summaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac178
1 files changed, 159 insertions, 19 deletions
diff --git a/configure.ac b/configure.ac
index 1463af721c..1d8cfa78f0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
dnl Copyright (c) 2007-2013, The Tor Project, Inc.
dnl See LICENSE for licensing information
-AC_INIT([tor],[0.2.4.22-dev])
+AC_INIT([tor],[0.2.5.5-alpha-dev])
AC_CONFIG_SRCDIR([src/or/main.c])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE
@@ -24,7 +24,9 @@ CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common"
#XXXX020 We should make these enabled or not, before 0.2.0.x-final
AC_ARG_ENABLE(buf-freelists,
- AS_HELP_STRING(--disable-buf-freelists, disable freelists for buffer RAM))
+ AS_HELP_STRING(--enable-buf-freelists, enable freelists for buffer RAM))
+AC_ARG_ENABLE(mempools,
+ AS_HELP_STRING(--enable-mempools, enable mempools for relay cells))
AC_ARG_ENABLE(openbsd-malloc,
AS_HELP_STRING(--enable-openbsd-malloc, Use malloc code from openbsd. Linux only))
AC_ARG_ENABLE(instrument-downloads,
@@ -39,6 +41,13 @@ AC_ARG_ENABLE(static-tor,
AS_HELP_STRING(--enable-static-tor, Create an entirely static Tor binary. Requires --with-openssl-dir and --with-libevent-dir and --with-zlib-dir))
AC_ARG_ENABLE(curve25519,
AS_HELP_STRING(--disable-curve25519, Build Tor with no curve25519 elliptic-curve crypto support))
+AC_ARG_ENABLE(unittests,
+ AS_HELP_STRING(--disable-unittests, [Don't build unit tests for Tor. Risky!]))
+AC_ARG_ENABLE(coverage,
+ AS_HELP_STRING(--enable-coverage, [Enable coverage support in the unit-test build]))
+
+AM_CONDITIONAL(UNITTESTS_ENABLED, test x$enable_unittests != xno)
+AM_CONDITIONAL(COVERAGE_ENABLED, test x$enable_coverage = xyes)
if test "$enable_static_tor" = "yes"; then
enable_static_libevent="yes";
@@ -47,10 +56,17 @@ if test "$enable_static_tor" = "yes"; then
CFLAGS="$CFLAGS -static"
fi
-if test x$enable_buf_freelists != xno; then
+if test x$enable_buf_freelists = xyes; then
AC_DEFINE(ENABLE_BUF_FREELISTS, 1,
[Defined if we try to use freelists for buffer RAM chunks])
fi
+
+AM_CONDITIONAL(USE_MEMPOOLS, test x$enable_mempools = xyes)
+if test x$enable_mempools = xyes; then
+ AC_DEFINE(ENABLE_MEMPOOLS, 1,
+ [Defined if we try to use mempools for cells being relayed])
+fi
+
AM_CONDITIONAL(USE_OPENBSD_MALLOC, test x$enable_openbsd_malloc = xyes)
if test x$enable_instrument_downloads = xyes; then
AC_DEFINE(INSTRUMENT_DOWNLOADS, 1,
@@ -122,13 +138,13 @@ AC_ARG_ENABLE(gcc-warnings,
AC_ARG_ENABLE(gcc-warnings-advisory,
AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
-dnl Adam shostack suggests the following for Windows:
-dnl -D_FORTIFY_SOURCE=2 -fstack-protector-all
dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
-dnl This requires that we use gcc and that we add -O2 to the CFLAGS.
AC_ARG_ENABLE(gcc-hardening,
AS_HELP_STRING(--disable-gcc-hardening, disable compiler security checks))
+AC_ARG_ENABLE(expensive-hardening,
+ AS_HELP_STRING(--enable-expensive-hardening, enable more expensive compiler hardening; makes Tor slower))
+
dnl Linker hardening options
dnl Currently these options are ELF specific - you can't use this with MacOSX
AC_ARG_ENABLE(linker-hardening,
@@ -151,12 +167,32 @@ fi])
AC_ARG_ENABLE(bufferevents,
AS_HELP_STRING(--enable-bufferevents, use Libevent's buffered IO.))
+AC_ARG_ENABLE(tool-name-check,
+ AS_HELP_STRING(--disable-tool-name-check, check for sanely named toolchain when cross-compiling))
+
+AC_ARG_ENABLE(seccomp,
+ AS_HELP_STRING(--disable-seccomp, do not attempt to use libseccomp))
+
dnl check for the correct "ar" when cross-compiling
AN_MAKEVAR([AR], [AC_PROG_AR])
AN_PROGRAM([ar], [AC_PROG_AR])
AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])])
AC_PROG_AR
+dnl Check whether the above macro has settled for a simply named tool even
+dnl though we're cross compiling. We must do this before running AC_PROG_CC,
+dnl because that will find any cc on the system, not only the cross-compiler,
+dnl and then verify that a binary built with this compiler runs on the
+dnl build system. It will then come to the false conclusion that we're not
+dnl cross-compiling.
+if test x$enable_tool_name_check != xno; then
+ if test x$ac_tool_warned = xyes; then
+ AC_MSG_ERROR([We are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
+ elif test "x$ac_ct_AR" != x -a x$cross_compiling = xmaybe; then
+ AC_MSG_ERROR([We think we are cross compiling but could not find a properly named toolchain. Do you have your cross-compiling toolchain in PATH? (You can --disable-tool-name-check to ignore this.)])
+ fi
+fi
+
AC_PROG_CC
AC_PROG_CPP
AC_PROG_MAKE_SET
@@ -176,6 +212,13 @@ AM_CONDITIONAL(NAT_PMP, test x$natpmp = xtrue)
AM_CONDITIONAL(MINIUPNPC, test x$upnp = xtrue)
AM_PROG_CC_C_O
+AC_ARG_VAR(PYTHON)
+AC_CHECK_PROGS(PYTHON, [python python2 python2.7 python3 python3.3])
+if test "x$PYTHON" = "x"; then
+ AC_MSG_WARN([Python unavailable; some tests will not be run.])
+fi
+AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"])
+
ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
AC_C_FLEXIBLE_ARRAY_MEMBER
], [
@@ -295,6 +338,8 @@ dnl exports strlcpy without defining it in a header.
AC_CHECK_FUNCS(
_NSGetEnviron \
accept4 \
+ backtrace \
+ backtrace_symbols_fd \
clock_gettime \
flock \
ftime \
@@ -312,6 +357,7 @@ AC_CHECK_FUNCS(
memmem \
prctl \
rint \
+ sigaction \
socketpair \
strlcat \
strlcpy \
@@ -319,7 +365,9 @@ AC_CHECK_FUNCS(
strtok_r \
strtoull \
sysconf \
+ sysctl \
uname \
+ usleep \
vasprintf \
_vscprintf
)
@@ -395,7 +443,13 @@ save_CPPFLAGS="$CPPFLAGS"
LIBS="-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $LIBS"
LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
-AC_CHECK_FUNCS(event_get_version event_get_version_number event_get_method event_set_log_callback evdns_set_outgoing_bind_address event_base_loopexit)
+AC_CHECK_FUNCS([event_get_version \
+ event_get_version_number \
+ event_get_method \
+ event_set_log_callback \
+ evutil_secure_rng_set_urandom_device_file \
+ evutil_secure_rng_init \
+ event_base_loopexit])
AC_CHECK_MEMBERS([struct event.min_heap_idx], , ,
[#include <event.h>
])
@@ -492,7 +546,7 @@ dnl ------------------------------------------------------
dnl Where do you live, openssl? And how do we call you?
tor_openssl_pkg_redhat="openssl"
-tor_openssl_pkg_debian="libssl"
+tor_openssl_pkg_debian="libssl-dev"
tor_openssl_devpkg_redhat="openssl-devel"
tor_openssl_devpkg_debian="libssl-dev"
@@ -569,7 +623,16 @@ if test x$enable_gcc_hardening != xno; then
if test x$have_clang = xyes; then
TOR_CHECK_CFLAGS(-Qunused-arguments)
fi
- TOR_CHECK_CFLAGS(-fstack-protector-all)
+ TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
+ AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
+ AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
+ AS_VAR_IF(can_compile, [yes],
+ AS_VAR_IF(can_link, [yes],
+ [],
+ AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
+ )
+ AS_VAR_POPDEF([can_link])
+ AS_VAR_POPDEF([can_compile])
TOR_CHECK_CFLAGS(-Wstack-protector)
TOR_CHECK_CFLAGS(-fwrapv)
TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
@@ -579,10 +642,40 @@ if test x$enable_gcc_hardening != xno; then
fi
fi
+if test x$enable_expensive_hardening = xyes ; then
+ TOR_CHECK_CFLAGS([-fsanitize=address])
+ TOR_CHECK_CFLAGS([-fsanitize=undefined])
+ TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
+fi
+
if test x$enable_linker_hardening != xno; then
TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
fi
+# For backtrace support
+TOR_CHECK_LDFLAGS(-rdynamic)
+
+dnl ------------------------------------------------------
+dnl Now see if we have a -fomit-frame-pointer compiler option.
+
+saved_CFLAGS="$CFLAGS"
+TOR_CHECK_CFLAGS(-fomit-frame-pointer)
+F_OMIT_FRAME_POINTER=''
+if test "$saved_CFLAGS" != "$CFLAGS"; then
+ if test x$enable_expensive_hardening != xyes ; then
+ F_OMIT_FRAME_POINTER='-fomit-frame-pointer'
+ fi
+fi
+CFLAGS="$saved_CFLAGS"
+AC_SUBST(F_OMIT_FRAME_POINTER)
+
+dnl ------------------------------------------------------
+dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it
+dnl for us, as GCC 4.6 and later do at many optimization levels), then
+dnl we should try to add -fasynchronous-unwind-tables so that our backtrace
+dnl code will work.
+TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables)
+
dnl ------------------------------------------------------
dnl Where do you live, libnatpmp? And how do we call you?
dnl There are no packages for Debian or Redhat as of this patch
@@ -643,6 +736,14 @@ if test "$upnp" = "true"; then
fi
dnl ============================================================
+dnl Check for libseccomp
+
+if test "x$enable_seccomp" != "xno"; then
+ AC_CHECK_HEADERS([seccomp.h])
+ AC_SEARCH_LIBS(seccomp_init, [seccomp])
+fi
+
+dnl ============================================================
dnl We need an implementation of curve25519.
dnl set these defaults.
@@ -678,7 +779,7 @@ if test x$enable_curve25519 != xno; then
])],
[tor_cv_can_use_curve25519_donna_c64=yes],
[tor_cv_can_use_curve25519_donna_c64=no],
- [AC_COMPILE_IFELSE(
+ [AC_LINK_IFELSE(
[AC_LANG_PROGRAM([dnl
#include <stdint.h>
typedef unsigned uint128_t __attribute__((mode(TI)));
@@ -776,6 +877,7 @@ dnl These headers are not essential
AC_CHECK_HEADERS(
arpa/inet.h \
crt_externs.h \
+ execinfo.h \
grp.h \
ifaddrs.h \
inttypes.h \
@@ -797,7 +899,9 @@ AC_CHECK_HEADERS(
sys/param.h \
sys/prctl.h \
sys/resource.h \
+ sys/select.h \
sys/socket.h \
+ sys/sysctl.h \
sys/syslimits.h \
sys/time.h \
sys/types.h \
@@ -904,6 +1008,8 @@ AC_CHECK_SIZEOF(pid_t)
AC_CHECK_TYPES([uint, u_char, ssize_t])
+AC_PC_FROM_UCONTEXT([/bin/true])
+
dnl used to include sockaddr_storage, but everybody has that.
AC_CHECK_TYPES([struct in6_addr, struct sockaddr_in6, sa_family_t], , ,
[#ifdef HAVE_SYS_TYPES_H
@@ -1139,7 +1245,6 @@ if [[ $dmalloc -eq 1 ]]; then
AC_CHECK_HEADERS(dmalloc.h, , AC_MSG_ERROR(dmalloc header file not found. Do you have the development files for dmalloc installed?))
AC_SEARCH_LIBS(dmalloc_malloc, [dmallocth dmalloc], , AC_MSG_ERROR(Libdmalloc library not found. If you enable it you better have it installed.))
AC_DEFINE(USE_DMALLOC, 1, [Debug memory allocation library])
- AC_DEFINE(DMALLOC_FUNC_CHECK, 1, [Enable dmalloc's malloc function check])
AC_CHECK_FUNCS(dmalloc_strdup dmalloc_strndup)
fi
@@ -1381,6 +1486,12 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy
#error
#endif])], have_gcc43=yes, have_gcc43=no)
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
+#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 6)
+#error
+#endif])], have_gcc46=yes, have_gcc46=no)
+
+
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -Wshorten-64-to-32"
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [])], have_shorten64_flag=yes,
@@ -1432,31 +1543,60 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy
CFLAGS="$CFLAGS -Wextra -Warray-bounds"
fi
+ if test x$have_gcc46 = xyes ; then
+ # This warning was added in gcc 4.3, but it appears to generate
+ # spurious warnings in gcc 4.4. I don't know if it works in 4.5.
+ CFLAGS="$CFLAGS -Wlogical-op"
+ fi
+
if test x$have_shorten64_flag = xyes ; then
CFLAGS="$CFLAGS -Wshorten-64-to-32"
fi
+
+
##This will break the world on some 64-bit architectures
# CFLAGS="$CFLAGS -Winline"
fi
-
+if test "$enable_coverage" = yes && test "$have_clang" = "no"; then
+ case "$host_os" in
+ darwin*)
+ AC_MSG_WARN([Tried to enable coverage on OSX without using the clang compiler. This might not work! If coverage fails, use CC=clang when configuring with --enable-profiling.])
+ esac
+fi
CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent $TOR_CPPFLAGS_openssl $TOR_CPPFLAGS_zlib"
AC_CONFIG_FILES([
Doxyfile
Makefile
- contrib/suse/tor.sh
- contrib/tor.logrotate
- contrib/tor.sh
- contrib/torctl
- contrib/torify
+ contrib/dist/suse/tor.sh
+ contrib/operator-tools/tor.logrotate
+ contrib/dist/tor.sh
+ contrib/dist/torctl
+ contrib/dist/tor.service
src/config/torrc.sample
])
+if test x$asciidoc = xtrue && test "$ASCIIDOC" = "none" ; then
+ regular_mans="doc/tor doc/tor-gencert doc/tor-resolve doc/torify"
+ for file in $regular_mans ; do
+ if ! [[ -f "$srcdir/$file.1.in" ]] || ! [[ -f "$srcdir/$file.html.in" ]] ; then
+ echo "==================================";
+ echo;
+ echo "You need asciidoc installed to be able to build the manpage.";
+ echo "To build without manpages, use the --disable-asciidoc argument";
+ echo "when calling configure.";
+ echo;
+ echo "==================================";
+ exit 1;
+ fi
+ done
+fi
+
AC_OUTPUT
-if test -x /usr/bin/perl && test -x ./contrib/updateVersions.pl ; then
- ./contrib/updateVersions.pl
+if test -x /usr/bin/perl && test -x ./scripts/maint/updateVersions.pl ; then
+ ./scripts/maint/updateVersions.pl
fi