source: mod_gnutls/configure.ac

mod_gnutls/0.9.0
Last change on this file was 510764a, checked in by Fiona Klute <fiona.klute@…>, 9 hours ago

Release version 0.9.0

  • Property mode set to 100644
File size: 11.3 KB
RevLine 
[510764a]1AC_INIT(mod_gnutls, 0.9.0)
[9706fc2]2OOO_CONFIG_NICE(config.nice)
[42307a9]3MOD_GNUTLS_VERSION=AC_PACKAGE_VERSION
[6e0bfd6]4AC_PREREQ(2.53)
[9706fc2]5AC_CONFIG_SRCDIR([src/mod_gnutls.c])
[6e0bfd6]6AC_CONFIG_AUX_DIR(config)
[7bebb42]7
[5a6446d]8OOO_MAINTAIN_MODE
[9706fc2]9AM_MAINTAINER_MODE
10AC_CANONICAL_TARGET
[9a4d250]11# mod_gnutls test suite requires GNU make
12AM_INIT_AUTOMAKE([-Wno-portability])
[6e0bfd6]13AM_CONFIG_HEADER(include/mod_gnutls_config.h:config.in)
[9706fc2]14
[eda8686]15LT_INIT([disable-static])
16
[42307a9]17AC_SUBST(MOD_GNUTLS_VERSION)
[9706fc2]18
19AC_PROG_CC
[dff03fa]20AC_PROG_CC_C99
[9706fc2]21AC_PROG_LD
22AC_PROG_INSTALL
[7bebb42]23AC_PROG_LIBTOOL
[9706fc2]24
[4aec9a1]25AC_CONFIG_MACRO_DIR([m4])
26
[d60ff7b]27AP_VERSION=2.4.17
[9706fc2]28CHECK_APACHE(,$AP_VERSION,
29    :,:,
30    AC_MSG_ERROR([*** Apache version $AP_VERSION not found!])
31)
32
[b4eef18]33dnl Maybe use the binaries for tests, too?
34AC_ARG_WITH([gnutls-dev],
35        AS_HELP_STRING([--with-gnutls-dev=DIR],
36                [Use GnuTLS libraries from a development (git) tree. Use \
37                this if you want to test mod_gnutls with the latest \
38                GnuTLS code.]),
39        [
40                AS_IF([test -d "${with_gnutls_dev}" ],
41                [
42                        LIBGNUTLS_CFLAGS="-I${with_gnutls_dev}/lib/includes"
43                        LIBGNUTLS_LIBS="-lgnutls -L${with_gnutls_dev}/lib/.libs -R${with_gnutls_dev}/lib/.libs"
44                ],
45                [AC_MSG_ERROR([--with-gnutls-dev=DIR requires a directory!])])
46        ], [])
47
[4c529de]48PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 3.3.0])
[cac3a7f]49
50LIBGNUTLS_VERSION=`pkg-config --modversion gnutls`
[16068f4]51
[0bda20f]52AC_ARG_ENABLE(vpath-install,
53       AS_HELP_STRING([--enable-vpath-install],
54               [Modify the Apache module directory provided by apxs to \
55               follow --prefix, if necessary. Most users will not want this, \
56               but it is required for VPATH builds including "make \
57               distcheck".]),
58       vpath_install=$enableval, vpath_install=no)
59AM_CONDITIONAL([ENABLE_VPATH_INSTALL], [test "$vpath_install" = "yes"])
60
[787dab7]61AC_ARG_ENABLE(srp,
62       AS_HELP_STRING([--disable-srp],
63               [unconditionally disable the SRP functionality]),
64       use_srp=$enableval, use_srp=yes)
[b072204]65
[f71e6ce]66# check if the available GnuTLS library supports SRP
67AC_SEARCH_LIBS([gnutls_srp_server_get_username], [gnutls], [], [use_srp="no"])
68
[7ff6c6c]69GNUTLS_FEAT_CFLAGS=""
[787dab7]70if test "$use_srp" != "no"; then
[7ff6c6c]71        GNUTLS_FEAT_CFLAGS="-DENABLE_SRP=1"
72fi
73
74# check if the available GnuTLS library supports raw extension parsing
75AC_SEARCH_LIBS([gnutls_ext_raw_parse], [gnutls], [early_sni="yes"],
76        [early_sni="no"])
77if test "$early_sni" != "no"; then
[a939015]78        ENABLE_EARLY_SNI=1
79        # This is for the test server configuration
80        EXPECT_EARLY_SNI="Define EXPECT_EARLY_SNI"
81else
82        ENABLE_EARLY_SNI=0
83        EXPECT_EARLY_SNI=""
[787dab7]84fi
[a939015]85AC_SUBST(ENABLE_EARLY_SNI)
86AC_SUBST(EXPECT_EARLY_SNI)
87AM_SUBST_NOTMAKE(EXPECT_EARLY_SNI)
[c70c6d7]88
[fd82e59]89AC_ARG_ENABLE(strict,
90       AS_HELP_STRING([--disable-strict],
91               [Avoid strict compiler warnings and errors]),
92       use_strict=$enableval, use_strict=yes)
93
94STRICT_CFLAGS=""
95if test "$use_strict" != "no"; then
[6135393]96        STRICT_CFLAGS="-Wall -Werror -Wextra -Wno-error=deprecated-declarations"
[fd82e59]97fi
98
[787dab7]99AC_MSG_CHECKING([whether to enable SRP functionality])
100AC_MSG_RESULT($use_srp)
101
[412ee84]102dnl Optionally disable flock
103AC_ARG_ENABLE(flock,
[dff57b4]104        AS_HELP_STRING([--disable-flock], [Disable use of flock during tests \
105        (some exotic architectures don't support it)]),
[412ee84]106        [use_flock=$enableval], [use_flock=yes])
[5d9f34e]107# Check if flock is available and supports --timeout
108AC_PATH_PROG([FLOCK], [flock], [no])
109AS_IF([test "${FLOCK}" != "no"],
110      [
111        AC_MSG_CHECKING([whether ${FLOCK} supports --timeout])
112        lockfile="$(mktemp)"
113        AS_IF([${FLOCK} --timeout 1 ${lockfile} true >&AS_MESSAGE_LOG_FD 2>&1],
114              [flock_works="yes"], [flock_works="no"])
115        AC_MSG_RESULT([$flock_works])
[4ae5b82]116        # Old versions of flock do not support --verbose. They fail
117        # without executing the command but still return 0. Check for
118        # this behavior by testing if the rm command was executed.
119        AC_MSG_CHECKING([whether ${FLOCK} supports --verbose])
120        testfile="$(mktemp)"
121        AS_IF([${FLOCK} --verbose --timeout 1 ${lockfile} rm "${testfile}" \
122                        >&AS_MESSAGE_LOG_FD 2>&1; test ! -e "${testfile}"],
123              [flock_verbose="yes"; FLOCK="${FLOCK} --verbose"],
124              [flock_verbose="no"; rm "${testfile}"])
125        AC_MSG_RESULT([$flock_verbose])
126        rm "${lockfile}"
[5d9f34e]127      ],
128      [flock_works="no"])
129# disable flock if requested by user or it doesn't support timeout
130AM_CONDITIONAL([DISABLE_FLOCK],
131               [test "$enable_flock" = "no" || test "$flock_works" = "no"])
[412ee84]132
[21181b2]133# openssl is needed as the responder for OCSP tests
134AC_PATH_PROG([OPENSSL], [openssl], [no])
[3725f2d]135# OCSP checks with gnutls-cli from GnuTLS versions before 3.3.23,
136# 3.4.12, or 3.5.1 (on the respective 3.x branch) fail if intermediate
137# CAs cannot be status checked, even if there are no intermediate CAs
138# like in the mod_gnutls test suite where end entity certificates are
139# directly issued by a root CA.
[efe884e]140AC_MSG_CHECKING([for gnutls-cli version supporting OCSP for EE under root CA])
141AC_PREPROC_IFELSE(
142        [AC_LANG_SOURCE([[#include "gnutls/gnutls.h"
143                        #if GNUTLS_VERSION_NUMBER < 0x030317
144                        #error
145                        #elif GNUTLS_VERSION_NUMBER >= 0x030400 && GNUTLS_VERSION_NUMBER < 0x03040c
146                        #error
[3725f2d]147                        #elif GNUTLS_VERSION_NUMBER == 0x030500
148                        #error
[efe884e]149                        #endif
150                        ]])],
151        [gnutls_ocsp_ok="yes"],
152        [gnutls_ocsp_ok="no"],
153)
154AC_MSG_RESULT([$gnutls_ocsp_ok])
155AM_CONDITIONAL([ENABLE_OCSP_TEST], [test "${OPENSSL}" != "no" && test "${gnutls_ocsp_ok}" = "yes"])
[42bee37]156
[cf4e708]157dnl Enable test namespaces? Default is "yes".
158AC_ARG_ENABLE(test-namespaces,
[267a27a]159        AS_HELP_STRING([--disable-test-namespaces], [Disable use of \
160        namespaces for tests (limits parallelization)]),
[cf4e708]161        [use_netns=$enableval], [use_netns=yes])
[b21bf4f]162
[267a27a]163# Check if "unshare" is available and has permission to create
164# network, IPC, and user namespaces
[b21bf4f]165AC_PATH_PROG([UNSHARE], [unshare], [no])
166AS_IF([test "${UNSHARE}" != "no"],
167      [
[267a27a]168        AC_MSG_CHECKING([for permission to use namespaces])
169        AS_IF([${UNSHARE} --net --ipc -r /bin/sh -c \
[d7c2508]170                "ip link set up lo && ip addr show" >&AS_MESSAGE_LOG_FD 2>&1],
[b21bf4f]171              [unshare_works="yes"], [unshare_works="no"])
172        AC_MSG_RESULT([$unshare_works])
173      ],
[1bb6b1c]174      [unshare_works="no"])
[b21bf4f]175# decide whether to enable network namespaces
176AS_IF([test "$enable_test_namespaces" != "no" \
177            && test "$unshare_works" = "yes"],
178      [use_netns="yes"], [use_netns="no"])
[cf4e708]179AM_CONDITIONAL([ENABLE_NETNS], [test "$use_netns" != "no"])
[b21bf4f]180# Adjust Apache configuration for tests accordingly: Use pthread mutex
181# and test specific PID files if using namespaces, defaults otherwise.
182AS_IF([test "$use_netns" = "yes"],
[37beb92]183      [MUTEX_CONF="Mutex pthread default"; PID_AFFIX="-\${TEST_NAME}"],
184      [MUTEX_CONF=""; PID_AFFIX=""])
185AC_SUBST(MUTEX_CONF)
[cf4e708]186AC_SUBST(PID_AFFIX)
[37beb92]187AM_SUBST_NOTMAKE(MUTEX_CONF)
[cf4e708]188AM_SUBST_NOTMAKE(PID_AFFIX)
189
[fa45dcb]190AC_ARG_ENABLE(msva,
191       AS_HELP_STRING([--enable-msva],
192               [enable Monkeysphere client certificate verification]),
193       use_msva=$enableval, use_msva=no)
[b27cce7]194AM_CONDITIONAL([USE_MSVA], [test "$use_msva" != "no"])
[fa45dcb]195
196MSVA_CFLAGS=""
197if test "$use_msva" != "no"; then
[b27cce7]198        AC_CHECK_HEADERS([msv/msv.h], [],
[fa45dcb]199                         [AC_MSG_ERROR([*** No libmsv headers found!])])
200        AC_SEARCH_LIBS([msv_query_agent], [msv], [],
201                         [AC_MSG_ERROR([*** No libmsv found with msv_query_agent!])])
[b27cce7]202        MSVA_CFLAGS="-DENABLE_MSVA=1"
[fa45dcb]203fi
204
205AC_MSG_CHECKING([whether to enable MSVA functionality])
206AC_MSG_RESULT($use_msva)
207
[6e1d45d]208# Building documentation requires pandoc, which in turn needs pdflatex
209# to build PDF output.
[28f3f4f]210build_doc=no
[6e1d45d]211AC_PATH_PROG([PANDOC], [pandoc], [no])
212if test "$PANDOC" != "no"; then
213        AC_PATH_PROG([PDFLATEX], [pdflatex], [no])
[28f3f4f]214        if test "$PDFLATEX" != "no"; then
[7f2fd55]215                build_doc="html, manual page, pdf"
[28f3f4f]216        else
[7f2fd55]217                build_doc="html, manual page"
[28f3f4f]218        fi
[7225749]219else
220        AC_PATH_PROG([MARKDOWN], [markdown], [no])
221        if test "$MARKDOWN" != "no"; then
222                build_doc="html stub"
223        fi
[6e1d45d]224fi
225AM_CONDITIONAL([USE_PANDOC], [test "$PANDOC" != "no"])
226AM_CONDITIONAL([USE_PDFLATEX], [test "$PANDOC" != "no" && \
227                               test "$PDFLATEX" != "no"])
[7225749]228AM_CONDITIONAL([USE_MARKDOWN], [test -n "$MARKDOWN" && \
229                               test "$MARKDOWN" != "no"])
[6e1d45d]230
[af7da2d]231# Check for Apache binary
[83b3901]232AC_PATH_PROGS([APACHE2], [apache2 httpd], [no], [$PATH:/usr/sbin])
[af7da2d]233if test "${APACHE2}" = "no"; then
234        AC_MSG_WARN([Neither apache2 nor httpd found in \
[52c3f68]235                     PATH. Test suite will fail.])
236fi
237
[67f2f58]238AC_PATH_PROGS([HTTP_CLI], [curl wget], [no])
239
[7ff6c6c]240MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${GNUTLS_FEAT_CFLAGS} ${MSVA_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}"
[6bbd378]241MODULE_LIBS="${LIBGNUTLS_LIBS}"
[9706fc2]242
[b0e5dae]243AC_PATH_PROGS([SOFTHSM], [softhsm2-util softhsm], [no])
[74772b2]244if test "${SOFTHSM}" != "no"; then
245        softhsm_version=$(${SOFTHSM} --version)
246        AS_VERSION_COMPARE([$(${SOFTHSM} --version)], [2.0.0],
247                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [1])],
248                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [2])],
249                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [2])])
250fi
[5eb4544]251AM_CONDITIONAL([HAVE_SOFTHSM], [test "${SOFTHSM}" != "no"])
[74772b2]252AM_CONDITIONAL([HAVE_SOFTHSM1], [test "${SOFTHSM_MAJOR_VERSION}" = "1"])
253AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${SOFTHSM_MAJOR_VERSION}" = "2"])
[5eb4544]254
[9706fc2]255AC_SUBST(MODULE_CFLAGS)
[16068f4]256AC_SUBST(MODULE_LIBS)
[9706fc2]257
[26081ce]258# assign default values to TEST_HOST and TEST_IP if necessary
259: ${TEST_HOST:="localhost"}
[a08b25e]260: ${TEST_IP:="[[::1]] 127.0.0.1"}
[26081ce]261AC_ARG_VAR([TEST_HOST], [Host name to use for server instances started by \
[a08b25e]262                        "make check", must resolve to addresses in TEST_IP. \
263                        The default is "localhost".])
264AC_ARG_VAR([TEST_IP], [List of IP addresses to use for server instances \
265                      started by "make check". The default is \
266                      "[::1] 127.0.0.1". Note that IPv6 addresses must be \
267                      enclosed in square brackets.])
268
[6c030c1]269: ${TEST_LOCK_WAIT:="30"}
270: ${TEST_QUERY_TIMEOUT:="30"}
271AC_ARG_VAR([TEST_LOCK_WAIT], [Timeout in seconds to acquire locks for \
272                             Apache instances in the test suite, or the \
273                             previous instance to remove its PID file if \
274                             flock is not used. Default is 30.])
275AC_ARG_VAR([TEST_QUERY_TIMEOUT], [Timeout in seconds for HTTPS requests \
276                                 sent using gnutls-cli in the test suite. \
277                                 Default is 30.])
278
[aeaf28b]279dnl Allow user to set SoftHSM PKCS #11 module
280AC_ARG_VAR([SOFTHSM_LIB], [Absolute path of the SoftHSM PKCS @%:@11 module to \
281                          use. By default the test suite will search common \
282                          library paths.])
283
[a08b25e]284dnl Build list of "Listen" statements for Apache
[21181b2]285LISTEN_LIST="@%:@ Listen addresses for the test servers"
[a08b25e]286for i in ${TEST_IP}; do
287        LISTEN_LIST="${LISTEN_LIST}
288Listen ${i}:\${TEST_PORT}"
289done
[21181b2]290# Available extra ports, tests can "Define" variables of the listed
291# names in their apache.conf to enable them.
[967bf9b]292for j in TEST_HTTP_PORT; do
[8ac7c0d]293LISTEN_LIST="${LISTEN_LIST}
[21181b2]294<IfDefine ${j}>"
[8ac7c0d]295for i in ${TEST_IP}; do
296        LISTEN_LIST="${LISTEN_LIST}
[21181b2]297        Listen ${i}:\${${j}}"
[8ac7c0d]298done
299LISTEN_LIST="${LISTEN_LIST}
300</IfDefine>"
[21181b2]301done
[a08b25e]302AC_SUBST(LISTEN_LIST)
303AM_SUBST_NOTMAKE(LISTEN_LIST)
[26081ce]304
[9a18e30]305DX_DOXYGEN_FEATURE(ON)
306DX_DOT_FEATURE(ON)
307DX_HTML_FEATURE(ON)
308DX_MAN_FEATURE(OFF)
309DX_RTF_FEATURE(OFF)
310DX_XML_FEATURE(OFF)
[0020874]311DX_PDF_FEATURE(OFF)
[9a18e30]312DX_PS_FEATURE(OFF)
313DX_INIT_DOXYGEN([mod_gnutls], [doc/doxygen.conf], [doc/api])
314
[6e1d45d]315AC_CONFIG_FILES([Makefile src/Makefile test/Makefile test/tests/Makefile \
[9a18e30]316                        doc/Makefile doc/doxygen.conf include/mod_gnutls.h \
[94430e6]317                        test/proxy_backend.conf test/ocsp_server.conf \
[a939015]318                        test/apache-conf/early_sni.conf \
[ddf6027]319                        test/apache-conf/listen.conf \
320                        test/apache-conf/netns.conf])
[9706fc2]321AC_OUTPUT
322
323echo "---"
[42307a9]324echo "Configuration summary for mod_gnutls:"
[9706fc2]325echo ""
[ea14e97]326echo "   * mod_gnutls version:  ${MOD_GNUTLS_VERSION}"
[16068f4]327echo "   * Apache Modules directory:    ${AP_LIBEXECDIR}"
[42307a9]328echo "   * GnuTLS Library version:      ${LIBGNUTLS_VERSION}"
[b0e4ce6]329echo "   * CFLAGS for GnuTLS:           ${LIBGNUTLS_CFLAGS}"
330echo "   * LDFLAGS for GnuTLS:  ${LIBGNUTLS_LIBS}"
[28f3f4f]331echo "   * SRP Authentication:  ${use_srp}"
332echo "   * MSVA Client Verification:    ${use_msva}"
[8adfa57]333echo "   * Early SNI:                   ${early_sni}"
[28f3f4f]334echo "   * Build documentation: ${build_doc}"
[9706fc2]335echo ""
336echo "---"
Note: See TracBrowser for help on using the repository browser.