configure.ac 52.7 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
dnl Copyright (c) 2001-2004, Roger Dingledine
2
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
3
dnl Copyright (c) 2007-2015, The Tor Project, Inc.
Nick Mathewson's avatar
Nick Mathewson committed
4
dnl See LICENSE for licensing information
5

Nick Mathewson's avatar
Nick Mathewson committed
6
AC_INIT([tor],[0.2.6.7-dev])
Stewart Smith's avatar
Stewart Smith committed
7
AC_CONFIG_SRCDIR([src/or/main.c])
8
AC_CONFIG_MACRO_DIR([m4])
Stewart Smith's avatar
Stewart Smith committed
9
AM_INIT_AUTOMAKE
10
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
11
AC_CONFIG_HEADERS([orconfig.h])
12

13
14
AC_CANONICAL_HOST

15
16
PKG_PROG_PKG_CONFIG

17
if test -f /etc/redhat-release ; then
18
  if test -f /usr/kerberos/include ; then
19
    CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include"
20
  fi
21
fi
22

23
24
# Not a no-op; we want to make sure that CPPFLAGS is set before we use
# the += operator on it in src/or/Makefile.am
25
CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common"
26

27
#XXXX020 We should make these enabled or not, before 0.2.0.x-final
28
29
AC_ARG_ENABLE(openbsd-malloc,
   AS_HELP_STRING(--enable-openbsd-malloc, Use malloc code from openbsd.  Linux only))
30
31
AC_ARG_ENABLE(instrument-downloads,
   AS_HELP_STRING(--enable-instrument-downloads, Instrument downloads of directory resources etc.))
32
33
34
35
AC_ARG_ENABLE(static-openssl,
   AS_HELP_STRING(--enable-static-openssl, Link against a static openssl library. Requires --with-openssl-dir))
AC_ARG_ENABLE(static-libevent,
   AS_HELP_STRING(--enable-static-libevent, Link against a static libevent library. Requires --with-libevent-dir))
36
37
AC_ARG_ENABLE(static-zlib,
   AS_HELP_STRING(--enable-static-zlib, Link against a static zlib library. Requires --with-zlib-dir))
38
AC_ARG_ENABLE(static-tor,
39
   AS_HELP_STRING(--enable-static-tor, Create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir))
40
41
AC_ARG_ENABLE(unittests,
   AS_HELP_STRING(--disable-unittests, [Don't build unit tests for Tor. Risky!]))
42
43
AC_ARG_ENABLE(coverage,
   AS_HELP_STRING(--enable-coverage, [Enable coverage support in the unit-test build]))
44
45
AC_ARG_ENABLE(system-torrc,
   AS_HELP_STRING(--disable-system-torrc, [Don't look for a system-wide torrc file]))
46

47
48
49
AM_CONDITIONAL(UNITTESTS_ENABLED, test x$enable_unittests != xno)
AM_CONDITIONAL(COVERAGE_ENABLED, test x$enable_coverage = xyes)

50
51
52
53
54
55
if test "$enable_static_tor" = "yes"; then
  enable_static_libevent="yes";
  enable_static_openssl="yes";
  enable_static_zlib="yes";
  CFLAGS="$CFLAGS -static"
fi
56

57
58
59
60
61
if test "$enable_system_torrc" = "no"; then
  AC_DEFINE(DISABLE_SYSTEM_TORRC, 1,
            [Defined if we're not going to look for a torrc in SYSCONF])
fi

62
AM_CONDITIONAL(USE_OPENBSD_MALLOC, test x$enable_openbsd_malloc = xyes)
63
if test x$enable_instrument_downloads = xyes; then
64
65
66
  AC_DEFINE(INSTRUMENT_DOWNLOADS, 1,
            [Defined if we want to keep track of how much of each kind of resource we download.])
fi
67

68
AC_ARG_ENABLE(transparent,
69
     AS_HELP_STRING(--disable-transparent, disable transparent proxy support),
70
71
72
73
74
75
     [case "${enableval}" in
        yes) transparent=true ;;
        no)  transparent=false ;;
        *) AC_MSG_ERROR(bad value for --enable-transparent) ;;
      esac], [transparent=true])

76
77
78
79
80
81
82
83
AC_ARG_ENABLE(asciidoc,
     AS_HELP_STRING(--disable-asciidoc, don't use asciidoc (disables building of manpages)),
     [case "${enableval}" in
        yes) asciidoc=true ;;
        no)  asciidoc=false ;;
        *) AC_MSG_ERROR(bad value for --disable-asciidoc) ;;
      esac], [asciidoc=true])

84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# By default, we're not ready to ship a NAT-PMP aware Tor
AC_ARG_ENABLE(nat-pmp,
     AS_HELP_STRING(--enable-nat-pmp, enable NAT-PMP support),
     [case "${enableval}" in
        yes) natpmp=true ;;
        no)  natpmp=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-nat-pmp) ;;
      esac], [natpmp=false])

# By default, we're not ready to ship a UPnP aware Tor
AC_ARG_ENABLE(upnp,
     AS_HELP_STRING(--enable-upnp, enable UPnP support),
     [case "${enableval}" in
        yes) upnp=true ;;
        no)  upnp=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-upnp) ;;
      esac], [upnp=false])

102
103
104
105
106
107
108
109
110
111
112
113
# systemd notify support
AC_ARG_ENABLE(systemd,
      AS_HELP_STRING(--enable-systemd, enable systemd notification support),
      [case "${enableval}" in
        yes) systemd=true ;;
        no)  systemd=false ;;
        * ) AC_MSG_ERROR(bad value for --enable-systemd) ;;
      esac], [systemd=auto])



# systemd support
114
if test x$enable_systemd = xno ; then
115
116
117
118
119
120
    have_systemd=no;
else
    PKG_CHECK_MODULES(SYSTEMD,
        [libsystemd-daemon],
        have_systemd=yes,
        have_systemd=no)
121
122
123
124
125
126
127
    if test x$have_systemd=xno; then
        AC_MSG_NOTICE([Okay, checking for systemd a different way...])
        PKG_CHECK_MODULES(SYSTEMD,
            [libsystemd],
            have_systemd=yes,
            have_systemd=no)
    fi
128
129
130
131
fi

if test x$have_systemd = xyes; then
    AC_DEFINE(HAVE_SYSTEMD,1,[Have systemd])
132
    TOR_SYSTEMD_CFLAGS="${SYSTEMD_CFLAGS}"
133
    TOR_SYSTEMD_LIBS="${SYSTEMD_LIBS}"
134
135
    PKG_CHECK_MODULES(SYSTEMD209, [systemd >= 209],
         [AC_DEFINE(HAVE_SYSTEMD_209,1,[Have systemd v209 or more])], [])
136
fi
137
AC_SUBST(TOR_SYSTEMD_CFLAGS)
138
139
140
141
142
143
AC_SUBST(TOR_SYSTEMD_LIBS)

if test x$enable_systemd = xyes -a x$have_systemd != xyes ; then
    AC_MSG_ERROR([Explicitly requested systemd support, but systemd not found])
fi

144
145
146
147
148
149
case $host in
   *-*-solaris* )
     AC_DEFINE(_REENTRANT, 1, [Define on some platforms to activate x_r() functions in time.h])
     ;;
esac

150
AC_ARG_ENABLE(gcc-warnings,
151
     AS_HELP_STRING(--enable-gcc-warnings, enable verbose warnings))
152
153
AC_ARG_ENABLE(gcc-warnings-advisory,
     AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
154

155
156
dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
AC_ARG_ENABLE(gcc-hardening,
157
    AS_HELP_STRING(--disable-gcc-hardening, disable compiler security checks))
158

159
160
161
AC_ARG_ENABLE(expensive-hardening,
    AS_HELP_STRING(--enable-expensive-hardening, enable more expensive compiler hardening; makes Tor slower))

162
163
164
dnl Linker hardening options
dnl Currently these options are ELF specific - you can't use this with MacOSX
AC_ARG_ENABLE(linker-hardening,
165
    AS_HELP_STRING(--disable-linker-hardening, disable linker security fixups))
166

167
168
169
170
171
172
173
AC_ARG_ENABLE(local-appdata,
   AS_HELP_STRING(--enable-local-appdata, default to host local application data paths on Windows))
if test "$enable_local_appdata" = "yes"; then
  AC_DEFINE(ENABLE_LOCAL_APPDATA, 1,
            [Defined if we default to host local appdata paths on Windows])
fi

174
175
176
177
178
179
180
# Tor2web mode flag
AC_ARG_ENABLE(tor2web-mode,
     AS_HELP_STRING(--enable-tor2web-mode, support tor2web non-anonymous mode),
[if test x$enableval = xyes; then
    CFLAGS="$CFLAGS -D ENABLE_TOR2WEB_MODE=1"
fi])

181
182
183
AC_ARG_ENABLE(bufferevents,
     AS_HELP_STRING(--enable-bufferevents, use Libevent's buffered IO.))

184
185
186
AC_ARG_ENABLE(tool-name-check,
     AS_HELP_STRING(--disable-tool-name-check, check for sanely named toolchain when cross-compiling))

187
188
189
AC_ARG_ENABLE(seccomp,
     AS_HELP_STRING(--disable-seccomp, do not attempt to use libseccomp))

190
191
192
AC_ARG_ENABLE(libscrypt,
     AS_HELP_STRING(--disable-libscrypt, do not attempt to use libscrypt))

193
194
195
196
197
198
dnl check for the correct "ar" when cross-compiling
AN_MAKEVAR([AR], [AC_PROG_AR])
AN_PROGRAM([ar], [AC_PROG_AR])
AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])])
AC_PROG_AR

199
200
201
202
203
204
205
206
207
208
209
210
211
212
dnl Check whether the above macro has settled for a simply named tool even
dnl though we're cross compiling. We must do this before running AC_PROG_CC,
dnl because that will find any cc on the system, not only the cross-compiler,
dnl and then verify that a binary built with this compiler runs on the
dnl build system. It will then come to the false conclusion that we're not
dnl cross-compiling.
if test x$enable_tool_name_check != xno; then
    if test x$ac_tool_warned = xyes; then
        AC_MSG_ERROR([We are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
	elif test "x$ac_ct_AR" != x -a x$cross_compiling = xmaybe; then
		AC_MSG_ERROR([We think we are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
	fi
fi

213
AC_PROG_CC
214
AC_PROG_CPP
215
216
AC_PROG_MAKE_SET
AC_PROG_RANLIB
217
218
219

dnl autoconf 2.59 appears not to support AC_PROG_SED
AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
220

221
222
dnl check for asciidoc and a2x
AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
223
AC_PATH_PROGS([A2X], [a2x a2x.py], none)
224
225

AM_CONDITIONAL(USE_ASCIIDOC, test x$asciidoc = xtrue)
226

227
228
229
230
AM_CONDITIONAL(USE_FW_HELPER, test x$natpmp = xtrue || test x$upnp = xtrue)
AM_CONDITIONAL(NAT_PMP, test x$natpmp = xtrue)
AM_CONDITIONAL(MINIUPNPC, test x$upnp = xtrue)
AM_PROG_CC_C_O
231
AC_PROG_CC_C99
232

233
AC_ARG_VAR([PYTHON], [path to Python binary])
234
AC_CHECK_PROGS(PYTHON, [python python2 python2.7 python3 python3.3])
235
236
237
238
239
if test "x$PYTHON" = "x"; then
  AC_MSG_WARN([Python unavailable; some tests will not be run.])
fi
AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"])

240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
AC_C_FLEXIBLE_ARRAY_MEMBER
], [
 dnl Maybe we've got an old autoconf...
 AC_CACHE_CHECK([for flexible array members],
     tor_cv_c_flexarray,
     [AC_COMPILE_IFELSE(
       AC_LANG_PROGRAM([
 struct abc { int a; char b[]; };
], [
 struct abc *def = malloc(sizeof(struct abc)+sizeof(char));
 def->b[0] = 33;
]),
  [tor_cv_c_flexarray=yes],
  [tor_cv_c_flexarray=no])])
 if test $tor_cv_flexarray = yes ; then
256
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
257
 else
258
   AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [1], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
259
260
261
 fi
])

262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
AC_CACHE_CHECK([for working C99 mid-block declaration syntax],
      tor_cv_c_c99_decl,
      [AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([], [int x; x = 3; int y; y = 4 + x;])],
	 [tor_cv_c_c99_decl=yes],
	 [tor_cv_c_c99_decl=no] )])
if test "$tor_cv_c_c99_decl" != "yes"; then
  AC_MSG_ERROR([Your compiler doesn't support c99 mid-block declarations. This is required as of Tor 0.2.6.x])
fi

AC_CACHE_CHECK([for working C99 designated initializers],
      tor_cv_c_c99_designated_init,
      [AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([struct s { int a; int b; };],
  	       [[ struct s ss = { .b = 5, .a = 6 }; ]])],
	 [tor_cv_c_c99_designated_init=yes],
	 [tor_cv_c_c99_designated_init=no] )])

if test "$tor_cv_c_c99_designated_init" != "yes"; then
  AC_MSG_ERROR([Your compiler doesn't support c99 designated initializers. This is required as of Tor 0.2.6.x])
fi

284
285
AC_PATH_PROG([SHA1SUM], [sha1sum], none)
AC_PATH_PROG([OPENSSL], [openssl], none)
286

287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
TORUSER=_tor
AC_ARG_WITH(tor-user,
        [  --with-tor-user=NAME    Specify username for tor daemon ],
        [
           TORUSER=$withval
        ]
)
AC_SUBST(TORUSER)

TORGROUP=_tor
AC_ARG_WITH(tor-group,
        [  --with-tor-group=NAME   Specify group name for tor daemon ],
        [
           TORGROUP=$withval
        ]
)
AC_SUBST(TORGROUP)

305

306
dnl If _WIN32 is defined and non-zero, we are building for win32
307
AC_MSG_CHECKING([for win32])
308
AC_RUN_IFELSE([AC_LANG_SOURCE([
309
int main(int c, char **v) {
310
311
#ifdef _WIN32
#if _WIN32
312
313
314
315
316
317
318
  return 0;
#else
  return 1;
#endif
#else
  return 2;
#endif
319
}])],
320
bwin32=true; AC_MSG_RESULT([yes]),
321
322
bwin32=false; AC_MSG_RESULT([no]),
bwin32=cross; AC_MSG_RESULT([cross])
323
324
)

325
if test "$bwin32" = cross; then
326
AC_MSG_CHECKING([for win32 (cross)])
327
AC_COMPILE_IFELSE([AC_LANG_SOURCE([
328
#ifdef _WIN32
329
330
331
332
333
int main(int c, char **v) {return 0;}
#else
#error
int main(int c, char **v) {return x(y);}
#endif
334
])],
335
336
337
338
bwin32=true; AC_MSG_RESULT([yes]),
bwin32=false; AC_MSG_RESULT([no]))
fi

339
AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
340

341
342
dnl Enable C99 when compiling with MIPSpro
AC_MSG_CHECKING([for MIPSpro compiler])
343
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(, [
344
345
346
347
#if (defined(__sgi) && defined(_COMPILER_VERSION))
#error
  return x(y);
#endif
348
])],
349
bmipspro=false; AC_MSG_RESULT(no),
350
bmipspro=true; AC_MSG_RESULT(yes))
351

352
if test "$bmipspro" = true; then
353
354
355
  CFLAGS="$CFLAGS -c99"
fi

356
357
AC_C_BIGENDIAN

358
AC_SEARCH_LIBS(socket, [socket network])
359
AC_SEARCH_LIBS(gethostbyname, [nsl])
360
AC_SEARCH_LIBS(dlopen, [dl])
361
AC_SEARCH_LIBS(inet_aton, [resolv])
362
363
364
365
366
367
saved_LIBS="$LIBS"
AC_SEARCH_LIBS([clock_gettime], [rt])
if test "$LIBS" != "$saved_LIBS"; then
   # Looks like we need -lrt for clock_gettime().
   have_rt=yes
fi
368

369
370
AC_SEARCH_LIBS(pthread_create, [pthread])
AC_SEARCH_LIBS(pthread_detach, [pthread])
371

372
373
AM_CONDITIONAL(THREADS_WIN32, test "$bwin32" = "true")
AM_CONDITIONAL(THREADS_PTHREADS, test "$bwin32" = "false")
374

375
376
377
378
dnl -------------------------------------------------------------------
dnl Check for functions before libevent, since libevent-1.2 apparently
dnl exports strlcpy without defining it in a header.

379
AC_CHECK_FUNCS(
380
        _NSGetEnviron \
Sebastian Hahn's avatar
Sebastian Hahn committed
381
        accept4 \
Nick Mathewson's avatar
Nick Mathewson committed
382
383
        backtrace \
        backtrace_symbols_fd \
Sebastian Hahn's avatar
Sebastian Hahn committed
384
        clock_gettime \
385
	eventfd \
386
387
388
        flock \
        ftime \
        getaddrinfo \
Sebastian Hahn's avatar
Sebastian Hahn committed
389
        getifaddrs \
390
391
392
393
        getrlimit \
        gettimeofday \
        gmtime_r \
        inet_aton \
Sebastian Hahn's avatar
Sebastian Hahn committed
394
        ioctl \
395
        issetugid \
396
        llround \
397
        localtime_r \
Sebastian Hahn's avatar
Sebastian Hahn committed
398
        lround \
399
        memmem \
400
401
	pipe \
	pipe2 \
402
        prctl \
Sebastian Hahn's avatar
Sebastian Hahn committed
403
        rint \
Nick Mathewson's avatar
Nick Mathewson committed
404
        sigaction \
405
406
407
        socketpair \
        strlcat \
        strlcpy \
408
	strnlen \
409
410
411
412
        strptime \
        strtok_r \
        strtoull \
        sysconf \
413
	sysctl \
414
        uname \
415
	usleep \
416
        vasprintf \
417
	_vscprintf
418
)
419

420
if test "$bwin32" != true; then
421
422
423
424
  AC_CHECK_HEADERS(pthread.h)
  AC_CHECK_FUNCS(pthread_create)
fi

425
dnl ------------------------------------------------------
426
dnl Where do you live, libevent?  And how do we call you?
427

428
if test "$bwin32" = true; then
429
  TOR_LIB_WS32=-lws2_32
430
  TOR_LIB_IPHLPAPI=-liphlpapi
431
432
  # Some of the cargo-cults recommend -lwsock32 as well, but I don't
  # think it's actually necessary.
433
  TOR_LIB_GDI=-lgdi32
Nick Mathewson's avatar
   
Nick Mathewson committed
434
else
435
436
  TOR_LIB_WS32=
  TOR_LIB_GDI=
Nick Mathewson's avatar
   
Nick Mathewson committed
437
fi
438
439
AC_SUBST(TOR_LIB_WS32)
AC_SUBST(TOR_LIB_GDI)
440
AC_SUBST(TOR_LIB_IPHLPAPI)
Nick Mathewson's avatar
   
Nick Mathewson committed
441

442
443
444
445
dnl We need to do this before we try our disgusting hack below.
AC_CHECK_HEADERS([sys/types.h])

dnl This is a disgusting hack so we safely include older libevent headers.
446
447
448
449
450
AC_CHECK_TYPE(u_int64_t, unsigned long long)
AC_CHECK_TYPE(u_int32_t, unsigned long)
AC_CHECK_TYPE(u_int16_t, unsigned short)
AC_CHECK_TYPE(u_int8_t, unsigned char)

451
tor_libevent_pkg_redhat="libevent"
452
tor_libevent_pkg_debian="libevent-dev"
453
454
455
tor_libevent_devpkg_redhat="libevent-devel"
tor_libevent_devpkg_debian="libevent-dev"

456
457
458
459
460
461
462
463
464
465
dnl On Gnu/Linux or any place we require it, we'll add librt to the Libevent
dnl linking for static builds.
STATIC_LIBEVENT_FLAGS=""
if test "$enable_static_libevent" = "yes"; then
    if test "$have_rt" = yes; then
      STATIC_LIBEVENT_FLAGS=" -lrt "
    fi
fi

TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32], [
466
#ifdef _WIN32
467
468
#include <winsock2.h>
#endif
469
#include <stdlib.h>
470
#include <sys/time.h>
Roger Dingledine's avatar
Roger Dingledine committed
471
#include <sys/types.h>
472
#include <event.h>], [
473
#ifdef _WIN32
474
475
476
#include <winsock2.h>
#endif
void exit(int); void *event_init(void);],
477
    [
478
#ifdef _WIN32
479
{WSADATA d; WSAStartup(0x101,&d); }
480
481
482
#endif
event_init(); exit(0);
], [--with-libevent-dir], [/opt/libevent])
483

484
dnl Now check for particular libevent functions.
485
486
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
487
save_CPPFLAGS="$CPPFLAGS"
488
LIBS="-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $LIBS"
489
LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
490
CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
491
492
493
494
AC_CHECK_FUNCS([event_get_version \
                event_get_version_number \
                event_get_method \
                event_set_log_callback \
495
                evutil_secure_rng_set_urandom_device_file \
496
                evutil_secure_rng_init \
497
                event_base_loopexit])
498
499
500
501
AC_CHECK_MEMBERS([struct event.min_heap_idx], , ,
[#include <event.h>
])

502
AC_CHECK_HEADERS(event2/event.h event2/dns.h event2/bufferevent_ssl.h)
503

504
505
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
506
CPPFLAGS="$save_CPPFLAGS"
507

508

509
510
AM_CONDITIONAL(USE_EXTERNAL_EVDNS, test x$ac_cv_header_event2_dns_h = xyes)

511
512
513
514
if test "$enable_static_libevent" = "yes"; then
   if test "$tor_cv_library_libevent_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent")
   else
515
     TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent.a $STATIC_LIBEVENT_FLAGS"
516
517
518
519
520
   fi
else
     TOR_LIBEVENT_LIBS="-levent"
fi

521
522
dnl This isn't the best test for Libevent 2.0.3-alpha.  Once it's released,
dnl we can do much better.
523
524
if test "$enable_bufferevents" = "yes" ; then
  if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes" ; then
525
    AC_MSG_ERROR([You've asked for bufferevent support, but you're using a version of Libevent without SSL support.  This won't work.  We need Libevent 2.0.8-rc or later, and you don't seem to even have Libevent 2.0.3-alpha.])
526
527
528
529
530
531
  else

    CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent"

    # Check for the right version.  First see if version detection works.
    AC_MSG_CHECKING([whether we can detect the Libevent version])
532
    AC_COMPILE_IFELSE([AC_LANG_SOURCE([
533
534
535
536
537
538
539
#include <event2/event.h>
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 10
#error
int x = y(zz);
#else
int x = 1;
#endif
540
  ])], [event_version_number_works=yes; AC_MSG_RESULT([yes]) ],
541
542
543
544
545
     [event_version_number_works=no;  AC_MSG_RESULT([no])])
    if test "$event_version_number_works" != 'yes'; then
      AC_MSG_WARN([Version detection on Libevent seems broken.  Your Libevent installation is probably screwed up or very old.])
    else
      AC_MSG_CHECKING([whether Libevent is new enough for bufferevents])
546
      AC_COMPILE_IFELSE([AC_LANG_SOURCE([
547
#include <event2/event.h>
548
#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000d00
549
550
551
552
553
#error
int x = y(zz);
#else
int x = 1;
#endif
554
   ])], [ AC_MSG_RESULT([yes]) ],
555
      [ AC_MSG_RESULT([no])
556
        AC_MSG_ERROR([Libevent does not seem new enough to support bufferevents.  We require 2.0.13-stable or later]) ] )
557
558
    fi
  fi
559
560
fi

561
562
563
564
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

565
566
AM_CONDITIONAL(USE_BUFFEREVENTS, test "$enable_bufferevents" = "yes")
if test "$enable_bufferevents" = "yes"; then
567
568
569
570
571
572
  AC_DEFINE(USE_BUFFEREVENTS, 1, [Defined if we're going to use Libevent's buffered IO API])
  if test "$enable_static_libevent" = "yes"; then
    TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS"
  else
    TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS"
  fi
573
fi
574
AC_SUBST(TOR_LIBEVENT_LIBS)
575

576
577
578
579
580
581
582
dnl ------------------------------------------------------
dnl Where do you live, libm?

dnl On some platforms (Haiku/BeOS) the math library is
dnl part of libroot. In which case don't link against lm
TOR_LIB_MATH=""
save_LIBS="$LIBS"
583
584
585
AC_SEARCH_LIBS(pow, [m], , AC_MSG_ERROR([Could not find pow in libm or libc.]))
if test "$ac_cv_search_pow" != "none required"; then
    TOR_LIB_MATH="$ac_cv_search_pow"
586
587
588
589
fi
LIBS="$save_LIBS"
AC_SUBST(TOR_LIB_MATH)

590
dnl ------------------------------------------------------
591
dnl Where do you live, openssl?  And how do we call you?
592

593
tor_openssl_pkg_redhat="openssl"
594
tor_openssl_pkg_debian="libssl-dev"
595
596
597
tor_openssl_devpkg_redhat="openssl-devel"
tor_openssl_devpkg_debian="libssl-dev"

598
599
600
601
602
603
604
605
606
ALT_openssl_WITHVAL=""
AC_ARG_WITH(ssl-dir,
  [  --with-ssl-dir=PATH    Obsolete alias for --with-openssl-dir ],
  [
      if test "x$withval" != xno && test "x$withval" != "x" ; then
         ALT_openssl_WITHVAL="$withval"
      fi
  ])

607
TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
608
609
    [#include <openssl/rand.h>],
    [void RAND_add(const void *buf, int num, double entropy);],
610
    [RAND_add((void*)0,0,0); exit(0);], [],
611
    [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
612

613
614
dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()

615
616
617
618
if test "$enable_static_openssl" = "yes"; then
   if test "$tor_cv_library_openssl_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-openssl-dir=x option when using --enable-static-openssl")
   else
619
     TOR_OPENSSL_LIBS="$TOR_LIBDIR_openssl/libssl.a $TOR_LIBDIR_openssl/libcrypto.a"
620
621
   fi
else
622
     TOR_OPENSSL_LIBS="-lssl -lcrypto"
623
624
625
fi
AC_SUBST(TOR_OPENSSL_LIBS)

626
627
628
629
630
631
632
dnl Now check for particular openssl functions.
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LIBS="$TOR_OPENSSL_LIBS $LIBS"
LDFLAGS="$TOR_LDFLAGS_openssl $LDFLAGS"
CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS"
633
634
635
636
AC_CHECK_MEMBERS([struct ssl_method_st.get_cipher_by_char], , ,
[#include <openssl/ssl.h>
])

637
638
639
640
641
642
643
644
645
646
AC_CHECK_FUNCS([ \
		SSL_SESSION_get_master_key \
		SSL_get_server_random \
                SSL_get_client_ciphers \
                SSL_get_client_random \
	       ])
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"

647
648
649
dnl ------------------------------------------------------
dnl Where do you live, zlib?  And how do we call you?

650
651
652
653
tor_zlib_pkg_redhat="zlib"
tor_zlib_pkg_debian="zlib1g"
tor_zlib_devpkg_redhat="zlib-devel"
tor_zlib_devpkg_debian="zlib1g-dev"
654
655
656
657
658
659
660

TOR_SEARCH_LIBRARY(zlib, $tryzlibdir, [-lz],
    [#include <zlib.h>],
    [const char * zlibVersion(void);],
    [zlibVersion(); exit(0);], [--with-zlib-dir],
    [/opt/zlib])

661
662
663
664
665
666
667
668
669
670
671
672
if test "$enable_static_zlib" = "yes"; then
   if test "$tor_cv_library_zlib_dir" = "(system)"; then
     AC_MSG_ERROR("You must specify an explicit --with-zlib-dir=x option when
 using --enable-static-zlib")
   else
     TOR_ZLIB_LIBS="$TOR_LIBDIR_zlib/libz.a"
   fi
else
     TOR_ZLIB_LIBS="-lz"
fi
AC_SUBST(TOR_ZLIB_LIBS)

673
674
675
676
677
dnl ---------------------------------------------------------------------
dnl Now that we know about our major libraries, we can check for compiler
dnl and linker hardening options.  We need to do this with the libraries known,
dnl since sometimes the linker will like an option but not be willing to
dnl use it with a build of a library.
678

679
all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent"
680
all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI"
681

682
683
684
685
686
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__clang__)
#error
#endif])], have_clang=yes, have_clang=no)

687
688
if test x$enable_gcc_hardening != xno; then
    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
689
690
691
    if test x$have_clang = xyes; then
        TOR_CHECK_CFLAGS(-Qunused-arguments)
    fi
692
693
694
    TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
    AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
    AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
695
m4_ifdef([AS_VAR_IF],[
696
697
698
699
    AS_VAR_IF(can_compile, [yes],
        AS_VAR_IF(can_link, [yes],
                  [],
                  AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
700
        )])
701
702
    AS_VAR_POPDEF([can_link])
    AS_VAR_POPDEF([can_compile])
703
704
705
    TOR_CHECK_CFLAGS(-Wstack-protector)
    TOR_CHECK_CFLAGS(-fwrapv)
    TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
706
707
708
709
    if test "$bwin32" = "false"; then
       TOR_CHECK_CFLAGS(-fPIE)
       TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
    fi
710
fi
711

712
713
714
715
716
717
if test x$enable_expensive_hardening = xyes ; then
   TOR_CHECK_CFLAGS([-fsanitize=address])
   TOR_CHECK_CFLAGS([-fsanitize=undefined])
   TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
fi

718
719
720
if test x$enable_linker_hardening != xno; then
    TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
fi
721

722
723
724
# For backtrace support
TOR_CHECK_LDFLAGS(-rdynamic)

725
dnl ------------------------------------------------------
726
727
728
729
dnl Now see if we have a -fomit-frame-pointer compiler option.

saved_CFLAGS="$CFLAGS"
TOR_CHECK_CFLAGS(-fomit-frame-pointer)
730
F_OMIT_FRAME_POINTER=''
731
if test "$saved_CFLAGS" != "$CFLAGS"; then
732
733
734
  if test x$enable_expensive_hardening != xyes ; then
    F_OMIT_FRAME_POINTER='-fomit-frame-pointer'
  fi
735
736
737
738
fi
CFLAGS="$saved_CFLAGS"
AC_SUBST(F_OMIT_FRAME_POINTER)

739
740
741
742
743
744
745
dnl ------------------------------------------------------
dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it
dnl for us, as GCC 4.6 and later do at many optimization levels), then
dnl we should try to add -fasynchronous-unwind-tables so that our backtrace
dnl code will work.
TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables)

746
747
748
749
750
751
dnl ------------------------------------------------------
dnl Where do you live, libnatpmp?  And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch

if test "$natpmp" = "true"; then
    AC_DEFINE(NAT_PMP, 1, [Define to 1 if we are building with nat-pmp.])
Steven Murdoch's avatar
Steven Murdoch committed
752
    TOR_SEARCH_LIBRARY(libnatpmp, $trylibnatpmpdir, [-lnatpmp $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
753
        [#include <natpmp.h>],
754
        [#ifdef _WIN32
Steven Murdoch's avatar
Steven Murdoch committed
755
756
757
         #define STATICLIB
         #endif
         #include <natpmp.h>],
758
759
760
        [   int r;
            natpmp_t natpmp;
            natpmpresp_t response;
761
            r = initnatpmp(&natpmp, 0, 0);],
762
763
764
765
766
767
768
769
770
771
772
773
            [printf("initnatpmp() returned %d (%s)\n", r, r?"FAILED":"SUCCESS");
            exit(0);],
        [--with-libnatpmp-dir],
        [/usr/lib/])
fi


dnl ------------------------------------------------------
dnl Where do you live, libminiupnpc?  And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch

if test "$upnp" = "true"; then
774
    AC_DEFINE(MINIUPNPC, 1, [Define to 1 if we are building with UPnP.])
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802

    dnl Before we call TOR_SEARCH_LIBRARY we'll do a quick compile test
    dnl to see if we have miniupnpc-1.5 or -1.6
    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <miniupnpc/miniupnpc.h>],
        [upnpDiscover(1, 0, 0, 0);exit(0);])],[miniupnpc15="true"],[miniupnpc15="false"])

    if test "$miniupnpc15" = "true" ; then
        AC_DEFINE([MINIUPNPC15],[1],[libminiupnpc version 1.5 found])
        TOR_SEARCH_LIBRARY(libminiupnpc, $trylibminiupnpcdir, [-lminiupnpc $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
            [#include <miniupnpc/miniwget.h>
             #include <miniupnpc/miniupnpc.h>
             #include <miniupnpc/upnpcommands.h>],
            [void upnpDiscover(int delay, const char * multicastif,
             const char * minissdpdsock, int sameport);],
            [upnpDiscover(1, 0, 0, 0); exit(0);],
            [--with-libminiupnpc-dir],
            [/usr/lib/])
    else
        TOR_SEARCH_LIBRARY(libminiupnpc, $trylibminiupnpcdir, [-lminiupnpc $TOR_LIB_WS32 $TOR_LIB_IPHLPAPI],
            [#include <miniupnpc/miniwget.h>
             #include <miniupnpc/miniupnpc.h>
             #include <miniupnpc/upnpcommands.h>],
            [void upnpDiscover(int delay, const char * multicastif,
             const char * minissdpdsock, int sameport, int ipv6, int * error);],
            [upnpDiscover(1, 0, 0, 0, 0, 0); exit(0);],
            [--with-libminiupnpc-dir],
            [/usr/lib/])
    fi
803
804
fi

805
806
807
dnl ============================================================
dnl Check for libseccomp

808
809
810
811
if test "x$enable_seccomp" != "xno"; then
  AC_CHECK_HEADERS([seccomp.h])
  AC_SEARCH_LIBS(seccomp_init, [seccomp])
fi
812

813
814
815
816
817
818
819
820
dnl ============================================================
dnl Check for libscrypt

if test "x$enable_libscrypt" != "xno"; then
  AC_CHECK_HEADERS([libscrypt.h])
  AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])
fi

821
822
823
824
825
826
827
828
829
830
dnl ============================================================
dnl We need an implementation of curve25519.

dnl set these defaults.
build_curve25519_donna=no
build_curve25519_donna_c64=no
use_curve25519_donna=no
use_curve25519_nacl=no
CURVE25519_LIBS=

831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
dnl The best choice is using curve25519-donna-c64, but that requires
dnl that we
AC_CACHE_CHECK([whether we can use curve25519-donna-c64],
  tor_cv_can_use_curve25519_donna_c64,
  [AC_RUN_IFELSE(
    [AC_LANG_PROGRAM([dnl
      #include <stdint.h>
      typedef unsigned uint128_t __attribute__((mode(TI)));
  int func(uint64_t a, uint64_t b) {
           uint128_t c = ((uint128_t)a) * b;
           int ok = ((uint64_t)(c>>96)) == 522859 &&
             (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                 (((uint64_t)(c))&0xffffffffL) == 0;
           return ok;
      }
  ], [dnl
    int ok = func( ((uint64_t)2000000000) * 1000000000,
                   ((uint64_t)1234567890) << 24);
        return !ok;
      ])],
  [tor_cv_can_use_curve25519_donna_c64=yes],
      [tor_cv_can_use_curve25519_donna_c64=no],
  [AC_LINK_IFELSE(
        [AC_LANG_PROGRAM([dnl
      #include <stdint.h>
      typedef unsigned uint128_t __attribute__((mode(TI)));
  int func(uint64_t a, uint64_t b) {
           uint128_t c = ((uint128_t)a) * b;
           int ok = ((uint64_t)(c>>96)) == 522859 &&
             (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
                 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
                 (((uint64_t)(c))&0xffffffffL) == 0;
           return ok;
      }
  ], [dnl
    int ok = func( ((uint64_t)2000000000) * 1000000000,
    	         ((uint64_t)1234567890) << 24);
        return !ok;
      ])],
          [tor_cv_can_use_curve25519_donna_c64=cross],
      [tor_cv_can_use_curve25519_donna_c64=no])])])

AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \
                  nacl/crypto_scalarmult_curve25519.h])

AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation],
  tor_cv_can_use_curve25519_nacl,
  [tor_saved_LIBS="$LIBS"
   LIBS="$LIBS -lnacl"
   AC_LINK_IFELSE(
     [AC_LANG_PROGRAM([dnl
       #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H
       #include <crypto_scalarmult_curve25519.h>
   #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H)
   #include <nacl/crypto_scalarmult_curve25519.h>
   #endif
       #ifdef crypto_scalarmult_curve25519_ref_BYTES
   #error Hey, this is the reference implementation! That's not fast.
   #endif
     ], [
   unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c);
     ])], [tor_cv_can_use_curve25519_nacl=yes],
     [tor_cv_can_use_curve25519_nacl=no])
   LIBS="$tor_saved_LIBS" ])

 dnl Okay, now we need to figure out which one to actually use. Fall back
 dnl to curve25519-donna.c

 if test x$tor_cv_can_use_curve25519_donna_c64 != xno; then
   build_curve25519_donna_c64=yes
   use_curve25519_donna=yes
 elif test x$tor_cv_can_use_curve25519_nacl = xyes; then
   use_curve25519_nacl=yes
   CURVE25519_LIBS=-lnacl
 else
   build_curve25519_donna=yes
   use_curve25519_donna=yes
 fi
910
911
912
913
914
915
916
917
918
919
920
921
922

if test x$use_curve25519_donna = xyes; then
  AC_DEFINE(USE_CURVE25519_DONNA, 1,
            [Defined if we should use an internal curve25519_donna{,_c64} implementation])
fi
if test x$use_curve25519_nacl = xyes; then
  AC_DEFINE(USE_CURVE25519_NACL, 1,
            [Defined if we should use a curve25519 from nacl])
fi
AM_CONDITIONAL(BUILD_CURVE25519_DONNA, test x$build_curve25519_donna = xyes)
AM_CONDITIONAL(BUILD_CURVE25519_DONNA_C64, test x$build_curve25519_donna_c64 = xyes)
AC_SUBST(CURVE25519_LIBS)

923
dnl Make sure to enable support for large off_t if available.
924
925
AC_SYS_LARGEFILE

926
927
928
929
930
931
932
933
934
935
936
937
938
AC_CHECK_HEADERS(
        assert.h \
        errno.h \
        fcntl.h \
        signal.h \
        string.h \
        sys/fcntl.h \
        sys/stat.h \
        sys/time.h \
        sys/types.h \
        time.h \
        unistd.h
 , , AC_MSG_WARN(Some headers were not found, compilation may fail.  If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
939

940
941
dnl These headers are not essential

942
943
AC_CHECK_HEADERS(
        arpa/inet.h \
944
        crt_externs.h \
Nick Mathewson's avatar
Nick Mathewson committed
945
        execinfo.h \
946
        grp.h \
Sebastian Hahn's avatar
Sebastian Hahn committed
947
        ifaddrs.h \
948
949
950
951
952
953
954
955
956
957
958
959
        inttypes.h \
        limits.h \
        linux/types.h \
        machine/limits.h \
        malloc.h \
        malloc/malloc.h \
        malloc_np.h \
        netdb.h \
        netinet/in.h \
        netinet/in6.h \
        pwd.h \
        stdint.h \
960
	sys/eventfd.h \
961
962
963
964
965
966
967
        sys/file.h \
        sys/ioctl.h \
        sys/limits.h \
        sys/mman.h \
        sys/param.h \
        sys/prctl.h \
        sys/resource.h \
968
        sys/select.h \
969
        sys/socket.h \
970
	sys/sysctl.h \
971
972
973
974
975
976
977
978
979
        sys/syslimits.h \
        sys/time.h \
        sys/types.h \
        sys/un.h \
        sys/utime.h \
        sys/wait.h \
        syslog.h \
        utime.h
)
980

981
982
AC_CHECK_HEADERS(sys/param.h)

983
AC_CHECK_HEADERS(net/if.h, net_if_found=1, net_if_found=0,
984
985
986
987
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
988
989
#include <sys/socket.h>
#endif])
990
AC_CHECK_HEADERS(net/pfvar.h, net_pfvar_found=1, net_pfvar_found=0,
991
992
993
994
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
995
#include <sys/socket.h>
996
997
998
#endif
#ifdef HAVE_NET_IF_H
#include <net/if.h>
999
#endif])
1000