2 # Process this file with autoconf to produce a configure script.
4 sinclude(acx_nlnetlabs.m4)
5 sinclude(ax_pthread.m4)
6 sinclude(acx_python.m4)
7 sinclude(ac_pkg_swig.m4)
8 sinclude(dnstap/dnstap.m4)
9 sinclude(dnscrypt/dnscrypt.m4)
11 # must be numbers. ac_defun because of later processing
12 m4_define([VERSION_MAJOR],[1])
13 m4_define([VERSION_MINOR],[19])
14 m4_define([VERSION_MICRO],[0])
15 AC_INIT([unbound],m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]),[unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues],[unbound])
16 AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
17 AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
18 AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
21 LIBUNBOUND_REVISION=23
30 # 1.3.0 had 1:0:0 # ub_cancel and -export-symbols.
35 # 1.4.0-snapshots had 1:5:0
36 # 1.4.0 had 1:5:0 (not 2:0:0) # ub_result.why_bogus
50 # and 1.4.13p1 and 1.4.13.p2
52 # 1.4.15 had 3:0:1 # adds ub_version()
57 # 1.4.20 had 4:0:2 # adds libunbound.ttl # but shipped 3:5:1
60 # 1.5.0 had 5:3:3 # adds ub_ctx_add_ta_autr
68 # 1.5.8 had 6:0:4 # adds ub_ctx_set_stub
72 # 1.6.1 had 7:0:5 # ub_callback_t typedef renamed to ub_callback_type
84 # 1.8.0 had 8:0:0 # changes the event callback function signature
88 # 1.9.0 had 9:0:1 # add ub_ctx_set_tls
113 # Current -- the number of the binary API that we're implementing
114 # Revision -- which iteration of the implementation of the binary
115 # API are we supplying?
116 # Age -- How many previous binary API versions do we also
119 # If we release a new version that does not change the binary API,
120 # increment Revision.
122 # If we release a new version that changes the binary API, but does
123 # not break programs compiled against the old binary API, increment
124 # Current and Age. Set Revision to 0, since this is the first
125 # implementation of the new API.
127 # Otherwise, we're changing the binary API and breaking backward
128 # compatibility with old binaries. Increment Current. Set Age to 0,
129 # since we're backward compatible with no previous APIs. Set Revision
131 AC_SUBST(LIBUNBOUND_CURRENT)
132 AC_SUBST(LIBUNBOUND_REVISION)
133 AC_SUBST(LIBUNBOUND_AGE)
136 cmdln="`echo $@ | sed -e 's/\\\\/\\\\\\\\/g' | sed -e 's/"/\\\\"/'g`"
137 AC_DEFINE_UNQUOTED(CONFCMDLINE, ["$cmdln"], [Command line arguments used with configure])
140 AC_USE_SYSTEM_EXTENSIONS
141 if test "$ac_cv_header_minix_config_h" = "yes"; then
142 AC_DEFINE(_NETBSD_SOURCE,1, [Enable for compile on Minix])
146 dnl By default set prefix to /usr/local
153 case "$exec_prefix" in
155 exec_prefix="$prefix"
160 if uname -s 2>&1 | grep MINGW >/dev/null; then on_mingw="yes"
162 if echo $host | grep mingw >/dev/null; then on_mingw="yes"
163 else on_mingw="no"; fi
167 # Determine configuration file
168 # the eval is to evaluate shell expansion twice
169 UNBOUND_SBIN_DIR=`eval echo "${sbindir}"`
170 AC_SUBST(UNBOUND_SBIN_DIR)
171 UNBOUND_SYSCONF_DIR=`eval echo "${sysconfdir}"`
172 AC_SUBST(UNBOUND_SYSCONF_DIR)
173 UNBOUND_LOCALSTATE_DIR=`eval echo "${localstatedir}"`
174 AC_SUBST(UNBOUND_LOCALSTATE_DIR)
175 if test $on_mingw = "no"; then
176 ub_conf_file=`eval echo "${sysconfdir}/unbound/unbound.conf"`
178 ub_conf_file="C:\\Program Files\\Unbound\\service.conf"
180 AC_ARG_WITH([conf_file],
181 AS_HELP_STRING([--with-conf-file=path],[Pathname to the Unbound configuration file]),
182 [ub_conf_file="$withval"])
183 AC_SUBST(ub_conf_file)
184 ACX_ESCAPE_BACKSLASH($ub_conf_file, hdr_config)
185 AC_DEFINE_UNQUOTED(CONFIGFILE, ["$hdr_config"], [Pathname to the Unbound configuration file])
186 ub_conf_dir=`AS_DIRNAME(["$ub_conf_file"])`
187 AC_SUBST(ub_conf_dir)
189 # Determine run, chroot directory and pidfile locations
191 AS_HELP_STRING([--with-run-dir=path],[set default directory to chdir to (by default dir part of cfg file)]),
192 UNBOUND_RUN_DIR="$withval",
193 if test $on_mingw = no; then
194 UNBOUND_RUN_DIR=`dirname "$ub_conf_file"`
199 AC_SUBST(UNBOUND_RUN_DIR)
200 ACX_ESCAPE_BACKSLASH($UNBOUND_RUN_DIR, hdr_run)
201 AC_DEFINE_UNQUOTED(RUN_DIR, ["$hdr_run"], [Directory to chdir to])
203 AC_ARG_WITH(chroot-dir,
204 AS_HELP_STRING([--with-chroot-dir=path],[set default directory to chroot to (by default same as run-dir)]),
205 UNBOUND_CHROOT_DIR="$withval",
206 if test $on_mingw = no; then
207 UNBOUND_CHROOT_DIR="$UNBOUND_RUN_DIR"
209 UNBOUND_CHROOT_DIR=""
212 AC_SUBST(UNBOUND_CHROOT_DIR)
213 ACX_ESCAPE_BACKSLASH($UNBOUND_CHROOT_DIR, hdr_chroot)
214 AC_DEFINE_UNQUOTED(CHROOT_DIR, ["$hdr_chroot"], [Directory to chroot to])
216 AC_ARG_WITH(share-dir,
217 AS_HELP_STRING([--with-share-dir=path],[set default directory with shared data (by default same as share/unbound)]),
218 UNBOUND_SHARE_DIR="$withval",
219 UNBOUND_SHARE_DIR="$UNBOUND_RUN_DIR")
220 AC_SUBST(UNBOUND_SHARE_DIR)
221 AC_DEFINE_UNQUOTED(SHARE_DIR, ["$UNBOUND_SHARE_DIR"], [Shared data])
224 AS_HELP_STRING([--with-pidfile=filename],[set default pathname to unbound pidfile (default run-dir/unbound.pid)]),
225 UNBOUND_PIDFILE="$withval",
226 if test $on_mingw = no; then
227 UNBOUND_PIDFILE="$UNBOUND_RUN_DIR/unbound.pid"
232 AC_SUBST(UNBOUND_PIDFILE)
233 ACX_ESCAPE_BACKSLASH($UNBOUND_PIDFILE, hdr_pid)
234 AC_DEFINE_UNQUOTED(PIDFILE, ["$hdr_pid"], [default pidfile location])
236 AC_ARG_WITH(rootkey-file,
237 AS_HELP_STRING([--with-rootkey-file=filename],[set default pathname to root key file (default run-dir/root.key). This file is read and written.]),
238 UNBOUND_ROOTKEY_FILE="$withval",
239 if test $on_mingw = no; then
240 UNBOUND_ROOTKEY_FILE="$UNBOUND_RUN_DIR/root.key"
242 UNBOUND_ROOTKEY_FILE="C:\\Program Files\\Unbound\\root.key"
245 AC_SUBST(UNBOUND_ROOTKEY_FILE)
246 ACX_ESCAPE_BACKSLASH($UNBOUND_ROOTKEY_FILE, hdr_rkey)
247 AC_DEFINE_UNQUOTED(ROOT_ANCHOR_FILE, ["$hdr_rkey"], [default rootkey location])
249 AC_ARG_WITH(rootcert-file,
250 AS_HELP_STRING([--with-rootcert-file=filename],[set default pathname to root update certificate file (default run-dir/icannbundle.pem). This file need not exist if you are content with the builtin.]),
251 UNBOUND_ROOTCERT_FILE="$withval",
252 if test $on_mingw = no; then
253 UNBOUND_ROOTCERT_FILE="$UNBOUND_RUN_DIR/icannbundle.pem"
255 UNBOUND_ROOTCERT_FILE="C:\\Program Files\\Unbound\\icannbundle.pem"
258 AC_SUBST(UNBOUND_ROOTCERT_FILE)
259 ACX_ESCAPE_BACKSLASH($UNBOUND_ROOTCERT_FILE, hdr_rpem)
260 AC_DEFINE_UNQUOTED(ROOT_CERT_FILE, ["$hdr_rpem"], [default rootcert location])
262 AC_ARG_WITH(username,
263 AS_HELP_STRING([--with-username=user],[set default user that unbound changes to (default user is unbound)]),
264 UNBOUND_USERNAME="$withval",
265 UNBOUND_USERNAME="unbound")
266 AC_SUBST(UNBOUND_USERNAME)
267 AC_DEFINE_UNQUOTED(UB_USERNAME, ["$UNBOUND_USERNAME"], [default username])
269 AC_DEFINE(WINVER, 0x0502, [the version of the windows API enabled])
270 ACX_RSRC_VERSION(wnvs)
271 AC_DEFINE_UNQUOTED(RSRC_PACKAGE_VERSION, [$wnvs], [version number for resource files])
273 # Checks for typedefs, structures, and compiler characteristics.
276 # allow user to override the -g -O2 flags.
278 if test "x$CFLAGS" = "x" ; then
279 ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="$CFLAGS -g"])
280 ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="$CFLAGS -O2"])
283 m4_version_prereq([2.70], [AC_PROG_CC], [AC_PROG_CC_STDC])
285 ACX_DETERMINE_EXT_FLAGS_UNBOUND
287 # debug mode flags warnings
288 AC_ARG_ENABLE(checking, AS_HELP_STRING([--enable-checking],[Enable warnings, asserts, makefile-dependencies]))
289 AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug],[same as enable-checking]))
290 if test "$enable_debug" = "yes"; then debug_enabled="$enable_debug";
291 else debug_enabled="$enable_checking"; fi
292 AC_SUBST(debug_enabled)
293 case "$debug_enabled" in
295 ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="$CFLAGS -W"])
296 ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="$CFLAGS -Wall"])
297 ACX_CHECK_COMPILER_FLAG(Wextra, [CFLAGS="$CFLAGS -Wextra"])
298 ACX_CHECK_COMPILER_FLAG(Wdeclaration-after-statement, [CFLAGS="$CFLAGS -Wdeclaration-after-statement"])
299 AC_DEFINE([UNBOUND_DEBUG], [], [define this to enable debug checks.])
305 if test "$default_cflags" = "yes"; then
306 # only when CFLAGS was "" at the start, if the users wants to
307 # override we shouldn't add default cflags, because they wouldn't
308 # be able to turn off these options and set the CFLAGS wanted.
315 ACX_CHECK_FORMAT_ATTRIBUTE
316 ACX_CHECK_UNUSED_ATTRIBUTE
318 AC_DEFUN([CHECK_WEAK_ATTRIBUTE],
319 [AC_REQUIRE([AC_PROG_CC])
320 AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "weak" attribute)
321 AC_CACHE_VAL(ac_cv_c_weak_attribute,
322 [ac_cv_c_weak_attribute=no
323 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h>
324 __attribute__((weak)) void f(int x) { printf("%d", x); }
327 ]])],[ac_cv_c_weak_attribute="yes"],[ac_cv_c_weak_attribute="no"])
330 AC_MSG_RESULT($ac_cv_c_weak_attribute)
331 if test $ac_cv_c_weak_attribute = yes; then
332 AC_DEFINE(HAVE_ATTR_WEAK, 1, [Whether the C compiler accepts the "weak" attribute])
333 AC_DEFINE(ATTR_WEAK, [__attribute__((weak))], [apply the weak attribute to a symbol])
335 ])dnl End of CHECK_WEAK_ATTRIBUTE
339 AC_DEFUN([CHECK_NORETURN_ATTRIBUTE],
340 [AC_REQUIRE([AC_PROG_CC])
341 AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "noreturn" attribute)
342 AC_CACHE_VAL(ac_cv_c_noreturn_attribute,
343 [ac_cv_c_noreturn_attribute=no
344 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h>
345 __attribute__((noreturn)) void f(int x) { printf("%d", x); }
348 ]])],[ac_cv_c_noreturn_attribute="yes"],[ac_cv_c_noreturn_attribute="no"])
351 AC_MSG_RESULT($ac_cv_c_noreturn_attribute)
352 if test $ac_cv_c_noreturn_attribute = yes; then
353 AC_DEFINE(HAVE_ATTR_NORETURN, 1, [Whether the C compiler accepts the "noreturn" attribute])
354 AC_DEFINE(ATTR_NORETURN, [__attribute__((__noreturn__))], [apply the noreturn attribute to a function that exits the program])
356 ])dnl End of CHECK_NORETURN_ATTRIBUTE
358 CHECK_NORETURN_ATTRIBUTE
360 if test "$srcdir" != "."; then
361 CPPFLAGS="$CPPFLAGS -I$srcdir"
364 AC_DEFUN([ACX_YYLEX_DESTROY], [
365 AC_MSG_CHECKING([for yylex_destroy])
366 if echo %% | $LEX -t 2>&1 | grep yylex_destroy >/dev/null 2>&1; then
367 AC_DEFINE(LEX_HAS_YYLEX_DESTROY, 1, [if lex has yylex_destroy])
369 else AC_MSG_RESULT(no);
374 AC_DEFUN([ACX_YYLEX_OPTION], [
375 AC_MSG_CHECKING([for lex %option])
376 if cat <<EOF | $LEX -t 2>&1 | grep yy_delete_buffer >/dev/null 2>&1; then
381 else AC_MSG_RESULT(no);
386 AC_PROG_LEX([noyywrap])
387 if test "$LEX" != "" -a "$LEX" != ":"; then
390 if test "$LEX" != "" -a "$LEX" != ":"; then
393 if test "$LEX" = "" -o "$LEX" = ":"; then
394 if test ! -f util/configlexer.c; then
395 AC_MSG_ERROR([no lex and no util/configlexer.c: need flex and bison to compile from source repository.])
399 if test "$YACC" = "" -o "$YACC" = ":"; then
400 if test ! -f util/configparser.c; then
401 AC_MSG_ERROR([no yacc and no util/configparser.c: need flex and bison to compile from source repository.])
404 AC_CHECK_PROG(doxygen, doxygen, doxygen)
405 AC_CHECK_TOOL(STRIP, strip)
408 # pkg-config is only needed for these options, do not require it otherwise
409 if test "$enable_systemd" = "yes" -o "$with_pyunbound" = "yes" -o "$with_pythonmod" = "yes"; then
413 # Checks for header files.
414 AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/select.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h ifaddrs.h poll.h],,, [AC_INCLUDES_DEFAULT])
415 # net/if.h portability for Darwin see:
416 # https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Header-Portability.html
417 AC_CHECK_HEADERS([net/if.h],,, [
423 # ifdef HAVE_STDLIB_H
427 #ifdef HAVE_SYS_SOCKET_H
428 # include <sys/socket.h>
432 # Check for Apple header. This uncovers TARGET_OS_IPHONE, TARGET_OS_TV or TARGET_OS_WATCH
433 AC_CHECK_HEADERS([TargetConditionals.h],,, [AC_INCLUDES_DEFAULT])
434 AC_CHECK_HEADERS([netioapi.h],,, [AC_INCLUDES_DEFAULT
436 #include <sys/param.h>
439 #ifdef HAVE_SYS_SOCKET_H
440 #include <sys/socket.h>
443 #ifdef HAVE_SYS_UIO_H
447 #ifdef HAVE_NETINET_IN_H
448 #include <netinet/in.h>
451 #ifdef HAVE_NETINET_TCP_H
452 #include <netinet/tcp.h>
455 #ifdef HAVE_ARPA_INET_H
456 #include <arpa/inet.h>
459 #ifdef HAVE_WINSOCK2_H
460 #include <winsock2.h>
463 #ifdef HAVE_WS2TCPIP_H
464 #include <ws2tcpip.h>
468 # Check for Linux timestamping headers
469 AC_CHECK_HEADERS([linux/net_tstamp.h],,, [AC_INCLUDES_DEFAULT])
472 # Using own tests for int64* because autoconf builtin only give 32bit.
473 AC_CHECK_TYPE(int8_t, signed char)
474 AC_CHECK_TYPE(int16_t, short)
475 AC_CHECK_TYPE(int32_t, int)
476 AC_CHECK_TYPE(int64_t, long long)
477 AC_CHECK_TYPE(uint8_t, unsigned char)
478 AC_CHECK_TYPE(uint16_t, unsigned short)
479 AC_CHECK_TYPE(uint32_t, unsigned int)
480 AC_CHECK_TYPE(uint64_t, unsigned long long)
482 AC_CHECK_TYPE(ssize_t, int)
491 ACX_CHECK_MEMCMP_SIGNED
493 AC_CHECK_SIZEOF(time_t,,[
495 #ifdef TIME_WITH_SYS_TIME
496 # include <sys/time.h>
499 # ifdef HAVE_SYS_TIME_H
500 # include <sys/time.h>
506 AC_CHECK_SIZEOF(size_t)
508 # add option to disable the evil rpath
510 AC_SUBST(RUNTIME_PATH)
512 # check to see if libraries are needed for these functions.
513 AC_SEARCH_LIBS([inet_pton], [nsl])
514 AC_SEARCH_LIBS([socket], [socket])
516 # check whether strptime also works
517 AC_DEFUN([AC_CHECK_STRPTIME_WORKS],
518 [AC_REQUIRE([AC_PROG_CC])
519 AC_MSG_CHECKING(whether strptime works)
520 if test c${cross_compiling} = cno; then
521 AC_RUN_IFELSE([AC_LANG_SOURCE([[
522 #define _XOPEN_SOURCE 600
524 int main(void) { struct tm tm; char *res;
525 res = strptime("2010-07-15T00:00:00+00:00", "%t%Y%t-%t%m%t-%t%d%tT%t%H%t:%t%M%t:%t%S%t", &tm);
527 res = strptime("20070207111842", "%Y%m%d%H%M%S", &tm);
528 if (!res) return 1; return 0; }
529 ]])] , [eval "ac_cv_c_strptime_works=yes"], [eval "ac_cv_c_strptime_works=no"],
530 [eval "ac_cv_c_strptime_works=maybe"])
532 eval "ac_cv_c_strptime_works=maybe"
534 AC_MSG_RESULT($ac_cv_c_strptime_works)
535 if test $ac_cv_c_strptime_works = no; then
538 AC_DEFINE_UNQUOTED([STRPTIME_WORKS], 1, [use default strptime.])
542 # check some functions of the OS before linking libs (while still runnable).
545 AC_DEFINE(RETSIGTYPE,void,[Return type of signal handlers, but autoconf 2.70 says 'your code may safely assume C89 semantics that RETSIGTYPE is void.'])
548 ACX_CHECK_NONBLOCKING_BROKEN
550 AC_CHECK_FUNCS([strptime],[AC_CHECK_STRPTIME_WORKS],[AC_LIBOBJ([strptime])])
552 # check if we can use SO_REUSEPORT
554 if echo "$host" | $GREP -i -e linux >/dev/null; then reuseport_default=1; fi
555 if echo "$host" | $GREP -i -e dragonfly >/dev/null; then reuseport_default=1; fi
556 if test "$reuseport_default" = 1; then
557 AC_DEFINE(REUSEPORT_DEFAULT, 1, [if REUSEPORT is enabled by default])
559 AC_DEFINE(REUSEPORT_DEFAULT, 0, [if REUSEPORT is enabled by default])
562 # Include systemd.m4 - begin
564 # Include systemd.m4 - end
566 # set memory allocation checking if requested
567 AC_ARG_ENABLE(alloc-checks, AS_HELP_STRING([--enable-alloc-checks],[ enable to memory allocation statistics, for debug purposes ]),
569 AC_ARG_ENABLE(alloc-lite, AS_HELP_STRING([--enable-alloc-lite],[ enable for lightweight alloc assertions, for debug purposes ]),
571 AC_ARG_ENABLE(alloc-nonregional, AS_HELP_STRING([--enable-alloc-nonregional],[ enable nonregional allocs, slow but exposes regional allocations to other memory purifiers, for debug purposes ]),
573 if test x_$enable_alloc_nonregional = x_yes; then
574 AC_DEFINE(UNBOUND_ALLOC_NONREGIONAL, 1, [use malloc not regions, for debug use])
576 if test x_$enable_alloc_checks = x_yes; then
577 AC_DEFINE(UNBOUND_ALLOC_STATS, 1, [use statistics for allocs and frees, for debug use])
578 SLDNS_ALLOCCHECK_EXTRA_OBJ="alloc.lo log.lo"
579 AC_SUBST(SLDNS_ALLOCCHECK_EXTRA_OBJ)
580 ASYNCLOOK_ALLOCCHECK_EXTRA_OBJ="alloc.lo"
581 AC_SUBST(ASYNCLOOK_ALLOCCHECK_EXTRA_OBJ)
583 if test x_$enable_alloc_lite = x_yes; then
584 AC_DEFINE(UNBOUND_ALLOC_LITE, 1, [use to enable lightweight alloc assertions, for debug use])
586 ACX_FUNC_MALLOC([unbound])
590 # check windows threads (we use them, not pthreads, on windows).
591 if test "$on_mingw" = "yes"; then
592 # check windows threads
593 AC_CHECK_HEADERS([windows.h],,, [AC_INCLUDES_DEFAULT])
594 AC_MSG_CHECKING([for CreateThread])
595 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
596 #ifdef HAVE_WINDOWS_H
600 HANDLE t = CreateThread(NULL, 0, NULL, NULL, 0, NULL);
603 AC_DEFINE(HAVE_WINDOWS_THREADS, 1, [Using Windows threads])
609 # not on mingw, check thread libraries.
611 # check for thread library.
612 # check this first, so that the pthread lib does not get linked in via
613 # libssl or libpython, and thus distorts the tests, and we end up using
614 # the non-threadsafe C libraries.
615 AC_ARG_WITH(pthreads, AS_HELP_STRING([--with-pthreads],[use pthreads library, or --without-pthreads to disable threading support.]),
616 [ ],[ withval="yes" ])
618 if test x_$withval != x_no; then
620 AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX threads libraries and header files.])
621 if test -n "$PTHREAD_LIBS"; then
622 LIBS="$PTHREAD_LIBS $LIBS"
624 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
627 AC_CHECK_TYPES([pthread_spinlock_t, pthread_rwlock_t],,,[#include <pthread.h>])
628 AC_CHECK_SIZEOF([unsigned long])
629 AC_CHECK_SIZEOF(pthread_t)
631 if echo "$CFLAGS" | $GREP -e "-pthread" >/dev/null; then
632 AC_MSG_CHECKING([if -pthread unused during linking])
633 # catch clang warning 'argument unused during compilation'
634 AC_LANG_CONFTEST([AC_LANG_SOURCE(AC_INCLUDES_DEFAULT
636 int main(void) {return 0;}
640 echo "$CC $CFLAGS -c conftest.c -o conftest.o" >&AS_MESSAGE_LOG_FD
641 $CC $CFLAGS -c conftest.c -o conftest.o 2>&AS_MESSAGE_LOG_FD >&AS_MESSAGE_LOG_FD
644 echo "$CC $CFLAGS -Werror $LDFLAGS $LIBS -o conftest contest.o" >&AS_MESSAGE_LOG_FD
645 $CC $CFLAGS -Werror $LDFLAGS $LIBS -o conftest conftest.o 2>&AS_MESSAGE_LOG_FD >&AS_MESSAGE_LOG_FD
646 if test $? -ne 0; then
648 CFLAGS=`echo "$CFLAGS" | sed -e 's/-pthread//'`
649 PTHREAD_CFLAGS_ONLY="-pthread"
650 AC_SUBST(PTHREAD_CFLAGS_ONLY)
656 fi # endif cc successful
657 rm -f conftest conftest.c conftest.o
658 fi # endif -pthread in CFLAGS
663 # check solaris thread library
664 AC_ARG_WITH(solaris-threads, AS_HELP_STRING([--with-solaris-threads],[use solaris native thread library.]), [ ],[ withval="no" ])
665 ub_have_sol_threads=no
666 if test x_$withval != x_no; then
667 if test x_$ub_have_pthreads != x_no; then
668 AC_MSG_WARN([Have pthreads already, ignoring --with-solaris-threads])
670 AC_SEARCH_LIBS(thr_create, [thread],
672 AC_DEFINE(HAVE_SOLARIS_THREADS, 1, [Using Solaris threads])
674 ACX_CHECK_COMPILER_FLAG(mt, [CFLAGS="$CFLAGS -mt"],
675 [CFLAGS="$CFLAGS -D_REENTRANT"])
676 ub_have_sol_threads=yes
678 AC_MSG_ERROR([no solaris threads found.])
683 fi # end of non-mingw check of thread libraries
685 # Check for SYSLOG_FACILITY
686 AC_ARG_WITH(syslog-facility, AS_HELP_STRING([--with-syslog-facility=LOCAL0 - LOCAL7],[ set SYSLOG_FACILITY, default DAEMON ]),
687 [ UNBOUND_SYSLOG_FACILITY="$withval" ], [])
688 case "${UNBOUND_SYSLOG_FACILITY}" in
690 LOCAL[[0-7]]) UNBOUND_SYSLOG_FACILITY="LOG_${UNBOUND_SYSLOG_FACILITY}" ;;
692 *) UNBOUND_SYSLOG_FACILITY="LOG_DAEMON" ;;
695 AC_DEFINE_UNQUOTED(UB_SYSLOG_FACILITY,${UNBOUND_SYSLOG_FACILITY},[the SYSLOG_FACILITY to use, default LOG_DAEMON])
697 # Check for dynamic library module
698 AC_ARG_WITH(dynlibmodule,
699 AS_HELP_STRING([--with-dynlibmodule],[build dynamic library module, or --without-dynlibmodule to disable it. (default=no)]),
700 [], [ withval="no" ])
702 if test x_$withval != x_no; then
703 AC_DEFINE(WITH_DYNLIBMODULE, 1, [Define if you want dynlib module.])
704 WITH_DYNLIBMODULE=yes
705 AC_SUBST(WITH_DYNLIBMODULE)
706 DYNLIBMOD_OBJ="dynlibmod.lo"
707 AC_SUBST(DYNLIBMOD_OBJ)
708 DYNLIBMOD_HEADER='$(srcdir)/dynlibmod/dynlibmod.h'
709 AC_SUBST(DYNLIBMOD_HEADER)
710 if test $on_mingw = "no"; then
711 # link with -ldl if not already there, for all executables because
712 # dlopen call is in the dynlib module. For unbound executable, also
714 AC_SEARCH_LIBS([dlopen], [dl])
715 DYNLIBMOD_EXTRALIBS="-export-dynamic"
717 DYNLIBMOD_EXTRALIBS="-Wl,--export-all-symbols,--out-implib,libunbound.dll.a"
719 AC_SUBST(DYNLIBMOD_EXTRALIBS)
722 # Check for PyUnbound
723 AC_ARG_WITH(pyunbound,
724 AS_HELP_STRING([--with-pyunbound],[build PyUnbound, or --without-pyunbound to skip it. (default=no)]),
725 [], [ withval="no" ])
729 if test x_$withval != x_no; then
730 ub_with_pyunbound=yes
734 # Check for Python module
735 AC_ARG_WITH(pythonmodule,
736 AS_HELP_STRING([--with-pythonmodule],[build Python module, or --without-pythonmodule to disable script engine. (default=no)]),
737 [], [ withval="no" ])
740 if test x_$withval != x_no; then
741 ub_with_pythonmod=yes
745 # Check for Python & SWIG only on PyUnbound or PyModule
746 if test x_$ub_test_python != x_no; then
750 ac_save_LIBS="$LIBS" dnl otherwise AC_PYTHON_DEVEL thrashes $LIBS
752 if test ! -z "$PYTHON_VERSION"; then
754 if test "$PYTHON_VERSION_MAJOR" -lt 2; then
757 if test "$PYTHON_VERSION_MAJOR" -eq 2 -a "$PYTHON_VERSION_MINOR" -lt 4; then
760 if test "$badversion" = "yes"; then
761 AC_MSG_ERROR([Python version >= 2.4.0 is required])
764 [PY_MAJOR_VERSION="`$PYTHON -c \"import sys; print(sys.version_info[0])\"`"]
765 AC_SUBST(PY_MAJOR_VERSION)
767 AC_DEFINE(HAVE_PYTHON,1,[Define if you have Python libraries and header files.])
768 if test x_$ub_with_pythonmod != x_no; then
769 if test -n "$LIBS"; then
770 LIBS="$PYTHON_LDFLAGS $LIBS"
772 LIBS="$PYTHON_LDFLAGS"
775 PYTHON_LIBS="$PYTHON_LDFLAGS"
776 AC_SUBST(PYTHON_LIBS)
777 if test -n "$CPPFLAGS"; then
778 CPPFLAGS="$CPPFLAGS $PYTHON_CPPFLAGS"
780 CPPFLAGS="$PYTHON_CPPFLAGS"
782 if test "$PYTHON_LIBDIR" != "/usr/lib" -a "$PYTHON_LIBDIR" != "" -a "$PYTHON_LIBDIR" != "/usr/lib64"; then
783 ACX_RUNTIME_PATH_ADD([$PYTHON_LIBDIR])
786 PKG_CHECK_EXISTS(["python${PY_MAJOR_VERSION}"],
787 [PC_PY_DEPENDENCY="python${PY_MAJOR_VERSION}"],
788 [PC_PY_DEPENDENCY="python"])
789 AC_SUBST(PC_PY_DEPENDENCY)
793 AC_ARG_ENABLE(swig-version-check, AS_HELP_STRING([--disable-swig-version-check],[Disable swig version check to build python modules with older swig even though that is unreliable]))
794 if test "$enable_swig_version_check" = "yes"; then
799 AC_MSG_CHECKING(SWIG)
800 if test ! -x "$SWIG"; then
801 AC_MSG_ERROR([failed to find swig tool, install it, or do not build Python module and PyUnbound])
803 AC_DEFINE(HAVE_SWIG, 1, [Define if you have Swig libraries and header files.])
804 AC_SUBST(swig, "$SWIG")
805 AC_MSG_RESULT(present)
807 # If have Python & SWIG
809 if test x_$ub_with_pythonmod != x_no; then
810 AC_DEFINE(WITH_PYTHONMODULE, 1, [Define if you want Python module.])
811 WITH_PYTHONMODULE=yes
812 AC_SUBST(WITH_PYTHONMODULE)
813 PYTHONMOD_OBJ="pythonmod.lo pythonmod_utils.lo"
814 AC_SUBST(PYTHONMOD_OBJ)
815 PYTHONMOD_HEADER='$(srcdir)/pythonmod/pythonmod.h'
816 AC_SUBST(PYTHONMOD_HEADER)
817 PYTHONMOD_INSTALL=pythonmod-install
818 AC_SUBST(PYTHONMOD_INSTALL)
819 PYTHONMOD_UNINSTALL=pythonmod-uninstall
820 AC_SUBST(PYTHONMOD_UNINSTALL)
824 if test x_$ub_with_pyunbound != x_no; then
825 AC_DEFINE(WITH_PYUNBOUND, 1, [Define if you want PyUnbound.])
827 AC_SUBST(WITH_PYUNBOUND)
828 PYUNBOUND_OBJ="libunbound_wrap.lo"
829 AC_SUBST(PYUNBOUND_OBJ)
830 PYUNBOUND_TARGET="_unbound.la"
831 AC_SUBST(PYUNBOUND_TARGET)
832 PYUNBOUND_INSTALL=pyunbound-install
833 AC_SUBST(PYUNBOUND_INSTALL)
834 PYUNBOUND_UNINSTALL=pyunbound-uninstall
835 AC_SUBST(PYUNBOUND_UNINSTALL)
839 AC_MSG_RESULT([*** Python libraries not found, won't build PythonMod or PyUnbound ***])
845 if test "`uname`" = "NetBSD"; then
846 NETBSD_LINTFLAGS='"-D__RENAME(x)=" -D_NETINET_IN_H_'
847 AC_SUBST(NETBSD_LINTFLAGS)
850 if test "`uname`" = "Linux"; then
851 # splint cannot parse modern c99 header files
852 GCC_DOCKER_LINTFLAGS='-syntax'
853 AC_SUBST(GCC_DOCKER_LINTFLAGS)
855 CONFIG_DATE=`date +%Y%m%d`
856 AC_SUBST(CONFIG_DATE)
858 # Checks for libraries.
862 AC_ARG_WITH([nss], AS_HELP_STRING([--with-nss=path],[use libnss instead of openssl, installed at path.]),
865 AC_DEFINE(HAVE_NSS, 1, [Use libnss for crypto])
866 if test "$withval" != "" -a "$withval" != "yes"; then
867 CPPFLAGS="$CPPFLAGS -I$withval/include/nss3"
868 LDFLAGS="$LDFLAGS -L$withval/lib"
869 ACX_RUNTIME_PATH_ADD([$withval/lib])
870 CPPFLAGS="-I$withval/include/nspr4 $CPPFLAGS"
872 CPPFLAGS="$CPPFLAGS -I/usr/include/nss3"
873 CPPFLAGS="-I/usr/include/nspr4 $CPPFLAGS"
875 LIBS="$LIBS -lnss3 -lnspr4"
877 PC_CRYPTO_DEPENDENCY="nss nspr"
878 AC_SUBST(PC_CRYPTO_DEPENDENCY)
884 AC_ARG_WITH([nettle], AS_HELP_STRING([--with-nettle=path],[use libnettle as crypto library, installed at path.]),
887 AC_DEFINE(HAVE_NETTLE, 1, [Use libnettle for crypto])
888 AC_CHECK_HEADERS([nettle/dsa-compat.h],,, [AC_INCLUDES_DEFAULT])
889 if test "$withval" != "" -a "$withval" != "yes"; then
890 CPPFLAGS="$CPPFLAGS -I$withval/include/nettle"
891 LDFLAGS="$LDFLAGS -L$withval/lib"
892 ACX_RUNTIME_PATH_ADD([$withval/lib])
894 CPPFLAGS="$CPPFLAGS -I/usr/include/nettle"
896 LIBS="$LIBS -lhogweed -lnettle -lgmp"
898 PC_CRYPTO_DEPENDENCY="hogweed nettle"
899 AC_SUBST(PC_CRYPTO_DEPENDENCY)
904 if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
909 PC_CRYPTO_DEPENDENCY=""
910 AC_SUBST(PC_CRYPTO_DEPENDENCY)
912 # check if -lcrypt32 is needed because CAPIENG needs that. (on windows)
915 AC_MSG_CHECKING([if libssl needs -lcrypt32])
916 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
917 int EVP_sha256(void);
925 LIBS="$LIBS -lcrypt32"
928 AC_MSG_CHECKING([for LibreSSL])
929 if grep VERSION_TEXT $ssldir_include/openssl/opensslv.h | grep "LibreSSL" >/dev/null; then
931 AC_DEFINE([HAVE_LIBRESSL], [1], [Define if we have LibreSSL])
932 # libressl provides these compat functions, but they may also be
933 # declared by the OS in libc. See if they have been declared.
934 AC_CHECK_DECLS([strlcpy,strlcat,arc4random,arc4random_uniform])
938 AC_CHECK_HEADERS([openssl/conf.h openssl/engine.h openssl/bn.h openssl/dh.h openssl/dsa.h openssl/rsa.h openssl/core_names.h openssl/param_build.h],,, [AC_INCLUDES_DEFAULT])
939 AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_default_properties_is_fips_enabled EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new BIO_set_callback_ex])
941 # these check_funcs need -lssl
944 AC_CHECK_FUNCS([OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb SSL_CTX_set_alpn_select_cb SSL_get0_alpn_selected SSL_CTX_set_alpn_protos SSL_get1_peer_certificate])
947 AC_CHECK_DECLS([SSL_COMP_get_compression_methods,sk_SSL_COMP_pop_free,SSL_CTX_set_ecdh_auto], [], [], [
949 #ifdef HAVE_OPENSSL_ERR_H
950 #include <openssl/err.h>
953 #ifdef HAVE_OPENSSL_RAND_H
954 #include <openssl/rand.h>
957 #ifdef HAVE_OPENSSL_CONF_H
958 #include <openssl/conf.h>
961 #ifdef HAVE_OPENSSL_ENGINE_H
962 #include <openssl/engine.h>
964 #include <openssl/ssl.h>
965 #include <openssl/evp.h>
968 if test "$ac_cv_func_HMAC_Init_ex" = "yes"; then
969 # check function return type.
970 AC_MSG_CHECKING(the return type of HMAC_Init_ex)
971 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
972 #ifdef HAVE_OPENSSL_ERR_H
973 #include <openssl/err.h>
976 #ifdef HAVE_OPENSSL_RAND_H
977 #include <openssl/rand.h>
980 #ifdef HAVE_OPENSSL_CONF_H
981 #include <openssl/conf.h>
984 #ifdef HAVE_OPENSSL_ENGINE_H
985 #include <openssl/engine.h>
987 #include <openssl/ssl.h>
988 #include <openssl/evp.h>
990 HMAC_CTX* hmac_ctx = NULL;
991 void* hmac_key = NULL;
992 const EVP_MD* digest = NULL;
993 int x = HMAC_Init_ex(hmac_ctx, hmac_key, 32, digest, NULL);
999 AC_DEFINE([HMAC_INIT_EX_RETURNS_VOID], 1, [If HMAC_Init_ex() returns void])
1007 AC_ARG_WITH([libbsd], AS_HELP_STRING([--with-libbsd],[Use portable libbsd functions]), [
1008 AC_CHECK_HEADERS([bsd/string.h bsd/stdlib.h],,, [AC_INCLUDES_DEFAULT])
1009 if test "x$ac_cv_header_bsd_string_h" = xyes -a "x$ac_cv_header_bsd_stdlib_h" = xyes; then
1010 for func in strlcpy strlcat arc4random arc4random_uniform reallocarray; do
1011 AC_SEARCH_LIBS([$func], [bsd], [
1012 AC_DEFINE(HAVE_LIBBSD, 1, [Use portable libbsd functions])
1013 PC_LIBBSD_DEPENDENCY=libbsd
1014 AC_SUBST(PC_LIBBSD_DEPENDENCY)
1020 AC_ARG_ENABLE(sha1, AS_HELP_STRING([--disable-sha1],[Disable SHA1 RRSIG support, does not disable nsec3 support]))
1021 case "$enable_sha1" in
1025 AC_DEFINE([USE_SHA1], [1], [Define this to enable SHA1 support.])
1030 AC_ARG_ENABLE(sha2, AS_HELP_STRING([--disable-sha2],[Disable SHA256 and SHA512 RRSIG support]))
1031 case "$enable_sha2" in
1035 AC_DEFINE([USE_SHA2], [1], [Define this to enable SHA256 and SHA512 support.])
1039 AC_ARG_ENABLE(subnet, AS_HELP_STRING([--enable-subnet],[Enable client subnet]))
1040 case "$enable_subnet" in
1042 AC_DEFINE([CLIENT_SUBNET], [1], [Define this to enable client subnet option.])
1043 SUBNET_OBJ="edns-subnet.lo subnetmod.lo addrtree.lo subnet-whitelist.lo"
1044 AC_SUBST(SUBNET_OBJ)
1045 SUBNET_HEADER='$(srcdir)/edns-subnet/subnetmod.h $(srcdir)/edns-subnet/edns-subnet.h $(srcdir)/edns-subnet/subnet-whitelist.h $(srcdir)/edns-subnet/addrtree.h'
1046 AC_SUBST(SUBNET_HEADER)
1052 # check whether gost also works
1053 AC_DEFUN([AC_CHECK_GOST_WORKS],
1054 [AC_REQUIRE([AC_PROG_CC])
1055 AC_MSG_CHECKING([if GOST works])
1056 if test c${cross_compiling} = cno; then
1058 if test -n "$ssldir"; then
1059 CFLAGS="$CFLAGS -Wl,-rpath,$ssldir_lib"
1061 AC_RUN_IFELSE([AC_LANG_SOURCE([[
1063 #include <openssl/ssl.h>
1064 #include <openssl/evp.h>
1065 #include <openssl/engine.h>
1066 #include <openssl/conf.h>
1067 /* routine to load gost (from sldns) */
1068 int load_gost_id(void)
1070 static int gost_id = 0;
1071 const EVP_PKEY_ASN1_METHOD* meth;
1074 if(gost_id) return gost_id;
1076 /* see if configuration loaded gost implementation from other engine*/
1077 meth = EVP_PKEY_asn1_find_str(NULL, "gost2001", -1);
1079 EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
1083 /* see if engine can be loaded already */
1084 e = ENGINE_by_id("gost");
1086 /* load it ourself, in case statically linked */
1087 ENGINE_load_builtin_engines();
1088 ENGINE_load_dynamic();
1089 e = ENGINE_by_id("gost");
1092 /* no gost engine in openssl */
1095 if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
1101 meth = EVP_PKEY_asn1_find_str(&e, "gost2001", -1);
1103 /* algo not found */
1108 EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
1114 unsigned char digest[64]; /* its a 256-bit digest, so uses 32 bytes */
1115 const char* str = "Hello world";
1116 const unsigned char check[] = {
1117 0x40 , 0xed , 0xf8 , 0x56 , 0x5a , 0xc5 , 0x36 , 0xe1 ,
1118 0x33 , 0x7c , 0x7e , 0x87 , 0x62 , 0x1c , 0x42 , 0xe0 ,
1119 0x17 , 0x1b , 0x5e , 0xce , 0xa8 , 0x46 , 0x65 , 0x4d ,
1120 0x8d , 0x3e , 0x22 , 0x9b , 0xe1 , 0x30 , 0x19 , 0x9d
1122 OPENSSL_config(NULL);
1123 (void)load_gost_id();
1124 md = EVP_get_digestbyname("md_gost94");
1126 memset(digest, 0, sizeof(digest));
1127 ctx = EVP_MD_CTX_create();
1129 if(!EVP_DigestInit_ex(ctx, md, NULL)) return 3;
1130 if(!EVP_DigestUpdate(ctx, str, 10)) return 4;
1131 if(!EVP_DigestFinal_ex(ctx, digest, NULL)) return 5;
1132 /* uncomment to see the hash calculated.
1135 printf(" %2.2x", (int)digest[i]);
1138 if(memcmp(digest, check, sizeof(check)) != 0)
1142 ]])] , [eval "ac_cv_c_gost_works=yes"], [eval "ac_cv_c_gost_works=no"],
1143 [eval "ac_cv_c_gost_works=maybe"])
1146 eval "ac_cv_c_gost_works=maybe"
1148 AC_MSG_RESULT($ac_cv_c_gost_works)
1151 AC_ARG_ENABLE(gost, AS_HELP_STRING([--disable-gost],[Disable GOST support]))
1153 if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
1154 case "$enable_gost" in
1158 AC_CHECK_FUNC(EVP_PKEY_set_type_str, [:],[AC_MSG_ERROR([OpenSSL 1.0.0 is needed for GOST support])])
1159 AC_CHECK_FUNC(EC_KEY_new, [], [AC_MSG_ERROR([OpenSSL does not support ECC, needed for GOST support])])
1161 if test "$ac_cv_c_gost_works" != no; then
1163 AC_DEFINE([USE_GOST], [1], [Define this to enable GOST support.])
1167 fi dnl !USE_NSS && !USE_NETTLE
1169 AC_ARG_ENABLE(ecdsa, AS_HELP_STRING([--disable-ecdsa],[Disable ECDSA support]))
1171 case "$enable_ecdsa" in
1175 if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
1176 AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA: please upgrade or rerun with --disable-ecdsa])])
1177 AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384: please upgrade or rerun with --disable-ecdsa])])
1178 AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curves: please upgrade or rerun with --disable-ecdsa])], [AC_INCLUDES_DEFAULT
1179 #include <openssl/evp.h>
1181 # see if OPENSSL 1.0.0 or later (has EVP MD and Verify independency)
1182 AC_MSG_CHECKING([if openssl supports SHA2 and ECDSA with EVP])
1183 if grep OPENSSL_VERSION_TEXT $ssldir_include/openssl/opensslv.h | grep "OpenSSL" >/dev/null; then
1184 if grep OPENSSL_VERSION_NUMBER $ssldir_include/openssl/opensslv.h | grep 0x0 >/dev/null; then
1186 AC_DEFINE_UNQUOTED([USE_ECDSA_EVP_WORKAROUND], [1], [Define this to enable an EVP workaround for older openssl])
1188 AC_MSG_RESULT([yes])
1191 # not OpenSSL, thus likely LibreSSL, which supports it
1192 AC_MSG_RESULT([yes])
1195 # we now know we have ECDSA and the required curves.
1196 AC_DEFINE_UNQUOTED([USE_ECDSA], [1], [Define this to enable ECDSA support.])
1201 AC_ARG_ENABLE(dsa, AS_HELP_STRING([--disable-dsa],[Disable DSA support]))
1203 case "$enable_dsa" in
1205 # detect if DSA is supported, and turn it off if not.
1206 if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
1207 AC_CHECK_FUNC(DSA_SIG_new, [
1208 AC_CHECK_TYPE(DSA_SIG*, [
1209 AC_DEFINE_UNQUOTED([USE_DSA], [1], [Define this to enable DSA support.])
1210 ], [if test "x$enable_dsa" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support DSA and you used --enable-dsa.])
1213 #ifdef HAVE_OPENSSL_ERR_H
1214 #include <openssl/err.h>
1217 #ifdef HAVE_OPENSSL_RAND_H
1218 #include <openssl/rand.h>
1221 #ifdef HAVE_OPENSSL_CONF_H
1222 #include <openssl/conf.h>
1225 #ifdef HAVE_OPENSSL_ENGINE_H
1226 #include <openssl/engine.h>
1229 ], [if test "x$enable_dsa" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support DSA and you used --enable-dsa.])
1232 AC_DEFINE_UNQUOTED([USE_DSA], [1], [Define this to enable DSA support.])
1236 # disable dsa by default, RFC 8624 section 3.1, validators MUST NOT
1237 # support DSA for DNSSEC Validation.
1241 AC_ARG_WITH(deprecate-rsa-1024, AS_HELP_STRING([--with-deprecate-rsa-1024],[Deprecate RSA 1024 bit length, makes that an unsupported key, for use when OpenSSL FIPS refuses 1024 bit verification]))
1242 if test "$with_deprecate_rsa_1024" = "yes"; then
1243 AC_DEFINE([DEPRECATE_RSA_1024], [1], [Deprecate RSA 1024 bit length, makes that an unsupported key])
1246 AC_ARG_ENABLE(ed25519, AS_HELP_STRING([--disable-ed25519],[Disable ED25519 support]))
1248 case "$enable_ed25519" in
1252 if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
1253 AC_CHECK_DECLS([NID_ED25519], [
1255 ], [ if test "x$enable_ed25519" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED25519 and you used --enable-ed25519.])
1256 fi ], [AC_INCLUDES_DEFAULT
1257 #include <openssl/evp.h>
1260 if test $USE_NETTLE = "yes"; then
1261 AC_CHECK_HEADERS([nettle/eddsa.h], use_ed25519="yes",, [AC_INCLUDES_DEFAULT])
1263 if test $use_ed25519 = "yes"; then
1264 AC_DEFINE_UNQUOTED([USE_ED25519], [1], [Define this to enable ED25519 support.])
1269 AC_ARG_ENABLE(ed448, AS_HELP_STRING([--disable-ed448],[Disable ED448 support]))
1271 case "$enable_ed448" in
1275 if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
1276 AC_CHECK_DECLS([NID_ED448], [
1278 ], [ if test "x$enable_ed448" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED448 and you used --enable-ed448.])
1279 fi ], [AC_INCLUDES_DEFAULT
1280 #include <openssl/evp.h>
1283 if test $use_ed448 = "yes"; then
1284 AC_DEFINE_UNQUOTED([USE_ED448], [1], [Define this to enable ED448 support.])
1289 AC_ARG_ENABLE(event-api, AS_HELP_STRING([--enable-event-api],[Enable (experimental) pluggable event base libunbound API installed to unbound-event.h]))
1290 case "$enable_event_api" in
1292 AC_SUBST(UNBOUND_EVENT_INSTALL, [unbound-event-install])
1293 AC_SUBST(UNBOUND_EVENT_UNINSTALL, [unbound-event-uninstall])
1299 AC_ARG_ENABLE(tfo-client, AS_HELP_STRING([--enable-tfo-client],[Enable TCP Fast Open for client mode]))
1300 case "$enable_tfo_client" in
1303 linux*) AC_CHECK_DECL([MSG_FASTOPEN], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO])],
1304 [AC_MSG_ERROR([TCP Fast Open is not available for client mode: please rerun without --enable-tfo-client])],
1305 [AC_INCLUDES_DEFAULT
1306 #include <netinet/tcp.h>
1308 AC_DEFINE_UNQUOTED([USE_MSG_FASTOPEN], [1], [Define this to enable client TCP Fast Open.])
1310 darwin*) AC_CHECK_DECL([CONNECT_RESUME_ON_READ_WRITE], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO])],
1311 [AC_MSG_ERROR([TCP Fast Open is not available for client mode: please rerun without --enable-tfo-client])],
1312 [AC_INCLUDES_DEFAULT
1313 #include <sys/socket.h>
1315 AC_DEFINE_UNQUOTED([USE_OSX_MSG_FASTOPEN], [1], [Define this to enable client TCP Fast Open.])
1323 AC_ARG_ENABLE(tfo-server, AS_HELP_STRING([--enable-tfo-server],[Enable TCP Fast Open for server mode]))
1324 case "$enable_tfo_server" in
1326 AC_CHECK_DECL([TCP_FASTOPEN], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support server mode TFO])], [AC_MSG_ERROR([TCP Fast Open is not available for server mode: please rerun without --enable-tfo-server])], [AC_INCLUDES_DEFAULT
1327 #include <netinet/tcp.h>
1329 AC_DEFINE_UNQUOTED([USE_TCP_FASTOPEN], [1], [Define this to enable server TCP Fast Open.])
1335 # check for libevent
1336 AC_ARG_WITH(libevent, AS_HELP_STRING([--with-libevent=pathname],[use libevent (will check /usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr or you can specify an explicit path). Slower, but allows use of large outgoing port ranges.]),
1337 [ ],[ with_libevent="no" ])
1338 if test "x_$with_libevent" != x_no; then
1339 AC_DEFINE([USE_LIBEVENT], [1], [Define if you enable libevent])
1340 AC_MSG_CHECKING(for libevent)
1341 if test "x_$with_libevent" = x_ -o "x_$with_libevent" = x_yes; then
1342 with_libevent="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr"
1344 for dir in $with_libevent; do
1346 if test -f "$dir/include/event.h" -o -f "$dir/include/event2/event.h"; then
1347 found_libevent="yes"
1348 dnl assume /usr is in default path.
1349 if test "$thedir" != "/usr"; then
1350 CPPFLAGS="$CPPFLAGS -I$thedir/include"
1355 if test x_$found_libevent != x_yes; then
1356 if test -f "$dir/event.h" -a \( -f "$dir/libevent.la" -o -f "$dir/libev.la" \) ; then
1357 # libevent source directory
1358 AC_MSG_RESULT(found in $thedir)
1359 CPPFLAGS="$CPPFLAGS -I$thedir -I$thedir/include"
1361 BAK_LDFLAGS="$LDFLAGS"
1362 # remove evdns from linking
1363 mkdir build >/dev/null 2>&1
1364 mkdir build/libevent >/dev/null 2>&1
1365 mkdir build/libevent/.libs >/dev/null 2>&1
1366 ev_files_o=`ls $thedir/*.o | grep -v evdns\.o | grep -v bufferevent_openssl\.o`
1367 ev_files_lo=`ls $thedir/*.lo | grep -v evdns\.lo | grep -v bufferevent_openssl\.lo`
1368 ev_files_libso=`ls $thedir/.libs/*.o | grep -v evdns\.o | grep -v bufferevent_openssl\.o`
1369 cp $ev_files_o build/libevent
1370 cp $ev_files_lo build/libevent
1371 cp $ev_files_libso build/libevent/.libs
1372 LATE_LDFLAGS="build/libevent/*.lo -lm"
1373 LDFLAGS="build/libevent/*.o $LDFLAGS -lm"
1375 AC_MSG_ERROR([Cannot find the libevent library in $with_libevent
1376 You can restart ./configure --with-libevent=no to use a builtin alternative.
1377 Please note that this alternative is not as capable as libevent when using
1378 large outgoing port ranges. ])
1381 AC_MSG_RESULT(found in $thedir)
1382 dnl if event2 exists and no event lib in dir itself, use subdir
1383 if test ! -f $thedir/lib/libevent.a -a ! -f $thedir/lib/libevent.so -a -d "$thedir/lib/event2"; then
1384 LDFLAGS="$LDFLAGS -L$thedir/lib/event2"
1385 ACX_RUNTIME_PATH_ADD([$thedir/lib/event2])
1387 dnl assume /usr is in default path, do not add "".
1388 if test "$thedir" != "/usr" -a "$thedir" != ""; then
1389 LDFLAGS="$LDFLAGS -L$thedir/lib"
1390 ACX_RUNTIME_PATH_ADD([$thedir/lib])
1394 # check for library used by libevent after 1.3c
1395 AC_SEARCH_LIBS([clock_gettime], [rt])
1397 # is the event.h header libev or libevent?
1398 AC_CHECK_HEADERS([event.h],,, [AC_INCLUDES_DEFAULT])
1399 AC_CHECK_DECL(EV_VERSION_MAJOR, [
1400 AC_SEARCH_LIBS(event_set, [ev])
1402 AC_SEARCH_LIBS(event_set, [event])
1403 ],[AC_INCLUDES_DEFAULT
1406 AC_CHECK_FUNCS([event_base_free]) # only in libevent 1.2 and later
1407 AC_CHECK_FUNCS([event_base_once]) # only in libevent 1.4.1 and later
1408 AC_CHECK_FUNCS([event_base_new]) # only in libevent 1.4.1 and later
1409 AC_CHECK_FUNCS([event_base_get_method]) # only in libevent 1.4.3 and later
1410 AC_CHECK_FUNCS([ev_loop]) # only in libev. (tested on 3.51)
1411 AC_CHECK_FUNCS([ev_default_loop]) # only in libev. (tested on 4.00)
1412 AC_CHECK_FUNCS([event_assign]) # in libevent, for thread-safety
1413 AC_CHECK_DECLS([evsignal_assign], [], [], [AC_INCLUDES_DEFAULT
1417 # include "event2/event.h"
1420 PC_LIBEVENT_DEPENDENCY="libevent"
1421 AC_SUBST(PC_LIBEVENT_DEPENDENCY)
1422 if test -n "$BAK_LDFLAGS_SET"; then
1423 LDFLAGS="$BAK_LDFLAGS"
1426 AC_DEFINE(USE_MINI_EVENT, 1, [Define if you want to use internal select based events])
1429 # check for libexpat
1430 AC_ARG_WITH(libexpat, AS_HELP_STRING([--with-libexpat=path],[specify explicit path for libexpat.]),
1431 [ ],[ withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr" ])
1432 AC_MSG_CHECKING(for libexpat)
1434 for dir in $withval ; do
1435 if test -f "$dir/include/expat.h"; then
1436 found_libexpat="yes"
1437 dnl assume /usr is in default path.
1438 if test "$dir" != "/usr"; then
1439 CPPFLAGS="$CPPFLAGS -I$dir/include"
1440 LDFLAGS="$LDFLAGS -L$dir/lib"
1442 AC_MSG_RESULT(found in $dir)
1446 if test x_$found_libexpat != x_yes; then
1447 AC_MSG_ERROR([Could not find libexpat, expat.h])
1449 AC_CHECK_HEADERS([expat.h],,, [AC_INCLUDES_DEFAULT])
1450 AC_CHECK_DECLS([XML_StopParser], [], [], [AC_INCLUDES_DEFAULT
1454 # hiredis (redis C client for cachedb)
1455 AC_ARG_WITH(libhiredis, AS_HELP_STRING([--with-libhiredis=path],[specify explicit path for libhiredis.]),
1456 [ ],[ withval="no" ])
1457 found_libhiredis="no"
1458 if test x_$withval = x_yes -o x_$withval != x_no; then
1459 AC_MSG_CHECKING(for libhiredis)
1460 if test x_$withval = x_ -o x_$withval = x_yes; then
1461 withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr"
1463 for dir in $withval ; do
1464 if test -f "$dir/include/hiredis/hiredis.h"; then
1465 found_libhiredis="yes"
1466 dnl assume /usr is in default path.
1467 if test "$dir" != "/usr"; then
1468 CPPFLAGS="$CPPFLAGS -I$dir/include"
1469 LDFLAGS="$LDFLAGS -L$dir/lib"
1471 AC_MSG_RESULT(found in $dir)
1472 AC_DEFINE([USE_REDIS], [1], [Define this to use hiredis client.])
1473 LIBS="$LIBS -lhiredis"
1477 if test x_$found_libhiredis != x_yes; then
1478 AC_MSG_ERROR([Could not find libhiredis, hiredis.h])
1480 AC_CHECK_HEADERS([hiredis/hiredis.h],,, [AC_INCLUDES_DEFAULT])
1481 AC_CHECK_DECLS([redisConnect], [], [], [AC_INCLUDES_DEFAULT
1482 #include <hiredis/hiredis.h>
1487 AC_ARG_WITH(libnghttp2, AS_HELP_STRING([--with-libnghttp2=path],[specify explicit path for libnghttp2.]),
1488 [ ],[ withval="no" ])
1489 found_libnghttp2="no"
1490 if test x_$withval = x_yes -o x_$withval != x_no; then
1491 AC_MSG_CHECKING(for libnghttp2)
1492 if test x_$withval = x_ -o x_$withval = x_yes; then
1493 withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr"
1495 for dir in $withval ; do
1496 if test -f "$dir/include/nghttp2/nghttp2.h"; then
1497 found_libnghttp2="yes"
1498 dnl assume /usr is in default path.
1499 if test "$dir" != "/usr"; then
1500 CPPFLAGS="$CPPFLAGS -I$dir/include"
1501 LDFLAGS="$LDFLAGS -L$dir/lib"
1503 AC_MSG_RESULT(found in $dir)
1504 AC_DEFINE([HAVE_NGHTTP2], [1], [Define this to use nghttp2 client.])
1505 LIBS="$LIBS -lnghttp2"
1509 if test x_$found_libnghttp2 != x_yes; then
1510 AC_MSG_ERROR([Could not find libnghttp2, nghttp2.h])
1512 AC_CHECK_HEADERS([nghttp2/nghttp2.h],,, [AC_INCLUDES_DEFAULT])
1513 AC_CHECK_DECLS([nghttp2_session_server_new], [], [], [AC_INCLUDES_DEFAULT
1514 #include <nghttp2/nghttp2.h>
1518 # set static linking for uninstalled libraries if requested
1521 AC_ARG_ENABLE(static-exe, AS_HELP_STRING([--enable-static-exe],[ enable to compile executables statically against (event) uninstalled libs, for debug purposes ]),
1523 if test x_$enable_static_exe = x_yes; then
1525 if test "$on_mingw" = yes; then
1526 staticexe="-all-static"
1527 # for static compile, include gdi32 and zlib here.
1528 if echo $LIBS | grep 'lgdi32' >/dev/null; then
1531 LIBS="$LIBS -lgdi32"
1533 AC_CHECK_LIB([z], [compress], [ LIBS="$LIBS -lz" ])
1534 LIBS="$LIBS -l:libssp.a"
1538 # set full static linking if requested
1539 AC_ARG_ENABLE(fully-static, AS_HELP_STRING([--enable-fully-static],[ enable to compile fully static ]),
1541 if test x_$enable_fully_static = x_yes; then
1542 staticexe="-all-static"
1543 if test "$on_mingw" = yes; then
1544 # for static compile, include gdi32 and zlib here.
1545 if echo $LIBS | grep 'lgdi32' >/dev/null; then
1548 LIBS="$LIBS -lgdi32"
1550 AC_CHECK_LIB([z], [compress], [ LIBS="$LIBS -lz" ])
1551 LIBS="$LIBS -l:libssp.a"
1555 # set lock checking if requested
1556 AC_ARG_ENABLE(lock_checks, AS_HELP_STRING([--enable-lock-checks],[ enable to check lock and unlock calls, for debug purposes ]),
1558 if test x_$enable_lock_checks = x_yes; then
1559 AC_DEFINE(ENABLE_LOCK_CHECKS, 1, [Define if you want to use debug lock checking (slow).])
1560 CHECKLOCK_OBJ="checklocks.lo"
1561 AC_SUBST(CHECKLOCK_OBJ)
1564 ACX_CHECK_GETADDRINFO_WITH_INCLUDES
1565 if test "$USE_WINSOCK" = 1; then
1566 AC_DEFINE(UB_ON_WINDOWS, 1, [Use win32 resources and API])
1567 AC_CHECK_HEADERS([iphlpapi.h],,, [AC_INCLUDES_DEFAULT
1568 #include <windows.h>
1570 AC_CHECK_TOOL(WINDRES, windres)
1571 LIBS="$LIBS -liphlpapi -lcrypt32"
1572 WINAPPS="unbound-service-install.exe unbound-service-remove.exe anchor-update.exe"
1574 WIN_DAEMON_SRC="winrc/win_svc.c winrc/w_inst.c"
1575 AC_SUBST(WIN_DAEMON_SRC)
1576 WIN_DAEMON_OBJ="win_svc.lo w_inst.lo"
1577 AC_SUBST(WIN_DAEMON_OBJ)
1578 WIN_DAEMON_OBJ_LINK="rsrc_unbound.o"
1579 AC_SUBST(WIN_DAEMON_OBJ_LINK)
1580 WIN_HOST_OBJ_LINK="rsrc_unbound_host.o"
1581 AC_SUBST(WIN_HOST_OBJ_LINK)
1582 WIN_UBANCHOR_OBJ_LINK="rsrc_unbound_anchor.o log.lo locks.lo"
1583 AC_SUBST(WIN_UBANCHOR_OBJ_LINK)
1584 WIN_CONTROL_OBJ_LINK="rsrc_unbound_control.o"
1585 AC_SUBST(WIN_CONTROL_OBJ_LINK)
1586 WIN_CHECKCONF_OBJ_LINK="rsrc_unbound_checkconf.o"
1587 AC_SUBST(WIN_CHECKCONF_OBJ_LINK)
1588 AC_DEFINE(__USE_MINGW_ANSI_STDIO, 1, [defined to use gcc ansi snprintf and sscanf that understands %lld when compiled for windows.])
1590 if test $ac_cv_func_getaddrinfo = no; then
1591 AC_LIBOBJ([fake-rfc2553])
1593 # check after getaddrinfo for its libraries
1594 ACX_FUNC_IOCTLSOCKET
1596 # see if daemon(3) exists, and if it is deprecated.
1597 AC_CHECK_FUNCS([daemon])
1598 if test $ac_cv_func_daemon = yes; then
1599 ACX_FUNC_DEPRECATED([daemon], [(void)daemon(0, 0);], [
1605 AC_CHECK_MEMBERS([struct sockaddr_un.sun_len],,,[
1607 #ifdef HAVE_SYS_UN_H
1611 AC_CHECK_MEMBERS([struct in_pktinfo.ipi_spec_dst],,,[
1613 #if HAVE_SYS_PARAM_H
1614 #include <sys/param.h>
1617 #ifdef HAVE_SYS_SOCKET_H
1618 #include <sys/socket.h>
1621 #ifdef HAVE_SYS_UIO_H
1622 #include <sys/uio.h>
1625 #ifdef HAVE_NETINET_IN_H
1626 #include <netinet/in.h>
1629 #ifdef HAVE_NETINET_TCP_H
1630 #include <netinet/tcp.h>
1633 #ifdef HAVE_ARPA_INET_H
1634 #include <arpa/inet.h>
1637 #ifdef HAVE_WINSOCK2_H
1638 #include <winsock2.h>
1641 #ifdef HAVE_WS2TCPIP_H
1642 #include <ws2tcpip.h>
1646 AC_MSG_CHECKING([for htobe64])
1647 AC_LINK_IFELSE([AC_LANG_PROGRAM([
1649 #ifdef HAVE_ENDIAN_H
1650 # include <endian.h>
1652 #ifdef HAVE_SYS_ENDIAN_H
1653 # include <sys/endian.h>
1655 ], [unsigned long long x = htobe64(0); printf("%u", (unsigned)x);])],
1657 AC_DEFINE(HAVE_HTOBE64, 1, [If we have htobe64]),
1660 AC_MSG_CHECKING([for be64toh])
1661 AC_LINK_IFELSE([AC_LANG_PROGRAM([
1663 #ifdef HAVE_ENDIAN_H
1664 # include <endian.h>
1666 #ifdef HAVE_SYS_ENDIAN_H
1667 # include <sys/endian.h>
1669 ], [unsigned long long x = be64toh(0); printf("%u", (unsigned)x);])],
1671 AC_DEFINE(HAVE_BE64TOH, 1, [If we have be64toh]),
1674 AC_SEARCH_LIBS([setusercontext], [util])
1675 AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync shmget accept4 getifaddrs if_nametoindex poll gettid])
1676 AC_CHECK_FUNCS([setresuid],,[AC_CHECK_FUNCS([setreuid])])
1677 AC_CHECK_FUNCS([setresgid],,[AC_CHECK_FUNCS([setregid])])
1679 # check if setreuid en setregid fail, on MacOSX10.4(darwin8).
1680 if echo $host_os | grep darwin8 > /dev/null; then
1681 AC_DEFINE(DARWIN_BROKEN_SETREUID, 1, [Define this if on macOSX10.4-darwin8 and setreuid and setregid do not work])
1683 AC_CHECK_DECLS([inet_pton,inet_ntop], [], [], [
1685 #ifdef HAVE_NETINET_IN_H
1686 #include <netinet/in.h>
1689 #ifdef HAVE_NETINET_TCP_H
1690 #include <netinet/tcp.h>
1693 #ifdef HAVE_ARPA_INET_H
1694 #include <arpa/inet.h>
1697 #ifdef HAVE_WINSOCK2_H
1698 #include <winsock2.h>
1701 #ifdef HAVE_WS2TCPIP_H
1702 #include <ws2tcpip.h>
1705 AC_REPLACE_FUNCS(inet_aton)
1706 AC_REPLACE_FUNCS(inet_pton)
1707 AC_REPLACE_FUNCS(inet_ntop)
1708 AC_REPLACE_FUNCS(snprintf)
1709 # test if snprintf return the proper length
1710 if test "x$ac_cv_func_snprintf" = xyes; then
1711 if test c${cross_compiling} = cno; then
1712 AC_MSG_CHECKING([for correct snprintf return value])
1713 AC_RUN_IFELSE([AC_LANG_SOURCE(AC_INCLUDES_DEFAULT
1715 int main(void) { return !(snprintf(NULL, 0, "test") == 4); }
1716 ]])], [AC_MSG_RESULT(yes)], [
1718 AC_DEFINE([SNPRINTF_RET_BROKEN], [], [define if (v)snprintf does not return length needed, (but length used)])
1720 ], [AC_MSG_RESULT(maybe)])
1723 AC_REPLACE_FUNCS(strlcat)
1724 AC_REPLACE_FUNCS(strlcpy)
1725 AC_REPLACE_FUNCS(memmove)
1726 AC_REPLACE_FUNCS(gmtime_r)
1727 AC_REPLACE_FUNCS(isblank)
1728 AC_REPLACE_FUNCS(explicit_bzero)
1729 dnl without CTIME, ARC4-functions and without reallocarray.
1730 LIBOBJ_WITHOUT_CTIMEARC4="$LIBOBJS"
1731 AC_SUBST(LIBOBJ_WITHOUT_CTIMEARC4)
1732 AC_MSG_CHECKING([for reallocarray])
1733 AC_LINK_IFELSE([AC_LANG_SOURCE(AC_INCLUDES_DEFAULT
1735 #ifndef _OPENBSD_SOURCE
1736 #define _OPENBSD_SOURCE 1
1740 void* p = reallocarray(NULL, 10, 100);
1744 ]])], [AC_MSG_RESULT(yes)
1745 AC_DEFINE(HAVE_REALLOCARRAY, 1, [If we have reallocarray(3)])
1748 AC_LIBOBJ(reallocarray)
1750 AC_CHECK_DECLS([reallocarray])
1751 if test "$USE_NSS" = "no"; then
1752 AC_REPLACE_FUNCS(arc4random)
1753 AC_REPLACE_FUNCS(arc4random_uniform)
1754 if test "$ac_cv_func_arc4random" = "no"; then
1755 AC_LIBOBJ(arc4_lock)
1756 AC_CHECK_FUNCS([getentropy],,[
1757 if test "$USE_WINSOCK" = 1; then
1758 AC_LIBOBJ(getentropy_win)
1762 AC_LIBOBJ(getentropy_osx)
1764 *solaris*|*sunos*|SunOS)
1765 AC_LIBOBJ(getentropy_solaris)
1766 AC_CHECK_HEADERS([sys/sha2.h],, [
1767 AC_CHECK_FUNCS([SHA512_Update],,[
1770 ], [AC_INCLUDES_DEFAULT])
1771 if test "$ac_cv_header_sys_sha2_h" = "yes"; then
1772 # this lib needed for sha2 on solaris
1775 AC_SEARCH_LIBS([clock_gettime], [rt])
1778 AC_LIBOBJ(getentropy_freebsd)
1781 AC_LIBOBJ(getentropy_linux)
1782 AC_CHECK_FUNCS([SHA512_Update],,[
1783 AC_DEFINE([COMPAT_SHA512], [1], [Do sha512 definitions in config.h])
1786 AC_CHECK_HEADERS([sys/sysctl.h],,, [AC_INCLUDES_DEFAULT])
1787 AC_CHECK_FUNCS([getauxval])
1788 AC_SEARCH_LIBS([clock_gettime], [rt])
1795 LIBOBJ_WITHOUT_CTIME="$LIBOBJS"
1796 AC_SUBST(LIBOBJ_WITHOUT_CTIME)
1797 AC_REPLACE_FUNCS(ctime_r)
1798 AC_REPLACE_FUNCS(strsep)
1800 AC_ARG_ENABLE(allsymbols, AS_HELP_STRING([--enable-allsymbols],[export all symbols from libunbound and link binaries to it, smaller install size but libunbound export table is polluted by internal symbols]))
1801 case "$enable_allsymbols" in
1803 COMMON_OBJ_ALL_SYMBOLS=""
1805 EXTRALINK="libunbound.la"
1806 AC_DEFINE(EXPORT_ALL_SYMBOLS, 1, [Define this if you enabled-allsymbols from libunbound to link binaries to it for smaller install size, but the libunbound export table is polluted by internal symbols])
1809 COMMON_OBJ_ALL_SYMBOLS='$(COMMON_OBJ)'
1810 UBSYMS='-export-symbols $(srcdir)/libunbound/ubsyms.def'
1814 AC_SUBST(COMMON_OBJ_ALL_SYMBOLS)
1817 if test x_$enable_lock_checks = x_yes; then
1818 UBSYMS="-export-symbols clubsyms.def"
1819 cp ${srcdir}/libunbound/ubsyms.def clubsyms.def
1820 echo lock_protect >> clubsyms.def
1821 echo lock_unprotect >> clubsyms.def
1822 echo lock_get_mem >> clubsyms.def
1823 echo checklock_start >> clubsyms.def
1824 echo checklock_stop >> clubsyms.def
1825 echo checklock_lock >> clubsyms.def
1826 echo checklock_unlock >> clubsyms.def
1827 echo checklock_init >> clubsyms.def
1828 echo checklock_thrcreate >> clubsyms.def
1829 echo checklock_thrjoin >> clubsyms.def
1832 # check for dnstap if requested
1833 dt_DNSTAP([$UNBOUND_RUN_DIR/dnstap.sock],
1835 AC_DEFINE([USE_DNSTAP], [1], [Define to 1 to enable dnstap support])
1836 AC_SUBST([ENABLE_DNSTAP], [1])
1838 AC_SUBST([opt_dnstap_socket_path])
1839 ACX_ESCAPE_BACKSLASH($opt_dnstap_socket_path, hdr_dnstap_socket_path)
1840 AC_DEFINE_UNQUOTED(DNSTAP_SOCKET_PATH,
1841 ["$hdr_dnstap_socket_path"], [default dnstap socket path])
1842 AC_SUBST(DNSTAP_SOCKET_PATH,["$hdr_dnstap_socket_path"])
1843 AC_SUBST(DNSTAP_SOCKET_TESTBIN,['unbound-dnstap-socket$(EXEEXT)'])
1844 AC_SUBST([DNSTAP_SRC], ["dnstap/dnstap.c dnstap/dnstap.pb-c.c dnstap/dnstap_fstrm.c dnstap/dtstream.c"])
1845 AC_SUBST([DNSTAP_OBJ], ["dnstap.lo dnstap.pb-c.lo dnstap_fstrm.lo dtstream.lo"])
1848 AC_SUBST([ENABLE_DNSTAP], [0])
1852 # check for dnscrypt if requested
1854 AC_DEFINE([USE_DNSCRYPT], [1], [Define to 1 to enable dnscrypt support])
1855 AC_SUBST([ENABLE_DNSCRYPT], [1])
1857 AC_SUBST([DNSCRYPT_SRC], ["dnscrypt/dnscrypt.c"])
1858 AC_SUBST([DNSCRYPT_OBJ], ["dnscrypt.lo"])
1861 AC_SUBST([ENABLE_DNSCRYPT], [0])
1865 # check for cachedb if requested
1866 AC_ARG_ENABLE(cachedb, AS_HELP_STRING([--enable-cachedb],[enable cachedb module that can use external cache storage]))
1867 # turn on cachedb when hiredis support is enabled.
1868 if test "$found_libhiredis" = "yes"; then enable_cachedb="yes"; fi
1869 case "$enable_cachedb" in
1871 AC_DEFINE([USE_CACHEDB], [1], [Define to 1 to use cachedb support])
1872 AC_SUBST([CACHEDB_SRC], ["cachedb/cachedb.c cachedb/redis.c"])
1873 AC_SUBST([CACHEDB_OBJ], ["cachedb.lo redis.lo"])
1880 # check for ipsecmod if requested
1881 AC_ARG_ENABLE(ipsecmod, AS_HELP_STRING([--enable-ipsecmod],[Enable ipsecmod module that facilitates opportunistic IPsec]))
1882 case "$enable_ipsecmod" in
1884 AC_DEFINE([USE_IPSECMOD], [1], [Define to 1 to use ipsecmod support.])
1885 IPSECMOD_OBJ="ipsecmod.lo ipsecmod-whitelist.lo"
1886 AC_SUBST(IPSECMOD_OBJ)
1887 IPSECMOD_HEADER='$(srcdir)/ipsecmod/ipsecmod.h $(srcdir)/ipsecmod/ipsecmod-whitelist.h'
1888 AC_SUBST(IPSECMOD_HEADER)
1895 # check for ipset if requested
1896 AC_ARG_ENABLE(ipset, AS_HELP_STRING([--enable-ipset],[enable ipset module]))
1897 case "$enable_ipset" in
1899 AC_DEFINE([USE_IPSET], [1], [Define to 1 to use ipset support])
1900 IPSET_SRC="ipset/ipset.c"
1902 IPSET_OBJ="ipset.lo"
1906 AC_ARG_WITH(libmnl, AS_HELP_STRING([--with-libmnl=path],[specify explicit path for libmnl.]),
1907 [ ],[ withval="yes" ])
1909 AC_MSG_CHECKING(for libmnl)
1910 if test x_$withval = x_ -o x_$withval = x_yes; then
1911 withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr"
1913 for dir in $withval ; do
1914 if test -f "$dir/include/libmnl/libmnl.h" -o -f "$dir/include/libmnl/libmnl/libmnl.h"; then
1916 dnl assume /usr is in default path.
1918 if test -f "$dir/include/libmnl/libmnl/libmnl.h"; then
1919 extralibmnl="/libmnl"
1921 if test "$dir" != "/usr" -o -n "$extralibmnl"; then
1922 CPPFLAGS="$CPPFLAGS -I$dir/include$extralibmnl"
1924 if test "$dir" != "/usr"; then
1925 LDFLAGS="$LDFLAGS -L$dir/lib"
1927 AC_MSG_RESULT(found in $dir)
1932 if test x_$found_libmnl != x_yes; then
1933 AC_MSG_ERROR([Could not find libmnl, libmnl.h])
1940 AC_ARG_ENABLE(explicit-port-randomisation, AS_HELP_STRING([--disable-explicit-port-randomisation],[disable explicit source port randomisation and rely on the kernel to provide random source ports]))
1941 case "$enable_explicit_port_randomisation" in
1943 AC_DEFINE([DISABLE_EXPLICIT_PORT_RANDOMISATION], [1], [Define this to enable kernel based UDP source port randomization.])
1949 if echo "$host" | $GREP -i -e linux >/dev/null; then
1950 AC_ARG_ENABLE(linux-ip-local-port-range, AS_HELP_STRING([--enable-linux-ip-local-port-range], [Define this to enable use of /proc/sys/net/ipv4/ip_local_port_range as a default outgoing port range. This is only for the libunbound on Linux and does not affect unbound resolving daemon itself. This may severely limit the number of available outgoing ports and thus decrease randomness. Define this only when the target system restricts (e.g. some of SELinux enabled distributions) the use of non-ephemeral ports.]))
1951 case "$enable_linux_ip_local_port_range" in
1953 AC_DEFINE([USE_LINUX_IP_LOCAL_PORT_RANGE], [1], [Define this to enable use of /proc/sys/net/ipv4/ip_local_port_range as a default outgoing port range. This is only for the libunbound on Linux and does not affect unbound resolving daemon itself. This may severely limit the number of available outgoing ports and thus decrease randomness. Define this only when the target system restricts (e.g. some of SELinux enabled distributions) the use of non-ephemeral ports.])
1961 AC_MSG_CHECKING([if ${MAKE:-make} supports $< with implicit rule in scope])
1962 # on openBSD, the implicit rule make $< work.
1963 # on Solaris, it does not work ($? is changed sources, $^ lists dependencies).
1965 cat >conftest.make <<EOF
1968 conftest.lo foo.lo bla.lo:
1969 if test -f "\$<"; then touch \$@; fi
1973 if test -f "\$<"; then touch \$@; fi
1975 conftest.lo: conftest.dir/conftest.c
1978 touch conftest.dir/conftest.c
1979 rm -f conftest.lo conftest.c
1980 ${MAKE:-make} -f conftest.make >/dev/null
1981 rm -f conftest.make conftest.c conftest.dir/conftest.c
1983 if test ! -f conftest.lo; then
1985 SOURCEDETERMINE='echo "$^" | awk "-F " "{print \$$1;}" > .source'
1986 SOURCEFILE='`cat .source`'
1993 AC_SUBST(SOURCEDETERMINE)
1994 AC_SUBST(SOURCEFILE)
1996 # see if we want to build the library or everything
1997 ALLTARGET="alltargets"
1998 INSTALLTARGET="install-all"
1999 AC_ARG_WITH(libunbound-only, AS_HELP_STRING([--with-libunbound-only],[do not build daemon and tool programs]),
2001 if test "$withval" = "yes"; then
2003 INSTALLTARGET="install-lib"
2006 if test $ALLTARGET = "alltargets"; then
2007 if test $USE_NSS = "yes"; then
2008 AC_MSG_ERROR([--with-nss can only be used in combination with --with-libunbound-only.])
2010 if test $USE_NETTLE = "yes"; then
2011 AC_MSG_ERROR([--with-nettle can only be used in combination with --with-libunbound-only.])
2016 AC_SUBST(INSTALLTARGET)
2019 if test -n "$LATE_LDFLAGS"; then
2020 LDFLAGS="$LATE_LDFLAGS $LDFLAGS"
2022 # remove start spaces
2023 LDFLAGS=`echo "$LDFLAGS"|sed -e 's/^ *//'`
2024 LIBS=`echo "$LIBS"|sed -e 's/^ *//'`
2026 AC_DEFINE_UNQUOTED([MAXSYSLOGMSGLEN], [10240], [Define to the maximum message length to pass to syslog.])
2029 dnl this must be first AH_CONFIG, to define the flags before any includes.
2030 AHX_CONFIG_EXT_FLAGS
2034 #ifndef _OPENBSD_SOURCE
2035 #define _OPENBSD_SOURCE 1
2038 #ifndef UNBOUND_DEBUG
2044 /** Use small-ldns codebase */
2047 # define LDNS_BUILD_CONFIG_HAVE_SSL 1
2060 #ifdef HAVE_STDARG_H
2064 #ifdef HAVE_STDINT_H
2070 #if HAVE_SYS_PARAM_H
2071 #include <sys/param.h>
2074 #ifdef HAVE_SYS_SOCKET_H
2075 #include <sys/socket.h>
2078 #ifdef HAVE_SYS_UIO_H
2079 #include <sys/uio.h>
2082 #ifdef HAVE_NETINET_IN_H
2083 #include <netinet/in.h>
2086 #ifdef HAVE_NETINET_TCP_H
2087 #include <netinet/tcp.h>
2090 #ifdef HAVE_ARPA_INET_H
2091 #include <arpa/inet.h>
2094 #ifdef HAVE_WINSOCK2_H
2095 #include <winsock2.h>
2098 #ifdef HAVE_WS2TCPIP_H
2099 #include <ws2tcpip.h>
2102 #if !defined(USE_WINSOCK) || !defined(HAVE_SNPRINTF) || defined(SNPRINTF_RET_BROKEN) || defined(__USE_MINGW_ANSI_STDIO)
2103 #define ARG_LL "%ll"
2105 #define ARG_LL "%I64"
2109 #define AF_LOCAL AF_UNIX
2113 AHX_CONFIG_FORMAT_ATTRIBUTE
2114 AHX_CONFIG_UNUSED_ATTRIBUTE
2116 AHX_CONFIG_MAXHOSTNAMELEN
2117 #if !defined(HAVE_SNPRINTF) || defined(SNPRINTF_RET_BROKEN)
2118 #define snprintf snprintf_unbound
2119 #define vsnprintf vsnprintf_unbound
2121 int snprintf (char *str, size_t count, const char *fmt, ...);
2122 int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
2123 #endif /* HAVE_SNPRINTF or SNPRINTF_RET_BROKEN */
2124 AHX_CONFIG_INET_PTON(unbound)
2125 AHX_CONFIG_INET_NTOP(unbound)
2126 AHX_CONFIG_INET_ATON(unbound)
2127 AHX_CONFIG_MEMMOVE(unbound)
2128 AHX_CONFIG_STRLCAT(unbound)
2129 AHX_CONFIG_STRLCPY(unbound)
2130 AHX_CONFIG_GMTIME_R(unbound)
2131 AHX_CONFIG_REALLOCARRAY(unbound)
2132 AHX_CONFIG_W32_SLEEP
2133 AHX_CONFIG_W32_USLEEP
2134 AHX_CONFIG_W32_RANDOM
2135 AHX_CONFIG_W32_SRANDOM
2136 AHX_CONFIG_W32_FD_SET_T
2137 AHX_CONFIG_IPV6_MIN_MTU
2138 AHX_MEMCMP_BROKEN(unbound)
2141 #ifndef HAVE_CTIME_R
2142 #define ctime_r unbound_ctime_r
2143 char *ctime_r(const time_t *timep, char *buf);
2147 #define strsep unbound_strsep
2148 char *strsep(char **stringp, const char *delim);
2151 #ifndef HAVE_ISBLANK
2152 #define isblank unbound_isblank
2156 #ifndef HAVE_EXPLICIT_BZERO
2157 #define explicit_bzero unbound_explicit_bzero
2158 void explicit_bzero(void* buf, size_t len);
2161 #if defined(HAVE_INET_NTOP) && !HAVE_DECL_INET_NTOP
2162 const char *inet_ntop(int af, const void *src, char *dst, size_t size);
2165 #if defined(HAVE_INET_PTON) && !HAVE_DECL_INET_PTON
2166 int inet_pton(int af, const char* src, void* dst);
2169 #if !defined(HAVE_STRPTIME) || !defined(STRPTIME_WORKS)
2170 #define strptime unbound_strptime
2172 char *strptime(const char *s, const char *format, struct tm *tm);
2175 #if !HAVE_DECL_REALLOCARRAY
2176 void *reallocarray(void *ptr, size_t nmemb, size_t size);
2180 #include <bsd/string.h>
2181 #include <bsd/stdlib.h>
2184 #ifdef HAVE_LIBRESSL
2185 # if !HAVE_DECL_STRLCPY
2186 size_t strlcpy(char *dst, const char *src, size_t siz);
2188 # if !HAVE_DECL_STRLCAT
2189 size_t strlcat(char *dst, const char *src, size_t siz);
2191 # if !HAVE_DECL_ARC4RANDOM && defined(HAVE_ARC4RANDOM)
2192 uint32_t arc4random(void);
2194 # if !HAVE_DECL_ARC4RANDOM_UNIFORM && defined(HAVE_ARC4RANDOM_UNIFORM)
2195 uint32_t arc4random_uniform(uint32_t upper_bound);
2197 #endif /* HAVE_LIBRESSL */
2198 #ifndef HAVE_ARC4RANDOM
2199 int getentropy(void* buf, size_t len);
2200 uint32_t arc4random(void);
2201 void arc4random_buf(void* buf, size_t n);
2202 void _ARC4_LOCK(void);
2203 void _ARC4_UNLOCK(void);
2204 void _ARC4_LOCK_DESTROY(void);
2206 #ifndef HAVE_ARC4RANDOM_UNIFORM
2207 uint32_t arc4random_uniform(uint32_t upper_bound);
2209 #ifdef COMPAT_SHA512
2210 #ifndef SHA512_DIGEST_LENGTH
2211 #define SHA512_BLOCK_LENGTH 128
2212 #define SHA512_DIGEST_LENGTH 64
2213 #define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
2214 typedef struct _SHA512_CTX {
2216 uint64_t bitcount[2];
2217 uint8_t buffer[SHA512_BLOCK_LENGTH];
2219 #endif /* SHA512_DIGEST_LENGTH */
2220 void SHA512_Init(SHA512_CTX*);
2221 void SHA512_Update(SHA512_CTX*, void*, size_t);
2222 void SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*);
2223 unsigned char *SHA512(void* data, unsigned int data_len, unsigned char *digest);
2224 #endif /* COMPAT_SHA512 */
2228 #if defined(HAVE_EVENT_H) && !defined(HAVE_EVENT_BASE_ONCE) && !(defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP)) && (defined(HAVE_PTHREAD) || defined(HAVE_SOLARIS_THREADS))
2229 /* using version of libevent that is not threadsafe. */
2230 # define LIBEVENT_SIGNAL_PROBLEM 1
2233 #ifndef CHECKED_INET6
2234 # define CHECKED_INET6
2238 # define AF_INET6 28
2240 #endif /* CHECKED_INET6 */
2242 #ifndef HAVE_GETADDRINFO
2243 struct sockaddr_storage;
2244 #include "compat/fake-rfc2553.h"
2247 #ifdef UNBOUND_ALLOC_STATS
2248 # define malloc(s) unbound_stat_malloc_log(s, __FILE__, __LINE__, __func__)
2249 # define calloc(n,s) unbound_stat_calloc_log(n, s, __FILE__, __LINE__, __func__)
2250 # define free(p) unbound_stat_free_log(p, __FILE__, __LINE__, __func__)
2251 # define realloc(p,s) unbound_stat_realloc_log(p, s, __FILE__, __LINE__, __func__)
2252 void *unbound_stat_malloc(size_t size);
2253 void *unbound_stat_calloc(size_t nmemb, size_t size);
2254 void unbound_stat_free(void *ptr);
2255 void *unbound_stat_realloc(void *ptr, size_t size);
2256 void *unbound_stat_malloc_log(size_t size, const char* file, int line,
2258 void *unbound_stat_calloc_log(size_t nmemb, size_t size, const char* file,
2259 int line, const char* func);
2260 void unbound_stat_free_log(void *ptr, const char* file, int line,
2262 void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file,
2263 int line, const char* func);
2264 #elif defined(UNBOUND_ALLOC_LITE)
2265 # include "util/alloc.h"
2266 #endif /* UNBOUND_ALLOC_LITE and UNBOUND_ALLOC_STATS */
2268 /** default port for DNS traffic. */
2269 #define UNBOUND_DNS_PORT 53
2270 /** default port for DNS over TLS traffic. */
2271 #define UNBOUND_DNS_OVER_TLS_PORT 853
2272 /** default port for DNS over HTTPS traffic. */
2273 #define UNBOUND_DNS_OVER_HTTPS_PORT 443
2274 /** default port for unbound control traffic, registered port with IANA,
2275 ub-dns-control 8953/tcp unbound dns nameserver control */
2276 #define UNBOUND_CONTROL_PORT 8953
2277 /** the version of unbound-control that this software implements */
2278 #define UNBOUND_CONTROL_VERSION 1
2282 dnl if we build from source tree, the man pages need @date@ and @version@
2283 dnl if this is a distro tarball, that was already done by makedist.sh
2284 AC_SUBST(version, [VERSION_MAJOR.VERSION_MINOR.VERSION_MICRO])
2285 AC_SUBST(date, [`date +'%b %e, %Y'`])
2287 AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h dnscrypt/dnscrypt_config.h contrib/libunbound.pc contrib/unbound.socket contrib/unbound.service contrib/unbound_portable.service])
2288 AC_CONFIG_HEADERS([config.h])