| Jacob Appelbaum | b10b0f7 | 2012-11-07 20:35:00 -0800 | [diff] [blame] | 1 | AC_INIT([tlsdate],[0.0.4],[jacob at appelbaum.net]) |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 2 | AC_CONFIG_AUX_DIR([config]) |
| 3 | AC_CONFIG_MACRO_DIR([m4]) |
| David Goulet | 0809df1 | 2012-07-31 23:27:34 -0400 | [diff] [blame] | 4 | |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 5 | AC_CANONICAL_TARGET |
| 6 | AC_ARG_PROGRAM |
| 7 | AC_USE_SYSTEM_EXTENSIONS |
| 8 | |
| 9 | AM_INIT_AUTOMAKE([-Wall -Werror -Wno-portability subdir-objects foreign tar-ustar]) |
| 10 | |
| 11 | AC_PREREQ([2.63]) |
| 12 | |
| Brian Aker | b12abad | 2012-10-16 01:25:00 -0400 | [diff] [blame] | 13 | AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS. |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 14 | |
| Elly Fong-Jones | a5e7fbb | 2013-01-08 14:08:33 -0500 | [diff] [blame^] | 15 | PKG_PROG_PKG_CONFIG |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 16 | LT_PREREQ([2.2]) |
| David Goulet | 0809df1 | 2012-07-31 23:27:34 -0400 | [diff] [blame] | 17 | LT_INIT |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 18 | LT_LANG([C]) |
| 19 | gl_VISIBILITY |
| 20 | m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) |
| Jacob Appelbaum | 5de8b0a | 2012-02-02 01:43:22 +0100 | [diff] [blame] | 21 | |
| Brian Aker | b12abad | 2012-10-16 01:25:00 -0400 | [diff] [blame] | 22 | CONFIG_EXTRA |
| Jacob Appelbaum | 5de8b0a | 2012-02-02 01:43:22 +0100 | [diff] [blame] | 23 | |
| Jacob Appelbaum | 9639003 | 2012-07-15 15:53:13 -0400 | [diff] [blame] | 24 | dnl Here we should build a small program to fetch the build system time in a portable |
| 25 | dnl manner. We have no Win32 users, we can fix this if we ever find one that |
| 26 | dnl cares. |
| 27 | COMPILE_DATE=`date +%s` |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 28 | AC_SUBST([COMPILE_DATE]) |
| Jacob Appelbaum | 9639003 | 2012-07-15 15:53:13 -0400 | [diff] [blame] | 29 | AC_DEFINE_UNQUOTED([RECENT_COMPILE_DATE], |
| 30 | [(uint32_t) ${COMPILE_DATE}], |
| 31 | [Time in seconds since the Disco epoch at build time]) |
| 32 | |
| Mike Frysinger | 0c0b4b8 | 2012-12-18 15:10:55 -0500 | [diff] [blame] | 33 | dnl Build up the directory we will use to install certs |
| Brian Aker | 870a314 | 2012-10-17 02:10:49 -0400 | [diff] [blame] | 34 | TLSDATE_CA_ROOTS="${sysconfdir}/$PACKAGE_NAME/ca-roots" |
| 35 | AC_SUBST([TLSDATE_CA_ROOTS]) |
| 36 | |
| Mike Frysinger | 0c0b4b8 | 2012-12-18 15:10:55 -0500 | [diff] [blame] | 37 | dnl Required headers |
| 38 | dnl First check to see if openssl is installed |
| Brian Aker | e601a4d | 2012-10-17 01:24:51 -0400 | [diff] [blame] | 39 | AC_CHECK_HEADERS([openssl/ssl.h], ,[AC_MSG_ERROR([OpenSSL is not installed, openssl/sslh is missing])]) |
| Brian Aker | 33fe4bf | 2012-10-17 00:30:18 -0400 | [diff] [blame] | 40 | |
| Brian Aker | 6fa3a08 | 2012-10-17 00:16:32 -0400 | [diff] [blame] | 41 | AC_CHECK_HEADERS([arpa/inet.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 42 | AC_CHECK_HEADERS([getopt.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 43 | AC_CHECK_HEADERS([grp.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 44 | AC_CHECK_HEADERS([openssl/bio.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 45 | AC_CHECK_HEADERS([openssl/err.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 46 | AC_CHECK_HEADERS([openssl/evp.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| Brian Aker | 6fa3a08 | 2012-10-17 00:16:32 -0400 | [diff] [blame] | 47 | AC_CHECK_HEADERS([pwd.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 48 | AC_CHECK_HEADERS([stdint.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 49 | AC_CHECK_HEADERS([stdio.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 50 | AC_CHECK_HEADERS([stdlib.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 51 | AC_CHECK_HEADERS([sys/mman.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 52 | AC_CHECK_HEADERS([sys/time.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 53 | AC_CHECK_HEADERS([sys/types.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 54 | AC_CHECK_HEADERS([sys/wait.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 55 | AC_CHECK_HEADERS([time.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| 56 | AC_CHECK_HEADERS([unistd.h], ,[AC_MSG_ERROR([Required headers missing; compilation will not succeed])]) |
| Jacob Appelbaum | 5de8b0a | 2012-02-02 01:43:22 +0100 | [diff] [blame] | 57 | |
| Brian Aker | 6fa3a08 | 2012-10-17 00:16:32 -0400 | [diff] [blame] | 58 | AC_CHECK_FUNCS([setresuid]) |
| 59 | AC_CHECK_FUNCS([gettimeofday]) |
| Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 60 | |
| Mike Frysinger | e6edd1f | 2012-12-19 15:48:22 -0500 | [diff] [blame] | 61 | AC_MSG_CHECKING([user/group to drop privs to]) |
| 62 | |
| 63 | AC_ARG_WITH([unpriv-user], |
| 64 | [AS_HELP_STRING([--with-unpriv-user=<user>], |
| 65 | [User to drop privs to @<:@default: nobody@:>@])]) |
| 66 | AS_CASE([$with_unpriv_user], |
| 67 | [""|yes|no], [UNPRIV_USER="nobody"], |
| 68 | [*], [UNPRIV_USER=$with_unpriv_user]) |
| 69 | AC_DEFINE_UNQUOTED([UNPRIV_USER], ["${UNPRIV_USER}"], [Unprivileged user]) |
| 70 | |
| 71 | AC_ARG_WITH([unpriv-group], |
| 72 | [AS_HELP_STRING([--with-unpriv-group=<group>], |
| 73 | [Group to drop privs to @<:@default: nogroup@:>@])]) |
| 74 | AS_CASE([$with_unpriv_group], |
| 75 | [""|yes|no], [UNPRIV_GROUP="nogroup"], |
| 76 | [*], [UNPRIV_GROUP=$with_unpriv_group]) |
| 77 | AC_DEFINE_UNQUOTED([UNPRIV_GROUP], ["${UNPRIV_GROUP}"], [Unprivileged group]) |
| 78 | |
| 79 | AC_MSG_RESULT(${UNPRIV_USER}:${UNPRIV_GROUP}) |
| 80 | |
| Mike Frysinger | e270e4b | 2012-12-18 15:25:25 -0500 | [diff] [blame] | 81 | dnl Check for clock_gettime. Some systems put it into -lc, while |
| 82 | dnl others use -lrt. Try the first and fallback to the latter. |
| 83 | RT_LIB= |
| 84 | AC_CHECK_FUNC([clock_gettime], [:], |
| 85 | [AC_CHECK_LIB([rt], [clock_gettime], [RT_LIB="-lrt"], |
| 86 | [AC_MSG_ERROR([Your system lacks clock_gettime])])]) |
| 87 | AC_SUBST(RT_LIB) |
| Brian Aker | d4ad519 | 2012-10-16 03:55:56 -0400 | [diff] [blame] | 88 | |
| Elly Fong-Jones | a5e7fbb | 2013-01-08 14:08:33 -0500 | [diff] [blame^] | 89 | AC_ARG_ENABLE([dbus], |
| 90 | [AS_HELP_STRING([--disable-dbus], |
| 91 | [Disable automatically dbus support])]) |
| 92 | AS_IF([test "x$enable_dbus" = xyes], [ |
| 93 | PKG_CHECK_MODULES([DBUS], [dbus-1], [ |
| 94 | AC_DEFINE([HAVE_DBUS], [1], [Enable dbus support]) |
| 95 | AC_MSG_CHECKING([user/group to use for dbus]) |
| 96 | AC_ARG_WITH([dbus-user], |
| 97 | [AS_HELP_STRING([--with-dbus-user=<user>], |
| 98 | [User to send dbus signals from @<:@default: nobody@:>@])]) |
| 99 | AS_CASE([$with_dbus_user], |
| 100 | [""|yes|no], [DBUS_USER="nobody"], |
| 101 | [*], [DBUS_USER=$with_dbus_user]) |
| 102 | AC_ARG_WITH([dbus-group], |
| 103 | [AS_HELP_STRING([--with-dbus-group=<group>], |
| 104 | [Group to send dbus signals from @<:@default: nogroup@:>@])]) |
| 105 | AS_CASE([$with_dbus_group], |
| 106 | [""|yes|no], [DBUS_GROUP="nogroup"], |
| 107 | [*], [DBUS_GROUP=$with_dbus_group]) |
| 108 | AC_MSG_RESULT(${DBUS_USER}:${DBUS_GROUP}) |
| 109 | AC_DEFINE_UNQUOTED([DBUS_USER], ["${DBUS_USER}"], [DBus user]) |
| 110 | AC_DEFINE_UNQUOTED([DBUS_GROUP], ["${DBUS_GROUP}"], [DBus group]) |
| 111 | ], [ |
| 112 | AS_IF([test "x$enable_dbus" = xyes], |
| 113 | [AC_MSG_ERROR([dbus requested but not found])]) |
| 114 | ]) |
| 115 | ]) |
| 116 | |
| 117 | AC_SUBST(DBUS_CFLAGS) |
| 118 | AC_SUBST(DBUS_LIBS) |
| 119 | |
| Mike Frysinger | 0c0b4b8 | 2012-12-18 15:10:55 -0500 | [diff] [blame] | 120 | dnl Debug and hardening flags all in one shot |
| 121 | dnl Always do this at the end, otherwise you end up filtering system/other libraries |
| Mike Frysinger | 8b94e11 | 2012-12-18 15:38:51 -0500 | [diff] [blame] | 122 | AC_ARG_ENABLE([hardened-checks], |
| 123 | [AS_HELP_STRING([--disable-hardened-checks], |
| 124 | [Disable automatically enabling hardened toolchain options])]) |
| Brian Aker | b12abad | 2012-10-16 01:25:00 -0400 | [diff] [blame] | 125 | AC_DEFUN([LOCAL_CHECK_FLAGS],[ |
| 126 | AC_REQUIRE([AX_CHECK_LINK_FLAG]) |
| 127 | AC_REQUIRE([AX_APPEND_COMPILE_FLAGS]) |
| 128 | AC_LANG_PUSH([C]) |
| Mike Frysinger | 8b94e11 | 2012-12-18 15:38:51 -0500 | [diff] [blame] | 129 | AS_IF([test "x$enable_hardened_checks" != xno], [ |
| 130 | CFLAGS= |
| 131 | LIBS= |
| 132 | AX_APPEND_COMPILE_FLAGS([-g -O1]) |
| 133 | ], [ |
| 134 | AC_MSG_WARN([using hardened flags is HIGHLY RECOMMENDED and disabling them is a BAD IDEA]) |
| 135 | ]) |
| 136 | AX_APPEND_COMPILE_FLAGS([-Wall -fno-strict-aliasing]) |
| 137 | AS_IF([test "x$enable_hardened_checks" != xno], [ |
| 138 | AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2 -fstack-protector-all]) |
| 139 | AX_APPEND_COMPILE_FLAGS([-fwrapv -fPIE -Wstack-protector]) |
| 140 | AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1]) |
| 141 | AX_CHECK_LINK_FLAG([-z relro -z now]) |
| 142 | AX_CHECK_LINK_FLAG([-pie]) |
| 143 | ]) |
| Brian Aker | b12abad | 2012-10-16 01:25:00 -0400 | [diff] [blame] | 144 | AC_LANG_POP |
| 145 | ]) |
| 146 | LOCAL_CHECK_FLAGS |
| 147 | |
| Brian Aker | 95d9fd5 | 2012-10-15 22:44:03 -0400 | [diff] [blame] | 148 | AC_CONFIG_FILES([Makefile]) |
| 149 | AC_OUTPUT |