1dnl Process this file with autoconf to produce a configure script.
2AC_INIT(admin.c)
3
4dnl Checks for programs.
5AC_PROG_CC
6AC_PROG_CPP
7AC_PROG_LEX
8AC_PROG_INSTALL
9AC_PROG_MAKE_SET
10
11AC_CANONICAL_HOST
12case $host in
13*netbsd*)
14	CFLAGS="-Wl,-R/usr/pkg/lib $CFLAGS" ;;
15esac
16
17AC_SUBST(OPTFLAG)
18OPTFLAG="-O -DYIPS_DEBUG"
19AC_MSG_CHECKING(if --enable-debug option is specified)
20AC_ARG_ENABLE(debug, [  --enable-debug          build a debug version],
21	[OPTFLAG="-g $OPTFLAG"; enable_debug=yes], [enable_debug=no])
22AC_MSG_RESULT($enable_debug)
23
24AC_SUBST(DEBUGRMOBJS)
25AC_MSG_CHECKING(if --enable-debugrm option is specified)
26AC_ARG_ENABLE(debugrm, [  --enable-debugrm        build with the memory allocation recorder],
27	[OPTFLAG="-DDEBUG_RECORD_MALLOCATION $OPTFLAG"; enable_debugrm=yes],
28	[enable_debugrm=no])
29if test "$enable_debugrm" != "no"; then
30	DEBUGRMOBJS="debugrm.o"
31fi
32AC_MSG_RESULT($enable_debugrm)
33
34AC_MSG_CHECKING(if --enable-yydebug option is specified)
35AC_ARG_ENABLE(yydebug, [  --enable-yydebug        build a yydebug version],
36	[AC_DEFINE(YYDEBUG)
37	enable_yydebug=yes], [enable_yydebug=no])
38AC_MSG_RESULT($enable_yydebug)
39
40OPTFLAG="-Wall -Wmissing-prototypes -Wmissing-declarations $OPTFLAG"
41AC_MSG_CHECKING(if --enable-pedant option is specified)
42AC_ARG_ENABLE(pedant, [  --enable-pedant         pedantic compiler options],
43	[OPTFLAG="-Werror $OPTFLAG"; enable_pedant=yes],
44	[enable_pedant=no])
45AC_MSG_RESULT($enable_pedant)
46
47AC_MSG_CHECKING(if --enable-adminport option is specified)
48AC_ARG_ENABLE(adminport,
49	[  --enable-adminport      enable admin port (INSECURE!)],
50	[], [enable_adminport=no])
51if test $enable_adminport = "yes"; then
52	AC_DEFINE(ENABLE_ADMINPORT)
53fi
54AC_MSG_RESULT($enable_adminport)
55
56AC_MSG_CHECKING(if --enable-rc5 option is specified)
57AC_ARG_ENABLE(rc5,
58	[  --enable-rc5            enable RC5 encryption (patented)],
59	[], [enable_rc5=no])
60AC_MSG_RESULT($enable_rc5)
61
62AC_MSG_CHECKING(if --enable-idea option is specified)
63AC_ARG_ENABLE(idea,
64	[  --enable-idea           enable IDEA encryption (patented)],
65	[], [enable_idea=no])
66AC_MSG_RESULT($enable_idea)
67
68AC_MSG_CHECKING(if --enable-gssapi option is specified)
69AC_ARG_ENABLE(rc5,
70        [  --enable-gssapi         enable GSS-API authentication],
71        [], [enable_gssapi=no])
72if test "x$enable_gssapi" = "xyes"; then
73	AC_DEFINE(HAVE_GSSAPI)
74fi
75AC_MSG_RESULT($enable_gssapi)
76
77AC_MSG_CHECKING(if --enable-stats option is specified)
78AC_ARG_ENABLE(stats,
79        [  --enable-stats          enable statistics logging function],
80        [], [enable_stats=no])
81if test "x$enable_stats" = "xyes"; then
82	AC_DEFINE(ENABLE_STATS)
83fi
84AC_MSG_RESULT($enable_stats)
85
86AC_MSG_CHECKING(if --enable-samode-unspec option is specified)
87AC_ARG_ENABLE(samode-unspec,
88        [  --enable-samode-unspec  enable to use unspecified a mode of SA],
89        [], [enable_samode_unspec=no])
90if test "x$enable_samode_unspec" = "xyes"; then
91	AC_DEFINE(ENABLE_SAMODE_UNSPECIFIED)
92fi
93AC_MSG_RESULT($enable_samode_unspec)
94
95efence_dir=
96AC_MSG_CHECKING(if --with-efence option is specified)
97AC_ARG_WITH(efence, [  --with-efence=DIR       specify ElectricFence directory],
98	[efence_dir=$withval], [efence_dir=no])
99AC_MSG_RESULT(${efence_dir})
100if test "$efence_dir" != "no"; then
101	if test "x$efence_dir" = "x"; then
102		RACOON_PATH_LIBS(EF_Print, efence)
103	else
104		RACOON_PATH_LIBS(EF_Print, efence, $efence_dir)
105	fi
106fi
107
108gc_dir=
109AC_MSG_CHECKING(if --with-gc option is specified)
110AC_ARG_WITH(gc, [  --with-gc=DIR           specify Bohem GC directory (experimental)],
111	[gc_dir=$withval], [gc_dir=no])
112AC_MSG_RESULT(${gc_dir})
113if test "$gc_dir" != "no"; then
114	AC_DEFINE(GC)
115	if test "x$gc_dir" = "x"; then
116		RACOON_PATH_LIBS(GC_malloc, leak)
117	else
118		RACOON_PATH_LIBS(GC_malloc, leak, $gc_dir)
119	fi
120fi
121
122dmalloc_dir=
123AC_MSG_CHECKING(if --with-dmalloc option is specified)
124AC_ARG_WITH(dmalloc, [  --with-dmalloc=DIR      specify Dmalloc directory],
125	[dmalloc_dir=$withval], [dmalloc_dir=no])
126AC_MSG_RESULT(${dmalloc_dir})
127if test "$dmalloc_dir" != "no"; then
128	AC_DEFINE(DMALLOC)
129	if test "x$dmalloc_dir" = "x"; then
130		RACOON_PATH_LIBS(dmalloc_log_unfreed, dmalloc)
131	else
132		RACOON_PATH_LIBS(dmalloc_log_unfreed, dmalloc, $dmalloc_dir)
133	fi
134fi
135
136AC_MSG_CHECKING(if you have KAME tcpdump in $srcdir/../tcpdump)
137if test -f "$srcdir/../tcpdump/print-isakmp.c"; then
138	LIBOBJS="$LIBOBJS print-isakmp.o"
139	AC_DEFINE(HAVE_PRINT_ISAKMP_C)
140	AC_MSG_RESULT(yes)
141else
142	AC_MSG_RESULT(no)
143fi
144
145AC_MSG_CHECKING(if __FUNCTION__ is available)
146AC_TRY_COMPILE(dnl
147[#include <stdio.h>
148], [char *x = __FUNCTION__;],
149	[AC_DEFINE(HAVE_FUNCTION_MACRO)
150	AC_MSG_RESULT(yes)],
151	[AC_MSG_RESULT(no)])
152
153dnl Checks for libraries.
154AC_MSG_CHECKING([whether to enable ipv6])
155AC_ARG_ENABLE(ipv6,
156[  --enable-ipv6           Enable ipv6 (with ipv4) support
157  --disable-ipv6          Disable ipv6 support],
158[ case "$enableval" in
159  no)
160       AC_MSG_RESULT(no)
161       ipv6=no
162       ;;
163  *)   AC_MSG_RESULT(yes)
164       AC_DEFINE(INET6)
165       ipv6=yes
166       ;;
167  esac ],
168
169  AC_TRY_RUN([ /* AF_INET6 avalable check */
170#include <sys/types.h>
171#include <sys/socket.h>
172main()
173{
174  exit(0);
175 if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
176   exit(1);
177 else
178   exit(0);
179}
180],
181  AC_MSG_RESULT(yes)
182  AC_DEFINE(ENABLE_IPV6)
183  ipv6=yes,
184  AC_MSG_RESULT(no)
185  ipv6=no,
186  AC_MSG_RESULT(no)
187  ipv6=no
188))
189
190ipv6type=unknown
191ipv6lib=none
192ipv6libdir=none
193
194if test "$ipv6" = "yes"; then
195	AC_MSG_CHECKING([ipv6 stack type])
196	for i in inria kame linux toshiba v6d zeta; do
197		ipv6trylibc=no
198		case $i in
199		inria)
200			dnl http://www.kame.net/
201			AC_EGREP_CPP(yes, [dnl
202#include <netinet/in.h>
203#ifdef IPV6_INRIA_VERSION
204yes
205#endif],
206				[ipv6type=$i;
207				ipv6lib=inet6;
208				ipv6libdir=/usr/lib;
209				ipv6trylibc=yes
210				CPPFLAGS="-DINET6 $CPPFLAGS"])
211			;;
212		kame)
213			dnl http://www.kame.net/
214			AC_EGREP_CPP(yes, [dnl
215#include <netinet/in.h>
216#ifdef __KAME__
217yes
218#endif],
219				[ipv6type=$i;
220				ipv6lib=inet6;
221				ipv6libdir=/usr/local/v6/lib;
222				ipv6trylibc=yes
223				CPPFLAGS="-DINET6 $CPPFLAGS"])
224			;;
225		linux)
226			dnl http://www.v6.linux.or.jp/
227			if test -d /usr/inet6; then
228				ipv6type=$i
229				ipv6lib=inet6
230				ipv6libdir=/usr/inet6/lib
231				CPPFLAGS="-DINET6 -I/usr/inet6/include $CPPFLAGS"
232			else
233				ipv6type=$i
234				ipv6trylibc=yes
235				CPPFLAGS="-DINET6 -DIPV6_INRIA_VERSION -I../include-glibc -include ../include-glibc/glibc-bugs.h $CPPFLAGS"
236			fi
237			;;
238		toshiba)
239			AC_EGREP_CPP(yes, [dnl
240#include <sys/param.h>
241#ifdef _TOSHIBA_INET6
242yes
243#endif],
244				[ipv6type=$i;
245				ipv6lib=inet6;
246				ipv6libdir=/usr/local/v6/lib;
247				CPPFLAGS="-DINET6 $CPPFLAGS"])
248			;;
249		v6d)
250			AC_EGREP_CPP(yes, [dnl
251#include </usr/local/v6/include/sys/v6config.h>
252#ifdef __V6D__
253yes
254#endif],
255				[ipv6type=$i;
256				ipv6lib=v6;
257				ipv6libdir=/usr/local/v6/lib;
258				CPPFLAGS="-I/usr/local/v6/include $CPPFLAGS"])
259			;;
260		zeta)
261			AC_EGREP_CPP(yes, [dnl
262#include <sys/param.h>
263#ifdef _ZETA_MINAMI_INET6
264yes
265#endif],
266				[ipv6type=$i;
267				ipv6lib=inet6;
268				ipv6libdir=/usr/local/v6/lib;
269				CPPFLAGS="-DINET6 $CPPFLAGS"])
270			;;
271		esac
272		if test "$ipv6type" != "unknown"; then
273			break
274		fi
275	done
276	AC_MSG_RESULT($ipv6type)
277fi
278
279if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then
280	if test -d $ipv6libdir -a -f $ipv6libdir/lib$ipv6lib.a; then
281		echo "using lib$ipv6lib for getaddrinfo"
282		LIBS="$LIBS -L$ipv6libdir -l$ipv6lib"
283	else
284		if test "$ipv6trylibc" = "yes"; then
285			echo 'using libc for getaddrinfo'
286		else
287			echo "Fatal: no $ipv6lib library found.  "
288			echo "cannot continue.  You need to fetch lib$ipv6lib.a "
289			echo "from appropriate ipv6 kit and compile beforehand."
290			exit 1
291		fi
292	fi
293fi
294
295if test "$ipv6" = "yes"; then
296	AC_MSG_CHECKING(for advanced API support)
297	AC_CACHE_VAL(racoon_cv_advapi, [dnl
298	AC_TRY_COMPILE([#ifndef INET6
299#define INET6
300#endif
301#include <sys/types.h>
302#include <netinet/in.h>],
303		[struct in6_pktinfo a;],
304		[racoon_cv_advapi="yes"], [racoon_cv_advapi="no"])])
305	AC_MSG_RESULT($racoon_cv_advapi)
306	if test "$racoon_cv_advapi" = yes; then
307		AC_DEFINE(ADVAPI)
308	fi
309fi
310
311AC_MSG_CHECKING(getaddrinfo bug)
312AC_TRY_RUN([
313#include <sys/types.h>
314#include <sys/socket.h>
315#include <netdb.h>
316#include <string.h>
317#include <netinet/in.h>
318
319main()
320{
321  int passive, gaierr, inet4 = 0, inet6 = 0;
322  struct addrinfo hints, *ai, *aitop;
323  char straddr[INET6_ADDRSTRLEN], strport[16];
324
325  for (passive = 0; passive <= 1; passive++) {
326    memset(&hints, 0, sizeof(hints));
327    hints.ai_family = AF_UNSPEC;
328    hints.ai_flags = passive ? AI_PASSIVE : 0;
329    hints.ai_socktype = SOCK_STREAM;
330    if ((gaierr = getaddrinfo(NULL, "54321", &hints, &aitop)) != 0) {
331      (void)gai_strerror(gaierr);
332      goto bad;
333    }
334    for (ai = aitop; ai; ai = ai->ai_next) {
335      if (ai->ai_addr == NULL ||
336          ai->ai_addrlen == 0 ||
337          getnameinfo(ai->ai_addr, ai->ai_addrlen,
338                      straddr, sizeof(straddr), strport, sizeof(strport),
339                      NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
340        goto bad;
341      }
342      switch (ai->ai_family) {
343      case AF_INET:
344	if (strcmp(strport, "54321") != 0) {
345	  goto bad;
346	}
347        if (passive) {
348          if (strcmp(straddr, "0.0.0.0") != 0) {
349            goto bad;
350          }
351        } else {
352          if (strcmp(straddr, "127.0.0.1") != 0) {
353            goto bad;
354          }
355        }
356        inet4++;
357        break;
358      case AF_INET6:
359	if (strcmp(strport, "54321") != 0) {
360	  goto bad;
361	}
362        if (passive) {
363          if (strcmp(straddr, "::") != 0) {
364            goto bad;
365          }
366        } else {
367          if (strcmp(straddr, "::1") != 0) {
368            goto bad;
369          }
370        }
371        inet6++;
372        break;
373      case AF_UNSPEC:
374        goto bad;
375        break;
376      default:
377        /* another family support? */
378        break;
379      }
380    }
381  }
382
383  if (!(inet4 == 0 || inet4 == 2))
384    goto bad;
385  if (!(inet6 == 0 || inet6 == 2))
386    goto bad;
387
388  if (aitop)
389    freeaddrinfo(aitop);
390  exit(0);
391
392 bad:
393  if (aitop)
394    freeaddrinfo(aitop);
395  exit(1);
396}
397],
398AC_MSG_RESULT(good)
399buggygetaddrinfo=no,
400AC_MSG_RESULT(buggy)
401buggygetaddrinfo=yes,
402AC_MSG_RESULT(buggy)
403buggygetaddrinfo=yes)
404
405if test "$buggygetaddrinfo" = "yes"; then
406	if test "$ipv6" = "yes"; then
407		echo 'Fatal: You must get working getaddrinfo() function.'
408		echo '       or you can specify "--disable-ipv6"'.
409		exit 1
410	else
411		CPPFLAGS="$CPPFLAGS -I./missing"
412	fi
413fi
414AC_REPLACE_FUNCS(getaddrinfo getnameinfo)
415
416AC_MSG_CHECKING(if --with-ssleay option is specified)
417AC_ARG_WITH(ssleay, [  --with-ssleay=DIR       specify SSLeay directory],
418	[crypto_dir=$withval])
419AC_MSG_RESULT(${crypto_dir-"default"})
420
421dnl if test "$crypto_dir" != "default"; then
422dnl 	LIBS="-L$crypto_dir/lib $LIBS"
423dnl 	if test -f $crypto_dir/include/md5.h; then
424dnl 		CFLAGS="-I$crypto_dir/include $CFLAGS"
425dnl 	elif test -d $crypto_dir/include/ssleay -a -f $dir/include/ssleay/md5.h; then
426dnl 		CFLAGS="-I$crypto_dir/include/ssleay -I$crypto_dir/include $CFLAGS"
427dnl 	elif test -d $crypto_dir/include/openssl -a -f $dir/include/openssl/md5.h; then
428dnl 		CFLAGS="-I$crypto_dir/include/openssl -I$crypto_dir/include $CFLAGS"
429dnl 	fi
430dnl fi
431
432if test "x$crypto_dir" = "x"; then
433	case $host_os in
434	netbsd*)	crypto_dir="/usr/pkg";;
435	freebsd*)
436		if test -d /usr/local/ssl; then
437			crypto_dir="/usr/local/ssl"
438		else
439			crypto_dir="/usr/local"
440		fi
441		;;
442	esac
443else
444	LIBS="$LIBS -L${crypto_dir}/lib"
445	CFLAGS="-I${crypto_dir}/include $CFLAGS"
446fi
447if test "x$krb5_incdir" = "x"; then
448	case $host_os in
449	netbsd*)	krb5_incdir="/usr/include/krb5";;
450	esac
451fi
452if test "x$krb5_libs" = "x"; then
453	case $host_os in
454	netbsd*)	krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1";;
455	esac
456fi
457if test "$enable_gssapi" = "yes"; then
458	LIBS="$LIBS $krb5_libs"
459	CPPFLAGS="-I$krb5_incdir $CPPFLAGS"
460fi
461dnl for some reason, past version of freebsd port requires us to set -I for
462dnl BOTH openssl/cast.h and cast.h.  who should I blame (or am I mistaken?)
463RACOON_PATH_LIBS(CAST_cfb64_encrypt, crypto, ${crypto_dir}/lib)
464AC_TRY_COMPILE([#include <sys/types.h>
465#include <stdio.h>
466#include <openssl/bn.h>
467#include <openssl/dh.h>
468#include <openssl/md5.h>
469#include <openssl/sha.h>
470#include <openssl/des.h>], [], [], [openssl_compile_failed=yes])
471
472if test "x$openssl_compile_failed" = "xyes"; then
473	echo
474	echo "Fatal: crypto library and headers not found."
475	echo Specify proper directory by using --with-ssleay.
476	if test `uname -s` = FreeBSD; then
477		echo Use ports/security/SSLeay to install SSLeay, or visit
478	elif test `uname -s` = NetBSD; then
479		echo Use pkgsrc/security/SSLeay to install SSLeay, or visit
480	else
481		echo -n "Visit "
482	fi
483	echo ftp://psych.psy.uq.oz.au/pub/Crypto/SSL/, or visit
484	echo http://www.openssl.org/
485	exit 1
486fi
487dnl AC_MSG_RESULT("$ssleay_lib and $ssleay_include")
488
489AC_MSG_CHECKING(openssl version)
490AC_EGREP_CPP(yes, [#include <openssl/opensslv.h>
491#if OPENSSL_VERSION_NUMBER >= 0x00904100L
492yes
493#endif], [AC_MSG_RESULT(ok)], [AC_MSG_RESULT(too old)
494	echo
495	echo "FATAL: OpenSSL version must be 0.9.4 or higher."
496	exit 1])
497
498dnl AC_MSG_CHECKING(for libssl)
499AC_CHECK_LIB(ssl, ssl_ok, [], [], -lcrypto)
500
501AC_CHECK_LIB(crypto, des_cbc_encrypt)
502AC_CHECK_LIB(l, yywrap)
503AC_CHECK_LIB(y, yyerror)
504
505dnl PF_KEYv2 support check
506AC_MSG_CHECKING(for PF_KEYv2 support)
507AC_CACHE_VAL(ac_cv_pfkey, [dnl
508AC_TRY_COMPILE([
509#include <sys/types.h>
510#include <sys/socket.h>
511#include <net/pfkeyv2.h>],
512        [int x = PF_KEY, y = PF_KEY_V2;],
513        [ac_cv_pfkey="yes"], [ac_cv_pfkey="no"])])
514AC_MSG_RESULT($ac_cv_pfkey)
515if test "$ac_cv_pfkey" = yes; then
516        OPTFLAG="-DHAVE_PFKEYV2 $OPTFLAG"
517fi
518
519dnl old KAME header check
520if test "$ac_cv_pfkey" = "yes"; then
521	AC_MSG_CHECKING(for old KAME PF_KEYv2 header file)
522	AC_TRY_COMPILE([
523#include <sys/types.h>
524#include <sys/socket.h>
525#include <net/pfkeyv2.h>],
526		[struct sadb_msg m; m.sadb_msg_reserved2 = 0;],
527		[AC_MSG_RESULT(old)
528		echo "FATAL: obsolete KAME PF_KEYv2 declaration (non-PF_KEY sadb_msg)"
529		exit 1])
530	AC_TRY_COMPILE([
531#include <sys/types.h>
532#include <sys/socket.h>
533#include <net/pfkeyv2.h>],
534		[struct sadb_x_policy m; m.sadb_x_policy_id = 0;], [],
535		[AC_MSG_RESULT(old)
536		echo "FATAL: obsolete KAME PF_KEYv2 declaration (no sadb_x_policy_id)"
537		exit 1])
538	AC_TRY_COMPILE([
539#include <sys/types.h>
540#include <sys/socket.h>
541#include <net/pfkeyv2.h>],
542		[struct sadb_x_sa2 m;], [],
543		[AC_MSG_RESULT(old)
544		echo "FATAL: obsolete KAME PF_KEYv2 declaration (no sadb_x_sa2)"
545		exit 1])
546	AC_MSG_RESULT(fine)
547fi
548
549ipsectype=unknown
550ipseclib=none
551ipseclibdir=none
552AC_MSG_CHECKING([ipsec library path])
553for i in kame linux; do
554	ipsectrylibc=no
555	case $i in
556	inria)
557		dnl http://www.kame.net/
558		AC_EGREP_CPP(yes, [dnl
559#include <netinet/in.h>
560#ifdef IPV6_INRIA_VERSION
561yes
562#endif],
563			[ipsectype=$i;
564			ipseclib=ipsec;
565			ipseclibdir=/usr/lib])
566		;;
567	kame)
568		dnl http://www.kame.net/
569		AC_EGREP_CPP(yes, [dnl
570#include <netinet/in.h>
571#ifdef __KAME__
572yes
573#endif],
574			[ipsectype=$i;
575			ipseclib=ipsec;
576			ipseclibdir=/usr/local/v6/lib])
577		;;
578	linux)
579			ipseclib=ipsec;
580			ipseclibdir=../libipsec
581			ipsectype=linux
582		;;
583	esac
584	if test "$ipsectype" != "unknown"; then
585		break
586	fi
587done
588AC_MSG_RESULT($ipseclibdir)
589
590dnl this is gross, but we need to invoke either AC_CHECK LIB or AC_CHECK_FUNCS.
591if test "$ipseclib" != "none"; then
592	if test "$ipseclibdir" != "none"; then
593		RACOON_PATH_LIBS(ipsec_strerror, $ipseclib, $ipseclibdir)
594	else
595		RACOON_PATH_LIBS(ipsec_strerror, $ipseclib)
596	fi
597fi
598
599AC_MSG_CHECKING(if --with-libpfkey option is specified)
600AC_ARG_WITH(libpfkey, [  --with-libpfkey=DIR     specify libpfkey.a dir],
601	[libpfkey_dir=$withval], [libpfkey_dir=no])
602AC_MSG_RESULT(${libpfkey_dir})
603if test "$libpfkey_dir" != "no"; then
604	if test "x$libpfkey_dir" = "x"; then
605		RACOON_PATH_LIBS(pfkey_send_spdsetidx, pfkey)
606	else
607		RACOON_PATH_LIBS(pfkey_send_spdsetidx, pfkey, $libpfkey_dir)
608	fi
609fi
610
611AC_MSG_CHECKING(if --with-liblwres option is specified)
612AC_ARG_WITH(liblwres, [  --with-lwres=DIR        specify liblwres path (like /usr/pkg)],
613	[liblwres_dir=$withval], [liblwres_dir=no])
614AC_MSG_RESULT(${liblwres_dir})
615if test "$liblwres_dir" != "no"; then
616	if test -d "$liblwres_dir/lib" -a -d "$liblwres_dir/lib"; then
617		if test "x$liblwres_dir" = "x"; then
618			RACOON_PATH_LIBS(lwres_getrrsetbyname, lwres)
619		else
620			RACOON_PATH_LIBS(lwres_getrrsetbyname, lwres, "$liblwres_dir/lib")
621		fi
622		CFLAGS="$CFLAGS -I$liblwres_dir/include"
623		AC_CHECK_FUNCS(lwres_getrrsetbyname)
624	else
625		echo "FATAL: $liblwres_dir/lib or $liblwres_dir/include not found"
626		exit 1
627	fi
628fi
629AC_CHECK_FUNCS(getrrsetbyname)
630
631dnl Checks for header files.
632AC_HEADER_STDC
633AC_HEADER_SYS_WAIT
634AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h)
635signing=yes
636if test "$enable_rc5" = "yes"; then
637	rc5header=openssl/rc5.h
638else
639	rc5header=
640fi
641if test "$enable_idea" = "yes"; then
642	ideaheader=openssl/idea.h
643else
644	ideaheader=
645fi
646AC_CHECK_HEADERS($ideaheader $rc5header openssl/rsa.h openssl/pem.h openssl/evp.h openssl/x509.h,
647	[], [nosymbol=`echo $ac_hdr | sed -e 's/.h$//' -e 's/^openssl.//' -e 's/^/NO_/' | tr 'a-z' 'A-Z'`
648	CPPFLAGS="$CPPFLAGS -D$nosymbol=1"
649	signing=no])
650if test $signing = "yes"; then
651	AC_DEFINE(HAVE_SIGNING_C)
652fi
653AC_CHECK_HEADERS(openssl/cversion.h openssl/opensslv.h)
654
655dnl checking rijndael
656AC_SUBST(CRYPTOBJS)
657AC_CHECK_HEADER(openssl/rijndael.h, [], [
658	CPPFLAGS="$CPPFLAGS -I./missing"
659	CRYPTOBJS="$CRYPTOBJS rijndael-api-fst.o rijndael-alg-fst.o"
660])
661
662dnl checking sha2
663AC_SUBST(CRYPTOBJS)
664AC_CHECK_HEADER(openssl/sha2.h, [], [
665	CPPFLAGS="$CPPFLAGS -I./missing"
666	CRYPTOBJS="$CRYPTOBJS sha2.o"
667])
668
669dnl Checks for typedefs, structures, and compiler characteristics.
670AC_C_CONST
671AC_TYPE_PID_T
672AC_TYPE_SIZE_T
673AC_HEADER_TIME
674AC_STRUCT_TM
675
676dnl Checks for library functions.
677AC_FUNC_MEMCMP
678AC_TYPE_SIGNAL
679AC_FUNC_VPRINTF
680AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul)
681AC_REPLACE_FUNCS(strdup)
682
683dnl expand ${sysconfdir}, ugly...
684if test "x$prefix" = xNONE; then
685	sysconfdir_x=`echo $sysconfdir | sed -e 's,${prefix},'"$ac_default_prefix,"`
686else
687	sysconfdir_x=`echo $sysconfdir | sed -e 's,${prefix},'"$prefix,"`
688
689fi
690AC_SUBST(sysconfdir_x)
691
692dnl Checks for getifaddrs
693AC_CHECK_FUNCS(getifaddrs)
694
695dnl defines package version
696AC_MSG_CHECKING(if --with-pkgversion option is specified)
697AC_ARG_WITH(pkgversion, [  --with-pkgversion=VERSION   specify package version],
698	[AC_MSG_RESULT($withval)
699	CPPFLAGS="$CPPFLAGS -DRACOON_PKG_VERSION=\"\\\"$withval\\\"\""],
700	[AC_MSG_RESULT(no)
701	pkgversion=no])
702
703AC_OUTPUT(Makefile samples/psk.txt samples/racoon.conf)
704