source: mod_gnutls/configure.ac @ 22a737b

Last change on this file since 22a737b was 22a737b, checked in by Fiona Klute <fiona.klute@…>, 7 weeks ago

Detect usable loopback IPs during ./configure

  • Property mode set to 100644
File size: 11.5 KB
Line 
1AC_INIT(mod_gnutls, 0.10.0)
2OOO_CONFIG_NICE(config.nice)
3MOD_GNUTLS_VERSION=AC_PACKAGE_VERSION
4AC_PREREQ(2.53)
5AC_CONFIG_SRCDIR([src/mod_gnutls.c])
6AC_CONFIG_AUX_DIR(config)
7
8AM_MAINTAINER_MODE([enable])
9AC_CANONICAL_TARGET
10# mod_gnutls test suite requires GNU make
11AM_INIT_AUTOMAKE([-Wno-portability])
12AM_CONFIG_HEADER(include/mod_gnutls_config.h:config.in)
13
14LT_INIT([disable-static])
15
16AC_SUBST(MOD_GNUTLS_VERSION)
17
18AC_PROG_CC
19AC_PROG_CC_C99
20AC_PROG_LD
21AC_PROG_INSTALL
22AC_PROG_LIBTOOL
23
24AC_CONFIG_MACRO_DIR([m4])
25
26AP_VERSION=2.4.17
27CHECK_APACHE(,$AP_VERSION,
28    :,:,
29    AC_MSG_ERROR([*** Apache version $AP_VERSION not found!])
30)
31
32PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 3.6.3])
33LIBGNUTLS_VERSION=`pkg-config --modversion gnutls`
34
35dnl Maybe use the binaries for tests, too?
36AC_ARG_WITH([gnutls-dev],
37        AS_HELP_STRING([--with-gnutls-dev=DIR],
38                [Use GnuTLS libraries from a development (git) tree. Use \
39                this if you want to test mod_gnutls with the latest \
40                GnuTLS code.]),
41        [
42                AS_IF([test -d "${with_gnutls_dev}" ],
43                [
44                        LIBGNUTLS_CFLAGS="-I${with_gnutls_dev}/lib/includes"
45                        LIBGNUTLS_LIBS="-lgnutls -L${with_gnutls_dev}/lib/.libs -R${with_gnutls_dev}/lib/.libs"
46                        LIBGNUTLS_VERSION=`PKG_CONFIG_PATH="${with_gnutls_dev}/lib" pkg-config --modversion gnutls`
47                ],
48                [AC_MSG_ERROR([--with-gnutls-dev=DIR requires a directory!])])
49        ], [])
50
51AC_ARG_ENABLE(vpath-install,
52       AS_HELP_STRING([--enable-vpath-install],
53               [Modify the Apache module directory provided by apxs to \
54               follow --prefix, if necessary. Most users will not want this, \
55               but it is required for VPATH builds including "make \
56               distcheck".]),
57       vpath_install=$enableval, vpath_install=no)
58AM_CONDITIONAL([ENABLE_VPATH_INSTALL], [test "$vpath_install" = "yes"])
59
60AC_ARG_ENABLE(srp,
61       AS_HELP_STRING([--enable-srp],
62               [enable SRP functionality if supported by libgnutls]),
63       use_srp=$enableval, use_srp=no)
64
65# check if the available GnuTLS library supports SRP
66AC_SEARCH_LIBS([gnutls_srp_server_get_username], [gnutls], [], [use_srp="no"])
67
68AC_MSG_CHECKING([whether to enable SRP functionality])
69AC_MSG_RESULT($use_srp)
70
71GNUTLS_FEAT_CFLAGS=""
72AS_IF([test "${use_srp}" != "no"], [
73        GNUTLS_FEAT_CFLAGS="-DENABLE_SRP=1"
74        AC_MSG_WARN([You have enabled SRP support. This feature is deprecated and will be removed in a future release.])
75])
76
77AC_ARG_ENABLE(strict,
78       AS_HELP_STRING([--disable-strict],
79               [Avoid strict compiler warnings and errors]),
80       use_strict=$enableval, use_strict=yes)
81
82STRICT_CFLAGS=""
83if test "$use_strict" != "no"; then
84        STRICT_CFLAGS="-Wall -Werror -Wextra -Wno-error=deprecated-declarations"
85fi
86
87MOD_GNUTLS_DEBUG=0
88AC_ARG_ENABLE(gnutls-debug-log,
89       AS_HELP_STRING([--enable-gnutls-debug-log],
90               [Write GnuTLS debug output to /tmp/gnutls_debug, for \
91               debugging only!]),
92       enable_gnutls_debug=$enableval, enable_gnutls_debug=no)
93if test "$enable_gnutls_debug" != "no"; then
94        MOD_GNUTLS_DEBUG=1
95fi
96AC_SUBST(MOD_GNUTLS_DEBUG)
97
98AM_PATH_PYTHON([3])
99AX_PYTHON_MODULE([yaml], [fatal])
100
101dnl Enable testing with Valgrind? Default is "no".
102AC_ARG_ENABLE([valgrind-test],
103        AS_HELP_STRING([--enable-valgrind-test], [Enable running \
104        tests with Valgrind (slow)]),
105        [use_valgrind=$enableval], [use_valgrind=no])
106AC_MSG_CHECKING([whether to run tests with Valgrind])
107AC_MSG_RESULT([$use_valgrind])
108AC_PATH_PROG([VALGRIND], [valgrind], [no])
109AS_IF([test "${use_valgrind}" != "no" -a "${VALGRIND}" = "no"],
110      [AC_MSG_ERROR([Valgrind test are enabled, but "valgrind" not \
111      found in PATH!])])
112AM_CONDITIONAL([ENABLE_VALGRIND], [test "${use_valgrind}" != "no"])
113
114dnl Optionally disable flock
115AC_ARG_ENABLE(flock,
116        AS_HELP_STRING([--disable-flock], [Disable use of flock during tests \
117        (some exotic architectures don't support it)]),
118        [use_flock=$enableval], [use_flock=yes])
119# Check if flock is available and supports --timeout
120AC_PATH_PROG([FLOCK], [flock], [no])
121AS_IF([test "${FLOCK}" != "no"],
122      [
123        AC_MSG_CHECKING([whether ${FLOCK} supports --timeout])
124        lockfile="$(mktemp)"
125        AS_IF([${FLOCK} --timeout 1 ${lockfile} true >&AS_MESSAGE_LOG_FD 2>&1],
126              [flock_works="yes"], [flock_works="no"])
127        AC_MSG_RESULT([$flock_works])
128        # Old versions of flock do not support --verbose. They fail
129        # without executing the command but still return 0. Check for
130        # this behavior by testing if the rm command was executed.
131        AC_MSG_CHECKING([whether ${FLOCK} supports --verbose])
132        testfile="$(mktemp)"
133        AS_IF([${FLOCK} --verbose --timeout 1 ${lockfile} rm "${testfile}" \
134                        >&AS_MESSAGE_LOG_FD 2>&1; test ! -e "${testfile}"],
135              [flock_verbose="yes"; FLOCK="${FLOCK} --verbose"],
136              [flock_verbose="no"; rm "${testfile}"])
137        AC_MSG_RESULT([$flock_verbose])
138        rm "${lockfile}"
139      ],
140      [flock_works="no"])
141# disable flock if requested by user or it doesn't support timeout
142AM_CONDITIONAL([DISABLE_FLOCK],
143               [test "$enable_flock" = "no" || test "$flock_works" = "no"])
144
145# openssl is needed as the responder for OCSP tests
146AC_PATH_PROG([OPENSSL], [openssl], [no])
147AM_CONDITIONAL([ENABLE_OCSP_TEST], [test "${OPENSSL}" != "no"])
148
149dnl Enable test namespaces? Default is "yes".
150AC_ARG_ENABLE(test-namespaces,
151        AS_HELP_STRING([--disable-test-namespaces], [Disable use of \
152        namespaces for tests (limits parallelization)]),
153        [use_netns=$enableval], [use_netns=yes])
154
155# Check if "unshare" is available and has permission to create
156# network, IPC, and user namespaces
157AC_PATH_PROG([UNSHARE], [unshare], [no])
158AS_IF([test "${UNSHARE}" != "no"],
159      [
160        AC_MSG_CHECKING([for permission to use namespaces])
161        AS_IF([${UNSHARE} --net --ipc -r /bin/sh -c \
162                "ip link set up lo && ip addr show" >&AS_MESSAGE_LOG_FD 2>&1],
163              [unshare_works="yes"], [unshare_works="no"])
164        AC_MSG_RESULT([$unshare_works])
165      ],
166      [unshare_works="no"])
167# decide whether to enable network namespaces
168AS_IF([test "$enable_test_namespaces" != "no" \
169            && test "$unshare_works" = "yes"],
170      [use_netns="yes"], [use_netns="no"])
171AM_CONDITIONAL([ENABLE_NETNS], [test "$use_netns" != "no"])
172
173AC_ARG_ENABLE(msva,
174       AS_HELP_STRING([--enable-msva],
175               [enable Monkeysphere client certificate verification]),
176       use_msva=$enableval, use_msva=no)
177AM_CONDITIONAL([USE_MSVA], [test "$use_msva" != "no"])
178
179MSVA_CFLAGS=""
180AS_IF([test "$use_msva" != "no"], [
181        AC_CHECK_HEADERS([msv/msv.h], [],
182                         [AC_MSG_ERROR([*** No libmsv headers found!])])
183        AC_SEARCH_LIBS([msv_query_agent], [msv], [],
184                         [AC_MSG_ERROR([*** No libmsv found with msv_query_agent!])])
185        MSVA_CFLAGS="-DENABLE_MSVA=1"
186])
187
188AC_MSG_CHECKING([whether to enable MSVA functionality])
189AC_MSG_RESULT($use_msva)
190
191# Building documentation requires pandoc, which in turn needs pdflatex
192# to build PDF output.
193build_doc=no
194AC_PATH_PROG([PANDOC], [pandoc], [no])
195AC_ARG_ENABLE(pdf-doc,
196        AS_HELP_STRING([--disable-pdf-doc], [don't build PDF documentation]))
197AS_IF([test "$PANDOC" != "no"], [
198        AC_PATH_PROG([PDFLATEX], [pdflatex], [no])
199        if test "$PDFLATEX" != "no" && test "${enable_pdf_doc}" != "no"; then
200                build_doc="html, manual page, pdf"
201        else
202                build_doc="html, manual page"
203        fi
204], [
205        AC_PATH_PROG([MARKDOWN], [markdown], [no])
206        if test "$MARKDOWN" != "no"; then
207                build_doc="html stub"
208        fi
209])
210AM_CONDITIONAL([USE_PANDOC], [test "$PANDOC" != "no"])
211AM_CONDITIONAL([USE_PDFLATEX], [test "$PANDOC" != "no" && \
212                               test "$PDFLATEX" != "no" && \
213                               test "${enable_pdf_doc}" != "no"])
214AM_CONDITIONAL([USE_MARKDOWN], [test -n "$MARKDOWN" && \
215                               test "$MARKDOWN" != "no"])
216
217# Check for Apache binary
218AC_PATH_PROGS([APACHE2], [apache2 httpd], [no], [$PATH:/usr/sbin])
219AS_IF([test "${APACHE2}" = "no"], [
220        AC_MSG_WARN([Neither apache2 nor httpd found in \
221                     PATH. Test suite will fail.])
222])
223
224AC_PATH_PROGS([HTTP_CLI], [curl], [no])
225
226MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${GNUTLS_FEAT_CFLAGS} ${MSVA_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}"
227MODULE_LIBS="${LIBGNUTLS_LIBS}"
228
229AC_PATH_PROGS([SOFTHSM], [softhsm2-util], [no])
230AM_CONDITIONAL([HAVE_SOFTHSM], [test "${SOFTHSM}" != "no"])
231
232AC_SUBST(MODULE_CFLAGS)
233AC_SUBST(MODULE_LIBS)
234
235# Adjust Apache configuration for tests: Use pthread mutex and test
236# specific PID files if using namespaces. Otherwise defaults are used,
237# and the user can override the default mutex type.
238AC_ARG_VAR([APACHE_MUTEX], [Override the default mutex for the test \
239                           environment. The value is used only when running \
240                           without namespace isolation, tests running in \
241                           their own namespaces always use "pthread".])
242AS_IF([test -n "${APACHE_MUTEX}"],
243      [MUTEX_CONF="Mutex ${APACHE_MUTEX} default"],
244      [MUTEX_CONF=""])
245AS_IF([test "$use_netns" = "yes"],
246      [MUTEX_CONF="Mutex pthread default"; PID_AFFIX="-\${TEST_NAME}"],
247      [PID_AFFIX=""])
248AC_SUBST(MUTEX_CONF)
249AC_SUBST(PID_AFFIX)
250AM_SUBST_NOTMAKE(MUTEX_CONF)
251AM_SUBST_NOTMAKE(PID_AFFIX)
252
253AC_MSG_CHECKING([which loopback addresses are usable])
254loopback_ips="$("${PYTHON}" test/check_test_ips.py -q ::1 127.0.0.1)"
255AC_MSG_RESULT(${loopback_ips})
256
257# assign default values to TEST_HOST and TEST_IP if necessary
258: ${TEST_HOST:="localhost"}
259: ${TEST_IP:="${loopback_ips}"}
260AC_ARG_VAR([TEST_HOST], [Host name to use for server instances started by \
261                        "make check", must resolve to addresses in TEST_IP. \
262                        The default is "localhost".])
263AC_ARG_VAR([TEST_IP], [List of IP addresses to use for server instances \
264                      started by "make check". The default is \
265                      "[::1] 127.0.0.1". Note that IPv6 addresses must be \
266                      enclosed in square brackets.])
267
268: ${TEST_LOCK_WAIT:="30"}
269: ${TEST_QUERY_TIMEOUT:="30"}
270AC_ARG_VAR([TEST_LOCK_WAIT], [Timeout in seconds to acquire locks for \
271                             Apache instances in the test suite, or the \
272                             previous instance to remove its PID file if \
273                             flock is not used. Default is 30.])
274AC_ARG_VAR([TEST_QUERY_TIMEOUT], [Timeout in seconds for HTTPS requests \
275                                 sent using gnutls-cli in the test suite. \
276                                 Default is 30.])
277
278dnl Allow user to set SoftHSM PKCS #11 module
279AC_ARG_VAR([SOFTHSM_LIB], [Absolute path of the SoftHSM PKCS @%:@11 module to \
280                          use. By default the test suite will search common \
281                          library paths.])
282
283dnl Build list of "Listen" statements for Apache
284LISTEN_LIST="@%:@ Listen addresses for the test servers"
285for i in ${TEST_IP}; do
286        LISTEN_LIST="${LISTEN_LIST}
287Listen ${i}:\${TEST_PORT}"
288done
289# Available extra ports, tests can "Define" variables of the listed
290# names in their apache.conf to enable them.
291for j in TEST_HTTP_PORT; do
292LISTEN_LIST="${LISTEN_LIST}
293<IfDefine ${j}>"
294for i in ${TEST_IP}; do
295        LISTEN_LIST="${LISTEN_LIST}
296        Listen ${i}:\${${j}}"
297done
298LISTEN_LIST="${LISTEN_LIST}
299</IfDefine>"
300done
301AC_SUBST(LISTEN_LIST)
302AM_SUBST_NOTMAKE(LISTEN_LIST)
303
304DX_DOXYGEN_FEATURE(ON)
305DX_DOT_FEATURE(ON)
306DX_HTML_FEATURE(ON)
307DX_MAN_FEATURE(OFF)
308DX_RTF_FEATURE(OFF)
309DX_XML_FEATURE(OFF)
310DX_PDF_FEATURE(OFF)
311DX_PS_FEATURE(OFF)
312DX_INIT_DOXYGEN([mod_gnutls], [doc/doxygen.conf], [doc/api])
313
314AC_CONFIG_FILES([Makefile src/Makefile test/Makefile test/tests/Makefile \
315                        doc/Makefile doc/doxygen.conf include/mod_gnutls.h \
316                        test/proxy_backend.conf test/ocsp_server.conf \
317                        test/apache-conf/listen.conf \
318                        test/apache-conf/netns.conf])
319AC_OUTPUT
320
321echo "---"
322echo "Configuration summary for mod_gnutls:"
323echo ""
324echo "   * mod_gnutls version:  ${MOD_GNUTLS_VERSION}"
325echo "   * Apache Modules directory:    ${AP_LIBEXECDIR}"
326echo "   * GnuTLS Library version:      ${LIBGNUTLS_VERSION}"
327echo "   * CFLAGS for GnuTLS:           ${LIBGNUTLS_CFLAGS}"
328echo "   * LDFLAGS for GnuTLS:  ${LIBGNUTLS_LIBS}"
329echo "   * SRP Authentication:  ${use_srp}"
330echo "   * MSVA Client Verification:    ${use_msva}"
331echo "   * Build documentation: ${build_doc}"
332echo ""
333echo "---"
Note: See TracBrowser for help on using the repository browser.