Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/crypto/dist/kame/racoon/configure.in

665 lines
17 KiB
Plaintext
Raw Blame History

dnl Process this file with autoconf to produce a configure script.
AC_INIT(admin.c)
dnl Checks for programs.
AC_PROG_CC
AC_PROG_CPP
AC_PROG_LEX
AC_PROG_INSTALL
AC_PROG_MAKE_SET
AC_CANONICAL_HOST
case $host in
*netbsd*)
CFLAGS="-Wl,-R/usr/pkg/lib $CFLAGS" ;;
esac
AC_SUBST(OPTFLAG)
OPTFLAG="-O -DYIPS_DEBUG"
AC_MSG_CHECKING(if --enable-debug option is specified)
AC_ARG_ENABLE(debug, [ --enable-debug build a debug version],
[OPTFLAG="-g $OPTFLAG"; enable_debug=yes], [enable_debug=no])
AC_MSG_RESULT($enable_debug)
AC_MSG_CHECKING(if --enable-yydebug option is specified)
AC_ARG_ENABLE(yydebug, [ --enable-yydebug build a yydebug version],
[AC_DEFINE(YYDEBUG)
enable_yydebug=yes], [enable_yydebug=no])
AC_MSG_RESULT($enable_yydebug)
OPTFLAG="-Wall -Wmissing-prototypes -Wmissing-declarations $OPTFLAG"
AC_MSG_CHECKING(if --enable-pedant option is specified)
AC_ARG_ENABLE(pedant, [ --enable-pedant pedantic compiler options],
[OPTFLAG="-Werror $OPTFLAG"; enable_pedant=yes],
[enable_pedant=no])
AC_MSG_RESULT($enable_pedant)
AC_MSG_CHECKING(if --enable-adminport option is specified)
AC_ARG_ENABLE(adminport,
[ --enable-adminport enable admin port (INSECURE!)],
[], [enable_adminport=no])
if test $enable_adminport = "yes"; then
AC_DEFINE(ENABLE_ADMINPORT)
fi
AC_MSG_RESULT($enable_adminport)
AC_MSG_CHECKING(if --enable-rc5 option is specified)
AC_ARG_ENABLE(rc5,
[ --enable-rc5 enable RC5 encryption (patented)],
[], [enable_rc5=no])
AC_MSG_RESULT($enable_rc5)
AC_MSG_CHECKING(if --enable-idea option is specified)
AC_ARG_ENABLE(idea,
[ --enable-idea enable IDEA encryption (patented)],
[], [enable_idea=no])
AC_MSG_RESULT($enable_idea)
AC_MSG_CHECKING(if --enable-gssapi option is specified)
AC_ARG_ENABLE(rc5,
[ --enable-gssapi enable GSS-API authentication],
[], [enable_gssapi=no])
if test "x$enable_gssapi" = "xyes"; then
AC_DEFINE(HAVE_GSSAPI)
fi
AC_MSG_RESULT($enable_gssapi)
AC_MSG_CHECKING(if --enable-stats option is specified)
AC_ARG_ENABLE(stats,
[ --enable-stats enable statistics logging function],
[], [enable_stats=no])
if test "x$enable_stats" = "xyes"; then
AC_DEFINE(ENABLE_STATS)
fi
AC_MSG_RESULT($enable_stats)
AC_MSG_CHECKING(if --enable-samode-unspec option is specified)
AC_ARG_ENABLE(samode-unspec,
[ --enable-samode-unspec enable to use unspecified a mode of SA],
[], [enable_samode_unspec=no])
if test "x$enable_samode_unspec" = "xyes"; then
AC_DEFINE(ENABLE_SAMODE_UNSPECIFIED)
fi
AC_MSG_RESULT($enable_samode_unspec)
efence_dir=
AC_MSG_CHECKING(if --with-efence option is specified)
AC_ARG_WITH(efence, [ --with-efence=DIR specify ElectricFence directory],
[efence_dir=$withval], [efence_dir=no])
AC_MSG_RESULT(${efence_dir})
if test "$efence_dir" != "no"; then
if test "x$efence_dir" = "x"; then
RACOON_PATH_LIBS(EF_Print, efence)
else
RACOON_PATH_LIBS(EF_Print, efence, $efence_dir)
fi
fi
gc_dir=
AC_MSG_CHECKING(if --with-gc option is specified)
AC_ARG_WITH(gc, [ --with-gc=DIR specify Bohem GC directory (experimental)],
[gc_dir=$withval], [gc_dir=no])
AC_MSG_RESULT(${gc_dir})
if test "$gc_dir" != "no"; then
AC_DEFINE(GC)
if test "x$gc_dir" = "x"; then
RACOON_PATH_LIBS(GC_malloc, leak)
else
RACOON_PATH_LIBS(GC_malloc, leak, $gc_dir)
fi
fi
dmalloc_dir=
AC_MSG_CHECKING(if --with-dmalloc option is specified)
AC_ARG_WITH(dmalloc, [ --with-dmalloc=DIR specify Dmalloc directory],
[dmalloc_dir=$withval], [dmalloc_dir=no])
AC_MSG_RESULT(${dmalloc_dir})
if test "$dmalloc_dir" != "no"; then
AC_DEFINE(DMALLOC)
if test "x$dmalloc_dir" = "x"; then
RACOON_PATH_LIBS(dmalloc_log_unfreed, dmalloc)
else
RACOON_PATH_LIBS(dmalloc_log_unfreed, dmalloc, $dmalloc_dir)
fi
fi
AC_MSG_CHECKING(if you have KAME tcpdump in $srcdir/../tcpdump)
if test -f "$srcdir/../tcpdump/print-isakmp.c"; then
LIBOBJS="$LIBOBJS print-isakmp.o"
AC_DEFINE(HAVE_PRINT_ISAKMP_C)
AC_MSG_RESULT(yes)
else
AC_MSG_RESULT(no)
fi
AC_MSG_CHECKING(if __FUNCTION__ is available)
AC_TRY_COMPILE(dnl
[#include <stdio.h>
], [char *x = __FUNCTION__;],
[AC_DEFINE(HAVE_FUNCTION_MACRO)
AC_MSG_RESULT(yes)],
[AC_MSG_RESULT(no)])
dnl Checks for libraries.
AC_MSG_CHECKING([whether to enable ipv6])
AC_ARG_ENABLE(ipv6,
[ --enable-ipv6 Enable ipv6 (with ipv4) support
--disable-ipv6 Disable ipv6 support],
[ case "$enableval" in
no)
AC_MSG_RESULT(no)
ipv6=no
;;
*) AC_MSG_RESULT(yes)
AC_DEFINE(INET6)
ipv6=yes
;;
esac ],
AC_TRY_RUN([ /* AF_INET6 avalable check */
#include <sys/types.h>
#include <sys/socket.h>
main()
{
exit(0);
if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
exit(1);
else
exit(0);
}
],
AC_MSG_RESULT(yes)
AC_DEFINE(ENABLE_IPV6)
ipv6=yes,
AC_MSG_RESULT(no)
ipv6=no,
AC_MSG_RESULT(no)
ipv6=no
))
ipv6type=unknown
ipv6lib=none
ipv6libdir=none
if test "$ipv6" = "yes"; then
AC_MSG_CHECKING([ipv6 stack type])
for i in inria kame linux toshiba v6d zeta; do
ipv6trylibc=no
case $i in
inria)
dnl http://www.kame.net/
AC_EGREP_CPP(yes, [dnl
#include <netinet/in.h>
#ifdef IPV6_INRIA_VERSION
yes
#endif],
[ipv6type=$i;
ipv6lib=inet6;
ipv6libdir=/usr/lib;
ipv6trylibc=yes
CPPFLAGS="-DINET6 $CPPFLAGS"])
;;
kame)
dnl http://www.kame.net/
AC_EGREP_CPP(yes, [dnl
#include <netinet/in.h>
#ifdef __KAME__
yes
#endif],
[ipv6type=$i;
ipv6lib=inet6;
ipv6libdir=/usr/local/v6/lib;
ipv6trylibc=yes
CPPFLAGS="-DINET6 $CPPFLAGS"])
;;
linux)
dnl http://www.v6.linux.or.jp/
if test -d /usr/inet6; then
ipv6type=$i
ipv6lib=inet6
ipv6libdir=/usr/inet6/lib
CPPFLAGS="-DINET6 -I/usr/inet6/include $CPPFLAGS"
fi
;;
toshiba)
AC_EGREP_CPP(yes, [dnl
#include <sys/param.h>
#ifdef _TOSHIBA_INET6
yes
#endif],
[ipv6type=$i;
ipv6lib=inet6;
ipv6libdir=/usr/local/v6/lib;
CPPFLAGS="-DINET6 $CPPFLAGS"])
;;
v6d)
AC_EGREP_CPP(yes, [dnl
#include </usr/local/v6/include/sys/v6config.h>
#ifdef __V6D__
yes
#endif],
[ipv6type=$i;
ipv6lib=v6;
ipv6libdir=/usr/local/v6/lib;
CPPFLAGS="-I/usr/local/v6/include $CPPFLAGS"])
;;
zeta)
AC_EGREP_CPP(yes, [dnl
#include <sys/param.h>
#ifdef _ZETA_MINAMI_INET6
yes
#endif],
[ipv6type=$i;
ipv6lib=inet6;
ipv6libdir=/usr/local/v6/lib;
CPPFLAGS="-DINET6 $CPPFLAGS"])
;;
esac
if test "$ipv6type" != "unknown"; then
break
fi
done
AC_MSG_RESULT($ipv6type)
fi
if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then
if test -d $ipv6libdir -a -f $ipv6libdir/lib$ipv6lib.a; then
echo "using lib$ipv6lib for getaddrinfo"
LIBS="$LIBS -L$ipv6libdir -l$ipv6lib"
else
if test "$ipv6trylibc" = "yes"; then
echo 'using libc for getaddrinfo'
else
echo "Fatal: no $ipv6lib library found. "
echo "cannot continue. You need to fetch lib$ipv6lib.a "
echo "from appropriate ipv6 kit and compile beforehand."
exit 1
fi
fi
fi
if test "$ipv6" = "yes"; then
AC_MSG_CHECKING(for advanced API support)
AC_CACHE_VAL(racoon_cv_advapi, [dnl
AC_TRY_COMPILE([#ifndef INET6
#define INET6
#endif
#include <sys/types.h>
#include <netinet/in.h>],
[struct in6_pktinfo a;],
[racoon_cv_advapi="yes"], [racoon_cv_advapi="no"])])
AC_MSG_RESULT($racoon_cv_advapi)
if test "$racoon_cv_advapi" = yes; then
AC_DEFINE(ADVAPI)
fi
fi
AC_MSG_CHECKING(getaddrinfo bug)
AC_TRY_RUN([
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <string.h>
#include <netinet/in.h>
main()
{
int passive, gaierr, inet4 = 0, inet6 = 0;
struct addrinfo hints, *ai, *aitop;
char straddr[INET6_ADDRSTRLEN], strport[16];
for (passive = 0; passive <= 1; passive++) {
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_flags = passive ? AI_PASSIVE : 0;
hints.ai_socktype = SOCK_STREAM;
if ((gaierr = getaddrinfo(NULL, "54321", &hints, &aitop)) != 0) {
(void)gai_strerror(gaierr);
goto bad;
}
for (ai = aitop; ai; ai = ai->ai_next) {
if (ai->ai_addr == NULL ||
ai->ai_addrlen == 0 ||
getnameinfo(ai->ai_addr, ai->ai_addrlen,
straddr, sizeof(straddr), strport, sizeof(strport),
NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
goto bad;
}
switch (ai->ai_family) {
case AF_INET:
if (strcmp(strport, "54321") != 0) {
goto bad;
}
if (passive) {
if (strcmp(straddr, "0.0.0.0") != 0) {
goto bad;
}
} else {
if (strcmp(straddr, "127.0.0.1") != 0) {
goto bad;
}
}
inet4++;
break;
case AF_INET6:
if (strcmp(strport, "54321") != 0) {
goto bad;
}
if (passive) {
if (strcmp(straddr, "::") != 0) {
goto bad;
}
} else {
if (strcmp(straddr, "::1") != 0) {
goto bad;
}
}
inet6++;
break;
case AF_UNSPEC:
goto bad;
break;
default:
/* another family support? */
break;
}
}
}
if (!(inet4 == 0 || inet4 == 2))
goto bad;
if (!(inet6 == 0 || inet6 == 2))
goto bad;
if (aitop)
freeaddrinfo(aitop);
exit(0);
bad:
if (aitop)
freeaddrinfo(aitop);
exit(1);
}
],
AC_MSG_RESULT(good)
buggygetaddrinfo=no,
AC_MSG_RESULT(buggy)
buggygetaddrinfo=yes,
AC_MSG_RESULT(buggy)
buggygetaddrinfo=yes)
if test "$buggygetaddrinfo" = "yes"; then
if test "$ipv6" = "yes"; then
echo 'Fatal: You must get working getaddrinfo() function.'
echo ' or you can specify "--disable-ipv6"'.
exit 1
else
CPPFLAGS="$CPPFLAGS -I./missing"
fi
fi
AC_REPLACE_FUNCS(getaddrinfo getnameinfo)
AC_MSG_CHECKING(if --with-ssleay option is specified)
AC_ARG_WITH(ssleay, [ --with-ssleay=DIR specify SSLeay directory],
[crypto_dir=$withval])
AC_MSG_RESULT(${crypto_dir-"default"})
dnl if test "$crypto_dir" != "default"; then
dnl LIBS="-L$crypto_dir/lib $LIBS"
dnl if test -f $crypto_dir/include/md5.h; then
dnl CFLAGS="-I$crypto_dir/include $CFLAGS"
dnl elif test -d $crypto_dir/include/ssleay -a -f $dir/include/ssleay/md5.h; then
dnl CFLAGS="-I$crypto_dir/include/ssleay -I$crypto_dir/include $CFLAGS"
dnl elif test -d $crypto_dir/include/openssl -a -f $dir/include/openssl/md5.h; then
dnl CFLAGS="-I$crypto_dir/include/openssl -I$crypto_dir/include $CFLAGS"
dnl fi
dnl fi
if test "x$crypto_dir" = "x"; then
case $host_os in
netbsd*) crypto_dir="/usr/pkg";;
freebsd*)
if test -d /usr/local/ssl; then
crypto_dir="/usr/local/ssl"
else
crypto_dir="/usr/local"
fi
;;
esac
fi
if test "x$krb5_incdir" = "x"; then
case $host_os in
netbsd*) krb5_incdir="/usr/include/krb5";;
esac
fi
if test "x$krb5_libs" = "x"; then
case $host_os in
netbsd*) krb5_libs="-lgssapi -lkrb5 -lcom_err -lroken -lasn1";;
esac
fi
if test "$enable_gssapi" = "yes"; then
LIBS="$LIBS $krb5_libs"
CPPFLAGS="-I$krb5_incdir $CPPFLAGS"
fi
dnl for some reason, past version of freebsd port requires us to set -I for
dnl BOTH openssl/cast.h and cast.h. who should I blame (or am I mistaken?)
RACOON_PATH_LIBS(CAST_cfb64_encrypt, crypto, ${crypto_dir}/lib)
AC_TRY_COMPILE([#include <sys/types.h>
#include <stdio.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include <openssl/des.h>], [], [], [openssl_compile_failed=yes])
if test "x$openssl_compile_failed" = "xyes"; then
echo
echo "Fatal: crypto library and headers not found."
echo Specify proper directory by using --with-ssleay.
if test `uname -s` = FreeBSD; then
echo Use ports/security/SSLeay to install SSLeay, or visit
elif test `uname -s` = NetBSD; then
echo Use pkgsrc/security/SSLeay to install SSLeay, or visit
else
echo -n "Visit "
fi
echo ftp://psych.psy.uq.oz.au/pub/Crypto/SSL/, or visit
echo http://www.openssl.org/
exit 1
fi
dnl AC_MSG_RESULT("$ssleay_lib and $ssleay_include")
AC_MSG_CHECKING(openssl version)
AC_EGREP_CPP(yes, [#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER >= 0x00904100L
yes
#endif], [AC_MSG_RESULT(ok)], [AC_MSG_RESULT(too old)
echo
echo "FATAL: OpenSSL version must be 0.9.4 or higher."
exit 1])
dnl AC_MSG_CHECKING(for libssl)
AC_CHECK_LIB(ssl, ssl_ok, [], [], -lcrypto)
AC_CHECK_LIB(crypto, des_cbc_encrypt)
AC_CHECK_LIB(l, yywrap)
AC_CHECK_LIB(y, yyerror)
dnl PF_KEYv2 support check
AC_MSG_CHECKING(for PF_KEYv2 support)
AC_CACHE_VAL(ac_cv_pfkey, [dnl
AC_TRY_COMPILE([
#include <sys/types.h>
#include <sys/socket.h>
#include <net/pfkeyv2.h>],
[int x = PF_KEY, y = PF_KEY_V2;],
[ac_cv_pfkey="yes"], [ac_cv_pfkey="no"])])
AC_MSG_RESULT($ac_cv_pfkey)
if test "$ac_cv_pfkey" = yes; then
OPTFLAG="-DHAVE_PFKEYV2 $OPTFLAG"
fi
dnl old KAME header check
if test "$ac_cv_pfkey" = "yes"; then
AC_MSG_CHECKING(for old KAME PF_KEYv2 header file)
AC_TRY_COMPILE([
#include <sys/types.h>
#include <sys/socket.h>
#include <net/pfkeyv2.h>],
[struct sadb_msg m; m.sadb_msg_reserved2 = 0;],
[AC_MSG_RESULT(old)
echo "FATAL: obsolete KAME PF_KEYv2 declaration (non-PF_KEY sadb_msg)"
exit 1])
AC_TRY_COMPILE([
#include <sys/types.h>
#include <sys/socket.h>
#include <net/pfkeyv2.h>],
[struct sadb_x_policy m; m.sadb_x_policy_id = 0;], [],
[AC_MSG_RESULT(old)
echo "FATAL: obsolete KAME PF_KEYv2 declaration (no sadb_x_policy_id)"
exit 1])
AC_TRY_COMPILE([
#include <sys/types.h>
#include <sys/socket.h>
#include <net/pfkeyv2.h>],
[struct sadb_x_sa2 m;], [],
[AC_MSG_RESULT(old)
echo "FATAL: obsolete KAME PF_KEYv2 declaration (no sadb_x_sa2)"
exit 1])
AC_MSG_RESULT(fine)
fi
ipsectype=unknown
ipseclib=none
ipseclibdir=none
AC_MSG_CHECKING([ipsec library path])
for i in inria kame; do
ipsectrylibc=no
case $i in
inria)
dnl http://www.kame.net/
AC_EGREP_CPP(yes, [dnl
#include <netinet/in.h>
#ifdef IPV6_INRIA_VERSION
yes
#endif],
[ipsectype=$i;
ipseclib=ipsec;
ipseclibdir=/usr/lib])
;;
kame)
dnl http://www.kame.net/
AC_EGREP_CPP(yes, [dnl
#include <netinet/in.h>
#ifdef __KAME__
yes
#endif],
[ipsectype=$i;
ipseclib=ipsec;
ipseclibdir=/usr/local/v6/lib])
;;
esac
if test "$ipsectype" != "unknown"; then
break
fi
done
AC_MSG_RESULT($ipseclibdir)
dnl this is gross, but we need to invoke either AC_CHECK LIB or AC_CHECK_FUNCS.
if test "$ipseclib" != "none"; then
if test "$ipseclibdir" != "none"; then
RACOON_PATH_LIBS(ipsec_strerror, $ipseclib, $ipseclibdir)
else
RACOON_PATH_LIBS(ipsec_strerror, $ipseclib)
fi
fi
AC_MSG_CHECKING(if --with-libpfkey option is specified)
AC_ARG_WITH(libpfkey, [ --with-libpfkey=DIR specify libpfkey.a dir],
[libpfkey_dir=$withval], [libpfkey_dir=no])
AC_MSG_RESULT(${libpfkey_dir})
if test "$libpfkey_dir" != "no"; then
if test "x$libpfkey_dir" = "x"; then
RACOON_PATH_LIBS(pfkey_send_spdsetidx, pfkey)
else
RACOON_PATH_LIBS(pfkey_send_spdsetidx, pfkey, $libpfkey_dir)
fi
fi
AC_MSG_CHECKING(if --with-liblwres option is specified)
AC_ARG_WITH(liblwres, [ --with-lwres=DIR specify liblwres path (like /usr/pkg)],
[liblwres_dir=$withval], [liblwres_dir=no])
AC_MSG_RESULT(${liblwres_dir})
if test "$liblwres_dir" != "no"; then
if test -d "$liblwres_dir/lib" -a -d "$liblwres_dir/lib"; then
if test "x$liblwres_dir" = "x"; then
RACOON_PATH_LIBS(lwres_getrrsetbyname, lwres)
else
RACOON_PATH_LIBS(lwres_getrrsetbyname, lwres, "$liblwres_dir/lib")
fi
CFLAGS="$CFLAGS -I$liblwres_dir/include"
AC_CHECK_FUNCS(lwres_getrrsetbyname)
else
echo "FATAL: $liblwres_dir/lib or $liblwres_dir/include not found"
exit 1
fi
fi
dnl Checks for header files.
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
AC_CHECK_HEADERS(limits.h sys/time.h unistd.h stdarg.h varargs.h)
signing=yes
if test "$enable_rc5" = "yes"; then
rc5header=openssl/rc5.h
else
rc5header=
fi
if test "$enable_idea" = "yes"; then
ideaheader=openssl/idea.h
else
ideaheader=
fi
AC_CHECK_HEADERS($ideaheader $rc5header openssl/rsa.h openssl/pem.h openssl/evp.h openssl/x509.h,
[], [nosymbol=`echo $ac_hdr | sed -e 's/.h$//' -e 's/^openssl.//' -e 's/^/NO_/' | tr 'a-z' 'A-Z'`
CPPFLAGS="$CPPFLAGS -D$nosymbol=1"
signing=no])
if test $signing = "yes"; then
AC_DEFINE(HAVE_SIGNING_C)
fi
AC_CHECK_HEADERS(openssl/cversion.h openssl/opensslv.h)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_HEADER_TIME
AC_STRUCT_TM
dnl Checks for library functions.
AC_FUNC_MEMCMP
AC_TYPE_SIGNAL
AC_FUNC_VPRINTF
AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul)
AC_REPLACE_FUNCS(strdup)
dnl expand ${sysconfdir}, ugly...
if test "x$prefix" = xNONE; then
sysconfdir_x=`echo $sysconfdir | sed -e 's,${prefix},'"$ac_default_prefix,"`
else
sysconfdir_x=`echo $sysconfdir | sed -e 's,${prefix},'"$prefix,"`
fi
AC_SUBST(sysconfdir_x)
dnl Checks for getifaddrs
AC_CHECK_FUNCS(getifaddrs)
dnl defines package version
AC_MSG_CHECKING(if --with-pkgversion option is specified)
AC_ARG_WITH(pkgversion, [ --with-pkgversion=VERSION specify package version],
[CPPFLAGS="$CPPFLAGS -DRACOON_PKG_VERSION=\"\\\"$withval\\\"\""],
[pkgversion=no])
AC_OUTPUT(Makefile samples/psk.txt samples/racoon.conf)
Reference in New Issue View Git Blame Copy Permalink