1 | dnl Process this file with autoconf to produce a configure script. |
1 | dnl Process this file with autoconf to produce a configure script. |
2 | |
2 | |
3 | AC_PREREQ(2.57) |
3 | AC_PREREQ(2.57) |
4 | AC_INIT(src/vped.C) |
4 | AC_INIT(src/vped.C) |
5 | AC_CANONICAL_TARGET |
5 | AC_CANONICAL_TARGET |
6 | AM_INIT_AUTOMAKE(vpe, 1.0) |
6 | AM_INIT_AUTOMAKE(vpe, 1.2) |
7 | AM_CONFIG_HEADER(config.h) |
7 | AM_CONFIG_HEADER(config.h) |
8 | AM_MAINTAINER_MODE |
8 | AM_MAINTAINER_MODE |
9 | |
9 | |
10 | AH_TOP([ |
10 | AH_TOP([ |
11 | #ifndef CONFIG_H__ |
11 | #ifndef CONFIG_H__ |
… | |
… | |
61 | AC_PROG_MAKE_SET |
61 | AC_PROG_MAKE_SET |
62 | AC_PROG_RANLIB |
62 | AC_PROG_RANLIB |
63 | |
63 | |
64 | AC_ISC_POSIX |
64 | AC_ISC_POSIX |
65 | |
65 | |
66 | m4_if([ |
66 | AC_ARG_ENABLE(iftype, |
|
|
67 | [AC_HELP_STRING(--enable-iftype[=TYPE/SUBTYPE], [ |
|
|
68 | Use kernel/net device interface TYPE/SUBTYPE. |
|
|
69 | Working combinations are: |
|
|
70 | "native/linux" "tincd/linux" "tincd/freebsd"; |
|
|
71 | Untested combinations are: |
|
|
72 | "tincd/netbsd" "tincd/darwin" "tincd/solaris" |
|
|
73 | "tincd/openbsd" "tincd/cygwin"; |
|
|
74 | Broken combinations are: |
|
|
75 | "native/cygwin"; |
|
|
76 | The default is to autodetect. |
|
|
77 | ])], |
|
|
78 | [ |
|
|
79 | IFTYPE=`echo $enableval | sed s%/.*%%` |
|
|
80 | IFSUBTYPE=`echo $enableval | sed s%.*/%%` |
|
|
81 | ] |
|
|
82 | ) |
|
|
83 | |
67 | dnl Check and set OS |
84 | dnl Check and set OS |
|
|
85 | AC_MSG_CHECKING(for kernel networking interface type) |
68 | |
86 | |
|
|
87 | if test "x$IFTYPE" = "x"; then |
69 | case $target_os in |
88 | case $target_os in |
70 | *linux*) |
89 | *linux*) |
|
|
90 | IFTYPE=native |
|
|
91 | IFSUBTYPE=linux |
71 | AC_DEFINE(HAVE_LINUX, 1, [Linux]) |
92 | AC_DEFINE(HAVE_LINUX, 1, [Linux]) |
72 | [ rm -f src/device.c; ln -sf linux/device.c src/device.c ] |
93 | ;; |
73 | ;; |
|
|
74 | *freebsd*) |
94 | *freebsd*) |
|
|
95 | IFTYPE=tincd |
|
|
96 | IFSUBTYPE=freebsd |
75 | AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD]) |
97 | AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD]) |
76 | [ rm -f src/device.c; ln -sf freebsd/device.c src/device.c ] |
98 | ;; |
77 | ;; |
|
|
78 | *darwin*) |
99 | *darwin*) |
|
|
100 | IFTYPE=tincd |
|
|
101 | IFSUBTYPE=darwin |
79 | AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)]) |
102 | AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)]) |
80 | [ rm -f src/device.c; ln -sf darwin/device.c src/device.c ] |
103 | ;; |
81 | ;; |
|
|
82 | *solaris*) |
104 | *solaris*) |
|
|
105 | IFTYPE=tincd |
|
|
106 | IFSUBTYPE=solaris |
83 | AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS]) |
107 | AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS]) |
84 | [ rm -f src/device.c; ln -sf solaris/device.c src/device.c ] |
108 | ;; |
85 | ;; |
|
|
86 | *openbsd*) |
109 | *openbsd*) |
|
|
110 | IFTYPE=tincd |
|
|
111 | IFSUBTYPE=openbsd |
87 | AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD]) |
112 | AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD]) |
88 | [ rm -f src/device.c; ln -sf openbsd/device.c src/device.c ] |
113 | ;; |
89 | ;; |
|
|
90 | *netbsd*) |
114 | *netbsd*) |
|
|
115 | IFTYPE=tincd |
|
|
116 | IFSUBTYPE=netbsd |
91 | AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) |
117 | AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) |
92 | [ rm -f src/device.c; ln -sf netbsd/device.c src/device.c ] |
118 | ;; |
93 | ;; |
|
|
94 | *cygwin*) |
119 | *cygwin*) |
|
|
120 | IFTYPE=tincd |
|
|
121 | IFSUBTYPE=cygwin |
95 | AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin]) |
122 | AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin]) |
96 | [ rm -f src/device.c; ln -sf cygwin/device.c src/device.c ] |
123 | ;; |
97 | ;; |
124 | *) |
98 | *) |
|
|
99 | AC_MSG_ERROR("Unknown operating system.") |
125 | AC_MSG_ERROR("Unknown operating system.") |
100 | ;; |
126 | ;; |
101 | esac |
127 | esac |
102 | ]) |
128 | fi |
|
|
129 | AC_MSG_RESULT($IFTYPE/$IFSUBTYPE) |
|
|
130 | AC_SUBST(IFTYPE,$IFTYPE) |
|
|
131 | AC_SUBST(IFSUBTYPE,$IFSUBTYPE) |
103 | |
132 | |
104 | AC_CACHE_SAVE |
133 | AC_CACHE_SAVE |
105 | |
134 | |
106 | dnl Checks for libraries. |
135 | dnl Checks for libraries. |
107 | |
136 | |
108 | AC_LANG(C++) |
137 | AC_LANG(C++) |
109 | AC_CHECK_HEADERS(ext/hash_map) |
138 | AC_CHECK_HEADERS(ext/hash_map) |
110 | |
139 | |
111 | dnl Checks for header files. |
140 | dnl Checks for header files. |
112 | AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \ |
141 | AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \ |
113 | sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h cygwin.h]) |
142 | sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h cygwin.h arpa/inet.h \ |
|
|
143 | sys/poll.h sys/mman.h netinet/in.h]) |
114 | AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h], [], [], |
144 | AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h netinet/in_systm.h], [], [], |
|
|
145 | [ |
115 | [#include <sys/types.h> |
146 | #include <sys/types.h> |
116 | #include <sys/socket.h> |
147 | #include <sys/socket.h> |
|
|
148 | #ifdef HAVE_NETINET_IN_H |
|
|
149 | # include <netinet/in.h> |
|
|
150 | #endif |
|
|
151 | #ifdef HAVE_ARPA_INET_H |
|
|
152 | # include <arpa/inet.h> |
|
|
153 | #endif |
117 | #ifdef HAVE_NETINET_IN_SYSTM_H |
154 | #ifdef HAVE_NETINET_IN_SYSTM_H |
118 | #include <netinet/in_systm.h> |
155 | # include <netinet/in_systm.h> |
119 | #endif]) |
156 | #endif |
|
|
157 | ]) |
120 | |
158 | |
121 | dnl Checks for typedefs, structures, and compiler characteristics. |
159 | dnl Checks for typedefs, structures, and compiler characteristics. |
122 | AC_C_CONST |
160 | AC_C_CONST |
123 | AC_TYPE_PID_T |
161 | AC_TYPE_PID_T |
124 | AC_TYPE_SIZE_T |
162 | AC_TYPE_SIZE_T |
… | |
… | |
157 | |
195 | |
158 | AC_LANG_PUSH(C) |
196 | AC_LANG_PUSH(C) |
159 | |
197 | |
160 | AC_HEADER_STDC |
198 | AC_HEADER_STDC |
161 | |
199 | |
|
|
200 | dnl argl, could somebody catapult darwin into the 21st century??? |
162 | AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall) |
201 | AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall poll) |
163 | |
202 | |
164 | AC_FUNC_ALLOCA |
203 | AC_FUNC_ALLOCA |
165 | |
204 | |
166 | dnl Support for SunOS |
205 | dnl Support for SunOS |
167 | |
206 | |
… | |
… | |
202 | echo |
241 | echo |
203 | ] |
242 | ] |
204 | ) |
243 | ) |
205 | |
244 | |
206 | AC_ARG_ENABLE(icmp, |
245 | AC_ARG_ENABLE(icmp, |
207 | [AC_HELP_STRING(--enable-icmp, [enable icmp protocol support.])], |
246 | [AC_HELP_STRING(--enable-icmp, [enable icmp protocol support (default disabled).])], |
208 | AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.]) |
247 | AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.]) |
209 | ) |
248 | ) |
210 | |
249 | |
211 | AC_ARG_ENABLE(tcp, |
250 | AC_ARG_ENABLE(tcp, |
212 | [AC_HELP_STRING(--enable-tcp, [enable tcp protocol support.])], |
251 | [AC_HELP_STRING(--enable-tcp, [enable tcp protocol support (default disabled).])], |
213 | AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.]) |
252 | AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.]) |
214 | ) |
253 | ) |
215 | |
254 | |
216 | AC_ARG_ENABLE(http-proxy, |
255 | AC_ARG_ENABLE(http-proxy, |
217 | [AC_HELP_STRING(--enable-http-proxy, [enable http proxy connect support.])], |
256 | [AC_HELP_STRING(--enable-http-proxy, [enable http proxy connect support (default disabled).])], |
218 | AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.]) |
257 | AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.]) |
219 | ) |
258 | ) |
220 | |
259 | |
221 | HMAC=16 dnl see also the AC_HELP_STRING |
260 | HMAC=12 dnl see also the AC_HELP_STRING |
222 | AC_ARG_ENABLE(hmac-length, |
261 | AC_ARG_ENABLE(hmac-length, |
223 | [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 16). Allowed values are 4, 8, 12, 16.])], |
262 | [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], |
224 | HMAC=$enableval |
263 | HMAC=$enableval |
225 | ) |
264 | ) |
226 | AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) |
265 | AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) |
227 | |
266 | |
228 | RAND=8 dnl see also the AC_HELP_STRING |
267 | RAND=8 dnl see also the AC_HELP_STRING |
… | |
… | |
250 | |
289 | |
251 | CIPHER=bf_cbc |
290 | CIPHER=bf_cbc |
252 | AC_ARG_ENABLE(cipher, |
291 | AC_ARG_ENABLE(cipher, |
253 | [AC_HELP_STRING(--enable-cipher, [ |
292 | [AC_HELP_STRING(--enable-cipher, [ |
254 | Select the symmetric cipher (default "bf"). Must be one of |
293 | Select the symmetric cipher (default "bf"). Must be one of |
255 | "bf" (blowfish), "aes-128", "aes-192" or "aes-256".])], |
294 | "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])], |
256 | if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
295 | if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
257 | if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi |
296 | if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi |
258 | if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi |
297 | if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi |
259 | if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi |
298 | if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi |
260 | ) |
299 | ) |
… | |
… | |
262 | |
301 | |
263 | DIGEST=sha1 |
302 | DIGEST=sha1 |
264 | AC_ARG_ENABLE(digest, |
303 | AC_ARG_ENABLE(digest, |
265 | [AC_HELP_STRING(--enable-digest, [ |
304 | [AC_HELP_STRING(--enable-digest, [ |
266 | Select the digets algorithm to use (default "sha1"). Must be one of |
305 | Select the digets algorithm to use (default "sha1"). Must be one of |
267 | "sha1", "ripemd160", "md4" or "md5".])], |
306 | "sha1", "ripemd160", "md5" or "md4" (insecure).])], |
268 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
307 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
269 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
308 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
|
|
309 | if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi |
270 | if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi |
310 | if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi |
271 | if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi |
|
|
272 | ) |
311 | ) |
273 | AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) |
312 | AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) |
274 | |
|
|
275 | TRUST=1 |
|
|
276 | m4_if([ |
|
|
277 | AC_ARG_ENABLE(trust, |
|
|
278 | [AC_HELP_STRING(--enable-trust, [ |
|
|
279 | Make authentication faster but allow decoding by all hosts of a VPN. |
|
|
280 | Use this when the VPN hosts DO trust each other and you don't care |
|
|
281 | wether man-in-the-middle sniffing attacks are possible by admins |
|
|
282 | of other VPN hosts. On pentiums or similar machines this can cut down |
|
|
283 | the time for reconnects by 0.4 seconds or more.])], |
|
|
284 | if test "x$enableval" = xyes; then |
|
|
285 | TRUST=1 |
|
|
286 | fi |
|
|
287 | ) |
|
|
288 | ]) |
|
|
289 | AC_DEFINE_UNQUOTED(ENABLE_TRUST, $TRUST, [Faster, but VPN hosts may sniff each others data.]) |
|
|
290 | |
313 | |
291 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
314 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
292 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
315 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
293 | fi |
316 | fi |
294 | |
317 | |
… | |
… | |
308 | |
331 | |
309 | echo |
332 | echo |
310 | echo "***" |
333 | echo "***" |
311 | echo "*** Configuration Summary" |
334 | echo "*** Configuration Summary" |
312 | echo "***" |
335 | echo "***" |
|
|
336 | echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" |
313 | echo "*** Cipher used: $CIPHER" |
337 | echo "*** Cipher used: $CIPHER" |
314 | echo "*** Digest used: $DIGEST" |
338 | echo "*** Digest used: $DIGEST" |
315 | echo "*** HMAC length: $HMAC" |
339 | echo "*** HMAC length: $HMAC" |
316 | echo "*** RAND used: $RAND" |
340 | echo "*** RAND used: $RAND" |
317 | echo "*** Max. MTU: $MTU" |
341 | echo "*** Max. MTU: $MTU" |
318 | echo "*** Compression: $COMPRESS" |
342 | echo "*** Compression: $COMPRESS" |
319 | dnl echo "*** Trusted Mode: $TRUST" |
|
|
320 | echo "***" |
343 | echo "***" |
|
|
344 | |
|
|
345 | if test "x$DIGEST" = xmd4; then |
|
|
346 | echo "*** WARNING" |
|
|
347 | echo "*** The digest you have chosen ($DIGEST) is known to be insecure" |
|
|
348 | echo "***" |
|
|
349 | fi |
|
|
350 | |
321 | echo |
351 | echo |
322 | |
352 | |
323 | ]) |
353 | ]) |
324 | |
354 | |
325 | AC_SUBST(INCLUDES) |
355 | AC_SUBST(INCLUDES) |