1AC_INIT([tlsdate],[0.0.13],[jacob at appelbaum.net]) 2AC_CONFIG_AUX_DIR([config]) 3AC_CONFIG_MACRO_DIR([m4]) 4 5AC_CANONICAL_TARGET 6AC_ARG_PROGRAM 7AC_USE_SYSTEM_EXTENSIONS 8 9AM_INIT_AUTOMAKE([-Wall -Werror -Wno-portability subdir-objects foreign tar-ustar]) 10 11AC_PREREQ([2.63]) 12 13AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS. 14 15PKG_PROG_PKG_CONFIG 16LT_PREREQ([2.2]) 17LT_INIT 18LT_LANG([C]) 19gl_VISIBILITY 20m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) 21 22CONFIG_EXTRA 23AX_PLATFORM 24 25dnl Here we should build a small program to fetch the build system time in a portable 26dnl manner. We have no Win32 users, we can fix this if we ever find one that 27dnl cares. 28dnl 29dnl In Debian GNU/Linux and other Debian GNU/* systems, we wish to make this a 30dnl deterministic build process. There is only one part of the build process that 31dnl is entropic and that is this COMPILE_DATE value. We want to check to see if 32dnl COMPILE_DATE is defined by the debian/rules file and if it is - we want to use 33dnl the value provided by the environment. If it isn't we'll use one that we 34dnl generate here. 35dnl 36echo "checking for \$COMPILE_DATE in the environment..." 37if test "${COMPILE_DATE+set}" = set; then 38 echo "...we've found \$COMPILE_DATE in the environment." 39 echo "...\$COMPILE_DATE is set to: $COMPILE_DATE" 40else 41 echo "...no \$COMPILE_DATE found in our build environment. Generating now..." 42 COMPILE_DATE=`date +%s` 43 echo "...\$COMPILE_DATE is set to: $COMPILE_DATE" 44fi 45 46AC_SUBST([COMPILE_DATE]) 47AC_DEFINE_UNQUOTED([RECENT_COMPILE_DATE], 48 [${COMPILE_DATE}L], 49 [Time in seconds since the Disco epoch at build time]) 50 51dnl Build up the directory we will use to install certs 52TLSDATE_CA_ROOTS="${sysconfdir}/$PACKAGE_NAME/ca-roots" 53AC_SUBST([TLSDATE_CA_ROOTS]) 54 55dnl Place we install our config file 56TLSDATE_CONF_DIR="${sysconfdir}/$PACKAGE_NAME/" 57AC_SUBST([TLSDATE_CONF_DIR]) 58 59dnl HTTPS User-agent 60AC_ARG_WITH([https-user-agent], 61 [AS_HELP_STRING([--with-https-user-agent=AGENT], 62 [a User-Agent value to send when running in HTTPS mode])], 63 [], 64 [with_https_user_agent="TLSDate/$VERSION"]) 65AC_DEFINE_UNQUOTED([HTTPS_USER_AGENT], 66 ["${with_https_user_agent}"], 67 [User-Agent value to send when running as an HTTPS client]) 68 69dnl check for PolarSSL 70OPT_POLARSSL=yes 71 72AC_MSG_CHECKING([PolarSSL]) 73AC_ARG_WITH([polarssl], 74 [AS_HELP_STRING([--with-polarssl=DIR], 75 [where to look for PolarSSL, DIR points to the installation root])]) 76 77AS_CASE([$with_polarssl], 78 [""|yes|no], [POLARSSL_DIR=""], 79 [*], [POLARSSL_DIR=$with_polarssl]) 80OPT_POLARSSL=$with_polarssl 81 82SSL_FLAGS="" 83SSL_LDFLAGS="" 84SSL_LIBS="-lssl -lcrypto" 85 86AS_IF([test "x${OPT_POLARSSL}" != "xno"], [ 87 AS_IF([test -z "${POLARSSL_DIR}"], [ 88 dnl check for lib first without setting any new path 89 AC_CHECK_LIB(polarssl, ssl_init, 90 dnl libpolarssl found, set the variable 91 [ 92 AC_DEFINE(USE_POLARSSL, 1, [if PolarSSL is enabled]) 93 AC_SUBST(USE_POLARSSL, [1]) 94 POLARSSL_ENABLED=1 95 USE_POLARSSL="yes" 96 ]) 97 ]) 98 99 addld="" 100 addlib="" 101 addcflags="" 102 polarssllib="" 103 104 AS_IF([test "x${USE_POLARSSL}" != "xyes"], [ 105 dnl add the path and test again 106 addld=-L${POLARSSL_DIR}/lib$libsuff 107 addcflags=-I${POLARSSL_DIR}/include 108 polarssllib=${POLARSSL_DIR}/lib$libsuff 109 110 LDFLAGS="$LDFLAGS $addld" 111 AS_IF([test "$addcflags" != "-I/usr/include"], [ 112 AX_APPEND_COMPILE_FLAGS(["$addcflags"]) 113 CPPFLAGS="$CPPFLAGS $addcflags" 114 ]) 115 116 AC_CHECK_LIB(polarssl, ssl_init, 117 [ 118 AC_DEFINE(USE_POLARSSL, 1, [if PolarSSL is enabled]) 119 AC_SUBST(USE_POLARSSL, [1]) 120 POLARSSL_ENABLED=1 121 USE_POLARSSL="yes" 122 SSL_CFLAGS=$addcflags 123 SSL_LDFLAGS=$addld 124 ]) 125 ]) 126 127 AS_IF([test "x${USE_POLARSSL}" = "xyes"], [ 128 AC_MSG_NOTICE([detected PolarSSL]) 129 SSL_LIBS="-lpolarssl" 130 131 AS_IF([test -n "$polarssllib"], [ 132 dnl when shared libs were found in a path that the run-time 133 dnl linker doesn't search through, we need to add it to 134 dnl LD_LIBRARY_PATH to prevent further configure tests to fail 135 dnl due to this 136 AS_IF([test "x$cross_compiling" != "xyes"], [ 137 LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$polarssllib" 138 export LD_LIBRARY_PATH 139 AC_MSG_NOTICE([Added $polarssllib to LD_LIBRARY_PATH]) 140 ]) 141 ]) 142 ]) 143]) 144AC_SUBST(SSL_CFLAGS) 145AC_SUBST(SSL_LDFLAGS) 146AC_SUBST(SSL_LIBS) 147AM_CONDITIONAL(POLARSSL, test "x${USE_POLARSSL}" = "xyes") 148 149dnl Required headers 150AS_IF([test "x${USE_POLARSSL}" != "xyes"], [ 151 dnl First check to see if openssl is installed 152 AC_CHECK_HEADERS([openssl/ssl.h], ,[AC_MSG_ERROR([OpenSSL is not installed, openssl/sslh is missing])]) 153 AC_CHECK_HEADERS([openssl/bio.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 154 AC_CHECK_HEADERS([openssl/err.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 155 AC_CHECK_HEADERS([openssl/evp.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 156]) 157 158AC_CHECK_HEADERS([arpa/inet.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 159AC_CHECK_HEADERS([getopt.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 160AC_CHECK_HEADERS([grp.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 161AC_CHECK_HEADERS([pwd.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 162AC_CHECK_HEADERS([stdint.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 163AC_CHECK_HEADERS([stdio.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 164AC_CHECK_HEADERS([stdlib.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 165AC_CHECK_HEADERS([sys/mman.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 166AC_CHECK_HEADERS([sys/socket.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 167AC_CHECK_HEADERS([sys/time.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 168AC_CHECK_HEADERS([sys/types.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 169AC_CHECK_HEADERS([sys/wait.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 170AC_CHECK_HEADERS([time.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 171AC_CHECK_HEADERS([unistd.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 172 173AC_CHECK_HEADERS([linux/rtc.h]) 174AC_CHECK_TYPES([struct rtc_time], [], [], [ 175#ifdef HAVE_LINUX_RTC_H 176#include <linux/rtc.h> 177#endif 178]) 179 180AC_CHECK_FUNCS([strchrnul]) 181AM_CONDITIONAL(HAVE_STRCHRNUL, [test "x${ac_cv_func_strchrnul}" = xyes]) 182 183AC_CHECK_FUNCS([strnlen]) 184AM_CONDITIONAL(HAVE_STRNLEN, [test "x${ac_cv_func_strnlen}" = xyes]) 185 186AC_CHECK_FUNCS_ONCE(m4_flatten([ 187 gettimeofday 188 prctl 189 preadv 190 pwritev 191 setresuid 192])) 193 194AC_CHECK_FUNCS([fmemopen funopen]) 195AM_CONDITIONAL(HAVE_FMEMOPEN, [test "x${ac_cv_func_fmemopen}" = xyes]) 196AM_CONDITIONAL(HAVE_FUNOPEN, [test "x${ac_cv_func_funopen}" = xyes]) 197 198case "$host" in 199 *-darwin*) 200 dnl This is for Mac OS X (10.8.2) 201 AC_CHECK_HEADERS([mach/clock.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 202 AC_CHECK_HEADERS([mach/mach.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) 203 AC_ARG_WITH([unpriv-group], 204 [AS_HELP_STRING([--with-unpriv-group=<group>], 205 [Group to drop privs to @<:@default: nogroup@:>@])]) 206 AS_CASE([$with_unpriv_group], 207 [""|yes|no], [UNPRIV_GROUP="nobody"], 208 [*], [UNPRIV_GROUP=$with_unpriv_group]) 209 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 210 ;; 211 *-freebsd*) 212 dnl This is for FreeBSD 213 dnl clock_gettime is either part of libc or unavailable. 214 AC_CHECK_FUNC([clock_gettime], , 215 [AC_MSG_ERROR([Your system lacks clock_gettime])]) 216 dnl If the autoconf goo picks up a compiler that runs in pre-POSIX mode, 217 dnl the fmemopen prototype is hidden causing the unit tests to segfault. 218 dnl This can happen if gcc is a symlink to gcc46 and is preferred to clang. 219 AC_CHECK_FUNC([fmemopen], , 220 [AC_MSG_WARN([Missing fmemopen, unit tests are likely to segfault. Try CC=clang.])]) 221 AC_ARG_WITH([unpriv-group], 222 [AS_HELP_STRING([--with-unpriv-group=<group>], 223 [Group to drop privs to @<:@default: nobody@:>@])]) 224 AS_CASE([$with_unpriv_group], 225 [""|yes|no], [UNPRIV_GROUP="nobody"], 226 [*], [UNPRIV_GROUP=$with_unpriv_group]) 227 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 228 ;; 229 *kfreebsd*-gnu*) 230 dnl This is for Debian GNU/kFreeBSD 231 dnl clock_gettime is either part of libc or unavailable. 232 dnl Check for clock_gettime. Some systems put it into -lc, while 233 dnl others use -lrt. Try the first and fallback to the latter. 234 RT_LIB= 235 AC_CHECK_FUNC([clock_gettime], [:], 236 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 237 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 238 AC_SUBST(RT_LIB) 239 dnl If the autoconf goo picks up a compiler that runs in pre-POSIX mode, 240 dnl the fmemopen prototype is hidden causing the unit tests to segfault. 241 dnl This can happen if gcc is a symlink to gcc46 and is preferred to clang. 242 AC_CHECK_FUNC([fmemopen], , 243 [AC_MSG_ERROR([Missing fmemopen, unit tests are likely to segfault. Try CC=clang.])]) 244 AC_ARG_WITH([unpriv-group], 245 [AS_HELP_STRING([--with-unpriv-group=<group>], 246 [Group to drop privs to @<:@default: nobody@:>@])]) 247 AS_CASE([$with_unpriv_group], 248 [""|yes|no], [UNPRIV_GROUP="nobody"], 249 [*], [UNPRIV_GROUP=$with_unpriv_group]) 250 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 251 ;; 252 *-netbsd*) 253 dnl This is for NetBSD 254 dnl clock_gettime is either part of libc or unavailable. 255 AC_CHECK_FUNC([clock_gettime], , 256 [AC_MSG_ERROR([Your system lacks clock_gettime])]) 257 if test "x${ac_cv_func_fmemopen}" != xyes; then 258 if test "x${ac_cv_func_funopen}" != xyes; then 259 AC_MSG_ERROR([We need fmemopen or funopen for unit tests.]) 260 fi 261 fi 262 AC_ARG_WITH([unpriv-group], 263 [AS_HELP_STRING([--with-unpriv-group=<group>], 264 [Group to drop privs to @<:@default: nobody@:>@])]) 265 AS_CASE([$with_unpriv_group], 266 [""|yes|no], [UNPRIV_GROUP="nobody"], 267 [*], [UNPRIV_GROUP=$with_unpriv_group]) 268 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 269 ;; 270 *-openbsd*) 271 dnl This is for OpenBSD 272 dnl clock_gettime is either part of libc or unavailable. 273 AC_CHECK_FUNC([clock_gettime], , 274 [AC_MSG_ERROR([Your system lacks clock_gettime])]) 275 dnl If the autoconf goo picks up a compiler that runs in pre-POSIX mode, 276 dnl the fmemopen prototype is hidden causing the unit tests to segfault. 277 dnl This can happen if gcc is a symlink to gcc46 and is preferred to clang. 278 AC_CHECK_FUNC([fmemopen], , 279 [AC_MSG_WARN([Missing fmemopen, unit tests are likely to segfault. Try CC=clang.])]) 280 AC_ARG_WITH([unpriv-group], 281 [AS_HELP_STRING([--with-unpriv-group=<group>], 282 [Group to drop privs to @<:@default: nobody@:>@])]) 283 AS_CASE([$with_unpriv_group], 284 [""|yes|no], [UNPRIV_GROUP="nobody"], 285 [*], [UNPRIV_GROUP=$with_unpriv_group]) 286 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 287 ;; 288 *dragonfly*) 289 dnl This is for DragonFly BSD 290 dnl clock_gettime is either part of libc or unavailable. 291 AC_CHECK_FUNC([clock_gettime], , 292 [AC_MSG_ERROR([Your system lacks clock_gettime])]) 293 dnl If the autoconf goo picks up a compiler that runs in pre-POSIX mode, 294 dnl the fmemopen prototype is hidden causing the unit tests to segfault. 295 dnl This can happen if gcc is a symlink to gcc46 and is preferred to clang. 296 AC_CHECK_FUNC([fmemopen], , 297 [AC_MSG_WARN([Missing fmemopen, unit tests are likely to segfault. Try CC=clang.])]) 298 AC_ARG_WITH([unpriv-group], 299 [AS_HELP_STRING([--with-unpriv-group=<group>], 300 [Group to drop privs to @<:@default: nobody@:>@])]) 301 AS_CASE([$with_unpriv_group], 302 [""|yes|no], [UNPRIV_GROUP="nobody"], 303 [*], [UNPRIV_GROUP=$with_unpriv_group]) 304 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 305 ;; 306 *-bsd*) 307 dnl This is a generic catch for BSD variants 308 dnl This likely needs to be tuned to catch all 309 dnl clock_gettime is either part of libc or unavailable. 310 AC_CHECK_FUNC([clock_gettime], , 311 [AC_MSG_ERROR([Your system lacks clock_gettime])]) 312 dnl If the autoconf goo picks up a compiler that runs in pre-POSIX mode, 313 dnl the fmemopen prototype is hidden causing the unit tests to segfault. 314 dnl This can happen if gcc is a symlink to gcc46 and is preferred to clang. 315 AC_CHECK_FUNC([fmemopen], , 316 [AC_MSG_ERROR([Missing fmemopen, unit tests are likely to segfault. Try CC=clang.])]) 317 AC_ARG_WITH([unpriv-group], 318 [AS_HELP_STRING([--with-unpriv-group=<group>], 319 [Group to drop privs to @<:@default: nobody@:>@])]) 320 AS_CASE([$with_unpriv_group], 321 [""|yes|no], [UNPRIV_GROUP="nobody"], 322 [*], [UNPRIV_GROUP=$with_unpriv_group]) 323 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 324 ;; 325 *-linux*) 326 dnl This is for GNU/Linux 327 dnl Check for clock_gettime. Some systems put it into -lc, while 328 dnl others use -lrt. Try the first and fallback to the latter. 329 RT_LIB= 330 AC_CHECK_FUNC([clock_gettime], [:], 331 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 332 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 333 AC_SUBST(RT_LIB) 334 AC_ARG_WITH([unpriv-group], 335 [AS_HELP_STRING([--with-unpriv-group=<group>], 336 [Group to drop privs to @<:@default: nogroup@:>@])]) 337 AS_CASE([$with_unpriv_group], 338 [""|yes|no], [UNPRIV_GROUP="nogroup"], 339 [*], [UNPRIV_GROUP=$with_unpriv_group]) 340 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 341 case "$host" in 342 *-linux-androideabi) 343 dnl This is for Android NDK as it is a special case of linux 344 AC_DEFINE(HAVE_ANDROID,1, [Defined if we are to build for an Android system]) 345 AC_SUBST(HAVE_ANDROID, [1]) 346 HAVE_ANDROID="yes" 347 ;; 348 esac 349 ;; 350 *-gnu0.*) 351 dnl This is a generic catch for GNU/Hurd variants 352 dnl Check for clock_gettime. Some systems put it into -lc, while 353 dnl others use -lrt. Try the first and fallback to the latter. 354 RT_LIB= 355 AC_CHECK_FUNC([clock_gettime], [:], 356 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 357 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 358 AC_SUBST(RT_LIB) 359 dnl If the autoconf goo picks up a compiler that runs in pre-POSIX mode, 360 dnl the fmemopen prototype is hidden causing the unit tests to segfault. 361 dnl This can happen if gcc is a symlink to gcc46 and is preferred to clang. 362 AC_CHECK_FUNC([fmemopen], , 363 [AC_MSG_ERROR([Missing fmemopen, unit tests are likely to segfault. Try CC=clang.])]) 364 AC_ARG_WITH([unpriv-group], 365 [AS_HELP_STRING([--with-unpriv-group=<group>], 366 [Group to drop privs to @<:@default: nobody@:>@])]) 367 AS_CASE([$with_unpriv_group], 368 [""|yes|no], [UNPRIV_GROUP="nogroup"], 369 [*], [UNPRIV_GROUP=$with_unpriv_group]) 370 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 371 ;; 372 *-cygwin*) 373 dnl This is for Cygwin 374 dnl Check for clock_gettime. Some systems put it into -lc, while 375 dnl others use -lrt. Try the first and fallback to the latter. 376 RT_LIB= 377 AC_CHECK_FUNC([clock_gettime], [:], 378 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 379 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 380 AC_SUBST(RT_LIB) 381 AC_ARG_WITH([unpriv-group], 382 [AS_HELP_STRING([--with-unpriv-group=<group>], 383 [Group to drop privs to @<:@default: nogroup@:>@])]) 384 AS_CASE([$with_unpriv_group], 385 [""|yes|no], [UNPRIV_GROUP="nogroup"], 386 [*], [UNPRIV_GROUP=$with_unpriv_group]) 387 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 388 ;; 389 *-mingw32*) 390 dnl This is for MINGW32_NT 391 dnl Check for clock_gettime. Some systems put it into -lc, while 392 dnl others use -lrt. Try the first and fallback to the latter. 393 RT_LIB= 394 AC_CHECK_FUNC([clock_gettime], [:], 395 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 396 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 397 AC_SUBST(RT_LIB) 398 AC_ARG_WITH([unpriv-group], 399 [AS_HELP_STRING([--with-unpriv-group=<group>], 400 [Group to drop privs to @<:@default: nogroup@:>@])]) 401 AS_CASE([$with_unpriv_group], 402 [""|yes|no], [UNPRIV_GROUP="nogroup"], 403 [*], [UNPRIV_GROUP=$with_unpriv_group]) 404 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 405 ;; 406 *-beos*|*-haiku*) 407 dnl This is for BeOS and Haiku; we probably only support Haiku with gcc4 408 dnl Check for clock_gettime. Some systems put it into -lc, while 409 dnl others use -lrt. Try the first and fallback to the latter. 410 dnl on Haiku we require the bsd library for strsep 411 RT_LIB= 412 AC_CHECK_FUNC([clock_gettime], [:], 413 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 414 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 415 AC_SUBST(RT_LIB) 416 AC_ARG_WITH([unpriv-group], 417 [AS_HELP_STRING([--with-unpriv-group=<group>], 418 [Group to drop privs to @<:@default: nogroup@:>@])]) 419 AS_CASE([$with_unpriv_group], 420 [""|yes|no], [UNPRIV_GROUP="nogroup"], 421 [*], [UNPRIV_GROUP=$with_unpriv_group]) 422 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 423 LDFLAGS="$LDFLAGS -lbsd" 424 CC="/boot/develop/abi/x86/gcc4/tools/gcc-4.6.3-haiku-121101/bin/gcc" 425 ;; 426 *) 427 AC_ARG_WITH([unpriv-group], 428 [AS_HELP_STRING([--with-unpriv-group=<group>], 429 [Group to drop privs to @<:@default: nogroup@:>@])]) 430 AS_CASE([$with_unpriv_group], 431 [""|yes|no], [UNPRIV_GROUP="nogroup"], 432 [*], [UNPRIV_GROUP=$with_unpriv_group]) 433 AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) 434 ;; 435esac 436 437dnl Android conditional 438AM_CONDITIONAL(HAVE_ANDROID, test "x${HAVE_ANDROID}" = "xyes") 439 440AC_MSG_CHECKING([user/group to drop privs to]) 441 442AC_ARG_WITH([unpriv-user], 443 [AS_HELP_STRING([--with-unpriv-user=<user>], 444 [User to drop privs to @<:@default: nobody@:>@])]) 445AS_CASE([$with_unpriv_user], 446 [""|yes|no], [UNPRIV_USER="nobody"], 447 [*], [UNPRIV_USER=$with_unpriv_user]) 448AC_DEFINE_UNQUOTED([UNPRIV_USER], ["${UNPRIV_USER}"], [Unprivileged user]) 449AC_SUBST([UNPRIV_USER]) 450 451AC_MSG_RESULT(${UNPRIV_USER}:${UNPRIV_GROUP}) 452 453AC_MSG_CHECKING([group to allow DBus calls from]) 454AC_ARG_WITH([dbus-client-group], 455 [AS_HELP_STRING([--with-dbus-client-group=<group>], 456 [Allow dbus method calls from group @<:@default: root@:>@])]) 457AS_CASE([$with_dbus_client_group], 458 [""|yes|no], [DBUS_CLIENT_GROUP="root"], 459 [*], [DBUS_CLIENT_GROUP=$with_dbus_client_group]) 460AC_DEFINE_UNQUOTED([DBUS_CLIENT_GROUP], ["${DBUS_CLIENT_GROUP}"], [DBus client group]) 461AC_MSG_RESULT(${DBUS_CLIENT_GROUP}) 462AC_SUBST([DBUS_CLIENT_GROUP]) 463 464dnl Check for clock_gettime. Some systems put it into -lc, while 465dnl others use -lrt. Try the first and fallback to the latter. 466RT_LIB= 467AC_CHECK_FUNC([clock_gettime], [:], 468 [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], 469 [AC_MSG_ERROR([Your system lacks clock_gettime])])]) 470AC_SUBST(RT_LIB) 471 472PKG_CHECK_MODULES([LIBEVENT], [libevent >= 2.0]) 473 474have_dbus=false 475AC_ARG_ENABLE([dbus], 476 [AS_HELP_STRING([--disable-dbus], 477 [Disable automatically dbus support])]) 478AS_IF([test "x$enable_dbus" = xyes], [ 479 PKG_CHECK_MODULES([DBUS], [dbus-1], [ 480 have_dbus=true 481 AC_DEFINE([HAVE_DBUS], [1], [dbus enabled]) 482 ], [ 483 AS_IF([test "x$enable_dbus" = xyes], 484 [AC_MSG_ERROR([dbus requested but not found])]) 485 ]) 486 ]) 487AM_CONDITIONAL([HAVE_DBUS], ${have_dbus}) 488 489AC_SUBST(DBUS_CFLAGS) 490AC_SUBST(DBUS_LIBS) 491AC_SUBST(LIBEVENT_CFLAGS) 492AC_SUBST(LIBEVENT_LIBS) 493 494have_seccomp_filter=false 495AC_ARG_ENABLE([seccomp_filter], 496 [AS_HELP_STRING([--enable-seccomp-filter], 497 [Require seccomp filter])]) 498 499AC_MSG_CHECKING([kernel for seccomp_filter support]) 500AS_IF([test "x$enable_seccomp_filter" = xyes], [ 501 dnl Force seccomp filter use 502 have_seccomp_filter=true 503 AC_MSG_RESULT([forced]) 504 ], [ 505 AS_IF([test "x$enable_seccomp_filter" = xno], [ 506 have_seccomp_filter=no 507 AC_MSG_RESULT([disabled]) 508 ], [ 509 dnl Detect seccomp filter support. 510 AC_RUN_IFELSE([AC_LANG_PROGRAM([[ 511 #include <errno.h> 512 #include <linux/audit.h> 513 #include <linux/filter.h> 514 #include <stdlib.h> 515 #include <sys/prctl.h> 516 #include "src/seccomp-compat.h" 517 ]], 518 [[ errno = 0; 519 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) 520 exit(1); 521 prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0); 522 exit(errno == EFAULT ? 0 : 1); ]])], 523 [ AC_MSG_RESULT([yes]) 524 have_seccomp_filter=true 525 ], [ 526 AC_MSG_RESULT([no]) 527 ], 528 [ AC_MSG_RESULT([cross-compiling, assuming yes]) 529 have_seccomp_filter=true 530 ] 531 ) 532])]) 533 534AS_IF([${have_seccomp_filter}], [ 535 AC_DEFINE([HAVE_SECCOMP_FILTER], [1], [Enable seccomp filter]) 536 ]) 537AM_CONDITIONAL([HAVE_SECCOMP_FILTER], ${have_seccomp_filter}) 538 539 540 541have_seccomp_debug=false 542AC_ARG_ENABLE([seccomp_debugging], 543 [AS_HELP_STRING([--enable-seccomp-debugging], 544 [Enable seccomp filter debugging])]) 545AS_IF([test "x$enable_seccomp_debugging" = xyes], [ 546 AC_DEFINE([SECCOMP_FILTER_DEBUG], [1], [Enable seccomp filter debugging]) 547 have_seccomp_debug=true 548 ]) 549AM_CONDITIONAL([SECCOMP_FILTER_DEBUG], ${have_seccomp_debug}) 550 551 552AC_MSG_CHECKING([for CrOS-specific platform wake event support]) 553AC_ARG_ENABLE([cros], 554 [AS_HELP_STRING([--disable-cros], 555 [Disable CrOS platform support])]) 556 557AS_IF([test "x$enable_cros" = xyes -a "x$enable_dbus" != xyes ], [ 558 AC_MSG_ERROR([--enable-dbus is required for --enable-cros]) 559 ]) 560 561have_cros=false 562AS_IF([test "x$enable_cros" = xyes], [ 563 have_cros=true 564 AC_DEFINE([HAVE_CROS], [1], [Enable CrOS support]) 565 AC_MSG_RESULT([yes]) 566 ], [ 567 AC_MSG_RESULT([no]) 568 ]) 569AM_CONDITIONAL([HAVE_CROS], ${have_cros}) 570 571dnl Debug and hardening flags all in one shot 572dnl Always do this at the end, otherwise you end up filtering system/other libraries 573AC_ARG_ENABLE([hardened-checks], 574 [AS_HELP_STRING([--disable-hardened-checks], 575 [Disable automatically enabling hardened toolchain options])]) 576AC_DEFUN([LOCAL_CHECK_FLAGS],[ 577 AC_REQUIRE([AX_CHECK_LINK_FLAG]) 578 AC_REQUIRE([AX_APPEND_COMPILE_FLAGS]) 579 AC_LANG_PUSH([C]) 580 AS_IF([test "x$enable_hardened_checks" != xno], [ 581 AX_APPEND_COMPILE_FLAGS([-g -O1]) 582 ], [ 583 AC_MSG_WARN([using hardened flags is HIGHLY RECOMMENDED and disabling them is a BAD IDEA]) 584 ]) 585 AX_APPEND_COMPILE_FLAGS([-Wall -fno-strict-aliasing]) 586 AS_IF([test "x$enable_hardened_checks" != xno], [ 587 AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2 -fstack-protector-all]) 588 AX_APPEND_COMPILE_FLAGS([-fwrapv -fPIE -Wstack-protector]) 589 AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1]) 590 AX_CHECK_LINK_FLAG([-z relro -z now]) 591 AX_CHECK_LINK_FLAG([-pie]) 592 ]) 593 AC_LANG_POP 594 ]) 595LOCAL_CHECK_FLAGS 596 597AC_ARG_ENABLE([code-coverage-checks], 598 [AS_HELP_STRING([--enable-code-coverage-checks], 599 [Enable gcov/lcov compile time options])], 600 [AX_APPEND_COMPILE_FLAGS([-ftest-coverage -fprofile-arcs])]) 601 602AC_CONFIG_FILES([dbus/org.torproject.tlsdate.conf]) 603AC_CONFIG_FILES([Makefile]) 604AC_OUTPUT 605