Added configure option --with-default-blacklist-file
[gnutls:gnutls.git] / configure.ac
1 dnl Process this file with autoconf to produce a configure script.
2 # Copyright (C) 2000-2012 Free Software Foundation, Inc.
3 #
4 # Author: Nikos Mavrogiannopoulos, Simon Josefsson
5 #
6 # This file is part of GnuTLS.
7 #
8 # This program is free software; you can redistribute it and/or modify
9 # it under the terms of the GNU General Public License as published by
10 # the Free Software Foundation; either version 3 of the License, or
11 # (at your option) any later version.
12 #
13 # This program is distributed in the hope that it will be useful, but
14 # WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16 # General Public License for more details.
17 #
18 # You should have received a copy of the GNU General Public License
19 # along with this program; if not, write to the Free Software
20 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
21 # USA
22
23 AC_PREREQ(2.61)
24 AC_INIT([GnuTLS], [3.3.0], [bugs@gnutls.org])
25 AC_CONFIG_AUX_DIR([build-aux])
26 AC_CONFIG_MACRO_DIR([m4])
27 AC_CANONICAL_HOST
28
29 AM_INIT_AUTOMAKE([1.12.2 subdir-objects no-dist-gzip dist-xz dist-lzip -Wall -Wno-override])
30 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
31 AC_CONFIG_HEADERS([config.h])
32
33 AC_MSG_RESULT([***
34 *** Checking for compilation programs...
35 ])
36
37 dnl Checks for programs.
38 AC_PROG_CC
39 gl_EARLY
40 ggl_EARLY
41 AM_PROG_AS
42 AM_PROG_AR
43 AC_PROG_CXX
44 AM_PROG_CC_C_O
45 AC_PROG_YACC
46 AC_CHECK_PROG([AUTOGEN], [autogen], [autogen], [/bin/true])
47
48 if test x"$AUTOGEN" = "x/bin/true"; then
49   AC_MSG_WARN([[
50 ***
51 *** autogen not found. Will not link against libopts.
52 *** ]])
53 enable_local_libopts=yes
54 fi
55
56 # For includes/gnutls/gnutls.h.in.
57 AC_SUBST(MAJOR_VERSION, `echo $PACKAGE_VERSION | sed 's/\(.*\)\..*\..*/\1/g'`)
58 AC_SUBST(MINOR_VERSION, `echo $PACKAGE_VERSION | sed 's/.*\.\(.*\)\..*/\1/g'`)
59 AC_SUBST(PATCH_VERSION, `echo $PACKAGE_VERSION | sed 's/.*\..*\.\(.*\)/\1/g'`)
60 AC_SUBST(NUMBER_VERSION, `printf "0x%02x%02x%02x" $MAJOR_VERSION $MINOR_VERSION $PATCH_VERSION`)
61
62 touch suppressions.valgrind
63 dnl C and C++ capabilities
64 AC_C_INLINE
65 AC_HEADER_STDC
66
67 # For the C++ code
68 AC_ARG_ENABLE(cxx,
69   AS_HELP_STRING([--disable-cxx], [unconditionally disable the C++ library]),
70     use_cxx=$enableval, use_cxx=yes)
71 if test "$use_cxx" != "no"; then
72   AC_LANG_PUSH(C++)
73   AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], use_cxx=yes, use_cxx=no)
74   AC_LANG_POP(C++)
75 fi
76 AM_CONDITIONAL(ENABLE_CXX, test "$use_cxx" != "no")
77 AM_CONDITIONAL(WANT_TEST_SUITE, [test -f tests/suite/mini-eagain2.c])
78
79 dnl Detect windows build
80 case "$host" in
81   *mingw32* | *mingw64*)
82     have_win=yes
83   ;;
84   *darwin*)
85     have_macosx=yes
86   ;;
87   *)
88     have_elf=yes
89   ;;
90 esac
91
92 AM_CONDITIONAL(WINDOWS, test "$have_win" = yes)
93 AM_CONDITIONAL(MACOSX, test "$have_macosx" = yes)
94 AM_CONDITIONAL(ELF, test "$have_elf" = yes)
95
96 dnl Hardware Acceleration
97 AC_ARG_ENABLE(hardware-acceleration,
98   AS_HELP_STRING([--disable-hardware-acceleration], [unconditionally disable hardware acceleration]),
99     use_accel=$enableval, use_accel=yes)
100 hw_accel=none
101
102
103 if test "$use_accel" != "no"; then
104 case $host_cpu in
105   i?86 | x86_64 | amd64)
106       AC_CHECK_HEADERS(cpuid.h)
107       if test "$host_cpu" = "x86_64" || test "$host_cpu" = "amd64"; then
108         hw_accel="x86-64"
109       else
110         hw_accel="x86"
111       fi
112   ;;
113   *)
114   ;;
115 esac
116
117 fi
118
119 AM_CONDITIONAL(ASM_X86_64, test x"$hw_accel" = x"x86-64")
120 AM_CONDITIONAL(ASM_X86_32, test x"$hw_accel" = x"x86")
121 AM_CONDITIONAL(ASM_X86, test x"$hw_accel" = x"x86" || test x"$hw_accel" = x"x86-64")
122 AM_CONDITIONAL(HAVE_GCC_GNU89_INLINE_OPTION, test "$gnu89_inline" = "yes"])
123 AM_CONDITIONAL(HAVE_GCC, test "$GCC" = "yes")
124
125
126 dnl Try the hooks.m4
127 LIBGNUTLS_HOOKS
128 LIBGNUTLS_EXTRA_HOOKS
129
130 AC_ARG_ENABLE(doc,
131   AS_HELP_STRING([--disable-doc], [don't generate any documentation]),
132     enable_doc=$enableval, enable_doc=yes)
133 AM_CONDITIONAL(ENABLE_DOC, test "$enable_doc" != "no")
134
135 AC_ARG_ENABLE(tests,
136   AS_HELP_STRING([--disable-tests], [don't compile or run any tests]),
137     enable_tests=$enableval, enable_tests=yes)
138 AM_CONDITIONAL(ENABLE_TESTS, test "$enable_tests" != "no")
139
140 GTK_DOC_CHECK(1.1)
141 AM_GNU_GETTEXT([external])
142 AM_GNU_GETTEXT_VERSION([0.18])
143
144 AC_C_BIGENDIAN
145
146 gl_INIT
147 ggl_INIT
148
149 dnl GCC warnings to enable
150
151 AC_ARG_ENABLE([gcc-warnings],
152   [AS_HELP_STRING([--enable-gcc-warnings],
153                   [turn on lots of GCC warnings (for developers)])],
154   [case $enableval in
155      yes|no) ;;
156      *)      AC_MSG_ERROR([bad value $enableval for gcc-warnings option]) ;;
157    esac
158    gl_gcc_warnings=$enableval],
159   [gl_gcc_warnings=no]
160 )
161
162 if test "$gl_gcc_warnings" = yes; then
163   gl_WARN_ADD([-Wframe-larger-than=1024], [WSTACK_CFLAGS])
164
165   nw="$nw -Wsystem-headers"         # Don't let system headers trigger warnings
166   nw="$nw -Wc++-compat"             # We don't care about C++ compilers
167   nw="$nw -Wundef"                  # Warns on '#if GNULIB_FOO' etc in gnulib
168   nw="$nw -Wtraditional"            # Warns on #elif which we use often
169   nw="$nw -Wlogical-op"             # Too many false positives
170   nw="$nw -Wold-style-definition"   # 
171   nw="$nw -Wpadded"                 # Our structs are not padded
172   nw="$nw -Wunreachable-code"       # Too many false positives
173   nw="$nw -Wtraditional-conversion" # Too many warnings for now
174   nw="$nw -Wcast-qual"              # Too many warnings for now
175   nw="$nw -Waggregate-return"       # Too many warnings for now
176   nw="$nw -Wshadow"                 # Too many warnings for now
177   nw="$nw -Wswitch-default"         # Too many warnings for now
178   nw="$nw -Wswitch-enum"            # Too many warnings for now
179   nw="$nw -Wconversion"             # Too many warnings for now
180   nw="$nw -Wsign-conversion"        # Too many warnings for now
181   nw="$nw -Wformat-y2k"             # Too many warnings for now
182   nw="$nw -Woverlength-strings"     # We use some in tests/
183   nw="$nw -Wvla"                    # There is no point to avoid C99 variable length arrays
184   nw="$nw -Wformat-nonliteral"      # Incompatible with gettext _()
185   nw="$nw -Wunsafe-loop-optimizations"
186   nw="$nw -Wstrict-overflow"
187   nw="$nw -Wmissing-noreturn"
188   nw="$nw -Winline"                 # Too compiler dependent
189   nw="$nw -Wsuggest-attribute=pure" # Is it worth using attributes?
190   nw="$nw -Wsuggest-attribute=const" # Is it worth using attributes?
191   nw="$nw -Wsuggest-attribute=noreturn" # Is it worth using attributes?
192   nw="$nw -Wstack-protector"        # Some functions cannot be protected
193   nw="$nw -Wredundant-decls"        # Some files cannot be compiled with that (gl_fd_to_handle)
194
195   gl_MANYWARN_ALL_GCC([ws])
196   gl_MANYWARN_COMPLEMENT(ws, [$ws], [$nw])
197   for w in $ws; do
198     gl_WARN_ADD([$w])
199   done
200
201   gl_WARN_ADD([-Wno-missing-field-initializers]) # We need this one
202   gl_WARN_ADD([-Wno-format-y2k])     # Too many warnings for now
203   gl_WARN_ADD([-Wno-unused-value]) # warnings for things we don't want to get
204   gl_WARN_ADD([-Wno-unused-result]) # warnings for things we don't want to get
205   gl_WARN_ADD([-Wno-unused-parameter]) # Too many warnings for now
206   gl_WARN_ADD([-Wno-stack-protector])  # Some functions cannot be protected
207   gl_WARN_ADD([-Wno-int-to-pointer-cast])  # Some files cannot be compiled with that (gl_fd_to_handle)
208   gl_WARN_ADD([-fdiagnostics-show-option])
209 fi
210
211 AC_SUBST([WERROR_CFLAGS])
212 AC_SUBST([WSTACK_CFLAGS])
213 AC_SUBST([WARN_CFLAGS])
214
215 dnl Programs for compilation or development
216 AC_PROG_LN_S
217 LT_INIT([disable-static,win32-dll,shared])
218
219
220 dnl No fork on MinGW, disable some self-tests until we fix them.
221 dnl Check clock_gettime and pthread_mutex_lock in libc (avoid linking to other libs)
222 AC_CHECK_FUNCS([fork getrusage getpwuid_r nanosleep daemon getpid clock_gettime pthread_mutex_lock iconv localtime vasprintf],,)
223 AM_CONDITIONAL(HAVE_FORK, test "$ac_cv_func_fork" != "no")
224
225 AC_LIB_HAVE_LINKFLAGS(rt,, [#include <time.h>
226 #include <signal.h>
227 ], [timer_create (0,0,0);])
228
229 if test "$ac_cv_func_pthread_mutex_lock" != "yes";then
230   AC_LIB_HAVE_LINKFLAGS(pthread,, [#include <pthread.h>], [pthread_mutex_lock (0);])
231 fi
232
233 if test "$ac_cv_func_nanosleep" != "yes";then
234   AC_LIB_HAVE_LINKFLAGS(rt,, [#include <time.h>], [nanosleep (0, 0);])
235   gnutls_needs_librt=yes
236 fi
237
238 ac_have_unicode=no
239 if test "$ac_cv_func_iconv" != "yes";then
240   AC_LIB_HAVE_LINKFLAGS(iconv,, [#include <iconv.h>], [iconv (0, 0, 0, 0, 0);])
241   if test "$HAVE_LIBICONV" = "yes";then
242     ac_have_unicode=yes
243   fi
244 else
245   ac_have_unicode=yes
246 fi
247
248 if test "$ac_have_unicode" != "yes";then
249   if test "$have_win" = "yes";then
250     ac_have_unicode=yes
251   fi
252 fi
253
254 AC_ARG_ENABLE(self-checks,
255   AS_HELP_STRING([--enable-self-checks], [enable self checking functionality]),
256     enable_self_checks=$enableval, enable_self_checks=no)
257
258 AC_ARG_ENABLE(fips140-mode,
259   AS_HELP_STRING([--enable-fips140-mode], [enable FIPS140-2 mode (implies self checks)]),
260     enable_fips=$enableval, enable_fips=no)
261 AM_CONDITIONAL(ENABLE_FIPS140, test "$enable_fips" = "yes")
262 if [ test "$enable_fips" = "yes" ];then
263   AC_LIB_HAVE_LINKFLAGS(dl,, [#include <dlfcn.h>], [dladdr (0, 0);])
264   if test "x$HAVE_LIBDL" = "xyes";then
265     enable_self_checks=yes
266
267     dnl clock_gettime precision is needed on the FIPS140 DRBG.
268     if test "$ac_cv_func_clock_gettime" != "yes";then
269       AC_LIB_HAVE_LINKFLAGS(rt,, [#include <time.h>], [clock_gettime (0, 0);])
270       gnutls_needs_librt=yes
271     fi
272
273     AC_DEFINE([ENABLE_FIPS140], 1, [Enable FIPS140-2 mode])
274
275     AC_SUBST([FIPS140_LIBS], $LIBDL)
276   else
277     enable_fips=no
278     AC_MSG_WARN([[
279 *** 
280 *** This system is not supported in FIPS140 mode.
281 *** libdl and dladdr() are required.
282 *** ]])
283   fi
284 fi
285
286 AC_ARG_ENABLE(non-suiteb-curves,
287   AS_HELP_STRING([--disable-non-suiteb-curves], [disable curves not in SuiteB]),
288     enable_non_suiteb=$enableval, enable_non_suiteb=yes)
289 if [ test "$enable_non_suiteb" = "yes" ];then
290   AC_DEFINE([ENABLE_NON_SUITEB_CURVES], 1, [Enable all curves])
291 fi
292
293 AM_CONDITIONAL(ENABLE_SELF_CHECKS, test "$enable_self_checks" = "yes")
294 if [ test "$enable_self_checks" = "yes" ];then
295    AC_DEFINE([ENABLE_SELF_CHECKS], 1, [Self checks are included in the library])
296 fi
297
298 AC_MSG_CHECKING([whether to build libdane])
299 AC_ARG_ENABLE(libdane,
300     AS_HELP_STRING([--disable-libdane],
301                    [disable the built of libdane]),
302     enable_dane=$enableval, enable_dane=yes)
303 AC_MSG_RESULT($enable_dane)
304
305 if test "$enable_dane" != "no"; then
306     LIBS="$oldlibs -lunbound"
307     AC_MSG_CHECKING([for unbound library])
308     AC_LINK_IFELSE([AC_LANG_PROGRAM([
309                    #include <unbound.h>],[
310                    struct ub_ctx* ctx;
311                    ctx = ub_ctx_create();])],
312                   [AC_MSG_RESULT(yes)
313                    AC_SUBST([UNBOUND_LIBS], [-lunbound])
314                    AC_SUBST([UNBOUND_CFLAGS], [])
315                    AC_DEFINE([HAVE_DANE], 1, [Enable the DANE library])
316                    enable_dane=yes],
317                   [AC_MSG_RESULT(no)
318                    AC_MSG_WARN([[
319 *** 
320 *** libunbound was not found. Libdane will not be built.
321 *** ]])
322                   enable_dane=no])
323     LIBS="$oldlibs"
324 fi
325
326 AM_CONDITIONAL(ENABLE_DANE, test "$enable_dane" = "yes")
327
328 AC_ARG_WITH(unbound-root-key-file, AS_HELP_STRING([--with-unbound-root-key-file],
329                                  [specify the unbound root key file]),
330             unbound_root_key_file="$withval", 
331 if test "$have_win" = yes; then
332     unbound_root_key_file="C:\\Program Files\\Unbound\\root.key"
333 else
334     if test -f /var/lib/unbound/root.key;then
335         unbound_root_key_file="/var/lib/unbound/root.key"
336     else
337         unbound_root_key_file="/etc/unbound/root.key"
338     fi
339 fi
340 )
341
342 AC_DEFINE_UNQUOTED([UNBOUND_ROOT_KEY_FILE],
343   ["$unbound_root_key_file"], [The DNSSEC root key file])
344
345 dnl Check for p11-kit
346 P11_KIT_MINIMUM=0.19.1
347 AC_ARG_WITH(p11-kit,
348         AS_HELP_STRING([--without-p11-kit],
349                 [Build without p11-kit and PKCS#11 support]))
350 if test "$with_p11_kit" != "no"; then
351         PKG_CHECK_MODULES(P11_KIT, [p11-kit-1 >= $P11_KIT_MINIMUM], [with_p11_kit=yes], [with_p11_kit=no])
352         if test "$with_p11_kit" != "no";then
353                 AC_DEFINE([ENABLE_PKCS11], 1, [Build PKCS#11 support])
354                 if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
355                         GNUTLS_REQUIRES_PRIVATE="Requires.private: p11-kit-1"
356                 else
357                         GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, p11-kit-1"
358                 fi
359         else
360                 with_p11_kit=no
361                 AC_MSG_WARN([[
362 *** 
363 *** p11-kit >= $P11_KIT_MINIMUM was not found. PKCS #11 support will be disabled.
364 *** You may get it from http://p11-glue.freedesktop.org/p11-kit.html
365 *** ]])
366         fi
367 fi
368
369 AM_CONDITIONAL(ENABLE_PKCS11, test "$with_p11_kit" != "no")
370
371 AC_ARG_WITH(tpm,
372         AS_HELP_STRING([--without-tpm],
373                 [Disable TPM (trousers) support.]),
374                 [with_tpm=$withval], [with_tpm=yes])
375 if test "$with_tpm" != "no"; then
376     LIBS="$oldlibs -ltspi"
377     AC_MSG_CHECKING([for tss library])
378     AC_LINK_IFELSE([AC_LANG_PROGRAM([
379                    #include <trousers/tss.h>
380                    #include <trousers/trousers.h>],[
381                    int err = Tspi_Context_Create((void *)0);
382                    Trspi_Error_String(err);])],
383                   [AC_MSG_RESULT(yes)
384                    AC_SUBST([TSS_LIBS], [-ltspi])
385                    AC_SUBST([TSS_CFLAGS], [])
386                    AC_DEFINE([HAVE_TROUSERS], 1, [Enable TPM])
387                    with_tpm=yes],
388                   [AC_MSG_RESULT(no)
389                    AC_MSG_WARN([[
390 *** 
391 *** trousers was not found. TPM support will be disabled.
392 *** ]])
393                   with_tpm=no])
394     LIBS="$oldlibs"
395 fi
396
397 AM_CONDITIONAL(ENABLE_TROUSERS, test "$with_tpm" != "no")
398
399 LIBOPTS_CHECK([src/libopts])
400 if test "$NEED_LIBOPTS_DIR" = "true";then
401         dnl delete libopts-generated files
402         for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do
403                 nam=`echo $i|sed 's/.bak//g'`
404                 if test -f $i;then
405                         cp -f $i $nam
406                 fi
407         done
408         AC_SUBST([AUTOGEN], [/bin/true])
409         enable_local_libopts=yes
410 else
411         enable_local_libopts=no
412 fi
413 AM_CONDITIONAL(NEED_LIBOPTS, test "$enable_local_libopts" = "yes")
414
415 AC_CHECK_TYPE(ssize_t,
416   [
417     DEFINE_SSIZE_T="#include <sys/types.h>"
418     AC_SUBST(DEFINE_SSIZE_T)
419   ], [
420     AC_DEFINE([NO_SSIZE_T], 1, [no ssize_t type was found])
421     DEFINE_SSIZE_T="typedef int ssize_t;"
422     AC_SUBST(DEFINE_SSIZE_T)
423   ], [
424     #include <sys/types.h>
425   ])
426
427 # For minitasn1.
428 AC_CHECK_SIZEOF(unsigned long int, 4)
429 AC_CHECK_SIZEOF(unsigned int, 4)
430
431 AC_ARG_WITH(zlib, AS_HELP_STRING([--without-zlib],
432                                  [disable zlib compression support]),
433             ac_zlib=$withval, ac_zlib=yes)
434 AC_MSG_CHECKING([whether to include zlib compression support])
435 if test x$ac_zlib != xno; then
436  AC_MSG_RESULT(yes)
437  AC_LIB_HAVE_LINKFLAGS(z,, [#include <zlib.h>], [compress (0, 0, 0, 0);])
438  if test x$ac_cv_libz != xyes; then
439    AC_MSG_WARN(
440 *** 
441 *** ZLIB was not found. You will not be able to use ZLIB compression.)
442  fi
443 else
444  AC_MSG_RESULT(no)
445 fi
446
447 PKG_CHECK_EXISTS(zlib, ZLIB_HAS_PKGCONFIG=y, ZLIB_HAS_PKGCONFIG=n)
448
449 if test x$ac_zlib != xno; then
450   if test "$ZLIB_HAS_PKGCONFIG" = "y" ; then
451     if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then
452       GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib"
453     else
454       GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib"
455     fi
456   fi
457 fi
458 AC_SUBST(GNUTLS_REQUIRES_PRIVATE)
459
460
461
462 AC_ARG_WITH([default-trust-store-pkcs11],
463   [AS_HELP_STRING([--with-default-trust-store-pkcs11=URI],
464     [use the given pkcs11 uri as default trust store])])
465
466 if test "x$with_default_trust_store_pkcs11" != x; then
467   if test "x$with_p11_kit" = xno; then
468     AC_MSG_ERROR([cannot use pkcs11 store without p11-kit])
469   fi
470   AC_DEFINE_UNQUOTED([DEFAULT_TRUST_STORE_PKCS11],
471     ["$with_default_trust_store_pkcs11"], [use the given pkcs11 uri as default trust store])
472 fi
473
474 dnl auto detect http://lists.gnu.org/archive/html/help-gnutls/2012-05/msg00004.html
475 AC_ARG_WITH([default-trust-store-file],
476   [AS_HELP_STRING([--with-default-trust-store-file=FILE],
477     [use the given file default trust store])], with_default_trust_store_file="$withval",
478   [if test "$build" = "$host";then
479   for i in \
480     /etc/ssl/ca-bundle.pem \
481     /etc/ssl/certs/ca-certificates.crt \
482     /etc/pki/tls/cert.pem \
483     /usr/local/share/certs/ca-root-nss.crt \
484     /etc/ssl/cert.pem
485     do
486     if test -e $i; then
487       with_default_trust_store_file="$i"
488       break
489     fi
490   done
491   fi]
492 )
493
494 if test "$with_default_trust_store_file" = "no";then
495   with_default_trust_store_file=""
496 fi
497
498 AC_ARG_WITH([default-crl-file],
499   [AS_HELP_STRING([--with-default-crl-file=FILE],
500     [use the given CRL file as default])])
501
502 AC_ARG_WITH([default-blacklist-file],
503   [AS_HELP_STRING([--with-default-blacklist-file=FILE],
504     [use the given certificate blacklist file as default])])
505
506 if test "x$with_default_trust_store_file" != x; then
507   AC_DEFINE_UNQUOTED([DEFAULT_TRUST_STORE_FILE],
508     ["$with_default_trust_store_file"], [use the given file default trust store])
509 fi
510
511 if test "x$with_default_crl_file" != x; then
512   AC_DEFINE_UNQUOTED([DEFAULT_CRL_FILE],
513     ["$with_default_crl_file"], [use the given CRL file])
514 fi
515
516 if test "x$with_default_blacklist_file" != x; then
517   AC_DEFINE_UNQUOTED([DEFAULT_BLACKLIST_FILE],
518     ["$with_default_blacklist_file"], [use the given certificate blacklist file])
519 fi
520
521 dnl Guile bindings.
522 opt_guile_bindings=yes
523 AC_MSG_CHECKING([whether building Guile bindings])
524 AC_ARG_ENABLE(guile,
525         AS_HELP_STRING([--enable-guile], [build GNU Guile bindings]),
526 opt_guile_bindings=$enableval)
527 AC_MSG_RESULT($opt_guile_bindings)
528
529 AC_ARG_WITH([guile-site-dir],
530   [AS_HELP_STRING([--with-guile-site-dir],
531      [use the given directory as the Guile site (use with care)])])
532
533 if test "$opt_guile_bindings" = "yes"; then
534    AC_MSG_RESULT([***
535 *** Detecting GNU Guile...
536 ])
537
538    AC_PATH_PROG([guile_snarf], [guile-snarf])
539    if test "x$guile_snarf" = "x"; then
540       AC_MSG_WARN([`guile-snarf' from Guile 1.8 not found.  Guile bindings not built.])
541       opt_guile_bindings=no
542    else
543       GUILE_PROGS
544       GUILE_FLAGS
545
546       save_CFLAGS="$CFLAGS"
547       save_LIBS="$LIBS"
548       CFLAGS="$CFLAGS $GUILE_CFLAGS"
549       LIBS="$LIBS $GUILE_LDFLAGS"
550       AC_MSG_CHECKING([whether GNU Guile is recent enough])
551       AC_LINK_IFELSE([AC_LANG_PROGRAM([], [scm_from_locale_string ("")])],
552         [], [opt_guile_bindings=no])
553       CFLAGS="$save_CFLAGS"
554       LIBS="$save_LIBS"
555
556       if test "$opt_guile_bindings" = "yes"; then
557         AC_MSG_RESULT([yes])
558         case "x$with_guile_site_dir" in 
559              xno)
560                 # Use the default $(GUILE_SITE).
561                 GUILE_SITE_DIR
562                 ;;
563              x|xyes)
564                 # Automatically derive $(GUILE_SITE) from $(pkgdatadir).  This
565                 # hack is used to allow `distcheck' to work (see
566                 # `DISTCHECK_CONFIGURE_FLAGS' in the top-level `Makefile.am').
567                 GUILE_SITE="\$(datadir)/guile/site"
568                 AC_SUBST(GUILE_SITE)
569                 ;;
570              *)
571                 # Use the user-specified directory as $(GUILE_SITE).
572                 GUILE_SITE="$with_guile_site_dir"
573                 AC_SUBST(GUILE_SITE)
574                 ;;
575         esac
576         AC_MSG_CHECKING([whether gcc supports -fgnu89-inline])
577         _gcc_cflags_save="$CFLAGS"
578         CFLAGS="${CFLAGS} -fgnu89-inline"
579         AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
580                           gnu89_inline=yes, gnu89_inline=no)
581         AC_MSG_RESULT($gnu89_inline)
582         CFLAGS="$_gcc_cflags_save"
583
584         # Optional Guile functions.
585         save_CFLAGS="$CFLAGS"
586         save_LIBS="$LIBS"
587         CFLAGS="$CFLAGS $GUILE_CFLAGS"
588         LIBS="$LIBS $GUILE_LDFLAGS"
589         AC_CHECK_FUNCS([scm_gc_malloc_pointerless])
590         CFLAGS="$save_CFLAGS"
591         LIBS="$save_LIBS"
592
593         # The place where guile-gnutls.la will go.
594         AC_MSG_CHECKING([the Guile effective version])
595         guile_effective_version="`$GUILE -c '(display (effective-version))'`"
596         AC_MSG_RESULT([$guile_effective_version])
597         guileextensiondir="$libdir/guile/$guile_effective_version"
598         AC_SUBST([guileextensiondir])
599       else
600         AC_MSG_RESULT([no])
601         AC_MSG_WARN([A sufficiently recent GNU Guile not found.  Guile bindings not built.])
602         opt_guile_bindings=no
603       fi
604    fi
605 fi
606 AM_CONDITIONAL(HAVE_GUILE, test "$opt_guile_bindings" = "yes")
607
608 LIBGNUTLS_LIBS="-L${libdir} -lgnutls $LIBS"
609 LIBGNUTLS_CFLAGS="-I${includedir}"
610 AC_SUBST(LIBGNUTLS_LIBS)
611 AC_SUBST(LIBGNUTLS_CFLAGS)
612
613 AM_CONDITIONAL(NEEDS_LIBRT, test "$gnutls_needs_librt" = "yes")
614
615 AC_DEFINE([GNUTLS_COMPAT_H], 1, [Make sure we don't use old features in code.])
616 AC_DEFINE([GNUTLS_INTERNAL_BUILD], 1, [We allow temporarily usage of deprecated functions - until they are removed.])
617
618 AC_DEFINE([fread_file], [_gnutls_fread_file], [static lib rename])
619 AC_DEFINE([read_file], [_gnutls_read_file], [static lib rename])
620 AC_DEFINE([read_binary_file], [_gnutls_read_binary_file], [static lib rename])
621
622 dnl Crywrap dependencies
623    AC_MSG_RESULT([***
624 *** Checking dependencies for crywrap...
625 ])
626
627 crywrap=no
628
629 if test "$have_win" != "yes"; then
630
631 AC_CHECK_HEADERS([arpa/inet.h netinet/in.h sys/select.h sys/types.h sys/wait.h])
632
633 dnl **********************
634 dnl * Typedefs & co
635 dnl **********************
636 AC_CACHE_CHECK([return type of signal handlers],[ac_cv_type_signal],[AC_COMPILE_IFELSE(
637 [AC_LANG_PROGRAM([#include <sys/types.h>
638 #include <signal.h>
639 ],
640                  [return *(signal (0, 0)) (0) == 1;])],
641                    [ac_cv_type_signal=int],
642                    [ac_cv_type_signal=void])])
643 AC_DEFINE_UNQUOTED([RETSIGTYPE],[$ac_cv_type_signal],[Define as the return type of signal handlers
644                     (`int' or `void').])
645
646 AC_FUNC_SELECT_ARGTYPES
647 AC_CHECK_FUNCS([alarm atexit dup2 epoll_create kqueue memchr memset munmap \
648                 putenv regcomp scandir select socket strcasecmp strchr \
649                 strdup strerror strncasecmp strrchr strstr strtoul uname])
650
651 AC_ARG_ENABLE(crywrap,
652         AS_HELP_STRING([--disable-crywrap], [unconditionally disable the crywrap TLS proxy service]))
653
654  libidn=no
655
656  if test "x$enable_crywrap" != "xno" ; then
657         PKG_CHECK_MODULES(LIBIDN, libidn >= 0.0.0, [libidn=yes], [libidn=no])
658         AC_CHECK_FUNCS([argp_usage],[ac_argp=yes],[ac_argp=no])
659  fi
660
661  if test "x$libidn" != "xno" && test "$ac_cv_func_daemon" != "no" && test "$ac_argp" != "no";then
662   crywrap=yes
663  fi
664
665 fi
666
667 AM_CONDITIONAL(ENABLE_CRYWRAP, test "x$crywrap" != "xno")
668
669 dnl end of crywrap requirements
670
671 dnl Some variables needed in makefiles
672 YEAR=`date +%Y`
673 AC_SUBST([YEAR], $YEAR)
674
675 AC_CONFIG_FILES([guile/pre-inst-guile], [chmod +x guile/pre-inst-guile])
676 AC_CONFIG_FILES([
677   Makefile
678   doc/Makefile
679   doc/credentials/Makefile
680   doc/credentials/openpgp/Makefile
681   doc/credentials/srp/Makefile
682   doc/credentials/x509/Makefile
683   doc/cyclo/Makefile
684   doc/doxygen/Doxyfile
685   doc/examples/Makefile
686   doc/latex/Makefile
687   doc/manpages/Makefile
688   doc/reference/Makefile
689   doc/reference/version.xml
690   doc/scripts/Makefile
691   extra/Makefile
692   extra/includes/Makefile
693   libdane/Makefile
694   libdane/includes/Makefile
695   libdane/gnutls-dane.pc
696   gl/Makefile
697   gl/tests/Makefile
698   guile/Makefile
699   guile/modules/Makefile
700   guile/src/Makefile
701   guile/tests/Makefile
702   lib/Makefile
703   lib/accelerated/Makefile
704   lib/accelerated/x86/Makefile
705   lib/algorithms/Makefile
706   lib/auth/Makefile
707   lib/ext/Makefile
708   lib/extras/Makefile
709   lib/gnutls.pc
710   lib/includes/Makefile
711   lib/includes/gnutls/gnutls.h
712   lib/minitasn1/Makefile
713   lib/nettle/Makefile
714   lib/opencdk/Makefile
715   lib/openpgp/Makefile
716   lib/x509/Makefile
717   po/Makefile.in
718   src/Makefile
719   src/crywrap/Makefile
720   src/gl/Makefile
721   tests/Makefile
722   tests/cert-tests/Makefile
723   tests/dsa/Makefile
724   tests/dtls/Makefile
725   tests/srp/Makefile
726   tests/ecdsa/Makefile
727   tests/key-id/Makefile
728   tests/openpgp-certs/Makefile
729   tests/pkcs1-padding/Makefile
730   tests/pkcs12-decode/Makefile
731   tests/pkcs8-decode/Makefile
732   tests/rsa-md5-collision/Makefile
733   tests/safe-renegotiation/Makefile
734   tests/scripts/Makefile
735   tests/sha2/Makefile
736   tests/slow/Makefile
737   tests/suite/Makefile
738   tests/userid/Makefile
739 ])
740
741 AC_OUTPUT
742
743 dnl  Warning flags:        errors: ${WERROR_CFLAGS} warnings: ${WARN_CFLAGS}
744 dnl  Valgrind:             $opt_valgrind_tests ${VALGRIND}
745 AC_MSG_NOTICE([summary of build options:
746
747   version:              ${VERSION} shared $LT_CURRENT:$LT_REVISION:$LT_AGE
748   Host/Target system:   ${host}
749   Build system:         ${build}
750   Install prefix:       ${prefix}
751   Compiler:             ${CC}
752   CFlags:               ${CFLAGS}
753   Library types:        Shared=${enable_shared}, Static=${enable_static}
754 ])
755
756 AC_MSG_NOTICE([External hardware support:
757
758   /dev/crypto:          $enable_cryptodev
759   Hardware accel:       $hw_accel
760   PKCS#11 support:      $with_p11_kit
761   TPM support:          $with_tpm
762 ])
763
764 AC_MSG_NOTICE([Optional features:
765 (note that included applications might not compile properly
766 if features are disabled)
767
768   DTLS-SRTP support:    $ac_enable_srtp
769   ALPN support:         $ac_enable_alpn
770   OCSP support:         $ac_enable_ocsp
771   OpenPGP support:      $ac_enable_openpgp
772   SRP support:          $ac_enable_srp
773   PSK support:          $ac_enable_psk
774   DHE support:          $ac_enable_dhe
775   ECDHE support:        $ac_enable_ecdhe
776   Anon auth support:    $ac_enable_anon
777   Heartbeat support:    $ac_enable_heartbeat
778   RSA-EXPORT compat:    $ac_enable_rsa_export
779   Unicode support:      $ac_have_unicode
780   Self checks:          $enable_self_checks
781   Non-SuiteB curves:    $enable_non_suiteb
782   FIPS140 mode:         $enable_fips
783 ])
784
785 AC_MSG_NOTICE([Optional applications:
786
787   crywrap app:          $libidn
788   local libopts:        ${enable_local_libopts}
789   local libtasn1:       ${included_libtasn1}
790 ])
791
792 AC_MSG_NOTICE([Optional libraries:
793
794   Guile wrappers:       $opt_guile_bindings
795   C++ library:          $use_cxx
796   DANE library:         $enable_dane
797   OpenSSL compat:       $enable_openssl
798 ])
799
800 AC_MSG_NOTICE([System files:
801
802   Trust store pkcs:     $with_default_trust_store_pkcs11
803   Trust store file:     $with_default_trust_store_file
804   Blacklist file:       $with_default_blacklist_file
805   CRL file:             $with_default_crl_file
806   DNSSEC root key file: $unbound_root_key_file
807 ])
808
809 if test ! -f "$unbound_root_key_file"; then
810 AC_MSG_WARN([[
811 *** 
812 *** The DNSSEC root key file in $unbound_root_key_file was not found. 
813 *** This file is needed for the verification of DNSSEC responses.
814 *** Use the command: unbound-anchor -a "$unbound_root_key_file"
815 *** to generate or update it.
816 *** ]])
817 fi