configure.ac 47.5 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
dnl Copyright (c) 2001-2004, Roger Dingledine
2
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
3
dnl Copyright (c) 2007-2013, The Tor Project, Inc.
Nick Mathewson's avatar
Nick Mathewson committed
4
dnl See LICENSE for licensing information
5

6
AC_INIT([tor],[0.2.5.1-alpha-dev])
Stewart Smith's avatar
Stewart Smith committed
7
AC_CONFIG_SRCDIR([src/or/main.c])
8
AC_CONFIG_MACRO_DIR([m4])
Stewart Smith's avatar
Stewart Smith committed
9
AM_INIT_AUTOMAKE
10
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
11
AC_CONFIG_HEADERS([orconfig.h])
12

13
14
AC_CANONICAL_HOST

15
if test -f /etc/redhat-release ; then
16
  if test -f /usr/kerberos/include ; then
17
    CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include"
18
  fi
19
fi
20

21
22
# Not a no-op; we want to make sure that CPPFLAGS is set before we use
# the += operator on it in src/or/Makefile.am
23
CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common"
24

25
26
27
#XXXX020 We should make these enabled or not, before 0.2.0.x-final
AC_ARG_ENABLE(buf-freelists,
   AS_HELP_STRING(--disable-buf-freelists, disable freelists for buffer RAM))
28
29
AC_ARG_ENABLE(openbsd-malloc,
   AS_HELP_STRING(--enable-openbsd-malloc, Use malloc code from openbsd.  Linux only))
30
31
AC_ARG_ENABLE(instrument-downloads,
   AS_HELP_STRING(--enable-instrument-downloads, Instrument downloads of directory resources etc.))
32
33
34
35
AC_ARG_ENABLE(static-openssl,
   AS_HELP_STRING(--enable-static-openssl, Link against a static openssl library. Requires --with-openssl-dir))
AC_ARG_ENABLE(static-libevent,
   AS_HELP_STRING(--enable-static-libevent, Link against a static libevent library. Requires --with-libevent-dir))
36
37
AC_ARG_ENABLE(static-zlib,
   AS_HELP_STRING(--enable-static-zlib, Link against a static zlib library. Requires --with-zlib-dir))
38
AC_ARG_ENABLE(static-tor,
39
   AS_HELP_STRING(--enable-static-tor, Create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir))
40
41
AC_ARG_ENABLE(curve25519,
   AS_HELP_STRING(--disable-curve25519, Build Tor with no curve25519 elliptic-curve crypto support))
42
43
AC_ARG_ENABLE(unittests,
   AS_HELP_STRING(--disable-unittests, [Don't build unit tests for Tor. Risky!]))
44
45
AC_ARG_ENABLE(coverage,
   AS_HELP_STRING(--enable-coverage, [Enable coverage support in the unit-test build]))
46

47
48
49
AM_CONDITIONAL(UNITTESTS_ENABLED, test x$enable_unittests != xno)
AM_CONDITIONAL(COVERAGE_ENABLED, test x$enable_coverage = xyes)

50
51
52
53
54
55
if test "$enable_static_tor" = "yes"; then
  enable_static_libevent="yes";
  enable_static_openssl="yes";
  enable_static_zlib="yes";
  CFLAGS="$CFLAGS -static"
fi
56

57
58
59
60
if test x$enable_buf_freelists != xno; then
  AC_DEFINE(ENABLE_BUF_FREELISTS, 1,
            [Defined if we try to use freelists for buffer RAM chunks])
fi
61
AM_CONDITIONAL(USE_OPENBSD_MALLOC, test x$enable_openbsd_malloc = xyes)
62
if test x$enable_instrument_downloads = xyes; then
63
64
65
  AC_DEFINE(INSTRUMENT_DOWNLOADS, 1,
            [Defined if we want to keep track of how much of each kind of resource we download.])
fi
66

67
AC_ARG_ENABLE(transparent,
68
     AS_HELP_STRING(--disable-transparent, disable transparent proxy support),
69
70
71
72
73
74
     [case "${enableval}" in
        yes) transparent=true ;;
        no)  transparent=false ;;
        *) AC_MSG_ERROR(bad value for --enable-transparent) ;;
      esac], [transparent=true])

75
76
77
78
79
80
81
82
AC_ARG_ENABLE(asciidoc,
     AS_HELP_STRING(--disable-asciidoc, don't use asciidoc (disables building of manpages)),
     [case "${enableval}" in
        yes) asciidoc=true ;;
        no)  asciidoc=false ;;
        *) AC_MSG_ERROR(bad value for --disable-asciidoc) ;;
      esac], [asciidoc=true])

83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# By default, we're not ready to ship a NAT-PMP aware Tor
AC_ARG_ENABLE(nat-pmp,
     AS_HELP_STRING(--enable-nat-pmp, enable NAT-PMP support),
     [case "${enableval}" in
        yes) natpmp=true ;;
        no)  natpmp=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-nat-pmp) ;;
      esac], [natpmp=false])

# By default, we're not ready to ship a UPnP aware Tor
AC_ARG_ENABLE(upnp,
     AS_HELP_STRING(--enable-upnp, enable UPnP support),
     [case "${enableval}" in
        yes) upnp=true ;;
        no)  upnp=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-upnp) ;;
      esac], [upnp=false])

101

Nick Mathewson's avatar
Nick Mathewson committed
102
AC_ARG_ENABLE(threads,
103
     AS_HELP_STRING(--disable-threads, disable multi-threading support))
Nick Mathewson's avatar
Nick Mathewson committed
104
105

if test x$enable_threads = x; then
106
   case $host in
107
108
109
110
111
    *-*-solaris* )
     # Don't try multithreading on solaris -- cpuworkers seem to lock.
     AC_MSG_NOTICE([You are running Solaris; Sometimes threading makes
cpu workers lock up here, so I will disable threads.])
     enable_threads="no";;
Nick Mathewson's avatar
Nick Mathewson committed
112
113
114
115
116
    *)
     enable_threads="yes";;
   esac
fi

117
if test "$enable_threads" = "yes"; then
Nick Mathewson's avatar
Nick Mathewson committed
118
119
120
  AC_DEFINE(ENABLE_THREADS, 1, [Defined if we will try to use multithreading])
fi

121
122
123
124
125
126
case $host in
   *-*-solaris* )
     AC_DEFINE(_REENTRANT, 1, [Define on some platforms to activate x_r() functions in time.h])
     ;;
esac

127
AC_ARG_ENABLE(gcc-warnings,
128
     AS_HELP_STRING(--enable-gcc-warnings, enable verbose warnings))
129
130
AC_ARG_ENABLE(gcc-warnings-advisory,
     AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
131

132
133
134
135
136
dnl Adam shostack suggests the following for Windows:
dnl -D_FORTIFY_SOURCE=2 -fstack-protector-all
dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
dnl This requires that we use gcc and that we add -O2 to the CFLAGS.
AC_ARG_ENABLE(gcc-hardening,
137
    AS_HELP_STRING(--disable-gcc-hardening, disable compiler security checks))
138
139
140
141

dnl Linker hardening options
dnl Currently these options are ELF specific - you can't use this with MacOSX
AC_ARG_ENABLE(linker-hardening,
142
    AS_HELP_STRING(--disable-linker-hardening, disable linker security fixups))
143

144
145
146
147
148
149
150
AC_ARG_ENABLE(local-appdata,
   AS_HELP_STRING(--enable-local-appdata, default to host local application data paths on Windows))
if test "$enable_local_appdata" = "yes"; then
  AC_DEFINE(ENABLE_LOCAL_APPDATA, 1,
            [Defined if we default to host local appdata paths on Windows])
fi

151
152
153
154
155
156
157
# Tor2web mode flag
AC_ARG_ENABLE(tor2web-mode,
     AS_HELP_STRING(--enable-tor2web-mode, support tor2web non-anonymous mode),
[if test x$enableval = xyes; then
    CFLAGS="$CFLAGS -D ENABLE_TOR2WEB_MODE=1"
fi])

158
159
160
AC_ARG_ENABLE(bufferevents,
     AS_HELP_STRING(--enable-bufferevents, use Libevent's buffered IO.))

161
162
163
164
165
166
dnl check for the correct "ar" when cross-compiling
AN_MAKEVAR([AR], [AC_PROG_AR])
AN_PROGRAM([ar], [AC_PROG_AR])
AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])])
AC_PROG_AR

167
AC_PROG_CC
168
AC_PROG_CPP
169
170
AC_PROG_MAKE_SET
AC_PROG_RANLIB
171
172
173

dnl autoconf 2.59 appears not to support AC_PROG_SED
AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
174

175
176
177
dnl check for asciidoc and a2x
AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
AC_PATH_PROG([A2X], [a2x], none)
178
179

AM_CONDITIONAL(USE_ASCIIDOC, test x$asciidoc = xtrue)
180

181
182
183
184
AM_CONDITIONAL(USE_FW_HELPER, test x$natpmp = xtrue || test x$upnp = xtrue)
AM_CONDITIONAL(NAT_PMP, test x$natpmp = xtrue)
AM_CONDITIONAL(MINIUPNPC, test x$upnp = xtrue)
AM_PROG_CC_C_O
185

186
187
188
189
190
191
192
AC_ARG_VAR(PYTHON)
AC_CHECK_PROGS(PYTHON, [python python2 python3])
if test "x$PYTHON" = "x"; then
  AC_MSG_WARN([Python unavailable; some tests will not be run.])
fi
AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"])

193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
AC_C_FLEXIBLE_ARRAY_MEMBER
], [
 dnl Maybe we've got an old autoconf...
 AC_CACHE_CHECK([for flexible array members],
     tor_cv_c_flexarray,
     [AC_COMPILE_IFELSE(
       AC_LANG_PROGRAM([
 struct abc { int a; char b[]; };
], [
 struct abc *def = malloc(sizeof(struct abc)+sizeof(char));
 def->b[0] = 33;
]),
  [tor_cv_c_flexarray=yes],
  [tor_cv_c_flexarray=no])])
 if test $tor_cv_flexarray = yes ; then
209
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
210
 else
211
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [1], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
212
213
214
 fi
])

215
216
AC_PATH_PROG([SHA1SUM], [sha1sum], none)
AC_PATH_PROG([OPENSSL], [openssl], none)
217

218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
TORUSER=_tor
AC_ARG_WITH(tor-user,
        [  --with-tor-user=NAME    Specify username for tor daemon ],
        [
           TORUSER=$withval
        ]
)
AC_SUBST(TORUSER)

TORGROUP=_tor
AC_ARG_WITH(tor-group,
        [  --with-tor-group=NAME   Specify group name for tor daemon ],
        [
           TORGROUP=$withval
        ]
)
AC_SUBST(TORGROUP)

236

237
dnl If _WIN32 is defined and non-zero, we are building for win32
238
AC_MSG_CHECKING([for win32])
239
AC_RUN_IFELSE([AC_LANG_SOURCE([
240
int main(int c, char **v) {
241
242
#ifdef _WIN32
#if _WIN32
243
244
245
246
247
248
249
  return 0;
#else
  return 1;
#endif
#else
  return 2;
#endif
250
}])],
251
bwin32=true; AC_MSG_RESULT([yes]),
252
253
bwin32=false; AC_MSG_RESULT([no]),
bwin32=cross; AC_MSG_RESULT([cross])
254
255
)

256
if test "$bwin32" = cross; then
257
AC_MSG_CHECKING([for win32 (cross)])
258
AC_COMPILE_IFELSE([AC_LANG_SOURCE([
259
#ifdef _WIN32
260
261
262
263
264
int main(int c, char **v) {return 0;}
#else
#error
int main(int c, char **v) {return x(y);}
#endif
265
])],
266
267
268
269
bwin32=true; AC_MSG_RESULT([yes]),
bwin32=false; AC_MSG_RESULT([no]))
fi

270
AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
271

272
273
dnl Enable C99 when compiling with MIPSpro
AC_MSG_CHECKING([for MIPSpro compiler])
274
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(, [
275
276
277
278
#if (defined(__sgi) && defined(_COMPILER_VERSION))
#error
  return x(y);
#endif
279
])],
280
bmipspro=false; AC_MSG_RESULT(no),
281
bmipspro=true; AC_MSG_RESULT(yes))
282

283
if test "$bmipspro" = true; then
284
285
286
  CFLAGS="$CFLAGS -c99"
fi

287
288
AC_C_BIGENDIAN

289
AC_SEARCH_LIBS(socket, [socket network])
290
AC_SEARCH_LIBS(gethostbyname, [nsl])
291
AC_SEARCH_LIBS(dlopen, [dl])
292
AC_SEARCH_LIBS(inet_aton, [resolv])
293
294
295
296
297
298
saved_LIBS="$LIBS"
AC_SEARCH_LIBS([clock_gettime], [rt])
if test "$LIBS" != "$saved_LIBS"; then
   # Looks like we need -lrt for clock_gettime().
   have_rt=yes
fi
299

300
if test "$enable_threads" = "yes"; then
301
302
303
  AC_SEARCH_LIBS(pthread_create, [pthread])
  AC_SEARCH_LIBS(pthread_detach, [pthread])
fi
304

305
306
307
308
dnl -------------------------------------------------------------------
dnl Check for functions before libevent, since libevent-1.2 apparently
dnl exports strlcpy without defining it in a header.

309
AC_CHECK_FUNCS(
310
        _NSGetEnviron \
Sebastian Hahn's avatar
Sebastian Hahn committed
311
312
        accept4 \
        clock_gettime \
313
314
315
        flock \
        ftime \
        getaddrinfo \
Sebastian Hahn's avatar
Sebastian Hahn committed
316
        getifaddrs \
317
318
319
320
        getrlimit \
        gettimeofday \
        gmtime_r \
        inet_aton \
Sebastian Hahn's avatar
Sebastian Hahn committed
321
        ioctl \
322
        issetugid \
323
        llround \
324
        localtime_r \
Sebastian Hahn's avatar
Sebastian Hahn committed
325
        lround \
326
327
        memmem \
        prctl \
Sebastian Hahn's avatar
Sebastian Hahn committed
328
        rint \
329
330
331
332
333
334
335
336
337
        socketpair \
        strlcat \
        strlcpy \
        strptime \
        strtok_r \
        strtoull \
        sysconf \
        uname \
        vasprintf \
338
	_vscprintf
339
)
340

341
if test "$enable_threads" = "yes"; then
342
343
344
345
  AC_CHECK_HEADERS(pthread.h)
  AC_CHECK_FUNCS(pthread_create)
fi

346
dnl ------------------------------------------------------
347
dnl Where do you live, libevent?  And how do we call you?
348

349
if test "$bwin32" = true; then
350
  TOR_LIB_WS32=-lws2_32
351
  TOR_LIB_IPHLPAPI=-liphlpapi
352
353
  # Some of the cargo-cults recommend -lwsock32 as well, but I don't
  # think it's actually necessary.
354
  TOR_LIB_GDI=-lgdi32
Nick Mathewson's avatar
   
Nick Mathewson committed
355
else
356
357
  TOR_LIB_WS32=
  TOR_LIB_GDI=
Nick Mathewson's avatar
   
Nick Mathewson committed
358
fi
359
360
AC_SUBST(TOR_LIB_WS32)
AC_SUBST(TOR_LIB_GDI)
361
AC_SUBST(TOR_LIB_IPHLPAPI)
Nick Mathewson's avatar
   
Nick Mathewson committed
362

363
364
365
366
dnl We need to do this before we try our disgusting hack below.
AC_CHECK_HEADERS([sys/types.h])

dnl This is a disgusting hack so we safely include older libevent headers.
367
368
369
370
371
AC_CHECK_TYPE(u_int64_t, unsigned long long)
AC_CHECK_TYPE(u_int32_t, unsigned long)
AC_CHECK_TYPE(u_int16_t, unsigned short)
AC_CHECK_TYPE(u_int8_t, unsigned char)

372
tor_libevent_pkg_redhat="libevent"
373
tor_libevent_pkg_debian="libevent-dev"
374
375
376
tor_libevent_devpkg_redhat="libevent-devel"
tor_libevent_devpkg_debian="libevent-dev"

377
378
379
380
381
382
383
384
385
386
dnl On Gnu/Linux or any place we require it, we'll add librt to the Libevent
dnl linking for static builds.
STATIC_LIBEVENT_FLAGS=""
if test "$enable_static_libevent" = "yes"; then
    if test "$have_rt" = yes; then
      STATIC_LIBEVENT_FLAGS=" -lrt "
    fi
fi

TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32], [
387
#ifdef _WIN32
388
389
#include <winsock2.h>
#endif
390
#include <stdlib.h>
391
#include <sys/time.h>
Roger Dingledine's avatar
Roger Dingledine committed
392
#include <sys/types.h>
393
#include <event.h>], [
394
#ifdef _WIN32
395
396
397
#include <winsock2.h>
#endif
void exit(int); void *event_init(void);],
398
    [
399
#ifdef _WIN32
400
{WSADATA d; WSAStartup(0x101,&d); }
401
402
403
#endif
event_init(); exit(0);
], [--with-libevent-dir], [/opt/libevent])
404

405
dnl Now check for particular libevent functions.
406
407
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
408
save_CPPFLAGS="$CPPFLAGS"
409
LIBS="-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $LIBS"
410
LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
411
CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
412
413
414
415
416
AC_CHECK_FUNCS([event_get_version \
                event_get_version_number \
                event_get_method \
                event_set_log_callback \
                evdns_set_outgoing_bind_address \
417
                evutil_secure_rng_set_urandom_device_file \
418
                event_base_loopexit])
419
420
421
422
AC_CHECK_MEMBERS([struct event.min_heap_idx], , ,
[#include <event.h>
])

423
AC_CHECK_HEADERS(event2/event.h event2/dns.h event2/bufferevent_ssl.h)
424

425
426
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
427
CPPFLAGS="$save_CPPFLAGS"
428

429

430
431
AM_CONDITIONAL(USE_EXTERNAL_EVDNS, test x$ac_cv_header_event2_dns_h = xyes)

432
433
434
435
if test "$enable_static_libevent" = "yes"; then
   if test "$tor_cv_library_libevent_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent")
   else
436
     TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent.a $STATIC_LIBEVENT_FLAGS"
437
438
439
440
441
   fi
else
     TOR_LIBEVENT_LIBS="-levent"
fi

442
443
dnl This isn't the best test for Libevent 2.0.3-alpha.  Once it's released,
dnl we can do much better.
444
445
if test "$enable_bufferevents" = "yes" ; then
  if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes" ; then
446
    AC_MSG_ERROR([You've asked for bufferevent support, but you're using a version of Libevent without SSL support.  This won't work.  We need Libevent 2.0.8-rc or later, and you don't seem to even have Libevent 2.0.3-alpha.])
447
448
449
450
451
452
  else

    CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent"

    # Check for the right version.  First see if version detection works.
    AC_MSG_CHECKING([whether we can detect the Libevent version])
453
    AC_COMPILE_IFELSE([AC_LANG_SOURCE([
454
455
456
457
458
459
460
#include <event2/event.h>
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 10
#error
int x = y(zz);
#else
int x = 1;
#endif
461
  ])], [event_version_number_works=yes; AC_MSG_RESULT([yes]) ],
462
463
464
465
466
     [event_version_number_works=no;  AC_MSG_RESULT([no])])
    if test "$event_version_number_works" != 'yes'; then
      AC_MSG_WARN([Version detection on Libevent seems broken.  Your Libevent installation is probably screwed up or very old.])
    else
      AC_MSG_CHECKING([whether Libevent is new enough for bufferevents])
467
      AC_COMPILE_IFELSE([AC_LANG_SOURCE([
468
#include <event2/event.h>
469
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000d00
470
471
472
473
474
#error
int x = y(zz);
#else
int x = 1;
#endif
475
   ])], [ AC_MSG_RESULT([yes]) ],
476
      [ AC_MSG_RESULT([no])
477
        AC_MSG_ERROR([Libevent does not seem new enough to support bufferevents.  We require 2.0.13-stable or later]) ] )
478
479
    fi
  fi
480
481
fi

482
483
484
485
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

486
487
AM_CONDITIONAL(USE_BUFFEREVENTS, test "$enable_bufferevents" = "yes")
if test "$enable_bufferevents" = "yes"; then
488
489
490
491
492
493
  AC_DEFINE(USE_BUFFEREVENTS, 1, [Defined if we're going to use Libevent's buffered IO API])
  if test "$enable_static_libevent" = "yes"; then
    TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS"
  else
    TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS"
  fi
494
fi
495
AC_SUBST(TOR_LIBEVENT_LIBS)
496

497
498
499
500
501
502
503
dnl ------------------------------------------------------
dnl Where do you live, libm?

dnl On some platforms (Haiku/BeOS) the math library is
dnl part of libroot. In which case don't link against lm
TOR_LIB_MATH=""
save_LIBS="$LIBS"
504
505
506
AC_SEARCH_LIBS(pow, [m], , AC_MSG_ERROR([Could not find pow in libm or libc.]))
if test "$ac_cv_search_pow" != "none required"; then
    TOR_LIB_MATH="$ac_cv_search_pow"
507
508
509
510
fi
LIBS="$save_LIBS"
AC_SUBST(TOR_LIB_MATH)

511
dnl ------------------------------------------------------
512
dnl Where do you live, openssl?  And how do we call you?
513

514
tor_openssl_pkg_redhat="openssl"
515
tor_openssl_pkg_debian="libssl-dev"
516
517
518
tor_openssl_devpkg_redhat="openssl-devel"
tor_openssl_devpkg_debian="libssl-dev"

519
520
521
522
523
524
525
526
527
ALT_openssl_WITHVAL=""
AC_ARG_WITH(ssl-dir,
  [  --with-ssl-dir=PATH    Obsolete alias for --with-openssl-dir ],
  [
      if test "x$withval" != xno && test "x$withval" != "x" ; then
         ALT_openssl_WITHVAL="$withval"
      fi
  ])

528
TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
529
530
    [#include <openssl/rand.h>],
    [void RAND_add(const void *buf, int num, double entropy);],
531
    [RAND_add((void*)0,0,0); exit(0);], [],
532
    [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
533

534
535
dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()

536
537
538
539
if test "$enable_static_openssl" = "yes"; then
   if test "$tor_cv_library_openssl_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-openssl-dir=x option when using --enable-static-openssl")
   else
540
     TOR_OPENSSL_LIBS="$TOR_LIBDIR_openssl/libssl.a $TOR_LIBDIR_openssl/libcrypto.a"
541
542
   fi
else
543
     TOR_OPENSSL_LIBS="-lssl -lcrypto"
544
545
546
fi
AC_SUBST(TOR_OPENSSL_LIBS)

547
548
549
dnl ------------------------------------------------------
dnl Where do you live, zlib?  And how do we call you?

550
551
552
553
tor_zlib_pkg_redhat="zlib"
tor_zlib_pkg_debian="zlib1g"
tor_zlib_devpkg_redhat="zlib-devel"
tor_zlib_devpkg_debian="zlib1g-dev"
554
555
556
557
558
559
560

TOR_SEARCH_LIBRARY(zlib, $tryzlibdir, [-lz],
    [#include <zlib.h>],
    [const char * zlibVersion(void);],
    [zlibVersion(); exit(0);], [--with-zlib-dir],
    [/opt/zlib])

561
562
563
564
565
566
567
568
569
570
571
572
if test "$enable_static_zlib" = "yes"; then
   if test "$tor_cv_library_zlib_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-zlib-dir=x option when
 using --enable-static-zlib")
   else
     TOR_ZLIB_LIBS="$TOR_LIBDIR_zlib/libz.a"
   fi
else
     TOR_ZLIB_LIBS="-lz"
fi
AC_SUBST(TOR_ZLIB_LIBS)

573
574
575
576
577
dnl ---------------------------------------------------------------------
dnl Now that we know about our major libraries, we can check for compiler
dnl and linker hardening options.  We need to do this with the libraries known,
dnl since sometimes the linker will like an option but not be willing to
dnl use it with a build of a library.
578

579
580
581
all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent"
all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI"

582
583
584
585
586
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__clang__)
#error
#endif])], have_clang=yes, have_clang=no)

587
588
if test x$enable_gcc_hardening != xno; then
    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
589
590
591
    if test x$have_clang = xyes; then
        TOR_CHECK_CFLAGS(-Qunused-arguments)
    fi
592
593
594
595
596
597
598
599
600
601
    TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
    AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
    AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
    AS_VAR_IF(can_compile, [yes],
        AS_VAR_IF(can_link, [yes],
                  [],
                  AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
        )
    AS_VAR_POPDEF([can_link])
    AS_VAR_POPDEF([can_compile])
602
603
604
    TOR_CHECK_CFLAGS(-Wstack-protector)
    TOR_CHECK_CFLAGS(-fwrapv)
    TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
605
606
607
608
    if test "$bwin32" = "false"; then
       TOR_CHECK_CFLAGS(-fPIE)
       TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
    fi
609
fi
610

611
612
613
if test x$enable_linker_hardening != xno; then
    TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
fi
614
615

dnl ------------------------------------------------------
616
617
618
619
620
621
622
623
624
625
626
627
dnl Now see if we have a -fomit-frame-pointer compiler option.

saved_CFLAGS="$CFLAGS"
TOR_CHECK_CFLAGS(-fomit-frame-pointer)
if test "$saved_CFLAGS" != "$CFLAGS"; then
  F_OMIT_FRAME_POINTER='-fomit-frame-pointer'
else
  F_OMIT_FRAME_POINTER=''
fi
CFLAGS="$saved_CFLAGS"
AC_SUBST(F_OMIT_FRAME_POINTER)

628
629
630
631
632
633
dnl ------------------------------------------------------
dnl Where do you live, libnatpmp?  And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch

if test "$natpmp" = "true"; then
    AC_DEFINE(NAT_PMP, 1, [Define to 1 if we are building with nat-pmp.])
Steven Murdoch's avatar
Steven Murdoch committed
634
    TOR_SEARCH_LIBRARY(libnatpmp, $trylibnatpmpdir, [-lnatpmp $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
635
        [#include <natpmp.h>],
636
        [#ifdef _WIN32
Steven Murdoch's avatar
Steven Murdoch committed
637
638
639
         #define STATICLIB
         #endif
         #include <natpmp.h>],
640
641
642
        [   int r;
            natpmp_t natpmp;
            natpmpresp_t response;
643
            r = initnatpmp(&natpmp, 0, 0);],
644
645
646
647
648
649
650
651
652
653
654
655
            [printf("initnatpmp() returned %d (%s)\n", r, r?"FAILED":"SUCCESS");
            exit(0);],
        [--with-libnatpmp-dir],
        [/usr/lib/])
fi


dnl ------------------------------------------------------
dnl Where do you live, libminiupnpc?  And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch

if test "$upnp" = "true"; then
656
    AC_DEFINE(MINIUPNPC, 1, [Define to 1 if we are building with UPnP.])
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684

    dnl Before we call TOR_SEARCH_LIBRARY we'll do a quick compile test
    dnl to see if we have miniupnpc-1.5 or -1.6
    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <miniupnpc/miniupnpc.h>],
        [upnpDiscover(1, 0, 0, 0);exit(0);])],[miniupnpc15="true"],[miniupnpc15="false"])

    if test "$miniupnpc15" = "true" ; then
        AC_DEFINE([MINIUPNPC15],[1],[libminiupnpc version 1.5 found])
        TOR_SEARCH_LIBRARY(libminiupnpc, $trylibminiupnpcdir, [-lminiupnpc $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
            [#include <miniupnpc/miniwget.h>
             #include <miniupnpc/miniupnpc.h>
             #include <miniupnpc/upnpcommands.h>],
            [void upnpDiscover(int delay, const char * multicastif,
             const char * minissdpdsock, int sameport);],
            [upnpDiscover(1, 0, 0, 0); exit(0);],
            [--with-libminiupnpc-dir],
            [/usr/lib/])
    else
        TOR_SEARCH_LIBRARY(libminiupnpc, $trylibminiupnpcdir, [-lminiupnpc $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
            [#include <miniupnpc/miniwget.h>
             #include <miniupnpc/miniupnpc.h>
             #include <miniupnpc/upnpcommands.h>],
            [void upnpDiscover(int delay, const char * multicastif,
             const char * minissdpdsock, int sameport, int ipv6, int * error);],
            [upnpDiscover(1, 0, 0, 0, 0, 0); exit(0);],
            [--with-libminiupnpc-dir],
            [/usr/lib/])
    fi
685
686
fi

687
688
689
690
691
692
dnl ============================================================
dnl Check for libseccomp

AC_CHECK_HEADERS([seccomp.h])
AC_SEARCH_LIBS(seccomp_init, [seccomp])

693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
dnl ============================================================
dnl We need an implementation of curve25519.

dnl set these defaults.
have_a_curve25519=no
build_curve25519_donna=no
build_curve25519_donna_c64=no
use_curve25519_donna=no
use_curve25519_nacl=no
CURVE25519_LIBS=

if test x$enable_curve25519 != xno; then

  dnl The best choice is using curve25519-donna-c64, but that requires
  dnl that we
  AC_CACHE_CHECK([whether we can use curve25519-donna-c64],
    tor_cv_can_use_curve25519_donna_c64,
    [AC_RUN_IFELSE(
      [AC_LANG_PROGRAM([dnl
        #include <stdint.h>
        typedef unsigned uint128_t __attribute__((mode(TI)));
714
715
716
	int func(uint64_t a, uint64_t b) {
  	     uint128_t c = ((uint128_t)a) * b;
             int ok = ((uint64_t)(c>>96)) == 522859 &&
717
718
719
	           (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                   (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                   (((uint64_t)(c))&0xffffffffL) == 0;
720
721
             return ok;
        }
722
	], [dnl
723
724
	  int ok = func( ((uint64_t)2000000000) * 1000000000,
	  	         ((uint64_t)1234567890) << 24);
725
          return !ok;
726
727
728
729
730
        ])],
	[tor_cv_can_use_curve25519_donna_c64=yes],
        [tor_cv_can_use_curve25519_donna_c64=no],
	[AC_COMPILE_IFELSE(
          [AC_LANG_PROGRAM([dnl
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
        #include <stdint.h>
        typedef unsigned uint128_t __attribute__((mode(TI)));
	int func(uint64_t a, uint64_t b) {
  	     uint128_t c = ((uint128_t)a) * b;
             int ok = ((uint64_t)(c>>96)) == 522859 &&
	           (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                   (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                   (((uint64_t)(c))&0xffffffffL) == 0;
             return ok;
        }
	], [dnl
	  int ok = func( ((uint64_t)2000000000) * 1000000000,
	  	         ((uint64_t)1234567890) << 24);
          return !ok;
        ])],
746
747
748
            [tor_cv_can_use_curve25519_donna_c64=cross],
	    [tor_cv_can_use_curve25519_donna_c64=no])])])

749
750
751
  AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \
                    nacl/crypto_scalarmult_curve25519.h])

752
  AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation],
753
754
755
756
757
    tor_cv_can_use_curve25519_nacl,
    [tor_saved_LIBS="$LIBS"
     LIBS="$LIBS -lnacl"
     AC_LINK_IFELSE(
       [AC_LANG_PROGRAM([dnl
758
         #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H
759
         #include <crypto_scalarmult_curve25519.h>
760
761
762
	 #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H)
	 #include <nacl/crypto_scalarmult_curve25519.h>
	 #endif
763
         #ifdef crypto_scalarmult_curve25519_ref_BYTES
764
	 #error Hey, this is the reference implementation! That's not fast.
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
	 #endif
       ], [
	 unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c);
       ])], [tor_cv_can_use_curve25519_nacl=yes],
       [tor_cv_can_use_curve25519_nacl=no])
     LIBS="$tor_saved_LIBS" ])

   dnl Okay, now we need to figure out which one to actually use. Fall back
   dnl to curve25519-donna.c

   if test x$tor_cv_can_use_curve25519_donna_c64 != xno; then
     build_curve25519_donna_c64=yes
     use_curve25519_donna=yes
   elif test x$tor_cv_can_use_curve25519_nacl = xyes; then
     use_curve25519_nacl=yes
     CURVE25519_LIBS=-lnacl
   else
     build_curve25519_donna=yes
     use_curve25519_donna=yes
   fi
   have_a_curve25519=yes
fi

if test x$have_a_curve25519 = xyes; then
  AC_DEFINE(CURVE25519_ENABLED, 1,
            [Defined if we have a curve25519 implementation])
fi
if test x$use_curve25519_donna = xyes; then
  AC_DEFINE(USE_CURVE25519_DONNA, 1,
            [Defined if we should use an internal curve25519_donna{,_c64} implementation])
fi
if test x$use_curve25519_nacl = xyes; then
  AC_DEFINE(USE_CURVE25519_NACL, 1,
            [Defined if we should use a curve25519 from nacl])
fi
AM_CONDITIONAL(BUILD_CURVE25519_DONNA, test x$build_curve25519_donna = xyes)
AM_CONDITIONAL(BUILD_CURVE25519_DONNA_C64, test x$build_curve25519_donna_c64 = xyes)
AM_CONDITIONAL(CURVE25519_ENABLED, test x$have_a_curve25519 = xyes)
AC_SUBST(CURVE25519_LIBS)

805
dnl Make sure to enable support for large off_t if available.
806
807
AC_SYS_LARGEFILE

808
809
810
811
812
813
814
815
816
817
818
819
820
AC_CHECK_HEADERS(
        assert.h \
        errno.h \
        fcntl.h \
        signal.h \
        string.h \
        sys/fcntl.h \
        sys/stat.h \
        sys/time.h \
        sys/types.h \
        time.h \
        unistd.h
 , , AC_MSG_WARN(Some headers were not found, compilation may fail.  If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
821

822
823
dnl These headers are not essential

824
825
AC_CHECK_HEADERS(
        arpa/inet.h \
826
        crt_externs.h \
827
        grp.h \
Sebastian Hahn's avatar
Sebastian Hahn committed
828
        ifaddrs.h \
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
        inttypes.h \
        limits.h \
        linux/types.h \
        machine/limits.h \
        malloc.h \
        malloc/malloc.h \
        malloc_np.h \
        netdb.h \
        netinet/in.h \
        netinet/in6.h \
        pwd.h \
        stdint.h \
        sys/file.h \
        sys/ioctl.h \
        sys/limits.h \
        sys/mman.h \
        sys/param.h \
        sys/prctl.h \
        sys/resource.h \
        sys/socket.h \
        sys/syslimits.h \
        sys/time.h \
        sys/types.h \
        sys/un.h \
        sys/utime.h \
        sys/wait.h \
        syslog.h \
        utime.h
)
858

859
860
AC_CHECK_HEADERS(sys/param.h)

861
AC_CHECK_HEADERS(net/if.h, net_if_found=1, net_if_found=0,
862
863
864
865
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
866
867
#include <sys/socket.h>
#endif])
868
AC_CHECK_HEADERS(net/pfvar.h, net_pfvar_found=1, net_pfvar_found=0,
869
870
871
872
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
873
#include <sys/socket.h>
874
875
876
#endif
#ifdef HAVE_NET_IF_H
#include <net/if.h>
877
#endif])
878
AC_CHECK_HEADERS(linux/netfilter_ipv4.h,
879
        linux_netfilter_ipv4=1, linux_netfilter_ipv4=0,
880
881
882
883
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
884
#include <sys/socket.h>
885
#endif
886
887
888
889
890
891
892
893
894
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif
#ifdef HAVE_LINUX_TYPES_H
#include <linux/types.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
895
896
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
897
#endif])
898
899
900

if test x$transparent = xtrue ; then
   transparent_ok=0
901
   if test x$net_if_found = x1 && test x$net_pfvar_found = x1 ; then
902
903
904
905
906
     transparent_ok=1
   fi
   if test x$linux_netfilter_ipv4 = x1 ; then
     transparent_ok=1
   fi
907
   if test x$transparent_ok = x1 ; then
908
909
     AC_DEFINE(USE_TRANSPARENT, 1, "Define to enable transparent proxy support")
     case $host in
910
       *-*-openbsd* | *-*-bitrig*)
911
912
913
914
915
916
917
         AC_DEFINE(OPENBSD, 1, "Define to handle pf on OpenBSD properly") ;;
     esac
   else
     AC_MSG_NOTICE([Transparent proxy support enabled, but missing headers.])
   fi
fi

918
919
920
921
922
923
924
AC_CHECK_MEMBERS([struct timeval.tv_sec], , ,
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif])
925

926
927
928
dnl In case we aren't given a working stdint.h, we'll need to grow our own.
dnl Watch out.

929
930
931
932
933
934
935
936
AC_CHECK_SIZEOF(int8_t)
AC_CHECK_SIZEOF(int16_t)
AC_CHECK_SIZEOF(int32_t)
AC_CHECK_SIZEOF(int64_t)
AC_CHECK_SIZEOF(uint8_t)
AC_CHECK_SIZEOF(uint16_t)
AC_CHECK_SIZEOF(uint32_t)
AC_CHECK_SIZEOF(uint64_t)
937
938
AC_CHECK_SIZEOF(intptr_t)
AC_CHECK_SIZEOF(uintptr_t)
939

940
dnl AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t, uint8_t, uint16_t, uint32_t, uint64_t, intptr_t, uintptr_t])
941

942
943
944
945
946
947
AC_CHECK_SIZEOF(char)
AC_CHECK_SIZEOF(short)
AC_CHECK_SIZEOF(int)
AC_CHECK_SIZEOF(long)
AC_CHECK_SIZEOF(long long)
AC_CHECK_SIZEOF(__int64)
948
AC_CHECK_SIZEOF(void *)
949
AC_CHECK_SIZEOF(time_t)
950
AC_CHECK_SIZEOF(size_t)
951
AC_CHECK_SIZEOF(pid_t)
952

953
AC_CHECK_TYPES([uint, u_char, ssize_t])
954

955
956
dnl used to include sockaddr_storage, but everybody has that.
AC_CHECK_TYPES([struct in6_addr, struct sockaddr_in6, sa_family_t], , ,
957
958
959
960
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
961
962
963
964
965
966
967
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
968
#endif
969
#ifdef _WIN32
970
#define _WIN32_WINNT 0x0501
971
972
973
974
975
976
977
978
979
#define WIN32_LEAN_AND_MEAN
#if defined(_MSC_VER) && (_MSC_VER < 1300)
#include <winsock.h>
#else
#include <winsock2.h>
#include <ws2tcpip.h>
#endif
#endif
])
980
AC_CHECK_MEMBERS([struct in6_addr.s6_addr32, struct in6_addr.s6_addr16, struct sockaddr_in.sin_len, struct sockaddr_in6.sin6_len], , ,
981
982
983
984
985
986
987
988
989
990
991
992
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
993
#ifdef _WIN32
994
#define _WIN32_WINNT 0x0501
995
996
997
998
999
1000
#define WIN32_LEAN_AND_MEAN
#if defined(_MSC_VER) && (_MSC_VER < 1300)
#include <winsock.h>
#else
#include <winsock2.h>
#include <ws2tcpip.h>
For faster browsing, not all history is shown. View entire blame