configure.ac 15.9 KB
Newer Older
1 2
# Process this file with autoconf to produce a configure script.

3
AC_INIT([stunnel],[5.55])
4 5
AC_MSG_NOTICE([**************************************** initialization])
AC_CONFIG_AUX_DIR(auto)
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
6
AC_CONFIG_MACRO_DIR([m4])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
7
AC_CONFIG_HEADERS([src/config.h])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
8
AC_CONFIG_SRCDIR([src/stunnel.c])
9
AM_INIT_AUTOMAKE
10 11

AC_CANONICAL_HOST
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
12 13
AC_SUBST([host])
AC_DEFINE_UNQUOTED([HOST], ["$host"], [Host description])
14 15 16 17 18
define([esc], [`echo ]$1[ | tr abcdefghijklmnopqrstuvwxyz.- ABCDEFGHIJKLMNOPQRSTUVWXYZ__ | tr -dc ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_`])
AC_DEFINE_UNQUOTED(esc(CPU_$host_cpu))
AC_DEFINE_UNQUOTED(esc(VENDOR_$host_vendor))
AC_DEFINE_UNQUOTED(esc(OS_$host_os))

19 20 21 22 23 24 25 26 27 28 29 30
case "$host_os" in
*darwin*)
    # OSX does not declare ucontext without _XOPEN_SOURCE
    AC_DEFINE([_XOPEN_SOURCE], [500], [Use X/Open 5 with POSIX 1995])
    # OSX does not declare chroot() without _DARWIN_C_SOURCE
    AC_DEFINE([_DARWIN_C_SOURCE], [1], [Use Darwin source])
    ;;
*)
    AC_DEFINE([_GNU_SOURCE], [1], [Use GNU source])
    ;;
esac

31
AC_PROG_CC
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
32
AM_PROG_CC_C_O
33 34
AC_PROG_INSTALL
AC_PROG_MAKE_SET
35 36
# silent build by default
ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
37

38 39
AC_MSG_NOTICE([**************************************** thread model])
# thread detection should be done first, as it may change the CC variable
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
40

41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
AC_ARG_WITH(threads,
[  --with-threads=model    select threading model (ucontext/pthread/fork)],
[
    case "$withval" in
        ucontext)
            AC_MSG_NOTICE([UCONTEXT mode selected])
            AC_DEFINE([USE_UCONTEXT], [1], [Define to 1 to select UCONTEXT mode])
            ;;
        pthread)
            AC_MSG_NOTICE([PTHREAD mode selected])
            AX_PTHREAD()
            LIBS="$PTHREAD_LIBS $LIBS"
            CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
            CC="$PTHREAD_CC"
            AC_DEFINE([USE_PTHREAD], [1], [Define to 1 to select PTHREAD mode])
            ;;
        fork)
            AC_MSG_NOTICE([FORK mode selected])
            AC_DEFINE([USE_FORK], [1], [Define to 1 to select FORK mode])
            ;;
        *)
            AC_MSG_ERROR([Unknown thread model \"${withval}\"])
            ;;
    esac
], [
    # do not attempt to autodetect UCONTEXT threading
    AX_PTHREAD([
        AC_MSG_NOTICE([PTHREAD thread model detected])
        LIBS="$PTHREAD_LIBS $LIBS"
        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
        CC="$PTHREAD_CC"
        AC_DEFINE([USE_PTHREAD], [1], [Define to 1 to select PTHREAD mode])
73
    ], [
74 75
        AC_MSG_NOTICE([FORK thread model detected])
        AC_DEFINE([USE_FORK], [1], [Define to 1 to select FORK mode])
76
    ])
77
])
78

79
AC_MSG_NOTICE([**************************************** compiler/linker flags])
80 81 82 83 84 85 86 87 88
if test "$GCC" = yes; then
    AX_APPEND_COMPILE_FLAGS([-Wall])
    AX_APPEND_COMPILE_FLAGS([-Wextra])
    AX_APPEND_COMPILE_FLAGS([-Wpedantic])
    AX_APPEND_COMPILE_FLAGS([-Wformat=2])
    AX_APPEND_COMPILE_FLAGS([-Wconversion])
    AX_APPEND_COMPILE_FLAGS([-Wno-long-long])
    AX_APPEND_COMPILE_FLAGS([-Wno-deprecated-declarations])
    AX_APPEND_COMPILE_FLAGS([-fPIE])
89 90 91 92 93 94 95
    case "${host}" in
        avr-*.* | powerpc-*-aix* | rl78-*.* | visium-*.*)
            ;;
        *)
            AX_APPEND_COMPILE_FLAGS([-fstack-protector])
            ;;
    esac
96 97 98 99 100
    AX_APPEND_LINK_FLAGS([-fPIE -pie])
    AX_APPEND_LINK_FLAGS([-Wl,-z,relro])
    AX_APPEND_LINK_FLAGS([-Wl,-z,now])
    AX_APPEND_LINK_FLAGS([-Wl,-z,noexecstack])
fi
101
AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
102

103
AC_MSG_NOTICE([**************************************** libtool])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
104 105
LT_INIT([disable-static])
AC_SUBST([LIBTOOL_DEPS])
106 107

AC_MSG_NOTICE([**************************************** types])
108 109 110 111 112 113 114 115 116 117 118
AC_TYPE_INT8_T
AC_TYPE_INT16_T
AC_TYPE_INT32_T
AC_TYPE_INT64_T
AC_TYPE_UINT8_T
AC_TYPE_UINT16_T
AC_TYPE_UINT32_T
AC_TYPE_UINT64_T
AC_TYPE_SIZE_T
AC_TYPE_SSIZE_T
AC_TYPE_UID_T
119 120 121 122
AC_MSG_CHECKING([for socklen_t])
AC_EGREP_HEADER(socklen_t, sys/socket.h,
    AC_MSG_RESULT([yes]),
    AC_MSG_RESULT([no (defined as int)])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
123
    AC_DEFINE([socklen_t], [int], [Type of socklen_t]))
124
AC_CHECK_TYPES([struct sockaddr_un], [], [], [#include <sys/un.h>])
125
AC_CHECK_TYPES([struct addrinfo], [], [], [#include <netdb.h>])
126

127
AC_MSG_NOTICE([**************************************** PTY device files])
128
if test "x$cross_compiling" = "xno"; then
129 130 131 132
    AC_CHECK_FILE("/dev/ptmx", AC_DEFINE([HAVE_DEV_PTMX], [1],
        [Define to 1 if you have '/dev/ptmx' device.]))
    AC_CHECK_FILE("/dev/ptc", AC_DEFINE([HAVE_DEV_PTS_AND_PTC], [1],
        [Define to 1 if you have '/dev/ptc' device.]))
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
133 134 135
else
    AC_MSG_WARN([cross-compilation: assuming /dev/ptmx and /dev/ptc are not available])
fi
136

Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
137
AC_MSG_NOTICE([**************************************** entropy sources])
138

139
if test "x$cross_compiling" = "xno"; then
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
140
    AC_ARG_WITH(egd-socket,
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
141
        [  --with-egd-socket=FILE  Entropy Gathering Daemon socket path],
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
142 143
        [EGD_SOCKET="$withval"]
    )
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
144
    if test -n "$EGD_SOCKET"; then
145 146
        AC_DEFINE_UNQUOTED([EGD_SOCKET], ["$EGD_SOCKET"],
            [Entropy Gathering Daemon socket path])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
147
    fi
148

Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
149 150
    # Check for user-specified random device
    AC_ARG_WITH(random,
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
151
    [  --with-random=FILE      read randomness from file (default=/dev/urandom)],
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
152 153 154 155 156 157
        [RANDOM_FILE="$withval"],
        [
            # Check for random device
            AC_CHECK_FILE("/dev/urandom", RANDOM_FILE="/dev/urandom")
        ]
    )
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
158
    if test -n "$RANDOM_FILE"; then
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
159 160
        AC_SUBST([RANDOM_FILE])
        AC_DEFINE_UNQUOTED([RANDOM_FILE], ["$RANDOM_FILE"], [Random file path])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
161 162 163
    fi
else
    AC_MSG_WARN([cross-compilation: assuming entropy sources are not available])
164 165 166 167
fi

AC_MSG_NOTICE([**************************************** default group])
DEFAULT_GROUP=nobody
168
if test "x$cross_compiling" = "xno"; then
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
169 170 171 172 173
    grep '^nogroup:' /etc/group >/dev/null && DEFAULT_GROUP=nogroup
else
    AC_MSG_WARN([cross-compilation: assuming nogroup is not available])
fi
AC_MSG_CHECKING([for default group])
174
AC_MSG_RESULT([$DEFAULT_GROUP])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
175
AC_SUBST([DEFAULT_GROUP])
176

177 178
AC_SYS_LARGEFILE

179 180 181 182
AC_MSG_NOTICE([**************************************** header files])
# AC_HEADER_DIRENT
# AC_HEADER_STDC
# AC_HEADER_SYS_WAIT
183 184 185 186
AC_CHECK_HEADERS([stdint.h inttypes.h malloc.h ucontext.h pthread.h poll.h \
    tcpd.h stropts.h grp.h unistd.h util.h libutil.h pty.h limits.h])
AC_CHECK_HEADERS([sys/types.h sys/select.h sys/poll.h sys/socket.h sys/un.h \
    sys/ioctl.h sys/filio.h sys/resource.h sys/uio.h sys/syscall.h])
187
AC_CHECK_HEADERS([linux/sched.h])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
188
AC_CHECK_MEMBERS([struct msghdr.msg_control],
189 190 191 192 193
    [AC_DEFINE([HAVE_MSGHDR_MSG_CONTROL], [1],
    [Define to 1 if you have 'msghdr.msg_control' structure.])], [], [
AC_INCLUDES_DEFAULT
#include <sys/socket.h>
    ])
194
AC_CHECK_HEADERS([linux/netfilter_ipv4.h], , ,
195
    [
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
196 197 198 199
#include <limits.h>
#include <linux/types.h>
#include <sys/socket.h>
#include <netdb.h>
200
    ])
201 202 203

AC_MSG_NOTICE([**************************************** libraries])
# Checks for standard libraries
204 205 206 207
AC_SEARCH_LIBS([gethostbyname], [nsl])
AC_SEARCH_LIBS([yp_get_default_domain], [nsl])
AC_SEARCH_LIBS([socket], [socket])
AC_SEARCH_LIBS([openpty], [util])
208
# Checks for dynamic loader needed by OpenSSL
209 210
AC_SEARCH_LIBS([dlopen], [dl])
AC_SEARCH_LIBS([shl_load], [dld])
211 212

# Add BeOS libraries
213
if test "x$host_os" = "xbeos"; then
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
214
    LIBS="$LIBS -lbe -lroot -lbind"
215 216 217 218 219 220 221 222
fi

AC_MSG_NOTICE([**************************************** library functions])
# safe string operations
AC_CHECK_FUNCS(snprintf vsnprintf)
# pseudoterminal
AC_CHECK_FUNCS(openpty _getpty)
# Unix
223
AC_CHECK_FUNCS(daemon waitpid wait4 setsid setgroups chroot realpath)
224 225 226 227 228 229 230
# limits
AC_CHECK_FUNCS(sysconf getrlimit)
# threads/reentrant functions
AC_CHECK_FUNCS(pthread_sigmask localtime_r)
# threads
AC_CHECK_FUNCS(getcontext __makecontext_v2)
# sockets
231
AC_CHECK_FUNCS(poll gethostbyname2 endhostent getnameinfo)
232
AC_MSG_CHECKING([for getaddrinfo])
233 234 235 236 237 238 239 240 241 242 243
case "$host_os" in
*androideabi*)
    # http://stackoverflow.com/questions/7818246/segmentation-fault-in-getaddrinfo
    AC_MSG_RESULT([no (buggy Android implementation)])
    ;;
*)
    # Tru64 UNIX has getaddrinfo() but has it renamed in libc as
    # something else so we must include <netdb.h> to get the
    # redefinition.
    AC_LINK_IFELSE(
        [AC_LANG_PROGRAM(
244 245
            [
AC_INCLUDES_DEFAULT
246
#include <sys/socket.h>
247 248 249 250 251
#include <netdb.h>
            ],
            [
getaddrinfo(NULL, NULL, NULL, NULL);
            ],)],
252 253 254 255
        [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GETADDRINFO], [1], [Define to 1 if you have 'getaddrinfo' function.])],
        [AC_MSG_RESULT([no])])
    ;;
esac
256
# poll() is not recommended on Mac OS X <= 10.3 and broken on Mac OS X 10.4
257 258
AC_MSG_CHECKING([for broken poll() implementation])
case "$host_os" in
259
darwin[0-8].*)
260
    AC_MSG_RESULT([yes (poll() disabled)])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
261
    AC_DEFINE([BROKEN_POLL], [1], [Define to 1 if you have a broken 'poll' implementation.])
262 263 264 265 266
    ;;
*)
    AC_MSG_RESULT([no])
    ;;
esac
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
267 268
# GNU extensions
AC_CHECK_FUNCS(pipe2 accept4)
269 270 271 272 273

AC_MSG_NOTICE([**************************************** optional features])
# Use IPv6?
AC_MSG_CHECKING([whether to enable IPv6 support])
AC_ARG_ENABLE(ipv6,
274
[  --disable-ipv6          disable IPv6 support],
275 276 277
    [
        case "$enableval" in
            yes) AC_MSG_RESULT([yes])
278 279
                 AC_DEFINE([USE_IPv6], [1],
                    [Define to 1 to enable IPv6 support])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
280 281 282 283 284 285
                 ;;
            no)  AC_MSG_RESULT([no])
                 ;;
            *)   AC_MSG_RESULT([error])
                 AC_MSG_ERROR([bad value \"${enableval}\"])
                 ;;
286
        esac
287 288 289 290 291 292
    ], [
        AC_MSG_RESULT([yes (default)])
        AC_DEFINE([USE_IPv6], [1], [Define to 1 to enable IPv6 support])
    ], [
        AC_MSG_RESULT([no])
    ]
293 294
)

295 296 297 298
# FIPS Mode
AC_MSG_CHECKING([whether to enable FIPS support])
AC_ARG_ENABLE(fips,
[  --disable-fips          disable OpenSSL FIPS support],
299
    [
300 301
        case "$enableval" in
            yes) AC_MSG_RESULT([no])
302 303 304
                 use_fips="yes"
                 AC_DEFINE([USE_FIPS], [1],
                    [Define to 1 to enable OpenSSL FIPS support])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
305
                 ;;
306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331
            no)  AC_MSG_RESULT([no])
                 use_fips="no"
                 ;;
            *)   AC_MSG_RESULT([error])
                 AC_MSG_ERROR([bad value \"${enableval}\"])
                 ;;
        esac
    ],
    [
        use_fips="auto"
        AC_MSG_RESULT([autodetecting])
    ]
)

# Disable systemd socket activation support
AC_MSG_CHECKING([whether to enable systemd socket activation support])
AC_ARG_ENABLE(systemd,
[  --disable-systemd       disable systemd socket activation support],
    [
        case "$enableval" in
            yes) AC_MSG_RESULT([yes])
                 AC_SEARCH_LIBS([sd_listen_fds], [systemd systemd-daemon])
                 AC_DEFINE([USE_SYSTEMD], [1],
                     [Define to 1 to enable systemd socket activation])
                 ;;
            no)  AC_MSG_RESULT([no])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
332 333 334 335
                 ;;
            *)   AC_MSG_RESULT([error])
                 AC_MSG_ERROR([Bad value \"${enableval}\"])
                 ;;
336 337 338 339
        esac
    ],
    [
        AC_MSG_RESULT([autodetecting])
340 341
        # the library name has changed to -lsystemd in systemd 209
        AC_SEARCH_LIBS([sd_listen_fds], [systemd systemd-daemon],
342
            [ AC_CHECK_HEADERS([systemd/sd-daemon.h], [
343 344 345 346 347
                AC_DEFINE([USE_SYSTEMD], [1],
                    [Define to 1 to enable systemd socket activation])
                AC_MSG_NOTICE([systemd support enabled])
            ], [
                AC_MSG_NOTICE([systemd header not found])
348
            ]) ], [
349 350
                AC_MSG_NOTICE([systemd library not found])
            ])
351 352 353
    ]
)

354 355 356 357 358
# Disable use of libwrap (TCP wrappers)
# it should be the last check!
AC_MSG_CHECKING([whether to enable TCP wrappers support])
AC_ARG_ENABLE(libwrap,
[  --disable-libwrap       disable TCP wrappers support],
359 360 361
    [
        case "$enableval" in
            yes) AC_MSG_RESULT([yes])
362 363 364
                 AC_DEFINE([USE_LIBWRAP], [1],
                     [Define to 1 to enable TCP wrappers support])
                 LIBS="$LIBS -lwrap"
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
365 366 367 368
                 ;;
            no)  AC_MSG_RESULT([no])
                 ;;
            *)   AC_MSG_RESULT([error])
369
                 AC_MSG_ERROR([Bad value \"${enableval}\"])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
370
                 ;;
371 372 373 374
        esac
    ],
    [
        AC_MSG_RESULT([autodetecting])
375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393
        AC_MSG_CHECKING([for hosts_access in -lwrap])
        valid_LIBS="$LIBS"
        LIBS="$valid_LIBS -lwrap"
        AC_LINK_IFELSE(
            [
                AC_LANG_PROGRAM(
                    [int hosts_access(); int allow_severity, deny_severity;],
                    [hosts_access()])
            ], [
                AC_MSG_RESULT([yes]);
                AC_DEFINE([USE_LIBWRAP], [1],
                    [Define to 1 to enable TCP wrappers support])
                AC_MSG_NOTICE([libwrap support enabled])
            ], [
                AC_MSG_RESULT([no])
                LIBS="$valid_LIBS"
                AC_MSG_NOTICE([libwrap library not found])
            ]
        )
394 395 396
    ]
)

397
AC_MSG_NOTICE([**************************************** TLS])
398

Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
399
check_ssl_dir() { :
400 401 402
    test -n "$1" -a -f "$1/include/openssl/ssl.h" && SSLDIR="$1"
}

403
iterate_ssl_dir() { :
404 405 406 407 408 409
    # OpenSSL directory search order:
    # - the user-specified prefix
    # - common locations for packages built from sources
    # - common locations for non-OS-default package managers
    # - common locations for OS-default package managers
    # - empty prefix
410
    for main_dir in "/usr/local" "/opt" "/opt/local" "/usr/local/opt" "/opt/csw" "/usr/pkg" "/usr/lib" "/usr" ""; do
411
        for sub_dir in "/ssl" "/openssl" "/ossl" ""; do
412
            check_ssl_dir "$1$main_dir$sub_dir" && return 0
413 414
        done
    done
415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431
    return 1
}

find_ssl_dir() { :
    # try Android *first*
    case "$host_os" in
    *androideabi*)
        iterate_ssl_dir "$ANDROID_NDK/sysroot" && return
        ;;
    esac

    test -d "$lt_sysroot" && iterate_ssl_dir "$lt_sysroot" && return
    test "$prefix" != "NONE" && iterate_ssl_dir "$prefix" && return
    test -d "$ac_default_prefix" && iterate_ssl_dir "$ac_default_prefix" && return
    iterate_ssl_dir "" && return

    # try Xcode *last*
432 433
    if test -x "/usr/bin/xcrun"; then
        sdk_path=`/usr/bin/xcrun --sdk macosx --show-sdk-path`
434
        check_ssl_dir "$sdk_path/usr" && return
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
435
    fi
436
    check_ssl_dir "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/swift-migrator/sdk/MacOSX.sdk/usr"
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
437 438
}

439
SSLDIR=""
440
AC_MSG_CHECKING([for TLS directory])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
441
AC_ARG_WITH(ssl,
442
[  --with-ssl=DIR          location of installed TLS libraries/include files],
443 444
    [check_ssl_dir "$withval"],
    [find_ssl_dir]
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
445
)
446
if test -z "$SSLDIR"; then
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
447 448
AC_MSG_RESULT([not found])
AC_MSG_ERROR([
449
Could not find your TLS library installation dir
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
450
Use --with-ssl option to fix this problem
451
])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
452
fi
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
453 454
AC_MSG_RESULT([$SSLDIR])
AC_SUBST([SSLDIR])
455
AC_DEFINE_UNQUOTED([SSLDIR], ["$SSLDIR"], [TLS directory])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
456

Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
457 458
valid_CPPFLAGS="$CPPFLAGS"; CPPFLAGS="$CPPFLAGS -I$SSLDIR/include"
valid_LIBS="$LIBS"; LIBS="$LIBS -L$SSLDIR/lib64 -L$SSLDIR/lib -lssl -lcrypto"
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
459

460
if test "x$use_fips" = "xauto"; then
461
    AC_CHECK_FUNCS(FIPS_mode_set, [
462 463
        AC_DEFINE([USE_FIPS], [1], [Define to 1 to enable OpenSSL FIPS support])
        AC_MSG_NOTICE([FIPS support enabled])
464
    ], [
465
        AC_MSG_NOTICE([FIPS support not found])
466
    ])
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
467 468
fi

469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485
AC_MSG_CHECKING([whether DH parameters need to be updated])
# only build src/dhparam.c if sources are located in the current directory
if test -f src/stunnel.c && ! grep -q " built for $PACKAGE_STRING " src/dhparam.c; then
    AC_MSG_RESULT([yes])
    (
        echo '/* dhparam.c: initial DH parameters for stunnel */'
        echo '#include "common.h"'
        echo '#ifndef OPENSSL_NO_DH'
        echo '#define DN_new DH_new'
        openssl dhparam -noout -C 2048 | sed 's/static DH/DH/'
        echo '#endif /* OPENSSL_NO_DH */'
        echo "/* built for $PACKAGE_STRING */"
    ) > src/dhparam.c
else
    AC_MSG_RESULT([no])
fi

486
SYSROOT="$lt_sysroot"
Rodrigo Gallardo's avatar
Rodrigo Gallardo committed
487 488 489
CPPFLAGS="$valid_CPPFLAGS"
LIBS="$valid_LIBS"

490
AC_MSG_NOTICE([**************************************** write the results])
491
AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile tools/Makefile tests/Makefile tests/certs/Makefile])
492 493 494
AC_OUTPUT

AC_MSG_NOTICE([**************************************** success])
495
# vim:ft=automake
496
# End of configure.ac