Context Navigation

configure.ac @ ff36f5e

55-freebsd-126-freebsd-12

Last change on this file since ff36f5e was ff36f5e, checked in by Christian Mauderer <christian.mauderer@…>, on 05/30/18 at 12:27:35

Import ipsec-tools 0.8.2.

Import unchanged ipsec-tools sources in the release version 0.8.2. The
homepage of ipsec-tools is http://ipsec-tools.sourceforge.net/. The
sources can be obtained from there.

Property mode set to 100644

File size: 23.0 KB

Rev	Line
[ff36f5e]	1	dnl -- mode: m4 --
	2	dnl Id: configure.ac,v 1.77 2006/07/20 19:19:27 manubsd Exp
	3
	4	AC_PREREQ(2.52)
	5	AC_INIT(ipsec-tools, 0.8.2)
	6	AC_CONFIG_SRCDIR([configure.ac])
	7	AC_CONFIG_HEADERS(config.h)
	8
	9	AM_INIT_AUTOMAKE(dist-bzip2)
	10
	11	AC_ENABLE_SHARED(no)
	12
	13	AC_PROG_CC
	14	AC_HEADER_STDC
	15	AC_PROG_LIBTOOL
	16	AC_PROG_YACC
	17	AM_PROG_LEX
	18	AC_SUBST(LEXLIB)
	19	AC_PROG_EGREP
	20
	21	CFLAGS_ADD="$CFLAGS_ADD -Wall -Werror -Wno-unused"
	22
	23	case $host in
	24	netbsd)
	25	LDFLAGS="-Wl,-R/usr/pkg/lib $LDFLAGS"
	26	;;
	27	linux)
	28	LIBS="$LIBS -lresolv"
	29	INSTALL_OPTS="-o bin -g bin"
	30	INCLUDE_GLIBC="include-glibc"
	31	RPM="rpm"
	32	AC_SUBST(INSTALL_OPTS)
	33	AC_SUBST(INCLUDE_GLIBC)
	34	AC_SUBST(RPM)
	35	;;
	36	darwin)
	37	LIBS="$LIBS -lresolv"
	38	;;
	39	esac
	40
	41	# Look up some IPsec-related headers
	42	AC_CHECK_HEADER(net/pfkeyv2.h, [have_net_pfkey=yes], [have_net_pfkey=no])
	43	AC_CHECK_HEADER(netinet/ipsec.h, [have_netinet_ipsec=yes], [have_netinet_ipsec=no])
	44	AC_CHECK_HEADER(netinet6/ipsec.h, [have_netinet6_ipsec=yes], [have_netinet6_ipsec=no])
	45	AC_CHECK_HEADER(netipsec/ipsec.h, [have_netipsec_ipsec=yes], [have_netipsec_ipsec=no])
	46
	47	# FreeBSD >=7 has only <netipsec/ipsec.h>
	48	# NetBSD has <netinet6/ipsec.h> but not <netinet/ipsec.h>
	49	# XXX some *BSD still have both <netinet6/ipsec.h> and <netipsec/ipsec.h>,
	50	# we can't decide which one to use (actually <netinet6/ipsec.h>)
	51
	52
	53	if test "$have_netinet_ipsec$have_netinet6_ipsec$have_netipsec_ipsec" = nonoyes; then
	54	have_netinet_ipsec=yes
	55	AC_DEFINE(PATH_IPSEC_H, [<netipsec/ipsec.h>], [Path to ipsec.h])
	56	else
	57	if test "$have_netinet_ipsec$have_netinet6_ipsec" = noyes; then
	58	have_netinet_ipsec=yes
	59	AC_DEFINE(PATH_IPSEC_H, [<netinet6/ipsec.h>], [Path to ipsec.h])
	60	else
	61	# have_netinet_ipsec will be checked a few lines below
	62	AC_DEFINE(PATH_IPSEC_H, [<netinet/ipsec.h>], [Path to ipsec.h])
	63	fi
	64	fi
	65
	66	case "$host_os" in
	67	linux)
	68	AC_ARG_WITH(kernel-headers,
	69	AC_HELP_STRING([--with-kernel-headers=/lib/modules/<uname>/build/include],
	70	[where your Linux Kernel headers are installed]),
	71	[ KERNEL_INCLUDE="$with_kernel_headers"
	72	CONFIGURE_AMFLAGS="--with-kernel-headers=$with_kernel_headers"
	73	AC_SUBST(CONFIGURE_AMFLAGS) ],
	74	[ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ])
	75
	76	AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, ,
	77	[ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h,
	78	KERNEL_INCLUDE=/usr/src/linux/include ,
	79	[ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] )
	80	AC_SUBST(KERNEL_INCLUDE)
	81	# We need the configure script to run with correct kernel headers.
	82	# However we don't want to point to kernel source tree in compile time,
	83	# i.e. this will be removed from CPPFLAGS at the end of configure.
	84	CPPFLAGS="-I$KERNEL_INCLUDE $CPPFLAGS"
	85
	86	AC_CHECK_MEMBER(struct sadb_x_policy.sadb_x_policy_priority,
	87	[AC_DEFINE(HAVE_PFKEY_POLICY_PRIORITY, [],
	88	[Are PF_KEY policy priorities supported?])], [],
	89	[#include "$KERNEL_INCLUDE/linux/pfkeyv2.h"])
	90
	91	GLIBC_BUGS='-include ${top_srcdir}/src/include-glibc/glibc-bugs.h -I${top_srcdir}/src/include-glibc -I${top_builddir}/src/include-glibc'
	92	GLIBC_BUGS_LOCAL="-include ${srcdir-.}/src/include-glibc/glibc-bugs.h -I${srcdir-.}/src/include-glibc -I./src/include-glibc"
	93	CPPFLAGS="$GLIBC_BUGS_LOCAL $CPPFLAGS"
	94	CPPFLAGS="-D_GNU_SOURCE $CPPFLAGS"
	95	AC_SUBST(GLIBC_BUGS)
	96	;;
	97	*)
	98	if test "$have_net_pfkey$have_netinet_ipsec" != yesyes; then
	99	if test "$have_net_pfkey" = yes; then
	100	AC_MSG_ERROR([Found net/pfkeyv2.h but not netinet/ipsec.h. Aborting.])
	101	else
	102	AC_MSG_ERROR([Found netinet/ipsec.h but not net/pfkeyv2.h. Aborting.])
	103	fi
	104	fi
	105	;;
	106	esac
	107
	108	### Some basic toolchain checks
	109
	110	# Checks for header files.
	111	AC_HEADER_STDC
	112	AC_HEADER_SYS_WAIT
	113	AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h)
	114	AC_CHECK_HEADERS(shadow.h)
	115
	116	# Checks for typedefs, structures, and compiler characteristics.
	117	AC_C_CONST
	118	AC_TYPE_PID_T
	119	AC_TYPE_SIZE_T
	120	AC_HEADER_TIME
	121	AC_STRUCT_TM
	122
	123	# Checks for library functions.
	124	AC_FUNC_MEMCMP
	125	AC_TYPE_SIGNAL
	126	AC_FUNC_VPRINTF
	127	AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul strlcpy strlcat)
	128	AC_REPLACE_FUNCS(strdup)
	129	RACOON_CHECK_VA_COPY
	130
	131	# Check if printf accepts "%z" type modifier for size_t argument
	132	AC_MSG_CHECKING(if printf accepts %z)
	133	saved_CFLAGS=$CFLAGS
	134	CFLAGS="$CFLAGS -Wall -Werror"
	135	AC_TRY_COMPILE([
	136	#include <stdio.h>
	137	], [
	138	printf("%zu\n", (size_t)-1);
	139	],
	140	[AC_MSG_RESULT(yes)],
	141	[AC_MSG_RESULT(no);
	142	CFLAGS_ADD="$CFLAGS_ADD -Wno-format";
	143	AC_DEFINE(BROKEN_PRINTF, [], [If printf doesn't support %zu.])
	144	])
	145	CFLAGS=$saved_CFLAGS
	146
	147	# Can we use __func__ macro?
	148	AC_MSG_CHECKING(if __func__ is available)
	149	AC_TRY_COMPILE(
	150	[#include <stdio.h>
	151	], [char *x = __func__;],
	152	[AC_DEFINE([HAVE_FUNC_MACRO], [], [Have __func__ macro])
	153	AC_MSG_RESULT(yes)],
	154	[AC_MSG_RESULT(no)])
	155
	156	# Check if readline support is requested
	157	AC_MSG_CHECKING(if readline support is requested)
	158	AC_ARG_WITH(readline,
	159	[ --with-readline support readline input (yes by default)],
	160	[with_readline="$withval"], [with_readline="yes"])
	161	AC_MSG_RESULT($with_readline)
	162
	163	# Is readline available?
	164	if test $with_readline != "no"; then
	165	AC_CHECK_HEADER([readline/readline.h],
	166	[AC_CHECK_LIB(readline, readline, [
	167	AC_DEFINE(HAVE_READLINE, [],
	168	[Is readline available?])
	169	LIBS="$LIBS -lreadline"
	170	], [])], [])
	171	fi
	172
	173
	174	AC_MSG_CHECKING(if --with-flex option is specified)
	175	AC_ARG_WITH(flexdir,
	176	[AC_HELP_STRING([--with-flex], [use directiory (default: no)])],
	177	[flexdir="$withval"])
	178	AC_MSG_RESULT(${flexdir-dirdefault})
	179
	180	if test "x$flexdir" != "x"; then
	181	LIBS="$LIBS $flexdir/libfl.a"
	182	fi
	183
	184	AC_MSG_CHECKING(if --with-flexlib option is specified)
	185	AC_ARG_WITH(flexlib,
	186	[ --with-flexlib=<LIB> specify flex library.],
	187	[flexlib="$withval"])
	188	AC_MSG_RESULT(${flexlib-default})
	189
	190	if test "x$flexlib" != "x"; then
	191	LIBS="$LIBS $flexlib"
	192	fi
	193
	194	# Check if a different OpenSSL directory was specified
	195	AC_MSG_CHECKING(if --with-openssl option is specified)
	196	AC_ARG_WITH(openssl, [ --with-openssl=DIR specify OpenSSL directory],
	197	[crypto_dir=$withval])
	198	AC_MSG_RESULT(${crypto_dir-default})
	199
	200	if test "x$crypto_dir" != "x"; then
	201	LIBS="$LIBS -L${crypto_dir}/lib"
	202	CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS"
	203	fi
	204	AC_MSG_CHECKING(openssl version)
	205
	206	AC_TRY_COMPILE(
	207	[#include <openssl/opensslv.h>
	208	],
	209	[#if OPENSSL_VERSION_NUMBER < 0x0090813fL
	210	#error OpenSSL version is too old ...
	211	#endif],
	212	[AC_MSG_RESULT([ok])],
	213	[AC_MSG_RESULT(too old)
	214	AC_MSG_ERROR([OpenSSL version must be 0.9.8s or higher. Aborting.])
	215	])
	216
	217	AC_CHECK_HEADERS(openssl/engine.h)
	218
	219	# checking rijndael
	220	AC_CHECK_HEADERS([openssl/aes.h], [],
	221	[CRYPTOBJS="$CRYPTOBJS rijndael-api-fst.o rijndael-alg-fst.o"])
	222
	223	# checking sha2
	224	AC_MSG_CHECKING(sha2 support)
	225	AC_DEFINE([WITH_SHA2], [], [SHA2 support])
	226	AC_MSG_RESULT(yes)
	227	AC_CHECK_HEADER(openssl/sha2.h, [], [
	228	AC_MSG_CHECKING(if sha2 is defined in openssl/sha.h)
	229	AC_TRY_COMPILE([
	230	#ifdef HAVE_SYS_TYPES_H
	231	#include <sys/types.h>
	232	#endif
	233	#include <openssl/sha.h>
	234	], [
	235	SHA256_CTX ctx;
	236	], [
	237	AC_MSG_RESULT(yes)
	238	AC_DEFINE([HAVE_SHA2_IN_SHA_H], [], [sha2 is defined in sha.h])
	239	], [AC_MSG_RESULT(no)
	240	AC_LIBOBJ([sha2])
	241	CRYPTOBJS="$CRYPTOBJS sha2.o"
	242	])
	243
	244	CPPFLAGS_ADD="$CPPFLAGS_ADD -I\${top_srcdir}/src/racoon/missing"
	245	])
	246	AC_SUBST(CRYPTOBJS)
	247
	248	# checking camellia
	249	AC_CHECK_HEADERS([openssl/camellia.h])
	250
	251
	252	# Option --enable-adminport
	253	AC_MSG_CHECKING(if --enable-adminport option is specified)
	254	AC_ARG_ENABLE(adminport,
	255	[ --enable-adminport enable admin port],
	256	[], [enable_adminport=no])
	257	if test $enable_adminport = "yes"; then
	258	AC_DEFINE([ENABLE_ADMINPORT], [], [Enable admin port])
	259	fi
	260	AC_MSG_RESULT($enable_adminport)
	261
	262	# Option RC5
	263	AC_MSG_CHECKING(if --enable-rc5 option is specified)
	264	AC_ARG_ENABLE(rc5,
	265	[ --enable-rc5 enable RC5 encryption (patented)],
	266	[], [enable_rc5=no])
	267	AC_MSG_RESULT($enable_rc5)
	268
	269	if test $enable_rc5 = "yes"; then
	270	AC_CHECK_HEADERS([openssl/rc5.h])
	271	AC_CHECK_LIB([crypto_rc5], [RC5_32_encrypt],
	272	[EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_rc5"])
	273	fi
	274
	275	# Option IDEA
	276	AC_MSG_CHECKING(if --enable-idea option is specified)
	277	AC_ARG_ENABLE(idea,
	278	[ --enable-idea enable IDEA encryption (patented)],
	279	[], [enable_idea=no])
	280	AC_MSG_RESULT($enable_idea)
	281
	282	if test $enable_idea = "yes"; then
	283	AC_CHECK_HEADERS([openssl/idea.h])
	284	AC_CHECK_LIB([crypto_idea], [idea_encrypt],
	285	[EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_idea"])
	286	fi
	287	AC_SUBST(EXTRA_CRYPTO)
	288
	289	# For dynamic libradius
	290	RACOON_PATH_LIBS([MD5_Init], [crypto])
	291
	292	# Check if we need -lutil for login(3)
	293	RACOON_PATH_LIBS([login], [util])
	294
	295	# Specify libiconv prefix
	296	AC_MSG_CHECKING(if --with-libiconv option is specified)
	297	AC_ARG_WITH(libiconv,
	298	[ --with-libiconv=DIR specify libiconv path (like/usr/pkg)],
	299	[libiconv_dir=$withval],
	300	[libiconv_dir=no])
	301	AC_MSG_RESULT($libiconv_dir)
	302	if test "$libiconv_dir" != "no"; then
	303	if test "$libiconv_dir" = "yes" ; then
	304	libiconv_dir="";
	305	fi;
	306	if test "x$libiconv_dir" = "x"; then
	307	RACOON_PATH_LIBS([iconv_open], [iconv])
	308	else
	309	if test -d "$libiconv_dir/lib" -a \
	310	-d "$libiconv_dir/include" ; then
	311	RACOON_PATH_LIBS([iconv_open], [iconv], ["$libiconv_dir/lib"])
	312	CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libiconv_dir/include"
	313	else
	314	AC_MSG_ERROR([ICONV libs or includes not found. Aborting.])
	315	fi
	316	fi
	317	LIBS="$LIBS -L$libiconv_dir/lib -R$libiconv_dir/lib -liconv"
	318	AC_CHECK_FUNCS(iconv_open)
	319	fi
	320
	321	AC_MSG_CHECKING([if --enable-hybrid option is specified])
	322	AC_ARG_ENABLE(hybrid,
	323	[ --enable-hybrid enable hybrid, both mode-cfg and xauth support],
	324	[], [enable_hybrid=no])
	325	AC_MSG_RESULT($enable_hybrid)
	326
	327	if test "x$enable_hybrid" = "xyes"; then
	328	case $host in
	329	darwin)
	330	;;
	331	*)
	332	LIBS="$LIBS -lcrypt";
	333	;;
	334	esac
	335	HYBRID_OBJS="isakmp_xauth.o isakmp_cfg.o isakmp_unity.o throttle.o"
	336	AC_SUBST(HYBRID_OBJS)
	337	AC_DEFINE([ENABLE_HYBRID], [], [Hybrid authentication support])
	338	fi
	339
	340	AC_MSG_CHECKING([if --enable-frag option is specified])
	341	AC_ARG_ENABLE(frag,
	342	[ --enable-frag enable IKE fragmentation payload support],
	343	[], [enable_frag=no])
	344	AC_MSG_RESULT($enable_frag)
	345
	346	if test "x$enable_frag" = "xyes"; then
	347	case $host in
	348	darwin)
	349	;;
	350	*)
	351	LIBS="$LIBS -lcrypt";
	352	;;
	353	esac
	354	FRAG_OBJS="isakmp_frag.o"
	355	AC_SUBST(FRAG_OBJS)
	356	AC_DEFINE([ENABLE_FRAG], [], [IKE fragmentation support])
	357	fi
	358
	359	AC_MSG_CHECKING(if --with-libradius option is specified)
	360	AC_ARG_WITH(libradius,
	361	[ --with-libradius=DIR specify libradius path (like/usr/pkg)],
	362	[libradius_dir=$withval],
	363	[libradius_dir=no])
	364	AC_MSG_RESULT($libradius_dir)
	365	if test "$libradius_dir" != "no"; then
	366	if test "$libradius_dir" = "yes" ; then
	367	libradius_dir="";
	368	fi;
	369	if test "x$libradius_dir" = "x"; then
	370	RACOON_PATH_LIBS([rad_create_request], [radius])
	371	else
	372	if test -d "$libradius_dir/lib" -a \
	373	-d "$libradius_dir/include" ; then
	374	RACOON_PATH_LIBS([rad_create_request], [radius], ["$libradius_dir/lib"])
	375	CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include"
	376	else
	377	AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.])
	378	fi
	379	fi
	380	AC_DEFINE([HAVE_LIBRADIUS], [], [Hybrid authentication uses RADIUS])
	381	LIBS="$LIBS -L$libradius_dir/lib -R$libradius_dir/lib -lradius"
	382	AC_CHECK_FUNCS(rad_create_request)
	383	fi
	384
	385	AC_MSG_CHECKING(if --with-libpam option is specified)
	386	AC_ARG_WITH(libpam,
	387	[ --with-libpam=DIR specify libpam path (like/usr/pkg)],
	388	[libpam_dir=$withval],
	389	[libpam_dir=no])
	390	AC_MSG_RESULT($libpam_dir)
	391	if test "$libpam_dir" != "no"; then
	392	if test "$libpam_dir" = "yes" ; then
	393	libpam_dir="";
	394	fi;
	395	if test "x$libpam_dir" = "x"; then
	396	RACOON_PATH_LIBS([pam_start], [pam])
	397	else
	398	if test -d "$libpam_dir/lib" -a \
	399	-d "$libpam_dir/include" ; then
	400	RACOON_PATH_LIBS([pam_start], [pam], ["$libpam_dir/lib"])
	401	CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include"
	402	else
	403	AC_MSG_ERROR([PAM libs or includes not found. Aborting.])
	404	fi
	405	fi
	406	AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM])
	407	LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam"
	408	AC_CHECK_FUNCS(pam_start)
	409	fi
	410
	411	AC_MSG_CHECKING(if --with-libldap option is specified)
	412	AC_ARG_WITH(libldap,
	413	[ --with-libldap=DIR specify libldap path (like/usr/pkg)],
	414	[libldap_dir=$withval],
	415	[libldap_dir=no])
	416	AC_MSG_RESULT($libldap_dir)
	417	if test "$libldap_dir" != "no"; then
	418	if test "$libldap_dir" = "yes" ; then
	419	libldap_dir="";
	420	fi;
	421	if test "x$libldap_dir" = "x"; then
	422	RACOON_PATH_LIBS([ldap_init], [ldap])
	423	else
	424	if test -d "$libldap_dir/lib" -a \
	425	-d "$libldap_dir/include" ; then
	426	RACOON_PATH_LIBS([ldap_init], [ldap], ["$libldap_dir/lib"])
	427	CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libldap_dir/include"
	428	else
	429	AC_MSG_ERROR([LDAP libs or includes not found. Aborting.])
	430	fi
	431	fi
	432	AC_DEFINE([HAVE_LIBLDAP], [], [Hybrid authentication uses LDAP])
	433	LIBS="$LIBS -L$libldap_dir/lib -R$libldap_dir/lib -lldap"
	434
	435	saved_CFLAGS=$CFLAGS
	436	CFLAGS="$CFLAGS -Wall -Werror"
	437	saved_CPPFLAGS=$CPPFLAGS
	438	CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD"
	439	AC_TRY_COMPILE(
	440	[#include <ldap.h>],
	441	[
	442	#if LDAP_API_VERSION < 2004
	443	#error OpenLDAP version is too old ...
	444	#endif
	445	],
	446	[AC_MSG_RESULT([ok])],
	447	[
	448	AC_MSG_RESULT(too old)
	449	AC_MSG_ERROR([OpenLDAP version must be 2.0 or higher. Aborting.])
	450	])
	451	CFLAGS=$saved_CFLAGS
	452	CPPFLAGS=$saved_CPPFLAGS
	453	fi
	454
	455	# Check for Kerberos5 support
	456	# XXX This must come after all --with-* tests, else the
	457	# -liconv checks will not work
	458	AC_MSG_CHECKING(if --enable-gssapi option is specified)
	459	AC_ARG_ENABLE(gssapi,
	460	[ --enable-gssapi enable GSS-API authentication],
	461	[], [enable_gssapi=no])
	462	AC_MSG_RESULT($enable_gssapi)
	463	AC_PATH_PROG(KRB5_CONFIG,krb5-config,no)
	464	if test "x$enable_gssapi" = "xyes"; then
	465	if test "$KRB5_CONFIG" != "no"; then
	466	krb5_incdir="`$KRB5_CONFIG --cflags gssapi`"
	467	krb5_libs="`$KRB5_CONFIG --libs gssapi`"
	468	else
	469	# No krb5-config; let's make some assumptions based on
	470	# the OS.
	471	case $host_os in
	472	netbsd*)
	473	krb5_incdir="-I/usr/include/krb5"
	474	krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1"
	475	;;
	476	*)
	477	AC_MSG_ERROR([krb5-config not found, but needed for GSSAPI support. Aborting.])
	478	;;
	479	esac
	480	fi
	481	LIBS="$LIBS $krb5_libs"
	482	CPPFLAGS_ADD="$krb5_incdir $CPPFLAGS_ADD"
	483	AC_DEFINE([HAVE_GSSAPI], [], [Enable GSS API])
	484
	485	# Check if iconv 2nd argument needs const
	486	saved_CFLAGS=$CFLAGS
	487	CFLAGS="$CFLAGS -Wall -Werror"
	488	saved_CPPFLAGS=$CPPFLAGS
	489	CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD"
	490	AC_CHECK_HEADER([iconv.h], [], [AC_MSG_ERROR([iconv.h not found, but needed for GSSAPI support. Aborting.])])
	491	AC_MSG_CHECKING([if iconv second argument needs const])
	492	AC_TRY_COMPILE([
	493	#include <iconv.h>
	494	#include <stdio.h>
	495	], [
	496	iconv_t cd = NULL;
	497	const char **src = NULL;
	498	size_t *srcleft = NULL;
	499	char **dst = NULL;
	500	size_t *dstleft = NULL;
	501
	502	(void)iconv(cd, src, srcleft, dst, dstleft);
	503	], [AC_MSG_RESULT(yes)
	504	AC_DEFINE([HAVE_ICONV_2ND_CONST], [], [Have iconv using const])
	505	], [AC_MSG_RESULT(no)])
	506	CFLAGS=$saved_CFLAGS
	507	CPPFLAGS=$saved_CPPFLAGS
	508
	509	# libiconv is often integrated into libc. If a with-* option
	510	# caused a non libc-based iconv.h to be catched instead of
	511	# the libc-based iconv.h, then we need to link with -liconv
	512	AC_MSG_CHECKING(if -liconv is required)
	513	saved_CPPFLAGS=$CPPFLAGS
	514	saved_LIBS=$LIBS
	515	CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD"
	516	AC_TRY_LINK([
	517	#include <iconv.h>
	518	], [
	519	(void)iconv_open("ascii", "ascii");
	520	],
	521	[AC_MSG_RESULT(no)],
	522	[
	523	LIBS="$LIBS -liconv"
	524	AC_TRY_LINK([
	525	#include <iconv.h>
	526	], [
	527	(void)iconv_open("ascii", "ascii");
	528	],
	529	[
	530	AC_MSG_RESULT(yes)
	531	saved_LIBS=$LIBS
	532	], [
	533	AC_MSG_ERROR([cannot use iconv])
	534	])
	535	])
	536	CPPFLAGS=$saved_CPPFLAGS
	537	LIBS=$saved_LIBS
	538	fi
	539
	540	AC_MSG_CHECKING(if --enable-stats option is specified)
	541	AC_ARG_ENABLE(stats,
	542	[ --enable-stats enable statistics logging function],
	543	[], [enable_stats=no])
	544	if test "x$enable_stats" = "xyes"; then
	545	AC_DEFINE([ENABLE_STATS], [], [Enable statictics])
	546	fi
	547	AC_MSG_RESULT($enable_stats)
	548
	549	AC_MSG_CHECKING(if --enable-dpd option is specified)
	550	AC_ARG_ENABLE(dpd,
	551	[ --enable-dpd enable dead peer detection],
	552	[], [enable_dpd=no])
	553	if test "x$enable_dpd" = "xyes"; then
	554	AC_DEFINE([ENABLE_DPD], [], [Enable dead peer detection])
	555	fi
	556	AC_MSG_RESULT($enable_dpd)
	557
	558	AC_MSG_CHECKING(if --enable-samode-unspec option is specified)
	559	AC_ARG_ENABLE(samode-unspec,
	560	[ --enable-samode-unspec enable to use unspecified a mode of SA],
	561	[], [enable_samode_unspec=no])
	562	if test "x$enable_samode_unspec" = "xyes"; then
	563	case $host_os in
	564	linux)
	565	cat << EOC
	566
	567	ERROR: --enable-samode-unspec is not supported under linux
	568	because linux kernel do not support it. This option is disabled
	569	to prevent mysterious problems.
	570
	571	If you REALLY know what your are doing, remove this check.
	572	EOC
	573	exit 1;
	574	;;
	575	esac
	576	AC_DEFINE([ENABLE_SAMODE_UNSPECIFIED], [], [Enable samode-unspec])
	577	fi
	578	AC_MSG_RESULT($enable_samode_unspec)
	579
	580	# Checks if IPv6 is requested
	581	AC_MSG_CHECKING([whether to enable ipv6])
	582	AC_ARG_ENABLE(ipv6,
	583	[ --disable-ipv6 disable ipv6 support],
	584	[ case "$enableval" in
	585	no)
	586	AC_MSG_RESULT(no)
	587	ipv6=no
	588	;;
	589	*) AC_MSG_RESULT(yes)
	590	ipv6=yes
	591	;;
	592	esac ],
	593
	594	AC_TRY_RUN([ /* AF_INET6 avalable check */
	595	#include <sys/types.h>
	596	#include <sys/socket.h>
	597	main()
	598	{
	599	exit(0);
	600	if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
	601	exit(1);
	602	else
	603	exit(0);
	604	}
	605	],
	606	AC_MSG_RESULT(yes)
	607	AC_DEFINE([INET6], [], [Support IPv6])
	608	ipv6=yes,
	609	AC_MSG_RESULT(no)
	610	ipv6=no,
	611	AC_MSG_RESULT(no)
	612	ipv6=no
	613	))
	614
	615	if test "$ipv6" = "yes"; then
	616	AC_DEFINE([INET6], [], [Support IPv6])
	617	AC_MSG_CHECKING(for advanced API support)
	618	AC_TRY_COMPILE([#ifndef INET6
	619	#define INET6
	620	#endif
	621	#include <sys/types.h>
	622	#include <netinet/in.h>],
	623	[struct in6_pktinfo a;],
	624	[AC_MSG_RESULT(yes)
	625	AC_DEFINE([INET6_ADVAPI], [], [Use advanced IPv6 API])],
	626	[AC_MSG_RESULT(no)])
	627	fi
	628
	629	RACOON_CHECK_BUGGY_GETADDRINFO
	630	if test "$buggygetaddrinfo" = "yes"; then
	631	AC_MSG_ERROR([Broken getaddrinfo() is no longer supported. Aborting.])
	632	fi
	633
	634	# Check if kernel support is available for NAT-T, defaults to no.
	635	kernel_natt="no"
	636
	637	AC_MSG_CHECKING(kernel NAT-Traversal support)
	638	case $host_os in
	639	linux*)
	640	# Linux kernel NAT-T check
	641	AC_EGREP_CPP(yes,
	642	[#include <linux/pfkeyv2.h>
	643	#ifdef SADB_X_EXT_NAT_T_TYPE
	644	yes
	645	#endif
	646	], [kernel_natt="yes"])
	647	;;
	648	freebsd\|netbsd)
	649	# NetBSD case
	650	# Same check for FreeBSD
	651	AC_CHECK_MEMBER(struct sadb_x_nat_t_type.sadb_x_nat_t_type_len,
	652	[kernel_natt="yes"],, [
	653	#define _KERNEL
	654	#include <sys/types.h>
	655	#include <net/pfkeyv2.h>
	656	])
	657	;;
	658	esac
	659	AC_MSG_RESULT($kernel_natt)
	660
	661	AC_MSG_CHECKING(whether to support NAT-T)
	662	AC_ARG_ENABLE(natt,
	663	[ --enable-natt enable NAT-Traversal (yes/no/kernel)],
	664	[ if test "$enable_natt" = "kernel"; then enable_natt=$kernel_natt; fi ],
	665	[ enable_natt=no ])
	666	AC_MSG_RESULT($enable_natt)
	667
	668	if test "$enable_natt" = "yes"; then
	669	if test "$kernel_natt" = "no" ; then
	670	AC_MSG_ERROR([NAT-T requested, but no kernel support! Aborting.])
	671	else
	672	AC_DEFINE([ENABLE_NATT], [], [Enable NAT-Traversal])
	673	NATT_OBJS="nattraversal.o"
	674	AC_SUBST(NATT_OBJS)
	675	fi
	676	fi
	677
	678	# Set up defines for supported NAT-T versions.
	679	natt_versions_default="00,02,rfc"
	680	AC_MSG_CHECKING(which NAT-T versions to support)
	681	AC_ARG_ENABLE(natt_versions,
	682	[ --enable-natt-versions=list list of supported NAT-T versions delimited by coma.],
	683	[ test "$enable_natt_versions" = "yes" && enable_natt_versions=$natt_versions_default ],
	684	[ enable_natt_versions=$natt_versions_default ])
	685	if test "$enable_natt" = "yes"; then
	686	AC_MSG_RESULT($enable_natt_versions)
	687	for i in `echo $enable_natt_versions \| tr ',cfr' ' CFR'`; do
	688	case $i in
	689	0\|00) AC_DEFINE([ENABLE_NATT_00], [], [Enable NAT-Traversal draft 00]) ;;
	690	1\|01) AC_DEFINE([ENABLE_NATT_01], [], [Enable NAT-Traversal draft 01]) ;;
	691	2\|02) AC_DEFINE([ENABLE_NATT_02], [], [Enable NAT-Traversal draft 02]) ;;
	692	3\|03) AC_DEFINE([ENABLE_NATT_03], [], [Enable NAT-Traversal draft 03]) ;;
	693	4\|04) AC_DEFINE([ENABLE_NATT_04], [], [Enable NAT-Traversal draft 04]) ;;
	694	5\|05) AC_DEFINE([ENABLE_NATT_05], [], [Enable NAT-Traversal draft 05]) ;;
	695	6\|06) AC_DEFINE([ENABLE_NATT_06], [], [Enable NAT-Traversal draft 06]) ;;
	696	7\|07) AC_DEFINE([ENABLE_NATT_07], [], [Enable NAT-Traversal draft 07]) ;;
	697	8\|08) AC_DEFINE([ENABLE_NATT_08], [], [Enable NAT-Traversal draft 08]) ;;
	698	RFC) AC_DEFINE([ENABLE_NATT_RFC], [], [Enable NAT-Traversal RFC version]) ;;
	699	*) AC_MSG_ERROR([Unknown NAT-T version. Aborting.]) ;;
	700	esac
	701	done
	702	unset i
	703	else
	704	AC_MSG_RESULT([none])
	705	fi
	706
	707	AC_MSG_CHECKING(if --enable-broken-natt option is specified)
	708	AC_ARG_ENABLE(broken-natt,
	709	[ --enable-broken-natt broken in-kernel NAT-T],
	710	[], [enable_broken_natt=no])
	711	if test "x$enable_broken_natt" = "xyes"; then
	712	AC_DEFINE([BROKEN_NATT], [], [in-kernel NAT-T is broken])
	713	fi
	714	AC_MSG_RESULT($enable_broken_natt)
	715
	716	AC_MSG_CHECKING(whether we support FWD policy)
	717	case $host in
	718	linux)
	719	AC_TRY_COMPILE([
	720	#include <inttypes.h>
	721	#include <linux/ipsec.h>
	722	], [
	723	int fwd = IPSEC_DIR_FWD;
	724	],
	725	[AC_MSG_RESULT(yes)
	726	AC_DEFINE([HAVE_POLICY_FWD], [], [Have forward policy])],
	727	[AC_MSG_RESULT(no)])
	728	;;
	729	*)
	730	AC_MSG_RESULT(no)
	731	;;
	732	esac
	733
	734	AC_CHECK_TYPE([ipsec_policy_t],
	735	[AC_DEFINE([HAVE_IPSEC_POLICY_T], [], [Have ipsec_policy_t])],
	736	[],
	737	[
	738	#include <sys/types.h>
	739	#include <netinet6/ipsec.h>
	740	])
	741
	742	# Check if kernel support is available for Security Context, defaults to no.
	743	kernel_secctx="no"
	744
	745	AC_MSG_CHECKING(kernel Security Context support)
	746	case $host_os in
	747	linux*)
	748	# Linux kernel Security Context check
	749	AC_EGREP_CPP(yes,
	750	[#include <linux/pfkeyv2.h>
	751	#ifdef SADB_X_EXT_SEC_CTX
	752	yes
	753	#endif
	754	], [kernel_secctx="yes"])
	755	;;
	756	esac
	757	AC_MSG_RESULT($kernel_secctx)
	758
	759	AC_CHECK_HEADER(selinux/selinux.h,
	760	[AC_CHECK_LIB(selinux, avc_init, [selinux_support=yes],
	761	[selinux_support=no])], [selinux_support=no])
	762
	763	AC_MSG_CHECKING(whether to support Security Context)
	764	AC_ARG_ENABLE(security-context,
	765	[ --enable-security-context enable Security Context(yes/no/kernel)],
	766	[if test "$enable_security_context" = "kernel"; then
	767	enable_security_context=$kernel_secctx; fi],
	768	[enable_security_context=$kernel_secctx])
	769	AC_MSG_RESULT($enable_security_context)
	770
	771	if test "$enable_security_context" = "yes"; then
	772	if test "$kernel_secctx" = "no" ; then
	773	AC_MSG_ERROR([Security Context requested, but no kernel support! Aborting.])
	774	else
	775	if test "$selinux_support" = "no"; then
	776	AC_MSG_ERROR([Security Context requested, but no selinux support! Aborting.])
	777	else
	778	AC_DEFINE([HAVE_SECCTX], [], [Enable Security Context])
	779	SECCTX_OBJS="security.o"
	780	AC_SUBST(SECCTX_OBJS)
	781	LIBS="$LIBS -lselinux"
	782	fi
	783	fi
	784	fi
	785
	786	RACOON_PATH_LIBS([clock_gettime], [rt])
	787
	788	AC_MSG_CHECKING(for monotonic system clock)
	789	AC_TRY_COMPILE(
	790	[#include <time.h>],
	791	[clock_gettime(CLOCK_MONOTONIC, NULL);],
	792	[AC_DEFINE([HAVE_CLOCK_MONOTONIC], [], [Have a monotonic clock])
	793	AC_MSG_RESULT(yes)],
	794	[AC_MSG_RESULT(no)])
	795
	796	CFLAGS="$CFLAGS $CFLAGS_ADD"
	797	CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD"
	798
	799	case $host in
	800	linux)
	801	# Remove KERNEL_INCLUDE from CPPFLAGS. It will
	802	# be symlinked to src/include-glibc/linux in
	803	# compile time.
	804	CPPFLAGS=`echo $CPPFLAGS \| sed "s,-I$KERNEL_INCLUDE,,"`
	805	;;
	806	esac
	807
	808	include_racoondir=${includedir}/racoon
	809	AC_SUBST(include_racoondir)
	810
	811	AC_CONFIG_FILES([
	812	Makefile
	813	package_version.h
	814	src/Makefile
	815	src/include-glibc/Makefile
	816	src/libipsec/Makefile
	817	src/setkey/Makefile
	818	src/racoon/Makefile
	819	src/racoon/samples/psk.txt
	820	src/racoon/samples/racoon.conf
	821	rpm/Makefile
	822	rpm/suse/Makefile
	823	rpm/suse/ipsec-tools.spec
	824	])
	825	AC_OUTPUT

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: rtems-libbsd/ipsec-tools/configure.ac @ ff36f5e

Download in other formats: