embedaddon/ipsec-tools/configure.ac - view

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / configure.ac
Revision 1.1: download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 22:39:10 2012 UTC (12 years, 4 months ago) by misho
CVS tags: MAIN, HEAD

Initial revision

1: dnl -*- mode: m4 -*- 2: dnl Id: configure.ac,v 1.77 2006/07/20 19:19:27 manubsd Exp 3: 4: AC_PREREQ(2.52) 5: AC_INIT(ipsec-tools, 0.8.0) 6: AC_CONFIG_SRCDIR([configure.ac]) 7: AM_CONFIG_HEADER(config.h) 8: 9: AM_INIT_AUTOMAKE(dist-bzip2) 10: 11: AC_ENABLE_SHARED(no) 12: 13: AC_PROG_CC 14: AM_PROG_CC_STDC 15: AC_HEADER_STDC 16: AC_PROG_LIBTOOL 17: AC_PROG_YACC 18: AM_PROG_LEX 19: AC_SUBST(LEXLIB) 20: AC_PROG_EGREP 21: 22: CFLAGS_ADD="$CFLAGS_ADD -Wall -Werror -Wno-unused" 23: 24: case $host in 25: *netbsd*) 26: LDFLAGS="-Wl,-R/usr/pkg/lib $LDFLAGS" 27: ;; 28: *linux*) 29: LIBS="$LIBS -lresolv" 30: INSTALL_OPTS="-o bin -g bin" 31: INCLUDE_GLIBC="include-glibc" 32: RPM="rpm" 33: AC_SUBST(INSTALL_OPTS) 34: AC_SUBST(INCLUDE_GLIBC) 35: AC_SUBST(RPM) 36: ;; 37: *darwin*) 38: LIBS="$LIBS -lresolv" 39: ;; 40: esac 41: 42: # Look up some IPsec-related headers 43: AC_CHECK_HEADER(net/pfkeyv2.h, [have_net_pfkey=yes], [have_net_pfkey=no]) 44: AC_CHECK_HEADER(netinet/ipsec.h, [have_netinet_ipsec=yes], [have_netinet_ipsec=no]) 45: AC_CHECK_HEADER(netinet6/ipsec.h, [have_netinet6_ipsec=yes], [have_netinet6_ipsec=no]) 46: AC_CHECK_HEADER(netipsec/ipsec.h, [have_netipsec_ipsec=yes], [have_netipsec_ipsec=no]) 47: 48: # FreeBSD >=7 has only <netipsec/ipsec.h> 49: # NetBSD has <netinet6/ipsec.h> but not <netinet/ipsec.h> 50: # XXX some *BSD still have both <netinet6/ipsec.h> and <netipsec/ipsec.h>, 51: # we can't decide which one to use (actually <netinet6/ipsec.h>) 52: 53: 54: if test "$have_netinet_ipsec$have_netinet6_ipsec$have_netipsec_ipsec" = nonoyes; then 55: have_netinet_ipsec=yes 56: AC_DEFINE(PATH_IPSEC_H, [<netipsec/ipsec.h>], [Path to ipsec.h]) 57: else 58: if test "$have_netinet_ipsec$have_netinet6_ipsec" = noyes; then 59: have_netinet_ipsec=yes 60: AC_DEFINE(PATH_IPSEC_H, [<netinet6/ipsec.h>], [Path to ipsec.h]) 61: else 62: # have_netinet_ipsec will be checked a few lines below 63: AC_DEFINE(PATH_IPSEC_H, [<netinet/ipsec.h>], [Path to ipsec.h]) 64: fi 65: fi 66: 67: case "$host_os" in 68: *linux*) 69: AC_ARG_WITH(kernel-headers, 70: AC_HELP_STRING([--with-kernel-headers=/lib/modules/<uname>/build/include], 71: [where your Linux Kernel headers are installed]), 72: [ KERNEL_INCLUDE="$with_kernel_headers" 73: CONFIGURE_AMFLAGS="--with-kernel-headers=$with_kernel_headers" 74: AC_SUBST(CONFIGURE_AMFLAGS) ], 75: [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ]) 76: 77: AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, , 78: [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, 79: KERNEL_INCLUDE=/usr/src/linux/include , 80: [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) 81: AC_SUBST(KERNEL_INCLUDE) 82: # We need the configure script to run with correct kernel headers. 83: # However we don't want to point to kernel source tree in compile time, 84: # i.e. this will be removed from CPPFLAGS at the end of configure. 85: CPPFLAGS="-I$KERNEL_INCLUDE $CPPFLAGS" 86: 87: AC_CHECK_MEMBER(struct sadb_x_policy.sadb_x_policy_priority, 88: [AC_DEFINE(HAVE_PFKEY_POLICY_PRIORITY, [], 89: [Are PF_KEY policy priorities supported?])], [], 90: [#include "$KERNEL_INCLUDE/linux/pfkeyv2.h"]) 91: 92: GLIBC_BUGS='-include ${top_srcdir}/src/include-glibc/glibc-bugs.h -I${top_srcdir}/src/include-glibc -I${top_builddir}/src/include-glibc' 93: GLIBC_BUGS_LOCAL="-include ${srcdir-.}/src/include-glibc/glibc-bugs.h -I${srcdir-.}/src/include-glibc -I./src/include-glibc" 94: CPPFLAGS="$GLIBC_BUGS_LOCAL $CPPFLAGS" 95: CPPFLAGS="-D_GNU_SOURCE $CPPFLAGS" 96: AC_SUBST(GLIBC_BUGS) 97: ;; 98: *) 99: if test "$have_net_pfkey$have_netinet_ipsec" != yesyes; then 100: if test "$have_net_pfkey" = yes; then 101: AC_MSG_ERROR([Found net/pfkeyv2.h but not netinet/ipsec.h. Aborting.]) 102: else 103: AC_MSG_ERROR([Found netinet/ipsec.h but not net/pfkeyv2.h. Aborting.]) 104: fi 105: fi 106: ;; 107: esac 108: 109: ### Some basic toolchain checks 110: 111: # Checks for header files. 112: AC_HEADER_STDC 113: AC_HEADER_SYS_WAIT 114: AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h) 115: AC_CHECK_HEADERS(shadow.h) 116: 117: # Checks for typedefs, structures, and compiler characteristics. 118: AC_C_CONST 119: AC_TYPE_PID_T 120: AC_TYPE_SIZE_T 121: AC_HEADER_TIME 122: AC_STRUCT_TM 123: 124: # Checks for library functions. 125: AC_FUNC_MEMCMP 126: AC_TYPE_SIGNAL 127: AC_FUNC_VPRINTF 128: AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul strlcpy strlcat) 129: AC_REPLACE_FUNCS(strdup) 130: RACOON_CHECK_VA_COPY 131: 132: # Check if printf accepts "%z" type modifier for size_t argument 133: AC_MSG_CHECKING(if printf accepts %z) 134: saved_CFLAGS=$CFLAGS 135: CFLAGS="$CFLAGS -Wall -Werror" 136: AC_TRY_COMPILE([ 137: #include <stdio.h> 138: ], [ 139: printf("%zu\n", (size_t)-1); 140: ], 141: [AC_MSG_RESULT(yes)], 142: [AC_MSG_RESULT(no); 143: CFLAGS_ADD="$CFLAGS_ADD -Wno-format"; 144: AC_DEFINE(BROKEN_PRINTF, [], [If printf doesn't support %zu.]) 145: ]) 146: CFLAGS=$saved_CFLAGS 147: 148: # Can we use __func__ macro? 149: AC_MSG_CHECKING(if __func__ is available) 150: AC_TRY_COMPILE( 151: [#include <stdio.h> 152: ], [char *x = __func__;], 153: [AC_DEFINE([HAVE_FUNC_MACRO], [], [Have __func__ macro]) 154: AC_MSG_RESULT(yes)], 155: [AC_MSG_RESULT(no)]) 156: 157: # Check if readline support is requested 158: AC_MSG_CHECKING(if readline support is requested) 159: AC_ARG_WITH(readline, 160: [ --with-readline support readline input (yes by default)], 161: [with_readline="$withval"], [with_readline="yes"]) 162: AC_MSG_RESULT($with_readline) 163: 164: # Is readline available? 165: if test $with_readline != "no"; then 166: AC_CHECK_HEADER([readline/readline.h], 167: [AC_CHECK_LIB(readline, readline, [ 168: AC_DEFINE(HAVE_READLINE, [], 169: [Is readline available?]) 170: LIBS="$LIBS -lreadline" 171: ], [])], []) 172: fi 173: 174: 175: AC_MSG_CHECKING(if --with-flex option is specified) 176: AC_ARG_WITH(flexdir, 177: [AC_HELP_STRING([--with-flex], [use directiory (default: no)])], 178: [flexdir="$withval"]) 179: AC_MSG_RESULT(${flexdir-dirdefault}) 180: 181: if test "x$flexdir" != "x"; then 182: LIBS="$LIBS $flexdir/libfl.a" 183: fi 184: 185: AC_MSG_CHECKING(if --with-flexlib option is specified) 186: AC_ARG_WITH(flexlib, 187: [ --with-flexlib=<LIB> specify flex library.], 188: [flexlib="$withval"]) 189: AC_MSG_RESULT(${flexlib-default}) 190: 191: if test "x$flexlib" != "x"; then 192: LIBS="$LIBS $flexlib" 193: fi 194: 195: # Check if a different OpenSSL directory was specified 196: AC_MSG_CHECKING(if --with-openssl option is specified) 197: AC_ARG_WITH(openssl, [ --with-openssl=DIR specify OpenSSL directory], 198: [crypto_dir=$withval]) 199: AC_MSG_RESULT(${crypto_dir-default}) 200: 201: if test "x$crypto_dir" != "x"; then 202: LIBS="$LIBS -L${crypto_dir}/lib" 203: CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" 204: fi 205: AC_MSG_CHECKING(openssl version) 206: 207: AC_TRY_COMPILE( 208: [#include <openssl/opensslv.h> 209: ], 210: [#if OPENSSL_VERSION_NUMBER < 0x0090602fL 211: #error OpenSSL version is too old ... 212: #endif], 213: [AC_MSG_RESULT([ok])], 214: [AC_MSG_RESULT(too old) 215: AC_MSG_ERROR([OpenSSL version must be 0.9.6 or higher. Aborting.]) 216: ]) 217: 218: AC_CHECK_HEADERS(openssl/engine.h) 219: 220: # checking rijndael 221: AC_CHECK_HEADERS([openssl/aes.h], [], 222: [CRYPTOBJS="$CRYPTOBJS rijndael-api-fst.o rijndael-alg-fst.o"]) 223: 224: # checking sha2 225: AC_MSG_CHECKING(sha2 support) 226: AC_DEFINE([WITH_SHA2], [], [SHA2 support]) 227: AC_MSG_RESULT(yes) 228: AC_CHECK_HEADER(openssl/sha2.h, [], [ 229: AC_MSG_CHECKING(if sha2 is defined in openssl/sha.h) 230: AC_TRY_COMPILE([ 231: #ifdef HAVE_SYS_TYPES_H 232: #include <sys/types.h> 233: #endif 234: #include <openssl/sha.h> 235: ], [ 236: SHA256_CTX ctx; 237: ], [ 238: AC_MSG_RESULT(yes) 239: AC_DEFINE([HAVE_SHA2_IN_SHA_H], [], [sha2 is defined in sha.h]) 240: ], [AC_MSG_RESULT(no) 241: AC_LIBOBJ([sha2]) 242: CRYPTOBJS="$CRYPTOBJS sha2.o" 243: ]) 244: 245: CPPFLAGS_ADD="$CPPFLAGS_ADD -I\${top_srcdir}/src/racoon/missing" 246: ]) 247: AC_SUBST(CRYPTOBJS) 248: 249: # checking camellia 250: AC_CHECK_HEADERS([openssl/camellia.h]) 251: 252: 253: # Option --enable-adminport 254: AC_MSG_CHECKING(if --enable-adminport option is specified) 255: AC_ARG_ENABLE(adminport, 256: [ --enable-adminport enable admin port], 257: [], [enable_adminport=no]) 258: if test $enable_adminport = "yes"; then 259: AC_DEFINE([ENABLE_ADMINPORT], [], [Enable admin port]) 260: fi 261: AC_MSG_RESULT($enable_adminport) 262: 263: # Option RC5 264: AC_MSG_CHECKING(if --enable-rc5 option is specified) 265: AC_ARG_ENABLE(rc5, 266: [ --enable-rc5 enable RC5 encryption (patented)], 267: [], [enable_rc5=no]) 268: AC_MSG_RESULT($enable_rc5) 269: 270: if test $enable_rc5 = "yes"; then 271: AC_CHECK_HEADERS([openssl/rc5.h]) 272: AC_CHECK_LIB([crypto_rc5], [RC5_32_encrypt], 273: [EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_rc5"]) 274: fi 275: 276: # Option IDEA 277: AC_MSG_CHECKING(if --enable-idea option is specified) 278: AC_ARG_ENABLE(idea, 279: [ --enable-idea enable IDEA encryption (patented)], 280: [], [enable_idea=no]) 281: AC_MSG_RESULT($enable_idea) 282: 283: if test $enable_idea = "yes"; then 284: AC_CHECK_HEADERS([openssl/idea.h]) 285: AC_CHECK_LIB([crypto_idea], [idea_encrypt], 286: [EXTRA_CRYPTO="$EXTRA_CRYPTO -lcrypto_idea"]) 287: fi 288: AC_SUBST(EXTRA_CRYPTO) 289: 290: # For dynamic libradius 291: RACOON_PATH_LIBS([MD5_Init], [crypto]) 292: 293: # Check if we need -lutil for login(3) 294: RACOON_PATH_LIBS([login], [util]) 295: 296: # Specify libiconv prefix 297: AC_MSG_CHECKING(if --with-libiconv option is specified) 298: AC_ARG_WITH(libiconv, 299: [ --with-libiconv=DIR specify libiconv path (like/usr/pkg)], 300: [libiconv_dir=$withval], 301: [libiconv_dir=no]) 302: AC_MSG_RESULT($libiconv_dir) 303: if test "$libiconv_dir" != "no"; then 304: if test "$libiconv_dir" = "yes" ; then 305: libiconv_dir=""; 306: fi; 307: if test "x$libiconv_dir" = "x"; then 308: RACOON_PATH_LIBS([iconv_open], [iconv]) 309: else 310: if test -d "$libiconv_dir/lib" -a \ 311: -d "$libiconv_dir/include" ; then 312: RACOON_PATH_LIBS([iconv_open], [iconv], ["$libiconv_dir/lib"]) 313: CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libiconv_dir/include" 314: else 315: AC_MSG_ERROR([ICONV libs or includes not found. Aborting.]) 316: fi 317: fi 318: LIBS="$LIBS -L$libiconv_dir/lib -R$libiconv_dir/lib -liconv" 319: AC_CHECK_FUNCS(iconv_open) 320: fi 321: 322: AC_MSG_CHECKING([if --enable-hybrid option is specified]) 323: AC_ARG_ENABLE(hybrid, 324: [ --enable-hybrid enable hybrid, both mode-cfg and xauth support], 325: [], [enable_hybrid=no]) 326: AC_MSG_RESULT($enable_hybrid) 327: 328: if test "x$enable_hybrid" = "xyes"; then 329: case $host in 330: *darwin*) 331: ;; 332: *) 333: LIBS="$LIBS -lcrypt"; 334: ;; 335: esac 336: HYBRID_OBJS="isakmp_xauth.o isakmp_cfg.o isakmp_unity.o throttle.o" 337: AC_SUBST(HYBRID_OBJS) 338: AC_DEFINE([ENABLE_HYBRID], [], [Hybrid authentication support]) 339: fi 340: 341: AC_MSG_CHECKING([if --enable-frag option is specified]) 342: AC_ARG_ENABLE(frag, 343: [ --enable-frag enable IKE fragmentation payload support], 344: [], [enable_frag=no]) 345: AC_MSG_RESULT($enable_frag) 346: 347: if test "x$enable_frag" = "xyes"; then 348: case $host in 349: *darwin*) 350: ;; 351: *) 352: LIBS="$LIBS -lcrypt"; 353: ;; 354: esac 355: FRAG_OBJS="isakmp_frag.o" 356: AC_SUBST(FRAG_OBJS) 357: AC_DEFINE([ENABLE_FRAG], [], [IKE fragmentation support]) 358: fi 359: 360: AC_MSG_CHECKING(if --with-libradius option is specified) 361: AC_ARG_WITH(libradius, 362: [ --with-libradius=DIR specify libradius path (like/usr/pkg)], 363: [libradius_dir=$withval], 364: [libradius_dir=no]) 365: AC_MSG_RESULT($libradius_dir) 366: if test "$libradius_dir" != "no"; then 367: if test "$libradius_dir" = "yes" ; then 368: libradius_dir=""; 369: fi; 370: if test "x$libradius_dir" = "x"; then 371: RACOON_PATH_LIBS([rad_create_request], [radius]) 372: else 373: if test -d "$libradius_dir/lib" -a \ 374: -d "$libradius_dir/include" ; then 375: RACOON_PATH_LIBS([rad_create_request], [radius], ["$libradius_dir/lib"]) 376: CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include" 377: else 378: AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.]) 379: fi 380: fi 381: AC_DEFINE([HAVE_LIBRADIUS], [], [Hybrid authentication uses RADIUS]) 382: LIBS="$LIBS -L$libradius_dir/lib -R$libradius_dir/lib -lradius" 383: AC_CHECK_FUNCS(rad_create_request) 384: fi 385: 386: AC_MSG_CHECKING(if --with-libpam option is specified) 387: AC_ARG_WITH(libpam, 388: [ --with-libpam=DIR specify libpam path (like/usr/pkg)], 389: [libpam_dir=$withval], 390: [libpam_dir=no]) 391: AC_MSG_RESULT($libpam_dir) 392: if test "$libpam_dir" != "no"; then 393: if test "$libpam_dir" = "yes" ; then 394: libpam_dir=""; 395: fi; 396: if test "x$libpam_dir" = "x"; then 397: RACOON_PATH_LIBS([pam_start], [pam]) 398: else 399: if test -d "$libpam_dir/lib" -a \ 400: -d "$libpam_dir/include" ; then 401: RACOON_PATH_LIBS([pam_start], [pam], ["$libpam_dir/lib"]) 402: CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include" 403: else 404: AC_MSG_ERROR([PAM libs or includes not found. Aborting.]) 405: fi 406: fi 407: AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM]) 408: LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam" 409: AC_CHECK_FUNCS(pam_start) 410: fi 411: 412: AC_MSG_CHECKING(if --with-libldap option is specified) 413: AC_ARG_WITH(libldap, 414: [ --with-libldap=DIR specify libldap path (like/usr/pkg)], 415: [libldap_dir=$withval], 416: [libldap_dir=no]) 417: AC_MSG_RESULT($libldap_dir) 418: if test "$libldap_dir" != "no"; then 419: if test "$libldap_dir" = "yes" ; then 420: libldap_dir=""; 421: fi; 422: if test "x$libldap_dir" = "x"; then 423: RACOON_PATH_LIBS([ldap_init], [ldap]) 424: else 425: if test -d "$libldap_dir/lib" -a \ 426: -d "$libldap_dir/include" ; then 427: RACOON_PATH_LIBS([ldap_init], [ldap], ["$libldap_dir/lib"]) 428: CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libldap_dir/include" 429: else 430: AC_MSG_ERROR([LDAP libs or includes not found. Aborting.]) 431: fi 432: fi 433: AC_DEFINE([HAVE_LIBLDAP], [], [Hybrid authentication uses LDAP]) 434: LIBS="$LIBS -L$libldap_dir/lib -R$libldap_dir/lib -lldap" 435: 436: saved_CFLAGS=$CFLAGS 437: CFLAGS="$CFLAGS -Wall -Werror" 438: saved_CPPFLAGS=$CPPFLAGS 439: CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 440: AC_TRY_COMPILE( 441: [#include <ldap.h>], 442: [ 443: #if LDAP_API_VERSION < 2004 444: #error OpenLDAP version is too old ... 445: #endif 446: ], 447: [AC_MSG_RESULT([ok])], 448: [ 449: AC_MSG_RESULT(too old) 450: AC_MSG_ERROR([OpenLDAP version must be 2.0 or higher. Aborting.]) 451: ]) 452: CFLAGS=$saved_CFLAGS 453: CPPFLAGS=$saved_CPPFLAGS 454: fi 455: 456: # Check for Kerberos5 support 457: # XXX This must come after all --with-* tests, else the 458: # -liconv checks will not work 459: AC_MSG_CHECKING(if --enable-gssapi option is specified) 460: AC_ARG_ENABLE(gssapi, 461: [ --enable-gssapi enable GSS-API authentication], 462: [], [enable_gssapi=no]) 463: AC_MSG_RESULT($enable_gssapi) 464: AC_PATH_PROG(KRB5_CONFIG,krb5-config,no) 465: if test "x$enable_gssapi" = "xyes"; then 466: if test "$KRB5_CONFIG" != "no"; then 467: krb5_incdir="`$KRB5_CONFIG --cflags gssapi`" 468: krb5_libs="`$KRB5_CONFIG --libs gssapi`" 469: else 470: # No krb5-config; let's make some assumptions based on 471: # the OS. 472: case $host_os in 473: netbsd*) 474: krb5_incdir="-I/usr/include/krb5" 475: krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1" 476: ;; 477: *) 478: AC_MSG_ERROR([krb5-config not found, but needed for GSSAPI support. Aborting.]) 479: ;; 480: esac 481: fi 482: LIBS="$LIBS $krb5_libs" 483: CPPFLAGS_ADD="$krb5_incdir $CPPFLAGS_ADD" 484: AC_DEFINE([HAVE_GSSAPI], [], [Enable GSS API]) 485: 486: # Check if iconv 2nd argument needs const 487: saved_CFLAGS=$CFLAGS 488: CFLAGS="$CFLAGS -Wall -Werror" 489: saved_CPPFLAGS=$CPPFLAGS 490: CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 491: AC_CHECK_HEADER([iconv.h], [], [AC_MSG_ERROR([iconv.h not found, but needed for GSSAPI support. Aborting.])]) 492: AC_MSG_CHECKING([if iconv second argument needs const]) 493: AC_TRY_COMPILE([ 494: #include <iconv.h> 495: #include <stdio.h> 496: ], [ 497: iconv_t cd = NULL; 498: const char **src = NULL; 499: size_t *srcleft = NULL; 500: char **dst = NULL; 501: size_t *dstleft = NULL; 502: 503: (void)iconv(cd, src, srcleft, dst, dstleft); 504: ], [AC_MSG_RESULT(yes) 505: AC_DEFINE([HAVE_ICONV_2ND_CONST], [], [Have iconv using const]) 506: ], [AC_MSG_RESULT(no)]) 507: CFLAGS=$saved_CFLAGS 508: CPPFLAGS=$saved_CPPFLAGS 509: 510: # libiconv is often integrated into libc. If a with-* option 511: # caused a non libc-based iconv.h to be catched instead of 512: # the libc-based iconv.h, then we need to link with -liconv 513: AC_MSG_CHECKING(if -liconv is required) 514: saved_CPPFLAGS=$CPPFLAGS 515: saved_LIBS=$LIBS 516: CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 517: AC_TRY_LINK([ 518: #include <iconv.h> 519: ], [ 520: (void)iconv_open("ascii", "ascii"); 521: ], 522: [AC_MSG_RESULT(no)], 523: [ 524: LIBS="$LIBS -liconv" 525: AC_TRY_LINK([ 526: #include <iconv.h> 527: ], [ 528: (void)iconv_open("ascii", "ascii"); 529: ], 530: [ 531: AC_MSG_RESULT(yes) 532: saved_LIBS=$LIBS 533: ], [ 534: AC_MSG_ERROR([cannot use iconv]) 535: ]) 536: ]) 537: CPPFLAGS=$saved_CPPFLAGS 538: LIBS=$saved_LIBS 539: fi 540: 541: AC_MSG_CHECKING(if --enable-stats option is specified) 542: AC_ARG_ENABLE(stats, 543: [ --enable-stats enable statistics logging function], 544: [], [enable_stats=no]) 545: if test "x$enable_stats" = "xyes"; then 546: AC_DEFINE([ENABLE_STATS], [], [Enable statictics]) 547: fi 548: AC_MSG_RESULT($enable_stats) 549: 550: AC_MSG_CHECKING(if --enable-dpd option is specified) 551: AC_ARG_ENABLE(dpd, 552: [ --enable-dpd enable dead peer detection], 553: [], [enable_dpd=no]) 554: if test "x$enable_dpd" = "xyes"; then 555: AC_DEFINE([ENABLE_DPD], [], [Enable dead peer detection]) 556: fi 557: AC_MSG_RESULT($enable_dpd) 558: 559: AC_MSG_CHECKING(if --enable-samode-unspec option is specified) 560: AC_ARG_ENABLE(samode-unspec, 561: [ --enable-samode-unspec enable to use unspecified a mode of SA], 562: [], [enable_samode_unspec=no]) 563: if test "x$enable_samode_unspec" = "xyes"; then 564: case $host_os in 565: *linux*) 566: cat << EOC 567: 568: ERROR: --enable-samode-unspec is not supported under linux 569: because linux kernel do not support it. This option is disabled 570: to prevent mysterious problems. 571: 572: If you REALLY know what your are doing, remove this check. 573: EOC 574: exit 1; 575: ;; 576: esac 577: AC_DEFINE([ENABLE_SAMODE_UNSPECIFIED], [], [Enable samode-unspec]) 578: fi 579: AC_MSG_RESULT($enable_samode_unspec) 580: 581: # Checks if IPv6 is requested 582: AC_MSG_CHECKING([whether to enable ipv6]) 583: AC_ARG_ENABLE(ipv6, 584: [ --disable-ipv6 disable ipv6 support], 585: [ case "$enableval" in 586: no) 587: AC_MSG_RESULT(no) 588: ipv6=no 589: ;; 590: *) AC_MSG_RESULT(yes) 591: ipv6=yes 592: ;; 593: esac ], 594: 595: AC_TRY_RUN([ /* AF_INET6 avalable check */ 596: #include <sys/types.h> 597: #include <sys/socket.h> 598: main() 599: { 600: exit(0); 601: if (socket(AF_INET6, SOCK_STREAM, 0) < 0) 602: exit(1); 603: else 604: exit(0); 605: } 606: ], 607: AC_MSG_RESULT(yes) 608: AC_DEFINE([INET6], [], [Support IPv6]) 609: ipv6=yes, 610: AC_MSG_RESULT(no) 611: ipv6=no, 612: AC_MSG_RESULT(no) 613: ipv6=no 614: )) 615: 616: if test "$ipv6" = "yes"; then 617: AC_DEFINE([INET6], [], [Support IPv6]) 618: AC_MSG_CHECKING(for advanced API support) 619: AC_TRY_COMPILE([#ifndef INET6 620: #define INET6 621: #endif 622: #include <sys/types.h> 623: #include <netinet/in.h>], 624: [struct in6_pktinfo a;], 625: [AC_MSG_RESULT(yes) 626: AC_DEFINE([INET6_ADVAPI], [], [Use advanced IPv6 API])], 627: [AC_MSG_RESULT(no)]) 628: fi 629: 630: RACOON_CHECK_BUGGY_GETADDRINFO 631: if test "$buggygetaddrinfo" = "yes"; then 632: AC_MSG_ERROR([Broken getaddrinfo() is no longer supported. Aborting.]) 633: fi 634: 635: # Check if kernel support is available for NAT-T, defaults to no. 636: kernel_natt="no" 637: 638: AC_MSG_CHECKING(kernel NAT-Traversal support) 639: case $host_os in 640: linux*) 641: # Linux kernel NAT-T check 642: AC_EGREP_CPP(yes, 643: [#include <linux/pfkeyv2.h> 644: #ifdef SADB_X_EXT_NAT_T_TYPE 645: yes 646: #endif 647: ], [kernel_natt="yes"]) 648: ;; 649: freebsd*|netbsd*) 650: # NetBSD case 651: # Same check for FreeBSD 652: AC_CHECK_MEMBER(struct sadb_x_nat_t_type.sadb_x_nat_t_type_len, 653: [kernel_natt="yes"],, [ 654: #define _KERNEL 655: #include <sys/types.h> 656: #include <net/pfkeyv2.h> 657: ]) 658: ;; 659: esac 660: AC_MSG_RESULT($kernel_natt) 661: 662: AC_MSG_CHECKING(whether to support NAT-T) 663: AC_ARG_ENABLE(natt, 664: [ --enable-natt enable NAT-Traversal (yes/no/kernel)], 665: [ if test "$enable_natt" = "kernel"; then enable_natt=$kernel_natt; fi ], 666: [ enable_natt=no ]) 667: AC_MSG_RESULT($enable_natt) 668: 669: if test "$enable_natt" = "yes"; then 670: if test "$kernel_natt" = "no" ; then 671: AC_MSG_ERROR([NAT-T requested, but no kernel support! Aborting.]) 672: else 673: AC_DEFINE([ENABLE_NATT], [], [Enable NAT-Traversal]) 674: NATT_OBJS="nattraversal.o" 675: AC_SUBST(NATT_OBJS) 676: fi 677: fi 678: 679: # Set up defines for supported NAT-T versions. 680: natt_versions_default="00,02,rfc" 681: AC_MSG_CHECKING(which NAT-T versions to support) 682: AC_ARG_ENABLE(natt_versions, 683: [ --enable-natt-versions=list list of supported NAT-T versions delimited by coma.], 684: [ test "$enable_natt_versions" = "yes" && enable_natt_versions=$natt_versions_default ], 685: [ enable_natt_versions=$natt_versions_default ]) 686: if test "$enable_natt" = "yes"; then 687: AC_MSG_RESULT($enable_natt_versions) 688: for i in `echo $enable_natt_versions | tr ',cfr' ' CFR'`; do 689: case $i in 690: 0|00) AC_DEFINE([ENABLE_NATT_00], [], [Enable NAT-Traversal draft 00]) ;; 691: 1|01) AC_DEFINE([ENABLE_NATT_01], [], [Enable NAT-Traversal draft 01]) ;; 692: 2|02) AC_DEFINE([ENABLE_NATT_02], [], [Enable NAT-Traversal draft 02]) ;; 693: 3|03) AC_DEFINE([ENABLE_NATT_03], [], [Enable NAT-Traversal draft 03]) ;; 694: 4|04) AC_DEFINE([ENABLE_NATT_04], [], [Enable NAT-Traversal draft 04]) ;; 695: 5|05) AC_DEFINE([ENABLE_NATT_05], [], [Enable NAT-Traversal draft 05]) ;; 696: 6|06) AC_DEFINE([ENABLE_NATT_06], [], [Enable NAT-Traversal draft 06]) ;; 697: 7|07) AC_DEFINE([ENABLE_NATT_07], [], [Enable NAT-Traversal draft 07]) ;; 698: 8|08) AC_DEFINE([ENABLE_NATT_08], [], [Enable NAT-Traversal draft 08]) ;; 699: RFC) AC_DEFINE([ENABLE_NATT_RFC], [], [Enable NAT-Traversal RFC version]) ;; 700: *) AC_MSG_ERROR([Unknown NAT-T version. Aborting.]) ;; 701: esac 702: done 703: unset i 704: else 705: AC_MSG_RESULT([none]) 706: fi 707: 708: AC_MSG_CHECKING(if --enable-broken-natt option is specified) 709: AC_ARG_ENABLE(broken-natt, 710: [ --enable-broken-natt broken in-kernel NAT-T], 711: [], [enable_broken_natt=no]) 712: if test "x$enable_broken_natt" = "xyes"; then 713: AC_DEFINE([BROKEN_NATT], [], [in-kernel NAT-T is broken]) 714: fi 715: AC_MSG_RESULT($enable_broken_natt) 716: 717: AC_MSG_CHECKING(whether we support FWD policy) 718: case $host in 719: *linux*) 720: AC_TRY_COMPILE([ 721: #include <inttypes.h> 722: #include <linux/ipsec.h> 723: ], [ 724: int fwd = IPSEC_DIR_FWD; 725: ], 726: [AC_MSG_RESULT(yes) 727: AC_DEFINE([HAVE_POLICY_FWD], [], [Have forward policy])], 728: [AC_MSG_RESULT(no)]) 729: ;; 730: *) 731: AC_MSG_RESULT(no) 732: ;; 733: esac 734: 735: AC_CHECK_TYPE([ipsec_policy_t], 736: [AC_DEFINE([HAVE_IPSEC_POLICY_T], [], [Have ipsec_policy_t])], 737: [], 738: [ 739: #include <sys/types.h> 740: #include <netinet6/ipsec.h> 741: ]) 742: 743: # Check if kernel support is available for Security Context, defaults to no. 744: kernel_secctx="no" 745: 746: AC_MSG_CHECKING(kernel Security Context support) 747: case $host_os in 748: linux*) 749: # Linux kernel Security Context check 750: AC_EGREP_CPP(yes, 751: [#include <linux/pfkeyv2.h> 752: #ifdef SADB_X_EXT_SEC_CTX 753: yes 754: #endif 755: ], [kernel_secctx="yes"]) 756: ;; 757: esac 758: AC_MSG_RESULT($kernel_secctx) 759: 760: AC_CHECK_HEADER(selinux/selinux.h, 761: [AC_CHECK_LIB(selinux, avc_init, [selinux_support=yes], 762: [selinux_support=no])], [selinux_support=no]) 763: 764: AC_MSG_CHECKING(whether to support Security Context) 765: AC_ARG_ENABLE(security-context, 766: [ --enable-security-context enable Security Context(yes/no/kernel)], 767: [if test "$enable_security_context" = "kernel"; then 768: enable_security_context=$kernel_secctx; fi], 769: [enable_security_context=$kernel_secctx]) 770: AC_MSG_RESULT($enable_security_context) 771: 772: if test "$enable_security_context" = "yes"; then 773: if test "$kernel_secctx" = "no" ; then 774: AC_MSG_ERROR([Security Context requested, but no kernel support! Aborting.]) 775: else 776: if test "$selinux_support" = "no"; then 777: AC_MSG_ERROR([Security Context requested, but no selinux support! Aborting.]) 778: else 779: AC_DEFINE([HAVE_SECCTX], [], [Enable Security Context]) 780: SECCTX_OBJS="security.o" 781: AC_SUBST(SECCTX_OBJS) 782: LIBS="$LIBS -lselinux" 783: fi 784: fi 785: fi 786: 787: RACOON_PATH_LIBS([clock_gettime], [rt]) 788: 789: AC_MSG_CHECKING(for monotonic system clock) 790: AC_TRY_COMPILE( 791: [#include <time.h>], 792: [clock_gettime(CLOCK_MONOTONIC, NULL);], 793: [AC_DEFINE([HAVE_CLOCK_MONOTONIC], [], [Have a monotonic clock]) 794: AC_MSG_RESULT(yes)], 795: [AC_MSG_RESULT(no)]) 796: 797: CFLAGS="$CFLAGS $CFLAGS_ADD" 798: CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD" 799: 800: case $host in 801: *linux*) 802: # Remove KERNEL_INCLUDE from CPPFLAGS. It will 803: # be symlinked to src/include-glibc/linux in 804: # compile time. 805: CPPFLAGS=`echo $CPPFLAGS | sed "s,-I$KERNEL_INCLUDE,,"` 806: ;; 807: esac 808: 809: include_racoondir=${includedir}/racoon 810: AC_SUBST(include_racoondir) 811: 812: AC_CONFIG_FILES([ 813: Makefile 814: package_version.h 815: src/Makefile 816: src/include-glibc/Makefile 817: src/libipsec/Makefile 818: src/setkey/Makefile 819: src/racoon/Makefile 820: src/racoon/samples/psk.txt 821: src/racoon/samples/racoon.conf 822: rpm/Makefile 823: rpm/suse/Makefile 824: rpm/suse/ipsec-tools.spec 825: ]) 826: AC_OUTPUT