source: mod_gnutls/configure.ac @ b1261cb

proxy-ticket
Last change on this file since b1261cb was 0e069b6, checked in by Fiona Klute <fiona.klute@…>, 10 months ago

Support plain HTTP in the Python test framework

This makes it possible to run test 26 "redirect HTTP to HTTPS" without
an external HTTP client, the only thing still different from most
other tests is the TEST_HTTP_PORT environment variable.

  • Property mode set to 100644
File size: 10.6 KB
Line 
1AC_INIT(mod_gnutls, 0.9.1)
2OOO_CONFIG_NICE(config.nice)
3MOD_GNUTLS_VERSION=AC_PACKAGE_VERSION
4AC_PREREQ(2.53)
5AC_CONFIG_SRCDIR([src/mod_gnutls.c])
6AC_CONFIG_AUX_DIR(config)
7
8OOO_MAINTAIN_MODE
9AM_MAINTAINER_MODE
10AC_CANONICAL_TARGET
11# mod_gnutls test suite requires GNU make
12AM_INIT_AUTOMAKE([-Wno-portability])
13AM_CONFIG_HEADER(include/mod_gnutls_config.h:config.in)
14
15LT_INIT([disable-static])
16
17AC_SUBST(MOD_GNUTLS_VERSION)
18
19AC_PROG_CC
20AC_PROG_CC_C99
21AC_PROG_LD
22AC_PROG_INSTALL
23AC_PROG_LIBTOOL
24AM_PATH_PYTHON([3])
25
26AC_CONFIG_MACRO_DIR([m4])
27
28AP_VERSION=2.4.17
29CHECK_APACHE(,$AP_VERSION,
30    :,:,
31    AC_MSG_ERROR([*** Apache version $AP_VERSION not found!])
32)
33
34dnl Maybe use the binaries for tests, too?
35AC_ARG_WITH([gnutls-dev],
36        AS_HELP_STRING([--with-gnutls-dev=DIR],
37                [Use GnuTLS libraries from a development (git) tree. Use \
38                this if you want to test mod_gnutls with the latest \
39                GnuTLS code.]),
40        [
41                AS_IF([test -d "${with_gnutls_dev}" ],
42                [
43                        LIBGNUTLS_CFLAGS="-I${with_gnutls_dev}/lib/includes"
44                        LIBGNUTLS_LIBS="-lgnutls -L${with_gnutls_dev}/lib/.libs -R${with_gnutls_dev}/lib/.libs"
45                ],
46                [AC_MSG_ERROR([--with-gnutls-dev=DIR requires a directory!])])
47        ], [])
48
49PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 3.6.3])
50
51LIBGNUTLS_VERSION=`pkg-config --modversion gnutls`
52
53AC_ARG_ENABLE(vpath-install,
54       AS_HELP_STRING([--enable-vpath-install],
55               [Modify the Apache module directory provided by apxs to \
56               follow --prefix, if necessary. Most users will not want this, \
57               but it is required for VPATH builds including "make \
58               distcheck".]),
59       vpath_install=$enableval, vpath_install=no)
60AM_CONDITIONAL([ENABLE_VPATH_INSTALL], [test "$vpath_install" = "yes"])
61
62AC_ARG_ENABLE(srp,
63       AS_HELP_STRING([--disable-srp],
64               [unconditionally disable the SRP functionality]),
65       use_srp=$enableval, use_srp=yes)
66
67# check if the available GnuTLS library supports SRP
68AC_SEARCH_LIBS([gnutls_srp_server_get_username], [gnutls], [], [use_srp="no"])
69
70GNUTLS_FEAT_CFLAGS=""
71if test "$use_srp" != "no"; then
72        GNUTLS_FEAT_CFLAGS="-DENABLE_SRP=1"
73fi
74
75# check if the available GnuTLS library supports raw extension parsing
76AC_SEARCH_LIBS([gnutls_ext_raw_parse], [gnutls], [early_sni="yes"],
77        [early_sni="no"])
78if test "$early_sni" != "no"; then
79        ENABLE_EARLY_SNI=1
80        # This is for the test server configuration
81        EXPECT_EARLY_SNI="Define EXPECT_EARLY_SNI"
82else
83        ENABLE_EARLY_SNI=0
84        EXPECT_EARLY_SNI=""
85fi
86AC_SUBST(ENABLE_EARLY_SNI)
87AC_SUBST(EXPECT_EARLY_SNI)
88AM_SUBST_NOTMAKE(EXPECT_EARLY_SNI)
89
90AC_ARG_ENABLE(strict,
91       AS_HELP_STRING([--disable-strict],
92               [Avoid strict compiler warnings and errors]),
93       use_strict=$enableval, use_strict=yes)
94
95STRICT_CFLAGS=""
96if test "$use_strict" != "no"; then
97        STRICT_CFLAGS="-Wall -Werror -Wextra -Wno-error=deprecated-declarations"
98fi
99
100AC_MSG_CHECKING([whether to enable SRP functionality])
101AC_MSG_RESULT($use_srp)
102
103dnl Optionally disable flock
104AC_ARG_ENABLE(flock,
105        AS_HELP_STRING([--disable-flock], [Disable use of flock during tests \
106        (some exotic architectures don't support it)]),
107        [use_flock=$enableval], [use_flock=yes])
108# Check if flock is available and supports --timeout
109AC_PATH_PROG([FLOCK], [flock], [no])
110AS_IF([test "${FLOCK}" != "no"],
111      [
112        AC_MSG_CHECKING([whether ${FLOCK} supports --timeout])
113        lockfile="$(mktemp)"
114        AS_IF([${FLOCK} --timeout 1 ${lockfile} true >&AS_MESSAGE_LOG_FD 2>&1],
115              [flock_works="yes"], [flock_works="no"])
116        AC_MSG_RESULT([$flock_works])
117        # Old versions of flock do not support --verbose. They fail
118        # without executing the command but still return 0. Check for
119        # this behavior by testing if the rm command was executed.
120        AC_MSG_CHECKING([whether ${FLOCK} supports --verbose])
121        testfile="$(mktemp)"
122        AS_IF([${FLOCK} --verbose --timeout 1 ${lockfile} rm "${testfile}" \
123                        >&AS_MESSAGE_LOG_FD 2>&1; test ! -e "${testfile}"],
124              [flock_verbose="yes"; FLOCK="${FLOCK} --verbose"],
125              [flock_verbose="no"; rm "${testfile}"])
126        AC_MSG_RESULT([$flock_verbose])
127        rm "${lockfile}"
128      ],
129      [flock_works="no"])
130# disable flock if requested by user or it doesn't support timeout
131AM_CONDITIONAL([DISABLE_FLOCK],
132               [test "$enable_flock" = "no" || test "$flock_works" = "no"])
133
134# openssl is needed as the responder for OCSP tests
135AC_PATH_PROG([OPENSSL], [openssl], [no])
136AM_CONDITIONAL([ENABLE_OCSP_TEST], [test "${OPENSSL}" != "no"])
137
138dnl Enable test namespaces? Default is "yes".
139AC_ARG_ENABLE(test-namespaces,
140        AS_HELP_STRING([--disable-test-namespaces], [Disable use of \
141        namespaces for tests (limits parallelization)]),
142        [use_netns=$enableval], [use_netns=yes])
143
144# Check if "unshare" is available and has permission to create
145# network, IPC, and user namespaces
146AC_PATH_PROG([UNSHARE], [unshare], [no])
147AS_IF([test "${UNSHARE}" != "no"],
148      [
149        AC_MSG_CHECKING([for permission to use namespaces])
150        AS_IF([${UNSHARE} --net --ipc -r /bin/sh -c \
151                "ip link set up lo && ip addr show" >&AS_MESSAGE_LOG_FD 2>&1],
152              [unshare_works="yes"], [unshare_works="no"])
153        AC_MSG_RESULT([$unshare_works])
154      ],
155      [unshare_works="no"])
156# decide whether to enable network namespaces
157AS_IF([test "$enable_test_namespaces" != "no" \
158            && test "$unshare_works" = "yes"],
159      [use_netns="yes"], [use_netns="no"])
160AM_CONDITIONAL([ENABLE_NETNS], [test "$use_netns" != "no"])
161# Adjust Apache configuration for tests accordingly: Use pthread mutex
162# and test specific PID files if using namespaces, defaults otherwise.
163AS_IF([test "$use_netns" = "yes"],
164      [MUTEX_CONF="Mutex pthread default"; PID_AFFIX="-\${TEST_NAME}"],
165      [MUTEX_CONF=""; PID_AFFIX=""])
166AC_SUBST(MUTEX_CONF)
167AC_SUBST(PID_AFFIX)
168AM_SUBST_NOTMAKE(MUTEX_CONF)
169AM_SUBST_NOTMAKE(PID_AFFIX)
170
171AC_ARG_ENABLE(msva,
172       AS_HELP_STRING([--enable-msva],
173               [enable Monkeysphere client certificate verification]),
174       use_msva=$enableval, use_msva=no)
175AM_CONDITIONAL([USE_MSVA], [test "$use_msva" != "no"])
176
177MSVA_CFLAGS=""
178if test "$use_msva" != "no"; then
179        AC_CHECK_HEADERS([msv/msv.h], [],
180                         [AC_MSG_ERROR([*** No libmsv headers found!])])
181        AC_SEARCH_LIBS([msv_query_agent], [msv], [],
182                         [AC_MSG_ERROR([*** No libmsv found with msv_query_agent!])])
183        MSVA_CFLAGS="-DENABLE_MSVA=1"
184fi
185
186AC_MSG_CHECKING([whether to enable MSVA functionality])
187AC_MSG_RESULT($use_msva)
188
189# Building documentation requires pandoc, which in turn needs pdflatex
190# to build PDF output.
191build_doc=no
192AC_PATH_PROG([PANDOC], [pandoc], [no])
193if test "$PANDOC" != "no"; then
194        AC_PATH_PROG([PDFLATEX], [pdflatex], [no])
195        if test "$PDFLATEX" != "no"; then
196                build_doc="html, manual page, pdf"
197        else
198                build_doc="html, manual page"
199        fi
200else
201        AC_PATH_PROG([MARKDOWN], [markdown], [no])
202        if test "$MARKDOWN" != "no"; then
203                build_doc="html stub"
204        fi
205fi
206AM_CONDITIONAL([USE_PANDOC], [test "$PANDOC" != "no"])
207AM_CONDITIONAL([USE_PDFLATEX], [test "$PANDOC" != "no" && \
208                               test "$PDFLATEX" != "no"])
209AM_CONDITIONAL([USE_MARKDOWN], [test -n "$MARKDOWN" && \
210                               test "$MARKDOWN" != "no"])
211
212# Check for Apache binary
213AC_PATH_PROGS([APACHE2], [apache2 httpd], [no], [$PATH:/usr/sbin])
214if test "${APACHE2}" = "no"; then
215        AC_MSG_WARN([Neither apache2 nor httpd found in \
216                     PATH. Test suite will fail.])
217fi
218
219AC_PATH_PROGS([HTTP_CLI], [curl], [no])
220
221MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${GNUTLS_FEAT_CFLAGS} ${MSVA_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}"
222MODULE_LIBS="${LIBGNUTLS_LIBS}"
223
224AC_PATH_PROGS([SOFTHSM], [softhsm2-util softhsm], [no])
225if test "${SOFTHSM}" != "no"; then
226        softhsm_version=$(${SOFTHSM} --version)
227        AS_VERSION_COMPARE([$(${SOFTHSM} --version)], [2.0.0],
228                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [1])],
229                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [2])],
230                           [AC_SUBST(SOFTHSM_MAJOR_VERSION, [2])])
231fi
232AM_CONDITIONAL([HAVE_SOFTHSM], [test "${SOFTHSM}" != "no"])
233AM_CONDITIONAL([HAVE_SOFTHSM1], [test "${SOFTHSM_MAJOR_VERSION}" = "1"])
234AM_CONDITIONAL([HAVE_SOFTHSM2], [test "${SOFTHSM_MAJOR_VERSION}" = "2"])
235
236AC_SUBST(MODULE_CFLAGS)
237AC_SUBST(MODULE_LIBS)
238
239# assign default values to TEST_HOST and TEST_IP if necessary
240: ${TEST_HOST:="localhost"}
241: ${TEST_IP:="[[::1]] 127.0.0.1"}
242AC_ARG_VAR([TEST_HOST], [Host name to use for server instances started by \
243                        "make check", must resolve to addresses in TEST_IP. \
244                        The default is "localhost".])
245AC_ARG_VAR([TEST_IP], [List of IP addresses to use for server instances \
246                      started by "make check". The default is \
247                      "[::1] 127.0.0.1". Note that IPv6 addresses must be \
248                      enclosed in square brackets.])
249
250: ${TEST_LOCK_WAIT:="30"}
251: ${TEST_QUERY_TIMEOUT:="30"}
252AC_ARG_VAR([TEST_LOCK_WAIT], [Timeout in seconds to acquire locks for \
253                             Apache instances in the test suite, or the \
254                             previous instance to remove its PID file if \
255                             flock is not used. Default is 30.])
256AC_ARG_VAR([TEST_QUERY_TIMEOUT], [Timeout in seconds for HTTPS requests \
257                                 sent using gnutls-cli in the test suite. \
258                                 Default is 30.])
259
260dnl Allow user to set SoftHSM PKCS #11 module
261AC_ARG_VAR([SOFTHSM_LIB], [Absolute path of the SoftHSM PKCS @%:@11 module to \
262                          use. By default the test suite will search common \
263                          library paths.])
264
265dnl Build list of "Listen" statements for Apache
266LISTEN_LIST="@%:@ Listen addresses for the test servers"
267for i in ${TEST_IP}; do
268        LISTEN_LIST="${LISTEN_LIST}
269Listen ${i}:\${TEST_PORT}"
270done
271# Available extra ports, tests can "Define" variables of the listed
272# names in their apache.conf to enable them.
273for j in TEST_HTTP_PORT; do
274LISTEN_LIST="${LISTEN_LIST}
275<IfDefine ${j}>"
276for i in ${TEST_IP}; do
277        LISTEN_LIST="${LISTEN_LIST}
278        Listen ${i}:\${${j}}"
279done
280LISTEN_LIST="${LISTEN_LIST}
281</IfDefine>"
282done
283AC_SUBST(LISTEN_LIST)
284AM_SUBST_NOTMAKE(LISTEN_LIST)
285
286DX_DOXYGEN_FEATURE(ON)
287DX_DOT_FEATURE(ON)
288DX_HTML_FEATURE(ON)
289DX_MAN_FEATURE(OFF)
290DX_RTF_FEATURE(OFF)
291DX_XML_FEATURE(OFF)
292DX_PDF_FEATURE(OFF)
293DX_PS_FEATURE(OFF)
294DX_INIT_DOXYGEN([mod_gnutls], [doc/doxygen.conf], [doc/api])
295
296AC_CONFIG_FILES([Makefile src/Makefile test/Makefile test/tests/Makefile \
297                        doc/Makefile doc/doxygen.conf include/mod_gnutls.h \
298                        test/proxy_backend.conf test/ocsp_server.conf \
299                        test/apache-conf/early_sni.conf \
300                        test/apache-conf/listen.conf \
301                        test/apache-conf/netns.conf])
302AC_OUTPUT
303
304echo "---"
305echo "Configuration summary for mod_gnutls:"
306echo ""
307echo "   * mod_gnutls version:  ${MOD_GNUTLS_VERSION}"
308echo "   * Apache Modules directory:    ${AP_LIBEXECDIR}"
309echo "   * GnuTLS Library version:      ${LIBGNUTLS_VERSION}"
310echo "   * CFLAGS for GnuTLS:           ${LIBGNUTLS_CFLAGS}"
311echo "   * LDFLAGS for GnuTLS:  ${LIBGNUTLS_LIBS}"
312echo "   * SRP Authentication:  ${use_srp}"
313echo "   * MSVA Client Verification:    ${use_msva}"
314echo "   * Early SNI:                   ${early_sni}"
315echo "   * Build documentation: ${build_doc}"
316echo ""
317echo "---"
Note: See TracBrowser for help on using the repository browser.