1 dnl Copyright (c) 2001-2004, Roger Dingledine
2 dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
3 dnl Copyright (c) 2007-2015, The Tor Project, Inc.
4 dnl See LICENSE for licensing information
7 AC_INIT([tor],[0.2.9.15-dev])
8 AC_CONFIG_SRCDIR([src/or/main.c])
9 AC_CONFIG_MACRO_DIR([m4])
11 # "foreign" means we don't follow GNU package layout standards
12 # "1.11" means we require automake version 1.11 or newer
13 # "subdir-objects" means put .o files in the same directory as the .c files
14 AM_INIT_AUTOMAKE([foreign 1.11 subdir-objects])
16 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
17 AC_CONFIG_HEADERS([orconfig.h])
19 AC_USE_SYSTEM_EXTENSIONS
24 if test -f "/etc/redhat-release"; then
25 if test -f "/usr/kerberos/include"; then
26 CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include"
30 # Not a no-op; we want to make sure that CPPFLAGS is set before we use
31 # the += operator on it in src/or/Makefile.am
32 CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common"
34 AC_ARG_ENABLE(openbsd-malloc,
35 AS_HELP_STRING(--enable-openbsd-malloc, [use malloc code from OpenBSD. Linux only]))
36 AC_ARG_ENABLE(static-openssl,
37 AS_HELP_STRING(--enable-static-openssl, [link against a static openssl library. Requires --with-openssl-dir]))
38 AC_ARG_ENABLE(static-libevent,
39 AS_HELP_STRING(--enable-static-libevent, [link against a static libevent library. Requires --with-libevent-dir]))
40 AC_ARG_ENABLE(static-zlib,
41 AS_HELP_STRING(--enable-static-zlib, [link against a static zlib library. Requires --with-zlib-dir]))
42 AC_ARG_ENABLE(static-tor,
43 AS_HELP_STRING(--enable-static-tor, [create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir]))
44 AC_ARG_ENABLE(unittests,
45 AS_HELP_STRING(--disable-unittests, [don't build unit tests for Tor. Risky!]))
46 AC_ARG_ENABLE(coverage,
47 AS_HELP_STRING(--enable-coverage, [enable coverage support in the unit-test build]))
48 AC_ARG_ENABLE(asserts-in-tests,
49 AS_HELP_STRING(--disable-asserts-in-tests, [disable tor_assert() calls in the unit tests, for branch coverage]))
50 AC_ARG_ENABLE(system-torrc,
51 AS_HELP_STRING(--disable-system-torrc, [don't look for a system-wide torrc file]))
53 if test "x$enable_coverage" != "xyes" -a "x$enable_asserts_in_tests" = "xno" ; then
54 AC_MSG_ERROR([Can't disable assertions outside of coverage build])
57 AM_CONDITIONAL(UNITTESTS_ENABLED, test "x$enable_unittests" != "xno")
58 AM_CONDITIONAL(COVERAGE_ENABLED, test "x$enable_coverage" = "xyes")
59 AM_CONDITIONAL(DISABLE_ASSERTS_IN_UNIT_TESTS, test "x$enable_asserts_in_tests" = "xno")
61 if test "$enable_static_tor" = "yes"; then
62 enable_static_libevent="yes";
63 enable_static_openssl="yes";
64 enable_static_zlib="yes";
65 CFLAGS="$CFLAGS -static"
68 if test "$enable_system_torrc" = "no"; then
69 AC_DEFINE(DISABLE_SYSTEM_TORRC, 1,
70 [Defined if we're not going to look for a torrc in SYSCONF])
73 AM_CONDITIONAL(USE_OPENBSD_MALLOC, test "x$enable_openbsd_malloc" = "xyes")
75 AC_ARG_ENABLE(asciidoc,
76 AS_HELP_STRING(--disable-asciidoc, [don't use asciidoc (disables building of manpages)]),
77 [case "${enableval}" in
78 "yes") asciidoc=true ;;
79 "no") asciidoc=false ;;
80 *) AC_MSG_ERROR(bad value for --disable-asciidoc) ;;
81 esac], [asciidoc=true])
83 # systemd notify support
84 AC_ARG_ENABLE(systemd,
85 AS_HELP_STRING(--enable-systemd, [enable systemd notification support]),
86 [case "${enableval}" in
87 "yes") systemd=true ;;
88 "no") systemd=false ;;
89 * ) AC_MSG_ERROR(bad value for --enable-systemd) ;;
90 esac], [systemd=auto])
95 if test "x$enable_systemd" = "xno"; then
98 PKG_CHECK_MODULES(SYSTEMD,
102 if test "x$have_systemd" = "xno"; then
103 AC_MSG_NOTICE([Okay, checking for systemd a different way...])
104 PKG_CHECK_MODULES(SYSTEMD,
111 if test "x$have_systemd" = "xyes"; then
112 AC_DEFINE(HAVE_SYSTEMD,1,[Have systemd])
113 TOR_SYSTEMD_CFLAGS="${SYSTEMD_CFLAGS}"
114 TOR_SYSTEMD_LIBS="${SYSTEMD_LIBS}"
115 PKG_CHECK_MODULES(LIBSYSTEMD209, [libsystemd >= 209],
116 [AC_DEFINE(HAVE_SYSTEMD_209,1,[Have systemd v209 or more])], [])
118 AC_SUBST(TOR_SYSTEMD_CFLAGS)
119 AC_SUBST(TOR_SYSTEMD_LIBS)
121 if test "x$enable_systemd" = "xyes" -a "x$have_systemd" != "xyes" ; then
122 AC_MSG_ERROR([Explicitly requested systemd support, but systemd not found])
127 AC_DEFINE(_REENTRANT, 1, [Define on some platforms to activate x_r() functions in time.h])
131 AC_ARG_ENABLE(gcc-warnings,
132 AS_HELP_STRING(--enable-gcc-warnings, [deprecated alias for enable-fatal-warnings]))
133 AC_ARG_ENABLE(fatal-warnings,
134 AS_HELP_STRING(--enable-fatal-warnings, [tell the compiler to treat all warnings as errors.]))
135 AC_ARG_ENABLE(gcc-warnings-advisory,
136 AS_HELP_STRING(--disable-gcc-warnings-advisory, [disable the regular verbose warnings]))
138 dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
139 AC_ARG_ENABLE(gcc-hardening,
140 AS_HELP_STRING(--disable-gcc-hardening, [disable compiler security checks]))
142 AC_ARG_ENABLE(expensive-hardening,
143 AS_HELP_STRING(--enable-expensive-hardening, [enable more expensive compiler hardening; makes Tor slower]))
145 dnl Linker hardening options
146 dnl Currently these options are ELF specific - you can't use this with MacOSX
147 AC_ARG_ENABLE(linker-hardening,
148 AS_HELP_STRING(--disable-linker-hardening, [disable linker security fixups]))
150 AC_ARG_ENABLE(local-appdata,
151 AS_HELP_STRING(--enable-local-appdata, [default to host local application data paths on Windows]))
152 if test "$enable_local_appdata" = "yes"; then
153 AC_DEFINE(ENABLE_LOCAL_APPDATA, 1,
154 [Defined if we default to host local appdata paths on Windows])
158 AC_ARG_ENABLE(tor2web-mode,
159 AS_HELP_STRING(--enable-tor2web-mode, [support tor2web non-anonymous mode]),
160 [if test "x$enableval" = "xyes"; then
161 CFLAGS="$CFLAGS -D ENABLE_TOR2WEB_MODE=1"
164 AC_ARG_ENABLE(tool-name-check,
165 AS_HELP_STRING(--disable-tool-name-check, [check for sanely named toolchain when cross-compiling]))
167 AC_ARG_ENABLE(seccomp,
168 AS_HELP_STRING(--disable-seccomp, [do not attempt to use libseccomp]))
170 AC_ARG_ENABLE(libscrypt,
171 AS_HELP_STRING(--disable-libscrypt, [do not attempt to use libscrypt]))
173 dnl check for the correct "ar" when cross-compiling
174 AN_MAKEVAR([AR], [AC_PROG_AR])
175 AN_PROGRAM([ar], [AC_PROG_AR])
176 AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])])
179 dnl Check whether the above macro has settled for a simply named tool even
180 dnl though we're cross compiling. We must do this before running AC_PROG_CC,
181 dnl because that will find any cc on the system, not only the cross-compiler,
182 dnl and then verify that a binary built with this compiler runs on the
183 dnl build system. It will then come to the false conclusion that we're not
185 if test "x$enable_tool_name_check" != "xno"; then
186 if test "x$ac_tool_warned" = "xyes"; then
187 AC_MSG_ERROR([We are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
188 elif test "x$ac_ct_AR" != "x" -a "x$cross_compiling" = "xmaybe"; then
189 AC_MSG_ERROR([We think we are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
198 AC_PATH_PROG([PERL], [perl])
200 dnl autoconf 2.59 appears not to support AC_PROG_SED
201 AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
203 dnl check for asciidoc and a2x
204 AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
205 AC_PATH_PROGS([A2X], [a2x a2x.py], none)
207 AM_CONDITIONAL(USE_ASCIIDOC, test "x$asciidoc" = "xtrue")
209 AM_CONDITIONAL(USE_FW_HELPER, test "x$natpmp" = "xtrue" || test "x$upnp" = "xtrue")
210 AM_CONDITIONAL(NAT_PMP, test "x$natpmp" = "xtrue")
211 AM_CONDITIONAL(MINIUPNPC, test "x$upnp" = "xtrue")
215 AC_ARG_VAR([PYTHON], [path to Python binary])
216 AC_CHECK_PROGS(PYTHON, [ \
218 python3.8 python3.7 python3.6 python3.5 python3.4 \
221 if test "x$PYTHON" = "x"; then
222 AC_MSG_WARN([Python unavailable; some tests will not be run.])
224 AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"])
226 ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
227 AC_C_FLEXIBLE_ARRAY_MEMBER
229 dnl Maybe we've got an old autoconf...
230 AC_CACHE_CHECK([for flexible array members],
234 struct abc { int a; char b[]; };
236 struct abc *def = malloc(sizeof(struct abc)+sizeof(char));
239 [tor_cv_c_flexarray=yes],
240 [tor_cv_c_flexarray=no])])
241 if test "$tor_cv_flexarray" = "yes"; then
242 AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
244 AC_DEFINE([FLEXIBLE_ARRAY_MEMBER], [1], [Define to nothing if C supports flexible array members, and to 1 if it does not.])
248 AC_CACHE_CHECK([for working C99 mid-block declaration syntax],
251 [AC_LANG_PROGRAM([], [int x; x = 3; int y; y = 4 + x;])],
252 [tor_cv_c_c99_decl=yes],
253 [tor_cv_c_c99_decl=no] )])
254 if test "$tor_cv_c_c99_decl" != "yes"; then
255 AC_MSG_ERROR([Your compiler doesn't support c99 mid-block declarations. This is required as of Tor 0.2.6.x])
258 AC_CACHE_CHECK([for working C99 designated initializers],
259 tor_cv_c_c99_designated_init,
261 [AC_LANG_PROGRAM([struct s { int a; int b; };],
262 [[ struct s ss = { .b = 5, .a = 6 }; ]])],
263 [tor_cv_c_c99_designated_init=yes],
264 [tor_cv_c_c99_designated_init=no] )])
266 if test "$tor_cv_c_c99_designated_init" != "yes"; then
267 AC_MSG_ERROR([Your compiler doesn't support c99 designated initializers. This is required as of Tor 0.2.6.x])
271 AC_ARG_WITH(tor-user,
272 AS_HELP_STRING(--with-tor-user=NAME, [specify username for tor daemon]),
280 AC_ARG_WITH(tor-group,
281 AS_HELP_STRING(--with-tor-group=NAME, [specify group name for tor daemon]),
289 dnl If _WIN32 is defined and non-zero, we are building for win32
290 AC_MSG_CHECKING([for win32])
291 AC_RUN_IFELSE([AC_LANG_SOURCE([
292 int main(int c, char **v) {
303 bwin32=true; AC_MSG_RESULT([yes]),
304 bwin32=false; AC_MSG_RESULT([no]),
305 bwin32=cross; AC_MSG_RESULT([cross])
308 if test "$bwin32" = "cross"; then
309 AC_MSG_CHECKING([for win32 (cross)])
310 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
312 int main(int c, char **v) {return 0;}
315 int main(int c, char **v) {return x(y);}
318 bwin32=true; AC_MSG_RESULT([yes]),
319 bwin32=false; AC_MSG_RESULT([no]))
324 /* Defined to access windows functions and definitions for >=WinXP */
326 # define WINVER 0x0501
329 /* Defined to access _other_ windows functions and definitions for >=WinXP */
330 # ifndef _WIN32_WINNT
331 # define _WIN32_WINNT 0x0501
334 /* Defined to avoid including some windows headers as part of Windows.h */
335 # ifndef WIN32_LEAN_AND_MEAN
336 # define WIN32_LEAN_AND_MEAN 1
342 AM_CONDITIONAL(BUILD_NT_SERVICES, test "x$bwin32" = "xtrue")
344 dnl Enable C99 when compiling with MIPSpro
345 AC_MSG_CHECKING([for MIPSpro compiler])
346 AC_COMPILE_IFELSE([AC_LANG_PROGRAM(, [
347 #if (defined(__sgi) && defined(_COMPILER_VERSION))
352 bmipspro=false; AC_MSG_RESULT(no),
353 bmipspro=true; AC_MSG_RESULT(yes))
355 if test "$bmipspro" = "true"; then
356 CFLAGS="$CFLAGS -c99"
361 AC_SEARCH_LIBS(socket, [socket network])
362 AC_SEARCH_LIBS(gethostbyname, [nsl])
363 AC_SEARCH_LIBS(dlopen, [dl])
364 AC_SEARCH_LIBS(inet_aton, [resolv])
365 AC_SEARCH_LIBS(backtrace, [execinfo])
367 AC_SEARCH_LIBS([clock_gettime], [rt])
368 if test "$LIBS" != "$saved_LIBS"; then
369 # Looks like we need -lrt for clock_gettime().
373 AC_SEARCH_LIBS(pthread_create, [pthread])
374 AC_SEARCH_LIBS(pthread_detach, [pthread])
376 AM_CONDITIONAL(THREADS_WIN32, test "$bwin32" = "true")
377 AM_CONDITIONAL(THREADS_PTHREADS, test "$bwin32" = "false")
381 RtlSecureZeroMemory \
385 backtrace_symbols_fd \
397 gnu_get_libc_version \
430 # Apple messed up when they added two functions functions in Sierra: they
431 # forgot to decorate them with appropriate AVAILABLE_MAC_OS_VERSION
432 # checks. So we should only probe for those functions if we are sure that we
433 # are not targetting OSX 10.11 or earlier.
434 AC_MSG_CHECKING([for a pre-Sierra OSX build target])
437 # include <AvailabilityMacros.h>
438 # ifndef MAC_OS_X_VERSION_10_12
439 # define MAC_OS_X_VERSION_10_12 101200
441 # if defined(MAC_OS_X_VERSION_MIN_REQUIRED)
442 # if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_12
443 # error "Running on Mac OSX 10.11 or earlier"
448 [on_macos_pre_10_12=no ; AC_MSG_RESULT([no])],
449 [on_macos_pre_10_12=yes; AC_MSG_RESULT([yes])])
451 if test "$on_macos_pre_10_12" = "no"; then
458 if test "$bwin32" != "true"; then
459 AC_CHECK_HEADERS(pthread.h)
460 AC_CHECK_FUNCS(pthread_create)
461 AC_CHECK_FUNCS(pthread_condattr_setclock)
464 if test "$bwin32" = "true"; then
465 AC_CHECK_DECLS([SecureZeroMemory, _getwch], , , [
472 AM_CONDITIONAL(BUILD_READPASSPHRASE_C,
473 test "x$ac_cv_func_readpassphrase" = "xno" && test "$bwin32" = "false")
475 dnl ------------------------------------------------------
476 dnl Where do you live, libevent? And how do we call you?
478 if test "$bwin32" = "true"; then
479 TOR_LIB_WS32=-lws2_32
480 TOR_LIB_IPHLPAPI=-liphlpapi
481 # Some of the cargo-cults recommend -lwsock32 as well, but I don't
482 # think it's actually necessary.
488 AC_SUBST(TOR_LIB_WS32)
489 AC_SUBST(TOR_LIB_GDI)
490 AC_SUBST(TOR_LIB_IPHLPAPI)
492 tor_libevent_pkg_redhat="libevent"
493 tor_libevent_pkg_debian="libevent-dev"
494 tor_libevent_devpkg_redhat="libevent-devel"
495 tor_libevent_devpkg_debian="libevent-dev"
497 dnl On Gnu/Linux or any place we require it, we'll add librt to the Libevent
498 dnl linking for static builds.
499 STATIC_LIBEVENT_FLAGS=""
500 if test "$enable_static_libevent" = "yes"; then
501 if test "$have_rt" = "yes"; then
502 STATIC_LIBEVENT_FLAGS=" -lrt "
506 TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32], [
508 #include <winsock2.h>
510 #include <sys/time.h>
511 #include <sys/types.h>
512 #include <event2/event.h>], [
514 #include <winsock2.h>
517 struct event_base *event_base_new(void);],
520 {WSADATA d; WSAStartup(0x101,&d); }
523 ], [--with-libevent-dir], [/opt/libevent])
525 dnl Determine the incantation needed to link libevent.
527 save_LDFLAGS="$LDFLAGS"
528 save_CPPFLAGS="$CPPFLAGS"
530 LIBS="$STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $save_LIBS"
531 LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
532 CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
534 AC_CHECK_HEADERS(event2/event.h event2/dns.h event2/bufferevent_ssl.h)
536 if test "$enable_static_libevent" = "yes"; then
537 if test "$tor_cv_library_libevent_dir" = "(system)"; then
538 AC_MSG_ERROR("You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent")
540 TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent.a $STATIC_LIBEVENT_FLAGS"
543 if test "x$ac_cv_header_event2_event_h" = "xyes"; then
544 AC_SEARCH_LIBS(event_new, [event event_core], , AC_MSG_ERROR("libevent2 is installed but linking it failed while searching for event_new"))
545 AC_SEARCH_LIBS(evdns_base_new, [event event_extra], , AC_MSG_ERROR("libevent2 is installed but linking it failed while searching for evdns_base_new"))
547 if test "$ac_cv_search_event_new" != "none required"; then
548 TOR_LIBEVENT_LIBS="$ac_cv_search_event_new"
550 if test "$ac_cv_search_evdns_base_new" != "none required"; then
551 TOR_LIBEVENT_LIBS="$ac_cv_search_evdns_base_new $TOR_LIBEVENT_LIBS"
554 AC_MSG_ERROR("libevent2 is required but the headers could not be found")
558 dnl Now check for particular libevent functions.
559 AC_CHECK_FUNCS([evutil_secure_rng_set_urandom_device_file \
560 evutil_secure_rng_add_bytes \
564 LDFLAGS="$save_LDFLAGS"
565 CPPFLAGS="$save_CPPFLAGS"
567 dnl Check that libevent is at least at version 2.0.10, the first stable
568 dnl release of its series
569 CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent"
570 AC_MSG_CHECKING([whether Libevent is new enough])
571 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
572 #include <event2/event.h>
573 #if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000a00
579 ])], [ AC_MSG_RESULT([yes]) ],
580 [ AC_MSG_RESULT([no])
581 AC_MSG_ERROR([Libevent is not new enough. We require 2.0.10-stable or later]) ] )
584 LDFLAGS="$save_LDFLAGS"
585 CPPFLAGS="$save_CPPFLAGS"
587 AC_SUBST(TOR_LIBEVENT_LIBS)
589 dnl ------------------------------------------------------
590 dnl Where do you live, libm?
592 dnl On some platforms (Haiku/BeOS) the math library is
593 dnl part of libroot. In which case don't link against lm
596 AC_SEARCH_LIBS(pow, [m], , AC_MSG_ERROR([Could not find pow in libm or libc.]))
597 if test "$ac_cv_search_pow" != "none required"; then
598 TOR_LIB_MATH="$ac_cv_search_pow"
601 AC_SUBST(TOR_LIB_MATH)
603 dnl ------------------------------------------------------
604 dnl Where do you live, openssl? And how do we call you?
606 tor_openssl_pkg_redhat="openssl"
607 tor_openssl_pkg_debian="libssl-dev"
608 tor_openssl_devpkg_redhat="openssl-devel"
609 tor_openssl_devpkg_debian="libssl-dev"
611 ALT_openssl_WITHVAL=""
613 AS_HELP_STRING(--with-ssl-dir=PATH, [obsolete alias for --with-openssl-dir]),
615 if test "x$withval" != "xno" && test "x$withval" != "x"; then
616 ALT_openssl_WITHVAL="$withval"
620 TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
621 [#include <openssl/rand.h>],
622 [void RAND_add(const void *buf, int num, double entropy);],
623 [RAND_add((void*)0,0,0);], [],
624 [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
626 dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()
628 if test "$enable_static_openssl" = "yes"; then
629 if test "$tor_cv_library_openssl_dir" = "(system)"; then
630 AC_MSG_ERROR("You must specify an explicit --with-openssl-dir=x option when using --enable-static-openssl")
632 TOR_OPENSSL_LIBS="$TOR_LIBDIR_openssl/libssl.a $TOR_LIBDIR_openssl/libcrypto.a"
635 TOR_OPENSSL_LIBS="-lssl -lcrypto"
637 AC_SUBST(TOR_OPENSSL_LIBS)
639 dnl Now check for particular openssl functions.
641 save_LDFLAGS="$LDFLAGS"
642 save_CPPFLAGS="$CPPFLAGS"
643 LIBS="$TOR_OPENSSL_LIBS $LIBS"
644 LDFLAGS="$TOR_LDFLAGS_openssl $LDFLAGS"
645 CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS"
648 #include <openssl/opensslv.h>
649 #if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1000100fL
654 [ AC_ERROR([OpenSSL is too old. We require 1.0.1 or later. You can specify a path to a newer one with --with-openssl-dir.]) ])
657 #include <openssl/opensslv.h>
658 #include <openssl/evp.h>
659 #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_ECDSA)
662 #if !defined(NID_X9_62_prime256v1) || !defined(NID_secp224r1)
663 #error "curves unavailable"
667 [ AC_ERROR([OpenSSL is built without full ECC support, including curves P256 and P224. You can specify a path to one with ECC support with --with-openssl-dir.]) ])
669 AC_CHECK_MEMBERS([struct ssl_method_st.get_cipher_by_char], , ,
670 [#include <openssl/ssl.h>
674 SSL_SESSION_get_master_key \
675 SSL_get_server_random \
676 SSL_get_client_ciphers \
677 SSL_get_client_random \
682 dnl Check if OpenSSL has scrypt implementation.
683 AC_CHECK_FUNCS([ EVP_PBE_scrypt ])
685 dnl Check if OpenSSL structures are opaque
686 AC_CHECK_MEMBERS([SSL.state], , ,
687 [#include <openssl/ssl.h>
691 LDFLAGS="$save_LDFLAGS"
692 CPPFLAGS="$save_CPPFLAGS"
694 dnl ------------------------------------------------------
695 dnl Where do you live, zlib? And how do we call you?
697 tor_zlib_pkg_redhat="zlib"
698 tor_zlib_pkg_debian="zlib1g"
699 tor_zlib_devpkg_redhat="zlib-devel"
700 tor_zlib_devpkg_debian="zlib1g-dev"
702 TOR_SEARCH_LIBRARY(zlib, $tryzlibdir, [-lz],
704 [const char * zlibVersion(void);],
705 [zlibVersion();], [--with-zlib-dir],
708 if test "$enable_static_zlib" = "yes"; then
709 if test "$tor_cv_library_zlib_dir" = "(system)"; then
710 AC_MSG_ERROR("You must specify an explicit --with-zlib-dir=x option when
711 using --enable-static-zlib")
713 TOR_ZLIB_LIBS="$TOR_LIBDIR_zlib/libz.a"
718 AC_SUBST(TOR_ZLIB_LIBS)
720 dnl ----------------------------------------------------------------------
721 dnl Check if libcap is available for capabilities.
723 tor_cap_pkg_debian="libcap2"
724 tor_cap_pkg_redhat="libcap"
725 tor_cap_devpkg_debian="libcap-dev"
726 tor_cap_devpkg_redhat="libcap-devel"
728 AC_CHECK_LIB([cap], [cap_init], [],
729 AC_MSG_NOTICE([Libcap was not found. Capabilities will not be usable.])
731 AC_CHECK_FUNCS(cap_set_proc)
733 dnl ---------------------------------------------------------------------
734 dnl Now that we know about our major libraries, we can check for compiler
735 dnl and linker hardening options. We need to do this with the libraries known,
736 dnl since sometimes the linker will like an option but not be willing to
737 dnl use it with a build of a library.
739 all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent"
740 all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI $TOR_CAP_LIBS"
747 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
748 #if !defined(__clang__)
750 #endif])], have_clang=yes, have_clang=no)
752 if test "x$enable_gcc_hardening" != "xno"; then
753 CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
754 if test "x$have_clang" = "xyes"; then
755 TOR_CHECK_CFLAGS(-Qunused-arguments)
757 TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
758 AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
759 AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
760 m4_ifdef([AS_VAR_IF],[
761 AS_VAR_IF(can_compile, [yes],
762 AS_VAR_IF(can_link, [yes],
764 AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
766 AS_VAR_POPDEF([can_link])
767 AS_VAR_POPDEF([can_compile])
768 TOR_CHECK_CFLAGS(-Wstack-protector)
769 TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
770 if test "$bwin32" = "false"; then
771 TOR_CHECK_CFLAGS(-fPIE)
772 TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
774 TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
777 if test "x$enable_expensive_hardening" = "xyes"; then
778 TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, also_link, CFLAGS_FTRAPV="-ftrapv", true)
779 if test "$tor_cv_cflags__ftrapv" = "yes" && test "$tor_can_link__ftrapv" != "yes"; then
780 AC_MSG_WARN([The compiler supports -ftrapv, but for some reason I was not able to link with -ftrapv. Are you missing run-time support? Run-time hardening will not work as well as it should.])
783 if test "$tor_cv_cflags__ftrapv" != "yes"; then
784 AC_MSG_ERROR([You requested expensive hardening, but the compiler does not seem to support -ftrapv.])
787 TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=address], also_link, CFLAGS_ASAN="-fsanitize=address", true)
788 if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then
789 AC_MSG_ERROR([The compiler supports -fsanitize=address, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libubsan.so, and with Clang you need libclang_rt.ubsan*])
792 TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=undefined], also_link, CFLAGS_UBSAN="-fsanitize=undefined", true)
793 if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then
794 AC_MSG_ERROR([The compiler supports -fsanitize=undefined, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libasan.so, and with Clang you need libclang_rt.ubsan*])
797 TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
800 CFLAGS_BUGTRAP="$CFLAGS_FTRAPV $CFLAGS_ASAN $CFLAGS_UBSAN"
801 CFLAGS_CONSTTIME="$CFLAGS_FWRAPV"
803 mulodi_fixes_ftrapv=no
804 if test "$have_clang" = "yes"; then
805 saved_CFLAGS="$CFLAGS"
806 CFLAGS="$CFLAGS $CFLAGS_FTRAPV"
807 AC_MSG_CHECKING([whether clang -ftrapv can link a 64-bit int multiply])
812 int main(int argc, char **argv)
814 int64_t x = ((int64_t)atoi(argv[1])) * (int64_t)atoi(argv[2])
815 * (int64_t)atoi(argv[3]);
818 [ftrapv_can_link=yes; AC_MSG_RESULT([yes])],
819 [ftrapv_can_link=no; AC_MSG_RESULT([no])])
820 if test "$ftrapv_can_link" = "no"; then
821 AC_MSG_CHECKING([whether defining __mulodi4 fixes that])
826 int64_t __mulodi4(int64_t a, int64_t b, int *overflow) {
830 int main(int argc, char **argv)
832 int64_t x = ((int64_t)atoi(argv[1])) * (int64_t)atoi(argv[2])
833 * (int64_t)atoi(argv[3]);
836 [mulodi_fixes_ftrapv=yes; AC_MSG_RESULT([yes])],
837 [mulodi_fixes_ftrapv=no; AC_MSG_RESULT([no])])
839 CFLAGS="$saved_CFLAGS"
842 AM_CONDITIONAL(ADD_MULODI4, test "$mulodi_fixes_ftrapv" = "yes")
844 dnl These cflags add bunches of branches, and we haven't been able to
845 dnl persuade ourselves that they're suitable for code that needs to be
847 AC_SUBST(CFLAGS_BUGTRAP)
848 dnl These cflags are variant ones sutable for code that needs to be
850 AC_SUBST(CFLAGS_CONSTTIME)
852 if test "x$enable_linker_hardening" != "xno"; then
853 TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
856 # For backtrace support
857 TOR_CHECK_LDFLAGS(-rdynamic)
859 dnl ------------------------------------------------------
860 dnl Now see if we have a -fomit-frame-pointer compiler option.
862 saved_CFLAGS="$CFLAGS"
863 TOR_CHECK_CFLAGS(-fomit-frame-pointer)
864 F_OMIT_FRAME_POINTER=''
865 if test "$saved_CFLAGS" != "$CFLAGS"; then
866 if test "x$enable_expensive_hardening" != "xyes"; then
867 F_OMIT_FRAME_POINTER='-fomit-frame-pointer'
870 CFLAGS="$saved_CFLAGS"
871 AC_SUBST(F_OMIT_FRAME_POINTER)
873 dnl ------------------------------------------------------
874 dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it
875 dnl for us, as GCC 4.6 and later do at many optimization levels), then
876 dnl we should try to add -fasynchronous-unwind-tables so that our backtrace
878 TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables)
880 dnl ============================================================
881 dnl Check for libseccomp
883 if test "x$enable_seccomp" != "xno"; then
884 AC_CHECK_HEADERS([seccomp.h])
885 AC_SEARCH_LIBS(seccomp_init, [seccomp])
888 dnl ============================================================
889 dnl Check for libscrypt
891 if test "x$enable_libscrypt" != "xno"; then
892 AC_CHECK_HEADERS([libscrypt.h])
893 AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])
894 AC_CHECK_FUNCS([libscrypt_scrypt])
897 dnl ============================================================
898 dnl We need an implementation of curve25519.
900 dnl set these defaults.
901 build_curve25519_donna=no
902 build_curve25519_donna_c64=no
903 use_curve25519_donna=no
904 use_curve25519_nacl=no
907 dnl The best choice is using curve25519-donna-c64, but that requires
909 AC_CACHE_CHECK([whether we can use curve25519-donna-c64],
910 tor_cv_can_use_curve25519_donna_c64,
912 [AC_LANG_PROGRAM([dnl
914 typedef unsigned uint128_t __attribute__((mode(TI)));
915 int func(uint64_t a, uint64_t b) {
916 uint128_t c = ((uint128_t)a) * b;
917 int ok = ((uint64_t)(c>>96)) == 522859 &&
918 (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
919 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
920 (((uint64_t)(c))&0xffffffffL) == 0;
924 int ok = func( ((uint64_t)2000000000) * 1000000000,
925 ((uint64_t)1234567890) << 24);
928 [tor_cv_can_use_curve25519_donna_c64=yes],
929 [tor_cv_can_use_curve25519_donna_c64=no],
931 [AC_LANG_PROGRAM([dnl
933 typedef unsigned uint128_t __attribute__((mode(TI)));
934 int func(uint64_t a, uint64_t b) {
935 uint128_t c = ((uint128_t)a) * b;
936 int ok = ((uint64_t)(c>>96)) == 522859 &&
937 (((uint64_t)(c>>64))&0xffffffffL) == 3604448702L &&
938 (((uint64_t)(c>>32))&0xffffffffL) == 2351960064L &&
939 (((uint64_t)(c))&0xffffffffL) == 0;
943 int ok = func( ((uint64_t)2000000000) * 1000000000,
944 ((uint64_t)1234567890) << 24);
947 [tor_cv_can_use_curve25519_donna_c64=cross],
948 [tor_cv_can_use_curve25519_donna_c64=no])])])
950 AC_CHECK_HEADERS([crypto_scalarmult_curve25519.h \
951 nacl/crypto_scalarmult_curve25519.h])
953 AC_CACHE_CHECK([for nacl compiled with a fast curve25519 implementation],
954 tor_cv_can_use_curve25519_nacl,
955 [tor_saved_LIBS="$LIBS"
958 [AC_LANG_PROGRAM([dnl
959 #ifdef HAVE_CRYPTO_SCALARMULT_CURVE25519_H
960 #include <crypto_scalarmult_curve25519.h>
961 #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H)
962 #include <nacl/crypto_scalarmult_curve25519.h>
964 #ifdef crypto_scalarmult_curve25519_ref_BYTES
965 #error Hey, this is the reference implementation! That's not fast.
968 unsigned char *a, *b, *c; crypto_scalarmult_curve25519(a,b,c);
969 ])], [tor_cv_can_use_curve25519_nacl=yes],
970 [tor_cv_can_use_curve25519_nacl=no])
971 LIBS="$tor_saved_LIBS" ])
973 dnl Okay, now we need to figure out which one to actually use. Fall back
974 dnl to curve25519-donna.c
976 if test "x$tor_cv_can_use_curve25519_donna_c64" != "xno"; then
977 build_curve25519_donna_c64=yes
978 use_curve25519_donna=yes
979 elif test "x$tor_cv_can_use_curve25519_nacl" = "xyes"; then
980 use_curve25519_nacl=yes
981 CURVE25519_LIBS=-lnacl
983 build_curve25519_donna=yes
984 use_curve25519_donna=yes
987 if test "x$use_curve25519_donna" = "xyes"; then
988 AC_DEFINE(USE_CURVE25519_DONNA, 1,
989 [Defined if we should use an internal curve25519_donna{,_c64} implementation])
991 if test "x$use_curve25519_nacl" = "xyes"; then
992 AC_DEFINE(USE_CURVE25519_NACL, 1,
993 [Defined if we should use a curve25519 from nacl])
995 AM_CONDITIONAL(BUILD_CURVE25519_DONNA,
996 test "x$build_curve25519_donna" = "xyes")
997 AM_CONDITIONAL(BUILD_CURVE25519_DONNA_C64,
998 test "x$build_curve25519_donna_c64" = "xyes")
999 AC_SUBST(CURVE25519_LIBS)
1001 dnl Make sure to enable support for large off_t if available.
1004 AC_CHECK_HEADERS([assert.h \
1019 gnu/libc-version.h \
1058 AC_CHECK_HEADERS(sys/param.h)
1060 AC_CHECK_HEADERS(net/if.h, net_if_found=1, net_if_found=0,
1061 [#ifdef HAVE_SYS_TYPES_H
1062 #include <sys/types.h>
1064 #ifdef HAVE_SYS_SOCKET_H
1065 #include <sys/socket.h>
1067 AC_CHECK_HEADERS(net/pfvar.h, net_pfvar_found=1, net_pfvar_found=0,
1068 [#ifdef HAVE_SYS_TYPES_H
1069 #include <sys/types.h>
1071 #ifdef HAVE_SYS_SOCKET_H
1072 #include <sys/socket.h>
1074 #ifdef HAVE_NET_IF_H
1077 #ifdef HAVE_NETINET_IN_H
1078 #include <netinet/in.h>
1081 AC_CHECK_HEADERS(linux/if.h,[],[],
1083 #ifdef HAVE_SYS_SOCKET_H
1084 #include <sys/socket.h>
1088 AC_CHECK_HEADERS(linux/netfilter_ipv4.h,
1089 linux_netfilter_ipv4=1, linux_netfilter_ipv4=0,
1090 [#ifdef HAVE_SYS_TYPES_H
1091 #include <sys/types.h>
1093 #ifdef HAVE_SYS_SOCKET_H
1094 #include <sys/socket.h>
1096 #ifdef HAVE_LIMITS_H
1099 #ifdef HAVE_LINUX_TYPES_H
1100 #include <linux/types.h>
1102 #ifdef HAVE_NETINET_IN6_H
1103 #include <netinet/in6.h>
1105 #ifdef HAVE_NETINET_IN_H
1106 #include <netinet/in.h>
1109 AC_CHECK_HEADERS(linux/netfilter_ipv6/ip6_tables.h,
1110 linux_netfilter_ipv6_ip6_tables=1, linux_netfilter_ipv6_ip6_tables=0,
1111 [#ifdef HAVE_SYS_TYPES_H
1112 #include <sys/types.h>
1114 #ifdef HAVE_SYS_SOCKET_H
1115 #include <sys/socket.h>
1117 #ifdef HAVE_LIMITS_H
1120 #ifdef HAVE_LINUX_TYPES_H
1121 #include <linux/types.h>
1123 #ifdef HAVE_NETINET_IN6_H
1124 #include <netinet/in6.h>
1126 #ifdef HAVE_NETINET_IN_H
1127 #include <netinet/in.h>
1129 #ifdef HAVE_LINUX_IF_H
1130 #include <linux/if.h>
1134 if test "x$net_if_found" = "x1" && test "x$net_pfvar_found" = "x1"; then
1137 if test "x$linux_netfilter_ipv4" = "x1"; then
1140 if test "x$linux_netfilter_ipv6_ip6_tables" = "x1"; then
1143 if test "x$transparent_ok" = "x1"; then
1144 AC_DEFINE(USE_TRANSPARENT, 1, "Define to enable transparent proxy support")
1146 *-*-openbsd* | *-*-bitrig*)
1147 AC_DEFINE(OPENBSD, 1, "Define to handle pf on OpenBSD properly") ;;
1150 AC_MSG_NOTICE([Transparent proxy support enabled, but missing headers.])
1153 AC_CHECK_MEMBERS([struct timeval.tv_sec], , ,
1154 [#ifdef HAVE_SYS_TYPES_H
1155 #include <sys/types.h>
1157 #ifdef HAVE_SYS_TIME_H
1158 #include <sys/time.h>
1161 dnl In case we aren't given a working stdint.h, we'll need to grow our own.
1164 AC_CHECK_SIZEOF(int8_t)
1165 AC_CHECK_SIZEOF(int16_t)
1166 AC_CHECK_SIZEOF(int32_t)
1167 AC_CHECK_SIZEOF(int64_t)
1168 AC_CHECK_SIZEOF(uint8_t)
1169 AC_CHECK_SIZEOF(uint16_t)
1170 AC_CHECK_SIZEOF(uint32_t)
1171 AC_CHECK_SIZEOF(uint64_t)
1172 AC_CHECK_SIZEOF(intptr_t)
1173 AC_CHECK_SIZEOF(uintptr_t)
1175 dnl AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t, uint8_t, uint16_t, uint32_t, uint64_t, intptr_t, uintptr_t])
1177 AC_CHECK_SIZEOF(char)
1178 AC_CHECK_SIZEOF(short)
1179 AC_CHECK_SIZEOF(int)
1180 AC_CHECK_SIZEOF(long)
1181 AC_CHECK_SIZEOF(long long)
1182 AC_CHECK_SIZEOF(__int64)
1183 AC_CHECK_SIZEOF(void *)
1184 AC_CHECK_SIZEOF(time_t)
1185 AC_CHECK_SIZEOF(size_t)
1186 AC_CHECK_SIZEOF(pid_t)
1188 AC_CHECK_TYPES([uint, u_char, ssize_t])
1190 AC_PC_FROM_UCONTEXT([:])
1192 dnl used to include sockaddr_storage, but everybody has that.
1193 AC_CHECK_TYPES([struct in6_addr, struct sockaddr_in6, sa_family_t], , ,
1194 [#ifdef HAVE_SYS_TYPES_H
1195 #include <sys/types.h>
1197 #ifdef HAVE_NETINET_IN_H
1198 #include <netinet/in.h>
1200 #ifdef HAVE_NETINET_IN6_H
1201 #include <netinet/in6.h>
1203 #ifdef HAVE_SYS_SOCKET_H
1204 #include <sys/socket.h>
1207 #define _WIN32_WINNT 0x0501
1208 #define WIN32_LEAN_AND_MEAN
1209 #include <winsock2.h>
1210 #include <ws2tcpip.h>
1213 AC_CHECK_MEMBERS([struct in6_addr.s6_addr32, struct in6_addr.s6_addr16, struct sockaddr_in.sin_len, struct sockaddr_in6.sin6_len], , ,
1214 [#ifdef HAVE_SYS_TYPES_H
1215 #include <sys/types.h>
1217 #ifdef HAVE_NETINET_IN_H
1218 #include <netinet/in.h>
1220 #ifdef HAVE_NETINET_IN6_H
1221 #include <netinet/in6.h>
1223 #ifdef HAVE_SYS_SOCKET_H
1224 #include <sys/socket.h>
1227 #define _WIN32_WINNT 0x0501
1228 #define WIN32_LEAN_AND_MEAN
1229 #include <winsock2.h>
1230 #include <ws2tcpip.h>
1234 AC_CHECK_TYPES([rlim_t], , ,
1235 [#ifdef HAVE_SYS_TYPES_H
1236 #include <sys/types.h>
1238 #ifdef HAVE_SYS_TIME_H
1239 #include <sys/time.h>
1241 #ifdef HAVE_SYS_RESOURCE_H
1242 #include <sys/resource.h>
1246 AX_CHECK_SIGN([time_t],
1249 #ifdef HAVE_SYS_TYPES_H
1250 #include <sys/types.h>
1252 #ifdef HAVE_SYS_TIME_H
1253 #include <sys/time.h>
1260 if test "$ax_cv_decl_time_t_signed" = "no"; then
1261 AC_MSG_ERROR([You have an unsigned time_t; Tor does not support that. Please tell the Tor developers about your interesting platform.])
1264 AX_CHECK_SIGN([size_t],
1265 [ tor_cv_size_t_signed=yes ],
1266 [ tor_cv_size_t_signed=no ], [
1267 #ifdef HAVE_SYS_TYPES_H
1268 #include <sys/types.h>
1272 if test "$ax_cv_decl_size_t_signed" = "yes"; then
1273 AC_MSG_ERROR([You have a signed size_t; that's grossly nonconformant.])
1276 AX_CHECK_SIGN([enum always],
1277 [ AC_DEFINE(ENUM_VALS_ARE_SIGNED, 1, [Define if enum is always signed]) ],
1279 enum always { AAA, BBB, CCC };
1282 AC_CHECK_SIZEOF(socklen_t, , [AC_INCLUDES_DEFAULT()
1283 #ifdef HAVE_SYS_SOCKET_H
1284 #include <sys/socket.h>
1288 # We want to make sure that we _don't_ have a cell_t defined, like IRIX does.
1290 AC_CHECK_SIZEOF(cell_t)
1292 # Now make sure that NULL can be represented as zero bytes.
1293 AC_CACHE_CHECK([whether memset(0) sets pointers to NULL], tor_cv_null_is_zero,
1294 [AC_RUN_IFELSE([AC_LANG_SOURCE(
1295 [[#include <stdlib.h>
1298 #ifdef HAVE_STDDEF_H
1301 int main () { char *p1,*p2; p1=NULL; memset(&p2,0,sizeof(p2));
1302 return memcmp(&p1,&p2,sizeof(char*))?1:0; }]])],
1303 [tor_cv_null_is_zero=yes],
1304 [tor_cv_null_is_zero=no],
1305 [tor_cv_null_is_zero=cross])])
1307 if test "$tor_cv_null_is_zero" = "cross"; then
1308 # Cross-compiling; let's hope that the target isn't raving mad.
1309 AC_MSG_NOTICE([Cross-compiling: we'll assume that NULL is represented as a sequence of 0-valued bytes.])
1312 if test "$tor_cv_null_is_zero" != "no"; then
1313 AC_DEFINE([NULL_REP_IS_ZERO_BYTES], 1,
1314 [Define to 1 iff memset(0) sets pointers to NULL])
1317 AC_CACHE_CHECK([whether memset(0) sets doubles to 0.0], tor_cv_dbl0_is_zero,
1318 [AC_RUN_IFELSE([AC_LANG_SOURCE(
1319 [[#include <stdlib.h>
1322 #ifdef HAVE_STDDEF_H
1325 int main () { double d1,d2; d1=0; memset(&d2,0,sizeof(d2));
1326 return memcmp(&d1,&d2,sizeof(d1))?1:0; }]])],
1327 [tor_cv_dbl0_is_zero=yes],
1328 [tor_cv_dbl0_is_zero=no],
1329 [tor_cv_dbl0_is_zero=cross])])
1331 if test "$tor_cv_dbl0_is_zero" = "cross"; then
1332 # Cross-compiling; let's hope that the target isn't raving mad.
1333 AC_MSG_NOTICE([Cross-compiling: we'll assume that 0.0 can be represented as a sequence of 0-valued bytes.])
1336 if test "$tor_cv_dbl0_is_zero" != "no"; then
1337 AC_DEFINE([DOUBLE_0_REP_IS_ZERO_BYTES], 1,
1338 [Define to 1 iff memset(0) sets doubles to 0.0])
1341 # And what happens when we malloc zero?
1342 AC_CACHE_CHECK([whether we can malloc(0) safely.], tor_cv_malloc_zero_works,
1343 [AC_RUN_IFELSE([AC_LANG_SOURCE(
1344 [[#include <stdlib.h>
1347 #ifdef HAVE_STDDEF_H
1350 int main () { return malloc(0)?0:1; }]])],
1351 [tor_cv_malloc_zero_works=yes],
1352 [tor_cv_malloc_zero_works=no],
1353 [tor_cv_malloc_zero_works=cross])])
1355 if test "$tor_cv_malloc_zero_works" = "cross"; then
1356 # Cross-compiling; let's hope that the target isn't raving mad.
1357 AC_MSG_NOTICE([Cross-compiling: we'll assume that we need to check malloc() arguments for 0.])
1360 if test "$tor_cv_malloc_zero_works" = "yes"; then
1361 AC_DEFINE([MALLOC_ZERO_WORKS], 1,
1362 [Define to 1 iff malloc(0) returns a pointer])
1365 # whether we seem to be in a 2s-complement world.
1366 AC_CACHE_CHECK([whether we are using 2s-complement arithmetic], tor_cv_twos_complement,
1367 [AC_RUN_IFELSE([AC_LANG_SOURCE(
1368 [[int main () { int problem = ((-99) != (~99)+1);
1369 return problem ? 1 : 0; }]])],
1370 [tor_cv_twos_complement=yes],
1371 [tor_cv_twos_complement=no],
1372 [tor_cv_twos_complement=cross])])
1374 if test "$tor_cv_twos_complement" = "cross"; then
1375 # Cross-compiling; let's hope that the target isn't raving mad.
1376 AC_MSG_NOTICE([Cross-compiling: we'll assume that negative integers are represented with two's complement.])
1379 if test "$tor_cv_twos_complement" != "no"; then
1380 AC_DEFINE([USING_TWOS_COMPLEMENT], 1,
1381 [Define to 1 iff we represent negative integers with
1385 # What does shifting a negative value do?
1386 AC_CACHE_CHECK([whether right-shift on negative values does sign-extension], tor_cv_sign_extend,
1387 [AC_RUN_IFELSE([AC_LANG_SOURCE(
1388 [[int main () { int okay = (-60 >> 8) == -1; return okay ? 0 : 1; }]])],
1389 [tor_cv_sign_extend=yes],
1390 [tor_cv_sign_extend=no],
1391 [tor_cv_sign_extend=cross])])
1393 if test "$tor_cv_sign_extend" = "cross"; then
1394 # Cross-compiling; let's hope that the target isn't raving mad.
1395 AC_MSG_NOTICE([Cross-compiling: we'll assume that right-shifting negative integers causes sign-extension])
1398 if test "$tor_cv_sign_extend" != "no"; then
1399 AC_DEFINE([RSHIFT_DOES_SIGN_EXTEND], 1,
1400 [Define to 1 iff right-shifting a negative value performs sign-extension])
1403 # Whether we should use the dmalloc memory allocation debugging library.
1404 AC_MSG_CHECKING(whether to use dmalloc (debug memory allocation library))
1405 AC_ARG_WITH(dmalloc,
1406 AS_HELP_STRING(--with-dmalloc, [use debug memory allocation library]),
1407 [if [[ "$withval" = "yes" ]]; then
1413 fi], [ dmalloc=0; AC_MSG_RESULT(no) ]
1416 if [[ $dmalloc -eq 1 ]]; then
1417 AC_CHECK_HEADERS(dmalloc.h, , AC_MSG_ERROR(dmalloc header file not found. Do you have the development files for dmalloc installed?))
1418 AC_SEARCH_LIBS(dmalloc_malloc, [dmallocth dmalloc], , AC_MSG_ERROR(Libdmalloc library not found. If you enable it you better have it installed.))
1419 AC_DEFINE(USE_DMALLOC, 1, [Debug memory allocation library])
1420 AC_CHECK_FUNCS(dmalloc_strdup dmalloc_strndup)
1423 AC_ARG_WITH(tcmalloc,
1424 AS_HELP_STRING(--with-tcmalloc, [use tcmalloc memory allocation library]),
1425 [ tcmalloc=yes ], [ tcmalloc=no ])
1427 if test "x$tcmalloc" = "xyes"; then
1428 LDFLAGS="-ltcmalloc $LDFLAGS"
1431 using_custom_malloc=no
1432 if test "x$enable_openbsd_malloc" = "xyes"; then
1433 using_custom_malloc=yes
1435 if test "x$tcmalloc" = "xyes"; then
1436 using_custom_malloc=yes
1438 if test "$using_custom_malloc" = "no"; then
1439 AC_CHECK_FUNCS(mallinfo)
1442 # By default, we're going to assume we don't have mlockall()
1443 # bionic and other platforms have various broken mlockall subsystems.
1444 # Some systems don't have a working mlockall, some aren't linkable,
1445 # and some have it but don't declare it.
1446 AC_CHECK_FUNCS(mlockall)
1447 AC_CHECK_DECLS([mlockall], , , [
1448 #ifdef HAVE_SYS_MMAN_H
1449 #include <sys/mman.h>
1452 # Allow user to specify an alternate syslog facility
1453 AC_ARG_WITH(syslog-facility,
1454 AS_HELP_STRING(--with-syslog-facility=LOG, [syslog facility to use (default=LOG_DAEMON)]),
1455 syslog_facility="$withval", syslog_facility="LOG_DAEMON")
1456 AC_DEFINE_UNQUOTED(LOGFACILITY,$syslog_facility,[name of the syslog facility])
1457 AC_SUBST(LOGFACILITY)
1459 # Check if we have getresuid and getresgid
1460 AC_CHECK_FUNCS(getresuid getresgid)
1462 # Check for gethostbyname_r in all its glorious incompatible versions.
1463 # (This logic is based on that in Python's configure.in)
1464 AH_TEMPLATE(HAVE_GETHOSTBYNAME_R,
1465 [Define this if you have any gethostbyname_r()])
1467 AC_CHECK_FUNC(gethostbyname_r, [
1468 AC_MSG_CHECKING([how many arguments gethostbyname_r() wants])
1470 CFLAGS="$CFLAGS $MY_CPPFLAGS $MY_THREAD_CPPFLAGS $MY_CFLAGS"
1471 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
1475 struct hostent *h1, *h2;
1477 (void)gethostbyname_r(cp1,h1,cp2,i1,&h2,&i2);
1479 AC_DEFINE(HAVE_GETHOSTBYNAME_R)
1480 AC_DEFINE(HAVE_GETHOSTBYNAME_R_6_ARG, 1,
1481 [Define this if gethostbyname_r takes 6 arguments])
1490 (void)gethostbyname_r(cp1,h1,cp2,i1,&i2);
1492 AC_DEFINE(HAVE_GETHOSTBYNAME_R)
1493 AC_DEFINE(HAVE_GETHOSTBYNAME_R_5_ARG, 1,
1494 [Define this if gethostbyname_r takes 5 arguments])
1502 struct hostent_data hd;
1503 (void) gethostbyname_r(cp1,h1,&hd);
1505 AC_DEFINE(HAVE_GETHOSTBYNAME_R)
1506 AC_DEFINE(HAVE_GETHOSTBYNAME_R_3_ARG, 1,
1507 [Define this if gethostbyname_r takes 3 arguments])
1517 AC_CACHE_CHECK([whether the C compiler supports __func__],
1518 tor_cv_have_func_macro,
1519 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
1521 int main(int c, char **v) { puts(__func__); }])],
1522 tor_cv_have_func_macro=yes,
1523 tor_cv_have_func_macro=no))
1525 AC_CACHE_CHECK([whether the C compiler supports __FUNC__],
1526 tor_cv_have_FUNC_macro,
1527 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
1529 int main(int c, char **v) { puts(__FUNC__); }])],
1530 tor_cv_have_FUNC_macro=yes,
1531 tor_cv_have_FUNC_macro=no))
1533 AC_CACHE_CHECK([whether the C compiler supports __FUNCTION__],
1534 tor_cv_have_FUNCTION_macro,
1535 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
1537 int main(int c, char **v) { puts(__FUNCTION__); }])],
1538 tor_cv_have_FUNCTION_macro=yes,
1539 tor_cv_have_FUNCTION_macro=no))
1541 AC_CACHE_CHECK([whether we have extern char **environ already declared],
1542 tor_cv_have_environ_declared,
1543 AC_COMPILE_IFELSE([AC_LANG_SOURCE([
1544 #ifdef HAVE_UNISTD_H
1548 int main(int c, char **v) { char **t = environ; }])],
1549 tor_cv_have_environ_declared=yes,
1550 tor_cv_have_environ_declared=no))
1552 if test "$tor_cv_have_func_macro" = "yes"; then
1553 AC_DEFINE(HAVE_MACRO__func__, 1, [Defined if the compiler supports __func__])
1556 if test "$tor_cv_have_FUNC_macro" = "yes"; then
1557 AC_DEFINE(HAVE_MACRO__FUNC__, 1, [Defined if the compiler supports __FUNC__])
1560 if test "$tor_cv_have_FUNCTION_macro" = "yes"; then
1561 AC_DEFINE(HAVE_MACRO__FUNCTION__, 1,
1562 [Defined if the compiler supports __FUNCTION__])
1565 if test "$tor_cv_have_environ_declared" = "yes"; then
1566 AC_DEFINE(HAVE_EXTERN_ENVIRON_DECLARED, 1,
1567 [Defined if we have extern char **environ already declared])
1570 # $prefix stores the value of the --prefix command line option, or
1571 # NONE if the option wasn't set. In the case that it wasn't set, make
1572 # it be the default, so that we can use it to expand directories now.
1573 if test "x$prefix" = "xNONE"; then
1574 prefix=$ac_default_prefix
1577 # and similarly for $exec_prefix
1578 if test "x$exec_prefix" = "xNONE"; then
1582 if test "x$BUILDDIR" = "x"; then
1586 AH_TEMPLATE([BUILDDIR],[tor's build directory])
1587 AC_DEFINE_UNQUOTED(BUILDDIR,"$BUILDDIR")
1589 if test "x$CONFDIR" = "x"; then
1590 CONFDIR=`eval echo $sysconfdir/tor`
1593 AH_TEMPLATE([CONFDIR],[tor's configuration directory])
1594 AC_DEFINE_UNQUOTED(CONFDIR,"$CONFDIR")
1596 BINDIR=`eval echo $bindir`
1598 LOCALSTATEDIR=`eval echo $localstatedir`
1599 AC_SUBST(LOCALSTATEDIR)
1601 if test "$bwin32" = "true"; then
1602 # Test if the linker supports the --nxcompat and --dynamicbase options
1604 save_LDFLAGS="$LDFLAGS"
1605 LDFLAGS="-Wl,--nxcompat -Wl,--dynamicbase"
1606 AC_MSG_CHECKING([whether the linker supports DllCharacteristics])
1607 AC_LINK_IFELSE([AC_LANG_PROGRAM([])],
1608 [AC_MSG_RESULT([yes])]
1609 [save_LDFLAGS="$save_LDFLAGS $LDFLAGS"],
1610 [AC_MSG_RESULT([no])]
1612 LDFLAGS="$save_LDFLAGS"
1615 # Set CFLAGS _after_ all the above checks, since our warnings are stricter
1616 # than autoconf's macros like.
1617 if test "$GCC" = "yes"; then
1618 # Disable GCC's strict aliasing checks. They are an hours-to-debug
1619 # accident waiting to happen.
1620 CFLAGS="$CFLAGS -Wall -fno-strict-aliasing"
1622 # Override optimization level for non-gcc compilers
1624 enable_gcc_warnings=no
1625 enable_gcc_warnings_advisory=no
1628 # Warnings implies advisory-warnings and -Werror.
1629 if test "$enable_gcc_warnings" = "yes"; then
1630 enable_gcc_warnings_advisory=yes
1631 enable_fatal_warnings=yes
1634 # OS X Lion started deprecating the system openssl. Let's just disable
1635 # all deprecation warnings on OS X. Also, to potentially make the binary
1636 # a little smaller, let's enable dead_strip.
1640 CFLAGS="$CFLAGS -Wno-deprecated-declarations"
1641 LDFLAGS="$LDFLAGS -dead_strip" ;;
1644 # Add some more warnings which we use in development but not in the
1645 # released versions. (Some relevant gcc versions can't handle these.)
1647 # Note that we have to do this near the end of the autoconf process, or
1648 # else we may run into problems when these warnings hit on the testing C
1649 # programs that autoconf wants to build.
1650 if test "x$enable_gcc_warnings_advisory" != "xno"; then
1653 *-*-openbsd* | *-*-bitrig*)
1654 # Some OpenBSD versions (like 4.8) have -Wsystem-headers by default.
1655 # That's fine, except that the headers don't pass -Wredundant-decls.
1656 # Therefore, let's disable -Wsystem-headers when we're building
1657 # with maximal warnings on OpenBSD.
1658 CFLAGS="$CFLAGS -Wno-system-headers" ;;
1661 # GCC4.3 users once report trouble with -Wstrict-overflow=5. GCC5 users
1662 # have it work better.
1663 # CFLAGS="$CFLAGS -Wstrict-overflow=1"
1665 # This warning was added in gcc 4.3, but it appears to generate
1666 # spurious warnings in gcc 4.4. I don't know if it works in 4.5.
1667 #CFLAGS="$CFLAGS -Wlogical-op"
1669 m4_foreach_w([warning_flag], [
1671 -Waddress-of-array-temporary
1672 -Waddress-of-temporary
1674 -Wanonymous-pack-parens
1677 -Warc-bridge-casts-disallowed-in-nonarc
1678 -Warc-maybe-repeated-use-of-weak
1679 -Warc-performSelector-leaks
1680 -Warc-repeated-use-of-weak
1682 -Warray-bounds-pointer-arithmetic
1684 -Wasm-operand-widths
1686 -Watomic-property-with-user-defined-accessor
1688 -Wauto-storage-class
1691 -Wbackslash-newline-escape
1692 -Wbad-array-new-length
1693 -Wbind-to-temporary-copy
1694 -Wbitfield-constant-conversion
1697 -Wbuiltin-requires-header
1699 -Wcompare-distinct-pointer-types
1700 -Wcomplex-component-init
1701 -Wconditional-type-mismatch
1703 -Wconstant-conversion
1704 -Wconstant-logical-operand
1705 -Wconstexpr-not-const
1706 -Wcustom-atomic-properties
1708 -Wdangling-initializer-list
1710 -Wdelegating-ctor-cycles
1711 -Wdeprecated-implementations
1712 -Wdeprecated-register
1713 -Wdirect-ivar-access
1715 -Wdistributed-object-modifiers
1717 -Wdollar-in-identifier-extension
1719 -Wduplicate-decl-specifier
1721 -Wduplicate-method-arg
1722 -Wduplicate-method-match
1724 -Wdynamic-class-memaccess
1725 -Wembedded-directive
1726 -Wempty-translation-unit
1728 -Wexit-time-destructors
1729 -Wexplicit-ownership-type
1730 -Wextern-initializer
1734 -Wflexible-array-extensions
1737 -Wfour-char-constants
1739 -Wglobal-constructors
1740 -Wgnu-array-member-paren-init
1742 -Wgnu-static-float-init
1745 -Widiomatic-parentheses
1746 -Wignored-attributes
1747 -Wimplicit-atomic-properties
1748 -Wimplicit-conversion-floating-point-to-bool
1749 -Wimplicit-exception-spec-mismatch
1750 -Wimplicit-fallthrough
1751 -Wimplicit-fallthrough-per-function
1752 -Wimplicit-retain-self
1753 -Wimport-preprocessor-directive-pedantic
1754 -Wincompatible-library-redeclaration
1755 -Wincompatible-pointer-types-discards-qualifiers
1756 -Wincomplete-implementation
1758 -Wincomplete-umbrella
1761 -Wint-to-void-pointer-cast
1767 -Winvalid-source-encoding
1768 -Winvalid-token-paste
1769 -Wknr-promoted-parameter
1770 -Wlanguage-extension-token
1771 -Wlarge-by-value-copy
1772 -Wliteral-conversion
1774 -Wlocal-type-template-args
1778 -Wmalformed-warning-check
1782 -Wmismatched-parameter-types
1783 -Wmismatched-return-types
1784 -Wmissing-field-initializers
1785 -Wmissing-format-attribute
1787 -Wmissing-selector-name
1789 -Wmissing-variable-declarations
1793 -Wnon-literal-null-conversion
1795 -Wnonportable-cfstrings
1801 -Wout-of-line-declaration
1803 -Woverlength-strings
1805 -Woverriding-method-mismatch
1806 -Wpointer-type-mismatch
1807 -Wpredefined-identifier-outside-function
1808 -Wprotocol-property-synthesis-ambiguity
1809 -Wreadonly-iboutlet-property
1810 -Wreadonly-setter-attrs
1812 -Wreceiver-forward-class
1814 -Wreinterpret-base-class
1815 -Wrequires-super-attribute
1816 -Wreserved-user-defined-literal
1817 -Wreturn-stack-address
1819 -Wselector-type-mismatch
1821 -Wserialized-diagnostics
1823 -Wshift-count-negative
1824 -Wshift-count-overflow
1825 -Wshift-negative-value
1827 -Wshift-sign-overflow
1829 -Wsizeof-array-argument
1830 -Wsource-uses-openmp
1833 -Wstatic-local-in-inline
1837 -Wstrlcpy-strlcat-size
1839 -Wsuggest-attribute=format
1840 -Wsuggest-attribute=noreturn
1841 -Wsuper-class-method-mismatch
1844 -Wtautological-constant-out-of-range-compare
1845 -Wtentative-definition-incomplete-type
1848 -Wtypedef-redefinition
1851 -Wundefined-internal
1852 -Wundefined-reinterpret-cast
1854 -Wunicode-whitespace
1855 -Wunknown-warning-option
1856 -Wunnamed-type-template-args
1857 -Wunneeded-member-function
1859 -Wunsupported-visibility
1860 -Wunused-but-set-parameter
1861 -Wunused-but-set-variable
1862 -Wunused-command-line-argument
1863 -Wunused-const-variable=2
1864 -Wunused-exception-parameter
1865 -Wunused-local-typedefs
1866 -Wunused-member-function
1867 -Wunused-sanitize-argument
1868 -Wunused-volatile-lvalue
1869 -Wuser-defined-literals
1872 -Wvector-conversions
1877 ], [ TOR_CHECK_CFLAGS([warning_flag]) ])
1879 dnl We should re-enable this in some later version. Clang doesn't
1880 dnl mind, but it causes trouble with GCC.
1881 dnl -Wstrict-overflow=2
1883 dnl These seem to require annotations that we don't currently use,
1884 dnl and they give false positives in our pthreads wrappers. (Clang 4)
1886 dnl -Wthread-safety-analysis
1887 dnl -Wthread-safety-attributes
1888 dnl -Wthread-safety-beta
1889 dnl -Wthread-safety-precise
1891 CFLAGS="$CFLAGS -W -Wfloat-equal -Wundef -Wpointer-arith"
1892 CFLAGS="$CFLAGS -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings"
1893 CFLAGS="$CFLAGS -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2"
1894 CFLAGS="$CFLAGS -Wwrite-strings"
1895 CFLAGS="$CFLAGS -Wnested-externs -Wbad-function-cast -Wswitch-enum"
1896 CFLAGS="$CFLAGS -Waggregate-return -Wpacked -Wunused"
1897 CFLAGS="$CFLAGS -Wunused-parameter "
1898 # These interfere with building main() { return 0; }, which autoconf
1899 # likes to use as its default program.
1900 CFLAGS="$CFLAGS -Wold-style-definition -Wmissing-declarations"
1902 if test "$tor_cv_cflags__Wnull_dereference" = "yes"; then
1903 AC_DEFINE([HAVE_CFLAG_WNULL_DEREFERENCE], 1, [True if we have -Wnull-dereference])
1905 if test "$tor_cv_cflags__Woverlength_strings" = "yes"; then
1906 AC_DEFINE([HAVE_CFLAG_WOVERLENGTH_STRINGS], 1, [True if we have -Woverlength-strings])
1909 if test "x$enable_fatal_warnings" = "xyes"; then
1910 # I'd like to use TOR_CHECK_CFLAGS here, but I can't, since the
1911 # default autoconf programs are full of errors.
1912 CFLAGS="$CFLAGS -Werror"
1917 if test "$enable_coverage" = "yes" && test "$have_clang" = "no"; then
1920 AC_MSG_WARN([Tried to enable coverage on OSX without using the clang compiler. This might not work! If coverage fails, use CC=clang when configuring with --enable-coverage.])
1924 CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent $TOR_CPPFLAGS_openssl $TOR_CPPFLAGS_zlib"
1929 contrib/dist/suse/tor.sh
1930 contrib/operator-tools/tor.logrotate
1933 contrib/dist/tor.service
1934 src/config/torrc.sample
1935 src/config/torrc.minimal
1936 scripts/maint/checkOptionDocs.pl
1937 scripts/maint/updateVersions.pl
1940 if test "x$asciidoc" = "xtrue" && test "$ASCIIDOC" = "none"; then
1941 regular_mans="doc/tor doc/tor-gencert doc/tor-resolve doc/torify"
1942 for file in $regular_mans ; do
1943 if ! [[ -f "$srcdir/$file.1.in" ]] || ! [[ -f "$srcdir/$file.html.in" ]] ; then
1944 echo "==================================";
1946 echo "Building Tor has failed since manpages cannot be built.";
1948 echo "You need asciidoc installed to be able to build the manpages.";
1949 echo "To build without manpages, use the --disable-asciidoc argument";
1950 echo "when calling configure.";
1952 echo "==================================";