1 | dnl Process this file with autoconf to produce a configure script. |
1 | dnl Process this file with autoconf to produce a configure script. |
2 | |
2 | |
3 | AC_PREREQ(2.57) |
3 | AC_PREREQ(2.57) |
4 | AC_INIT(src/vped.C) |
4 | AC_INIT(src/vped.C) |
5 | AC_CANONICAL_TARGET |
5 | AC_CANONICAL_TARGET |
6 | AM_INIT_AUTOMAKE(vpe, 0.1) |
6 | AM_INIT_AUTOMAKE(vpe, 1.2) |
7 | AM_CONFIG_HEADER(config.h) |
7 | AM_CONFIG_HEADER(config.h) |
8 | AM_MAINTAINER_MODE |
8 | AM_MAINTAINER_MODE |
9 | |
9 | |
10 | AH_TOP([ |
10 | AH_TOP([ |
11 | #ifndef CONFIG_H__ |
11 | #ifndef CONFIG_H__ |
… | |
… | |
61 | AC_PROG_MAKE_SET |
61 | AC_PROG_MAKE_SET |
62 | AC_PROG_RANLIB |
62 | AC_PROG_RANLIB |
63 | |
63 | |
64 | AC_ISC_POSIX |
64 | AC_ISC_POSIX |
65 | |
65 | |
66 | m4_if([ |
66 | AC_ARG_ENABLE(iftype, |
|
|
67 | [AC_HELP_STRING(--enable-iftype[=TYPE/SUBTYPE], [ |
|
|
68 | Use kernel/net device interface TYPE/SUBTYPE. |
|
|
69 | Working combinations are: |
|
|
70 | "native/linux" |
|
|
71 | "tincd/linux" |
|
|
72 | "tincd/freebsd" |
|
|
73 | "tincd/openbsd" |
|
|
74 | "tincd/darwin" |
|
|
75 | "native/cygwin"; |
|
|
76 | Untested combinations are: |
|
|
77 | "tincd/netbsd" |
|
|
78 | "tincd/solaris" |
|
|
79 | "tincd/mingw"; |
|
|
80 | Broken combinations are: |
|
|
81 | "tincd/cygwin"; |
|
|
82 | The default is to autodetect. |
|
|
83 | ])], |
|
|
84 | [ |
|
|
85 | IFTYPE=`echo $enableval | sed s%/.*%%` |
|
|
86 | IFSUBTYPE=`echo $enableval | sed s%.*/%%` |
|
|
87 | ] |
|
|
88 | ) |
|
|
89 | |
67 | dnl Check and set OS |
90 | dnl Check and set OS |
|
|
91 | AC_MSG_CHECKING(for kernel networking interface type) |
68 | |
92 | |
|
|
93 | if test "x$IFTYPE" = "x"; then |
69 | case $target_os in |
94 | case $target_os in |
70 | *linux*) |
95 | *linux*) |
|
|
96 | IFTYPE=native |
|
|
97 | IFSUBTYPE=linux |
71 | AC_DEFINE(HAVE_LINUX, 1, [Linux]) |
98 | AC_DEFINE(HAVE_LINUX, 1, [Linux]) |
72 | [ rm -f src/device.c; ln -sf linux/device.c src/device.c ] |
99 | ;; |
73 | ;; |
|
|
74 | *freebsd*) |
100 | *freebsd*) |
|
|
101 | IFTYPE=tincd |
|
|
102 | IFSUBTYPE=freebsd |
75 | AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD]) |
103 | AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD]) |
76 | [ rm -f src/device.c; ln -sf freebsd/device.c src/device.c ] |
104 | ;; |
77 | ;; |
|
|
78 | *darwin*) |
105 | *darwin*) |
|
|
106 | IFTYPE=tincd |
|
|
107 | IFSUBTYPE=darwin |
79 | AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)]) |
108 | AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)]) |
80 | [ rm -f src/device.c; ln -sf darwin/device.c src/device.c ] |
109 | ;; |
81 | ;; |
|
|
82 | *solaris*) |
110 | *solaris*) |
|
|
111 | IFTYPE=tincd |
|
|
112 | IFSUBTYPE=solaris |
83 | AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS]) |
113 | AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS]) |
84 | [ rm -f src/device.c; ln -sf solaris/device.c src/device.c ] |
114 | ;; |
85 | ;; |
|
|
86 | *openbsd*) |
115 | *openbsd*) |
|
|
116 | IFTYPE=tincd |
|
|
117 | IFSUBTYPE=openbsd |
87 | AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD]) |
118 | AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD]) |
88 | [ rm -f src/device.c; ln -sf openbsd/device.c src/device.c ] |
119 | ;; |
89 | ;; |
|
|
90 | *netbsd*) |
120 | *netbsd*) |
|
|
121 | IFTYPE=tincd |
|
|
122 | IFSUBTYPE=netbsd |
91 | AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) |
123 | AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) |
92 | [ rm -f src/device.c; ln -sf netbsd/device.c src/device.c ] |
124 | ;; |
93 | ;; |
|
|
94 | *cygwin*) |
125 | *cygwin*) |
|
|
126 | IFTYPE=native |
|
|
127 | IFSUBTYPE=cygwin |
95 | AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin]) |
128 | AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin]) |
96 | [ rm -f src/device.c; ln -sf cygwin/device.c src/device.c ] |
129 | ;; |
97 | ;; |
130 | *) |
98 | *) |
|
|
99 | AC_MSG_ERROR("Unknown operating system.") |
131 | AC_MSG_ERROR("Unknown operating system.") |
100 | ;; |
132 | ;; |
101 | esac |
133 | esac |
102 | ]) |
134 | fi |
|
|
135 | AC_MSG_RESULT($IFTYPE/$IFSUBTYPE) |
|
|
136 | AC_SUBST(IFTYPE,$IFTYPE) |
|
|
137 | AC_SUBST(IFSUBTYPE,$IFSUBTYPE) |
103 | |
138 | |
104 | AC_CACHE_SAVE |
139 | AC_CACHE_SAVE |
105 | |
140 | |
106 | dnl Checks for libraries. |
141 | dnl Checks for libraries. |
107 | |
142 | |
108 | AC_LANG(C++) |
143 | AC_LANG(C++) |
109 | AC_CHECK_HEADERS(ext/hash_map) |
144 | AC_CHECK_HEADERS(ext/hash_map) |
110 | |
145 | |
111 | dnl Checks for header files. |
146 | dnl Checks for header files. |
112 | AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \ |
147 | AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \ |
113 | sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h cygwin.h]) |
148 | sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h sys/cygwin.h arpa/inet.h \ |
|
|
149 | sys/poll.h sys/mman.h netinet/in.h]) |
114 | AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h], [], [], |
150 | AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h netinet/in_systm.h], [], [], |
|
|
151 | [ |
115 | [#include <sys/types.h> |
152 | #include <sys/types.h> |
116 | #include <sys/socket.h> |
153 | #include <sys/socket.h> |
|
|
154 | #ifdef HAVE_NETINET_IN_H |
|
|
155 | # include <netinet/in.h> |
|
|
156 | #endif |
|
|
157 | #ifdef HAVE_ARPA_INET_H |
|
|
158 | # include <arpa/inet.h> |
|
|
159 | #endif |
117 | #ifdef HAVE_NETINET_IN_SYSTM_H |
160 | #ifdef HAVE_NETINET_IN_SYSTM_H |
118 | #include <netinet/in_systm.h> |
161 | # include <netinet/in_systm.h> |
119 | #endif]) |
162 | #endif |
|
|
163 | ]) |
120 | |
164 | |
121 | dnl Checks for typedefs, structures, and compiler characteristics. |
165 | dnl Checks for typedefs, structures, and compiler characteristics. |
122 | AC_C_CONST |
166 | AC_C_CONST |
123 | AC_TYPE_PID_T |
167 | AC_TYPE_PID_T |
124 | AC_TYPE_SIZE_T |
168 | AC_TYPE_SIZE_T |
… | |
… | |
157 | |
201 | |
158 | AC_LANG_PUSH(C) |
202 | AC_LANG_PUSH(C) |
159 | |
203 | |
160 | AC_HEADER_STDC |
204 | AC_HEADER_STDC |
161 | |
205 | |
|
|
206 | dnl argl, could somebody catapult darwin into the 21st century??? |
162 | AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall) |
207 | AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall poll) |
163 | |
208 | |
164 | AC_FUNC_ALLOCA |
209 | AC_FUNC_ALLOCA |
165 | |
210 | |
166 | dnl Support for SunOS |
211 | dnl Support for SunOS |
167 | |
212 | |
… | |
… | |
178 | |
223 | |
179 | AC_CACHE_SAVE |
224 | AC_CACHE_SAVE |
180 | |
225 | |
181 | dnl These are defined in files in m4/ |
226 | dnl These are defined in files in m4/ |
182 | tinc_TUNTAP |
227 | tinc_TUNTAP |
|
|
228 | |
183 | tinc_OPENSSL |
229 | tinc_OPENSSL |
|
|
230 | if test "x$openssl_include" != x; then |
|
|
231 | CXXFLAGS="$CXXFLAGS -I$openssl_include" |
|
|
232 | fi |
184 | dnl tinc_ZLIB |
233 | dnl tinc_ZLIB |
185 | |
234 | |
186 | AC_ARG_ENABLE(rohc, |
235 | AC_ARG_ENABLE(rohc, |
187 | [AC_HELP_STRING(--enable-rohc, [enable robust header compression (rfc3095).])], |
236 | [AC_HELP_STRING(--enable-rohc, [enable robust header compression (rfc3095).])], |
188 | [ |
237 | [ |
… | |
… | |
202 | echo |
251 | echo |
203 | ] |
252 | ] |
204 | ) |
253 | ) |
205 | |
254 | |
206 | AC_ARG_ENABLE(icmp, |
255 | AC_ARG_ENABLE(icmp, |
207 | [AC_HELP_STRING(--enable-icmp, [enable icmp protocol support.])], |
256 | [AC_HELP_STRING(--enable-icmp, [enable icmp protocol support (default disabled).])], |
208 | AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.]) |
257 | AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.]) |
209 | ) |
258 | ) |
210 | |
259 | |
211 | AC_ARG_ENABLE(tcp, |
260 | AC_ARG_ENABLE(tcp, |
212 | [AC_HELP_STRING(--enable-tcp, [enable tcp protocol support.])], |
261 | [AC_HELP_STRING(--enable-tcp, [enable tcp protocol support (default disabled).])], |
213 | AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.]) |
262 | AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.]) |
214 | ) |
263 | ) |
215 | |
264 | |
216 | AC_ARG_ENABLE(http-proxy, |
265 | AC_ARG_ENABLE(http-proxy, |
217 | [AC_HELP_STRING(--enable-http-proxy, [enable http proxy connect support.])], |
266 | [AC_HELP_STRING(--enable-http-proxy, [enable http proxy connect support (default disabled).])], |
218 | AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.]) |
267 | AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.]) |
219 | ) |
268 | ) |
220 | |
269 | |
221 | HMAC=16 dnl see also the AC_HELP_STRING |
270 | HMAC=8 dnl see also the AC_HELP_STRING |
222 | AC_ARG_ENABLE(hmac-length, |
271 | AC_ARG_ENABLE(hmac-length, |
223 | [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 16). Allowed values are 4, 8, 12, 16.])], |
272 | [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], |
224 | HMAC=$enableval |
273 | HMAC=$enableval |
225 | ) |
274 | ) |
226 | AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) |
275 | AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) |
227 | |
276 | |
228 | RAND=8 dnl see also the AC_HELP_STRING |
277 | RAND=8 dnl see also the AC_HELP_STRING |
… | |
… | |
250 | |
299 | |
251 | CIPHER=bf_cbc |
300 | CIPHER=bf_cbc |
252 | AC_ARG_ENABLE(cipher, |
301 | AC_ARG_ENABLE(cipher, |
253 | [AC_HELP_STRING(--enable-cipher, [ |
302 | [AC_HELP_STRING(--enable-cipher, [ |
254 | Select the symmetric cipher (default "bf"). Must be one of |
303 | Select the symmetric cipher (default "bf"). Must be one of |
255 | "bf" (blowfish), "aes-128", "aes-192" or "aes-256".])], |
304 | "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])], |
256 | if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
305 | if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi |
257 | if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi |
306 | if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi |
258 | if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi |
307 | if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi |
259 | if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi |
308 | if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi |
260 | ) |
309 | ) |
… | |
… | |
262 | |
311 | |
263 | DIGEST=sha1 |
312 | DIGEST=sha1 |
264 | AC_ARG_ENABLE(digest, |
313 | AC_ARG_ENABLE(digest, |
265 | [AC_HELP_STRING(--enable-digest, [ |
314 | [AC_HELP_STRING(--enable-digest, [ |
266 | Select the digets algorithm to use (default "sha1"). Must be one of |
315 | Select the digets algorithm to use (default "sha1"). Must be one of |
267 | "sha1", "ripemd160", "md4" or "md5".])], |
316 | "sha1", "ripemd160", "md5" or "md4" (insecure).])], |
268 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
317 | if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi |
269 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
318 | if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi |
|
|
319 | if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi |
270 | if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi |
320 | if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi |
271 | if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi |
|
|
272 | ) |
321 | ) |
273 | AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) |
322 | AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) |
274 | |
|
|
275 | TRUST=1 |
|
|
276 | m4_if([ |
|
|
277 | AC_ARG_ENABLE(trust, |
|
|
278 | [AC_HELP_STRING(--enable-trust, [ |
|
|
279 | Make authentication faster but allow decoding by all hosts of a VPN. |
|
|
280 | Use this when the VPN hosts DO trust each other and you don't care |
|
|
281 | wether man-in-the-middle sniffing attacks are possible by admins |
|
|
282 | of other VPN hosts. On pentiums or similar machines this can cut down |
|
|
283 | the time for reconnects by 0.4 seconds or more.])], |
|
|
284 | if test "x$enableval" = xyes; then |
|
|
285 | TRUST=1 |
|
|
286 | fi |
|
|
287 | ) |
|
|
288 | ]) |
|
|
289 | AC_DEFINE_UNQUOTED(ENABLE_TRUST, $TRUST, [Faster, but VPN hosts may sniff each others data.]) |
|
|
290 | |
323 | |
291 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
324 | if $CXX -v --help 2>&1 | grep -q fno-rtti; then |
292 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
325 | CXXFLAGS="$CXXFLAGS -fno-rtti" |
293 | fi |
326 | fi |
294 | |
327 | |
… | |
… | |
308 | |
341 | |
309 | echo |
342 | echo |
310 | echo "***" |
343 | echo "***" |
311 | echo "*** Configuration Summary" |
344 | echo "*** Configuration Summary" |
312 | echo "***" |
345 | echo "***" |
|
|
346 | echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" |
313 | echo "*** Cipher used: $CIPHER" |
347 | echo "*** Cipher used: $CIPHER" |
314 | echo "*** Digest used: $DIGEST" |
348 | echo "*** Digest used: $DIGEST" |
315 | echo "*** HMAC length: $HMAC" |
349 | echo "*** HMAC length: $HMAC" |
316 | echo "*** RAND used: $RAND" |
350 | echo "*** RAND used: $RAND" |
317 | echo "*** Max. MTU: $MTU" |
351 | echo "*** Max. MTU: $MTU" |
318 | echo "*** Compression: $COMPRESS" |
352 | echo "*** Compression: $COMPRESS" |
319 | dnl echo "*** Trusted Mode: $TRUST" |
|
|
320 | echo "***" |
353 | echo "***" |
|
|
354 | |
|
|
355 | if test "x$DIGEST" = xmd4; then |
|
|
356 | echo "*** WARNING" |
|
|
357 | echo "*** The digest you have chosen ($DIGEST) is known to be insecure" |
|
|
358 | echo "***" |
|
|
359 | fi |
|
|
360 | |
321 | echo |
361 | echo |
322 | |
362 | |
323 | ]) |
363 | ]) |
324 | |
364 | |
325 | AC_SUBST(INCLUDES) |
365 | AC_SUBST(INCLUDES) |