scd: fix for 64-bit arch.
[gnupg.git] / configure.ac
index c627c27..34fffb2 100644 (file)
@@ -1,7 +1,6 @@
 # configure.ac - for GnuPG 2.1
-# Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
-#               2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
-# Copyright (C) 2013, 2014 Werner Koch
+# Copyright (C) 1998-2012 Free Software Foundation, Inc.
+# Copyright (C) 1998-2015 Werner Koch
 #
 # This file is part of GnuPG.
 #
@@ -20,7 +19,7 @@
 
 # Process this file with autoconf to produce a configure script.
 AC_PREREQ(2.61)
-min_automake_version="1.10"
+min_automake_version="1.14"
 
 # To build a release you need to create a tag with the version number
 # (git tag -s gnupg-2.n.m) and run "./autogen.sh --force".  Please
@@ -29,7 +28,7 @@ min_automake_version="1.10"
 m4_define([mym4_package],[gnupg])
 m4_define([mym4_major], [2])
 m4_define([mym4_minor], [1])
-m4_define([mym4_micro], [0])
+m4_define([mym4_micro], [3])
 
 # To start a new development series, i.e a new major or minor number
 # you need to mark an arbitrary commit before the first beta release
@@ -50,7 +49,7 @@ m4_define([mym4_revision_dec], m4_argn(8, mym4_verslist))
 m4_esyscmd([echo ]mym4_version[>VERSION])
 AC_INIT([mym4_package],[mym4_version], [http://bugs.gnupg.org])
 
-NEED_GPG_ERROR_VERSION=1.15
+NEED_GPG_ERROR_VERSION=1.16
 
 NEED_LIBGCRYPT_API=1
 NEED_LIBGCRYPT_VERSION=1.6.0
@@ -61,9 +60,13 @@ NEED_LIBASSUAN_VERSION=2.1.0
 NEED_KSBA_API=1
 NEED_KSBA_VERSION=1.2.0
 
+NEED_NTBTLS_API=1
+NEED_NTBTLS_VERSION=0.1.0
+
 NEED_NPTH_API=1
 NEED_NPTH_VERSION=0.91
 
+
 NEED_GNUTLS_VERSION=3.0
 
 
@@ -75,9 +78,7 @@ VERSION=$PACKAGE_VERSION
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_SRCDIR([sm/gpgsm.c])
 AC_CONFIG_HEADER([config.h])
-# Note: For automake 1.13 add the option
-#          serial-tests
-AM_INIT_AUTOMAKE([dist-bzip2 no-dist-gzip])
+AM_INIT_AUTOMAKE([serial-tests dist-bzip2 no-dist-gzip])
 AC_CANONICAL_HOST
 AB_INIT
 
@@ -88,6 +89,8 @@ have_gpg_error=no
 have_libgcrypt=no
 have_libassuan=no
 have_ksba=no
+have_ntbtls=no
+have_gnutls=no
 have_npth=no
 have_libusb=no
 have_adns=no
@@ -99,12 +102,14 @@ use_exec=yes
 use_trust_models=yes
 card_support=yes
 use_ccid_driver=yes
-use_standard_socket=yes
 dirmngr_auto_start=yes
+use_tls_library=no
+large_secmem=no
 
 GNUPG_BUILD_PROGRAM(gpg, yes)
 GNUPG_BUILD_PROGRAM(gpgsm, yes)
-GNUPG_BUILD_PROGRAM(agent, yes)
+# The agent is a required part and can't be disabled anymore.
+build_agent=yes
 GNUPG_BUILD_PROGRAM(scdaemon, yes)
 GNUPG_BUILD_PROGRAM(g13, yes)
 GNUPG_BUILD_PROGRAM(dirmngr, yes)
@@ -126,6 +131,8 @@ AC_DEFINE_UNQUOTED(NEED_LIBGCRYPT_VERSION, "$NEED_LIBGCRYPT_VERSION",
                                        [Required version of Libgcrypt])
 AC_DEFINE_UNQUOTED(NEED_KSBA_VERSION, "$NEED_KSBA_VERSION",
                                        [Required version of Libksba])
+AC_DEFINE_UNQUOTED(NEED_NTBTLS_VERSION, "$NEED_NTBTLS_VERSION",
+                                       [Required version of NTBTLS])
 
 
 
@@ -215,6 +222,20 @@ AC_ARG_ENABLE(selinux-support,
 AC_MSG_RESULT($selinux_support)
 
 
+AC_MSG_CHECKING([whether to allocate extra secure memory])
+AC_ARG_ENABLE(large-secmem,
+              AC_HELP_STRING([--enable-large-secmem],
+                             [allocate extra secure memory]),
+              large_secmem=$enableval, large_secmem=no)
+AC_MSG_RESULT($large_secmem)
+if test "$large_secmem" = yes ; then
+   SECMEM_BUFFER_SIZE=65536
+else
+   SECMEM_BUFFER_SIZE=32768
+fi
+AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE,
+                   [Size of secure memory buffer])
+
 AC_MSG_CHECKING([whether to enable trust models])
 AC_ARG_ENABLE(trust-models,
               AC_HELP_STRING([--disable-trust-models],
@@ -251,7 +272,7 @@ GNUPG_GPG_DISABLE_ALGO([camellia192],[CAMELLIA192 cipher])
 GNUPG_GPG_DISABLE_ALGO([camellia256],[CAMELLIA256 cipher])
 
 GNUPG_GPG_DISABLE_ALGO([md5],[MD5 hash])
-# SHA1 is a MUSt algorithm
+# SHA1 is a MUST algorithm
 GNUPG_GPG_DISABLE_ALGO([rmd160],[RIPE-MD160 hash])
 GNUPG_GPG_DISABLE_ALGO([sha224],[SHA-224 hash])
 # SHA256 is a MUST algorithm for GnuPG.
@@ -528,6 +549,7 @@ AH_BOTTOM([
 
 
 AM_MAINTAINER_MODE
+AC_ARG_VAR(SYSROOT,[locate config scripts also below that directory])
 
 # Checks for programs.
 AC_MSG_NOTICE([checking for programs])
@@ -554,7 +576,6 @@ AC_CHECK_TOOL(AR, ar, :)
 AC_PATH_PROG(PERL,"perl")
 AC_CHECK_TOOL(WINDRES, windres, :)
 AC_ISC_POSIX
-gl_EARLY
 AC_SYS_LARGEFILE
 GNUPG_CHECK_USTAR
 
@@ -692,35 +713,6 @@ if test "$run_tests" = yes; then
 fi
 AM_CONDITIONAL(RUN_TESTS, test "$run_tests" = yes)
 
-if test "$use_ldapwrapper" = yes; then
-   AC_DEFINE(USE_LDAPWRAPPER,1, [Build dirmngr with LDAP wrapper process])
-fi
-AM_CONDITIONAL(USE_LDAPWRAPPER, test "$use_ldapwrapper" = yes)
-
-
-#
-# Allows enabling the use of a standard socket by default This is
-# gpg-agent's option --[no-]use-standard-socket.  For Windows we force
-# the use of this.
-#
-AC_MSG_CHECKING([whether to use a standard socket by default])
-AC_ARG_ENABLE(standard-socket,
-              AC_HELP_STRING([--disable-standard-socket],
-                             [don't use a standard socket by default]),
-              use_standard_socket=$enableval)
-tmp=""
-if test "$use_standard_socket" != yes; then
-  if test "$have_w32_system" = yes; then
-    use_standard_socket=yes
-    tmp=" (forced)"
-  fi
-fi
-AC_MSG_RESULT($use_standard_socket$tmp)
-if test "$use_standard_socket" = yes; then
-  AC_DEFINE(USE_STANDARD_SOCKET,1,
-            [Use the standard socket for the agent by default])
-fi
-
 
 # (These need to go after AC_PROG_CC so that $EXEEXT is defined)
 AC_DEFINE_UNQUOTED(EXEEXT,"$EXEEXT",[The executable file extension, if any])
@@ -840,27 +832,48 @@ else
 ***]])
 fi
 
+
 #
-# Check whether GNUTLS is available
+# NTBTLS is our TLS library.  If it is not available fallback to
+# GNUTLS.
 #
-PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= $NEED_GNUTLS_VERSION],
-                               [have_gnutls=yes],
-                               [have_gnutls=no])
-if test "$have_gnutls" = "yes"; then
-  AC_SUBST([LIBGNUTLS_CFLAGS])
-  AC_SUBST([LIBGNUTLS_LIBS])
-  AC_DEFINE(HTTP_USE_GNUTLS, 1, [Enable GNUTLS support in http.c])
+AC_ARG_ENABLE(ntbtls,
+              AC_HELP_STRING([--disable-ntbtls],
+                             [disable the use of NTBTLS as TLS library]),
+              try_ntbtls=$enableval, try_ntbtls=yes)
+if test x"$try_ntbtls" = xyes ; then
+  AM_PATH_NTBTLS("$NEED_NTBTLS_API:$NEED_NTBTLS_VERSION",
+                 [have_ntbtls=yes],[have_ntbtls=no])
+fi
+if test "$have_ntbtls" = yes ; then
+   use_tls_library=ntbtls
+   AC_DEFINE(HTTP_USE_NTBTLS, 1, [Enable NTBTLS support in http.c])
 else
-  tmp=$(echo "$LIBGNUTLS_PKG_ERRORS" | tr '\n' '\v' | sed 's/\v/\n*** /g')
-  AC_MSG_WARN([[
+  AC_ARG_ENABLE(gnutls,
+                AC_HELP_STRING([--disable-gnutls],
+                               [disable GNUTLS as fallback TLS library]),
+                try_gnutls=$enableval, try_gnutls=yes)
+  if test x"$try_gnutls" = xyes ; then
+    PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= $NEED_GNUTLS_VERSION],
+                                   [have_gnutls=yes],
+                                   [have_gnutls=no])
+  fi
+  if test "$have_gnutls" = "yes"; then
+    AC_SUBST([LIBGNUTLS_CFLAGS])
+    AC_SUBST([LIBGNUTLS_LIBS])
+    use_tls_library=gnutls
+    AC_DEFINE(HTTP_USE_GNUTLS, 1, [Enable GNUTLS support in http.c])
+  else
+    tmp=$(echo "$LIBGNUTLS_PKG_ERRORS" | tr '\n' '\v' | sed 's/\v/\n*** /g')
+    AC_MSG_WARN([[
 ***
-*** Building without GNUTLS - no TLS access to keyservers.
+*** Building without NTBTLS and GNUTLS - no TLS access to keyservers.
 ***
 *** $tmp]])
+  fi
 fi
 
 
-
 AC_MSG_NOTICE([checking for networking options])
 
 #
@@ -889,18 +902,14 @@ AC_ARG_WITH(adns,
              fi])
 if test "$with_adns" != "no"; then
   AC_CHECK_HEADERS(adns.h,
-                AC_CHECK_LIB(adns, adns_init,
+                AC_CHECK_LIB(adns, adns_free,
                              [have_adns=yes],
                              [CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}]),
-                [CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}])
+                             [CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}])
 fi
 if test "$have_adns" = "yes"; then
   ADNSLIBS="-ladns"
 fi
-AC_SUBST(ADNSLIBS)
-# Newer adns versions feature a free function to be used under W32.
-AC_CHECK_FUNCS(adns_free)
-
 
 
 #
@@ -911,18 +920,12 @@ AC_ARG_ENABLE(dns-srv,
                              [disable the use of DNS SRV in HKP and HTTP]),
               use_dns_srv=$enableval,use_dns_srv=yes)
 
-AC_ARG_ENABLE(dns-pka,
-   AC_HELP_STRING([--disable-dns-pka],
-       [disable the use of PKA records in DNS]),
-   use_dns_pka=$enableval,use_dns_pka=yes)
-
 AC_ARG_ENABLE(dns-cert,
    AC_HELP_STRING([--disable-dns-cert],
        [disable the use of CERT records in DNS]),
    use_dns_cert=$enableval,use_dns_cert=yes)
 
-if test x"$use_dns_pka" = xyes || test x"$use_dns_srv" = xyes \
-   || test x"$use_dns_cert" = xyes; then
+if test x"$use_dns_srv" = xyes || test x"$use_dns_cert" = xyes; then
   _dns_save_libs=$LIBS
   LIBS=""
   # the double underscore thing is a glibc-ism?
@@ -979,10 +982,6 @@ if test x"$use_dns_pka" = xyes || test x"$use_dns_srv" = xyes \
         AC_DEFINE(USE_DNS_SRV,1,[define to use DNS SRV])
      fi
 
-     if test x"$use_dns_pka" = xyes ; then
-        AC_DEFINE(USE_DNS_PKA,1,[define to use our experimental DNS PKA])
-     fi
-
      if test x"$use_dns_cert" = xyes ; then
         AC_DEFINE(USE_DNS_CERT,1,[define to use DNS CERT])
      fi
@@ -1001,16 +1000,11 @@ if test x"$use_dns_pka" = xyes || test x"$use_dns_srv" = xyes \
            AC_DEFINE(USE_DNS_SRV,1)
         fi
 
-        if test x"$use_dns_pka" = xyes ; then
-           AC_DEFINE(USE_DNS_PKA,1)
-        fi
-
         if test x"$use_dns_cert" = xyes ; then
            AC_DEFINE(USE_DNS_CERT,1,[define to use DNS CERT])
         fi
      else
         use_dns_srv=no
-        use_dns_pka=no
         use_dns_cert=no
      fi
   fi
@@ -1028,16 +1022,45 @@ AM_CONDITIONAL(USE_DNS_SRV, test x"$use_dns_srv" = xyes)
 #
 # Note that running the check changes the variable
 # gnupg_have_ldap from "n/a" to "no" or "yes".
-if test "$build_dirmngr" = "yes" ; then
-   GNUPG_CHECK_LDAP($NETLIBS)
-   AC_CHECK_LIB(lber, ber_free,
-                [ LBER_LIBS="$LBER_LIBS -llber"
-                  AC_DEFINE(HAVE_LBER,1,
-                           [defined if liblber is available])
-                  have_lber=yes
-               ])
+
+AC_ARG_ENABLE(ldap,
+    AC_HELP_STRING([--disable-ldap],[disable LDAP support]),
+    [if test "$enableval" = "no"; then gnupg_have_ldap=no; fi])
+
+if test "$gnupg_have_ldap" != "no" ; then
+  if test "$build_dirmngr" = "yes" ; then
+     GNUPG_CHECK_LDAP($NETLIBS)
+     AC_CHECK_LIB(lber, ber_free,
+                  [ LBER_LIBS="$LBER_LIBS -llber"
+                    AC_DEFINE(HAVE_LBER,1,
+                             [defined if liblber is available])
+                    have_lber=yes
+                 ])
+  fi
 fi
 AC_SUBST(LBER_LIBS)
+if test "$gnupg_have_ldap" = "no"; then
+    AC_MSG_WARN([[
+***
+*** Building without LDAP support.
+*** No CRL access or X.509 certificate search available.
+***]])
+fi
+
+AM_CONDITIONAL(USE_LDAP, [test "$gnupg_have_ldap" = yes])
+if test "$gnupg_have_ldap" = yes ; then
+  AC_DEFINE(USE_LDAP,1,[Defined if LDAP is support])
+else
+ use_ldapwrapper=no
+fi
+
+if test "$use_ldapwrapper" = yes; then
+   AC_DEFINE(USE_LDAPWRAPPER,1, [Build dirmngr with LDAP wrapper process])
+fi
+AM_CONDITIONAL(USE_LDAPWRAPPER, test "$use_ldapwrapper" = yes)
+
+
+
 
 #
 # Check for sendmail
@@ -1151,7 +1174,7 @@ fi
 AC_MSG_NOTICE([checking for header files])
 AC_HEADER_STDC
 AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \
-                  pty.h utmp.h pwd.h inttypes.h signal.h])
+                  pty.h utmp.h pwd.h inttypes.h signal.h sys/select.h])
 AC_HEADER_TIME
 
 
@@ -1226,7 +1249,8 @@ AC_FUNC_VPRINTF
 AC_FUNC_FORK
 AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap canonicalize_file_name])
 AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r strtoull])
-AC_CHECK_FUNCS([unsetenv fcntl ftruncate inet_ntop canonicalize_file_name])
+AC_CHECK_FUNCS([setenv unsetenv fcntl ftruncate inet_ntop])
+AC_CHECK_FUNCS([canonicalize_file_name])
 AC_CHECK_FUNCS([gettimeofday getrusage getrlimit setrlimit clock_gettime])
 AC_CHECK_FUNCS([atexit raise getpagesize strftime nl_langinfo setlocale])
 AC_CHECK_FUNCS([waitpid wait4 sigaction sigprocmask pipe getaddrinfo])
@@ -1252,20 +1276,10 @@ AC_CHECK_HEADERS([signal.h])
 AC_CHECK_FUNCS([memicmp stpcpy strsep strlwr strtoul memmove stricmp strtol \
                 memrchr isascii timegm getrusage setrlimit stat setlocale   \
                 flockfile funlockfile fopencookie funopen getpwnam getpwuid \
-                getenv inet_pton])
+                getenv inet_pton strpbrk])
 # end jnlib checks.
 
 
-
-#
-# gnulib checks
-#
-gl_SOURCE_BASE([gl])
-gl_M4_BASE([gl/m4])
-gl_MODULES([setenv mkdtemp xsize strpbrk])
-gl_INIT
-
-
 #
 # W32 specific test
 #
@@ -1596,8 +1610,6 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf",
 
 AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool])
 
-AC_DEFINE_UNQUOTED(GPG_AGENT_INFO_NAME, "GPG_AGENT_INFO",
-                   [The name of the agent info envvar])
 AC_DEFINE_UNQUOTED(GPG_AGENT_SOCK_NAME, "S.gpg-agent",
                    [The name of the agent socket])
 AC_DEFINE_UNQUOTED(GPG_AGENT_SSH_SOCK_NAME, "S.gpg-agent.ssh",
@@ -1626,9 +1638,11 @@ AC_DEFINE_UNQUOTED(BUILD_REVISION, "$BUILD_REVISION",
                    [GIT commit id revision used to build this package])
 
 changequote(,)dnl
-BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'`
+BUILD_VERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./'`
 changequote([,])dnl
-BUILD_FILEVERSION="${BUILD_FILEVERSION}mym4_revision_dec"
+BUILD_VERSION="${BUILD_VERSION}mym4_revision_dec"
+BUILD_FILEVERSION=`echo "${BUILD_VERSION}" | tr . ,`
+AC_SUBST(BUILD_VERSION)
 AC_SUBST(BUILD_FILEVERSION)
 
 BUILD_TIMESTAMP=`date -u +%Y-%m-%dT%H:%M+0000 2>/dev/null || date`
@@ -1684,16 +1698,8 @@ if test "$have_ksba" = "no"; then
 *** (at least version $NEED_KSBA_VERSION using API $NEED_KSBA_API is required).
 ***]])
 fi
-if test "$gnupg_have_ldap" = "no"; then
-    die=yes
-    AC_MSG_NOTICE([[
-***
-*** The Dirmngr part requires an LDAP library
-*** Check out
-***    http://www.openldap.org
-*** for a suitable implementation.
-***]])
-   if test "$have_w32ce_system" = yes; then
+if test "$gnupg_have_ldap" = yes; then
+  if test "$have_w32ce_system" = yes; then
     AC_MSG_NOTICE([[
 *** Note that CeGCC might be broken, a package fixing this is:
 ***    http://files.kolab.org/local/windows-ce/
@@ -1740,7 +1746,6 @@ fi
 AC_CONFIG_FILES([ m4/Makefile
 Makefile
 po/Makefile.in
-gl/Makefile
 common/Makefile
 common/w32info-rc.h
 kbx/Makefile
@@ -1756,6 +1761,7 @@ doc/Makefile
 tests/Makefile
 tests/openpgp/Makefile
 tests/pkits/Makefile
+g10/gpg.w32-manifest
 ])
 
 
@@ -1783,11 +1789,11 @@ echo "
         Default scdaemon:  $show_gnupg_scdaemon_pgm
         Default dirmngr:   $show_gnupg_dirmngr_pgm
 
-        Use standard socket: $use_standard_socket
         Dirmngr auto start:  $dirmngr_auto_start
         Readline support:    $gnupg_cv_have_readline
+        LDAP support:        $gnupg_have_ldap
         DNS SRV support:     $use_dns_srv
-        TLS support:         $have_gnutls
+        TLS support:         $use_tls_library
 "
 if test x"$use_regex" != xyes ; then
 echo "
@@ -1796,3 +1802,12 @@ echo "
                  gpg-check-pattern will not be build.
 "
 fi
+if test "x${gpg_config_script_warn}" != x; then
+cat <<G10EOF
+        Warning: Mismatches between the target platform and the
+                 to be used libraries have been detected for:
+                  ${gpg_config_script_warn}
+                 Please check above for more warning messages.
+
+G10EOF
+fi