-
-AC_INIT(openconnect, 3.10)
+AC_INIT(openconnect, 4.99)
PKG_PROG_PKG_CONFIG
AC_LANG_C
+AC_CANONICAL_HOST
+AM_MAINTAINER_MODE([enable])
AM_INIT_AUTOMAKE([foreign])
+m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
+
+# Define htmldir and localedir for users of ancient autoconf building from git
+AC_PREREQ([2.59c], [], [AC_SUBST([htmldir], [m4_ifset([AC_PACKAGE_TARNAME],
+ ['${datadir}/doc/${PACKAGE_TARNAME}'],
+ ['${datadir}/doc/${PACKAGE}'])
+])])
+
+AC_PREREQ([2.60], [], [AC_SUBST([localedir], ['$(datadir)/locale'])])
+
+# Upstream's pkg.m4 (since 0.27) offers this now, but define our own
+# compatible version in case the local version of pkgconfig isn't new enough.
+# https://bugs.freedesktop.org/show_bug.cgi?id=48743
+m4_ifdef([PKG_INSTALLDIR], [PKG_INSTALLDIR],
+ [AC_ARG_WITH([pkgconfigdir],
+ [AS_HELP_STRING([--with-pkgconfigdir],
+ [install directory for openconnect.pc pkg-config file])],
+ [],[with_pkgconfigdir='$(libdir)/pkgconfig'])
+ AC_SUBST([pkgconfigdir], [${with_pkgconfigdir}])])
+
+AC_ARG_WITH([vpnc-script],
+ [AS_HELP_STRING([--with-vpnc-script],
+ [default location of vpnc-script helper])])
+
+if test "$with_vpnc_script" = "yes" || test "$with_vpnc_script" = ""; then
+ with_vpnc_script=/etc/vpnc/vpnc-script
+ if ! test -x "$with_vpnc_script"; then
+ AC_MSG_ERROR([${with_vpnc_script} does not seem to be executable.]
+ [OpenConnect will not function correctly without a vpnc-script.]
+ [See http://www.infradead.org/openconnect/vpnc-script.html for more details.]
+ []
+ [If you are building a distribution package, please ensure that your]
+ [packaging is correct, and that a vpnc-script will be installed when the]
+ [user installs your package. You should provide a --with-vpnc-script=]
+ [argument to this configure script, giving the full path where the script]
+ [will be installed.]
+ []
+ [The standard location is ${with_vpnc_script}. To bypass this error and]
+ [build OpenConnect to use the script from this location, even though it's]
+ [not present at the time you are building OpenConnect, pass the argument]
+ ["--with-vpnc-script=${with_vpnc_script}"])
+ fi
+elif test "$with_vpnc_script" = "no"; then
+ AC_ERROR([You cannot disable vpnc-script.]
+ [OpenConnect will not function correctly without it.]
+ [See http://www.infradead.org/openconnect/vpnc-script.html])
+fi
+
+AC_DEFINE_UNQUOTED(DEFAULT_VPNCSCRIPT, "${with_vpnc_script}")
+AC_SUBST(DEFAULT_VPNCSCRIPT, "${with_vpnc_script}")
+
+use_openbsd_libtool=
+case $host_os in
+ *linux* | *gnu*)
+ AC_MSG_NOTICE([Applying feature macros for GNU build])
+ AC_DEFINE(_POSIX_C_SOURCE, 200112L)
+ # For strcasecmp()
+ AC_DEFINE(_BSD_SOURCE)
+ # For asprintf()
+ AC_DEFINE(_GNU_SOURCE)
+ ;;
+ *netbsd*)
+ AC_MSG_NOTICE([Applying feature macros for NetBSD build])
+ AC_DEFINE(_POSIX_C_SOURCE, 200112L)
+ AC_DEFINE(_NETBSD_SOURCE)
+ ;;
+ *openbsd*)
+ AC_MSG_NOTICE([Applying feature macros for OpenBSD build])
+ use_openbsd_libtool=true
+ ;;
+ *)
+ # On FreeBSD the only way to get vsyslog() visible is to define
+ # *nothing*, which makes absolutely everything visible.
+ # On Darwin enabling _POSIX_C_SOURCE breaks <sys/mount.h> because
+ # u_long and other types don't get defined. OpenBSD is similar.
+ ;;
+esac
+
+symver_time=
+symver_getline=
+symver_asprintf=
+
+case $host_os in
+ *solaris*|*sunos*)
+ symver_time="openconnect__time;"
+ ;;
+esac
+
+AC_CHECK_FUNC(fdevname_r, [AC_DEFINE(HAVE_FDEVNAME_R, 1)], [])
+AC_CHECK_FUNC(getline, [AC_DEFINE(HAVE_GETLINE, 1)], [symver_getline="openconnect__getline;"])
+AC_CHECK_FUNC(strcasestr, [AC_DEFINE(HAVE_STRCASESTR, 1)], [])
+AC_CHECK_FUNC(asprintf, [AC_DEFINE(HAVE_ASPRINTF, 1)], [symver_asprintf="openconnect__asprintf;"])
+if test -n "$symver_asprintf"; then
+ AC_MSG_CHECKING([for va_copy])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <stdarg.h>
+ va_list a;],[
+ va_list b;
+ va_copy(b,a);
+ va_end(b);])],
+ [AC_DEFINE(HAVE_VA_COPY, 1)
+ AC_MSG_RESULT(va_copy)],
+ [AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <stdarg.h>
+ va_list a;],[
+ va_list b;
+ __va_copy(b,a);
+ va_end(b);])],
+ [AC_DEFINE(HAVE___VA_COPY, 1)
+ AC_MSG_RESULT(__va_copy)],
+ [AC_MSG_RESULT(no)
+ AC_MSG_ERROR([Your system lacks asprintf() and va_copy()])])
+ ])
+fi
+AC_SUBST(SYMVER_TIME, $symver_time)
+AC_SUBST(SYMVER_GETLINE, $symver_getline)
+AC_SUBST(SYMVER_ASPRINTF, $symver_asprintf)
+
+AS_COMPILER_FLAGS(CFLAGS,
+ "-Wall
+ -Wextra
+ -Wno-missing-field-initializers
+ -Wno-sign-compare
+ -Wno-unused-parameter
+ -Werror=pointer-to-int-cast
+ -Wdeclaration-after-statement
+ -Werror-implicit-function-declaration
+ -Wformat-nonliteral
+ -Wformat-security
+ -Winit-self
+ -Wmissing-declarations
+ -Wmissing-include-dirs
+ -Wnested-externs
+ -Wpointer-arith
+ -Wwrite-strings")
+
+AC_CHECK_FUNC(socket, [], AC_CHECK_LIB(socket, socket, [], AC_ERROR(Cannot find socket() function)))
+AC_CHECK_FUNC(inet_aton, [], AC_CHECK_LIB(nsl, inet_aton, [], AC_ERROR(Cannot find inet_aton() function)))
+
+AC_ENABLE_SHARED
+AC_DISABLE_STATIC
+
+AC_ARG_ENABLE([nls],
+ [ --disable-nls do not use Native Language Support],
+ [USE_NLS=$enableval], [USE_NLS=yes])
+LIBINTL=
+if test "$USE_NLS" = "yes"; then
+ AC_PATH_PROG(MSGFMT, msgfmt)
+ if test "$MSGFMT" = ""; then
+ AC_ERROR([msgfmt could not be found. Try configuring with --disable-nls])
+ fi
+fi
+LIBINTL=
+if test "$USE_NLS" = "yes"; then
+ AC_MSG_CHECKING([for functional NLS support])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <locale.h>
+ #include <libintl.h>],[
+ setlocale(LC_ALL, "");
+ bindtextdomain("openconnect", "/tmp");
+ (void)dgettext("openconnect", "foo");])],
+ [AC_MSG_RESULT(yes)],
+ [oldLIBS="$LIBS"
+ LIBS="$LIBS -lintl"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <locale.h>
+ #include <libintl.h>],[
+ setlocale(LC_ALL, "");
+ bindtextdomain("openconnect", "/tmp");
+ (void)dgettext("openconnect", "foo");])],
+ [AC_MSG_RESULT(yes (with -lintl))]
+ LIBINTL="-lintl",
+ [LIBS="$LIBS -liconv"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <locale.h>
+ #include <libintl.h>],[
+ setlocale(LC_ALL, "");
+ bindtextdomain("openconnect", "/tmp");
+ (void)dgettext("openconnect", "foo");])],
+ [AC_MSG_RESULT(yes (with -lintl -liconv))]
+ LIBINTL="-lintl",
+ [AC_MSG_RESULT(no)
+ USE_NLS=no])
+ LIBS="$oldLIBS"])])
+fi
+
+if test "$USE_NLS" = "yes"; then
+ AC_SUBST(LIBINTL)
+ AC_DEFINE(ENABLE_NLS, 1)
+fi
+AM_CONDITIONAL(USE_NLS, [test "$USE_NLS" = "yes"])
+AC_ARG_WITH([system-cafile],
+ AS_HELP_STRING([--with-system-cafile],
+ [Location of the default system CA certificate file for old (<3.0.20) GnuTLS versions]))
+
+# We will use GnuTLS if it's requested, and if GnuTLS doesn't have DTLS
+# support then we'll *also* use OpenSSL for that, but it appears *only*
+# only in the openconnect executable and not the library (hence shouldn't
+# be a problem for GPL'd programs using libopenconnect).
+#
+# If built with --with-gnutls --without-openssl then we'll even eschew
+# OpenSSL for DTLS support and will build without any DTLS support at all
+# if GnuTLS cannot manage.
+#
+# The default (for now) is to use OpenSSL for everything.
+
+AC_ARG_WITH([gnutls],
+ AS_HELP_STRING([--with-gnutls],
+ [Use GnuTLS instead of OpenSSL (EXPERIMENTAL)]))
AC_ARG_WITH([openssl],
AS_HELP_STRING([--with-openssl],
- [Location of OpenSSL build dir]),
- [OPENSSL_CFLAGS="-I${with_openssl}/include"
- OPENSSL_LIBS="${with_openssl}/libssl.a ${with_openssl}/libcrypto.a -ldl -lz"
- AC_SUBST(OPENSSL_CFLAGS)
- AC_SUBST(OPENSSL_LIBS)
- AC_ENABLE_STATIC
- AC_DISABLE_SHARED],
- [PKG_CHECK_MODULES(OPENSSL, openssl)
- AC_ENABLE_SHARED
- AC_DISABLE_STATIC])
+ [Location of OpenSSL build dir]))
+ssl_library=
+
+if test "$with_gnutls" = "yes"; then
+ PKG_CHECK_MODULES(GNUTLS, gnutls)
+ if ! $PKG_CONFIG --atleast-version=2.12.16 gnutls; then
+ AC_MSG_ERROR([Your GnuTLS is too old. At least v2.12.16 is required])
+ fi
+ oldlibs="$LIBS"
+ LIBS="$LIBS $GNUTLS_LIBS"
+ AC_CHECK_FUNC(gnutls_dtls_set_data_mtu,
+ [AC_DEFINE(HAVE_GNUTLS_DTLS_SET_DATA_MTU, 1)], [])
+ AC_CHECK_FUNC(gnutls_certificate_set_x509_system_trust,
+ [AC_DEFINE(HAVE_GNUTLS_CERTIFICATE_SET_X509_SYSTEM_TRUST, 1)], [])
+ if test "$ac_cv_func_gnutls_certificate_set_x509_system_trust" != "yes"; then
+ # We will need to tell GnuTLS the path to the system CA file.
+ if test "$with_system_cafile" = "yes" || test "$with_system_cafile" = ""; then
+ unset with_system_cafile
+ AC_MSG_CHECKING([For location of system CA trust file])
+ for file in /etc/ssl/certs/ca-certificates.crt \
+ /etc/pki/tls/cert.pem \
+ /usr/local/share/certs/ca-root-nss.crt \
+ /etc/ssl/cert.pem; do
+ if grep 'BEGIN CERTIFICATE-----' $file >/dev/null 2>&1; then
+ with_system_cafile=${file}
+ break
+ fi
+ done
+ AC_MSG_RESULT([${with_system_cafile-NOT FOUND}])
+ elif test "$with_system_cafile" = "no"; then
+ AC_MSG_ERROR([You cannot disable the system CA certificate file.])
+ fi
+ if test "$with_system_cafile" = ""; then
+ AC_MSG_ERROR([Unable to find a standard system CA certificate file.]
+ [Your GnuTLS requires a path to a CA certificate store. This is a file]
+ [which contains a list of the Certificate Authorities which are trusted.]
+ [Most distributions ship with this file in a standard location, but none]
+ [the known standard locations exist on your system. You should provide a]
+ [--with-system-cafile= argument to this configure script, giving the full]
+ [path to a default CA certificate file for GnuTLS to use. Also, please]
+ [send full details of your system, including 'uname -a' output and the]
+ [location of the system CA certificate store on your system, to the]
+ [openconnect-devel@lists.infradead.org mailing list.])
+ fi
+ AC_DEFINE_UNQUOTED([DEFAULT_SYSTEM_CAFILE], ["$with_system_cafile"])
+ fi
+ AC_CHECK_FUNC(gnutls_pkcs12_simple_parse,
+ [AC_DEFINE(HAVE_GNUTLS_PKCS12_SIMPLE_PARSE, 1)], [])
+ AC_CHECK_FUNC(gnutls_certificate_set_key,
+ [AC_DEFINE(HAVE_GNUTLS_CERTIFICATE_SET_KEY, 1)], [])
+ if test "$with_openssl" = "" || test "$with_openssl" = "no"; then
+ AC_CHECK_FUNC(gnutls_session_set_premaster,
+ [have_gnutls_dtls=yes], [have_gnutls_dtls=no])
+ else
+ have_gnutls_dtls=no
+ fi
+ if test "$have_gnutls_dtls" = "yes"; then
+ if test "$with_openssl" = "" || test "$with_openssl" = "no"; then
+ # They either said no OpenSSL or didn't specify, and GnuTLS can
+ # do DTLS, so just use GnuTLS.
+ AC_DEFINE(HAVE_GNUTLS_SESSION_SET_PREMASTER, 1)
+ ssl_library=gnutls
+ with_openssl=no
+ else
+ # They specifically asked for OpenSSL, so use it for DTLS even
+ # though GnuTLS could manage.
+ ssl_library=both
+ fi
+ else
+ if test "$with_openssl" = "no"; then
+ # GnuTLS doesn't have DTLS, but they don't want OpenSSL. So build
+ # without DTLS support at all.
+ ssl_library=gnutls
+ else
+ # GnuTLS doesn't have DTLS so use OpenSSL for it, but GnuTLS for
+ # the TCP connection (and thus in the library).
+ ssl_library=both
+ fi
+ fi
+ AC_CHECK_FUNC(gnutls_pkcs11_add_provider,
+ [PKG_CHECK_MODULES(P11KIT, p11-kit-1, [AC_DEFINE(HAVE_P11KIT)
+ AC_SUBST(P11KIT_PC, p11-kit-1)], [:])], [])
+ LIBS="$oldlibs -ltspi"
+ AC_MSG_CHECKING([for tss library])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <trousers/tss.h>
+ #include <trousers/trousers.h>],[
+ int err = Tspi_Context_Create((void *)0);
+ Trspi_Error_String(err);])],
+ [AC_MSG_RESULT(yes)
+ AC_SUBST([TSS_LIBS], [-ltspi])
+ AC_SUBST([TSS_CFLAGS], [])
+ AC_DEFINE(HAVE_TROUSERS, 1)],
+ [AC_MSG_RESULT(no)])
+ LIBS="$oldlibs"
+elif test "$with_gnutls" != "" && test "$with_gnutls" != "no"; then
+ AC_MSG_ERROR([Values other than 'yes' or 'no' for --with-gnutls are not supported])
+fi
+if test "$with_openssl" = "yes" || test "$with_openssl" = "" || test "$ssl_library" = "both"; then
+ PKG_CHECK_MODULES(OPENSSL, openssl, [],
+ [oldLIBS="$LIBS"
+ LIBS="$LIBS -lssl -lcrypto"
+ AC_MSG_CHECKING([for OpenSSL without pkg-config])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>],[
+ SSL_library_init();
+ ERR_clear_error();
+ SSL_load_error_strings();
+ OpenSSL_add_all_algorithms();])],
+ [AC_MSG_RESULT(yes)
+ AC_SUBST([OPENSSL_LIBS], ["-lssl -lcrypto"])
+ AC_SUBST([OPENSSL_CFLAGS], [])],
+ [AC_MSG_RESULT(no)
+ if test "$ssl_library" = "both"; then
+ ssl_library="gnutls";
+ else
+ AC_ERROR([Could not build against OpenSSL]);
+ fi])
+ LIBS="$oldLIBS"])
+ if test "$ssl_library" != "both" && test "$ssl_library" != "gnutls"; then
+ ssl_library=openssl
+ fi
+elif test "$with_openssl" != "no" ; then
+ OPENSSL_CFLAGS="-I${with_openssl}/include"
+ OPENSSL_LIBS="${with_openssl}/libssl.a ${with_openssl}/libcrypto.a -ldl -lz"
+ AC_SUBST(OPENSSL_CFLAGS)
+ AC_SUBST(OPENSSL_LIBS)
+ enable_static=yes
+ enable_shared=no
+ AC_DEFINE(DTLS_OPENSSL, 1)
+ if test "$ssl_library" != "both"; then
+ ssl_library=openssl
+ fi
+fi
+case "$ssl_library" in
+ gnutls)
+ AC_DEFINE(OPENCONNECT_GNUTLS, 1)
+ AC_DEFINE(DTLS_GNUTLS, 1)
+ AC_SUBST(SSL_LIBRARY, [gnutls])
+ AC_SUBST(SSL_LIBS, ['$(GNUTLS_LIBS)'])
+ AC_SUBST(SSL_CFLAGS, ['$(GNUTLS_CFLAGS)'])
+ ;;
+ openssl)
+ AC_DEFINE(OPENCONNECT_OPENSSL, 1)
+ AC_DEFINE(DTLS_OPENSSL, 1)
+ AC_SUBST(SSL_LIBRARY, [openssl])
+ AC_SUBST(SSL_LIBS, ['$(OPENSSL_LIBS)'])
+ AC_SUBST(SSL_CFLAGS, ['$(OPENSSL_CFLAGS)'])
+ AC_SUBST(SYMVER_PRINT_ERR, ["openconnect_print_err_cb;"])
+ ;;
+ both)
+ # GnuTLS for TCP, OpenSSL for DTLS
+ AC_DEFINE(OPENCONNECT_GNUTLS, 1)
+ AC_DEFINE(DTLS_OPENSSL, 1)
+ AC_SUBST(SSL_LIBRARY, [gnutls])
+ AC_SUBST(SSL_LIBS, ['$(GNUTLS_LIBS)'])
+ AC_SUBST(SSL_CFLAGS, ['$(GNUTLS_CFLAGS)'])
+ AC_SUBST(DTLS_SSL_LIBS, ['$(OPENSSL_LIBS)'])
+ AC_SUBST(DTLS_SSL_CFLAGS, ['$(OPENSSL_CFLAGS)'])
+ AC_SUBST(SYMVER_PRINT_ERR, ["openconnect_print_err_cb;"])
+ ;;
+ *)
+ AC_MSG_ERROR([Neither OpenSSL nor GnuTLS selected for SSL.])
+ ;;
+esac
+AM_CONDITIONAL(OPENCONNECT_GNUTLS, [ test "$ssl_library" != "openssl" ])
+AM_CONDITIONAL(OPENCONNECT_OPENSSL, [ test "$ssl_library" = "openssl" ])
+
+# Needs to happen after we default to static/shared libraries based on OpenSSL
AC_PROG_LIBTOOL
+if test "$use_openbsd_libtool" = "true" && test -x /usr/bin/libtool; then
+ echo using OpenBSD libtool
+ LIBTOOL=/usr/bin/libtool
+fi
+AM_CONDITIONAL(OPENBSD_LIBTOOL, [ test "$use_openbsd_libtool" = "true" ])
+
+# Ick. This seems like it's likely to be very fragile, but I can't see a better
+# way. I shall console myself with the observation that the failure mode isn't
+# particularly horrible — you just don't get symbol versioning if it fails.
+symvers=no
+if test "$enable_shared" = "yes" ; then
+ AC_MSG_CHECKING([if library symbol versioning is available]);
+ echo 'FOO { global: foo; local: *; };' > conftest.map
+ echo 'int foo = 0;' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ soname=conftest
+ libobjs=conftest.$ac_objext
+ if AC_TRY_EVAL(archive_cmds ${wl}--version-script ${wl}conftest.map); then
+ AC_SUBST(VERSION_SCRIPT_ARG, [--version-script])
+ symvers="yes (with --version-script)"
+ elif AC_TRY_EVAL(archive_cmds ${wl}-M ${wl}conftest.map); then
+ AC_SUBST(VERSION_SCRIPT_ARG, [-M])
+ symvers="yes (with -M)"
+ fi
+ fi
+ AC_MSG_RESULT(${symvers})
+fi
+AM_CONDITIONAL(HAVE_SYMBOL_VERSIONING, [test "${symvers}" != "no"])
PKG_CHECK_MODULES(LIBXML2, libxml-2.0)
-libproxy_hdr=no
-AC_CHECK_HEADER([libproxy.h],
- [libproxy_hdr='"libproxy.h"'],
- [AC_CHECK_HEADER([proxy.h],
- [libproxy_hdr='"libproxy.h"'])])
-if (test "$libproxy_hdr" != "no"); then
- AC_DEFINE([LIBPROXY_HDR], $libproxy_hdr)
- PKG_CHECK_MODULES(LIBPROXY, libproxy-1.0, AC_SUBST(LIBPROXY_PC, libproxy-1.0), dummy=yes)
+PKG_CHECK_MODULES(ZLIB, zlib, [AC_SUBST(ZLIB_PC, [zlib])],
+ [oldLIBS="$LIBS"
+ LIBS="$LIBS -lz"
+ AC_MSG_CHECKING([for zlib without pkg-config])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([
+ #include <zlib.h>],[
+ z_stream zs;
+ deflateInit2(&zs, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
+ -12, 9, Z_DEFAULT_STRATEGY);])],
+ [AC_MSG_RESULT(yes)
+ AC_SUBST([ZLIB_LIBS], [-lz])
+ AC_SUBST([ZLIB_CFLAGS], [])],
+ [AC_MSG_RESULT(no)
+ AC_ERROR([Could not build against zlib])])
+ LIBS="$oldLIBS"])
+
+PKG_CHECK_MODULES(LIBPROXY, libproxy-1.0,
+ [AC_SUBST(LIBPROXY_PC, libproxy-1.0)
+ AC_DEFINE([LIBPROXY_HDR], ["proxy.h"])
+ libproxy_pkg=yes],
+ libproxy_pkg=no)
+dnl Libproxy *can* exist without a .pc file, and its header may be called
+dnl libproxy.h in that case.
+if (test "$libproxy_pkg" = "no"); then
+ AC_MSG_CHECKING([for libproxy])
+ oldLIBS="$LIBS"
+ LIBS="$LIBS -lproxy"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <libproxy.h>],
+ [(void)px_proxy_factory_new();])],
+ [AC_MSG_RESULT(yes (with libproxy.h))
+ AC_DEFINE([LIBPROXY_HDR], ["libproxy.h"])
+ AC_SUBST([LIBPROXY_LIBS], [-lproxy])],
+ [AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <proxy.h>],
+ [(void)px_proxy_factory_new();])],
+ [AC_MSG_RESULT(yes (with proxy.h))
+ AC_DEFINE([LIBPROXY_HDR], ["proxy.h"])
+ AC_SUBST([LIBPROXY_LIBS], [-lproxy])],
+ [AC_MSG_RESULT(no)])])
+ LIBS="$oldLIBS"
fi
+PKG_CHECK_MODULES(LIBSTOKEN, stoken,
+ [AC_SUBST(LIBSTOKEN_PC, stoken)
+ AC_DEFINE([LIBSTOKEN_HDR], ["stoken.h"])
+ libstoken_pkg=yes],
+ libstoken_pkg=no)
+
AC_CHECK_HEADER([if_tun.h],
[AC_DEFINE([IF_TUN_HDR], ["if_tun.h"])],
[AC_CHECK_HEADER([linux/if_tun.h],
[AC_CHECK_HEADER([net/tun/if_tun.h],
[AC_DEFINE([IF_TUN_HDR], ["net/tun/if_tun.h"])])])])])
-AC_OUTPUT(Makefile openconnect.pc)
+if test "$ssl_library" = "openssl" || test "$ssl_library" = "both"; then
+ oldLIBS="$LIBS"
+ LIBS="$LIBS $OPENSSL_LIBS"
+
+ if test "$ssl_library" = "openssl"; then
+ AC_MSG_CHECKING([for ENGINE_by_id() in OpenSSL])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <openssl/engine.h>],
+ [ENGINE_by_id("foo");])],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_ENGINE, [1], [OpenSSL has ENGINE support])],
+ [AC_MSG_RESULT(no)
+ AC_MSG_NOTICE([Building without OpenSSL TPM ENGINE support])])
+ fi
+
+ AC_MSG_CHECKING([for dtls1_stop_timer() in OpenSSL])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <openssl/ssl.h>
+ #include <stdlib.h>
+ extern void dtls1_stop_timer(SSL *);],
+ [dtls1_stop_timer(NULL);])],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_DTLS1_STOP_TIMER, [1], [OpenSSL has dtls1_stop_timer() function])],
+ [AC_MSG_RESULT(no)])
+ LIBS="$oldLIBS"
+fi
+
+AC_PATH_PROG(PYTHON, [python], [], $PATH:/bin:/usr/bin)
+if (test -n "${ac_cv_path_PYTHON}"); then
+ AC_SUBST(PYTHON, ${ac_cv_path_PYTHON})
+else
+ AC_MSG_NOTICE([Python not found; not building HTML pages])
+fi
+AM_CONDITIONAL(BUILD_WWW, [test -n "${ac_cv_path_PYTHON}"])
+
+AC_SUBST([CONFIG_STATUS_DEPENDENCIES], ['$(top_srcdir)/po/LINGUAS $(top_srcdir)/openconnect.h ${top_srcdir}/libopenconnect.map.in'])
+RAWLINGUAS=`sed -e "/^#/d" -e "s/#.*//" "${srcdir}/po/LINGUAS"`
+# Remove newlines
+LINGUAS=`echo $RAWLINGUAS`
+AC_SUBST(LINGUAS)
+
+APIMAJOR="`sed -n 's/^#define OPENCONNECT_API_VERSION_MAJOR \(.*\)/\1/p' ${srcdir}/openconnect.h`"
+APIMINOR="`sed -n 's/^#define OPENCONNECT_API_VERSION_MINOR \(.*\)/\1/p' ${srcdir}/openconnect.h`"
+AC_SUBST(APIMAJOR)
+AC_SUBST(APIMINOR)
+
+# We want version.c to depend on the files that would affect the
+# output of version.sh. But we cannot assume that they'll exist,
+# and we cannot use $(wildcard) in a non-GNU makefile. So we just
+# depend on the files which happen to exist at configure time.
+GITVERSIONDEPS=
+for a in ${srcdir}/.git/index ${srcdir}/.git/packed-refs \
+ ${srcdir}/.git/refs/tags ${srcdir}/.git/HEAD; do
+ if test -r $a ; then
+ GITVERSIONDEPS="$GITVERSIONDEPS $a"
+ fi
+done
+AC_SUBST(GITVERSIONDEPS)
+
+AC_OUTPUT(Makefile openconnect.pc po/Makefile www/Makefile libopenconnect.map \
+ openconnect.8 www/styles/Makefile www/inc/Makefile www/images/Makefile)
projects / platform / upstream / openconnect.git / blobdiff