dnl Process this file with autoconf to produce a configure script.
-# Copyright (C) 2000-2012, 2016 Free Software Foundation, Inc.
+# Copyright (C) 2000-2012, 2016, 2019 Free Software Foundation, Inc.
#
# Author: Nikos Mavrogiannopoulos, Simon Josefsson
#
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
# USA
-AC_PREREQ(2.61)
-AC_INIT([GnuTLS], [3.6.5], [bugs@gnutls.org])
+AC_PREREQ(2.63)
+
+dnl when updating version also update LT_REVISION in m4/hooks.m4
+AC_INIT([GnuTLS], [3.6.9], [bugs@gnutls.org])
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_MACRO_DIRS([m4 src/gl/m4 src/libopts/m4 lib/unistring/m4])
AC_CANONICAL_HOST
fi
AX_CODE_COVERAGE
+
AM_MAINTAINER_MODE([enable])
+AC_ARG_ENABLE(bash-tests,
+ AS_HELP_STRING([--disable-bash-tests], [skip some tests that badly need bash]),
+ enable_bash_tests=$enableval, enable_bash_tests=yes)
+AM_CONDITIONAL(DISABLE_BASH_TESTS, test "$enable_bash_tests" != "yes")
+
AC_ARG_ENABLE(doc,
AS_HELP_STRING([--disable-doc], [don't generate any documentation]),
enable_doc=$enableval, enable_doc=yes)
;;
*mingw32* | *mingw64*)
have_win=yes
+ AC_DEFINE([_UNICODE], [1], [Defined to 1 for Unicode (wide chars) APIs])
;;
*darwin*)
have_macosx=yes
;;
esac
+# check for gcc's __get_cpuid_count functionality
+AC_MSG_CHECKING([for __get_cpuid_count])
+AC_LINK_IFELSE(
+ [AC_LANG_SOURCE([
+ #include <cpuid.h>
+ int main(void) { unsigned t1; return __get_cpuid_count(7, 0, &t1, &t1, &t1, &t1); }
+ ])],
+ [AC_DEFINE([HAVE_GET_CPUID_COUNT], [1], [use __get_cpuid_count]) AC_MSG_RESULT([yes])],
+ [AC_MSG_RESULT([no])]
+)
+
fi
AC_ARG_ENABLE(tls13-interop,
AC_CHECK_HEADERS([netinet/tcp.h])
AC_CHECK_HEADERS([stdatomic.h])
+dnl This ensures that we link with the right library for atomic operations on Linux SPARC
+save_LIBS=$LIBS
+AC_SEARCH_LIBS([__atomic_load_4], [atomic], [], [AC_MSG_NOTICE([Could not detect libatomic])])
+LIBS=$save_LIBS
+
+AS_IF([test "$ac_cv_search___atomic_load_4" = "none required" || test "$ac_cv_search___atomic_load_4" = "no"],
+ [AC_SUBST([LIBATOMIC_LIBS], [])],
+ [AC_SUBST([LIBATOMIC_LIBS], [$ac_cv_search___atomic_load_4])])
+
dnl We use its presence to detect C11 threads
AC_CHECK_HEADERS([threads.h])
dnl No fork on MinGW, disable some self-tests until we fix them.
dnl Check clock_gettime and pthread_mutex_lock in libc (avoid linking to other libs)
-AC_CHECK_FUNCS([fork setitimer inet_ntop inet_pton getrusage getpwuid_r nanosleep daemon getpid localtime vasprintf mmap explicit_bzero],,)
+AC_CHECK_FUNCS([fork setitimer getrusage getpwuid_r nanosleep daemon getpid localtime mmap explicit_bzero],,)
dnl Manually check some functions by including headers first. On macOS, you
dnl normally only have the latest SDK available, containing all existing
dnl functions, but having them restricted according to target version in
[AC_MSG_RESULT(yes); ac_cv_func_fmemopen=yes
AC_DEFINE([HAVE_FMEMOPEN], 1, [Define to 1 if you have the `fmemopen' function.])],
[AC_MSG_RESULT(no); ac_cv_func_fmemopen=no])
-if test "$ac_cv_func_vasprintf" != "yes";then
- AC_MSG_CHECKING([for va_copy])
- AC_LINK_IFELSE([AC_LANG_PROGRAM([
- #include <stdarg.h>
- va_list a;],[
- va_list b;
- va_copy(b,a);
- va_end(b);])],
- [AC_DEFINE([HAVE_VA_COPY], 1, [Have va_copy()])
- AC_MSG_RESULT(va_copy)],
- [AC_LINK_IFELSE([AC_LANG_PROGRAM([
- #include <stdarg.h>
- va_list a;],[
- va_list b;
- __va_copy(b,a);
- va_end(b);])],
- [AC_DEFINE([HAVE___VA_COPY], 1, [Have __va_copy()])
- AC_MSG_RESULT(__va_copy)],
- [AC_MSG_RESULT(no)
- AC_MSG_ERROR([Your system lacks vasprintf() and va_copy()])])
- ])
-fi
AM_CONDITIONAL(HAVE_FORK, test "$ac_cv_func_fork" != "no")
gnutls_needs_librt=yes
fi
-if test "$ac_cv_func_inet_pton" != "yes";then
- AC_LIB_HAVE_LINKFLAGS(nsl,, [#include <arpa/inet.h>], [inet_pton(0,0,0);])
-fi
-
if test "$ac_cv_func_clock_gettime" != "yes";then
AC_LIB_HAVE_LINKFLAGS(rt,, [#include <time.h>], [clock_gettime (0, 0);])
gnutls_needs_librt=yes
if test "$included_unistring" = yes;then
ac_have_unistring=no
else
- AC_LIB_HAVE_LINKFLAGS(unistring,, [#include <uninorm.h>], [u8_normalize(0, 0, 0, 0, 0);])
-
- if test "$HAVE_LIBUNISTRING" = "yes";then
+ save_LIBS=$LIBS
+ AC_SEARCH_LIBS(u8_normalize, unistring, [
included_unistring=no
ac_have_unistring=yes
- else
- AC_MSG_ERROR([[
+ AC_SUBST([LIBUNISTRING], [$ac_cv_search_u8_normalize])
+ ], [
+ ac_cv_libunistring=no
+ AC_MSG_ERROR([[
***
*** Libunistring was not found. To use the included one, use --with-included-unistring
- ]])
- fi
+ ]])
+ ])
+ LIBS=$save_LIBS
fi
AM_CONDITIONAL(HAVE_LIBUNISTRING, test "$ac_have_unistring" = "yes")
dnl Note that g*l_INIT are run after we check for library capabilities,
dnl to prevent issues from caching lib dependencies. See discussion
dnl in https://bugs.gentoo.org/show_bug.cgi?id=494940 and
-dnl http://gnu-autoconf.7623.n7.nabble.com/Correct-way-to-check-for-clock-gettime-td12276.html
+dnl https://gnu-autoconf.7623.n7.nabble.com/Correct-way-to-check-for-clock-gettime-td12276.html
gl_INIT
ggl_INIT
unistring_INIT
AM_CONDITIONAL(WANT_TEST_SUITE, test "$full_test_suite" = "yes")
+AC_ARG_ENABLE(oldgnutls-interop,
+ AS_HELP_STRING([--enable-oldgnutls-interop], [enable interoperability testing with old gnutls version]),
+ enable_oldgnutls_interop=$enableval, enable_oldgnutls_interop=no)
+
+if test "$enable_oldgnutls_interop" != "no" && test "$full_test_suite" != yes;then
+ AC_MSG_ERROR([cannot --enable-oldgnutls-interop without --enable-full-test-suite])
+fi
+
+AM_CONDITIONAL(ENABLE_OLDGNUTLS_INTEROP, test "$enable_oldgnutls_interop" != "no")
+
dnl GCC warnings to enable
AC_ARG_ENABLE([gcc-warnings],
with_libidn2=no
if test "$try_libidn2" = yes;then
- AC_SEARCH_LIBS(idn2_lookup_u8, idn2, [
+ save_LIBS=$LIBS
+ AC_SEARCH_LIBS(idn2_lookup_u8, idn2, [
with_libidn2=yes;
idna_support="IDNA 2008 (libidn2)"
AC_DEFINE([HAVE_LIBIDN2], 1, [Define if IDNA 2008 support is enabled.])
with_libidn2=no;
AC_MSG_WARN(*** LIBIDN2 was not found. You will not be able to use IDN2008 support)
])
+ LIBS=$save_LIBS
else
- with_libidn2=no
+ with_libidn2=no
fi
AM_CONDITIONAL(HAVE_LIBIDN2, test "$with_libidn2" != "no")
if test "$enable_non_suiteb" = "yes";then
dnl nettle_secp_192r1 is not really a function
- AC_CHECK_LIB(hogweed, nettle_secp_192r1, enable_non_suiteb=yes, enable_non_suiteb=no, [$HOGWEED_LIBS])
+ AC_CHECK_LIB(hogweed, nettle_secp_192r1, enable_non_suiteb=yes, enable_non_suiteb=no, [$HOGWEED_LIBS $NETTLE_LIBS])
if test "$enable_non_suiteb" = "yes";then
AC_DEFINE([ENABLE_NON_SUITEB_CURVES], 1, [Enable all curves])
# We MUST require a Nettle version that has rsa_sec_decrypt now.
save_LIBS=$LIBS
-LIBS="$LIBS $HOGWEED_LIBS"
+LIBS="$LIBS $HOGWEED_LIBS $NETTLE_LIBS"
AC_CHECK_FUNCS(nettle_rsa_sec_decrypt,
[],
[AC_MSG_ERROR([Nettle lacks the required rsa_sec_decrypt function])]
AC_CHECK_FUNCS(nettle_cmac128_update)
LIBS=$save_LIBS
+# Check if nettle has XTS support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_xts_encrypt_message)
+LIBS=$save_LIBS
+
+# Check for Gosthash94 with CryptoPro S-box support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_gosthash94cp_update)
+LIBS=$save_LIBS
+
+# Check for GOST28147
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_gost28147_set_key)
+LIBS=$save_LIBS
+
+# Check for Streebog support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_streebog512_update)
+LIBS=$save_LIBS
+
AC_MSG_CHECKING([whether to build libdane])
AC_ARG_ENABLE(libdane,
AS_HELP_STRING([--disable-libdane],
AC_DEFINE_UNQUOTED([UNBOUND_ROOT_KEY_FILE],
["$unbound_root_key_file"], [The DNSSEC root key file])
+system_config_file="/etc/gnutls/config"
AC_ARG_WITH(system-priority-file, AS_HELP_STRING([--with-system-priority-file],
- [specify the system priority file]),
- system_priority_file="$withval",
-system_priority_file="/etc/gnutls/default-priorities"
+ [specify the system-wide config file (set empty to disable)]),
+ system_config_file="$withval"
)
+AM_CONDITIONAL(DISABLE_SYSTEM_CONFIG, test -z "${system_config_file}")
+
+if test -z "${system_config_file}";then
+ AC_DEFINE([DISABLE_SYSTEM_CONFIG], 1, [Whether to disable system configuration])
+fi
+
AC_DEFINE_UNQUOTED([SYSTEM_PRIORITY_FILE],
- ["$system_priority_file"], [The system priority file])
+ ["$system_config_file"], [The system-wide gnutls configuration file])
AC_ARG_WITH(default-priority-string, AS_HELP_STRING([--with-default-priority-string],
- [specify the default priority string (e.g. @SYSTEM)]),
+ [specify the default priority string used by gnutls_set_default_priority (default is NORMAL)]),
prio_string="$withval",
prio_string="NORMAL")
***
*** p11-kit >= $P11_KIT_MINIMUM was not found. To disable PKCS #11 support
*** use --without-p11-kit, otherwise you may get p11-kit from
-*** http://p11-glue.freedesktop.org/p11-kit.html
+*** https://p11-glue.freedesktop.org/p11-kit.html
*** ]])
fi
fi
*** autogen not found. Will not link against system libopts.
*** ]])
dnl simulate specifying option on the command line
- enable_local_libopts=yes
+ included_libopts=yes
fi
LIBOPTS_CHECK([src/libopts])
if test "$NEED_LIBOPTS_DIR" = "true";then
AM_CONDITIONAL(NEED_LIBOPTS, test "$included_libopts" = "yes")
-AC_CHECK_TYPE(ssize_t,
- [
- DEFINE_SSIZE_T="#include <sys/types.h>"
- AC_SUBST(DEFINE_SSIZE_T)
- ], [
- AC_DEFINE([NO_SSIZE_T], 1, [no ssize_t type was found])
- DEFINE_SSIZE_T="typedef int ssize_t;"
- AC_SUBST(DEFINE_SSIZE_T)
- ], [
- #include <sys/types.h>
- ])
-
# For minitasn1.
AC_CHECK_SIZEOF(unsigned long int, 4)
AC_CHECK_SIZEOF(unsigned int, 4)
["$with_default_trust_store_dir"], [use the given directory as default trust store])
fi
-dnl auto detect http://lists.gnu.org/archive/html/help-gnutls/2012-05/msg00004.html
+dnl auto detect https://lists.gnu.org/archive/html/help-gnutls/2012-05/msg00004.html
AC_ARG_WITH([default-trust-store-file],
[AS_HELP_STRING([--with-default-trust-store-file=FILE],
[use the given file default trust store])], with_default_trust_store_file="$withval",
fi
dnl Guile bindings.
-opt_guile_bindings=yes
AC_MSG_CHECKING([whether building Guile bindings])
AC_ARG_ENABLE(guile,
AS_HELP_STRING([--enable-guile], [build GNU Guile bindings]),
-opt_guile_bindings=$enableval)
+ [opt_guile_bindings=$enableval], [opt_guile_bindings=yes])
AC_MSG_RESULT($opt_guile_bindings)
-AC_ARG_WITH([guile-site-dir],
- [AS_HELP_STRING([--with-guile-site-dir],
- [use the given directory as the Guile site (use with care)])])
+AC_ARG_WITH([guile-site-dir], AS_HELP_STRING([--with-guile-site-dir=DIR],
+ [guile site directory for gnutls, default is guile system settings]),
+ [guilesitedir="${withval}"], [guilesitedir='$(GUILE_SITE)'])
+AC_ARG_WITH([guile-site-ccache-dir], AS_HELP_STRING([--with-guile-site-ccache-dir=DIR],
+ [guile ccache directory for gnutls, default is guile system settings]),
+ [guilesiteccachedir="${withval}"], [guilesiteccachedir='$(GUILE_SITE_CCACHE)'])
+AC_ARG_WITH([guile-extension-dir], AS_HELP_STRING([--with-guile-extension-dir=DIR],
+ [guile extension directory for gnutls, default is guile system settings]),
+ [guileextensiondir="${withval}"], [guileextensiondir='$(GUILE_EXTENSION)'])
+AC_SUBST([guilesitedir])
+AC_SUBST([guilesiteccachedir])
+AC_SUBST([guileextensiondir])
if test "$opt_guile_bindings" = "yes"; then
AC_MSG_RESULT([***
AC_PATH_PROG([GUILD], [guild])
AC_SUBST([GUILD])
+ GUILE_PKG([3.0 2.2 2.0 1.8])
GUILE_PROGS
+ GUILE_SITE_DIR
GUILE_FLAGS
+ # Backward compatibility with <guile-2.2 m4 macro that is used
+ # due to autreconf of several CI machine.
+ # We need to guess the locations of ccache and extension
+ if test -z "${GUILE_SITE_CCACHE}"; then
+ AC_MSG_NOTICE([Found <guile-2.2 m4, macro emulating])
+
+ AC_MSG_CHECKING([for GUILE_SITE_CCACHE via pkg-config])
+ GUILE_SITE_CCACHE=`$PKG_CONFIG --variable=siteccachedir guile-$GUILE_EFFECTIVE_VERSION`
+ AC_MSG_RESULT([${GUILE_SITE_CCACHE}])
+ if test -z "${GUILE_SITE_CCACHE}"; then
+ AC_MSG_CHECKING([for GUILE_SITE_CCACHE via guile])
+ GUILE_SITE_CCACHE=`$GUILE -c "(display (if (defined? '%site-ccache-dir) (%site-ccache-dir) \"\"))"`
+ AC_MSG_RESULT([${GUILE_SITE_CCACHE}])
+ fi
+ AC_SUBST([GUILE_SITE_CCACHE])
+
+ AC_MSG_CHECKING([for GUILE_EXTENSION])
+ GUILE_EXTENSION=`$PKG_CONFIG --print-errors --variable=extensiondir guile-$GUILE_EFFECTIVE_VERSION`
+ AC_MSG_RESULT([${GUILE_EXTENSION}])
+ AC_SUBST([GUILE_EXTENSION])
+ fi
+
save_CFLAGS="$CFLAGS"
save_LIBS="$LIBS"
CFLAGS="$CFLAGS $GUILE_CFLAGS"
CFLAGS="$save_CFLAGS"
LIBS="$save_LIBS"
- AC_MSG_CHECKING([the Guile effective version])
- guile_effective_version="`$GUILE -c '(display (effective-version))'`"
- AC_MSG_RESULT([$guile_effective_version])
-
if test "$opt_guile_bindings" = "yes"; then
AC_MSG_RESULT([yes])
- case "x$with_guile_site_dir" in
- xno)
- # Use the default $(GUILE_SITE).
- GUILE_SITE_DIR
- ;;
- x|xyes)
- # Automatically derive $(GUILE_SITE) from $(pkgdatadir). This
- # hack is used to allow `distcheck' to work (see
- # `DISTCHECK_CONFIGURE_FLAGS' in the top-level `Makefile.am').
- GUILE_SITE="\$(datadir)/guile/site/$guile_effective_version"
- AC_SUBST(GUILE_SITE)
- ;;
- *)
- # Use the user-specified directory as $(GUILE_SITE).
- GUILE_SITE="$with_guile_site_dir"
- AC_SUBST(GUILE_SITE)
- ;;
- esac
AC_MSG_CHECKING([whether gcc supports -fgnu89-inline])
_gcc_cflags_save="$CFLAGS"
CFLAGS="${CFLAGS} -fgnu89-inline"
AC_CHECK_FUNCS([scm_gc_malloc_pointerless])
CFLAGS="$save_CFLAGS"
LIBS="$save_LIBS"
-
- # The place where guile-gnutls.la will go.
- guileextensiondir="$libdir/guile/$guile_effective_version"
- AC_SUBST([guileextensiondir])
-
- # The location of .go files.
- guileobjectdir="$libdir/guile/$guile_effective_version/site-ccache"
- AC_SUBST([guileobjectdir])
else
AC_MSG_RESULT([no])
AC_MSG_WARN([A sufficiently recent GNU Guile not found. Guile bindings not built.])
YEAR=`date +%Y`
AC_SUBST([YEAR], $YEAR)
+dnl configuration options for config file parsing (inih)
+AC_DEFINE([INI_MAX_LINE], 2048, [inih maximum line size])
+AC_DEFINE([INI_ALLOW_INLINE_COMMENTS], 1, [whether to allowin inline comments])
+AC_DEFINE([INI_STOP_ON_FIRST_ERROR], 1, [whether to stop on first error])
+AC_DEFINE_UNQUOTED([INI_INLINE_COMMENT_PREFIXES], [";#"], [The inline comment prefixes])
+AC_DEFINE_UNQUOTED([INI_START_COMMENT_PREFIXES], [";#"], [The comment prefixes])
+
AC_CONFIG_FILES([guile/pre-inst-guile], [chmod +x guile/pre-inst-guile])
AC_CONFIG_FILES([
Makefile
doc/credentials/Makefile
doc/credentials/srp/Makefile
doc/credentials/x509/Makefile
- doc/cyclo/Makefile
doc/doxygen/Doxyfile
doc/examples/Makefile
doc/latex/Makefile
Trust store file: $with_default_trust_store_file
Blacklist file: $with_default_blacklist_file
CRL file: $with_default_crl_file
- Priority file: $system_priority_file
+ Configuration file: $system_config_file
DNSSEC root key file: $unbound_root_key_file
])