configure.ac revision 1.1.1.6
1dnl -*- mode: m4 -*- 2dnl Id: configure.ac,v 1.47.2.24 2005/08/19 22:46:45 manubsd Exp 3 4AC_PREREQ(2.52) 5AC_INIT(ipsec-tools, 0.6.1) 6AC_CONFIG_SRCDIR([configure.ac]) 7AM_CONFIG_HEADER(config.h) 8 9AM_INIT_AUTOMAKE(dist-bzip2) 10 11AC_ENABLE_SHARED(no) 12 13AC_PROG_CC 14AM_PROG_CC_STDC 15AC_HEADER_STDC 16AC_PROG_LIBTOOL 17AC_PROG_YACC 18AM_PROG_LEX 19AC_SUBST(LEXLIB) 20AC_PROG_EGREP 21 22CFLAGS_ADD="$CFLAGS_ADD -Wall -Werror -Wno-unused" 23 24case $host in 25*netbsd*) 26 LDFLAGS="-Wl,-R/usr/pkg/lib $LDFLAGS" 27 ;; 28*linux*) 29 LIBS="$LIBS -lresolv" 30 INSTALL_OPTS="-o bin -g bin" 31 INCLUDE_GLIBC="include-glibc" 32 RPM="rpm" 33 AC_SUBST(INSTALL_OPTS) 34 AC_SUBST(INCLUDE_GLIBC) 35 AC_SUBST(RPM) 36 ;; 37esac 38 39# Look up some IPsec-related headers 40AC_CHECK_HEADER(net/pfkeyv2.h, [have_net_pfkey=yes], [have_net_pfkey=no]) 41AC_CHECK_HEADER(netinet/ipsec.h, [have_netinet_ipsec=yes], [have_netinet_ipsec=no]) 42AC_CHECK_HEADER(netinet6/ipsec.h, [have_netinet6_ipsec=yes], [have_netinet6_ipsec=no]) 43 44# NetBSD has <netinet6/ipsec.h> but not <netinet/ipsec.h> 45if test "$have_netinet_ipsec$have_netinet6_ipsec" = noyes; then 46 have_netinet_ipsec=yes 47 AC_DEFINE(HAVE_NETINET6_IPSEC, [], [Use <netinet6/ipsec.h>]) 48fi 49 50case "$host_os" in 51 *linux*) 52 AC_ARG_WITH(kernel-headers, 53 AC_HELP_STRING([--with-kernel-headers=/lib/modules/<uname>/build/include], 54 [where your Linux Kernel headers are installed]), 55 [ KERNEL_INCLUDE="$with_kernel_headers" 56 CONFIGURE_AMFLAGS="--with-kernel-headers=$with_kernel_headers" 57 AC_SUBST(CONFIGURE_AMFLAGS) ], 58 [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ]) 59 60 AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, , 61 [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, 62 KERNEL_INCLUDE=/usr/src/linux/include , 63 [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) 64 AC_SUBST(KERNEL_INCLUDE) 65 # We need the configure script to run with correct kernel headers. 66 # However we don't want to point to kernel source tree in compile time, 67 # i.e. this will be removed from CPPFLAGS at the end of configure. 68 CPPFLAGS="-I$KERNEL_INCLUDE $CPPFLAGS" 69 70 AC_CHECK_MEMBER(struct sadb_x_policy.sadb_x_policy_priority, 71 [AC_DEFINE(HAVE_PFKEY_POLICY_PRIORITY, [], 72 [Are PF_KEY policy priorities supported?])], [], 73 [#include "$KERNEL_INCLUDE/linux/pfkeyv2.h"]) 74 75 GLIBC_BUGS='-include ${top_srcdir}/src/include-glibc/glibc-bugs.h -I${top_srcdir}/src/include-glibc -I${top_builddir}/src/include-glibc' 76 GLIBC_BUGS_LOCAL="-include ${srcdir-.}/src/include-glibc/glibc-bugs.h -I${srcdir-.}/src/include-glibc -I./src/include-glibc" 77 CPPFLAGS="$GLIBC_BUGS_LOCAL $CPPFLAGS" 78 CPPFLAGS="-D_GNU_SOURCE $CPPFLAGS" 79 AC_SUBST(GLIBC_BUGS) 80 ;; 81 *) 82 if test "$have_net_pfkey$have_netinet_ipsec" != yesyes; then 83 if test "$have_net_pfkey" = yes; then 84 AC_MSG_ERROR([Found net/pfkeyv2.h but not netinet/ipsec.h. Aborting.]) 85 else 86 AC_MSG_ERROR([Found netinet/ipsec.h but not net/pfkeyv2.h. Aborting.]) 87 fi 88 fi 89 ;; 90esac 91 92### Some basic toolchain checks 93 94# Checks for header files. 95AC_HEADER_STDC 96AC_HEADER_SYS_WAIT 97AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h) 98AC_CHECK_HEADERS(shadow.h) 99 100# Checks for typedefs, structures, and compiler characteristics. 101AC_C_CONST 102AC_TYPE_PID_T 103AC_TYPE_SIZE_T 104AC_HEADER_TIME 105AC_STRUCT_TM 106 107# Checks for library functions. 108AC_FUNC_MEMCMP 109AC_TYPE_SIGNAL 110AC_FUNC_VPRINTF 111AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul strlcpy) 112AC_REPLACE_FUNCS(strdup) 113RACOON_CHECK_VA_COPY 114 115# Check if printf accepts "%z" type modifier for size_t argument 116AC_MSG_CHECKING(if printf accepts %z) 117saved_CFLAGS=$CFLAGS 118CFLAGS="$CFLAGS -Wall -Werror" 119AC_TRY_COMPILE([ 120#include <stdio.h> 121], [ 122printf("%zu\n", (size_t)-1); 123], 124 [AC_MSG_RESULT(yes)], 125 [AC_MSG_RESULT(no); CFLAGS_ADD="$CFLAGS_ADD -Wno-format"]) 126CFLAGS=$saved_CFLAGS 127 128# Can we use __func__ macro? 129AC_MSG_CHECKING(if __func__ is available) 130AC_TRY_COMPILE( 131[#include <stdio.h> 132], [char *x = __func__;], 133 [AC_DEFINE([HAVE_FUNC_MACRO], [], [Have __func__ macro]) 134 AC_MSG_RESULT(yes)], 135 [AC_MSG_RESULT(no)]) 136 137# Check if readline support is requested 138AC_MSG_CHECKING(if readline support is requested) 139AC_ARG_WITH(readline, 140 [ --with-readline support readline input (yes by default)], 141 [with_readline="$withval"], [with_readline="yes"]) 142AC_MSG_RESULT($with_readline) 143 144# Is readline available? 145if test $with_readline != "no"; then 146 AC_CHECK_HEADER([readline/readline.h], 147 [AC_CHECK_LIB(readline, readline, [ 148 AC_DEFINE(HAVE_READLINE, [], 149 [Is readline available?]) 150 LIBS="$LIBS -lreadline" 151 ], [])], []) 152fi 153 154 155AC_MSG_CHECKING(if --with-flex option is specified) 156AC_ARG_WITH(flexdir, 157 [AC_HELP_STRING([--with-flex], [use directiory (default: no)])], 158 [flexdir="$withval"]) 159AC_MSG_RESULT(${flexdir-dirdefault}) 160 161if test "x$flexdir" != "x"; then 162 LIBS="$LIBS $flexdir/libfl.a" 163fi 164 165AC_MSG_CHECKING(if --with-flexlib option is specified) 166AC_ARG_WITH(flexlib, 167 [ --with-flexlib=<LIB> specify flex library.], 168 [flexlib="$withval"]) 169AC_MSG_RESULT(${flexlib-default}) 170 171if test "x$flexlib" != "x"; then 172 LIBS="$LIBS $flexlib" 173fi 174 175# Check if a different OpenSSL directory was specified 176AC_MSG_CHECKING(if --with-openssl option is specified) 177AC_ARG_WITH(openssl, [ --with-openssl=DIR specify OpenSSL directory], 178 [crypto_dir=$withval]) 179AC_MSG_RESULT(${crypto_dir-default}) 180 181if test "x$crypto_dir" != "x"; then 182 LIBS="$LIBS -L${crypto_dir}/lib" 183 CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" 184fi 185AC_MSG_CHECKING(openssl version) 186 187AC_TRY_COMPILE( 188[#include <openssl/opensslv.h> 189], 190[#if OPENSSL_VERSION_NUMBER < 0x0090602fL 191#error OpenSSL version is too old ... 192#endif], 193[AC_MSG_RESULT([ok])], 194[AC_MSG_RESULT(too old) 195AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.]) 196]) 197 198AC_CHECK_HEADERS(openssl/engine.h) 199 200# checking rijndael 201AC_CHECK_HEADERS([openssl/aes.h], [], 202 [CRYPTOBJS="$CRYPTOBJS rijndael-api-fst.o rijndael-alg-fst.o"]) 203 204# checking sha2 205AC_MSG_CHECKING(sha2 support) 206AC_DEFINE([WITH_SHA2], [], [SHA2 support]) 207AC_MSG_RESULT(yes) 208AC_CHECK_HEADER(openssl/sha2.h, [], [ 209 AC_MSG_CHECKING(if sha2 is defined in openssl/sha.h) 210 AC_TRY_COMPILE([ 211 #include <openssl/sha.h> 212 ], [ 213 typedef int SHA256_CTX; 214 ], [AC_MSG_RESULT(no) 215 AC_LIBOBJ([sha2]) 216 CRYPTOBJS="$CRYPTOBJS sha2.o" 217 ], [ 218 AC_MSG_RESULT(yes) 219 AC_DEFINE([HAVE_SHA2_IN_SHA_H], [], [sha2 is defined in sha.h]) 220 ]) 221 222 CPPFLAGS_ADD="$CPPFLAGS_ADD -I./\${top_srcdir}/src/racoon/missing" 223]) 224AC_SUBST(CRYPTOBJS) 225 226# Option --enable-adminport 227AC_MSG_CHECKING(if --enable-adminport option is specified) 228AC_ARG_ENABLE(adminport, 229 [ --enable-adminport enable admin port], 230 [], [enable_adminport=no]) 231if test $enable_adminport = "yes"; then 232 AC_DEFINE([ENABLE_ADMINPORT], [], [Enable admin port]) 233fi 234AC_MSG_RESULT($enable_adminport) 235 236# Option RC5 237AC_MSG_CHECKING(if --enable-rc5 option is specified) 238AC_ARG_ENABLE(rc5, 239 [ --enable-rc5 enable RC5 encryption (patented)], 240 [], [enable_rc5=no]) 241AC_MSG_RESULT($enable_rc5) 242 243if test $enable_rc5 = "yes"; then 244 AC_CHECK_HEADERS([openssl/rc5.h]) 245 AC_CHECK_LIB([crypto_rc5], [RC5_32_encrypt], 246 [EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_rc5"]) 247fi 248 249# Option IDEA 250AC_MSG_CHECKING(if --enable-idea option is specified) 251AC_ARG_ENABLE(idea, 252 [ --enable-idea enable IDEA encryption (patented)], 253 [], [enable_idea=no]) 254AC_MSG_RESULT($enable_idea) 255 256if test $enable_idea = "yes"; then 257 AC_CHECK_HEADERS([openssl/idea.h]) 258 AC_CHECK_LIB([crypto_idea], [idea_encrypt], 259 [EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_idea"]) 260fi 261AC_SUBST(EXTRA_CRYPTO) 262 263# For dynamic libradius 264RACOON_PATH_LIBS([MD5_Init], [crypto]) 265 266# Check for Kerberos5 support 267AC_MSG_CHECKING(if --enable-gssapi option is specified) 268AC_ARG_ENABLE(gssapi, 269 [ --enable-gssapi enable GSS-API authentication], 270 [], [enable_gssapi=no]) 271AC_MSG_RESULT($enable_gssapi) 272AC_PATH_PROG(KRB5_CONFIG,krb5-config,no) 273if test "x$enable_gssapi" = "xyes"; then 274 if test "$KRB5_CONFIG" != "no"; then 275 krb5_incdir="`$KRB5_CONFIG --cflags gssapi`" 276 krb5_libs="`$KRB5_CONFIG --libs gssapi`" 277 else 278 # No krb5-config; let's make some assumptions based on 279 # the OS. 280 case $host_os in 281 netbsd*) 282 krb5_incdir="-I/usr/include/krb5" 283 krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1" 284 ;; 285 *) 286 AC_MSG_ERROR([krb5-config not found, but needed for GSSAPI support. Aborting.]) 287 ;; 288 esac 289 fi 290 LIBS="$LIBS $krb5_libs" 291 CPPFLAGS_ADD="$krb5_incdir $CPPFLAGS_ADD" 292 AC_DEFINE([HAVE_GSSAPI], [], [Enable GSS API]) 293 294 # Check if iconv 2nd argument needs const 295 AC_CHECK_HEADER([iconv.h], [], [AC_MSG_ERROR([iconv.h not found, but needed for GSSAPI support. Aborting.])]) 296 AC_MSG_CHECKING([if iconv second argument needs const]) 297 AC_TRY_COMPILE([ 298 #include <iconv.h> 299 #include <stdio.h> 300 ], [ 301 iconv_t cd = NULL; 302 const char **src = NULL; 303 size_t *srcleft = NULL; 304 char **dst = NULL; 305 size_t *dstleft = NULL; 306 307 (void)iconv(cd, src, srcleft, dst, dstleft); 308 ], [AC_MSG_RESULT(yes) 309 AC_DEFINE([HAVE_ICONV_2ND_CONST], [], [Have iconv using const]) 310 ], [AC_MSG_RESULT(no)]) 311 312fi 313 314AC_MSG_CHECKING([if --enable-hybrid option is specified]) 315AC_ARG_ENABLE(hybrid, 316 [ --enable-hybrid enable hybrid, both mode-cfg and xauth support], 317 [], [enable_hybrid=no]) 318AC_MSG_RESULT($enable_hybrid) 319 320if test "x$enable_hybrid" = "xyes"; then 321 LIBS="$LIBS -lcrypt"; 322 HYBRID_OBJS="isakmp_xauth.o isakmp_cfg.o isakmp_unity.o throttle.o" 323 AC_SUBST(HYBRID_OBJS) 324 AC_DEFINE([ENABLE_HYBRID], [], [Hybrid authentication support]) 325fi 326 327AC_MSG_CHECKING([if --enable-frag option is specified]) 328AC_ARG_ENABLE(frag, 329 [ --enable-frag enable IKE fragmentation payload support], 330 [], [enable_frag=no]) 331AC_MSG_RESULT($enable_frag) 332 333if test "x$enable_frag" = "xyes"; then 334 LIBS="$LIBS -lcrypt"; 335 FRAG_OBJS="isakmp_frag.o" 336 AC_SUBST(FRAG_OBJS) 337 AC_DEFINE([ENABLE_FRAG], [], [IKE fragmentation support]) 338fi 339 340AC_MSG_CHECKING(if --with-libradius option is specified) 341AC_ARG_WITH(libradius, 342 [ --with-libradius=DIR specify libradius path (like/usr/pkg)], 343 [libradius_dir=$withval], 344 [libradius_dir=no]) 345AC_MSG_RESULT($libradius_dir) 346if test "$libradius_dir" != "no"; then 347 if test "$libradius_dir" = "yes" ; then 348 libradius_dir=""; 349 fi; 350 if test "x$libradius_dir" = "x"; then 351 RACOON_PATH_LIBS([rad_create_request], [radius]) 352 else 353 if test -d "$libradius_dir/lib" -a \ 354 -d "$libradius_dir/include" ; then 355 RACOON_PATH_LIBS([rad_create_request], [radius], ["$libradius_dir/lib"]) 356 CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include" 357 else 358 AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.]) 359 fi 360 fi 361 AC_DEFINE([HAVE_LIBRADIUS], [], [Hybrid authentication uses RADIUS]) 362 LIBS="$LIBS -L$libradius_dir/lib -R$libradius_dir/lib -lradius" 363 AC_CHECK_FUNCS(rad_create_request) 364fi 365 366AC_MSG_CHECKING(if --with-libpam option is specified) 367AC_ARG_WITH(libpam, 368 [ --with-libpam=DIR specify libpam path (like/usr/pkg)], 369 [libpam_dir=$withval], 370 [libpam_dir=no]) 371AC_MSG_RESULT($libpam_dir) 372if test "$libpam_dir" != "no"; then 373 if test "$libpam_dir" = "yes" ; then 374 libpam_dir=""; 375 fi; 376 if test "x$libpam_dir" = "x"; then 377 RACOON_PATH_LIBS([pam_start], [pam]) 378 else 379 if test -d "$libpam_dir/lib" -a \ 380 -d "$libpam_dir/include" ; then 381 RACOON_PATH_LIBS([pam_start], [pam], ["$libpam_dir/lib"]) 382 CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include" 383 else 384 AC_MSG_ERROR([PAM libs or includes not found. Aborting.]) 385 fi 386 fi 387 AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM]) 388 LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam" 389 AC_CHECK_FUNCS(pam_start) 390fi 391 392AC_MSG_CHECKING(if --enable-stats option is specified) 393AC_ARG_ENABLE(stats, 394 [ --enable-stats enable statistics logging function], 395 [], [enable_stats=no]) 396if test "x$enable_stats" = "xyes"; then 397 AC_DEFINE([ENABLE_STATS], [], [Enable statictics]) 398fi 399AC_MSG_RESULT($enable_stats) 400 401AC_MSG_CHECKING(if --enable-dpd option is specified) 402AC_ARG_ENABLE(dpd, 403 [ --enable-dpd enable dead peer detection], 404 [], [enable_dpd=no]) 405if test "x$enable_dpd" = "xyes"; then 406 AC_DEFINE([ENABLE_DPD], [], [Enable dead peer detection]) 407fi 408AC_MSG_RESULT($enable_dpd) 409 410 411AC_MSG_CHECKING(if --enable-samode-unspec option is specified) 412AC_ARG_ENABLE(samode-unspec, 413 [ --enable-samode-unspec enable to use unspecified a mode of SA], 414 [], [enable_samode_unspec=no]) 415if test "x$enable_samode_unspec" = "xyes"; then 416 case $host_os in 417 *linux*) 418 cat << EOC 419 420ERROR: --enable-samode-unspec is not supported under linux 421because linux kernel do not support it. This option is disabled 422to prevent mysterious problems. 423 424If you REALLY know what your are doing, remove this check. 425EOC 426 exit 1; 427 ;; 428 esac 429 AC_DEFINE([ENABLE_SAMODE_UNSPECIFIED], [], [Enable samode-unspec]) 430fi 431AC_MSG_RESULT($enable_samode_unspec) 432 433# Checks if IPv6 is requested 434AC_MSG_CHECKING([whether to enable ipv6]) 435AC_ARG_ENABLE(ipv6, 436[ --disable-ipv6 disable ipv6 support], 437[ case "$enableval" in 438 no) 439 AC_MSG_RESULT(no) 440 ipv6=no 441 ;; 442 *) AC_MSG_RESULT(yes) 443 ipv6=yes 444 ;; 445 esac ], 446 447 AC_TRY_RUN([ /* AF_INET6 avalable check */ 448#include <sys/types.h> 449#include <sys/socket.h> 450main() 451{ 452 exit(0); 453 if (socket(AF_INET6, SOCK_STREAM, 0) < 0) 454 exit(1); 455 else 456 exit(0); 457} 458], 459 AC_MSG_RESULT(yes) 460 AC_DEFINE([INET6], [], [Support IPv6]) 461 ipv6=yes, 462 AC_MSG_RESULT(no) 463 ipv6=no, 464 AC_MSG_RESULT(no) 465 ipv6=no 466)) 467 468if test "$ipv6" = "yes"; then 469 AC_DEFINE([INET6], [], [Support IPv6]) 470 AC_MSG_CHECKING(for advanced API support) 471 AC_TRY_COMPILE([#ifndef INET6 472#define INET6 473#endif 474#include <sys/types.h> 475#include <netinet/in.h>], 476 [struct in6_pktinfo a;], 477 [AC_MSG_RESULT(yes) 478 AC_DEFINE([INET6_ADVAPI], [], [Use advanced IPv6 API])], 479 [AC_MSG_RESULT(no)]) 480fi 481 482RACOON_CHECK_BUGGY_GETADDRINFO 483if test "$buggygetaddrinfo" = "yes"; then 484 AC_MSG_ERROR([Broken getaddrinfo() is no longer supported. Aborting.]) 485fi 486 487# Check if kernel support is available for NAT-T, defaults to no. 488kernel_natt="no" 489 490AC_MSG_CHECKING(kernel NAT-Traversal support) 491case $host_os in 492linux*) 493# Linux kernel NAT-T check 494AC_EGREP_CPP(yes, 495[#include <linux/pfkeyv2.h> 496#ifdef SADB_X_EXT_NAT_T_TYPE 497yes 498#endif 499], [kernel_natt="yes"]) 500 ;; 501freebsd*|netbsd*) 502# NetBSD case 503# Same check for FreeBSD 504AC_CHECK_MEMBER(struct sadb_x_nat_t_type.sadb_x_nat_t_type_len, 505 [kernel_natt="yes"],, [ 506#define _KERNEL 507#include <sys/types.h> 508#include <net/pfkeyv2.h> 509]) 510 ;; 511esac 512AC_MSG_RESULT($kernel_natt) 513 514AC_MSG_CHECKING(whether to support NAT-T) 515AC_ARG_ENABLE(natt, 516 [ --enable-natt enable NAT-Traversal (yes/no/kernel)], 517 [ if test "$enable_natt" = "kernel"; then enable_natt=$kernel_natt; fi ], 518 [ enable_natt=no ]) 519AC_MSG_RESULT($enable_natt) 520 521if test "$enable_natt" = "yes"; then 522 if test "$kernel_natt" = "no" ; then 523 AC_MSG_ERROR([NAT-T requested, but no kernel support! Aborting.]) 524 else 525 AC_DEFINE([ENABLE_NATT], [], [Enable NAT-Traversal]) 526 NATT_OBJS="nattraversal.o" 527 AC_SUBST(NATT_OBJS) 528 fi 529fi 530 531# Set up defines for supported NAT-T versions. 532natt_versions_default="00,02,rfc" 533AC_MSG_CHECKING(which NAT-T versions to support) 534AC_ARG_ENABLE(natt_versions, 535 [ --enable-natt-versions=list list of supported NAT-T versions delimited by coma.], 536 [ test "$enable_natt_versions" = "yes" && enable_natt_versions=$natt_versions_default ], 537 [ enable_natt_versions=$natt_versions_default ]) 538if test "$enable_natt" = "yes"; then 539 AC_MSG_RESULT($enable_natt_versions) 540 for i in `echo $enable_natt_versions | tr ',cfr' ' CFR'`; do 541 case $i in 542 0|00) AC_DEFINE([ENABLE_NATT_00], [], [Enable NAT-Traversal draft 00]) ;; 543 1|01) AC_DEFINE([ENABLE_NATT_01], [], [Enable NAT-Traversal draft 01]) ;; 544 2|02) AC_DEFINE([ENABLE_NATT_02], [], [Enable NAT-Traversal draft 02]) ;; 545 3|03) AC_DEFINE([ENABLE_NATT_03], [], [Enable NAT-Traversal draft 03]) ;; 546 4|04) AC_DEFINE([ENABLE_NATT_04], [], [Enable NAT-Traversal draft 04]) ;; 547 5|05) AC_DEFINE([ENABLE_NATT_05], [], [Enable NAT-Traversal draft 05]) ;; 548 6|06) AC_DEFINE([ENABLE_NATT_06], [], [Enable NAT-Traversal draft 06]) ;; 549 7|07) AC_DEFINE([ENABLE_NATT_07], [], [Enable NAT-Traversal draft 07]) ;; 550 8|08) AC_DEFINE([ENABLE_NATT_08], [], [Enable NAT-Traversal draft 08]) ;; 551 RFC) AC_DEFINE([ENABLE_NATT_RFC], [], [Enable NAT-Traversal RFC version]) ;; 552 *) AC_MSG_ERROR([Unknown NAT-T version. Aborting.]) ;; 553 esac 554 done 555 unset i 556else 557 AC_MSG_RESULT([none]) 558fi 559 560AC_MSG_CHECKING(whether we support FWD policy) 561case $host in 562 *linux*) 563 AC_TRY_COMPILE([ 564 #include <inttypes.h> 565 #include <linux/ipsec.h> 566 ], [ 567 int fwd = IPSEC_DIR_FWD; 568 ], 569 [AC_MSG_RESULT(yes) 570 AC_DEFINE([HAVE_POLICY_FWD], [], [Have forward policy])], 571 [AC_MSG_RESULT(no)]) 572 ;; 573 *) 574 AC_MSG_RESULT(no) 575 ;; 576esac 577 578AC_CHECK_TYPE([ipsec_policy_t], 579 [AC_DEFINE([HAVE_IPSEC_POLICY_T], [], [Have ipsec_policy_t])], 580 [], 581 [ 582 #include <sys/types.h> 583 #include <netinet6/ipsec.h> 584 ]) 585 586CFLAGS="$CFLAGS $CFLAGS_ADD" 587CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 588 589case $host in 590 *linux*) 591 # Remove KERNEL_INCLUDE from CPPFLAGS. It will 592 # be symlinked to src/include-glibc/linux in 593 # compile time. 594 CPPFLAGS=`echo $CPPFLAGS | sed "s,-I$KERNEL_INCLUDE,,"` 595 ;; 596esac 597 598include_racoondir=${includedir}/racoon 599AC_SUBST(include_racoondir) 600 601AC_CONFIG_FILES([ 602 Makefile 603 package_version.h 604 src/Makefile 605 src/include-glibc/Makefile 606 src/libipsec/Makefile 607 src/setkey/Makefile 608 src/racoon/Makefile 609 src/racoon/samples/psk.txt 610 src/racoon/samples/racoon.conf 611 rpm/Makefile 612 rpm/suse/Makefile 613 rpm/suse/ipsec-tools.spec 614 ]) 615AC_OUTPUT 616