dnl =================================================================
dnl Application version number
dnl =================================================================
+dnl CODE_STATUS can be "alpha", "beta", "stable" or "UNRELEASED",
+dnl and will be used for CGI output. Increment version number and
+dnl set status to "UNRELEASED" whenever git differs from the last
+dnl release and no new release is near.
VERSION_MAJOR=3
VERSION_MINOR=0
-VERSION_POINT=29
+VERSION_POINT=30
CODE_STATUS="UNRELEASED"
dnl Timestamp (date +%s) used by the mtree-spec target.
dnl Should be updated before releases but forgetting it isn't critical.
-SOURCE_DATE_EPOCH=1545411710
-
-dnl CODE_STATUS can be "alpha", "beta", "stable" or "UNRELEASED",
-dnl and will be used for CGI output. Increment version number and
-dnl set status to "UNRELEASED" whenever CVS differs from the last
-dnl release and no new release is near.
+SOURCE_DATE_EPOCH=1605695571
dnl =================================================================
dnl Substitute the version numbers
dnl =================================================================
-if test "$EMXOS2" = yes || test "$host_os" = haiku; then
+if test "$host_os" = haiku; then
echo "Skipping user and group validity stuff.";
else
AC_SUBST(PTHREAD_ONLY)
-dnl =================================================================
-dnl On most platforms select() does not support fd numbers above
-dnl FD_SETSIZE, as a result Privoxy can't handle more than
-dnl approximately FD_SETSIZE/2 client connections.
-dnl On some platforms the value can be changed at compile time,
-dnl on others it's hardcoded and requires recompilation of the OS.
-dnl Only relevant if select() is actually being used.
-dnl =================================================================
-AC_ARG_WITH(fdsetsize,
- [ --with-fdsetsize=n Optimistically redefine FD_SETSIZE with the intend to change the number of connections Privoxy can handle. Dangerous if the platform doesn't support this. Pointless if Privoxy can use poll() instead of select().],
- [
- if test "x$withval" != "xyes"; then
- AC_DEFINE_UNQUOTED(FD_SETSIZE,$with_fdsetsize,[Relevant for select(). Not honoured by all OS.])
- echo "Redefining FD_SETSIZE to $with_fdsetsize."
- AC_MSG_WARN(On platforms that don't support FD_SETSIZE redefinition it may cause memory corruption.)
- else
- AC_MSG_ERROR(--with-fdsetsize used without value)
- fi
- ]
-)
-
dnl =================================================================
dnl Support for thread-safe versions of gethostbyaddr, gethostbyname,
dnl gmtime and localtime
AC_DEFINE(FEATURE_STATISTICS)
fi],AC_DEFINE(FEATURE_STATISTICS))
+AC_ARG_ENABLE(extended-statistics,
+[ --enable-extended-statistics Gather extended statistics.],
+[if test $enableval = yes; then
+ AC_DEFINE(FEATURE_EXTENDED_STATISTICS)
+fi])
+
AC_ARG_ENABLE(image-blocking,
[ --disable-image-blocking Don't try to figure out whether a request is
for an image or HTML - assume HTML.],
AC_DEFINE(FEATURE_GRACEFUL_TERMINATION)
fi])
-AC_ARG_ENABLE(extended-host-patterns,
-[ --enable-extended-host-patterns Enable and require PCRE syntax in host patterns. This feature hasn't
- been announced yet and it's not clear if it's a good idea. It's expected
- to work, but undocumented. You should only enable it if you know what
- PCRE is and are sure that you need it for your host patterns. You can
- use tools/url-pattern-translator.pl to convert existing action files to
- use PCRE host patterns. Please don't enable this option when creating
- packages for others that may not be expecting it.],
+AC_ARG_ENABLE(pcre-host-patterns,
+[ --enable-pcre-host-patterns Allow to use PCRE syntax in host patterns by prefixing the pattern with
+ "PCRE-HOST-PATTERN:". You can use tools/url-pattern-translator.pl to
+ convert existing action files to use PCRE host patterns.],
[if test $enableval = yes; then
- AC_DEFINE(FEATURE_EXTENDED_HOST_PATTERNS)
+ AC_DEFINE(FEATURE_PCRE_HOST_PATTERNS)
fi])
AC_ARG_ENABLE(external-filters,
FUZZ_ONLY="#"
AC_ARG_ENABLE(fuzz,
-[ --enable-fuzz Enable code that makes fuzzing more convenient],
+[ --enable-fuzz Enable code that makes fuzzing more convenient],
[if test $enableval = yes; then
FUZZ_ONLY=""
AC_DEFINE(FUZZ,1,[Define to make fuzzing more convenient.])
LIBS="$LIBS -lpcre -lpcreposix"
else
AC_MSG_WARN([You are using the static PCRE code which is out of date and scheduled for removal, for details see:
- http://sourceforge.net/mailarchive/forum.php?thread_name=20080511195555.2dc6cfdc%40fabiankeil.de&forum_name=ijbswa-developers])
+ https://sourceforge.net/p/ijbswa/mailman/ijbswa-developers/thread/20080511195555.2dc6cfdc@fabiankeil.de/])
pcre_dyn=no
# STATIC_PCRE is a name pcre needs to statically link on Windows.
# Privoxy itself no longer uses it.
AC_SUBST(STATIC_PCRE_ONLY)
AC_SUBST(STATIC_PCRS_ONLY)
+FEATURE_HTTPS_INSPECTION_ONLY=#
dnl ========================================================
dnl check for mbedTLS which is required for https inspection
dnl ========================================================
-FEATURE_HTTPS_INSPECTION_ONLY=#
+FEATURE_HTTPS_INSPECTION_ONLY_MBEDTLS=#
OPT_MBEDTLS=no
AC_ARG_WITH(mbedtls,dnl
AC_HELP_STRING([--with-mbedtls], [Enable mbedTLS detection for https inspection.])
AC_CHECK_LIB(mbedtls, mbedtls_ssl_init,
[
- AC_DEFINE(FEATURE_HTTPS_INSPECTION, 1, [if mbedTLS is enabled])
- AC_SUBST(FEATURE_HTTPS_INSPECTION, [1])
- FEATURE_HTTPS_INSPECTION="yes"
+ AC_DEFINE(FEATURE_HTTPS_INSPECTION, 1, [if SSL/TLS is enabled])
+ AC_DEFINE(FEATURE_HTTPS_INSPECTION_MBEDTLS, 1, [if mbedTLS is enabled])
+ AC_SUBST(FEATURE_HTTPS_INSPECTION_MBEDTLS, [1])
+ FEATURE_HTTPS_INSPECTION_MBEDTLS="yes"
], [], -lmbedx509 -lmbedcrypto)
- if test "x$FEATURE_HTTPS_INSPECTION" = "xyes"; then
+ if test "x$FEATURE_HTTPS_INSPECTION_MBEDTLS" = "xyes"; then
AC_MSG_NOTICE([Detected mbedTLS. Enabling https inspection.])
LIBS="-lmbedtls -lmbedx509 -lmbedcrypto $LIBS"
old_CFLAGS_nospecial="-Imbedtls/include $old_CFLAGS_nospecial"
FEATURE_HTTPS_INSPECTION_ONLY=
+ FEATURE_HTTPS_INSPECTION_ONLY_MBEDTLS=
fi
fi
-AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY)
+AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY_MBEDTLS)
+dnl =================================================================
+dnl check for OpenSSL/LibreSSL which is required for https inspection
+dnl =================================================================
+FEATURE_HTTPS_INSPECTION_ONLY_OPENSSL=#
+OPT_OPENSSL=no
+AC_ARG_WITH(openssl,dnl
+AC_HELP_STRING([--with-openssl], [Enable OpenSSL/LibreSSL detection for https inspection.])
+AC_HELP_STRING([--without-openssl], [Disable OpenSSL/LibreSSL detection]),
+ OPT_OPENSSL=$withval)
+
+if test X"$OPT_OPENSSL" != Xno; then
+ if test "$PORTNAME" != "win32"; then
+ AC_CHECK_LIB(crypto, CRYPTO_new_ex_data, [], [AC_MSG_ERROR([library 'crypto' is required for OpenSSL])])
+ FOUND_SSL_LIB="no"
+ AC_CHECK_LIB(ssl, OPENSSL_init_ssl, [FOUND_SSL_LIB="yes"])
+ AC_CHECK_LIB(ssl, SSL_library_init, [FOUND_SSL_LIB="yes"])
+ AS_IF([test "x$FOUND_SSL_LIB" = xno], [AC_MSG_ERROR([library 'ssl' is required for OpenSSL])])
+ else
+ AC_SEARCH_LIBS(CRYPTO_new_ex_data, eay32 crypto, [], [AC_MSG_ERROR([library 'eay32' or 'crypto' is required for OpenSSL])])
+ FOUND_SSL_LIB="no"
+ AC_SEARCH_LIBS(OPENSSL_init_ssl, ssleay32 ssl, [FOUND_SSL_LIB="yes"])
+ AC_SEARCH_LIBS(SSL_library_init, ssleay32 ssl, [FOUND_SSL_LIB="yes"])
+ AS_IF([test "x$FOUND_SSL_LIB" = xno], [AC_MSG_ERROR([library 'ssleay32' or 'ssl' is required for OpenSSL])])
+ fi
+
+ if test "x$FOUND_SSL_LIB" = xyes; then
+ AC_DEFINE(FEATURE_HTTPS_INSPECTION, 1, [if SSL/TLS is enabled])
+ AC_DEFINE(FEATURE_HTTPS_INSPECTION_OPENSSL, 1, [if OpenSSL is enabled])
+ AC_SUBST(FEATURE_HTTPS_INSPECTION_OPENSSL, [1])
+ FEATURE_HTTPS_INSPECTION="yes"
+ FEATURE_HTTPS_INSPECTION_OPENSSL="yes"
+ fi
+
+ if test "x$FEATURE_HTTPS_INSPECTION_OPENSSL" = "xyes"; then
+ AC_MSG_NOTICE([Detected OpenSSL. Enabling https inspection.])
+ AC_MSG_WARN([If you intend to redistribute Privoxy, please make sure the "special exception" from section 3 of the GPLv2 applies.])
+
+ LIBS="$LIBS -lssl -lcrypto"
+ old_CFLAGS_nospecial="$old_CFLAGS_nospecial"
+
+ FEATURE_HTTPS_INSPECTION_ONLY=
+ FEATURE_HTTPS_INSPECTION_ONLY_OPENSSL=
+ fi
+fi
+AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY_OPENSSL)
+
+AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY)
dnl ========================================================
dnl Check for Brotli which can be used for decompression