configure.ac 52.2 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
dnl Copyright (c) 2001-2004, Roger Dingledine
2
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
3
dnl Copyright (c) 2007-2015, The Tor Project, Inc.
Nick Mathewson's avatar
Nick Mathewson committed
4
dnl See LICENSE for licensing information
5

6
AC_INIT([tor],[0.2.8.1-alpha])
Stewart Smith's avatar
Stewart Smith committed
7
AC_CONFIG_SRCDIR([src/or/main.c])
8
AC_CONFIG_MACRO_DIR([m4])
Stewart Smith's avatar
Stewart Smith committed
9
AM_INIT_AUTOMAKE
10
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
11
AC_CONFIG_HEADERS([orconfig.h])
12

13
14
AC_CANONICAL_HOST

15
16
PKG_PROG_PKG_CONFIG

17
if test -f /etc/redhat-release ; then
18
  if test -f /usr/kerberos/include ; then
19
    CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include"
20
  fi
21
fi
22

23
24
# Not a no-op; we want to make sure that CPPFLAGS is set before we use
# the += operator on it in src/or/Makefile.am
25
CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common"
26

27
#XXXX020 We should make these enabled or not, before 0.2.0.x-final
28
AC_ARG_ENABLE(openbsd-malloc,
29
   AS_HELP_STRING(--enable-openbsd-malloc, [use malloc code from OpenBSD.  Linux only]))
30
AC_ARG_ENABLE(instrument-downloads,
31
   AS_HELP_STRING(--enable-instrument-downloads, [instrument downloads of directory resources etc.]))
32
AC_ARG_ENABLE(static-openssl,
33
   AS_HELP_STRING(--enable-static-openssl, [link against a static openssl library. Requires --with-openssl-dir]))
34
AC_ARG_ENABLE(static-libevent,
35
   AS_HELP_STRING(--enable-static-libevent, [link against a static libevent library. Requires --with-libevent-dir]))
36
AC_ARG_ENABLE(static-zlib,
37
   AS_HELP_STRING(--enable-static-zlib, [link against a static zlib library. Requires --with-zlib-dir]))
38
AC_ARG_ENABLE(static-tor,
39
   AS_HELP_STRING(--enable-static-tor, [create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir]))
40
AC_ARG_ENABLE(unittests,
41
   AS_HELP_STRING(--disable-unittests, [don't build unit tests for Tor. Risky!]))
42
AC_ARG_ENABLE(coverage,
43
   AS_HELP_STRING(--enable-coverage, [enable coverage support in the unit-test build]))
44
45
AC_ARG_ENABLE(asserts-in-tests,
   AS_HELP_STRING(--disable-asserts-in-tests, [disable tor_assert() calls in the unit tests, for branch coverage]))
46
AC_ARG_ENABLE(system-torrc,
47
   AS_HELP_STRING(--disable-system-torrc, [don't look for a system-wide torrc file]))
48

49
50
51
52
53
if test x$enable_coverage != xyes -a x$enable_asserts_in_tests = xno ; then
    AC_MSG_ERROR([Can't disable assertions outside of coverage build])
fi


54
55
AM_CONDITIONAL(UNITTESTS_ENABLED, test x$enable_unittests != xno)
AM_CONDITIONAL(COVERAGE_ENABLED, test x$enable_coverage = xyes)
56
AM_CONDITIONAL(DISABLE_ASSERTS_IN_UNIT_TESTS, test x$enable_asserts_in_tests = xno)
57

58
59
60
61
62
63
if test "$enable_static_tor" = "yes"; then
  enable_static_libevent="yes";
  enable_static_openssl="yes";
  enable_static_zlib="yes";
  CFLAGS="$CFLAGS -static"
fi
64

65
66
67
68
69
if test "$enable_system_torrc" = "no"; then
  AC_DEFINE(DISABLE_SYSTEM_TORRC, 1,
            [Defined if we're not going to look for a torrc in SYSCONF])
fi

70
AM_CONDITIONAL(USE_OPENBSD_MALLOC, test x$enable_openbsd_malloc = xyes)
71
if test x$enable_instrument_downloads = xyes; then
72
73
74
  AC_DEFINE(INSTRUMENT_DOWNLOADS, 1,
            [Defined if we want to keep track of how much of each kind of resource we download.])
fi
75

76
AC_ARG_ENABLE(transparent,
77
     AS_HELP_STRING(--disable-transparent, [disable transparent proxy support]),
78
79
80
81
82
83
     [case "${enableval}" in
        yes) transparent=true ;;
        no)  transparent=false ;;
        *) AC_MSG_ERROR(bad value for --enable-transparent) ;;
      esac], [transparent=true])

84
AC_ARG_ENABLE(asciidoc,
85
     AS_HELP_STRING(--disable-asciidoc, [don't use asciidoc (disables building of manpages)]),
86
87
88
89
90
91
     [case "${enableval}" in
        yes) asciidoc=true ;;
        no)  asciidoc=false ;;
        *) AC_MSG_ERROR(bad value for --disable-asciidoc) ;;
      esac], [asciidoc=true])

92
93
# systemd notify support
AC_ARG_ENABLE(systemd,
94
      AS_HELP_STRING(--enable-systemd, [enable systemd notification support]),
95
96
97
98
99
100
101
102
103
      [case "${enableval}" in
        yes) systemd=true ;;
        no)  systemd=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-systemd) ;;
      esac], [systemd=auto])



# systemd support
104
if test x$enable_systemd = xno ; then
105
106
107
108
109
110
    have_systemd=no;
else
    PKG_CHECK_MODULES(SYSTEMD,
        [libsystemd-daemon],
        have_systemd=yes,
        have_systemd=no)
111
112
113
114
115
116
117
    if test x$have_systemd=xno; then
        AC_MSG_NOTICE([Okay, checking for systemd a different way...])
        PKG_CHECK_MODULES(SYSTEMD,
            [libsystemd],
            have_systemd=yes,
            have_systemd=no)
    fi
118
119
120
121
fi

if test x$have_systemd = xyes; then
    AC_DEFINE(HAVE_SYSTEMD,1,[Have systemd])
122
    TOR_SYSTEMD_CFLAGS="${SYSTEMD_CFLAGS}"
123
    TOR_SYSTEMD_LIBS="${SYSTEMD_LIBS}"
124
    PKG_CHECK_MODULES(LIBSYSTEMD209, [libsystemd >= 209],
125
         [AC_DEFINE(HAVE_SYSTEMD_209,1,[Have systemd v209 or more])], [])
126
fi
127
AC_SUBST(TOR_SYSTEMD_CFLAGS)
128
129
130
131
132
133
AC_SUBST(TOR_SYSTEMD_LIBS)

if test x$enable_systemd = xyes -a x$have_systemd != xyes ; then
    AC_MSG_ERROR([Explicitly requested systemd support, but systemd not found])
fi

134
135
136
137
138
139
case $host in
   *-*-solaris* )
     AC_DEFINE(_REENTRANT, 1, [Define on some platforms to activate x_r() functions in time.h])
     ;;
esac

140
AC_ARG_ENABLE(gcc-warnings,
141
     AS_HELP_STRING(--enable-gcc-warnings, [enable verbose warnings]))
142
143
AC_ARG_ENABLE(gcc-warnings-advisory,
     AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
144

145
146
dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
AC_ARG_ENABLE(gcc-hardening,
147
    AS_HELP_STRING(--disable-gcc-hardening, [disable compiler security checks]))
148

149
AC_ARG_ENABLE(expensive-hardening,
150
    AS_HELP_STRING(--enable-expensive-hardening, [enable more expensive compiler hardening; makes Tor slower]))
151

152
153
154
dnl Linker hardening options
dnl Currently these options are ELF specific - you can't use this with MacOSX
AC_ARG_ENABLE(linker-hardening,
155
    AS_HELP_STRING(--disable-linker-hardening, [disable linker security fixups]))
156

157
AC_ARG_ENABLE(local-appdata,
158
   AS_HELP_STRING(--enable-local-appdata, [default to host local application data paths on Windows]))
159
160
161
162
163
if test "$enable_local_appdata" = "yes"; then
  AC_DEFINE(ENABLE_LOCAL_APPDATA, 1,
            [Defined if we default to host local appdata paths on Windows])
fi

164
165
# Tor2web mode flag
AC_ARG_ENABLE(tor2web-mode,
166
     AS_HELP_STRING(--enable-tor2web-mode, [support tor2web non-anonymous mode]),
167
168
169
170
[if test x$enableval = xyes; then
    CFLAGS="$CFLAGS -D ENABLE_TOR2WEB_MODE=1"
fi])

171
AC_ARG_ENABLE(bufferevents,
172
     AS_HELP_STRING(--enable-bufferevents, [use Libevent's buffered IO]))
173

174
AC_ARG_ENABLE(tool-name-check,
175
     AS_HELP_STRING(--disable-tool-name-check, [check for sanely named toolchain when cross-compiling]))
176

177
AC_ARG_ENABLE(seccomp,
178
     AS_HELP_STRING(--disable-seccomp, [do not attempt to use libseccomp]))
179

180
AC_ARG_ENABLE(libscrypt,
181
     AS_HELP_STRING(--disable-libscrypt, [do not attempt to use libscrypt]))
182

183
184
185
186
187
188
dnl check for the correct "ar" when cross-compiling
AN_MAKEVAR([AR], [AC_PROG_AR])
AN_PROGRAM([ar], [AC_PROG_AR])
AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])])
AC_PROG_AR

189
190
191
192
193
194
195
196
197
198
199
200
201
202
dnl Check whether the above macro has settled for a simply named tool even
dnl though we're cross compiling. We must do this before running AC_PROG_CC,
dnl because that will find any cc on the system, not only the cross-compiler,
dnl and then verify that a binary built with this compiler runs on the
dnl build system. It will then come to the false conclusion that we're not
dnl cross-compiling.
if test x$enable_tool_name_check != xno; then
    if test x$ac_tool_warned = xyes; then
        AC_MSG_ERROR([We are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
	elif test "x$ac_ct_AR" != x -a x$cross_compiling = xmaybe; then
		AC_MSG_ERROR([We think we are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
	fi
fi

203
AC_PROG_CC
204
AC_PROG_CPP
205
206
AC_PROG_MAKE_SET
AC_PROG_RANLIB
207

208
209
AC_PATH_PROG([PERL], [perl])

210
211
dnl autoconf 2.59 appears not to support AC_PROG_SED
AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
212

213
214
dnl check for asciidoc and a2x
AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
215
AC_PATH_PROGS([A2X], [a2x a2x.py], none)
216
217

AM_CONDITIONAL(USE_ASCIIDOC, test x$asciidoc = xtrue)
218

219
220
221
222
AM_CONDITIONAL(USE_FW_HELPER, test x$natpmp = xtrue || test x$upnp = xtrue)
AM_CONDITIONAL(NAT_PMP, test x$natpmp = xtrue)
AM_CONDITIONAL(MINIUPNPC, test x$upnp = xtrue)
AM_PROG_CC_C_O
223
AC_PROG_CC_C99
224

225
AC_ARG_VAR([PYTHON], [path to Python binary])
226
AC_CHECK_PROGS(PYTHON, [python python2 python2.7 python3 python3.3])
227
228
229
230
231
if test "x$PYTHON" = "x"; then
  AC_MSG_WARN([Python unavailable; some tests will not be run.])
fi
AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"])

232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
AC_C_FLEXIBLE_ARRAY_MEMBER
], [
 dnl Maybe we've got an old autoconf...
 AC_CACHE_CHECK([for flexible array members],
     tor_cv_c_flexarray,
     [AC_COMPILE_IFELSE(
       AC_LANG_PROGRAM([
 struct abc { int a; char b[]; };
], [
 struct abc *def = malloc(sizeof(struct abc)+sizeof(char));
 def->b[0] = 33;
]),
  [tor_cv_c_flexarray=yes],
  [tor_cv_c_flexarray=no])])
 if test $tor_cv_flexarray = yes ; then
248
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
249
 else
250
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [1], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
251
252
253
 fi
])

254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
AC_CACHE_CHECK([for working C99 mid-block declaration syntax],
      tor_cv_c_c99_decl,
      [AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([], [int x; x = 3; int y; y = 4 + x;])],
	 [tor_cv_c_c99_decl=yes],
	 [tor_cv_c_c99_decl=no] )])
if test "$tor_cv_c_c99_decl" != "yes"; then
  AC_MSG_ERROR([Your compiler doesn't support c99 mid-block declarations. This is required as of Tor 0.2.6.x])
fi

AC_CACHE_CHECK([for working C99 designated initializers],
      tor_cv_c_c99_designated_init,
      [AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([struct s { int a; int b; };],
  	       [[ struct s ss = { .b = 5, .a = 6 }; ]])],
	 [tor_cv_c_c99_designated_init=yes],
	 [tor_cv_c_c99_designated_init=no] )])

if test "$tor_cv_c_c99_designated_init" != "yes"; then
  AC_MSG_ERROR([Your compiler doesn't support c99 designated initializers. This is required as of Tor 0.2.6.x])
fi

276
277
TORUSER=_tor
AC_ARG_WITH(tor-user,
278
        AS_HELP_STRING(--with-tor-user=NAME, [specify username for tor daemon]),
279
280
281
282
283
284
285
286
        [
           TORUSER=$withval
        ]
)
AC_SUBST(TORUSER)

TORGROUP=_tor
AC_ARG_WITH(tor-group,
287
        AS_HELP_STRING(--with-tor-group=NAME, [specify group name for tor daemon]),
288
289
290
291
292
293
        [
           TORGROUP=$withval
        ]
)
AC_SUBST(TORGROUP)

294

295
dnl If _WIN32 is defined and non-zero, we are building for win32
296
AC_MSG_CHECKING([for win32])
297
AC_RUN_IFELSE([AC_LANG_SOURCE([
298
int main(int c, char **v) {
299
300
#ifdef _WIN32
#if _WIN32
301
302
303
304
305
306
307
  return 0;
#else
  return 1;
#endif
#else
  return 2;
#endif
308
}])],
309
bwin32=true; AC_MSG_RESULT([yes]),
310
311
bwin32=false; AC_MSG_RESULT([no]),
bwin32=cross; AC_MSG_RESULT([cross])
312
313
)

314
if test "$bwin32" = cross; then
315
AC_MSG_CHECKING([for win32 (cross)])
316
AC_COMPILE_IFELSE([AC_LANG_SOURCE([
317
#ifdef _WIN32
318
319
320
321
322
int main(int c, char **v) {return 0;}
#else
#error
int main(int c, char **v) {return x(y);}
#endif
323
])],
324
325
326
327
bwin32=true; AC_MSG_RESULT([yes]),
bwin32=false; AC_MSG_RESULT([no]))
fi

328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
AH_BOTTOM([
#ifdef _WIN32
/* Defined to access windows functions and definitions for >=WinXP */
# ifndef WINVER
#  define WINVER 0x0501
# endif

/* Defined to access _other_ windows functions and definitions for >=WinXP */
# ifndef _WIN32_WINNT
#  define _WIN32_WINNT 0x0501
# endif

/* Defined to avoid including some windows headers as part of Windows.h */
# ifndef WIN32_LEAN_AND_MEAN
#  define WIN32_LEAN_AND_MEAN 1
# endif
#endif
])

Nick Mathewson's avatar
Nick Mathewson committed
347

348
AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
349

350
351
dnl Enable C99 when compiling with MIPSpro
AC_MSG_CHECKING([for MIPSpro compiler])
352
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(, [
353
354
355
356
#if (defined(__sgi) && defined(_COMPILER_VERSION))
#error
  return x(y);
#endif
357
])],
358
bmipspro=false; AC_MSG_RESULT(no),
359
bmipspro=true; AC_MSG_RESULT(yes))
360

361
if test "$bmipspro" = true; then
362
363
364
  CFLAGS="$CFLAGS -c99"
fi

365
366
AC_C_BIGENDIAN

367
AC_SEARCH_LIBS(socket, [socket network])
368
AC_SEARCH_LIBS(gethostbyname, [nsl])
369
AC_SEARCH_LIBS(dlopen, [dl])
370
AC_SEARCH_LIBS(inet_aton, [resolv])
371
AC_SEARCH_LIBS(backtrace, [execinfo])
372
373
374
375
376
377
saved_LIBS="$LIBS"
AC_SEARCH_LIBS([clock_gettime], [rt])
if test "$LIBS" != "$saved_LIBS"; then
   # Looks like we need -lrt for clock_gettime().
   have_rt=yes
fi
378

379
380
AC_SEARCH_LIBS(pthread_create, [pthread])
AC_SEARCH_LIBS(pthread_detach, [pthread])
381

382
383
AM_CONDITIONAL(THREADS_WIN32, test "$bwin32" = "true")
AM_CONDITIONAL(THREADS_PTHREADS, test "$bwin32" = "false")
384

385
AC_CHECK_FUNCS(
386
        _NSGetEnviron \
387
388
	RtlSecureZeroMemory \
	SecureZeroMemory \
Sebastian Hahn's avatar
Sebastian Hahn committed
389
        accept4 \
Nick Mathewson's avatar
Nick Mathewson committed
390
391
        backtrace \
        backtrace_symbols_fd \
Sebastian Hahn's avatar
Sebastian Hahn committed
392
        clock_gettime \
393
	eventfd \
394
	explicit_bzero \
395
	timingsafe_memcmp \
396
397
398
        flock \
        ftime \
        getaddrinfo \
399
        getentropy \
Sebastian Hahn's avatar
Sebastian Hahn committed
400
        getifaddrs \
401
        getpass \
402
403
404
        getrlimit \
        gettimeofday \
        gmtime_r \
405
	htonll \
406
        inet_aton \
Sebastian Hahn's avatar
Sebastian Hahn committed
407
        ioctl \
408
        issetugid \
409
        llround \
410
        localtime_r \
Sebastian Hahn's avatar
Sebastian Hahn committed
411
        lround \
412
        memmem \
413
        memset_s \
414
415
	pipe \
	pipe2 \
416
        prctl \
417
	readpassphrase \
Sebastian Hahn's avatar
Sebastian Hahn committed
418
        rint \
Nick Mathewson's avatar
Nick Mathewson committed
419
        sigaction \
420
        socketpair \
421
	statvfs \
422
423
        strlcat \
        strlcpy \
424
	strnlen \
425
426
427
428
        strptime \
        strtok_r \
        strtoull \
        sysconf \
429
	sysctl \
430
        uname \
431
	usleep \
432
        vasprintf \
433
	_vscprintf
434
)
435

436
if test "$bwin32" != true; then
437
438
  AC_CHECK_HEADERS(pthread.h)
  AC_CHECK_FUNCS(pthread_create)
439
  AC_CHECK_FUNCS(pthread_condattr_setclock)
440
441
fi

442
443
444
445
446
447
448
449
if test "$bwin32" = true; then
  AC_CHECK_DECLS([SecureZeroMemory, _getwch], , , [
#include <windows.h>
#include <conio.h>
#include <wchar.h>
                 ])
fi

450
451
AM_CONDITIONAL(BUILD_READPASSPHRASE_C, test x$ac_cv_func_readpassphrase = xno && test $bwin32 = false)

452
dnl ------------------------------------------------------
453
dnl Where do you live, libevent?  And how do we call you?
454

455
if test "$bwin32" = true; then
456
  TOR_LIB_WS32=-lws2_32
457
  TOR_LIB_IPHLPAPI=-liphlpapi
458
459
  # Some of the cargo-cults recommend -lwsock32 as well, but I don't
  # think it's actually necessary.
460
  TOR_LIB_GDI=-lgdi32
Nick Mathewson's avatar
   
Nick Mathewson committed
461
else
462
463
  TOR_LIB_WS32=
  TOR_LIB_GDI=
Nick Mathewson's avatar
   
Nick Mathewson committed
464
fi
465
466
AC_SUBST(TOR_LIB_WS32)
AC_SUBST(TOR_LIB_GDI)
467
AC_SUBST(TOR_LIB_IPHLPAPI)
Nick Mathewson's avatar
   
Nick Mathewson committed
468

469
tor_libevent_pkg_redhat="libevent"
470
tor_libevent_pkg_debian="libevent-dev"
471
472
473
tor_libevent_devpkg_redhat="libevent-devel"
tor_libevent_devpkg_debian="libevent-dev"

474
475
476
477
478
479
480
481
482
483
dnl On Gnu/Linux or any place we require it, we'll add librt to the Libevent
dnl linking for static builds.
STATIC_LIBEVENT_FLAGS=""
if test "$enable_static_libevent" = "yes"; then
    if test "$have_rt" = yes; then
      STATIC_LIBEVENT_FLAGS=" -lrt "
    fi
fi

TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32], [
484
#ifdef _WIN32
485
486
#include <winsock2.h>
#endif
487
#include <stdlib.h>
488
#include <sys/time.h>
Roger Dingledine's avatar
Roger Dingledine committed
489
#include <sys/types.h>
490
#include <event.h>], [
491
#ifdef _WIN32
492
493
494
#include <winsock2.h>
#endif
void exit(int); void *event_init(void);],
495
    [
496
#ifdef _WIN32
497
{WSADATA d; WSAStartup(0x101,&d); }
498
499
500
#endif
event_init(); exit(0);
], [--with-libevent-dir], [/opt/libevent])
501

502
dnl Now check for particular libevent functions.
503
504
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
505
save_CPPFLAGS="$CPPFLAGS"
506
LIBS="-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $LIBS"
507
LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
508
CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
509
AC_CHECK_FUNCS([event_get_version_number \
510
                evutil_secure_rng_set_urandom_device_file \
511
                evutil_secure_rng_init \
512
               ])
513
514
515
516
AC_CHECK_MEMBERS([struct event.min_heap_idx], , ,
[#include <event.h>
])

517
AC_CHECK_HEADERS(event2/event.h event2/dns.h event2/bufferevent_ssl.h)
518

519
LIBS="$STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $save_LIBS"
520

521
522
AM_CONDITIONAL(USE_EXTERNAL_EVDNS, test x$ac_cv_header_event2_dns_h = xyes)

523
524
525
526
if test "$enable_static_libevent" = "yes"; then
   if test "$tor_cv_library_libevent_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent")
   else
527
     TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent.a $STATIC_LIBEVENT_FLAGS"
528
529
   fi
else
530
     if test "x$ac_cv_header_event2_event_h" = "xyes"; then
Nick Mathewson's avatar
Nick Mathewson committed
531
532
       AC_SEARCH_LIBS(event_new, [event event_core], , AC_MSG_ERROR("libevent2 is installed but linking it failed while searching for event_new"))
       AC_SEARCH_LIBS(evdns_base_new, [event event_extra], , AC_MSG_ERROR("libevent2 is installed but linking it failed while searching for evdns_base_new"))
533

534
       if test "$ac_cv_search_event_new" != "none required"; then
535
536
         TOR_LIBEVENT_LIBS="$ac_cv_search_event_new"
       fi
537
       if test "$ac_cv_search_evdns_base_new" != "none required"; then
538
539
540
541
542
         TOR_LIBEVENT_LIBS="$ac_cv_search_evdns_base_new $TOR_LIBEVENT_LIBS"
       fi
     else
       TOR_LIBEVENT_LIBS="-levent"
     fi
543
544
fi

545
546
547
548
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

549
550
dnl This isn't the best test for Libevent 2.0.3-alpha.  Once it's released,
dnl we can do much better.
551
552
if test "$enable_bufferevents" = "yes" ; then
  if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes" ; then
553
    AC_MSG_ERROR([You've asked for bufferevent support, but you're using a version of Libevent without SSL support.  This won't work.  We need Libevent 2.0.8-rc or later, and you don't seem to even have Libevent 2.0.3-alpha.])
554
555
556
557
558
559
  else

    CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent"

    # Check for the right version.  First see if version detection works.
    AC_MSG_CHECKING([whether we can detect the Libevent version])
560
    AC_COMPILE_IFELSE([AC_LANG_SOURCE([
561
562
563
564
565
566
567
#include <event2/event.h>
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 10
#error
int x = y(zz);
#else
int x = 1;
#endif
568
  ])], [event_version_number_works=yes; AC_MSG_RESULT([yes]) ],
569
570
571
572
573
     [event_version_number_works=no;  AC_MSG_RESULT([no])])
    if test "$event_version_number_works" != 'yes'; then
      AC_MSG_WARN([Version detection on Libevent seems broken.  Your Libevent installation is probably screwed up or very old.])
    else
      AC_MSG_CHECKING([whether Libevent is new enough for bufferevents])
574
      AC_COMPILE_IFELSE([AC_LANG_SOURCE([
575
#include <event2/event.h>
576
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000d00
577
578
579
580
581
#error
int x = y(zz);
#else
int x = 1;
#endif
582
   ])], [ AC_MSG_RESULT([yes]) ],
583
      [ AC_MSG_RESULT([no])
584
        AC_MSG_ERROR([Libevent does not seem new enough to support bufferevents.  We require 2.0.13-stable or later]) ] )
585
586
    fi
  fi
587
588
fi

589
590
591
592
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

593
594
AM_CONDITIONAL(USE_BUFFEREVENTS, test "$enable_bufferevents" = "yes")
if test "$enable_bufferevents" = "yes"; then
595
596
597
598
599
600
  AC_DEFINE(USE_BUFFEREVENTS, 1, [Defined if we're going to use Libevent's buffered IO API])
  if test "$enable_static_libevent" = "yes"; then
    TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS"
  else
    TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS"
  fi
601
fi
602
AC_SUBST(TOR_LIBEVENT_LIBS)
603

604
605
606
607
608
609
610
dnl ------------------------------------------------------
dnl Where do you live, libm?

dnl On some platforms (Haiku/BeOS) the math library is
dnl part of libroot. In which case don't link against lm
TOR_LIB_MATH=""
save_LIBS="$LIBS"
611
612
613
AC_SEARCH_LIBS(pow, [m], , AC_MSG_ERROR([Could not find pow in libm or libc.]))
if test "$ac_cv_search_pow" != "none required"; then
    TOR_LIB_MATH="$ac_cv_search_pow"
614
615
616
617
fi
LIBS="$save_LIBS"
AC_SUBST(TOR_LIB_MATH)

618
dnl ------------------------------------------------------
619
dnl Where do you live, openssl?  And how do we call you?
620

621
tor_openssl_pkg_redhat="openssl"
622
tor_openssl_pkg_debian="libssl-dev"
623
624
625
tor_openssl_devpkg_redhat="openssl-devel"
tor_openssl_devpkg_debian="libssl-dev"

626
627
ALT_openssl_WITHVAL=""
AC_ARG_WITH(ssl-dir,
628
  AS_HELP_STRING(--with-ssl-dir=PATH, [obsolete alias for --with-openssl-dir]),
629
630
631
632
633
634
  [
      if test "x$withval" != xno && test "x$withval" != "x" ; then
         ALT_openssl_WITHVAL="$withval"
      fi
  ])

635
TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
636
637
    [#include <openssl/rand.h>],
    [void RAND_add(const void *buf, int num, double entropy);],
638
    [RAND_add((void*)0,0,0); exit(0);], [],
639
    [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
640

641
642
dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()

643
644
645
646
if test "$enable_static_openssl" = "yes"; then
   if test "$tor_cv_library_openssl_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-openssl-dir=x option when using --enable-static-openssl")
   else
647
     TOR_OPENSSL_LIBS="$TOR_LIBDIR_openssl/libssl.a $TOR_LIBDIR_openssl/libcrypto.a"
648
649
   fi
else
650
     TOR_OPENSSL_LIBS="-lssl -lcrypto"
651
652
653
fi
AC_SUBST(TOR_OPENSSL_LIBS)

654
655
656
657
658
659
660
dnl Now check for particular openssl functions.
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LIBS="$TOR_OPENSSL_LIBS $LIBS"
LDFLAGS="$TOR_LDFLAGS_openssl $LDFLAGS"
CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS"
661
662
663
664
665
666
667

AC_TRY_COMPILE([
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x1000000fL
#error "too old"
#endif
   ], [],
668
   [ : ],
669
670
   [ AC_ERROR([OpenSSL is too old. We require 1.0.0 or later. You can specify a path to a newer one with --with-openssl-dir.]) ])

671
672
673
674
675
676
677
678
679
680
681
682
683
AC_TRY_COMPILE([
#include <openssl/opensslv.h>
#include <openssl/evp.h>
#if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_ECDSA)
#error "no ECC"
#endif
#if !defined(NID_X9_62_prime256v1) || !defined(NID_secp224r1)
#error "curves unavailable"
#endif
   ], [],
   [ : ],
   [ AC_ERROR([OpenSSL is built without full ECC support, including curves P256 and P224. You can specify a path to one with ECC support with --with-openssl-dir.]) ])

684
685
686
687
AC_CHECK_MEMBERS([struct ssl_method_st.get_cipher_by_char], , ,
[#include <openssl/ssl.h>
])

688
689
690
691
692
AC_CHECK_FUNCS([ \
		SSL_SESSION_get_master_key \
		SSL_get_server_random \
                SSL_get_client_ciphers \
                SSL_get_client_random \
693
		SSL_CIPHER_find \
694
		TLS_method
695
	       ])
rl1987's avatar
rl1987 committed
696
697
698
699

dnl Check if OpenSSL has scrypt implementation.
AC_CHECK_FUNCS([ EVP_PBE_scrypt ])

700
701
702
703
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

704
705
706
dnl ------------------------------------------------------
dnl Where do you live, zlib?  And how do we call you?

707
708
709
710
tor_zlib_pkg_redhat="zlib"
tor_zlib_pkg_debian="zlib1g"
tor_zlib_devpkg_redhat="zlib-devel"
tor_zlib_devpkg_debian="zlib1g-dev"
711
712
713
714
715
716
717

TOR_SEARCH_LIBRARY(zlib, $tryzlibdir, [-lz],
    [#include <zlib.h>],
    [const char * zlibVersion(void);],
    [zlibVersion(); exit(0);], [--with-zlib-dir],
    [/opt/zlib])

718
719
720
721
722
723
724
725
726
727
728
729
if test "$enable_static_zlib" = "yes"; then
   if test "$tor_cv_library_zlib_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-zlib-dir=x option when
 using --enable-static-zlib")
   else
     TOR_ZLIB_LIBS="$TOR_LIBDIR_zlib/libz.a"
   fi
else
     TOR_ZLIB_LIBS="-lz"
fi
AC_SUBST(TOR_ZLIB_LIBS)

730
731
732
733
734
735
736
737
738
739
740
741
742
dnl ----------------------------------------------------------------------
dnl Check if libcap is available for capabilities.

tor_cap_pkg_debian="libcap2"
tor_cap_pkg_redhat="libcap"
tor_cap_devpkg_debian="libcap-dev"
tor_cap_devpkg_redhat="libcap-devel"

AC_CHECK_LIB([cap], [cap_init], [],
  AC_MSG_NOTICE([Libcap was not found. Capabilities will not be usable.])
)
AC_CHECK_FUNCS(cap_set_proc)

743
744
745
746
747
dnl ---------------------------------------------------------------------
dnl Now that we know about our major libraries, we can check for compiler
dnl and linker hardening options.  We need to do this with the libraries known,
dnl since sometimes the linker will like an option but not be willing to
dnl use it with a build of a library.
748

749
all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent"
750
all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI $TOR_CAP_LIBS"
751

752
753
754
755
756
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__clang__)
#error
#endif])], have_clang=yes, have_clang=no)

757
758
if test x$enable_gcc_hardening != xno; then
    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
759
760
761
    if test x$have_clang = xyes; then
        TOR_CHECK_CFLAGS(-Qunused-arguments)
    fi
762
763
764
    TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
    AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
    AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
765
m4_ifdef([AS_VAR_IF],[
766
767
768
769
    AS_VAR_IF(can_compile, [yes],
        AS_VAR_IF(can_link, [yes],
                  [],
                  AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
770
        )])
771
772
    AS_VAR_POPDEF([can_link])
    AS_VAR_POPDEF([can_compile])
773
774
775
    TOR_CHECK_CFLAGS(-Wstack-protector)
    TOR_CHECK_CFLAGS(-fwrapv)
    TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
776
777
778
779
    if test "$bwin32" = "false"; then
       TOR_CHECK_CFLAGS(-fPIE)
       TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
    fi
780
fi
781

782
783
784
785
786
787
if test x$enable_expensive_hardening = xyes ; then
   TOR_CHECK_CFLAGS([-fsanitize=address])
   TOR_CHECK_CFLAGS([-fsanitize=undefined])
   TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
fi

788
789
790
if test x$enable_linker_hardening != xno; then
    TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
fi
791

792
793
794
# For backtrace support
TOR_CHECK_LDFLAGS(-rdynamic)

795
dnl ------------------------------------------------------
796
797
798
799
dnl Now see if we have a -fomit-frame-pointer compiler option.

saved_CFLAGS="$CFLAGS"
TOR_CHECK_CFLAGS(-fomit-frame-pointer)
800
F_OMIT_FRAME_POINTER=''
801
if test "$saved_CFLAGS" != "$CFLAGS"; then
802
803
804
  if test x$enable_expensive_hardening != xyes ; then
    F_OMIT_FRAME_POINTER='-fomit-frame-pointer'
  fi
805
806
807
808
fi
CFLAGS="$saved_CFLAGS"
AC_SUBST(F_OMIT_FRAME_POINTER)

809
810
811
812
813
814
815
dnl ------------------------------------------------------
dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it
dnl for us, as GCC 4.6 and later do at many optimization levels), then
dnl we should try to add -fasynchronous-unwind-tables so that our backtrace
dnl code will work.
TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables)

816
817
818
dnl ============================================================
dnl Check for libseccomp

819
820
821
822
if test "x$enable_seccomp" != "xno"; then
  AC_CHECK_HEADERS([seccomp.h])
  AC_SEARCH_LIBS(seccomp_init, [seccomp])
fi
823

824
825
826
827
828
829
830
831
dnl ============================================================
dnl Check for libscrypt

if test "x$enable_libscrypt" != "xno"; then
  AC_CHECK_HEADERS([libscrypt.h])
  AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])
fi

832
833
834
835
836
837
838
839
840
841
dnl ============================================================
dnl We need an implementation of curve25519.

dnl set these defaults.
build_curve25519_donna=no
build_curve25519_donna_c64=no
use_curve25519_donna=no
use_curve25519_nacl=no
CURVE25519_LIBS=

842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
dnl The best choice is using curve25519-donna-c64, but that requires
dnl that we
AC_CACHE_CHECK([whether we can use curve25519-donna-c64],
  tor_cv_can_use_curve25519_donna_c64,
  [AC_RUN_IFELSE(
    [AC_LANG_PROGRAM([dnl
      #include <stdint.h>
      typedef unsigned uint128_t __attribute__((mode(TI)));
  int func(uint64_t a, uint64_t b) {
           uint128_t c = ((uint128_t)a) * b;
           int ok = ((uint64_t)(c>>96)) == 522859 &&
             (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                 (((uint64_t)(c))&0xffffffffL) == 0;
           return ok;
      }
  ], [dnl
    int ok = func( ((uint64_t)2000000000) * 1000000000,
                   ((uint64_t)1234567890) << 24);
        return !ok;
      ])],
  [tor_cv_can_use_curve25519_donna_c64=yes],
      [tor_cv_can_use_curve25519_donna_c64=no],
  [AC_LINK_IFELSE(
        [AC_LANG_PROGRAM([dnl
      #include <stdint.h>
      typedef unsigned uint128_t __attribute__((mode(TI)));
  int func(uint64_t a, uint64_t b) {
           uint128_t c = ((uint128_t)a) * b;
           int ok = ((uint64_t)(c>>96)) == 522859 &&
             (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                 (((uint64_t)(c))&0xffffffffL) == 0;
           return ok;
      }
  ], [dnl
    int ok = func( ((uint64_t)2000000000) * 1000000000,
    	         ((uint64_t)1234567890) << 24);
        return !ok;
      ])],
          [tor_cv_can_use_curve25519_donna_c64=cross],
      [tor_cv_can_use_curve25519_donna_c64=no])])])

AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \
                  nacl/crypto_scalarmult_curve25519.h])

AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation],
  tor_cv_can_use_curve25519_nacl,
  [tor_saved_LIBS="$LIBS"
   LIBS="$LIBS -lnacl"
   AC_LINK_IFELSE(
     [AC_LANG_PROGRAM([dnl
       #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H
       #include <crypto_scalarmult_curve25519.h>
   #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H)
   #include <nacl/crypto_scalarmult_curve25519.h>
   #endif
       #ifdef crypto_scalarmult_curve25519_ref_BYTES
   #error Hey, this is the reference implementation! That's not fast.
   #endif
     ], [
   unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c);
     ])], [tor_cv_can_use_curve25519_nacl=yes],
     [tor_cv_can_use_curve25519_nacl=no])
   LIBS="$tor_saved_LIBS" ])

 dnl Okay, now we need to figure out which one to actually use. Fall back
 dnl to curve25519-donna.c

 if test x$tor_cv_can_use_curve25519_donna_c64 != xno; then
   build_curve25519_donna_c64=yes
   use_curve25519_donna=yes
 elif test x$tor_cv_can_use_curve25519_nacl = xyes; then
   use_curve25519_nacl=yes
   CURVE25519_LIBS=-lnacl
 else
   build_curve25519_donna=yes
   use_curve25519_donna=yes
 fi
921
922
923
924
925
926
927
928
929
930
931
932
933

if test x$use_curve25519_donna = xyes; then
  AC_DEFINE(USE_CURVE25519_DONNA, 1,
            [Defined if we should use an internal curve25519_donna{,_c64} implementation])
fi
if test x$use_curve25519_nacl = xyes; then
  AC_DEFINE(USE_CURVE25519_NACL, 1,
            [Defined if we should use a curve25519 from nacl])
fi
AM_CONDITIONAL(BUILD_CURVE25519_DONNA, test x$build_curve25519_donna = xyes)
AM_CONDITIONAL(BUILD_CURVE25519_DONNA_C64, test x$build_curve25519_donna_c64 = xyes)
AC_SUBST(CURVE25519_LIBS)

934
dnl Make sure to enable support for large off_t if available.
935
936
AC_SYS_LARGEFILE

937
938
939
940
941
942
AC_CHECK_HEADERS(
        assert.h \
        errno.h \
        fcntl.h \
        signal.h \
        string.h \
943
	sys/capability.h \
944
945
946
947
948
949
950
        sys/fcntl.h \
        sys/stat.h \
        sys/time.h \
        sys/types.h \
        time.h \
        unistd.h
 , , AC_MSG_WARN(Some headers were not found, compilation may fail.  If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
951

952
953
dnl These headers are not essential

954
955
AC_CHECK_HEADERS(
        arpa/inet.h \
956
        crt_externs.h \
Nick Mathewson's avatar
Nick Mathewson committed
957
        execinfo.h \
958
        grp.h \
Sebastian Hahn's avatar
Sebastian Hahn committed
959
        ifaddrs.h \
960
961
962
963
964
965
966
967
968
969
970
        inttypes.h \
        limits.h \
        linux/types.h \
        machine/limits.h \
        malloc.h \
        malloc/malloc.h \
        malloc_np.h \
        netdb.h \
        netinet/in.h \
        netinet/in6.h \
        pwd.h \
971
	readpassphrase.h \
972
        stdint.h \
973
	sys/eventfd.h \
974
975
976
977
978
979
980
        sys/file.h \
        sys/ioctl.h \
        sys/limits.h \
        sys/mman.h \
        sys/param.h \
        sys/prctl.h \
        sys/resource.h \
981
        sys/select.h \
982
        sys/socket.h \
983
	sys/statvfs.h \
984
        sys/syscall.h \
985
	sys/sysctl.h \
986
987
988
989
990
991
992
993
994
        sys/syslimits.h \
        sys/time.h \
        sys/types.h \
        sys/un.h \
        sys/utime.h \
        sys/wait.h \
        syslog.h \
        utime.h
)
995

996
997
AC_CHECK_HEADERS(sys/param.h)

998
AC_CHECK_HEADERS(net/if.h, net_if_found=1, net_if_found=0,
999
1000
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
For faster browsing, not all history is shown. View entire blame