X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=configure.ac;h=9a9bf0192b3554037fd58068846b8304ba9f257a;hp=5f6bfecdcd266940ee126ed1dbdd00f45b013ef8;hb=120e0567cba17eeb57c12a34686fddbbb491b62f;hpb=9b9230a0a79c670b86f54fadd2807b864ff9d91f diff --git a/configure.ac b/configure.ac index 5f6bfecd..9a9bf019 100644 --- a/configure.ac +++ b/configure.ac @@ -1,12 +1,11 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([tinc], [1.1pre7]) +AC_INIT([tinc], [1.1pre11]) AC_CONFIG_SRCDIR([src/tincd.c]) AC_GNU_SOURCE -AM_INIT_AUTOMAKE([check-news dist-bzip2 std-options subdir-objects]) +AM_INIT_AUTOMAKE([check-news std-options subdir-objects -Wall]) AC_CONFIG_HEADERS([config.h]) -AM_MAINTAINER_MODE # Enable GNU extensions. # Define this here, not in acconfig's @TOP@ section, since definitions @@ -19,7 +18,8 @@ AC_PROG_CC_C99 AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S -AC_PROG_RANLIB + +AM_PROG_CC_C_O dnl Check and set OS @@ -108,7 +108,7 @@ AC_ARG_ENABLE(tunemu, ) AC_ARG_WITH(windows2000, - AS_HELP_STRING([--without-windows2000], [compile with support for Windows 2000. This disables support for tunneling over existing IPv6 networks.]), + AS_HELP_STRING([--with-windows2000], [compile with support for Windows 2000. This disables support for tunneling over existing IPv6 networks.]), [ AS_IF([test "x$with_windows2000" = "xyes"], [AC_DEFINE(WITH_WINDOWS2000, 1, [Compile with support for Windows 2000])]) ] @@ -132,6 +132,29 @@ if test -d /sw/lib ; then LIBS="$LIBS -L/sw/lib" fi +dnl Compiler hardening flags +dnl No -fstack-protector-all because it doesn't work on all platforms or architectures. + +AC_ARG_ENABLE([hardening], AS_HELP_STRING([--disable-hardening], [disable compiler and linker hardening flags])) +AS_IF([test "x$enable_hardening" != "xno"], + [AX_CHECK_COMPILE_FLAG([-DFORTIFY_SOURCE=2], [CPPFLAGS="$CPPFLAGS -DFORTIFY_SOURCE=2"]) + AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CPPFLAGS="$CPPFLAGS -fno-strict-overflow"]) + AX_CHECK_COMPILE_FLAG([-fwrapv], [CPPFLAGS="$CPPFLAGS -fwrapv"]) + case $host_os in + *mingw*) + AX_CHECK_LINK_FLAG([-Wl,--dynamicbase], [LDFLAGS="$LDFLAGS -Wl,--dynamicbase"]) + AX_CHECK_LINK_FLAG([-Wl,--nxcompat], [LDFLAGS="$LDFLAGS -Wl,--nxcompat"]) + ;; + *) + AX_CHECK_COMPILE_FLAG([-fPIE], [CPPFLAGS="$CPPFLAGS -fPIE"]) + AX_CHECK_LINK_FLAG([-pie], [LDFLAGS="$LDFLAGS -pie"]) + ;; + esac + AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="$LDFLAGS -Wl,-z,relro"]) + AX_CHECK_LINK_FLAG([-Wl,-z,now], [LDFLAGS="$LDFLAGS -Wl,-z,now"]) + ] +); + dnl Checks for header files. dnl We do this in multiple stages, because unlike Linux all the other operating systems really suck and don't include their own dependencies. @@ -140,7 +163,7 @@ AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h time.h netpacket/packet.h], [], [], [#include "src/have.h"] ) -AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h], +AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h resolv.h], [], [], [#include "src/have.h"] ) AC_CHECK_HEADERS([netinet/tcp.h netinet/ip_icmp.h netinet/icmp6.h], @@ -156,6 +179,7 @@ AC_HEADER_TIME AC_STRUCT_TM tinc_ATTRIBUTE(__malloc__) +tinc_ATTRIBUTE(__warn_unused_result__) AC_CHECK_TYPES([socklen_t, struct ether_header, struct arphdr, struct ether_arp, struct in_addr, struct addrinfo, struct ip, struct icmp, struct in6_addr, struct sockaddr_in6, struct ip6_hdr, struct icmp6_hdr, struct nd_neighbor_solicit, struct nd_opt_hdr], , , [#include "src/have.h"] @@ -180,38 +204,51 @@ AC_CHECK_DECLS([freeaddrinfo, gai_strerror, getaddrinfo, getnameinfo], [], [], [#include "src/have.h"] ) +AC_CHECK_DECLS([res_init], [AC_CHECK_LIB(resolv, res_init)], [], [ + #include + #include +]) + AC_CACHE_SAVE +AC_ARG_ENABLE(legacy-protocol, + AS_HELP_STRING([--disable-legacy-protocol], [disable support for the legacy (tinc 1.0) protocol]), + [ AS_IF([test "x$enable_legacy_protocol" = "xno"], + [ AC_DEFINE(DISABLE_LEGACY, 1, [Disable support for the legacy (tinc 1.0) protocol]) ]) + ] +) + dnl These are defined in files in m4/ dnl AC_ARG_WITH(libgcrypt, AC_HELP_STRING([--with-libgcrypt], [enable use of libgcrypt instead of OpenSSL])], []) +dnl AC_ARG_WITH(openssl, AC_HELP_STRING([--without-openssl], [disable support for OpenSSL])], []) tinc_CURSES tinc_READLINE tinc_ZLIB tinc_LZO -if test "$with_libgcrypt" = yes; then - gcrypt=true - AM_PATH_LIBGCRYPT([1.4.0], [], []) -else - openssl=true - tinc_OPENSSL +if test "x$enable_legacy_protocol" != "xno"; then + if test -n "$with_libgcrypt"; then + gcrypt=true + tinc_LIBGCRYPT + else + openssl=true + tinc_OPENSSL + fi fi - -AM_CONDITIONAL(OPENSSL, test "$openssl" = true) -AM_CONDITIONAL(GCRYPT, test "$grypt" = true) -dnl Check if support for jumbograms is requested +AM_CONDITIONAL(OPENSSL, test -n "$openssl") +AM_CONDITIONAL(GCRYPT, test -n "$gcrypt") + +dnl Check if support for jumbograms is requested AC_ARG_ENABLE(jumbograms, - AS_HELP_STRING([--disable-jumbograms], [enable support for jumbograms (packets up to 9000 bytes)]), + AS_HELP_STRING([--enable-jumbograms], [enable support for jumbograms (packets up to 9000 bytes)]), [ AS_IF([test "x$enable_jumbograms" = "xyes"], [ AC_DEFINE(ENABLE_JUMBOGRAMS, 1, [Support for jumbograms (packets up to 9000 bytes)]) ]) ] ) -AC_SUBST(INCLUDES) - -AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile m4/Makefile gui/Makefile]) +AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile m4/Makefile gui/Makefile test/Makefile]) AC_OUTPUT