439 lines
13 KiB
Text
439 lines
13 KiB
Text
dnl $Id: configure.in,v 1.6.2.4 2011/12/12 23:15:28 bew Exp $
|
|
dnl $Source: /nfs/cscbz/gdoi/gdoicvs/gdoi/configure.in,v $
|
|
|
|
dnl
|
|
dnl The license applies to all software incorporated in the "Cisco GDOI reference
|
|
dnl implementation" except for those portions incorporating third party software
|
|
dnl specifically identified as being licensed under separate license.
|
|
dnl
|
|
dnl
|
|
dnl The Cisco Systems Public Software License, Version 1.0
|
|
dnl Copyright (c) 2001-2011 Cisco Systems, Inc. All rights reserved.
|
|
dnl Subject to the following terms and conditions, Cisco Systems, Inc.,
|
|
dnl hereby grants you a worldwide, royalty-free, nonexclusive, license,
|
|
dnl subject to third party intellectual property claims, to create
|
|
dnl derivative works of the Licensed Code and to reproduce, display,
|
|
dnl perform, sublicense, distribute such Licensed Code and derivative works.
|
|
dnl All rights not expressly granted herein are reserved.
|
|
dnl 1. Redistributions of source code must retain the above
|
|
dnl copyright notice, this list of conditions and the following
|
|
dnl disclaimer.
|
|
dnl 2. Redistributions in binary form must reproduce the above
|
|
dnl copyright notice, this list of conditions and the following
|
|
dnl disclaimer in the documentation and/or other materials
|
|
dnl provided with the distribution.
|
|
dnl 3. The names Cisco and "Cisco GDOI reference implementation" must not
|
|
dnl be used to endorse or promote products derived from this software without
|
|
dnl prior written permission. For written permission, please contact
|
|
dnl opensource@cisco.com.
|
|
dnl 4. Products derived from this software may not be called
|
|
dnl "Cisco" or "Cisco GDOI reference implementation", nor may "Cisco" or
|
|
dnl "Cisco GDOI reference implementation" appear in
|
|
dnl their name, without prior written permission of Cisco Systems, Inc.
|
|
dnl THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
|
|
dnl WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
dnl WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
|
|
dnl PURPOSE, TITLE AND NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT
|
|
dnl SHALL CISCO SYSTEMS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY
|
|
dnl INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
dnl DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
dnl SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
|
dnl BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
dnl LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
dnl (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
|
|
dnl THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
dnl SUCH DAMAGE. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO
|
|
dnl LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH
|
|
dnl PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH
|
|
dnl LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR
|
|
dnl LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THAT
|
|
dnl EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. FURTHER, YOU
|
|
dnl AGREE THAT IN NO EVENT WILL CISCO'S LIABILITY UNDER OR RELATED TO
|
|
dnl THIS AGREEMENT EXCEED AMOUNT FIVE THOUSAND DOLLARS (US)
|
|
dnl (US$5,000).
|
|
dnl
|
|
dnl ====================================================================
|
|
dnl This software consists of voluntary contributions made by Cisco Systems,
|
|
dnl Inc. and many individuals on behalf of Cisco Systems, Inc. For more
|
|
dnl information on Cisco Systems, Inc., please see <http://www.cisco.com/>.
|
|
dnl
|
|
dnl This product includes software developed by Ericsson Radio Systems.
|
|
dnl
|
|
|
|
AC_PREREQ(2.13)
|
|
AC_INIT(gdoi.h, 1.5iec)
|
|
AC_CONFIG_AUX_DIR(config)
|
|
AM_INIT_AUTOMAKE(gdoid, 1.5iec)
|
|
AM_CONFIG_HEADER(config.h)
|
|
AC_CANONICAL_HOST
|
|
|
|
# Checks for programs.
|
|
|
|
AC_PROG_AWK
|
|
AC_PROG_CC
|
|
|
|
# Host-specific checks
|
|
|
|
case "$build_os" in
|
|
linux*)
|
|
CFLAGS="$CFLAGS -DSYMBOL_PREFIX='\"_\"' -DKAME -DLINUX_PFKEY"
|
|
# No more support for FreeS/WAN ... require a 2.6 kernel and ipsec_tools.
|
|
AM_CONDITIONAL(HAVE_FREESWAN, false)
|
|
AM_CONDITIONAL(HAVE_PF_KEY_V2, true)
|
|
AC_DEFINE(SEED_RNG, 1, Initialize the RNG)
|
|
;;
|
|
darwin*)
|
|
CFLAGS="$CFLAGS -DHAVE_GETNAMEINFO -DHAVE_PCAP -DOPENBSD_PFKEY_EXT -DOSX"
|
|
AM_CONDITIONAL(HAVE_PF_KEY_V2, true)
|
|
AM_CONDITIONAL(HAVE_FREESWAN, false)
|
|
;;
|
|
openbsd*)
|
|
CFLAGS="$CFLAGS -DHAVE_GETNAMEINFO -DHAVE_PCAP -DOPENBSD_PFKEY_EXT"
|
|
AM_CONDITIONAL(HAVE_PF_KEY_V2, true)
|
|
AM_CONDITIONAL(HAVE_FREESWAN, false)
|
|
|
|
# Determine if this release has the old or new PF_KEY extension symbols.
|
|
AC_MSG_CHECKING(whether old PF_KEY Extension symbols are defined)
|
|
AC_TRY_RUN(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <net/pfkeyv2.h>
|
|
#if !defined FLOW_X_TYPE_REQUIRE
|
|
#error FLOW_X_TYPE_REQUIRE not defined
|
|
#endif
|
|
main() { return 0;}
|
|
],
|
|
[AC_MSG_RESULT(yes)
|
|
AC_DEFINE(OLD_OPENBSD_PFKEY_EXT, 1, [Old OpenBSD PF_KEY Extensions])],
|
|
[AC_MSG_RESULT(no)],
|
|
[AC_MSG_ERROR([cannot cross-compile, bailing out])])
|
|
;;
|
|
freebsd*)
|
|
CFLAGS="$CFLAGS -DKAME -DFREEBSD_PFKEY_EXT"
|
|
AM_CONDITIONAL(HAVE_PF_KEY_V2, true)
|
|
AM_CONDITIONAL(HAVE_FREESWAN, false)
|
|
AC_DEFINE(OPEN_FIFO_RDRW, 1, [Need to open FIFO with O_RDRW])
|
|
;;
|
|
dnl Should be bsdi and netbsd.
|
|
dnl Actually, should be replaced with a few tests.
|
|
bsdi*)
|
|
CFLAGS="$CFLAGS -DKAME -DNETBSD_PFKEY_EXT"
|
|
AM_CONDITIONAL(HAVE_PF_KEY_V2, true)
|
|
AM_CONDITIONAL(HAVE_FREESWAN, false)
|
|
;;
|
|
*)
|
|
# Set the basics for a BSD system
|
|
AM_CONDITIONAL(HAVE_PF_KEY_V2, true)
|
|
AM_CONDITIONAL(HAVE_FREESWAN, false)
|
|
;;
|
|
esac
|
|
|
|
# Checks for libraries.
|
|
|
|
#
|
|
# Libcrypto is required
|
|
#
|
|
# The --with-ssl-dir option and associated code was taken from OpenSSH.
|
|
#
|
|
|
|
# The big search for OpenSSL
|
|
AC_ARG_WITH(ssl-dir,
|
|
[ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
tryssldir=$withval
|
|
fi
|
|
]
|
|
)
|
|
|
|
saved_LIBS="$LIBS"
|
|
saved_LDFLAGS="$LDFLAGS"
|
|
saved_CPPFLAGS="$CPPFLAGS"
|
|
if test "x$prefix" != "xNONE" ; then
|
|
tryssldir="$tryssldir $prefix"
|
|
fi
|
|
AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
|
|
for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
|
|
CPPFLAGS="$saved_CPPFLAGS"
|
|
LDFLAGS="$saved_LDFLAGS"
|
|
LIBS="$saved_LIBS -lcrypto"
|
|
|
|
# Skip directories if they don't exist
|
|
if test ! -z "$ssldir" -a ! -d "$ssldir" ; then
|
|
continue;
|
|
fi
|
|
if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
|
|
# Try to use $ssldir/lib if it exists, otherwise
|
|
# $ssldir
|
|
if test -d "$ssldir/lib" ; then
|
|
LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
|
|
if test ! -z "$need_dash_r" ; then
|
|
LDFLAGS="-R$ssldir/lib $LDFLAGS"
|
|
fi
|
|
else
|
|
LDFLAGS="-L$ssldir $saved_LDFLAGS"
|
|
if test ! -z "$need_dash_r" ; then
|
|
LDFLAGS="-R$ssldir $LDFLAGS"
|
|
fi
|
|
fi
|
|
# Try to use $ssldir/include if it exists, otherwise
|
|
# $ssldir
|
|
if test -d "$ssldir/include" ; then
|
|
CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
|
|
else
|
|
CPPFLAGS="-I$ssldir $saved_CPPFLAGS"
|
|
fi
|
|
fi
|
|
|
|
# Basic test to check for compatible version and correct linking
|
|
# *does not* test for RSA - that comes later.
|
|
AC_TRY_RUN(
|
|
[
|
|
#include <sys/param.h>
|
|
#include <openssl/rand.h>
|
|
#include <openssl/sha.h>
|
|
int main(void)
|
|
{
|
|
char a[2048];
|
|
SHA256_CTX c;
|
|
SHA256_Init(&c);
|
|
memset(a, 0, sizeof(a));
|
|
RAND_add(a, sizeof(a), sizeof(a));
|
|
return(RAND_status() <= 0);
|
|
}
|
|
],
|
|
[
|
|
found_crypto=1
|
|
break;
|
|
],
|
|
[],
|
|
[
|
|
AC_MSG_ERROR([Cross-compiling not supported])
|
|
]
|
|
)
|
|
|
|
if test ! -z "$found_crypto" ; then
|
|
break;
|
|
fi
|
|
done
|
|
|
|
if test -z "$found_crypto" ; then
|
|
AC_MSG_ERROR([Could not find working
|
|
OpenSSL library, including SHA256.
|
|
Must have openssl-0.9.8a or higher.
|
|
please install, or check config.log.
|
|
If it is installed in an unusual place,
|
|
specify the path --with-ssl-dir=<path>])
|
|
fi
|
|
if test -z "$ssldir" ; then
|
|
ssldir="(system)"
|
|
fi
|
|
|
|
ac_cv_openssldir=$ssldir
|
|
])
|
|
|
|
if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ; then
|
|
dnl Need to recover ssldir - test above runs in subshell
|
|
ssldir=$ac_cv_openssldir
|
|
if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
|
|
# Try to use $ssldir/lib if it exists, otherwise
|
|
# $ssldir
|
|
if test -d "$ssldir/lib" ; then
|
|
LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
|
|
if test ! -z "$need_dash_r" ; then
|
|
LDFLAGS="-R$ssldir/lib $LDFLAGS"
|
|
fi
|
|
else
|
|
LDFLAGS="-L$ssldir $saved_LDFLAGS"
|
|
if test ! -z "$need_dash_r" ; then
|
|
LDFLAGS="-R$ssldir $LDFLAGS"
|
|
fi
|
|
fi
|
|
# Try to use $ssldir/include if it exists, otherwise
|
|
# $ssldir
|
|
if test -d "$ssldir/include" ; then
|
|
CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
|
|
else
|
|
CPPFLAGS="-I$ssldir $saved_CPPFLAGS"
|
|
fi
|
|
fi
|
|
fi
|
|
LIBS="-lc $saved_LIBS -lcrypto"
|
|
|
|
AM_CONDITIONAL(USE_LIBCRYPTO, true)
|
|
|
|
#
|
|
# Check for dlopen, which might be needed by libcrypto. If present, use
|
|
# dynamic libraries.
|
|
#
|
|
have_dl=yes
|
|
AC_CHECK_LIB(dl, dlopen, , [have_dl=no])
|
|
if test $have_dl = yes; then
|
|
LIBS="$LIBS -ldl"
|
|
fi
|
|
|
|
# Checks for header files.
|
|
AC_HEADER_DIRENT
|
|
AC_HEADER_STDC
|
|
AC_CHECK_HEADERS([arpa/inet.h fcntl.h memory.h netdb.h netinet/in.h stddef.h stdlib.h string.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h syslog.h unistd.h])
|
|
|
|
# Checks for typedefs, structures, and compiler characteristics.
|
|
AC_C_CONST
|
|
AC_C_INLINE
|
|
AC_TYPE_MODE_T
|
|
AC_TYPE_OFF_T
|
|
AC_TYPE_SIZE_T
|
|
AC_HEADER_TIME
|
|
AC_STRUCT_TM
|
|
|
|
AC_MSG_CHECKING(whether sockaddr_in.sin_len is defined)
|
|
AC_TRY_RUN([
|
|
#include <sys/types.h>
|
|
#include <netinet/in.h>
|
|
main()
|
|
{
|
|
struct sockaddr_in foo;
|
|
foo.sin_len = 0;
|
|
return 0;
|
|
}
|
|
],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE(USE_OLD_SOCKADDR, 1, [Old Sockaddr Definition])
|
|
AC_MSG_RESULT(no)],
|
|
[AC_MSG_ERROR([cannot cross-compile, bailing out])]
|
|
)
|
|
|
|
AC_MSG_CHECKING(whether in_port_t is defined)
|
|
AC_TRY_RUN([
|
|
#include <sys/types.h>
|
|
#include <netinet/in.h>
|
|
main()
|
|
{
|
|
in_port_t foo;
|
|
return 0;
|
|
}
|
|
],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE([in_port_t], u_int16_t, [Not defined in <sys/types.h>])
|
|
AC_MSG_RESULT(no)],
|
|
[AC_MSG_ERROR([cannot cross-compile, bailing out])]
|
|
)
|
|
|
|
AC_MSG_CHECKING(whether in_addr_t is defined)
|
|
AC_TRY_RUN([
|
|
#include <sys/types.h>
|
|
#include <netinet/in.h>
|
|
main()
|
|
{
|
|
in_addr_t foo;
|
|
return 0;
|
|
}
|
|
],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE([in_addr_t], u_int32_t, [Not defined in <sys/types.h>])
|
|
AC_MSG_RESULT(no)],
|
|
[AC_MSG_ERROR([cannot cross-compile, bailing out])]
|
|
)
|
|
|
|
AC_MSG_CHECKING(whether SA_LEN is defined)
|
|
AC_TRY_RUN([
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <netinet/in.h>
|
|
#if !defined SA_LEN
|
|
# error _SA_LEN not defined
|
|
#endif
|
|
main() { return 0;}
|
|
],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE([DEFINE_SA_LEN], 1, [Sockaddr Length])
|
|
AC_MSG_RESULT(no)],
|
|
[AC_MSG_ERROR([cannot cross-compile, bailing out])]
|
|
)
|
|
|
|
AC_MSG_CHECKING(whether LIST_FIRST is defined)
|
|
AC_TRY_RUN([
|
|
#include <sys/queue.h>
|
|
#if !defined LIST_FIRST
|
|
# error LIST_FIRST not defined
|
|
#endif
|
|
main() { return 0;}
|
|
],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE(DEFINE_EXTRA_QUEUE_FUNCTIONS, 1,
|
|
[Use missing queue.h definitions])
|
|
AC_MSG_RESULT(no)],
|
|
[AC_MSG_ERROR([cannot cross-compile, bailing out])]
|
|
)
|
|
|
|
# Checks for library functions.
|
|
|
|
AC_FUNC_CLOSEDIR_VOID
|
|
AC_PROG_GCC_TRADITIONAL
|
|
AC_FUNC_MEMCMP
|
|
AC_FUNC_SELECT_ARGTYPES
|
|
AC_TYPE_SIGNAL
|
|
AC_CHECK_FUNCS([bzero gettimeofday inet_ntoa memmove memset mkfifo select socket strcasecmp strcspn strdup strerror strncasecmp strspn strstr strtol strtoul tzset strlcpy])
|
|
|
|
# Optional Arguments
|
|
|
|
AC_ARG_ENABLE(tripledes,
|
|
[ --enable-tripledes Enable support of 3DES [yes]],
|
|
[], [enable_tripledes=yes])
|
|
AC_CACHE_CHECK([whether to use 3DES], enable_tripledes, [enable_tripledes=yes])
|
|
if test $enable_tripledes = yes; then
|
|
AC_DEFINE(USE_TRIPLEDES, 1, [3DES Support])
|
|
fi
|
|
|
|
#
|
|
# APPSUPPORT is define implicitely when a client of APPSUPPORT is defined.
|
|
#
|
|
enable_appsupport=no;
|
|
|
|
AC_ARG_ENABLE(iec90_5,
|
|
[ --enable-iec90-5 Enable support of IEC 57-61850-90-5 [yes]],
|
|
[], [enable_iec90_5=yes])
|
|
AC_CACHE_CHECK([whether to support IEC 57-61850-90-5],
|
|
enable_iec90_5,
|
|
[enable_iec90_5=no])
|
|
if test $enable_iec90_5 = yes; then
|
|
AC_DEFINE(IEC90_5_SUPPORT, 1, [IEC 57-61850-90-5 Support])
|
|
AC_DEFINE(GDOI_APP_SUPPORT, 1, [GDOI Application Interface support])
|
|
enable_appsupport=yes;
|
|
fi
|
|
AM_CONDITIONAL(IEC90_5_SUPPORT, test $enable_iec90_5 = yes)
|
|
AM_CONDITIONAL(GDOI_APP_SUPPORT, test $enable_appsupport = yes)
|
|
|
|
AC_ARG_ENABLE(srtp,
|
|
[ --enable-srtp Enable support of SRTP [no]],
|
|
[], [enable_srtp=no])
|
|
AC_CACHE_CHECK([whether to support SRTP],
|
|
enable_srtp,
|
|
[enable_srtp=no])
|
|
if test $enable_srtp = yes; then
|
|
AC_DEFINE(SRTP_SUPPORT, 1, [SRTP Support])
|
|
AC_DEFINE(GDOI_APP_SUPPORT, 1, [GDOI Application Interface support])
|
|
enable_appsupport=yes;
|
|
fi
|
|
AM_CONDITIONAL(SRTP_SUPPORT, test $enable_srtp = yes)
|
|
AM_CONDITIONAL(GDOI_APP_SUPPORT, test $enable_appsupport = yes)
|
|
|
|
AC_ARG_ENABLE(aggressive,
|
|
[ --enable-aggressive Enable support of Phase 1 Aggressive Mode [no]],
|
|
[], [enable_aggressive=no])
|
|
AC_CACHE_CHECK([whether to use Phase 1 Agressive Mode], enable_aggressive,
|
|
[enable_aggressive=no])
|
|
if test $enable_aggressive = yes; then
|
|
AC_DEFINE(USE_AGGRESSIVE, 1, [Phase 1 Agressive Support])
|
|
fi
|
|
AM_CONDITIONAL(USE_AGGRESSIVE, test $enable_aggressive = yes)
|
|
|
|
AC_ARG_ENABLE(debug,
|
|
[ --enable-debug Enable debug [yes]],
|
|
[], [enable_debug=yes])
|
|
AC_CACHE_CHECK([whether to use debug], enable_debug, [enable_debug=yes])
|
|
if test $enable_debug = yes; then
|
|
AC_DEFINE(USE_DEBUG, 1, [Debugging])
|
|
fi
|
|
|
|
AC_OUTPUT(Makefile src/Makefile app_client/Makefile)
|