--- gvpe/configure.ac	2003/03/01 15:53:02	1.1
+++ gvpe/configure.ac	2003/10/17 01:39:12	1.20
@@ -3,7 +3,7 @@
 AC_PREREQ(2.57)
 AC_INIT(src/vped.C)
 AC_CANONICAL_TARGET
-AM_INIT_AUTOMAKE(vpe, 0.1)
+AM_INIT_AUTOMAKE(vpe, 1.2)
 AM_CONFIG_HEADER(config.h)
 AM_MAINTAINER_MODE
 
@@ -63,43 +63,80 @@
 
 AC_ISC_POSIX
 
-m4_if([
+AC_ARG_ENABLE(iftype,
+  [AC_HELP_STRING(--enable-iftype[=TYPE/SUBTYPE], [
+     Use kernel/net device interface TYPE/SUBTYPE.
+     Working combinations are:
+        "native/linux"
+        "tincd/linux"
+        "tincd/freebsd"
+        "tincd/openbsd"
+        "tincd/darwin"
+        "native/cygwin";
+     Untested combinations are:
+        "tincd/netbsd"
+        "tincd/solaris"
+        "tincd/mingw";
+     Broken combinations are:
+        "tincd/cygwin";
+     The default is to autodetect.
+  ])],
+  [
+    IFTYPE=`echo $enableval | sed s%/.*%%`
+    IFSUBTYPE=`echo $enableval | sed s%.*/%%`
+  ]
+)
+
 dnl Check and set OS
+AC_MSG_CHECKING(for kernel networking interface type)
 
-case $target_os in
-  *linux*)
-    AC_DEFINE(HAVE_LINUX, 1, [Linux])
-    [ rm -f src/device.c; ln -sf linux/device.c src/device.c ]
-  ;;
-  *freebsd*)
-    AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD])
-    [ rm -f src/device.c; ln -sf freebsd/device.c src/device.c ]
-  ;;
-  *darwin*)
-    AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)])
-    [ rm -f src/device.c; ln -sf darwin/device.c src/device.c ]
-  ;;
-  *solaris*)
-    AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS])
-    [ rm -f src/device.c; ln -sf solaris/device.c src/device.c ]
-  ;;
-  *openbsd*)
-    AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD])
-    [ rm -f src/device.c; ln -sf openbsd/device.c src/device.c ]
-  ;;
-  *netbsd*)
-    AC_DEFINE(HAVE_NETBSD, 1, [NetBSD])
-    [ rm -f src/device.c; ln -sf netbsd/device.c src/device.c ]
-  ;;
-  *cygwin*)
-    AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin])
-    [ rm -f src/device.c; ln -sf cygwin/device.c src/device.c ]
-  ;;
-  *)
-    AC_MSG_ERROR("Unknown operating system.")
-  ;;
-esac
-])
+if test "x$IFTYPE" = "x"; then
+   case $target_os in
+     *linux*)
+       IFTYPE=native
+       IFSUBTYPE=linux
+       AC_DEFINE(HAVE_LINUX, 1, [Linux])
+     ;;
+     *freebsd*)
+       IFTYPE=tincd
+       IFSUBTYPE=freebsd
+       AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD])
+     ;;
+     *darwin*)
+       IFTYPE=tincd
+       IFSUBTYPE=darwin
+       AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)])
+     ;;
+     *solaris*)
+       IFTYPE=tincd
+       IFSUBTYPE=solaris
+       AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS])
+     ;;
+     *openbsd*)
+       IFTYPE=tincd
+       IFSUBTYPE=openbsd
+       AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD])
+     ;;
+     *netbsd*)
+       IFTYPE=tincd
+       IFSUBTYPE=netbsd
+       AC_DEFINE(HAVE_NETBSD, 1, [NetBSD])
+     ;;
+     *cygwin*)
+       IFTYPE=native
+       IFSUBTYPE=cygwin
+       AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin])
+     ;;
+     *)
+       AC_MSG_ERROR("Unknown operating system.")
+     ;;
+   esac
+fi
+AC_MSG_RESULT($IFTYPE/$IFSUBTYPE)
+AC_SUBST(IFTYPE,$IFTYPE)
+AC_SUBST(IFSUBTYPE,$IFSUBTYPE)
+AC_DEFINE_UNQUOTED(IFTYPE,"$IFTYPE",[kernel interface type])
+AC_DEFINE_UNQUOTED(IFSUBTYPE,"$IFSUBTYPE",[kernel interface subtype])
 
 AC_CACHE_SAVE
 
@@ -110,13 +147,22 @@
 
 dnl Checks for header files.
 AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \
-	sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h cygwin.h])
-AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h], [], [],
-	[#include <sys/types.h>
-	 #include <sys/socket.h>
-	 #ifdef HAVE_NETINET_IN_SYSTM_H
-     #include <netinet/in_systm.h>
-	 #endif])
+	sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h sys/cygwin.h arpa/inet.h \
+        sys/poll.h sys/mman.h netinet/in.h])
+AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h netinet/in_systm.h], [], [],
+[
+#include <sys/types.h>
+#include <sys/socket.h>
+#ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+#endif
+#ifdef HAVE_ARPA_INET_H
+# include <arpa/inet.h>
+#endif
+#ifdef HAVE_NETINET_IN_SYSTM_H
+# include <netinet/in_systm.h>
+#endif
+])
 
 dnl Checks for typedefs, structures, and compiler characteristics.
 AC_C_CONST
@@ -159,7 +205,8 @@
 
 AC_HEADER_STDC
 
-AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall)
+dnl argl, could somebody catapult darwin into the 21st century???
+AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall poll)
 
 AC_FUNC_ALLOCA
 
@@ -180,12 +227,51 @@
 
 dnl These are defined in files in m4/
 tinc_TUNTAP
+
 tinc_OPENSSL
+if test "x$openssl_include" != x; then
+   CXXFLAGS="$CXXFLAGS -I$openssl_include"
+fi
 dnl tinc_ZLIB
 
-HMAC=16    dnl see also the AC_HELP_STRING
+AC_ARG_ENABLE(rohc,
+  [AC_HELP_STRING(--enable-rohc, [enable robust header compression (rfc3095).])],
+  [
+  echo
+  echo "**********************************************************************"
+  echo "**********************************************************************"
+  echo "**** --enable-rohc not yet implemented *******************************"
+  echo "**********************************************************************"
+  echo "**** uuh sorry, I am such an ass, but I didn't find any rfc3095 (ROHC)"
+  echo "**** implementation to be used in GPL code on the web."
+  echo "**** so this option is just a fake. Please implement one and send it"
+  echo "**** to me ;)"
+  echo "**********************************************************************"
+  echo "**********************************************************************"
+  echo "**********************************************************************"
+  echo "**********************************************************************"
+  echo
+  ]
+)
+
+AC_ARG_ENABLE(icmp,
+  [AC_HELP_STRING(--enable-icmp, [enable icmp protocol support (default disabled).])],
+  AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.])
+)
+
+AC_ARG_ENABLE(tcp,
+  [AC_HELP_STRING(--enable-tcp, [enable tcp protocol support (default disabled).])],
+  AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.])
+)
+
+AC_ARG_ENABLE(http-proxy,
+  [AC_HELP_STRING(--enable-http-proxy, [enable http proxy connect support (default disabled).])],
+  AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.])
+)
+
+HMAC=8    dnl see also the AC_HELP_STRING
 AC_ARG_ENABLE(hmac-length,
-  [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 16). Allowed values are 4, 8, 12, 16.])],
+  [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
   HMAC=$enableval
 )
 AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.])
@@ -217,7 +303,7 @@
 AC_ARG_ENABLE(cipher,
   [AC_HELP_STRING(--enable-cipher, [
      Select the symmetric cipher (default "bf"). Must be one of
-     "bf" (blowfish), "aes-128", "aes-192" or "aes-256".])],
+     "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])],
   if test "x$enableval" = xbf     ; then CIPHER=bf_cbc     ; fi
   if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi
   if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi
@@ -229,30 +315,14 @@
 AC_ARG_ENABLE(digest,
   [AC_HELP_STRING(--enable-digest, [
      Select the digets algorithm to use (default "sha1"). Must be one of
-     "sha1", "ripemd160", "md4" or "md5".])],
+     "sha1", "ripemd160", "md5" or "md4" (insecure).])],
   if test "x$enableval" = xsha1     ; then DIGEST=sha1     ; fi
   if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi
-  if test "x$enableval" = xmd4      ; then DIGEST=md4      ; fi
   if test "x$enableval" = xmd5      ; then DIGEST=md5      ; fi
+  if test "x$enableval" = xmd4      ; then DIGEST=md4      ; fi
 )
 AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.])
 
-TRUST=1
-m4_if([
-AC_ARG_ENABLE(trust,
-  [AC_HELP_STRING(--enable-trust, [
-     Make authentication faster but allow decoding by all hosts of a VPN.
-     Use this when the VPN hosts DO trust each other and you don't care
-     wether man-in-the-middle sniffing attacks are possible by admins
-     of other VPN hosts. On pentiums or similar machines this can cut down
-     the time for reconnects by 0.4 seconds or more.])],
-  if test "x$enableval" = xyes; then
-     TRUST=1
-  fi
-)
-])
-AC_DEFINE_UNQUOTED(ENABLE_TRUST, $TRUST, [Faster, but VPN hosts may sniff each others data.])
-
 if $CXX -v --help 2>&1 | grep -q fno-rtti; then
    CXXFLAGS="$CXXFLAGS -fno-rtti"
 fi
@@ -261,13 +331,13 @@
    CXXFLAGS="$CXXFLAGS -fno-exceptions"
 fi
 
-if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
-   CXXFLAGS="$CXXFLAGS -ffunction-sections"
-fi
-
-if $LD -v --help 2>&1 | grep -q gc-sections; then
-   LDFLAGS="$LDFLAGS -Wl,--gc-sections"
-fi
+dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
+dnl    CXXFLAGS="$CXXFLAGS -ffunction-sections"
+dnl fi
+dnl 
+dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
+dnl    LDFLAGS="$LDFLAGS -Wl,--gc-sections"
+dnl fi
 
 AC_CONFIG_COMMANDS_POST([
 
@@ -275,14 +345,21 @@
 echo "***"
 echo "*** Configuration Summary"
 echo "***"
+echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE"
 echo "*** Cipher used:  $CIPHER"
 echo "*** Digest used:  $DIGEST"
 echo "*** HMAC length:  $HMAC"
 echo "*** RAND used:    $RAND"
 echo "*** Max. MTU:     $MTU"
 echo "*** Compression:  $COMPRESS"
-dnl echo "*** Trusted Mode: $TRUST"
 echo "***"
+
+if test "x$DIGEST" = xmd4; then
+echo "*** WARNING"
+echo "*** The digest you have chosen ($DIGEST) is known to be insecure"
+echo "***"
+fi
+
 echo
 
 ])