1 dnl OpenVPN -- An application to securely tunnel IP networks
2 dnl over a single UDP port, with support for SSL/TLS-based
3 dnl session authentication and key exchange,
4 dnl packet encryption, packet authentication, and
5 dnl packet compression.
7 dnl Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
8 dnl Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
10 dnl This program is free software; you can redistribute it and/or modify
11 dnl it under the terms of the GNU General Public License as published by
12 dnl the Free Software Foundation; either version 2 of the License, or
13 dnl (at your option) any later version.
15 dnl This program is distributed in the hope that it will be useful,
16 dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
17 dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 dnl GNU General Public License for more details.
20 dnl You should have received a copy of the GNU General Public License
21 dnl along with this program (see the file COPYING included with this
22 dnl distribution); if not, write to the Free Software Foundation, Inc.,
23 dnl 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 dnl Process this file with autoconf to produce a configure script.
29 m4_include(version.m4)
30 AC_INIT([PRODUCT_NAME], [PRODUCT_VERSION], [PRODUCT_BUGREPORT], [PRODUCT_TARNAME])
32 AC_DEFINE([OPENVPN_VERSION_RESOURCE], [PRODUCT_VERSION_RESOURCE], [Version in windows resource format])
34 AC_CONFIG_AUX_DIR([.])
35 AC_CONFIG_HEADERS([config.h])
36 AC_CONFIG_SRCDIR([src/openvpn/syshead.h])
37 AC_CONFIG_MACRO_DIR([m4])
40 AC_USE_SYSTEM_EXTENSIONS
44 [AS_HELP_STRING([--disable-lzo], [disable LZO compression support @<:@default=yes@:>@])],
51 [AS_HELP_STRING([--enable-lzo-stub], [don't compile LZO compression support but still allow limited interoperability with LZO-enabled peers @<:@default=no@:>@])],
53 [enable_lzo_stub="no"]
58 [AS_HELP_STRING([--disable-crypto], [disable crypto support @<:@default=yes@:>@])],
65 [AS_HELP_STRING([--enable-ofb-cfb], [enable support for OFB and CFB cipher modes @<:@default=yes@:>@])],
67 [enable_crypto_ofb_cfb="yes"]
72 [AS_HELP_STRING([--disable-ssl], [disable SSL support for TLS-based key exchange @<:@default=yes@:>@])],
79 [AS_HELP_STRING([--enable-x509-alt-username], [enable the --x509-username-field feature @<:@default=no@:>@])],
81 [enable_x509_alt_username="no"]
86 [AS_HELP_STRING([--disable-multi], [disable client/server support (--mode server + client mode) @<:@default=yes@:>@])],
93 [AS_HELP_STRING([--disable-server], [disable server support only (but retain client support) @<:@default=yes@:>@])],
100 [AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
102 [enable_plugins="yes"]
107 [AS_HELP_STRING([--disable-management], [disable management server support @<:@default=yes@:>@])],
109 [enable_management="yes"]
114 [AS_HELP_STRING([--enable-pkcs11], [enable pkcs11 support @<:@default=no@:>@])],
121 [AS_HELP_STRING([--disable-socks], [disable Socks support @<:@default=yes@:>@])],
128 [AS_HELP_STRING([--disable-http-proxy], [disable HTTP proxy support @<:@default=yes@:>@])],
130 [enable_http_proxy="yes"]
135 [AS_HELP_STRING([--disable-fragment], [disable internal fragmentation support (--fragment) @<:@default=yes@:>@])],
137 [enable_fragment="yes"]
142 [AS_HELP_STRING([--disable-multihome], [disable multi-homed UDP server support (--multihome) @<:@default=yes@:>@])],
144 [enable_multihome="yes"]
149 [AS_HELP_STRING([--disable-port-share], [disable TCP server port-share support (--port-share) @<:@default=yes@:>@])],
151 [enable_port_share="yes"]
156 [AS_HELP_STRING([--disable-debug], [disable debugging support (disable gremlin and verb 7+ messages) @<:@default=yes@:>@])],
163 [AS_HELP_STRING([--enable-small], [enable smaller executable size (disable OCC, usage message, and verb 4 parm list) @<:@default=yes@:>@])],
170 [AS_HELP_STRING([--enable-password-save], [allow --askpass and --auth-user-pass passwords to be read from a file @<:@default=yes@:>@])],
172 [enable_password_save="no"]
177 [AS_HELP_STRING([--enable-iproute2], [enable support for iproute2 @<:@default=no@:>@])],
179 [enable_iproute2="no"]
184 [AS_HELP_STRING([--disable-def-auth], [disable deferred authentication @<:@default=yes@:>@])],
186 [enable_def_auth="yes"]
191 [AS_HELP_STRING([--disable-pf], [disable internal packet filter @<:@default=yes@:>@])],
198 [AS_HELP_STRING([--disable-plugin-auth-pam], [disable auth-pam plugin @<:@default=platform specific@:>@])],
202 *-*-openbsd*) enable_plugin_auth_pam="no";;
203 *-mingw*) enable_plugin_auth_pam="no";;
204 *) enable_plugin_auth_pam="yes";;
211 [AS_HELP_STRING([--disable-plugin-down-root], [disable down-root plugin @<:@default=platform specific@:>@])],
215 *-mingw*) enable_plugin_down_root="no";;
216 *) enable_plugin_down_root="yes";;
223 [AS_HELP_STRING([--enable-pam-dlopen], [dlopen libpam @<:@default=no@:>@])],
225 [enable_pam_dlopen="no"]
230 [AS_HELP_STRING([--enable-strict], [enable strict compiler warnings (debugging option) @<:@default=no@:>@])],
237 [AS_HELP_STRING([--enable-pedantic], [enable pedantic compiler warnings, will not generate a working executable (debugging option) @<:@default=no@:>@])],
239 [enable_pedantic="no"]
244 [AS_HELP_STRING([--enable-strict-options], [enable strict options check between peers (debugging option) @<:@default=no@:>@])],
246 [enable_strict_options="no"]
251 [AS_HELP_STRING([--enable-selinux], [enable SELinux support @<:@default=no@:>@])],
253 [enable_selinux="no"]
258 [AS_HELP_STRING([--enable-systemd], [enable systemd suppport @<:@default=no@:>@])],
260 [enable_systemd="no"]
265 [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
266 [test -n "${withval}" && AC_DEFINE_UNQUOTED([CONFIGURE_SPECIAL_BUILD], ["${withval}"], [special build string])]
271 [AS_HELP_STRING([--with-mem-check=TYPE], [build with debug memory checking, TYPE=no|dmalloc|valgrind|ssl @<:@default=no@:>@])],
274 dmalloc|valgrind|ssl|no) ;;
275 *) AC_MSG_ERROR([bad value ${withval} for --mem-check]) ;;
278 [with_mem_check="no"]
283 [AS_HELP_STRING([--with-crypto-library=library], [build with the given crypto library, TYPE=openssl|polarssl @<:@default=openssl@:>@])],
287 *) AC_MSG_ERROR([bad value ${withval} for --with-crypto-library]) ;;
290 [with_crypto_library="openssl"]
295 [AS_HELP_STRING([--with-plugindir], [plugin directory @<:@default=LIBDIR/openvpn@:>@])],
297 [with_plugindir="\$(libdir)/openvpn/plugins"]
301 AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
304 AC_DEFINE([TARGET_LINUX], [1], [Are we running on Linux?])
305 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix])
308 AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?])
309 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["S"], [Target prefix])
312 AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
313 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["O"], [Target prefix])
316 AC_DEFINE([TARGET_FREEBSD], [1], [Are we running on FreeBSD?])
317 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["F"], [Target prefix])
320 AC_DEFINE([TARGET_NETBSD], [1], [Are we running NetBSD?])
321 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["N"], [Target prefix])
324 AC_DEFINE([TARGET_DARWIN], [1], [Are we running on Mac OS X?])
325 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["M"], [Target prefix])
326 have_tap_header="yes"
327 dnl some Mac OS X tendering (we use vararg macros...)
328 CPPFLAGS="$CPPFLAGS -no-cpp-precomp"
331 AC_DEFINE([TARGET_WIN32], [1], [Are we running WIN32?])
332 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["W"], [Target prefix])
333 CPPFLAGS="${CPPFLAGS} -DWIN32_LEAN_AND_MEAN"
334 CPPFLAGS="${CPPFLAGS} -DNTDDI_VERSION=NTDDI_WINXP -D_WIN32_WINNT=_WIN32_WINNT_WINXP"
338 AC_DEFINE([TARGET_DRAGONFLY], [1], [Are we running on DragonFlyBSD?])
339 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["D"], [Target prefix])
342 AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
343 have_tap_header="yes"
354 AC_ARG_VAR([IFCONFIG], [full path to ipconfig utility])
355 AC_ARG_VAR([ROUTE], [full path to route utility])
356 AC_ARG_VAR([IPROUTE], [full path to ip utility])
357 AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
358 AC_ARG_VAR([MAN2HTML], [path to man2html utility])
359 AC_ARG_VAR([GIT], [path to git utility])
360 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
361 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
362 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
363 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
364 AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin])
365 AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests
366 AC_CHECK_PROGS([MAN2HTML], [man2html])
367 AC_CHECK_PROGS([GIT], [git]) # optional
368 AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool])
369 AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool])
370 AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool])
371 AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool])
380 LT_LANG([Windows Resource])
405 AX_CPP_VARARG_MACRO_ISO
406 AX_CPP_VARARG_MACRO_GCC
409 AC_CHECK_SIZEOF([unsigned int])
410 AC_CHECK_SIZEOF([unsigned long])
412 stdio.h stdarg.h stdbool.h limits.h \
413 time.h errno.h fcntl.h io.h direct.h \
414 ctype.h sys/types.h sys/socket.h \
415 signal.h unistd.h dlfcn.h \
416 netinet/in.h netinet/in_systm.h \
417 netinet/tcp.h arpa/inet.h netdb.h \
418 windows.h winsock2.h ws2tcpip.h \
421 sys/time.h sys/ioctl.h sys/stat.h \
422 sys/mman.h sys/file.h sys/wait.h \
423 unistd.h signal.h libgen.h stropts.h \
424 syslog.h pwd.h grp.h \
425 sys/sockio.h sys/uio.h linux/sockios.h \
426 linux/types.h sys/poll.h sys/epoll.h err.h \
433 #ifdef HAVE_SYS_TYPES_H
434 #include <sys/types.h>
436 #ifdef HAVE_SYS_SOCKET_H
437 #include <sys/socket.h>
439 #ifdef HAVE_NETINET_IN_H
440 #include <netinet/in.h>
442 #ifdef HAVE_WINDOWS_H
445 #ifdef HAVE_WINSOCK2_H
446 #include <winsock2.h>
448 #ifdef HAVE_WS2TCPIP_H
449 #include <ws2tcpip.h>
451 #ifdef HAVE_NETINET_IN_SYSTM_H
452 #include <netinet/in_systm.h>
454 #ifdef HAVE_NETINET_IP_H
455 #include <netinet/ip.h>
460 [net/if.h netinet/ip.h netinet/if_ether.h resolv.h sys/un.h net/if_utun.h sys/kern_control.h],
463 [[${SOCKET_INCLUDES}]]
469 [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])],
470 [[${SOCKET_INCLUDES}]]
474 [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])],
476 [[${SOCKET_INCLUDES}]]
479 [struct sock_extended_err],
480 [AC_DEFINE([HAVE_SOCK_EXTENDED_ERR], [1], [struct sock_extended_err needed for extended socket error support])],
482 [[${SOCKET_INCLUDES}]]
486 [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])],
488 [[${SOCKET_INCLUDES}]]
492 [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])],
494 [[${SOCKET_INCLUDES}]]
498 [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])],
500 [[${SOCKET_INCLUDES}]]
503 [struct sockaddr_in6],
505 [AC_MSG_ERROR([struct sockaddr_in6 not found, needed for ipv6 transport support.])],
506 [[${SOCKET_INCLUDES}]]
512 [[${SOCKET_INCLUDES}]]
515 dnl We emulate signals in Windows
519 [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])],
529 [AC_DEFINE([SIGINT], [2], [SIGINT replacement])],
539 [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])],
549 [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])],
559 [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])],
570 daemon chroot getpwnam setuid nice system getpid dup dup2 \
571 getpass strerror syslog openlog mlockall getgrnam setgid \
572 setgroups stat flock readv writev time gettimeofday \
573 ctime memset vsnprintf strdup \
574 setsid chdir putenv getpeername unlink \
575 chsize ftruncate execve getpeereid umask basename dirname access \
589 [SOCKETS_LIBS="${SOCKETS_LIBS} -lnsl"]
594 [SOCKETS_LIBS="${SOCKETS_LIBS} -lsocket"]
599 [SOCKETS_LIBS="${SOCKETS_LIBS} -lresolv"]
601 AC_SUBST([SOCKETS_LIBS])
604 LIBS="${LIBS} ${SOCKETS_LIBS}"
605 AC_CHECK_FUNCS([sendmsg recvmsg inet_ntop inet_pton])
610 [[#include <resolv.h>]]
612 # Windows use stdcall for winsock so we cannot auto detect these
615 [socket recv recvfrom send sendto listen dnl
616 accept connect bind select gethostbyname inet_ntoa]dnl
620 [setsockopt getsockopt getsockname poll]dnl
622 if test "${WIN32}" = "yes"; then
625 m4_split(SOCKET_FUNCS SOCKET_OPT_FUNCS),
626 m4_define([UF], [[m4_join([_], [HAVE], m4_toupper(F))]])
627 AC_DEFINE([UF], [1], [Win32 builtin])
633 [AC_MSG_ERROR([Required library function not found])]
635 AC_CHECK_FUNCS(SOCKET_OPT_FUNCS)
639 AC_ARG_VAR([TAP_CFLAGS], [C compiler flags for tap])
640 old_CFLAGS="${CFLAGS}"
641 CFLAGS="${CFLAGS} ${TAP_CFLAGS}"
644 net/if_tun.h net/tun/if_tun.h \
648 [have_tap_header="yes"]
652 [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])],
655 #ifdef HAVE_LINUX_IF_TUN_H
656 #include <linux/if_tun.h>
660 CFLAGS="${old_CFLAGS}"
661 test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found])
666 [SELINUX_LIBS="-lselinux"]
668 AC_SUBST([SELINUX_LIBS])
670 AC_ARG_VAR([LIBPAM_CFLAGS], [C compiler flags for libpam])
671 AC_ARG_VAR([LIBPAM_LIBS], [linker flags for libpam])
672 if test -z "${LIBPAM_LIBS}"; then
676 [LIBPAM_LIBS="-lpam"]
680 case "${with_mem_check}" in
683 [valgrind/memcheck.h],
685 CFLAGS="${CFLAGS} -g -fno-inline"
689 [Use valgrind memory debugging library]
692 [AC_MSG_ERROR([valgrind headers not found.])]
702 LIBS="${LIBS} -ldmalloc"
706 [Use dmalloc memory debugging library]
709 [AC_MSG_ERROR([dmalloc library not found.])]
711 [AC_MSG_ERROR([dmalloc headers not found.])]
722 [Use memory debugging function in OpenSSL]
724 AC_MSG_NOTICE([NOTE: OpenSSL library must be compiled with CRYPTO_MDEBUG])
726 [AC_MSG_ERROR([Memory Debugging function in OpenSSL library not found.])]
733 [libpkcs11-helper-1 >= 1.11],
734 [have_pkcs11_helper="yes"],
740 [libcrypto >= 0.9.6],
741 [have_openssl_crypto="yes"],
746 have_openssl_crypto="yes"
747 OPENSSL_CRYPTO_LIBS="-lcrypto"
755 [have_openssl_ssl="yes"],
760 have_openssl_ssl="yes"
761 OPENSSL_SSL_LIBS="-lssl"
768 if test "${have_openssl_crypto}" = "yes"; then
769 saved_CFLAGS="${CFLAGS}"
771 CFLAGS="${CFLAGS} ${OPENSSL_CRYPTO_CFLAGS}"
772 LIBS="${LIBS} ${OPENSSL_CRYPTO_LIBS}"
773 AC_CHECK_FUNCS([EVP_CIPHER_CTX_set_key_length])
774 have_openssl_engine="yes"
777 ENGINE_load_builtin_engines \
778 ENGINE_register_all_complete \
782 [have_openssl_engine="no"; break]
785 CFLAGS="${saved_CFLAGS}"
789 AC_ARG_VAR([POLARSSL_CFLAGS], [C compiler flags for polarssl])
790 AC_ARG_VAR([POLARSSL_LIBS], [linker flags for polarssl])
791 have_polarssl_ssl="yes"
792 have_polarssl_crypto="yes"
793 if test -z "${POLARSSL_LIBS}"; then
797 [POLARSSL_LIBS="-lpolarssl"],
799 have_polarssl_ssl="no"
804 [have_polarssl_crypto="no"],
805 [${PKCS11_HELPER_LIBS}]
808 [${PKCS11_HELPER_LIBS}]
812 if test "${with_crypto_library}" = "polarssl" ; then
813 AC_MSG_CHECKING([polarssl version])
814 old_CFLAGS="${CFLAGS}"
815 CFLAGS="${POLARSSL_CFLAGS} ${CFLAGS}"
819 #include <polarssl/version.h>
822 #if POLARSSL_VERSION_NUMBER < 0x01020A00 || POLARSSL_VERSION_NUMBER >= 0x01030000
823 #error invalid version
827 [AC_MSG_RESULT([ok])],
828 [AC_MSG_ERROR([PolarSSL 1.2.x required and must be 1.2.10 or later])]
831 polarssl_with_pkcs11="no"
835 #include <polarssl/config.h>
838 #ifndef POLARSSL_PKCS11_C
839 #error pkcs11 wrapper missing
843 polarssl_with_pkcs11="yes")
844 CFLAGS="${old_CFLAGS}"
846 AC_MSG_CHECKING([polarssl pkcs11 support])
847 if test "${enable_pkcs11}" = "yes"; then
848 if test "${polarssl_with_pkcs11}" = "yes"; then
851 AC_MSG_ERROR([polarssl has no pkcs11 wrapper compiled in])
854 if test "${polarssl_with_pkcs11}" != "yes"; then
857 AC_MSG_ERROR([PolarSSL compiled with PKCS11, while OpenVPN is not])
863 AC_ARG_VAR([LZO_CFLAGS], [C compiler flags for lzo])
864 AC_ARG_VAR([LZO_LIBS], [linker flags for lzo])
866 if test -z "${LZO_LIBS}"; then
869 [lzo1x_1_15_compress],
873 [lzo1x_1_15_compress],
879 if test "${have_lzo}" = "yes"; then
880 saved_CFLAGS="${CFLAGS}"
881 CFLAGS="${CFLAGS} ${LZO_CFLAGS}"
888 [AC_MSG_ERROR([lzoutil.h is missing])]
897 [AC_MSG_ERROR([lzo1x.h is missing])]
900 CFLAGS="${saved_CFLAGS}"
905 dnl Check for systemd
908 if test "$enable_systemd" = "yes" ; then
909 PKG_CHECK_MODULES([libsystemd], [systemd libsystemd],
911 [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
913 AC_CHECK_HEADERS(systemd/sd-daemon.h,
916 AC_MSG_ERROR([systemd development headers not found.])
920 LIBS="${LIBS} ${libsystemd_LIBS}"
921 AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])])
922 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
923 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
928 AC_MSG_CHECKING([git checkout])
930 if test -n "${GIT}" -a -d "${srcdir}/.git"; then
931 AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h])
934 AC_MSG_RESULT([${GIT_CHECKOUT}])
936 if test -n "${SP_PLATFORM_WINDOWS}"; then
937 AC_DEFINE_UNQUOTED([PATH_SEPARATOR], ['\\\\'], [Path separator]) #"
938 AC_DEFINE_UNQUOTED([PATH_SEPARATOR_STR], ["\\\\"], [Path separator]) #"
940 AC_DEFINE_UNQUOTED([PATH_SEPARATOR], ['/'], [Path separator])
941 AC_DEFINE_UNQUOTED([PATH_SEPARATOR_STR], ["/"], [Path separator])
944 dnl enable --x509-username-field feature if requested
945 if test "${enable_x509_alt_username}" = "yes"; then
946 if test "${with_crypto_library}" = "polarssl" ; then
947 AC_MSG_ERROR([PolarSSL does not support the --x509-username-field feature])
950 AC_DEFINE([ENABLE_X509ALTUSERNAME], [1], [Enable --x509-username-field feature])
953 test "${ac_cv_header_sys_uio_h}" = "yes" && AC_DEFINE([HAVE_IOVEC], [1], [struct iovec needed for IPv6 support])
954 test "${enable_multi}" = "yes" && AC_DEFINE([ENABLE_CLIENT_SERVER], [1], [Enable client/server capability])
955 test "${enable_server}" = "no" && AC_DEFINE([ENABLE_CLIENT_ONLY], [1], [Enable client capability only])
956 test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
957 test "${enable_socks}" = "yes" && AC_DEFINE([ENABLE_SOCKS], [1], [Enable Socks proxy support])
958 test "${enable_http_proxy}" = "yes" && AC_DEFINE([ENABLE_HTTP_PROXY], [1], [Enable HTTP proxy support])
959 test "${enable_multihome}" = "yes" && AC_DEFINE([ENABLE_MULTIHOME], [1], [Enable multi-homed UDP server capability])
960 test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
961 test "${enable_small}" = "yes" && AC_DEFINE([ENABLE_SMALL], [1], [Enable smaller executable size])
962 test "${enable_fragment}" = "yes" && AC_DEFINE([ENABLE_FRAGMENT], [1], [Enable internal fragmentation support])
963 test "${enable_port_share}" = "yes" && AC_DEFINE([ENABLE_PORT_SHARE], [1], [Enable TCP Server port sharing])
964 test "${enable_def_auth}" = "yes" && AC_DEFINE([ENABLE_DEF_AUTH], [1], [Enable deferred authentication])
965 test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal packet filter])
966 test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers])
967 test "${enable_password_save}" = "yes" && AC_DEFINE([ENABLE_PASSWORD_SAVE], [1], [Allow --askpass and --auth-user-pass passwords to be read from a file])
969 case "${with_crypto_library}" in
971 have_crypto_crypto="${have_openssl_crypto}"
972 have_crypto_ssl="${have_openssl_ssl}"
973 CRYPTO_CRYPTO_CFLAGS="${OPENSSL_CRYPTO_CFLAGS}"
974 CRYPTO_CRYPTO_LIBS="${OPENSSL_CRYPTO_LIBS}"
975 CRYPTO_SSL_CFLAGS="${OPENSSL_SSL_CFLAGS}"
976 CRYPTO_SSL_LIBS="${OPENSSL_SSL_LIBS}"
977 AC_DEFINE([ENABLE_CRYPTO_OPENSSL], [1], [Use OpenSSL library])
978 test "${have_openssl_engine}" = "yes" && AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [Use crypto library])
981 have_crypto_crypto="${have_polarssl_crypto}"
982 have_crypto_ssl="${have_polarssl_ssl}"
983 CRYPTO_CRYPTO_CFLAGS="${POLARSSL_CFLAGS}"
984 CRYPTO_CRYPTO_LIBS="${POLARSSL_LIBS}"
985 AC_DEFINE([ENABLE_CRYPTO_POLARSSL], [1], [Use PolarSSL library])
989 if test "${enable_ssl}" = "yes"; then
990 test "${enable_crypto}" != "yes" && AC_MSG_ERROR([crypto must be enabled for ssl])
991 test "${have_crypto_ssl}" != "yes" && AC_MSG_ERROR([${with_ssl_library} ssl is required but missing])
992 OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_SSL_CFLAGS}"
993 OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_SSL_LIBS}"
994 AC_DEFINE([ENABLE_SSL], [1], [Enable ssl library])
997 if test "${enable_crypto}" = "yes"; then
998 test "${have_crypto_crypto}" != "yes" && AC_MSG_ERROR([${with_crypto_library} crypto is required but missing])
999 test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
1000 OPTIONAL_CRYPTO_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${CRYPTO_CRYPTO_CFLAGS}"
1001 OPTIONAL_CRYPTO_LIBS="${OPTIONAL_CRYPTO_LIBS} ${CRYPTO_CRYPTO_LIBS}"
1002 AC_DEFINE([ENABLE_CRYPTO], [1], [Enable crypto library])
1005 if test "${enable_plugins}" = "yes"; then
1006 OPTIONAL_DL_LIBS="${DL_LIBS}"
1007 AC_DEFINE([ENABLE_PLUGIN], [1], [Enable plug-in support])
1009 enable_plugin_auth_pam="no"
1010 enable_plugin_down_root="no"
1013 if test "${enable_iproute2}" = "yes"; then
1014 test -z "${IPROUTE}" && AC_MSG_ERROR([ip utility is required but missing])
1015 AC_DEFINE([ENABLE_IPROUTE], [1], [enable iproute2 support])
1017 if test "${WIN32}" != "yes"; then
1018 test -z "${ROUTE}" && AC_MSG_ERROR([route utility is required but missing])
1019 test -z "${IFCONFIG}" && AC_MSG_ERROR([ifconfig utility is required but missing])
1023 if test "${enable_selinux}" = "yes"; then
1024 test -z "${SELINUX_LIBS}" && AC_MSG_ERROR([libselinux required but missing])
1025 OPTIONAL_SELINUX_LIBS="${SELINUX_LIBS}"
1026 AC_DEFINE([ENABLE_SELINUX], [1], [SELinux support])
1029 if test "${enable_lzo}" = "yes"; then
1030 test "${have_lzo}" != "yes" && AC_MSG_ERROR([lzo enabled but missing])
1031 OPTIONAL_LZO_CFLAGS="${LZO_CFLAGS}"
1032 OPTIONAL_LZO_LIBS="${LZO_LIBS}"
1033 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1035 if test "${enable_lzo_stub}" = "yes"; then
1036 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both lzo stub and lzo enabled])
1037 AC_DEFINE([ENABLE_LZO_STUB], [1], [Enable LZO stub capability])
1038 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library])
1041 if test "${enable_pkcs11}" = "yes"; then
1042 test "${have_pkcs11_helper}" != "yes" && AC_MSG_ERROR([PKCS11 enabled but libpkcs11-helper is missing])
1043 test "${enable_ssl}" != "yes" && AC_MSG_ERROR([PKCS11 can be enabled only if SSL is enabled])
1044 OPTIONAL_PKCS11_HELPER_CFLAGS="${PKCS11_HELPER_CFLAGS}"
1045 OPTIONAL_PKCS11_HELPER_LIBS="${PKCS11_HELPER_LIBS}"
1046 AC_DEFINE([ENABLE_PKCS11], [1], [Enable PKCS11])
1049 if test "${enable_pedantic}" = "yes"; then
1051 CFLAGS="${CFLAGS} -pedantic"
1052 test "${WIN32}" != "yes" && CFLAGS="${CFLAGS} -ansi"
1054 if test "${enable_strict}" = "yes"; then
1055 CFLAGS="${CFLAGS} -Wall -Wno-unused-parameter -Wno-unused-function"
1058 if test "${WIN32}" = "yes"; then
1059 test -z "${MAN2HTML}" && AC_MSG_ERROR([man2html is required for win32])
1062 if test "${enable_plugin_auth_pam}" = "yes"; then
1063 PLUGIN_AUTH_PAM_CFLAGS="${LIBPAM_CFLAGS}"
1064 if test "${enable_pam_dlopen}" = "yes"; then
1065 AC_DEFINE([USE_PAM_DLOPEN], [1], [dlopen libpam])
1066 PLUGIN_AUTH_PAM_LIBS="${DL_LIBS}"
1068 test -z "${LIBPAM_LIBS}" && AC_MSG_ERROR([libpam required but missing])
1069 PLUGIN_AUTH_PAM_LIBS="${LIBPAM_LIBS}"
1073 CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
1074 AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
1076 TAP_WIN_COMPONENT_ID="PRODUCT_TAP_WIN_COMPONENT_ID"
1077 TAP_WIN_MIN_MAJOR="PRODUCT_TAP_WIN_MIN_MAJOR"
1078 TAP_WIN_MIN_MINOR="PRODUCT_TAP_WIN_MIN_MINOR"
1079 AC_DEFINE_UNQUOTED([TAP_WIN_COMPONENT_ID], ["${TAP_WIN_COMPONENT_ID}"], [The tap-windows id])
1080 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MAJOR], [${TAP_WIN_MIN_MAJOR}], [The tap-windows version number is required for OpenVPN])
1081 AC_DEFINE_UNQUOTED([TAP_WIN_MIN_MINOR], [${TAP_WIN_MIN_MINOR}], [The tap-windows version number is required for OpenVPN])
1082 AC_SUBST([TAP_WIN_COMPONENT_ID])
1083 AC_SUBST([TAP_WIN_MIN_MAJOR])
1084 AC_SUBST([TAP_WIN_MIN_MINOR])
1086 AC_SUBST([OPTIONAL_DL_LIBS])
1087 AC_SUBST([OPTIONAL_SELINUX_LIBS])
1088 AC_SUBST([OPTIONAL_CRYPTO_CFLAGS])
1089 AC_SUBST([OPTIONAL_CRYPTO_LIBS])
1090 AC_SUBST([OPTIONAL_LZO_CFLAGS])
1091 AC_SUBST([OPTIONAL_LZO_LIBS])
1092 AC_SUBST([OPTIONAL_SYSTEMD_LIBS])
1093 AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS])
1094 AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS])
1096 AC_SUBST([PLUGIN_AUTH_PAM_CFLAGS])
1097 AC_SUBST([PLUGIN_AUTH_PAM_LIBS])
1099 AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"])
1100 AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"])
1101 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "yes"])
1102 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
1104 plugindir="${with_plugindir}"
1105 sampledir="\$(docdir)/sample"
1106 AC_SUBST([plugindir])
1107 AC_SUBST([sampledir])
1114 build/msvc/msvc-generate/Makefile
1117 distro/rpm/openvpn.spec
1121 src/openvpn/Makefile
1122 src/openvpnserv/Makefile
1123 src/plugins/Makefile
1124 src/plugins/auth-pam/Makefile
1125 src/plugins/down-root/Makefile
1130 AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])