ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/configure.ac
(Generate patch)

Comparing gvpe/configure.ac (file contents):
Revision 1.13 by pcg, Wed Oct 15 00:34:18 2003 UTC vs.
Revision 1.66 by root, Thu Oct 25 04:32:26 2018 UTC

1dnl Process this file with autoconf to produce a configure script. 1dnl Process this file with autoconf to produce a configure script.
2 2
3AC_PREREQ(2.57) 3AC_PREREQ(2.69)
4AC_INIT(src/vped.C) 4AC_INIT
5AC_CONFIG_SRCDIR([src/gvpe.C])
5AC_CANONICAL_TARGET 6AC_CANONICAL_TARGET
6AM_INIT_AUTOMAKE(vpe, 1.2) 7AM_INIT_AUTOMAKE(gvpe, 3.1)
7AM_CONFIG_HEADER(config.h) 8AC_CONFIG_HEADERS([config.h])
8AM_MAINTAINER_MODE 9AM_MAINTAINER_MODE
9 10
10AH_TOP([ 11AH_TOP([
11#ifndef CONFIG_H__ 12#ifndef CONFIG_H__
12#define CONFIG_H__ 13#define CONFIG_H__
16#endif 17#endif
17 18
18]) 19])
19 20
20AH_BOTTOM([ 21AH_BOTTOM([
22typedef unsigned char u8;
23typedef signed char s8;
24
21#if __CYGWIN__ 25#if __CYGWIN__
22 26
23typedef unsigned char u8;
24typedef unsigned short u16; 27typedef unsigned short u16;
25typedef unsigned int u32; 28typedef unsigned int u32;
29typedef signed short s16;
30typedef signed int s32;
26 31
27#else 32#else
28#include <inttypes.h> 33#include <inttypes.h>
29 34
30/* old modula-2 habits */ 35/* old modula-2 habits */
31typedef unsigned char u8;
32typedef uint16_t u16; 36typedef uint16_t u16;
33typedef uint32_t u32; 37typedef uint32_t u32;
38typedef int16_t s16;
39typedef int32_t s32;
34#endif 40#endif
35 41
36#endif 42#endif
37])
38 43
39dnl Include the macros from the m4/ directory 44#if HAVE_CLOCALE
40AM_ACLOCAL_INCLUDE(m4) 45# define CLOCALE <clocale>
46#else
47# define CLOCALE <locale.h>
48#endif
49])
41 50
42AM_GNU_GETTEXT([external]) 51AM_GNU_GETTEXT([external])
43AM_GNU_GETTEXT_VERSION(0.11.5) 52AM_GNU_GETTEXT_VERSION(0.11.5)
44 53
45# Enable GNU extensions. 54# Enable GNU extensions.
46# Define this here, not in acconfig's @TOP@ section, since definitions 55# Define this here, not in acconfig's @TOP@ section, since definitions
47# in the latter don't make it into the configure-time tests. 56# in the latter don't make it into the configure-time tests.
48AC_DEFINE([_GNU_SOURCE], 1, [Enable GNU extenstions]) 57AC_DEFINE([_GNU_SOURCE], 1, [Enable GNU extensions])
49AC_DEFINE([__USE_BSD], 1, [Enable BSD extensions]) 58
59# do NOT define POSIX_SOURCE, sicne this clashes with many BSDs
60dnl AC_DEFINE([_POSIX_SOURCE], 1, [Enable POSIX 1003.1 extensions])
61dnl AC_DEFINE([_XOPEN_SOURCE], 500, [Enable XOPEN extensions])
50 62
51ALL_LINGUAS="" 63ALL_LINGUAS=""
52 64
53dnl Checks for programs. 65dnl Checks for programs.
54AC_PROG_CC
55AC_PROG_CPP 66AC_PROG_CPP
56AC_PROG_CXX 67AC_PROG_CXX
57AC_PROG_GCC_TRADITIONAL 68AC_PROG_GCC_TRADITIONAL
58AC_PROG_AWK 69AC_PROG_AWK
59AC_PROG_INSTALL 70AC_PROG_INSTALL
60AC_PROG_LN_S 71AC_PROG_LN_S
61AC_PROG_MAKE_SET 72AC_PROG_MAKE_SET
62AC_PROG_RANLIB 73AC_PROG_RANLIB
63 74
64AC_ISC_POSIX
65
66AC_ARG_ENABLE(iftype, 75AC_ARG_ENABLE(iftype,
67 [AC_HELP_STRING(--enable-iftype[=TYPE/SUBTYPE], [ 76 [AS_HELP_STRING(--enable-iftype=TYPE/SUBTYPE,
68 Use kernel/net device interface TYPE/SUBTYPE. 77 Use kernel/net device interface TYPE/SUBTYPE.
69 Working combinations are: 78 Working combinations are (see doc/gvpe.osdep.5.pod):
70 "native/linux" "tincd/linux" "tincd/freebsd"; 79 "native/linux"
80 "tincd/linux"
81 "tincd/netbsd"
82 "tincd/freebsd"
83 "tincd/openbsd"
84 "native/darwin"
85 "tincd/darwin"
86 "native/cygwin";
71 Untested combinations are: 87 Untested combinations are:
72 "tincd/netbsd" "tincd/darwin" "tincd/solaris" 88 "tincd/bsd"
73 "tincd/openbsd" "tincd/cygwin"; 89 "tincd/solaris"
90 "tincd/mingw"
91 "tincd/raw_socket"
92 "tincd/uml_socket";
74 Broken combinations are: 93 Broken combinations are:
75 "native/cygwin"; 94 "tincd/cygwin";
76 The default is to autodetect. 95 The default is to autodetect.
77 ])], 96 )],
78 [ 97 [
79 IFTYPE=`echo $enableval | sed s%/.*%%` 98 IFTYPE=`echo $enableval | sed s%/.*%%`
80 IFSUBTYPE=`echo $enableval | sed s%.*/%%` 99 IFSUBTYPE=`echo $enableval | sed s%.*/%%`
81 ] 100 ]
82) 101)
95 IFTYPE=tincd 114 IFTYPE=tincd
96 IFSUBTYPE=freebsd 115 IFSUBTYPE=freebsd
97 AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD]) 116 AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD])
98 ;; 117 ;;
99 *darwin*) 118 *darwin*)
100 IFTYPE=tincd 119 IFTYPE=native
101 IFSUBTYPE=darwin 120 IFSUBTYPE=darwin
102 AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)]) 121 AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)])
103 ;; 122 ;;
104 *solaris*) 123 *solaris*)
105 IFTYPE=tincd 124 IFTYPE=tincd
115 IFTYPE=tincd 134 IFTYPE=tincd
116 IFSUBTYPE=netbsd 135 IFSUBTYPE=netbsd
117 AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) 136 AC_DEFINE(HAVE_NETBSD, 1, [NetBSD])
118 ;; 137 ;;
119 *cygwin*) 138 *cygwin*)
120 IFTYPE=tincd 139 IFTYPE=native
121 IFSUBTYPE=cygwin 140 IFSUBTYPE=cygwin
122 AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin]) 141 AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin])
123 ;; 142 ;;
124 *) 143 *)
125 AC_MSG_ERROR("Unknown operating system.") 144 AC_MSG_ERROR("Unknown operating system.")
127 esac 146 esac
128fi 147fi
129AC_MSG_RESULT($IFTYPE/$IFSUBTYPE) 148AC_MSG_RESULT($IFTYPE/$IFSUBTYPE)
130AC_SUBST(IFTYPE,$IFTYPE) 149AC_SUBST(IFTYPE,$IFTYPE)
131AC_SUBST(IFSUBTYPE,$IFSUBTYPE) 150AC_SUBST(IFSUBTYPE,$IFSUBTYPE)
151AC_DEFINE_UNQUOTED(IFTYPE,"$IFTYPE",[kernel interface type])
152AC_DEFINE_UNQUOTED(IFSUBTYPE,"$IFSUBTYPE",[kernel interface subtype])
132 153
133AC_CACHE_SAVE 154AC_CACHE_SAVE
134 155
135dnl Checks for libraries. 156dnl Checks for libraries.
136 157
137AC_LANG(C++) 158AC_LANG(C++)
138AC_CHECK_HEADERS(ext/hash_map) 159AC_CHECK_HEADERS(tr1/unordered_map ext/hash_map clocale)
139 160
140dnl Checks for header files. 161dnl Checks for header files.
141AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \ 162AC_CHECK_HEADERS([fcntl.h inttypes.h limits.h malloc.h stdint.h strings.h syslog.h unistd.h \
142 sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h cygwin.h arpa/inet.h \ 163 sys/file.h sys/ioctl.h sys/param.h sys/time.h netinet/in_systm.h sys/cygwin.h \
143 sys/poll.h sys/mman.h netinet/in.h]) 164 sys/mman.h netinet/in.h])
144AC_CHECK_HEADERS([net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h netinet/in_systm.h], [], [], 165AC_CHECK_HEADERS([arpa/inet.h net/ethernet.h net/if.h netinet/ip.h netinet/tcp.h netinet/in_systm.h], [], [],
145[ 166[
146#include <sys/types.h> 167#include <sys/types.h>
147#include <sys/socket.h> 168#include <sys/socket.h>
148#ifdef HAVE_NETINET_IN_H 169#ifdef HAVE_NETINET_IN_H
149# include <netinet/in.h> 170# include <netinet/in.h>
163AC_HEADER_TIME 184AC_HEADER_TIME
164AC_STRUCT_TM 185AC_STRUCT_TM
165 186
166AC_CACHE_CHECK([for socklen_t], ac_cv_type_socklen_t, 187AC_CACHE_CHECK([for socklen_t], ac_cv_type_socklen_t,
167[ 188[
168 AC_TRY_COMPILE( 189 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
169 [#include <sys/types.h> 190 #include <sys/socket.h>]], [[socklen_t len = 42; return len;]])],[ac_cv_type_socklen_t=yes],[ac_cv_type_socklen_t=no])
170 #include <sys/socket.h>],
171 [socklen_t len = 42; return len;],
172 ac_cv_type_socklen_t=yes,
173 ac_cv_type_socklen_t=no)
174]) 191])
175if test $ac_cv_type_socklen_t = yes; then 192if test $ac_cv_type_socklen_t = yes; then
176 AC_DEFINE(HAVE_SOCKLEN_T, 1, [socklen_t available]) 193 AC_DEFINE(HAVE_SOCKLEN_T, 1, [socklen_t available])
177fi 194fi
178 195
179AC_CACHE_CHECK([for struct addrinfo], ac_cv_struct_addrinfo, 196AC_CACHE_CHECK([for struct addrinfo], ac_cv_struct_addrinfo,
180[ 197[
181 AC_TRY_COMPILE( 198 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
182 [#include <sys/types.h>
183 #include <sys/socket.h> 199 #include <sys/socket.h>
184 #include <netdb.h>], 200 #include <netdb.h>]], [[struct addrinfo ai; ai.ai_family = AF_INET; return ai.ai_family;]])],[ac_cv_struct_addrinfo=yes],[ac_cv_struct_addrinfo=no])
185 [struct addrinfo ai; ai.ai_family = AF_INET; return ai.ai_family;],
186 ac_cv_struct_addrinfo=yes,
187 ac_cv_struct_addrinfo=no)
188]) 201])
189if test $ac_cv_struct_addrinfo = yes; then 202if test $ac_cv_struct_addrinfo = yes; then
190 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, [struct addrinfo available]) 203 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, [struct addrinfo available])
191fi 204fi
192 205
196AC_LANG_PUSH(C) 209AC_LANG_PUSH(C)
197 210
198AC_HEADER_STDC 211AC_HEADER_STDC
199 212
200dnl argl, could somebody catapult darwin into the 21st century??? 213dnl argl, could somebody catapult darwin into the 21st century???
201AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall poll) 214AC_CHECK_FUNCS(asprintf daemon get_current_dir_name putenv select strerror strsignal strtol unsetenv mlockall)
202 215
203AC_FUNC_ALLOCA 216AC_FUNC_ALLOCA
204 217
205dnl Support for SunOS 218dnl Support for SunOS
206 219
209]) 222])
210AC_CHECK_FUNC(gethostbyname, [], [ 223AC_CHECK_FUNC(gethostbyname, [], [
211 AC_CHECK_LIB(nsl, gethostbyname) 224 AC_CHECK_LIB(nsl, gethostbyname)
212]) 225])
213 226
227dnl libev support
228m4_include([libev/libev.m4])
229
214AC_LANG_POP 230AC_LANG_POP
215 231
216dnl AC_CHECK_FUNCS([freeaddrinfo gai_strerror getaddrinfo getnameinfo]) 232dnl AC_CHECK_FUNCS([freeaddrinfo gai_strerror getaddrinfo getnameinfo])
217 233
218AC_CACHE_SAVE 234AC_CACHE_SAVE
219 235
220dnl These are defined in files in m4/ 236dnl These are defined in files in m4/
221tinc_TUNTAP 237tinc_TUNTAP
222tinc_OPENSSL
223CXXFLAGS="$CXXFLAGS -I$openssl_include"
224dnl tinc_ZLIB
225 238
239PKG_CHECK_MODULES([LIBCRYPTO], [libcrypto >= 1])
240
241AC_ARG_ENABLE(threads,
242 [AS_HELP_STRING(--enable-threads,try to use threads for long-running asynchronous operations (default enabled).)],
243 [try_threads=$enableval],
244 [try_threads=yes]
245)
246
247if test "x$try_threads" = xyes; then
248 AC_CHECK_HEADER(pthread.h,[
249 LIBS="$LIBS -lpthread"
250 AC_COMPILE_IFELSE(
251 [AC_LANG_PROGRAM([#include <pthread.h>], [pthread_t id; pthread_create (&id, 0, 0, 0);])],
252 [AC_DEFINE_UNQUOTED(ENABLE_PTHREADS, 1, [POSIX thread support.])]
253 )
254 ])
255fi
256
257AC_ARG_ENABLE(static-daemon,
258 [AS_HELP_STRING(--enable-static-daemon,enable statically linked daemon.)],
259 [LDFLAGS_DAEMON=-static]
260)
261AC_SUBST(LDFLAGS_DAEMON)
262
226AC_ARG_ENABLE(rohc, 263dnl AC_ARG_ENABLE(rohc,
227 [AC_HELP_STRING(--enable-rohc, [enable robust header compression (rfc3095).])], 264dnl [AS_HELP_STRING(--enable-rohc,enable robust header compression (rfc3095).)],
265dnl [
266dnl echo
267dnl echo "**********************************************************************"
268dnl echo "**********************************************************************"
269dnl echo "**** --enable-rohc is highly experimental, do not use ****************"
270dnl echo "**********************************************************************"
271dnl echo "**********************************************************************"
272dnl echo
273dnl rohc=true
274dnl AC_DEFINE_UNQUOTED(ENABLE_ROHC, 1, [ROHC support])
275dnl ]
276dnl )
277
278AM_CONDITIONAL(ROHC, test x$rohc = xtrue)
279
280dnl AC_ARG_ENABLE(bridging,
281dnl [AS_HELP_STRING(--enable-bridging,enable bridging support (default disabled).)],
282dnl AC_DEFINE_UNQUOTED(ENABLE_BRIDGING, 1, [bridging support.])
283dnl )
284
285ICMP=1
286AC_ARG_ENABLE(icmp,
287 [AS_HELP_STRING(--disable-icmp,enable icmp protocol support (default enabled).)],
288 if test "x$enableval" = xno; then
289 ICMP=0
290 fi
291)
292if test "x$ICMP" = x1; then
293 AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.])
294fi
295
296TCP=1
297AC_ARG_ENABLE(tcp,
298 [AS_HELP_STRING(--disable-tcp,enable tcp protocol support (default enabled).)],
299 if test "x$enableval" = xno; then
300 TCP=0
301 fi
302)
303if test "x$TCP" = x1; then
304 AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.])
305fi
306
307HTTP=1
308AC_ARG_ENABLE(http-proxy,
309 [AS_HELP_STRING(--disable-http-proxy,enable http proxy connect support (default enabled).)],
310 if test "x$enableval" = xno; then
311 HTTP=0
312 fi
313)
314if test "x$HTTP" = x1; then
315 AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.])
316fi
317
318AC_ARG_ENABLE(dns,
319 [AS_HELP_STRING(--enable-dns,enable dns tunnel protocol support (default disabled).)],
228 [ 320 [
229 echo 321 AC_CHECK_HEADER(gmp.h,,[AC_MSG_ERROR([gmp.h not found, required for --enable-dns])])
230 echo "**********************************************************************" 322 AC_CHECK_LIB(gmp,main,,[AC_MSG_ERROR([libgmp not found, required for --enable-dns])])
231 echo "**********************************************************************" 323
232 echo "**** --enable-rohc not yet implemented *******************************" 324 AC_DEFINE_UNQUOTED(ENABLE_DNS, 1, [DNS tunnel protocol support.])
233 echo "**********************************************************************"
234 echo "**** uuh sorry, I am such an ass, but I didn't find any rfc3095 (ROHC)"
235 echo "**** implementation to be used in GPL code on the web."
236 echo "**** so this option is just a fake. Please implement one and send it"
237 echo "**** to me ;)"
238 echo "**********************************************************************"
239 echo "**********************************************************************"
240 echo "**********************************************************************"
241 echo "**********************************************************************"
242 echo
243 ] 325 ]
244) 326)
245 327
246AC_ARG_ENABLE(icmp, 328RSA=3072
247 [AC_HELP_STRING(--enable-icmp, [enable icmp protocol support (default disabled).])], 329AC_ARG_ENABLE(rsa-length,
248 AC_DEFINE_UNQUOTED(ENABLE_ICMP, 1, [ICMP protocol support.]) 330 [AS_HELP_STRING(--enable-rsa-length=BITS,[
331 use BITS rsa keys (default 3072). Allowed values are 2048-10240.])],
332 RSA=$enableval
249) 333)
334AC_DEFINE_UNQUOTED(RSABITS, $RSA, [Size of RSA keys.])
250 335
251AC_ARG_ENABLE(tcp, 336HMACSIZE=12
252 [AC_HELP_STRING(--enable-tcp, [enable tcp protocol support (default disabled).])],
253 AC_DEFINE_UNQUOTED(ENABLE_TCP, 1, [TCP protocol support.])
254)
255
256AC_ARG_ENABLE(http-proxy,
257 [AC_HELP_STRING(--enable-http-proxy, [enable http proxy connect support (default disabled).])],
258 AC_DEFINE_UNQUOTED(ENABLE_HTTP_PROXY, 1, [http proxy connect support.])
259)
260
261HMAC=12 dnl see also the AC_HELP_STRING
262AC_ARG_ENABLE(hmac-length, 337AC_ARG_ENABLE(hmac-length,
263 [AC_HELP_STRING(--enable-hmac-length=BYTES, [use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])], 338 [AS_HELP_STRING(--enable-hmac-length=BYTES,[
339 use a hmac of length BYTES bytes (default 12). Allowed values are 4, 8, 12, 16.])],
264 HMAC=$enableval 340 HMACSIZE=$enableval
265) 341)
266AC_DEFINE_UNQUOTED(HMACLENGTH, $HMAC, [Size of HMAC in each packet in bytes.]) 342AC_DEFINE_UNQUOTED(HMACLENGTH, $HMACSIZE, [Size of HMAC in each packet in bytes.])
267 343
268RAND=8 dnl see also the AC_HELP_STRING 344MTU=1500
269AC_ARG_ENABLE(rand-length,
270 [AC_HELP_STRING(--enable-rand-length=BYTES, [use BYTES bytes of extra randomness (default 8). Allowed values are 0, 4, 8.])],
271 RAND=$enableval
272)
273AC_DEFINE_UNQUOTED(RAND_SIZE, $RAND, [Add this many bytes of randomness to each packet.])
274
275MTU=1500 dnl see also the AC_HELP_STRING
276AC_ARG_ENABLE(mtu, 345AC_ARG_ENABLE(max-mtu,
277 [AC_HELP_STRING(--enable-max-mtu=BYTES, enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)], 346 [AS_HELP_STRING(--enable-max-mtu=BYTES,enable mtu sizes upto BYTES bytes (default 1500). Use 9100 for jumbogram support.)],
278 MTU=$enableval 347 MTU=$enableval
279) 348)
280AC_DEFINE_UNQUOTED(MAX_MTU, $MTU + 14, [Maximum MTU supported.]) 349AC_DEFINE_UNQUOTED(MAX_MTU, ($MTU + 14), [Maximum MTU supported.])
281 350
282COMPRESS=1 351COMPRESS=1
283AC_ARG_ENABLE(compression, 352AC_ARG_ENABLE(compression,
284 [AC_HELP_STRING(--disable-compression, Disable compression support.)], 353 [AS_HELP_STRING(--disable-compression,Disable compression support.)],
285 if test "x$enableval" = xno; then 354 if test "x$enableval" = xno; then
286 COMPRESS=0 355 COMPRESS=0
287 fi 356 fi
288) 357)
289AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.]) 358AC_DEFINE_UNQUOTED(ENABLE_COMPRESSION, $COMPRESS, [Enable compression support.])
290 359
291CIPHER=bf_cbc 360CIPHER=aes_128_ctr
292AC_ARG_ENABLE(cipher, 361AC_ARG_ENABLE(cipher,
293 [AC_HELP_STRING(--enable-cipher, [ 362 [AS_HELP_STRING(--enable-cipher=CIPHER,[
294 Select the symmetric cipher (default "bf"). Must be one of 363 Select the symmetric cipher (default "aes-128").
295 "bf" (blowfish), "aes-128" (rijndael), "aes-192" or "aes-256".])], 364 Must be one of "aes-128" (rijndael), "aes-192", or "aes-256".])],
296 if test "x$enableval" = xbf ; then CIPHER=bf_cbc ; fi 365 #if test "x$enableval" = xbf ; then CIPHER=bf_ctr ; fi
297 if test "x$enableval" = xaes-128; then CIPHER=aes_128_cbc; fi 366 if test "x$enableval" = xaes-128 ; then CIPHER=aes_128_ctr ; fi
298 if test "x$enableval" = xaes-192; then CIPHER=aes_192_cbc; fi 367 if test "x$enableval" = xaes-192 ; then CIPHER=aes_192_ctr ; fi
299 if test "x$enableval" = xaes-256; then CIPHER=aes_256_cbc; fi 368 if test "x$enableval" = xaes-256 ; then CIPHER=aes_256_ctr ; fi
369 #if test "x$enableval" = xcamellia-128; then CIPHER=camellia_128_ctr; fi
370 #if test "x$enableval" = xcamellia-256; then CIPHER=camellia_256_ctr; fi
300) 371)
301AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.]) 372AC_DEFINE_UNQUOTED(ENABLE_CIPHER, EVP_${CIPHER}, [Select the symmetric cipher to use.])
302 373
303DIGEST=sha1 374HMAC=sha1
304AC_ARG_ENABLE(digest, 375AC_ARG_ENABLE(hmac-digest,
305 [AC_HELP_STRING(--enable-digest, [ 376 [AS_HELP_STRING(--enable-hmac-digest=HMAC,[
306 Select the digets algorithm to use (default "sha1"). Must be one of 377 Select the HMAC digest algorithm to use (default "sha1"). Must be one of
307 "sha1", "ripemd160", "md5" or "md4" (insecure).])], 378 "sha512", "sha256", "sha1", "ripemd160", "whirlpool".])],
379 if test "x$enableval" = xwhirlpool; then HMAC=whirlpool; fi
380 if test "x$enableval" = xsha512 ; then HMAC=sha512 ; fi
381 if test "x$enableval" = xsha256 ; then HMAC=sha256 ; fi
308 if test "x$enableval" = xsha1 ; then DIGEST=sha1 ; fi 382 if test "x$enableval" = xsha1 ; then HMAC=sha1 ; fi
309 if test "x$enableval" = xripemd160; then DIGEST=ripemd160; fi 383 if test "x$enableval" = xripemd160; then HMAC=ripemd160; fi
384)
385AC_DEFINE_UNQUOTED(ENABLE_HMAC, EVP_${HMAC}, [Select the HMAC digest algorithm to use.])
386
387AUTH=sha512
388AC_ARG_ENABLE(auth-digest,
389 [AS_HELP_STRING(--enable-auth-digest=DIGEST,[
390 Select the hmac algorithm to use (default "sha512"). Must be one of
391 "sha512", "sha256", "whirlpool".])],
392 if test "x$enableval" = xwhirlpool; then AUTH=whirlpool; fi
310 if test "x$enableval" = xmd5 ; then DIGEST=md5 ; fi 393 if test "x$enableval" = xsha512 ; then AUTH=sha512 ; fi
311 if test "x$enableval" = xmd4 ; then DIGEST=md4 ; fi 394 if test "x$enableval" = xsha256 ; then AUTH=sha256 ; fi
312) 395)
313AC_DEFINE_UNQUOTED(ENABLE_DIGEST, EVP_${DIGEST}, [Select the digest algorithm to use.]) 396AC_DEFINE_UNQUOTED(ENABLE_AUTH, EVP_${AUTH}, [Select the auth digest algorithm to use.])
314 397
315if $CXX -v --help 2>&1 | grep -q fno-rtti; then 398if $CXX -v --help 2>&1 | grep -q fno-rtti; then
316 CXXFLAGS="$CXXFLAGS -fno-rtti" 399 CXXFLAGS="$CXXFLAGS -fno-rtti"
317fi 400fi
318 401
319if $CXX -v --help 2>&1 | grep -q fexceptions; then 402#if $CXX -v --help 2>&1 | grep -q fexceptions; then
320 CXXFLAGS="$CXXFLAGS -fno-exceptions" 403# CXXFLAGS="$CXXFLAGS -fno-exceptions"
321fi 404#fi
322 405
406LIBS="$EXTRA_LIBS $LIBS"
407
323if $CXX -v --help 2>&1 | grep -q ffunction-sections; then 408dnl if $CXX -v --help 2>&1 | grep -q ffunction-sections; then
324 CXXFLAGS="$CXXFLAGS -ffunction-sections" 409dnl CXXFLAGS="$CXXFLAGS -ffunction-sections"
325fi 410dnl fi
326 411dnl
327if $LD -v --help 2>&1 | grep -q gc-sections; then 412dnl if $LD -v --help 2>&1 | grep -q gc-sections; then
328 LDFLAGS="$LDFLAGS -Wl,--gc-sections" 413dnl LDFLAGS="$LDFLAGS -Wl,--gc-sections"
329fi 414dnl fi
330 415
331AC_CONFIG_COMMANDS_POST([ 416AC_SUBST(INCLUDES)
417
418AC_CONFIG_FILES([Makefile po/Makefile.in
419src/Makefile
420doc/Makefile
421lib/Makefile
422m4/Makefile
423])
424AC_OUTPUT
332 425
333echo 426echo
334echo "***" 427echo "***"
335echo "*** Configuration Summary" 428echo "*** Configuration Summary"
336echo "***" 429echo "***"
337echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE" 430echo "*** Kernel Iface: $IFTYPE/$IFSUBTYPE"
431echo "*** RSA size: $RSA"
338echo "*** Cipher used: $CIPHER" 432echo "*** Cipher used: $CIPHER"
339echo "*** Digest used: $DIGEST" 433echo "*** Digest used: $DIGEST"
434echo "*** Authdigest: $AUTH"
340echo "*** HMAC length: $HMAC" 435echo "*** HMAC length: $HMAC"
341echo "*** RAND used: $RAND"
342echo "*** Max. MTU: $MTU" 436echo "*** Max. MTU: $MTU"
343echo "*** Compression: $COMPRESS" 437
344echo "***" 438echo "***"
439echo "*** Enable options:"
440grep ENABLE_ config.h | sed -e 's/^/*** /'
345 441
346if test "x$DIGEST" = xmd4; then 442if test "$HMACSIZE" -lt 12; then
347echo "*** WARNING"
348echo "*** The digest you have chosen ($DIGEST) is known to be insecure"
349echo "***" 443echo "***"
444echo "*** WARNING: The hmac length you have chosen ($HMACSIZE) is quite insecure"
350fi 445fi
351 446
447echo "***"
352echo 448echo
353 449
354]) 450if pkg-config --exists 'libcrypto >= 1.1 libcrypto < 2.0'; then
451 cat <<EOF
452@<:@33m
453***
454*** WARNING WARNING WARNING WARNING WARNING WARNING WARNING
455***
456*** You seem to configure gvpe with OpenSSL 1.1 or newer.
457*** While this probably compiles, please note that this is not only
458*** unsupported, but also discouraged.
459***
460*** It is recommended to use either OpenSSL 1.0, as long as that is still
461*** supported, or LibreSSL (https://www.libressl.org/).
462***
463*** This is not a political issue - while porting GVPE to the newer
464*** OpenSSL 1.1 API, I encountered two incompatible API changes that were
465*** not documented, were not caught while compiling but caused security
466*** issues. When reported, the reaction of the OpenSSL developers was to
467*** update the documentation.
468***
469*** As a result, I lost all confidence in the ability and desire of
470*** OpenSSL developers to create a safe API, and would highly recommend
471*** switching to LibreSSL which explicitly avoids such braking changes.
472***
473*** WARNING WARNING WARNING WARNING WARNING WARNING WARNING
474***
475*** Again, do not use OpenSSL 1.1 and complain if stuff breaks.
476*** You have been warned, but your choice is respected.
477***
478@<:@0m
355 479
356AC_SUBST(INCLUDES) 480EOF
481fi
357 482
358AC_OUTPUT(Makefile po/Makefile.in 483
359src/Makefile
360doc/Makefile
361lib/Makefile
362m4/Makefile
363)

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines