X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=configure.in;h=7d3341de46d3b23e250ff9abd77e2f054d59b462;hp=3f4693f4c724d7f4b488970b64aa6bdce9086382;hb=523648cdc644e38efc12e381c4076c51d95bd923;hpb=cb0aeafa8ccdb26e1af249694b91eaa0099e3e58 diff --git a/configure.in b/configure.in index 3f4693f4..7d3341de 100644 --- a/configure.in +++ b/configure.in @@ -1,38 +1,36 @@ dnl Process this file with autoconf to produce a configure script. -dnl -dnl $Id: configure.in,v 1.158 2011/06/23 14:01:01 fabiankeil Exp $ -dnl -dnl Written by and Copyright (C) 2001-2010 the -dnl Privoxy team. http://www.privoxy.org/ +dnl +dnl Written by and Copyright (C) 2001-2020 the +dnl Privoxy team. https://www.privoxy.org/ dnl dnl Based on the Internet Junkbuster originally written -dnl by and Copyright (C) 1997 Anonymous Coders and +dnl by and Copyright (C) 1997 Anonymous Coders and dnl Junkbusters Corporation. http://www.junkbusters.com dnl -dnl This program is free software; you can redistribute it +dnl This program is free software; you can redistribute it dnl and/or modify it under the terms of the GNU General dnl Public License as published by the Free Software dnl Foundation; either version 2 of the License, or (at dnl your option) any later version. -dnl +dnl dnl This program is distributed in the hope that it will dnl be useful, but WITHOUT ANY WARRANTY; without even the dnl implied warranty of MERCHANTABILITY or FITNESS FOR A dnl PARTICULAR PURPOSE. See the GNU General Public dnl License for more details. -dnl +dnl dnl The GNU General Public License should be included with dnl this file. If not, you can view it at dnl http://www.gnu.org/copyleft/gpl.html dnl or write to the Free Software Foundation, Inc., 59 dnl Temple Place - Suite 330, Boston, MA 02111-1307, USA. -dnl +dnl dnl ================================================================= dnl AutoConf Initialization dnl ================================================================= -AC_REVISION($Revision: 1.158 $) +AC_REVISION($Revision: 1.213 $) AC_INIT(jcc.c) if test ! -f config.h.in; then @@ -44,7 +42,7 @@ if test ! -f config.h.in; then else autoheader fi -fi +fi AC_CONFIG_HEADER([config.h]) AC_CANONICAL_HOST @@ -52,13 +50,13 @@ AC_CANONICAL_HOST dodk=auto DKPREFIX=none AC_ARG_WITH(docbook, dnl - --with-docbook=[[yes|no|directory]] - Enable docbook documentation creation + --with-docbook=[[yes|no|directory]] + Enable docbook documentation creation (default = yes, for gnu and linux),[dnl case "$with_docbook" in yes) dodk=yes;; no) dodk=no;; -*) +*) dodk=yes DKPREFIX=$withval ;; @@ -78,12 +76,17 @@ dnl ================================================================= VERSION_MAJOR=3 VERSION_MINOR=0 -VERSION_POINT=18 +VERSION_POINT=29 CODE_STATUS="UNRELEASED" -dnl CODE_STATUS can be "alpha", "beta", or "stable", and will be -dnl used for CGI output. Set version to 0.0.0 and status to "UNRELEASED" -dnl whenever CVS in a stable branch differs from the last release. +dnl Timestamp (date +%s) used by the mtree-spec target. +dnl Should be updated before releases but forgetting it isn't critical. +SOURCE_DATE_EPOCH=1605695571 + +dnl CODE_STATUS can be "alpha", "beta", "stable" or "UNRELEASED", +dnl and will be used for CGI output. Increment version number and +dnl set status to "UNRELEASED" whenever CVS differs from the last +dnl release and no new release is near. dnl ================================================================= dnl Substitute the version numbers @@ -93,6 +96,7 @@ AC_SUBST(VERSION_MAJOR) AC_SUBST(VERSION_MINOR) AC_SUBST(VERSION_POINT) AC_SUBST(CODE_STATUS) +AC_SUBST(SOURCE_DATE_EPOCH) dnl AC_DEFINE_UNQUOTED(VERSION_MAJOR,${VERSION_MAJOR}) @@ -124,7 +128,7 @@ AC_SUBST(ID) AC_SUBST(BGROUPS) dnl ================================================================= -dnl debug, gcc and gdb support +dnl debug, gcc and gdb support dnl ================================================================= AC_ARG_WITH(debug, @@ -159,7 +163,7 @@ dnl Check for user and group validity dnl ================================================================= -if test "$EMXOS2" = yes; then +if test "$host_os" = haiku; then echo "Skipping user and group validity stuff."; else @@ -202,7 +206,7 @@ else AC_MSG_CHECKING([for group]) AC_ARG_WITH(group, [ --with-group=privoxy Set group for privoxy], - [ + [ if test "x$withval" != "xyes"; then if test $BGROUPS = no ; then AC_MSG_ERROR(There is no 'groups' program on this system) @@ -210,12 +214,14 @@ else AC_MSG_RESULT($with_group) $BGROUPS $USER >/dev/null if test $? -eq 0 ; then - # FIXME: this fails if valid group, but not first group - # listed. - if test "$with_group" != "`$BGROUPS $USER | sed 's/.*: //' 2>/dev/null |$AWK '{print $1}'`" ; then + for i in `$BGROUPS $USER | sed 's/.*: //' 2>/dev/null`; do + if test "x$i" = "x$with_group" ; then + GROUP=$with_group + break + fi + done + if test "x$GROUP" != "x$with_group" ; then AC_MSG_ERROR(The given value '$withval' does not match group entry) - else - GROUP=$with_group; fi else AC_MSG_ERROR(There is no group entry for user '$USER') @@ -241,7 +247,7 @@ fi dnl ================================================================= dnl additional gcc flags dnl ================================================================= -dnl +dnl if test "$GCC"; then if test "$host" != "powerpc-unknown-amigaos"; then CFLAGS="-pipe $CFLAGS" @@ -259,7 +265,7 @@ dnl Reason: This sets CFLAGS in order to switch the Cygwin compiler dnl into Cygwin or MinGW32 modes. Depending on the mode selected, dnl the compiler will use completely different sets of library dnl and include files. -dnl +dnl dnl ================================================================= AC_MINGW32 @@ -279,7 +285,7 @@ if test $dodk = auto; then dodk=no if test $target_type = unix; then case "$host_os" in - linux* | gnu*) + linux* | gnu* | *bsd*) dodk=yes ;; esac @@ -299,8 +305,11 @@ fi]) if test $target_type = mingw; then WIN_ONLY= CFLAGS="$CFLAGS -DWINVER=0x501" - SPECIAL_CFLAGS="-mwindows -mno-cygwin" - PTHREAD_LIB=-lpthreadGC + SPECIAL_CFLAGS="-mwindows" +dnl from the cygwin FAQ: The regular setup allows you to use the -mwindows option +dnl to include a set of the basic libraries user32, gdi32 and comdlg32. +dnl (and also make your program a GUI program instead of a console program) + PTHREAD_LIB=-lpthread echo "Using mingw32 (Win32 GUI)" else WIN_ONLY=# @@ -315,20 +324,19 @@ else fi AC_SUBST(WIN_ONLY) -dnl Checking which text html browser we have available if test $dodk != no; then - AC_CHECK_PROGS(WDUMP,w3m lynx links,false) - if test "$WDUMP" = false; then - AC_MSG_WARN(You need some kind of text browser to build documentation \(w3m, lynx and links are supported\)) + AC_CHECK_PROGS(W3M, w3m, false) + if test "$W3M" = false; then + AC_MSG_WARN(You need w3m to build text documentation.) fi if test $DB2HTML = false; then dnl We need to clean the variable, otherwise AC_CHECK_PROGS - dnl will fail + dnl will fail DB2HTML="" AC_CHECK_PROGS(DB2HTML,db2html docbook2html,false) fi fi -AC_SUBST(WDUMP) +AC_SUBST(W3M) AC_SUBST(DB2HTML) dnl If we use rpm, we need to check where %_topdir is @@ -341,10 +349,16 @@ if test $RPMBIN != false; then fi AC_SUBST(RPM_BASE) +dnl prefer openjade to jade dnl Check for jade, so we can build the documentation -AC_CHECK_PROGS(JADEBIN,jade openjade,false) +AC_CHECK_PROGS(JADEBIN,openjade jade,false) AC_SUBST(JADEBIN) +dnl Prefer OpenSP to SP +dnl ref: https://lists.privoxy.org/pipermail/privoxy-devel/2018-November/000293.html +AC_CHECK_PROGS(NSGMLS,onsgmls nsgmls,false) +AC_SUBST(NSGMLS) + dnl Check for man2html for docs. AC_CHECK_PROGS(MAN2HTML,man2html,false) AC_SUBST(MAN2HTML) @@ -381,6 +395,7 @@ dnl echo -n "checking for $i/html/docbook.dsl..." for i in /usr/share/sgml/CATALOG.docbk30 \ /usr/share/sgml/CATALOG.docbk31 \ /usr/share/sgml/CATALOG.docbk31 \ + /usr/local/share/sgml/docbook/2.4.1/docbook.cat \ /usr/local/share/sgml/docbook/3.0/docbook.cat \ /usr/local/share/sgml/docbook/3.1/docbook.cat \ /usr/share/sgml/docbook/dtd/3.1/docbook.cat \ @@ -406,6 +421,10 @@ AC_ARG_ENABLE(large-file-support, CFLAGS="$CFLAGS -D_FILE_OFFSET_BITS=64 -D_LARGE_FILES -D_LARGEFILE_SOURCE=1" fi]) +AC_ARG_ENABLE(static-linking, +[ --enable-static-linking Use static linking instead of dynamic linking (ie. LDFLAGS=-static)], +[ if test $enableval = yes; then LDFLAGS="$LDFLAGS -static"; fi ]) + dnl Save old CFLAGS so we can restore them later, then add SPECIAL_CFLAGS old_CFLAGS_nospecial=$CFLAGS CFLAGS="$CFLAGS $SPECIAL_CFLAGS" @@ -429,7 +448,7 @@ AC_ARG_ENABLE(pthread, [if test $enableval = no; then # Disable pthreads if test $have_pthread = yes; then - AC_MSG_WARN([pthreads seem to be available but you are using --disable-pthread.]) + AC_MSG_WARN([pthreads seem to be available but you are using --disable-pthread.]) AC_MSG_WARN([This is almost always a mistake and can render Privoxy unacceptable slow.]) fi have_pthread=no @@ -462,6 +481,27 @@ fi AC_SUBST(PTHREAD_ONLY) +dnl ================================================================= +dnl On most platforms select() does not support fd numbers above +dnl FD_SETSIZE, as a result Privoxy can't handle more than +dnl approximately FD_SETSIZE/2 client connections. +dnl On some platforms the value can be changed at compile time, +dnl on others it's hardcoded and requires recompilation of the OS. +dnl Only relevant if select() is actually being used. +dnl ================================================================= +AC_ARG_WITH(fdsetsize, + [ --with-fdsetsize=n Optimistically redefine FD_SETSIZE with the intend to change the number of connections Privoxy can handle. Dangerous if the platform doesn't support this. Pointless if Privoxy can use poll() instead of select().], + [ + if test "x$withval" != "xyes"; then + AC_DEFINE_UNQUOTED(FD_SETSIZE,$with_fdsetsize,[Relevant for select(). Not honoured by all OS.]) + echo "Redefining FD_SETSIZE to $with_fdsetsize." + AC_MSG_WARN(On platforms that don't support FD_SETSIZE redefinition it may cause memory corruption.) + else + AC_MSG_ERROR(--with-fdsetsize used without value) + fi + ] +) + dnl ================================================================= dnl Support for thread-safe versions of gethostbyaddr, gethostbyname, dnl gmtime and localtime @@ -626,12 +666,16 @@ dnl ================================================================= dnl Solaris problem, and others perhaps (socklen_t is undefined) dnl ================================================================= +if test $target_type != mingw; then +# i686-w64-mingw32-gcc gets socklen_t define from ws2tcpip.h + AC_MSG_CHECKING([for socklen_t]) AC_EGREP_HEADER(socklen_t, sys/socket.h, AC_MSG_RESULT([yes]), AC_MSG_RESULT([no]) AC_DEFINE(socklen_t,int, [ Define to 'int' if doesn't have it. ])) +fi dnl ================================================================= dnl OS/2 specific @@ -647,10 +691,10 @@ AC_SUBST(SOCKET_LIB) dnl ================================================================= dnl Mac OSX specific dnl ================================================================= - + case "$host" in *-apple-darwin*) SPECIAL_CFLAGS="-Dunix" -;; +;; esac dnl ================================================================= @@ -663,17 +707,24 @@ case "$host" in esac dnl ================================================================= -dnl AmigaOS specific +dnl Haiku specific dnl ================================================================= -AMIGAOS_ONLY=# +if test "$host_os" = haiku; then + # Omit the "-pthread" flag to gcc, even when building with gcc 2.95 + SPECIAL_CFLAGS= -case "$host" in -*-amigaos) AMIGAOS_ONLY= -;; -esac + # Haiku's pthreads implementation exists in its system library, + # libroot, not in a separate pthreads library + PTHREAD_LIB= -AC_SUBST(AMIGAOS_ONLY) + # Networking code exists in libnetwork + SOCKET_LIB=-lnetwork + + # Search Haiku's common-library folder to find its pcre and + # pcreposix libraries + LIBS="-L/boot/common/lib $LIBS" +fi dnl ================================================================= dnl Check for standard compiler stuff @@ -693,18 +744,70 @@ AC_CHECK_SIZEOF(char *, 4) AC_CHECK_SIZEOF(long, 4) AC_CHECK_SIZEOF(long long, 8) AC_CHECK_SIZEOF(size_t, 4) +AC_CHECK_SIZEOF(time_t, 8) dnl Checks for header files. -dnl AC_HEADER_SYS_WAIT -dnl AC_CHECK_HEADERS(fcntl.h limits.h malloc.h sys/time.h unistd.h) -AC_CHECK_HEADERS([OS.h arpa/inet.h errno.h fcntl.h limits.h locale.h netdb.h netinet/in.h stddef.h stdlib.h string.h sys/ioctl.h sys/socket.h sys/time.h sys/timeb.h sys/wait.h unistd.h]) +AC_CHECK_HEADERS([ \ + OS.h \ + arpa/inet.h \ + errno.h \ + fcntl.h \ + limits.h \ + locale.h \ + netdb.h \ + netinet/in.h \ + stddef.h \ + stdlib.h \ + string.h \ + sys/ioctl.h \ + sys/socket.h \ + sys/time.h \ + sys/timeb.h \ + sys/wait.h \ + unistd.h \ +]) dnl Checks for library functions. dnl bcopy is for PCRE AC_CHECK_FUNCS([bcopy]) AC_PROG_GCC_TRADITIONAL AC_TYPE_SIGNAL -AC_CHECK_FUNCS([access atexit getcwd gethostbyaddr gethostbyaddr_r gethostbyname gethostbyname_r gettimeofday inet_ntoa localtime_r memchr memmove memset poll putenv random regcomp select setlocale snprintf socket strchr strdup strerror strftime strlcat strlcpy strptime strstr strtoul timegm tzset]) +AC_CHECK_FUNCS([ \ + access \ + arc4random \ + atexit \ + calloc \ + getcwd \ + gethostbyaddr \ + gethostbyaddr_r \ + gethostbyname \ + gethostbyname_r \ + gettimeofday \ + inet_ntoa \ + memchr \ + memmove \ + memset \ + nanosleep \ + poll \ + putenv \ + random \ + regcomp \ + select \ + setlocale \ + shutdown \ + snprintf \ + socket \ + strchr \ + strdup \ + strerror \ + strftime \ + strlcat \ + strlcpy \ + strptime \ + strtoul \ + timegm \ + tzset \ +]) dnl Checks for RFC 2553 resolver and socket functions AC_ARG_ENABLE(ipv6-support, @@ -722,6 +825,7 @@ elif test $target_type = mingw; then AC_MSG_CHECKING(getaddrinfo in ws2_32) AC_TRY_LINK( [ + #include #include #include ], @@ -733,6 +837,7 @@ elif test $target_type = mingw; then AC_MSG_CHECKING(getnameinfo in ws2_32) AC_TRY_LINK( [ + #include #include #include ], @@ -773,7 +878,7 @@ AC_CHECK_LIB(pcre, pcre_compile, [ ], [have_pcre=no]) ]) ], [have_pcre=no]) - + AC_CHECK_LIB(pcreposix, regcomp, [ AC_CHECK_HEADER(pcreposix.h, [ AC_EGREP_HEADER(pcreposix_regerror, pcreposix.h, [AC_MSG_WARN([[pcreposix old version installed]]); have_pcreposix=no], [have_pcreposix=yes]) @@ -782,7 +887,7 @@ AC_CHECK_LIB(pcreposix, regcomp, [ AC_EGREP_HEADER(pcreposix_regerror, pcre/pcreposix.h, [AC_MSG_WARN([[pcreposix old version installed]]); have_pcreposix=no], [have_pcreposix=yes]; [AC_DEFINE(PCREPOSIX_H_IN_SUBDIR)]) ], [have_pcreposix=no]) ]) -], [have_pcreposix=no], -lpcre) +], [have_pcreposix=no], -lpcre) dnl ================================================================ dnl libpcrs is temporarily disabled. @@ -829,15 +934,14 @@ AC_ARG_ENABLE(stats, AC_DEFINE(FEATURE_STATISTICS) fi],AC_DEFINE(FEATURE_STATISTICS)) -AC_ARG_ENABLE(ie-images, -[ --enable-ie-images Enable a quick but not always reliable auto-detect whether requests from - MS Internet Explorer are for an image or not.], +AC_ARG_ENABLE(extended-statistics, +[ --enable-extended-statistics Gather extended statistics.], [if test $enableval = yes; then - AC_DEFINE(FEATURE_IMAGE_DETECT_MSIE) -fi],) + AC_DEFINE(FEATURE_EXTENDED_STATISTICS) +fi]) AC_ARG_ENABLE(image-blocking, -[ --disable-image-blocking Don't try to figure out whether a request is +[ --disable-image-blocking Don't try to figure out whether a request is for an image or HTML - assume HTML.], [if test $enableval = yes; then AC_DEFINE(FEATURE_IMAGE_BLOCKING) @@ -845,7 +949,7 @@ fi], AC_DEFINE(FEATURE_IMAGE_BLOCKING)) AC_ARG_ENABLE(acl-support, -[ --disable-acl-support Prevents the use of ACLs to control access to +[ --disable-acl-support Prevents the use of ACLs to control access to Privoxy by IP address.], [if test $enableval = yes; then AC_DEFINE(FEATURE_ACL) @@ -880,16 +984,18 @@ AC_ARG_ENABLE(graceful-termination, AC_DEFINE(FEATURE_GRACEFUL_TERMINATION) fi]) -AC_ARG_ENABLE(extended-host-patterns, -[ --enable-extended-host-patterns Enable and require PCRE syntax in host patterns. This feature hasn't - been announced yet and it's not clear if it's a good idea. It's expected - to work, but undocumented. You should only enable it if you know what - PCRE is and are sure that you need it for your host patterns. You can - use tools/url-pattern-translator.pl to convert existing action files to - use PCRE host patterns. Please don't enable this option when creating - packages for others that may not be expecting it.], +AC_ARG_ENABLE(pcre-host-patterns, +[ --enable-pcre-host-patterns Allow to use PCRE syntax in host patterns by prefixing the pattern with + "PCRE-HOST-PATTERN:". You can use tools/url-pattern-translator.pl to + convert existing action files to use PCRE host patterns.], +[if test $enableval = yes; then + AC_DEFINE(FEATURE_PCRE_HOST_PATTERNS) +fi]) + +AC_ARG_ENABLE(external-filters, +[ --enable-external-filters Allow to filter content with scripts and programs. Experimental.], [if test $enableval = yes; then - AC_DEFINE(FEATURE_EXTENDED_HOST_PATTERNS) + AC_DEFINE(FEATURE_EXTERNAL_FILTERS,1,[Define to 1 to allow to filter content with scripts and programs.]) fi]) AC_ARG_ENABLE(accept-filter, @@ -898,6 +1004,36 @@ AC_ARG_ENABLE(accept-filter, AC_DEFINE(FEATURE_ACCEPT_FILTER) fi]) +AC_ARG_ENABLE(strptime-sanity-checks, +[ --enable-strptime-sanity-checks Only trust strptime() results if an additional strftime()/strptime() + conversion doesn't change the result. Can be useful if strptime() is + known or suspected to be broken.], +[if test $enableval = yes; then + AC_DEFINE(FEATURE_STRPTIME_SANITY_CHECKS) +fi]) + +AC_ARG_ENABLE(client-tags, +[ --disable-client-tags Disable support for client-specific tags], +[ if test $enableval = "no"; then have_client_tags=no; fi ]) +if test "${have_client_tags}" = "no"; then + echo "Disabling support for client-specific tags." + FEATURE_CLIENT_TAGS_ONLY="#" +else + echo "Enabling support for client-specific tags." + AC_DEFINE(FEATURE_CLIENT_TAGS,1,[Define to enable support for client-specific tags.]) + FEATURE_CLIENT_TAGS_ONLY="" +fi +AC_SUBST(FEATURE_CLIENT_TAGS_ONLY) + +FUZZ_ONLY="#" +AC_ARG_ENABLE(fuzz, +[ --enable-fuzz Enable code that makes fuzzing more convenient], +[if test $enableval = yes; then + FUZZ_ONLY="" + AC_DEFINE(FUZZ,1,[Define to make fuzzing more convenient.]) +fi]) +AC_SUBST(FUZZ_ONLY) + dnl pcre/pcrs is needed for CGI anyway, so dnl the choice is only between static and dnl dynamic: @@ -932,7 +1068,7 @@ if test $enableval2 = yes; then AC_MSG_WARN([No zlib found. Privoxy will not be able to filter compressed content. This may become a fatal error in the future.]) - fi + fi fi AC_ARG_ENABLE(compression, @@ -956,13 +1092,16 @@ fi if test $have_pcre = "yes"; then echo "using libpcre" pcre_dyn=yes + AC_DEFINE(FEATURE_DYNAMIC_PCRE,1,[Define to dynamically link to pcre.]) STATIC_PCRE_ONLY=# LIBS="$LIBS -lpcre -lpcreposix" else AC_MSG_WARN([You are using the static PCRE code which is out of date and scheduled for removal, for details see: http://sourceforge.net/mailarchive/forum.php?thread_name=20080511195555.2dc6cfdc%40fabiankeil.de&forum_name=ijbswa-developers]) pcre_dyn=no - AC_DEFINE(STATIC_PCRE) + # STATIC_PCRE is a name pcre needs to statically link on Windows. + # Privoxy itself no longer uses it. + AC_DEFINE(STATIC_PCRE,1,[Define to statically link to internal outdated pcre on Windows.]) STATIC_PCRE_ONLY= fi @@ -994,6 +1133,109 @@ dnl fi AC_SUBST(STATIC_PCRE_ONLY) AC_SUBST(STATIC_PCRS_ONLY) +FEATURE_HTTPS_INSPECTION_ONLY=# +dnl ======================================================== +dnl check for mbedTLS which is required for https inspection +dnl ======================================================== +FEATURE_HTTPS_INSPECTION_ONLY_MBEDTLS=# +OPT_MBEDTLS=no +AC_ARG_WITH(mbedtls,dnl +AC_HELP_STRING([--with-mbedtls], [Enable mbedTLS detection for https inspection.]) +AC_HELP_STRING([--without-mbedtls], [Disable mbedTLS detection]), + OPT_MBEDTLS=$withval) + +if test X"$OPT_MBEDTLS" != Xno; then + + AC_CHECK_LIB(mbedtls, mbedtls_ssl_init, + [ + AC_DEFINE(FEATURE_HTTPS_INSPECTION, 1, [if SSL/TLS is enabled]) + AC_DEFINE(FEATURE_HTTPS_INSPECTION_MBEDTLS, 1, [if mbedTLS is enabled]) + AC_SUBST(FEATURE_HTTPS_INSPECTION_MBEDTLS, [1]) + FEATURE_HTTPS_INSPECTION_MBEDTLS="yes" + ], [], -lmbedx509 -lmbedcrypto) + + if test "x$FEATURE_HTTPS_INSPECTION_MBEDTLS" = "xyes"; then + AC_MSG_NOTICE([Detected mbedTLS. Enabling https inspection.]) + + LIBS="-lmbedtls -lmbedx509 -lmbedcrypto $LIBS" + old_CFLAGS_nospecial="-Imbedtls/include $old_CFLAGS_nospecial" + + FEATURE_HTTPS_INSPECTION_ONLY= + FEATURE_HTTPS_INSPECTION_ONLY_MBEDTLS= + fi +fi +AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY_MBEDTLS) + +dnl ================================================================= +dnl check for OpenSSL/LibreSSL which is required for https inspection +dnl ================================================================= +FEATURE_HTTPS_INSPECTION_ONLY_OPENSSL=# +OPT_OPENSSL=no +AC_ARG_WITH(openssl,dnl +AC_HELP_STRING([--with-openssl], [Enable OpenSSL/LibreSSL detection for https inspection.]) +AC_HELP_STRING([--without-openssl], [Disable OpenSSL/LibreSSL detection]), + OPT_OPENSSL=$withval) + +if test X"$OPT_OPENSSL" != Xno; then + if test "$PORTNAME" != "win32"; then + AC_CHECK_LIB(crypto, CRYPTO_new_ex_data, [], [AC_MSG_ERROR([library 'crypto' is required for OpenSSL])]) + FOUND_SSL_LIB="no" + AC_CHECK_LIB(ssl, OPENSSL_init_ssl, [FOUND_SSL_LIB="yes"]) + AC_CHECK_LIB(ssl, SSL_library_init, [FOUND_SSL_LIB="yes"]) + AS_IF([test "x$FOUND_SSL_LIB" = xno], [AC_MSG_ERROR([library 'ssl' is required for OpenSSL])]) + else + AC_SEARCH_LIBS(CRYPTO_new_ex_data, eay32 crypto, [], [AC_MSG_ERROR([library 'eay32' or 'crypto' is required for OpenSSL])]) + FOUND_SSL_LIB="no" + AC_SEARCH_LIBS(OPENSSL_init_ssl, ssleay32 ssl, [FOUND_SSL_LIB="yes"]) + AC_SEARCH_LIBS(SSL_library_init, ssleay32 ssl, [FOUND_SSL_LIB="yes"]) + AS_IF([test "x$FOUND_SSL_LIB" = xno], [AC_MSG_ERROR([library 'ssleay32' or 'ssl' is required for OpenSSL])]) + fi + + if test "x$FOUND_SSL_LIB" = xyes; then + AC_DEFINE(FEATURE_HTTPS_INSPECTION, 1, [if SSL/TLS is enabled]) + AC_DEFINE(FEATURE_HTTPS_INSPECTION_OPENSSL, 1, [if OpenSSL is enabled]) + AC_SUBST(FEATURE_HTTPS_INSPECTION_OPENSSL, [1]) + FEATURE_HTTPS_INSPECTION="yes" + FEATURE_HTTPS_INSPECTION_OPENSSL="yes" + fi + + if test "x$FEATURE_HTTPS_INSPECTION_OPENSSL" = "xyes"; then + AC_MSG_NOTICE([Detected OpenSSL. Enabling https inspection.]) + + LIBS="$LIBS -lssl -lcrypto" + old_CFLAGS_nospecial="$old_CFLAGS_nospecial" + + FEATURE_HTTPS_INSPECTION_ONLY= + FEATURE_HTTPS_INSPECTION_ONLY_OPENSSL= + fi +fi +AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY_OPENSSL) + +AC_SUBST(FEATURE_HTTPS_INSPECTION_ONLY) + +dnl ======================================================== +dnl Check for Brotli which can be used for decompression +dnl ======================================================== +WITH_BROTLI=no +AC_ARG_WITH(brotli, +AC_HELP_STRING([--with-brotli], [Enable Brotli detection]) +AC_HELP_STRING([--without-brotli], [Disable Brotli detection]), + WITH_BROTLI=$withval) + +if test X"$WITH_BROTLI" != Xno; then + + LIBS="$LIBS -lbrotlidec" + + AC_CHECK_LIB(brotlidec, BrotliDecoderDecompress) + + AC_CHECK_HEADERS(brotli/decode.h, + FEATURE_BROTLI=1 + AC_DEFINE(FEATURE_BROTLI, 1, [If Brotli is used for decompression]) + AC_SUBST(FEATURE_BROTLI, [1]) + ) +fi + + dnl ================================================================= dnl Final cleanup and output dnl =================================================================