source: mod_gnutls/configure.ac

debian/master debian/0.8.4-2
Last change on this file was e00a037, checked in by Fiona Klute <fiona.klute@…>, 7 months ago

Release version 0.8.4

  • Property mode set to 100644
File size: 10.5 KB
RevLine 
[e00a037]1AC_INIT(mod_gnutls, 0.8.4)
[9706fc2]2OOO_CONFIG_NICE(config.nice)
[42307a9]3MOD_GNUTLS_VERSION=AC_PACKAGE_VERSION
[6e0bfd6]4AC_PREREQ(2.53)
[9706fc2]5AC_CONFIG_SRCDIR([src/mod_gnutls.c])
[6e0bfd6]6AC_CONFIG_AUX_DIR(config)
[7bebb42]7
[5a6446d]8OOO_MAINTAIN_MODE
[9706fc2]9AM_MAINTAINER_MODE
10AC_CANONICAL_TARGET
[9a4d250]11# mod_gnutls test suite requires GNU make
12AM_INIT_AUTOMAKE([-Wno-portability])
[6e0bfd6]13AM_CONFIG_HEADER(include/mod_gnutls_config.h:config.in)
[9706fc2]14
[eda8686]15LT_INIT([disable-static])
16
[42307a9]17AC_SUBST(MOD_GNUTLS_VERSION)
[9706fc2]18
19AC_PROG_CC
[dff03fa]20AC_PROG_CC_C99
[9706fc2]21AC_PROG_LD
22AC_PROG_INSTALL
[7bebb42]23AC_PROG_LIBTOOL
[9706fc2]24
[4aec9a1]25AC_CONFIG_MACRO_DIR([m4])
26
[d60ff7b]27AP_VERSION=2.4.17
[9706fc2]28CHECK_APACHE(,$AP_VERSION,
29    :,:,
30    AC_MSG_ERROR([*** Apache version $AP_VERSION not found!])
31)
32
[4c529de]33PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 3.3.0])
[cac3a7f]34
35LIBGNUTLS_VERSION=`pkg-config --modversion gnutls`
[16068f4]36
[0bda20f]37AC_ARG_ENABLE(vpath-install,
38       AS_HELP_STRING([--enable-vpath-install],
39               [Modify the Apache module directory provided by apxs to \
40               follow --prefix, if necessary. Most users will not want this, \
41               but it is required for VPATH builds including "make \
42               distcheck".]),
43       vpath_install=$enableval, vpath_install=no)
44AM_CONDITIONAL([ENABLE_VPATH_INSTALL], [test "$vpath_install" = "yes"])
45
[787dab7]46AC_ARG_ENABLE(srp,
47       AS_HELP_STRING([--disable-srp],
48               [unconditionally disable the SRP functionality]),
49       use_srp=$enableval, use_srp=yes)
[b072204]50
[f71e6ce]51# check if the available GnuTLS library supports SRP
52AC_SEARCH_LIBS([gnutls_srp_server_get_username], [gnutls], [], [use_srp="no"])
53
[b072204]54SRP_CFLAGS=""
[787dab7]55if test "$use_srp" != "no"; then
[b27cce7]56        SRP_CFLAGS="-DENABLE_SRP=1"
[787dab7]57fi
[c70c6d7]58
[fd82e59]59AC_ARG_ENABLE(strict,
60       AS_HELP_STRING([--disable-strict],
61               [Avoid strict compiler warnings and errors]),
62       use_strict=$enableval, use_strict=yes)
63
64STRICT_CFLAGS=""
65if test "$use_strict" != "no"; then
[6135393]66        STRICT_CFLAGS="-Wall -Werror -Wextra -Wno-error=deprecated-declarations"
[fd82e59]67fi
68
[787dab7]69AC_MSG_CHECKING([whether to enable SRP functionality])
70AC_MSG_RESULT($use_srp)
71
[412ee84]72dnl Optionally disable flock
73AC_ARG_ENABLE(flock,
[dff57b4]74        AS_HELP_STRING([--disable-flock], [Disable use of flock during tests \
75        (some exotic architectures don't support it)]),
[412ee84]76        [use_flock=$enableval], [use_flock=yes])
[5d9f34e]77# Check if flock is available and supports --timeout
78AC_PATH_PROG([FLOCK], [flock], [no])
79AS_IF([test "${FLOCK}" != "no"],
80      [
81        AC_MSG_CHECKING([whether ${FLOCK} supports --timeout])
82        lockfile="$(mktemp)"
83        AS_IF([${FLOCK} --timeout 1 ${lockfile} true >&AS_MESSAGE_LOG_FD 2>&1],
84              [flock_works="yes"], [flock_works="no"])
85        AC_MSG_RESULT([$flock_works])
[4ae5b82]86        # Old versions of flock do not support --verbose. They fail
87        # without executing the command but still return 0. Check for
88        # this behavior by testing if the rm command was executed.
89        AC_MSG_CHECKING([whether ${FLOCK} supports --verbose])
90        testfile="$(mktemp)"
91        AS_IF([${FLOCK} --verbose --timeout 1 ${lockfile} rm "${testfile}" \
92                        >&AS_MESSAGE_LOG_FD 2>&1; test ! -e "${testfile}"],
93              [flock_verbose="yes"; FLOCK="${FLOCK} --verbose"],
94              [flock_verbose="no"; rm "${testfile}"])
95        AC_MSG_RESULT([$flock_verbose])
96        rm "${lockfile}"
[5d9f34e]97      ],
98      [flock_works="no"])
99# disable flock if requested by user or it doesn't support timeout
100AM_CONDITIONAL([DISABLE_FLOCK],
101               [test "$enable_flock" = "no" || test "$flock_works" = "no"])
[412ee84]102
[21181b2]103# openssl is needed as the responder for OCSP tests
104AC_PATH_PROG([OPENSSL], [openssl], [no])
[3725f2d]105# OCSP checks with gnutls-cli from GnuTLS versions before 3.3.23,
106# 3.4.12, or 3.5.1 (on the respective 3.x branch) fail if intermediate
107# CAs cannot be status checked, even if there are no intermediate CAs
108# like in the mod_gnutls test suite where end entity certificates are
109# directly issued by a root CA.
[efe884e]110AC_MSG_CHECKING([for gnutls-cli version supporting OCSP for EE under root CA])
111AC_PREPROC_IFELSE(
112        [AC_LANG_SOURCE([[#include "gnutls/gnutls.h"
113                        #if GNUTLS_VERSION_NUMBER < 0x030317
114                        #error
115                        #elif GNUTLS_VERSION_NUMBER >= 0x030400 && GNUTLS_VERSION_NUMBER < 0x03040c
116                        #error
[3725f2d]117                        #elif GNUTLS_VERSION_NUMBER == 0x030500
118                        #error
[efe884e]119                        #endif
120                        ]])],
121        [gnutls_ocsp_ok="yes"],
122        [gnutls_ocsp_ok="no"],
123)
124AC_MSG_RESULT([$gnutls_ocsp_ok])
125AM_CONDITIONAL([ENABLE_OCSP_TEST], [test "${OPENSSL}" != "no" && test "${gnutls_ocsp_ok}" = "yes"])
[42bee37]126
[cf4e708]127dnl Enable test namespaces? Default is "yes".
128AC_ARG_ENABLE(test-namespaces,
129        AS_HELP_STRING([--disable-test-namespaces], [Disable use of network \
130        namespaces to run tests in parallel (some architectures might not \
131        support it)]),
132        [use_netns=$enableval], [use_netns=yes])
[b21bf4f]133
134# Check if "unshare" is available and has permission to create network
135# and user namespaces
136AC_PATH_PROG([UNSHARE], [unshare], [no])
137AS_IF([test "${UNSHARE}" != "no"],
138      [
[5aae10e]139        AC_MSG_CHECKING([for permission to create network and user namespaces])
[b21bf4f]140        AS_IF([${UNSHARE} --net -r /bin/sh -c \
[d7c2508]141                "ip link set up lo && ip addr show" >&AS_MESSAGE_LOG_FD 2>&1],
[b21bf4f]142              [unshare_works="yes"], [unshare_works="no"])
143        AC_MSG_RESULT([$unshare_works])
144      ],
[1bb6b1c]145      [unshare_works="no"])
[b21bf4f]146# decide whether to enable network namespaces
147AS_IF([test "$enable_test_namespaces" != "no" \
148            && test "$unshare_works" = "yes"],
149      [use_netns="yes"], [use_netns="no"])
[cf4e708]150AM_CONDITIONAL([ENABLE_NETNS], [test "$use_netns" != "no"])
[b21bf4f]151# Adjust Apache configuration for tests accordingly: Use pthread mutex
152# and test specific PID files if using namespaces, defaults otherwise.
153AS_IF([test "$use_netns" = "yes"],
[37beb92]154      [MUTEX_CONF="Mutex pthread default"; PID_AFFIX="-\${TEST_NAME}"],
155      [MUTEX_CONF=""; PID_AFFIX=""])
156AC_SUBST(MUTEX_CONF)
[cf4e708]157AC_SUBST(PID_AFFIX)
[37beb92]158AM_SUBST_NOTMAKE(MUTEX_CONF)
[cf4e708]159AM_SUBST_NOTMAKE(PID_AFFIX)
160
[fa45dcb]161AC_ARG_ENABLE(msva,
162       AS_HELP_STRING([--enable-msva],
163               [enable Monkeysphere client certificate verification]),
164       use_msva=$enableval, use_msva=no)
[b27cce7]165AM_CONDITIONAL([USE_MSVA], [test "$use_msva" != "no"])
[fa45dcb]166
167MSVA_CFLAGS=""
168if test "$use_msva" != "no"; then
[b27cce7]169        AC_CHECK_HEADERS([msv/msv.h], [],
[fa45dcb]170                         [AC_MSG_ERROR([*** No libmsv headers found!])])
171        AC_SEARCH_LIBS([msv_query_agent], [msv], [],
172                         [AC_MSG_ERROR([*** No libmsv found with msv_query_agent!])])
[b27cce7]173        MSVA_CFLAGS="-DENABLE_MSVA=1"
[fa45dcb]174fi
175
176AC_MSG_CHECKING([whether to enable MSVA functionality])
177AC_MSG_RESULT($use_msva)
178
[6e0bfd6]179have_apr_memcache=0
180CHECK_APR_MEMCACHE([have_apr_memcache=1], [have_apr_memcache=0])
181AC_SUBST(have_apr_memcache)
[ed47098]182
[6e1d45d]183# Building documentation requires pandoc, which in turn needs pdflatex
184# to build PDF output.
[28f3f4f]185build_doc=no
[6e1d45d]186AC_PATH_PROG([PANDOC], [pandoc], [no])
187if test "$PANDOC" != "no"; then
188        AC_PATH_PROG([PDFLATEX], [pdflatex], [no])
[28f3f4f]189        if test "$PDFLATEX" != "no"; then
190                build_doc=yes
191        else
192                build_doc="html only"
193        fi
[7225749]194else
195        AC_PATH_PROG([MARKDOWN], [markdown], [no])
196        if test "$MARKDOWN" != "no"; then
197                build_doc="html stub"
198        fi
[6e1d45d]199fi
200AM_CONDITIONAL([USE_PANDOC], [test "$PANDOC" != "no"])
201AM_CONDITIONAL([USE_PDFLATEX], [test "$PANDOC" != "no" && \
202                               test "$PDFLATEX" != "no"])
[7225749]203AM_CONDITIONAL([USE_MARKDOWN], [test -n "$MARKDOWN" && \
204                               test "$MARKDOWN" != "no"])
[6e1d45d]205
[af7da2d]206# Check for Apache binary
[83b3901]207AC_PATH_PROGS([APACHE2], [apache2 httpd], [no], [$PATH:/usr/sbin])
[af7da2d]208if test "${APACHE2}" = "no"; then
209        AC_MSG_WARN([Neither apache2 nor httpd found in \
[52c3f68]210                     PATH. Test suite will fail.])
211fi
212
[67f2f58]213AC_PATH_PROGS([HTTP_CLI], [curl wget], [no])
214
[fd82e59]215MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${SRP_CFLAGS} ${MSVA_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}"
[5021874]216MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_LIBS}"
[9706fc2]217
[b0e5dae]218AC_PATH_PROGS([SOFTHSM], [softhsm2-util softhsm], [no])
[74772b2]219if test "${SOFTHSM}" != "no"; then
220        softhsm_version=$(${SOFTHSM} --version)
221        AS_VERSION_COMPARE([$(${SOFTHSM} --version)], [2.0.0],
222                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [1])],
223                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [2])],
224                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [2])])
225fi
[5eb4544]226AM_CONDITIONAL([HAVE_SOFTHSM], [test "${SOFTHSM}" != "no"])
[74772b2]227AM_CONDITIONAL([HAVE_SOFTHSM1], [test "${SOFTHSM_MAJOR_VERSION}" = "1"])
228AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${SOFTHSM_MAJOR_VERSION}" = "2"])
[5eb4544]229
[9706fc2]230AC_SUBST(MODULE_CFLAGS)
[16068f4]231AC_SUBST(MODULE_LIBS)
[9706fc2]232
[26081ce]233# assign default values to TEST_HOST and TEST_IP if necessary
234: ${TEST_HOST:="localhost"}
[a08b25e]235: ${TEST_IP:="[[::1]] 127.0.0.1"}
[26081ce]236AC_ARG_VAR([TEST_HOST], [Host name to use for server instances started by \
[a08b25e]237                        "make check", must resolve to addresses in TEST_IP. \
238                        The default is "localhost".])
239AC_ARG_VAR([TEST_IP], [List of IP addresses to use for server instances \
240                      started by "make check". The default is \
241                      "[::1] 127.0.0.1". Note that IPv6 addresses must be \
242                      enclosed in square brackets.])
243AM_SUBST_NOTMAKE(TEST_IP)
244
[6c030c1]245: ${TEST_LOCK_WAIT:="30"}
246: ${TEST_QUERY_TIMEOUT:="30"}
247AC_ARG_VAR([TEST_LOCK_WAIT], [Timeout in seconds to acquire locks for \
248                             Apache instances in the test suite, or the \
249                             previous instance to remove its PID file if \
250                             flock is not used. Default is 30.])
251AC_ARG_VAR([TEST_QUERY_TIMEOUT], [Timeout in seconds for HTTPS requests \
252                                 sent using gnutls-cli in the test suite. \
253                                 Default is 30.])
254
[aeaf28b]255dnl Allow user to set SoftHSM PKCS #11 module
256AC_ARG_VAR([SOFTHSM_LIB], [Absolute path of the SoftHSM PKCS @%:@11 module to \
257                          use. By default the test suite will search common \
258                          library paths.])
259
[a08b25e]260dnl Build list of "Listen" statements for Apache
[21181b2]261LISTEN_LIST="@%:@ Listen addresses for the test servers"
[a08b25e]262for i in ${TEST_IP}; do
263        LISTEN_LIST="${LISTEN_LIST}
264Listen ${i}:\${TEST_PORT}"
265done
[21181b2]266# Available extra ports, tests can "Define" variables of the listed
267# names in their apache.conf to enable them.
[967bf9b]268for j in TEST_HTTP_PORT; do
[8ac7c0d]269LISTEN_LIST="${LISTEN_LIST}
[21181b2]270<IfDefine ${j}>"
[8ac7c0d]271for i in ${TEST_IP}; do
272        LISTEN_LIST="${LISTEN_LIST}
[21181b2]273        Listen ${i}:\${${j}}"
[8ac7c0d]274done
275LISTEN_LIST="${LISTEN_LIST}
276</IfDefine>"
[21181b2]277done
[a08b25e]278AC_SUBST(LISTEN_LIST)
279AM_SUBST_NOTMAKE(LISTEN_LIST)
[26081ce]280
[9a18e30]281DX_DOXYGEN_FEATURE(ON)
282DX_DOT_FEATURE(ON)
283DX_HTML_FEATURE(ON)
284DX_MAN_FEATURE(OFF)
285DX_RTF_FEATURE(OFF)
286DX_XML_FEATURE(OFF)
287DX_PDF_FEATURE(ON)
288DX_PS_FEATURE(OFF)
289DX_INIT_DOXYGEN([mod_gnutls], [doc/doxygen.conf], [doc/api])
290
[6e1d45d]291AC_CONFIG_FILES([Makefile src/Makefile test/Makefile test/tests/Makefile \
[9a18e30]292                        doc/Makefile doc/doxygen.conf include/mod_gnutls.h \
[94430e6]293                        test/proxy_backend.conf test/ocsp_server.conf \
[ddf6027]294                        test/apache-conf/listen.conf \
295                        test/apache-conf/netns.conf])
[9706fc2]296AC_OUTPUT
297
298echo "---"
[42307a9]299echo "Configuration summary for mod_gnutls:"
[9706fc2]300echo ""
[ea14e97]301echo "   * mod_gnutls version:  ${MOD_GNUTLS_VERSION}"
[16068f4]302echo "   * Apache Modules directory:    ${AP_LIBEXECDIR}"
[42307a9]303echo "   * GnuTLS Library version:      ${LIBGNUTLS_VERSION}"
[b0e4ce6]304echo "   * CFLAGS for GnuTLS:           ${LIBGNUTLS_CFLAGS}"
305echo "   * LDFLAGS for GnuTLS:  ${LIBGNUTLS_LIBS}"
[28f3f4f]306echo "   * SRP Authentication:  ${use_srp}"
307echo "   * MSVA Client Verification:    ${use_msva}"
308echo "   * Build documentation: ${build_doc}"
[9706fc2]309echo ""
310echo "---"
Note: See TracBrowser for help on using the repository browser.