef SADB_X_EXT_NAT_T_TYPE 499yes 500#endif 501], [kernel_natt="yes"]) 502 ;; 503freebsd*|netbsd*) 504# NetBSD case 505# Same check for FreeBSD 506AC_CHECK_MEMBER(struct sadb_x_nat_t_type.sadb_x_nat_t_type_len, 507 [kernel_natt="yes"],, [ 508#define _KERNEL 509#include <sys/types.h> 510#include <net/pfkeyv2.h> 511]) 512 ;; 513esac 514AC_MSG_RESULT($kernel_natt) 515 516AC_MSG_CHECKING(whether to support NAT-T) 517AC_ARG_ENABLE(natt, 518 [ --enable-natt enable NAT-Traversal (yes/no/kernel)], 519 [ if test "$enable_natt" = "kernel"; then enable_natt=$kernel_natt; fi ], 520 [ enable_natt=no ]) 521AC_MSG_RESULT($enable_natt) 522 523if test "$enable_natt" = "yes"; then 524 if test "$kernel_natt" = "no" ; then 525 AC_MSG_ERROR([NAT-T requested, but no kernel support! Aborting.]) 526 else 527 AC_DEFINE([ENABLE_NATT], [], [Enable NAT-Traversal]) 528 NATT_OBJS="nattraversal.o" 529 AC_SUBST(NATT_OBJS) 530 fi 531fi 532 533# Set up defines for supported NAT-T versions. 534natt_versions_default="00,02,rfc" 535AC_MSG_CHECKING(which NAT-T versions to support) 536AC_ARG_ENABLE(natt_versions, 537 [ --enable-natt-versions=list list of supported NAT-T versions delimited by coma.], 538 [ test "$enable_natt_versions" = "yes" && enable_natt_versions=$natt_versions_default ], 539 [ enable_natt_versions=$natt_versions_default ]) 540if test "$enable_natt" = "yes"; then 541 AC_MSG_RESULT($enable_natt_versions) 542 for i in `echo $enable_natt_versions | tr ',cfr' ' CFR'`; do 543 case $i in 544 0|00) AC_DEFINE([ENABLE_NATT_00], [], [Enable NAT-Traversal draft 00]) ;; 545 1|01) AC_DEFINE([ENABLE_NATT_01], [], [Enable NAT-Traversal draft 01]) ;; 546 2|02) AC_DEFINE([ENABLE_NATT_02], [], [Enable NAT-Traversal draft 02]) ;; 547 3|03) AC_DEFINE([ENABLE_NATT_03], [], [Enable NAT-Traversal draft 03]) ;; 548 4|04) AC_DEFINE([ENABLE_NATT_04], [], [Enable NAT-Traversal draft 04]) ;; 549 5|05) AC_DEFINE([ENABLE_NATT_05], [], [Enable NAT-Traversal draft 05]) ;; 550 6|06) AC_DEFINE([ENABLE_NATT_06], [], [Enable NAT-Traversal draft 06]) ;; 551 7|07) AC_DEFINE([ENABLE_NATT_07], [], [Enable NAT-Traversal draft 07]) ;; 552 8|08) AC_DEFINE([ENABLE_NATT_08], [], [Enable NAT-Traversal draft 08]) ;; 553 RFC) AC_DEFINE([ENABLE_NATT_RFC], [], [Enable NAT-Traversal RFC version]) ;; 554 *) AC_MSG_ERROR([Unknown NAT-T version. Aborting.]) ;; 555 esac 556 done 557 unset i 558else 559 AC_MSG_RESULT([none]) 560fi 561 562AC_MSG_CHECKING(whether we support FWD policy) 563case $host in 564 *linux*) 565 AC_TRY_COMPILE([ 566 #include <inttypes.h> 567 #include <linux/ipsec.h> 568 ], [ 569 int fwd = IPSEC_DIR_FWD; 570 ], 571 [AC_MSG_RESULT(yes) 572 AC_DEFINE([HAVE_POLICY_FWD], [], [Have forward policy])], 573 [AC_MSG_RESULT(no)]) 574 ;; 575 *) 576 AC_MSG_RESULT(no) 577 ;; 578esac 579 580AC_CHECK_TYPE([ipsec_policy_t], 581 [AC_DEFINE([HAVE_IPSEC_POLICY_T], [], [Have ipsec_policy_t])], 582 [], 583 [ 584 #include <sys/types.h> 585 #include <netinet6/ipsec.h> 586 ]) 587 588CFLAGS="$CFLAGS $CFLAGS_ADD" 589CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 590 591case $host in 592 *linux*) 593 # Remove KERNEL_INCLUDE from CPPFLAGS. It will 594 # be symlinked to src/include-glibc/linux in 595 # compile time. 596 CPPFLAGS=`echo $CPPFLAGS | sed "s,-I$KERNEL_INCLUDE,,"` 597 ;; 598esac 599 600include_racoondir=${includedir}/racoon 601AC_SUBST(include_racoondir) 602 603AC_CONFIG_FILES([ 604 Makefile 605 package_version.h 606 src/Makefile 607 src/include-glibc/Makefile 608 src/libipsec/Makefile 609 src/setkey/Makefile 610 src/racoon/Makefile 611 src/racoon/samples/psk.txt 612 src/racoon/samples/racoon.conf 613 rpm/Makefile 614 rpm/suse/Makefile 615 rpm/suse/ipsec-tools.spec 616 ]) 617AC_OUTPUT 618