configure.ac 52.7 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
dnl Copyright (c) 2001-2004, Roger Dingledine
2
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
3
dnl Copyright (c) 2007-2015, The Tor Project, Inc.
Nick Mathewson's avatar
Nick Mathewson committed
4
dnl See LICENSE for licensing information
5

6
AC_INIT([tor],[0.2.7.1-alpha-dev])
Stewart Smith's avatar
Stewart Smith committed
7
AC_CONFIG_SRCDIR([src/or/main.c])
8
AC_CONFIG_MACRO_DIR([m4])
Stewart Smith's avatar
Stewart Smith committed
9
AM_INIT_AUTOMAKE
10
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
11
AC_CONFIG_HEADERS([orconfig.h])
12

13
14
AC_CANONICAL_HOST

15
16
PKG_PROG_PKG_CONFIG

17
if test -f /etc/redhat-release ; then
18
  if test -f /usr/kerberos/include ; then
19
    CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include"
20
  fi
21
fi
22

23
24
# Not a no-op; we want to make sure that CPPFLAGS is set before we use
# the += operator on it in src/or/Makefile.am
25
CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common"
26

27
#XXXX020 We should make these enabled or not, before 0.2.0.x-final
28
AC_ARG_ENABLE(openbsd-malloc,
29
   AS_HELP_STRING(--enable-openbsd-malloc, [use malloc code from OpenBSD.  Linux only]))
30
AC_ARG_ENABLE(instrument-downloads,
31
   AS_HELP_STRING(--enable-instrument-downloads, [instrument downloads of directory resources etc.]))
32
AC_ARG_ENABLE(static-openssl,
33
   AS_HELP_STRING(--enable-static-openssl, [link against a static openssl library. Requires --with-openssl-dir]))
34
AC_ARG_ENABLE(static-libevent,
35
   AS_HELP_STRING(--enable-static-libevent, [link against a static libevent library. Requires --with-libevent-dir]))
36
AC_ARG_ENABLE(static-zlib,
37
   AS_HELP_STRING(--enable-static-zlib, [link against a static zlib library. Requires --with-zlib-dir]))
38
AC_ARG_ENABLE(static-tor,
39
   AS_HELP_STRING(--enable-static-tor, [create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir]))
40
AC_ARG_ENABLE(unittests,
41
   AS_HELP_STRING(--disable-unittests, [don't build unit tests for Tor. Risky!]))
42
AC_ARG_ENABLE(coverage,
43
   AS_HELP_STRING(--enable-coverage, [enable coverage support in the unit-test build]))
44
AC_ARG_ENABLE(system-torrc,
45
   AS_HELP_STRING(--disable-system-torrc, [don't look for a system-wide torrc file]))
46

47
48
49
AM_CONDITIONAL(UNITTESTS_ENABLED, test x$enable_unittests != xno)
AM_CONDITIONAL(COVERAGE_ENABLED, test x$enable_coverage = xyes)

50
51
52
53
54
55
if test "$enable_static_tor" = "yes"; then
  enable_static_libevent="yes";
  enable_static_openssl="yes";
  enable_static_zlib="yes";
  CFLAGS="$CFLAGS -static"
fi
56

57
58
59
60
61
if test "$enable_system_torrc" = "no"; then
  AC_DEFINE(DISABLE_SYSTEM_TORRC, 1,
            [Defined if we're not going to look for a torrc in SYSCONF])
fi

62
AM_CONDITIONAL(USE_OPENBSD_MALLOC, test x$enable_openbsd_malloc = xyes)
63
if test x$enable_instrument_downloads = xyes; then
64
65
66
  AC_DEFINE(INSTRUMENT_DOWNLOADS, 1,
            [Defined if we want to keep track of how much of each kind of resource we download.])
fi
67

68
AC_ARG_ENABLE(transparent,
69
     AS_HELP_STRING(--disable-transparent, [disable transparent proxy support]),
70
71
72
73
74
75
     [case "${enableval}" in
        yes) transparent=true ;;
        no)  transparent=false ;;
        *) AC_MSG_ERROR(bad value for --enable-transparent) ;;
      esac], [transparent=true])

76
AC_ARG_ENABLE(asciidoc,
77
     AS_HELP_STRING(--disable-asciidoc, [don't use asciidoc (disables building of manpages)]),
78
79
80
81
82
83
     [case "${enableval}" in
        yes) asciidoc=true ;;
        no)  asciidoc=false ;;
        *) AC_MSG_ERROR(bad value for --disable-asciidoc) ;;
      esac], [asciidoc=true])

84
85
# By default, we're not ready to ship a NAT-PMP aware Tor
AC_ARG_ENABLE(nat-pmp,
86
     AS_HELP_STRING(--enable-nat-pmp, [enable NAT-PMP support]),
87
88
89
90
91
92
93
94
     [case "${enableval}" in
        yes) natpmp=true ;;
        no)  natpmp=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-nat-pmp) ;;
      esac], [natpmp=false])

# By default, we're not ready to ship a UPnP aware Tor
AC_ARG_ENABLE(upnp,
95
     AS_HELP_STRING(--enable-upnp, [enable UPnP support]),
96
97
98
99
100
101
     [case "${enableval}" in
        yes) upnp=true ;;
        no)  upnp=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-upnp) ;;
      esac], [upnp=false])

102
103
# systemd notify support
AC_ARG_ENABLE(systemd,
104
      AS_HELP_STRING(--enable-systemd, [enable systemd notification support]),
105
106
107
108
109
110
111
112
113
      [case "${enableval}" in
        yes) systemd=true ;;
        no)  systemd=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-systemd) ;;
      esac], [systemd=auto])



# systemd support
114
if test x$enable_systemd = xno ; then
115
116
117
118
119
120
    have_systemd=no;
else
    PKG_CHECK_MODULES(SYSTEMD,
        [libsystemd-daemon],
        have_systemd=yes,
        have_systemd=no)
121
122
123
124
125
126
127
    if test x$have_systemd=xno; then
        AC_MSG_NOTICE([Okay, checking for systemd a different way...])
        PKG_CHECK_MODULES(SYSTEMD,
            [libsystemd],
            have_systemd=yes,
            have_systemd=no)
    fi
128
129
130
131
fi

if test x$have_systemd = xyes; then
    AC_DEFINE(HAVE_SYSTEMD,1,[Have systemd])
132
    TOR_SYSTEMD_CFLAGS="${SYSTEMD_CFLAGS}"
133
    TOR_SYSTEMD_LIBS="${SYSTEMD_LIBS}"
134
    PKG_CHECK_MODULES(LIBSYSTEMD209, [libsystemd >= 209],
135
         [AC_DEFINE(HAVE_SYSTEMD_209,1,[Have systemd v209 or more])], [])
136
fi
137
AC_SUBST(TOR_SYSTEMD_CFLAGS)
138
139
140
141
142
143
AC_SUBST(TOR_SYSTEMD_LIBS)

if test x$enable_systemd = xyes -a x$have_systemd != xyes ; then
    AC_MSG_ERROR([Explicitly requested systemd support, but systemd not found])
fi

144
145
146
147
148
149
case $host in
   *-*-solaris* )
     AC_DEFINE(_REENTRANT, 1, [Define on some platforms to activate x_r() functions in time.h])
     ;;
esac

150
AC_ARG_ENABLE(gcc-warnings,
151
     AS_HELP_STRING(--enable-gcc-warnings, [enable verbose warnings]))
152
153
AC_ARG_ENABLE(gcc-warnings-advisory,
     AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
154

155
156
dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
AC_ARG_ENABLE(gcc-hardening,
157
    AS_HELP_STRING(--disable-gcc-hardening, [disable compiler security checks]))
158

159
AC_ARG_ENABLE(expensive-hardening,
160
    AS_HELP_STRING(--enable-expensive-hardening, [enable more expensive compiler hardening; makes Tor slower]))
161

162
163
164
dnl Linker hardening options
dnl Currently these options are ELF specific - you can't use this with MacOSX
AC_ARG_ENABLE(linker-hardening,
165
    AS_HELP_STRING(--disable-linker-hardening, [disable linker security fixups]))
166

167
AC_ARG_ENABLE(local-appdata,
168
   AS_HELP_STRING(--enable-local-appdata, [default to host local application data paths on Windows]))
169
170
171
172
173
if test "$enable_local_appdata" = "yes"; then
  AC_DEFINE(ENABLE_LOCAL_APPDATA, 1,
            [Defined if we default to host local appdata paths on Windows])
fi

174
175
# Tor2web mode flag
AC_ARG_ENABLE(tor2web-mode,
176
     AS_HELP_STRING(--enable-tor2web-mode, [support tor2web non-anonymous mode]),
177
178
179
180
[if test x$enableval = xyes; then
    CFLAGS="$CFLAGS -D ENABLE_TOR2WEB_MODE=1"
fi])

181
AC_ARG_ENABLE(bufferevents,
182
     AS_HELP_STRING(--enable-bufferevents, [use Libevent's buffered IO]))
183

184
AC_ARG_ENABLE(tool-name-check,
185
     AS_HELP_STRING(--disable-tool-name-check, [check for sanely named toolchain when cross-compiling]))
186

187
AC_ARG_ENABLE(seccomp,
188
     AS_HELP_STRING(--disable-seccomp, [do not attempt to use libseccomp]))
189

190
AC_ARG_ENABLE(libscrypt,
191
     AS_HELP_STRING(--disable-libscrypt, [do not attempt to use libscrypt]))
192

193
194
195
196
197
198
dnl check for the correct "ar" when cross-compiling
AN_MAKEVAR([AR], [AC_PROG_AR])
AN_PROGRAM([ar], [AC_PROG_AR])
AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])])
AC_PROG_AR

199
200
201
202
203
204
205
206
207
208
209
210
211
212
dnl Check whether the above macro has settled for a simply named tool even
dnl though we're cross compiling. We must do this before running AC_PROG_CC,
dnl because that will find any cc on the system, not only the cross-compiler,
dnl and then verify that a binary built with this compiler runs on the
dnl build system. It will then come to the false conclusion that we're not
dnl cross-compiling.
if test x$enable_tool_name_check != xno; then
    if test x$ac_tool_warned = xyes; then
        AC_MSG_ERROR([We are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
	elif test "x$ac_ct_AR" != x -a x$cross_compiling = xmaybe; then
		AC_MSG_ERROR([We think we are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
	fi
fi

213
AC_PROG_CC
214
AC_PROG_CPP
215
216
AC_PROG_MAKE_SET
AC_PROG_RANLIB
217

218
219
AC_PATH_PROG([PERL], [perl])

220
221
dnl autoconf 2.59 appears not to support AC_PROG_SED
AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
222

223
224
dnl check for asciidoc and a2x
AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
225
AC_PATH_PROGS([A2X], [a2x a2x.py], none)
226
227

AM_CONDITIONAL(USE_ASCIIDOC, test x$asciidoc = xtrue)
228

229
230
231
232
AM_CONDITIONAL(USE_FW_HELPER, test x$natpmp = xtrue || test x$upnp = xtrue)
AM_CONDITIONAL(NAT_PMP, test x$natpmp = xtrue)
AM_CONDITIONAL(MINIUPNPC, test x$upnp = xtrue)
AM_PROG_CC_C_O
233
AC_PROG_CC_C99
234

235
AC_ARG_VAR([PYTHON], [path to Python binary])
236
AC_CHECK_PROGS(PYTHON, [python python2 python2.7 python3 python3.3])
237
238
239
240
241
if test "x$PYTHON" = "x"; then
  AC_MSG_WARN([Python unavailable; some tests will not be run.])
fi
AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"])

242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
AC_C_FLEXIBLE_ARRAY_MEMBER
], [
 dnl Maybe we've got an old autoconf...
 AC_CACHE_CHECK([for flexible array members],
     tor_cv_c_flexarray,
     [AC_COMPILE_IFELSE(
       AC_LANG_PROGRAM([
 struct abc { int a; char b[]; };
], [
 struct abc *def = malloc(sizeof(struct abc)+sizeof(char));
 def->b[0] = 33;
]),
  [tor_cv_c_flexarray=yes],
  [tor_cv_c_flexarray=no])])
 if test $tor_cv_flexarray = yes ; then
258
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
259
 else
260
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [1], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
261
262
263
 fi
])

264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
AC_CACHE_CHECK([for working C99 mid-block declaration syntax],
      tor_cv_c_c99_decl,
      [AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([], [int x; x = 3; int y; y = 4 + x;])],
	 [tor_cv_c_c99_decl=yes],
	 [tor_cv_c_c99_decl=no] )])
if test "$tor_cv_c_c99_decl" != "yes"; then
  AC_MSG_ERROR([Your compiler doesn't support c99 mid-block declarations. This is required as of Tor 0.2.6.x])
fi

AC_CACHE_CHECK([for working C99 designated initializers],
      tor_cv_c_c99_designated_init,
      [AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([struct s { int a; int b; };],
  	       [[ struct s ss = { .b = 5, .a = 6 }; ]])],
	 [tor_cv_c_c99_designated_init=yes],
	 [tor_cv_c_c99_designated_init=no] )])

if test "$tor_cv_c_c99_designated_init" != "yes"; then
  AC_MSG_ERROR([Your compiler doesn't support c99 designated initializers. This is required as of Tor 0.2.6.x])
fi

286
287
TORUSER=_tor
AC_ARG_WITH(tor-user,
288
        AS_HELP_STRING(--with-tor-user=NAME, [specify username for tor daemon]),
289
290
291
292
293
294
295
296
        [
           TORUSER=$withval
        ]
)
AC_SUBST(TORUSER)

TORGROUP=_tor
AC_ARG_WITH(tor-group,
297
        AS_HELP_STRING(--with-tor-group=NAME, [specify group name for tor daemon]),
298
299
300
301
302
303
        [
           TORGROUP=$withval
        ]
)
AC_SUBST(TORGROUP)

304

305
dnl If _WIN32 is defined and non-zero, we are building for win32
306
AC_MSG_CHECKING([for win32])
307
AC_RUN_IFELSE([AC_LANG_SOURCE([
308
int main(int c, char **v) {
309
310
#ifdef _WIN32
#if _WIN32
311
312
313
314
315
316
317
  return 0;
#else
  return 1;
#endif
#else
  return 2;
#endif
318
}])],
319
bwin32=true; AC_MSG_RESULT([yes]),
320
321
bwin32=false; AC_MSG_RESULT([no]),
bwin32=cross; AC_MSG_RESULT([cross])
322
323
)

324
if test "$bwin32" = cross; then
325
AC_MSG_CHECKING([for win32 (cross)])
326
AC_COMPILE_IFELSE([AC_LANG_SOURCE([
327
#ifdef _WIN32
328
329
330
331
332
int main(int c, char **v) {return 0;}
#else
#error
int main(int c, char **v) {return x(y);}
#endif
333
])],
334
335
336
337
bwin32=true; AC_MSG_RESULT([yes]),
bwin32=false; AC_MSG_RESULT([no]))
fi

Nick Mathewson's avatar
Nick Mathewson committed
338
339
340
341
342
343
if test "$bwin32" = yes; then
  AC_DEFINE(WIN32_LEAN_AND_MEAN, 1, [Defined to avoid including some windows headers])
  AC_DEFINE(WINVER, 0x0501, [Defined to access windows functions and definitions for >=WinXP])
  AC_DEFINE(_WIN32_WINNT, 0x0501, [Defined to access windows functions and definitions for >=WinXP])
fi

344
AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
345

346
347
dnl Enable C99 when compiling with MIPSpro
AC_MSG_CHECKING([for MIPSpro compiler])
348
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(, [
349
350
351
352
#if (defined(__sgi) && defined(_COMPILER_VERSION))
#error
  return x(y);
#endif
353
])],
354
bmipspro=false; AC_MSG_RESULT(no),
355
bmipspro=true; AC_MSG_RESULT(yes))
356

357
if test "$bmipspro" = true; then
358
359
360
  CFLAGS="$CFLAGS -c99"
fi

361
362
AC_C_BIGENDIAN

363
AC_SEARCH_LIBS(socket, [socket network])
364
AC_SEARCH_LIBS(gethostbyname, [nsl])
365
AC_SEARCH_LIBS(dlopen, [dl])
366
AC_SEARCH_LIBS(inet_aton, [resolv])
367
368
369
370
371
372
saved_LIBS="$LIBS"
AC_SEARCH_LIBS([clock_gettime], [rt])
if test "$LIBS" != "$saved_LIBS"; then
   # Looks like we need -lrt for clock_gettime().
   have_rt=yes
fi
373

374
375
AC_SEARCH_LIBS(pthread_create, [pthread])
AC_SEARCH_LIBS(pthread_detach, [pthread])
376

377
378
AM_CONDITIONAL(THREADS_WIN32, test "$bwin32" = "true")
AM_CONDITIONAL(THREADS_PTHREADS, test "$bwin32" = "false")
379

380
381
382
383
dnl -------------------------------------------------------------------
dnl Check for functions before libevent, since libevent-1.2 apparently
dnl exports strlcpy without defining it in a header.

384
AC_CHECK_FUNCS(
385
        _NSGetEnviron \
Sebastian Hahn's avatar
Sebastian Hahn committed
386
        accept4 \
Nick Mathewson's avatar
Nick Mathewson committed
387
388
        backtrace \
        backtrace_symbols_fd \
Sebastian Hahn's avatar
Sebastian Hahn committed
389
        clock_gettime \
390
	eventfd \
391
392
393
        flock \
        ftime \
        getaddrinfo \
Sebastian Hahn's avatar
Sebastian Hahn committed
394
        getifaddrs \
395
        getpass \
396
397
398
399
        getrlimit \
        gettimeofday \
        gmtime_r \
        inet_aton \
Sebastian Hahn's avatar
Sebastian Hahn committed
400
        ioctl \
401
        issetugid \
402
        llround \
403
        localtime_r \
Sebastian Hahn's avatar
Sebastian Hahn committed
404
        lround \
405
        memmem \
406
407
	pipe \
	pipe2 \
408
        prctl \
409
	readpassphrase \
Sebastian Hahn's avatar
Sebastian Hahn committed
410
        rint \
Nick Mathewson's avatar
Nick Mathewson committed
411
        sigaction \
412
413
414
        socketpair \
        strlcat \
        strlcpy \
415
	strnlen \
416
417
418
419
        strptime \
        strtok_r \
        strtoull \
        sysconf \
420
	sysctl \
421
        uname \
422
	usleep \
423
        vasprintf \
424
	_vscprintf
425
)
426

427
if test "$bwin32" != true; then
428
429
430
431
  AC_CHECK_HEADERS(pthread.h)
  AC_CHECK_FUNCS(pthread_create)
fi

432
433
AM_CONDITIONAL(BUILD_READPASSPHRASE_C, test x$ac_cv_func_readpassphrase = xno && test $bwin32 = false)

434
dnl ------------------------------------------------------
435
dnl Where do you live, libevent?  And how do we call you?
436

437
if test "$bwin32" = true; then
438
  TOR_LIB_WS32=-lws2_32
439
  TOR_LIB_IPHLPAPI=-liphlpapi
440
441
  # Some of the cargo-cults recommend -lwsock32 as well, but I don't
  # think it's actually necessary.
442
  TOR_LIB_GDI=-lgdi32
Nick Mathewson's avatar
   
Nick Mathewson committed
443
else
444
445
  TOR_LIB_WS32=
  TOR_LIB_GDI=
Nick Mathewson's avatar
   
Nick Mathewson committed
446
fi
447
448
AC_SUBST(TOR_LIB_WS32)
AC_SUBST(TOR_LIB_GDI)
449
AC_SUBST(TOR_LIB_IPHLPAPI)
Nick Mathewson's avatar
   
Nick Mathewson committed
450

451
tor_libevent_pkg_redhat="libevent"
452
tor_libevent_pkg_debian="libevent-dev"
453
454
455
tor_libevent_devpkg_redhat="libevent-devel"
tor_libevent_devpkg_debian="libevent-dev"

456
457
458
459
460
461
462
463
464
465
dnl On Gnu/Linux or any place we require it, we'll add librt to the Libevent
dnl linking for static builds.
STATIC_LIBEVENT_FLAGS=""
if test "$enable_static_libevent" = "yes"; then
    if test "$have_rt" = yes; then
      STATIC_LIBEVENT_FLAGS=" -lrt "
    fi
fi

TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32], [
466
#ifdef _WIN32
467
468
#include <winsock2.h>
#endif
469
#include <stdlib.h>
470
#include <sys/time.h>
Roger Dingledine's avatar
Roger Dingledine committed
471
#include <sys/types.h>
472
#include <event.h>], [
473
#ifdef _WIN32
474
475
476
#include <winsock2.h>
#endif
void exit(int); void *event_init(void);],
477
    [
478
#ifdef _WIN32
479
{WSADATA d; WSAStartup(0x101,&d); }
480
481
482
#endif
event_init(); exit(0);
], [--with-libevent-dir], [/opt/libevent])
483

484
dnl Now check for particular libevent functions.
485
486
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
487
save_CPPFLAGS="$CPPFLAGS"
488
LIBS="-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $LIBS"
489
LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
490
CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
491
AC_CHECK_FUNCS([event_get_version_number \
492
                evutil_secure_rng_set_urandom_device_file \
493
                evutil_secure_rng_init \
494
               ])
495
496
497
498
AC_CHECK_MEMBERS([struct event.min_heap_idx], , ,
[#include <event.h>
])

499
AC_CHECK_HEADERS(event2/event.h event2/dns.h event2/bufferevent_ssl.h)
500

501
502
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
503
CPPFLAGS="$save_CPPFLAGS"
504

505

506
507
AM_CONDITIONAL(USE_EXTERNAL_EVDNS, test x$ac_cv_header_event2_dns_h = xyes)

508
509
510
511
if test "$enable_static_libevent" = "yes"; then
   if test "$tor_cv_library_libevent_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent")
   else
512
     TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent.a $STATIC_LIBEVENT_FLAGS"
513
514
515
516
517
   fi
else
     TOR_LIBEVENT_LIBS="-levent"
fi

518
519
dnl This isn't the best test for Libevent 2.0.3-alpha.  Once it's released,
dnl we can do much better.
520
521
if test "$enable_bufferevents" = "yes" ; then
  if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes" ; then
522
    AC_MSG_ERROR([You've asked for bufferevent support, but you're using a version of Libevent without SSL support.  This won't work.  We need Libevent 2.0.8-rc or later, and you don't seem to even have Libevent 2.0.3-alpha.])
523
524
525
526
527
528
  else

    CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent"

    # Check for the right version.  First see if version detection works.
    AC_MSG_CHECKING([whether we can detect the Libevent version])
529
    AC_COMPILE_IFELSE([AC_LANG_SOURCE([
530
531
532
533
534
535
536
#include <event2/event.h>
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 10
#error
int x = y(zz);
#else
int x = 1;
#endif
537
  ])], [event_version_number_works=yes; AC_MSG_RESULT([yes]) ],
538
539
540
541
542
     [event_version_number_works=no;  AC_MSG_RESULT([no])])
    if test "$event_version_number_works" != 'yes'; then
      AC_MSG_WARN([Version detection on Libevent seems broken.  Your Libevent installation is probably screwed up or very old.])
    else
      AC_MSG_CHECKING([whether Libevent is new enough for bufferevents])
543
      AC_COMPILE_IFELSE([AC_LANG_SOURCE([
544
#include <event2/event.h>
545
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000d00
546
547
548
549
550
#error
int x = y(zz);
#else
int x = 1;
#endif
551
   ])], [ AC_MSG_RESULT([yes]) ],
552
      [ AC_MSG_RESULT([no])
553
        AC_MSG_ERROR([Libevent does not seem new enough to support bufferevents.  We require 2.0.13-stable or later]) ] )
554
555
    fi
  fi
556
557
fi

558
559
560
561
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

562
563
AM_CONDITIONAL(USE_BUFFEREVENTS, test "$enable_bufferevents" = "yes")
if test "$enable_bufferevents" = "yes"; then
564
565
566
567
568
569
  AC_DEFINE(USE_BUFFEREVENTS, 1, [Defined if we're going to use Libevent's buffered IO API])
  if test "$enable_static_libevent" = "yes"; then
    TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS"
  else
    TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS"
  fi
570
fi
571
AC_SUBST(TOR_LIBEVENT_LIBS)
572

573
574
575
576
577
578
579
dnl ------------------------------------------------------
dnl Where do you live, libm?

dnl On some platforms (Haiku/BeOS) the math library is
dnl part of libroot. In which case don't link against lm
TOR_LIB_MATH=""
save_LIBS="$LIBS"
580
581
582
AC_SEARCH_LIBS(pow, [m], , AC_MSG_ERROR([Could not find pow in libm or libc.]))
if test "$ac_cv_search_pow" != "none required"; then
    TOR_LIB_MATH="$ac_cv_search_pow"
583
584
585
586
fi
LIBS="$save_LIBS"
AC_SUBST(TOR_LIB_MATH)

587
dnl ------------------------------------------------------
588
dnl Where do you live, openssl?  And how do we call you?
589

590
tor_openssl_pkg_redhat="openssl"
591
tor_openssl_pkg_debian="libssl-dev"
592
593
594
tor_openssl_devpkg_redhat="openssl-devel"
tor_openssl_devpkg_debian="libssl-dev"

595
596
ALT_openssl_WITHVAL=""
AC_ARG_WITH(ssl-dir,
597
  AS_HELP_STRING(--with-ssl-dir=PATH, [obsolete alias for --with-openssl-dir]),
598
599
600
601
602
603
  [
      if test "x$withval" != xno && test "x$withval" != "x" ; then
         ALT_openssl_WITHVAL="$withval"
      fi
  ])

604
TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
605
606
    [#include <openssl/rand.h>],
    [void RAND_add(const void *buf, int num, double entropy);],
607
    [RAND_add((void*)0,0,0); exit(0);], [],
608
    [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
609

610
611
dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()

612
613
614
615
if test "$enable_static_openssl" = "yes"; then
   if test "$tor_cv_library_openssl_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-openssl-dir=x option when using --enable-static-openssl")
   else
616
     TOR_OPENSSL_LIBS="$TOR_LIBDIR_openssl/libssl.a $TOR_LIBDIR_openssl/libcrypto.a"
617
618
   fi
else
619
     TOR_OPENSSL_LIBS="-lssl -lcrypto"
620
621
622
fi
AC_SUBST(TOR_OPENSSL_LIBS)

623
624
625
626
627
628
629
dnl Now check for particular openssl functions.
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LIBS="$TOR_OPENSSL_LIBS $LIBS"
LDFLAGS="$TOR_LDFLAGS_openssl $LDFLAGS"
CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS"
630
631
632
633
AC_CHECK_MEMBERS([struct ssl_method_st.get_cipher_by_char], , ,
[#include <openssl/ssl.h>
])

634
635
636
637
638
AC_CHECK_FUNCS([ \
		SSL_SESSION_get_master_key \
		SSL_get_server_random \
                SSL_get_client_ciphers \
                SSL_get_client_random \
639
		SSL_CIPHER_find \
640
		TLS_method
641
642
643
644
645
	       ])
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

646
647
648
dnl ------------------------------------------------------
dnl Where do you live, zlib?  And how do we call you?

649
650
651
652
tor_zlib_pkg_redhat="zlib"
tor_zlib_pkg_debian="zlib1g"
tor_zlib_devpkg_redhat="zlib-devel"
tor_zlib_devpkg_debian="zlib1g-dev"
653
654
655
656
657
658
659

TOR_SEARCH_LIBRARY(zlib, $tryzlibdir, [-lz],
    [#include <zlib.h>],
    [const char * zlibVersion(void);],
    [zlibVersion(); exit(0);], [--with-zlib-dir],
    [/opt/zlib])

660
661
662
663
664
665
666
667
668
669
670
671
if test "$enable_static_zlib" = "yes"; then
   if test "$tor_cv_library_zlib_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-zlib-dir=x option when
 using --enable-static-zlib")
   else
     TOR_ZLIB_LIBS="$TOR_LIBDIR_zlib/libz.a"
   fi
else
     TOR_ZLIB_LIBS="-lz"
fi
AC_SUBST(TOR_ZLIB_LIBS)

672
673
674
675
676
dnl ---------------------------------------------------------------------
dnl Now that we know about our major libraries, we can check for compiler
dnl and linker hardening options.  We need to do this with the libraries known,
dnl since sometimes the linker will like an option but not be willing to
dnl use it with a build of a library.
677

678
all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent"
679
all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI"
680

681
682
683
684
685
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__clang__)
#error
#endif])], have_clang=yes, have_clang=no)

686
687
if test x$enable_gcc_hardening != xno; then
    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
688
689
690
    if test x$have_clang = xyes; then
        TOR_CHECK_CFLAGS(-Qunused-arguments)
    fi
691
692
693
    TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
    AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
    AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
694
m4_ifdef([AS_VAR_IF],[
695
696
697
698
    AS_VAR_IF(can_compile, [yes],
        AS_VAR_IF(can_link, [yes],
                  [],
                  AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
699
        )])
700
701
    AS_VAR_POPDEF([can_link])
    AS_VAR_POPDEF([can_compile])
702
703
704
    TOR_CHECK_CFLAGS(-Wstack-protector)
    TOR_CHECK_CFLAGS(-fwrapv)
    TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
705
706
707
708
    if test "$bwin32" = "false"; then
       TOR_CHECK_CFLAGS(-fPIE)
       TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
    fi
709
fi
710

711
712
713
714
715
716
if test x$enable_expensive_hardening = xyes ; then
   TOR_CHECK_CFLAGS([-fsanitize=address])
   TOR_CHECK_CFLAGS([-fsanitize=undefined])
   TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
fi

717
718
719
if test x$enable_linker_hardening != xno; then
    TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
fi
720

721
722
723
# For backtrace support
TOR_CHECK_LDFLAGS(-rdynamic)

724
dnl ------------------------------------------------------
725
726
727
728
dnl Now see if we have a -fomit-frame-pointer compiler option.

saved_CFLAGS="$CFLAGS"
TOR_CHECK_CFLAGS(-fomit-frame-pointer)
729
F_OMIT_FRAME_POINTER=''
730
if test "$saved_CFLAGS" != "$CFLAGS"; then
731
732
733
  if test x$enable_expensive_hardening != xyes ; then
    F_OMIT_FRAME_POINTER='-fomit-frame-pointer'
  fi
734
735
736
737
fi
CFLAGS="$saved_CFLAGS"
AC_SUBST(F_OMIT_FRAME_POINTER)

738
739
740
741
742
743
744
dnl ------------------------------------------------------
dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it
dnl for us, as GCC 4.6 and later do at many optimization levels), then
dnl we should try to add -fasynchronous-unwind-tables so that our backtrace
dnl code will work.
TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables)

745
746
747
748
749
750
dnl ------------------------------------------------------
dnl Where do you live, libnatpmp?  And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch

if test "$natpmp" = "true"; then
    AC_DEFINE(NAT_PMP, 1, [Define to 1 if we are building with nat-pmp.])
Steven Murdoch's avatar
Steven Murdoch committed
751
    TOR_SEARCH_LIBRARY(libnatpmp, $trylibnatpmpdir, [-lnatpmp $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
752
        [#include <natpmp.h>],
753
        [#ifdef _WIN32
Steven Murdoch's avatar
Steven Murdoch committed
754
755
756
         #define STATICLIB
         #endif
         #include <natpmp.h>],
757
758
759
        [   int r;
            natpmp_t natpmp;
            natpmpresp_t response;
760
            r = initnatpmp(&natpmp, 0, 0);],
761
762
763
764
765
766
767
768
769
770
771
772
            [printf("initnatpmp() returned %d (%s)\n", r, r?"FAILED":"SUCCESS");
            exit(0);],
        [--with-libnatpmp-dir],
        [/usr/lib/])
fi


dnl ------------------------------------------------------
dnl Where do you live, libminiupnpc?  And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch

if test "$upnp" = "true"; then
773
    AC_DEFINE(MINIUPNPC, 1, [Define to 1 if we are building with UPnP.])
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801

    dnl Before we call TOR_SEARCH_LIBRARY we'll do a quick compile test
    dnl to see if we have miniupnpc-1.5 or -1.6
    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <miniupnpc/miniupnpc.h>],
        [upnpDiscover(1, 0, 0, 0);exit(0);])],[miniupnpc15="true"],[miniupnpc15="false"])

    if test "$miniupnpc15" = "true" ; then
        AC_DEFINE([MINIUPNPC15],[1],[libminiupnpc version 1.5 found])
        TOR_SEARCH_LIBRARY(libminiupnpc, $trylibminiupnpcdir, [-lminiupnpc $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
            [#include <miniupnpc/miniwget.h>
             #include <miniupnpc/miniupnpc.h>
             #include <miniupnpc/upnpcommands.h>],
            [void upnpDiscover(int delay, const char * multicastif,
             const char * minissdpdsock, int sameport);],
            [upnpDiscover(1, 0, 0, 0); exit(0);],
            [--with-libminiupnpc-dir],
            [/usr/lib/])
    else
        TOR_SEARCH_LIBRARY(libminiupnpc, $trylibminiupnpcdir, [-lminiupnpc $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
            [#include <miniupnpc/miniwget.h>
             #include <miniupnpc/miniupnpc.h>
             #include <miniupnpc/upnpcommands.h>],
            [void upnpDiscover(int delay, const char * multicastif,
             const char * minissdpdsock, int sameport, int ipv6, int * error);],
            [upnpDiscover(1, 0, 0, 0, 0, 0); exit(0);],
            [--with-libminiupnpc-dir],
            [/usr/lib/])
    fi
802
803
fi

804
805
806
dnl ============================================================
dnl Check for libseccomp

807
808
809
810
if test "x$enable_seccomp" != "xno"; then
  AC_CHECK_HEADERS([seccomp.h])
  AC_SEARCH_LIBS(seccomp_init, [seccomp])
fi
811

812
813
814
815
816
817
818
819
dnl ============================================================
dnl Check for libscrypt

if test "x$enable_libscrypt" != "xno"; then
  AC_CHECK_HEADERS([libscrypt.h])
  AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])
fi

820
821
822
823
824
825
826
827
828
829
dnl ============================================================
dnl We need an implementation of curve25519.

dnl set these defaults.
build_curve25519_donna=no
build_curve25519_donna_c64=no
use_curve25519_donna=no
use_curve25519_nacl=no
CURVE25519_LIBS=

830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
dnl The best choice is using curve25519-donna-c64, but that requires
dnl that we
AC_CACHE_CHECK([whether we can use curve25519-donna-c64],
  tor_cv_can_use_curve25519_donna_c64,
  [AC_RUN_IFELSE(
    [AC_LANG_PROGRAM([dnl
      #include <stdint.h>
      typedef unsigned uint128_t __attribute__((mode(TI)));
  int func(uint64_t a, uint64_t b) {
           uint128_t c = ((uint128_t)a) * b;
           int ok = ((uint64_t)(c>>96)) == 522859 &&
             (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                 (((uint64_t)(c))&0xffffffffL) == 0;
           return ok;
      }
  ], [dnl
    int ok = func( ((uint64_t)2000000000) * 1000000000,
                   ((uint64_t)1234567890) << 24);
        return !ok;
      ])],
  [tor_cv_can_use_curve25519_donna_c64=yes],
      [tor_cv_can_use_curve25519_donna_c64=no],
  [AC_LINK_IFELSE(
        [AC_LANG_PROGRAM([dnl
      #include <stdint.h>
      typedef unsigned uint128_t __attribute__((mode(TI)));
  int func(uint64_t a, uint64_t b) {
           uint128_t c = ((uint128_t)a) * b;
           int ok = ((uint64_t)(c>>96)) == 522859 &&
             (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                 (((uint64_t)(c))&0xffffffffL) == 0;
           return ok;
      }
  ], [dnl
    int ok = func( ((uint64_t)2000000000) * 1000000000,
    	         ((uint64_t)1234567890) << 24);
        return !ok;
      ])],
          [tor_cv_can_use_curve25519_donna_c64=cross],
      [tor_cv_can_use_curve25519_donna_c64=no])])])

AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \
                  nacl/crypto_scalarmult_curve25519.h])

AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation],
  tor_cv_can_use_curve25519_nacl,
  [tor_saved_LIBS="$LIBS"
   LIBS="$LIBS -lnacl"
   AC_LINK_IFELSE(
     [AC_LANG_PROGRAM([dnl
       #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H
       #include <crypto_scalarmult_curve25519.h>
   #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H)
   #include <nacl/crypto_scalarmult_curve25519.h>
   #endif
       #ifdef crypto_scalarmult_curve25519_ref_BYTES
   #error Hey, this is the reference implementation! That's not fast.
   #endif
     ], [
   unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c);
     ])], [tor_cv_can_use_curve25519_nacl=yes],
     [tor_cv_can_use_curve25519_nacl=no])
   LIBS="$tor_saved_LIBS" ])

 dnl Okay, now we need to figure out which one to actually use. Fall back
 dnl to curve25519-donna.c

 if test x$tor_cv_can_use_curve25519_donna_c64 != xno; then
   build_curve25519_donna_c64=yes
   use_curve25519_donna=yes
 elif test x$tor_cv_can_use_curve25519_nacl = xyes; then
   use_curve25519_nacl=yes
   CURVE25519_LIBS=-lnacl
 else
   build_curve25519_donna=yes
   use_curve25519_donna=yes
 fi
909
910
911
912
913
914
915
916
917
918
919
920
921

if test x$use_curve25519_donna = xyes; then
  AC_DEFINE(USE_CURVE25519_DONNA, 1,
            [Defined if we should use an internal curve25519_donna{,_c64} implementation])
fi
if test x$use_curve25519_nacl = xyes; then
  AC_DEFINE(USE_CURVE25519_NACL, 1,
            [Defined if we should use a curve25519 from nacl])
fi
AM_CONDITIONAL(BUILD_CURVE25519_DONNA, test x$build_curve25519_donna = xyes)
AM_CONDITIONAL(BUILD_CURVE25519_DONNA_C64, test x$build_curve25519_donna_c64 = xyes)
AC_SUBST(CURVE25519_LIBS)

922
dnl Make sure to enable support for large off_t if available.
923
924
AC_SYS_LARGEFILE

925
926
927
928
929
930
931
932
933
934
935
936
937
AC_CHECK_HEADERS(
        assert.h \
        errno.h \
        fcntl.h \
        signal.h \
        string.h \
        sys/fcntl.h \
        sys/stat.h \
        sys/time.h \
        sys/types.h \
        time.h \
        unistd.h
 , , AC_MSG_WARN(Some headers were not found, compilation may fail.  If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
938

939
940
dnl These headers are not essential

941
942
AC_CHECK_HEADERS(
        arpa/inet.h \
943
        crt_externs.h \
Nick Mathewson's avatar
Nick Mathewson committed
944
        execinfo.h \
945
        grp.h \
Sebastian Hahn's avatar
Sebastian Hahn committed
946
        ifaddrs.h \
947
948
949
950
951
952
953
954
955
956
957
        inttypes.h \
        limits.h \
        linux/types.h \
        machine/limits.h \
        malloc.h \
        malloc/malloc.h \
        malloc_np.h \
        netdb.h \
        netinet/in.h \
        netinet/in6.h \
        pwd.h \
958
	readpassphrase.h \
959
        stdint.h \
960
	sys/eventfd.h \
961
962
963
964
965
966
967
        sys/file.h \
        sys/ioctl.h \
        sys/limits.h \
        sys/mman.h \
        sys/param.h \
        sys/prctl.h \
        sys/resource.h \
968
        sys/select.h \
969
        sys/socket.h \
970
	sys/sysctl.h \
971
972
973
974
975
976
977
978
979
        sys/syslimits.h \
        sys/time.h \
        sys/types.h \
        sys/un.h \
        sys/utime.h \
        sys/wait.h \
        syslog.h \
        utime.h
)
980

981
982
AC_CHECK_HEADERS(sys/param.h)

983
AC_CHECK_HEADERS(net/if.h, net_if_found=1, net_if_found=0,
984
985
986
987
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
988
989
#include <sys/socket.h>
#endif])
990
AC_CHECK_HEADERS(net/pfvar.h, net_pfvar_found=1, net_pfvar_found=0,
991
992
993
994
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
995
#include <sys/socket.h>
996
997
998
#endif
#ifdef HAVE_NET_IF_H
#include <net/if.h>
999
#endif])
1000
1001
1002
1003
1004
1005
1006
1007

AC_CHECK_HEADERS(linux/if.h,[],[],
[
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
])

1008
AC_CHECK_HEADERS(linux/netfilter_ipv4.h,
1009
        linux_netfilter_ipv4=1, linux_netfilter_ipv4=0,
1010
1011
1012
1013
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
1014
#include <sys/socket.h>
1015
#endif
1016
1017
1018
1019
1020
1021
1022
1023
1024
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif
#ifdef HAVE_LINUX_TYPES_H
#include <linux/types.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
1025
1026
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
1027
#endif])
1028

1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
AC_CHECK_HEADERS(linux/netfilter_ipv6/ip6_tables.h,
        linux_netfilter_ipv6_ip6_tables=1, linux_netfilter_ipv6_ip6_tables=0,
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif
#ifdef HAVE_LINUX_TYPES_H
#include <linux/types.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_LINUX_IF_H
#include <linux/if.h>
#endif])

1053
1054
if test x$transparent = xtrue ; then
   transparent_ok=0
1055
   if test x$net_if_found = x1 && test x$net_pfvar_found = x1 ; then
1056
1057
1058
1059
1060
     transparent_ok=1
   fi
   if test x$linux_netfilter_ipv4 = x1 ; then
     transparent_ok=1
   fi
1061
1062
1063
   if test x$linux_netfilter_ipv6_ip6_tables = x1 ; then
     transparent_ok=1
   fi
1064
   if test x$transparent_ok = x1 ; then
1065
1066
     AC_DEFINE(USE_TRANSPARENT, 1, "Define to enable transparent proxy support")
     case $host in
1067
       *-*-openbsd* | *-*-bitrig*)
1068
1069
1070
1071
1072
1073
1074
         AC_DEFINE(OPENBSD, 1, "Define to handle pf on OpenBSD properly") ;;
     esac
   else
     AC_MSG_NOTICE([Transparent proxy support enabled, but missing headers.])
   fi
fi

1075
1076
1077
1078
1079
1080
1081
AC_CHECK_MEMBERS([struct timeval.tv_sec], , ,
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif])
1082

1083
1084
1085
dnl In case we aren't given a working stdint.h, we'll need to grow our own.
dnl Watch out.

1086
1087
1088
1089
1090
1091
1092
1093
AC_CHECK_SIZEOF(int8_t)
AC_CHECK_SIZEOF(int16_t)
AC_CHECK_SIZEOF(int32_t)
AC_CHECK_SIZEOF(int64_t)
AC_CHECK_SIZEOF(uint8_t)
AC_CHECK_SIZEOF(uint16_t)
AC_CHECK_SIZEOF(uint32_t)
AC_CHECK_SIZEOF(uint64_t)
1094
1095
AC_CHECK_SIZEOF(intptr_t)
AC_CHECK_SIZEOF(uintptr_t)
1096

1097
dnl AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t, uint8_t, uint16_t, uint32_t, uint64_t, intptr_t, uintptr_t])
1098

1099
1100
1101
1102
1103
1104
AC_CHECK_SIZEOF(char)
AC_CHECK_SIZEOF(short)
AC_CHECK_SIZEOF(int)
AC_CHECK_SIZEOF(long)
AC_CHECK_SIZEOF(long long)
AC_CHECK_SIZEOF(__int64)
1105
AC_CHECK_SIZEOF(void *)
1106
AC_CHECK_SIZEOF(time_t)
1107
AC_CHECK_SIZEOF(size_t)
1108
AC_CHECK_SIZEOF(pid_t)
1109

1110
AC_CHECK_TYPES([uint, u_char, ssize_t])
1111

1112
1113
AC_PC_FROM_UCONTEXT([/bin/true])

1114
1115
dnl used to include sockaddr_storage, but everybody has that.
AC_CHECK_TYPES([struct in6_addr, struct sockaddr_in6, sa_family_t], , ,
1116
1117
1118
1119
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
1120
1121
1122
1123
1124
1125
1126
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
1127
#endif
1128
#ifdef _WIN32
1129
#define _WIN32_WINNT 0x0501
1130
1131
1132
1133
1134
#define WIN32_LEAN_AND_MEAN
#include <winsock2.h>
#include <ws2tcpip.h>
#endif
])
1135
AC_CHECK_MEMBERS([struct in6_addr.s6_addr32, struct in6_addr.s6_addr16, struct sockaddr_in.sin_len, struct sockaddr_in6.sin6_len], , ,
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
1148
#ifdef _WIN32
1149
#define _WIN32_WINNT 0x0501
1150
1151
1152
1153
1154
1155
#define WIN32_LEAN_AND_MEAN
#include <winsock2.h>
#include <ws2tcpip.h>
#endif
#endif
])
1156

1157
AC_CHECK_TYPES([rlim_t], , ,
1158
1159
1160
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
1161
1162
1163
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
1164
#ifdef HAVE_SYS_RESOURCE_H
1165
1166
1167
1168
#include <sys/resource.h>
#endif
])

1169
1170
1171
AX_CHECK_SIGN([time_t],
       [ AC_DEFINE(TIME_T_IS_SIGNED, 1, [Define if time_t is signed]) ],
       [ : ], [
1172
1173
1174
1175
1176
1177
1178
1179
1180
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#ifdef HAVE_TIME_H
#include <time.h>
#endif
1181
])
1182

1183
1184
1185
1186
if test "$ax_cv_decl_time_t_signed" = no; then
  AC_MSG_WARN([You have an unsigned time_t; some things will probably break. Please tell the Tor developers about your interesting platform.])
fi

1187
1188
1189
AX_CHECK_SIGN([size_t],
       [ tor_cv_size_t_signed=yes ],
       [ tor_cv_size_t_signed=no ], [
1190
1191
1192
1193
1194
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
])

1195
if test "$ax_cv_decl_size_t_signed" = yes; then
1196
1197
1198
  AC_MSG_ERROR([You have a signed size_t; that's grossly nonconformant.])
fi

1199
1200
1201
1202
1203
1204
AX_CHECK_SIGN([enum always],
       [ AC_DEFINE(ENUM_VALS_ARE_SIGNED, 1, [Define if enum is always signed]) ],
       [ : ], [
 enum always { AAA, BBB, CCC };
])

1205
1206
1207
1208
1209
AC_CHECK_SIZEOF(socklen_t, , [AC_INCLUDES_DEFAULT()
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
])
1210

1211
1212
1213
1214
# We want to make sure that we _don't_ have a cell_t defined, like IRIX does.

AC_CHECK_SIZEOF(cell_t)

1215
1216
1217
1218
# Now make sure that NULL can be represented as zero bytes.
AC_CACHE_CHECK([whether memset(0) sets pointers to NULL], tor_cv_null_is_zero,
[AC_RUN_IFELSE([AC_LANG_SOURCE(
[[#include <stdlib.h>
1219
#include <string.h>
1220
1221
1222
1223
#include <stdio.h>
#ifdef HAVE_STDDEF_H
#include <stddef.h>
#endif
1224
int main () { char *p1,*p2; p1=NULL; memset(&p2,0,sizeof(p2));
1225
return memcmp(&p1,&am