wks: Set published keys world-readable.
[gnupg.git] / configure.ac
index f3576c7..bec7428 100644 (file)
@@ -28,7 +28,7 @@ min_automake_version="1.14"
 m4_define([mym4_package],[gnupg])
 m4_define([mym4_major], [2])
 m4_define([mym4_minor], [1])
 m4_define([mym4_package],[gnupg])
 m4_define([mym4_major], [2])
 m4_define([mym4_minor], [1])
-m4_define([mym4_micro], [17])
+m4_define([mym4_micro], [20])
 
 # To start a new development series, i.e a new major or minor number
 # you need to mark an arbitrary commit before the first beta release
 
 # To start a new development series, i.e a new major or minor number
 # you need to mark an arbitrary commit before the first beta release
@@ -102,7 +102,6 @@ have_gnutls=no
 have_sqlite=no
 have_npth=no
 have_libusb=no
 have_sqlite=no
 have_npth=no
 have_libusb=no
-have_adns=no
 have_system_resolver=no
 gnupg_have_ldap="n/a"
 
 have_system_resolver=no
 gnupg_have_ldap="n/a"
 
@@ -111,6 +110,7 @@ use_bzip2=yes
 use_exec=yes
 use_trust_models=yes
 use_tofu=yes
 use_exec=yes
 use_trust_models=yes
 use_tofu=yes
+use_libdns=yes
 card_support=yes
 use_ccid_driver=auto
 dirmngr_auto_start=yes
 card_support=yes
 use_ccid_driver=auto
 dirmngr_auto_start=yes
@@ -270,6 +270,16 @@ if test "$use_trust_models" = no && test "$use_tofu" = yes; then
     AC_MSG_ERROR([both --disable-trust-models and --enable-tofu given])
 fi
 
     AC_MSG_ERROR([both --disable-trust-models and --enable-tofu given])
 fi
 
+AC_MSG_CHECKING([whether to enable libdns])
+AC_ARG_ENABLE(libdns,
+                AC_HELP_STRING([--disable-libdns],
+                               [do not build with libdns support]),
+              use_libdns=$enableval, use_libdns=yes)
+AC_MSG_RESULT($use_libdns)
+if test x"$use_libdns" = xyes ; then
+    AC_DEFINE(USE_LIBDNS, 1, [Build with integrated libdns support])
+fi
+AM_CONDITIONAL(USE_LIBDNS, test "$use_libdns" = yes)
 
 
 #
 
 
 #
@@ -980,6 +990,22 @@ else
   fi
 fi
 
   fi
 fi
 
+#
+# Allow to set a fixed trust store file for system provided certificates.
+#
+AC_ARG_WITH([default-trust-store-file],
+            [AC_HELP_STRING([--with-default-trust-store-file=FILE],
+                            [Use FILE as system trust store])],
+            default_trust_store_file="$withval",
+            default_trust_store_file="")
+if test x"$default_trust_store_file" = xno;then
+  default_trust_store_file=""
+fi
+if test x"$default_trust_store_file" != x ; then
+  AC_DEFINE_UNQUOTED([DEFAULT_TRUST_STORE_FILE],
+    ["$default_trust_store_file"], [Use as default system trust store file])
+fi
+
 
 AC_MSG_NOTICE([checking for networking options])
 
 
 AC_MSG_NOTICE([checking for networking options])
 
@@ -996,44 +1022,6 @@ AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt,
 
 
 #
 
 
 #
-# Check for ADNS.
-#
-_cppflags="${CPPFLAGS}"
-_ldflags="${LDFLAGS}"
-AC_ARG_WITH(adns,
-            AC_HELP_STRING([--with-adns=DIR],
-                           [look for the adns library in DIR]),
-            [if test -d "$withval"; then
-               CPPFLAGS="${CPPFLAGS} -I$withval/include"
-               LDFLAGS="${LDFLAGS} -L$withval/lib"
-             fi])
-if test "$with_adns" != "no"; then
-  AC_CHECK_HEADERS(adns.h,AC_CHECK_LIB(adns, adns_init_strcfg,[have_adns=yes]))
-  AC_CHECK_FUNCS(adns_free)
-  AC_MSG_CHECKING([if adns supports adns_if_tormode])
-  AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-    #include <adns.h>
-    adns_initflags flags = adns_if_tormode;
-  ]],[])],[adns_if_tormode=yes],[adns_if_tormode=no])
-  AC_MSG_RESULT($adns_if_tormode)
-  if test x"$adns_if_tormode" = xyes; then
-    AC_DEFINE(HAVE_ADNS_IF_TORMODE,1,[define if adns_if_tormode is available])
-    if test "$show_tor_support" != "no"; then
-      show_tor_support=yes
-    fi
-  fi
-fi
-CPPFLAGS=${_cppflags}
-LDFLAGS=${_ldflags}
-if test "$have_adns" = "yes"; then
-  DNSLIBS="-ladns"
-  AC_DEFINE(USE_ADNS,1,[Use ADNS as resolver library.])
-else
-  DNSLIBS=""
-fi
-
-
-#
 # Check standard resolver functions.
 #
 if test "$build_dirmngr" = "yes"; then
 # Check standard resolver functions.
 #
 if test "$build_dirmngr" = "yes"; then
@@ -1063,8 +1051,7 @@ if test "$build_dirmngr" = "yes"; then
       # Make sure that the BIND 4 resolver interface is workable before
       # enabling any code that calls it.  At some point I'll rewrite the
       # code to use the BIND 8 resolver API.
       # Make sure that the BIND 4 resolver interface is workable before
       # enabling any code that calls it.  At some point I'll rewrite the
       # code to use the BIND 8 resolver API.
-      # We might also want to use adns instead.  Problem with ADNS is that
-      # it does not support v6.
+      # We might also want to use libdns instead.
 
     AC_MSG_CHECKING([whether the resolver is usable])
     AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
 
     AC_MSG_CHECKING([whether the resolver is usable])
     AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
@@ -1103,13 +1090,24 @@ if test "$build_dirmngr" = "yes"; then
     if test x"$need_compat" = xyes ; then
       AC_DEFINE(BIND_8_COMPAT,1,[an Apple OSXism])
     fi
     if test x"$need_compat" = xyes ; then
       AC_DEFINE(BIND_8_COMPAT,1,[an Apple OSXism])
     fi
+    if test "$use_libdns" = yes; then
+     show_tor_support=yes
+    fi
+  elif test "$use_libdns" = yes; then
+    show_tor_support=yes
   else
     AC_MSG_WARN([[
 ***
 *** The system's DNS resolver is not usable.
 *** Dirmngr functionality is limited.
 ***]])
   else
     AC_MSG_WARN([[
 ***
 *** The system's DNS resolver is not usable.
 *** Dirmngr functionality is limited.
 ***]])
-   show_tor_support="${show_tor_support} (no system resolver)"
+    show_tor_support="${show_tor_support} (no system resolver)"
+  fi
+
+  if test "$have_w32_system" = yes; then
+    if test "$use_libdns" = yes; then
+      DNSLIBS="$DNSLIBS -liphlpapi"
+    fi
   fi
 
   LIBS=$_dns_save_libs
   fi
 
   LIBS=$_dns_save_libs
@@ -1276,7 +1274,7 @@ AC_MSG_NOTICE([checking for header files])
 AC_HEADER_STDC
 AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \
                   pty.h utmp.h pwd.h inttypes.h signal.h sys/select.h     \
 AC_HEADER_STDC
 AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \
                   pty.h utmp.h pwd.h inttypes.h signal.h sys/select.h     \
-                  signal.h])
+                  stdint.h signal.h])
 AC_HEADER_TIME
 
 
 AC_HEADER_TIME
 
 
@@ -1393,6 +1391,53 @@ if test $ac_cv_func_mmap != yes -a $mmap_needed = yes; then
   AC_MSG_ERROR([[Sorry, the current implemenation requires mmap.]])
 fi
 
   AC_MSG_ERROR([[Sorry, the current implemenation requires mmap.]])
 fi
 
+
+#
+# Check for the getsockopt SO_PEERCRED
+# (This has been copied from libassuan)
+#
+AC_MSG_CHECKING(for SO_PEERCRED)
+AC_CACHE_VAL(gnupg_cv_sys_so_peercred,
+      [AC_TRY_COMPILE([#include <sys/socket.h>],
+         [struct ucred cr;
+          int cl = sizeof cr;
+          getsockopt (1, SOL_SOCKET, SO_PEERCRED, &cr, &cl);],
+          gnupg_cv_sys_so_peercred=yes,
+          gnupg_cv_sys_so_peercred=no)
+       ])
+AC_MSG_RESULT($gnupg_cv_sys_so_peercred)
+
+if test $gnupg_cv_sys_so_peercred = yes; then
+  AC_DEFINE(HAVE_SO_PEERCRED, 1,
+            [Defined if SO_PEERCRED is supported (Linux specific)])
+else
+  # Check for the getsockopt LOCAL_PEEREID (NetBSD)
+  AC_MSG_CHECKING(for LOCAL_PEEREID)
+  AC_CACHE_VAL(gnupg_cv_sys_so_local_peereid,
+      [AC_TRY_COMPILE([#include <sys/socket.>
+         #include <sys/un.h>],
+         [struct unpcbid unp;
+          int unpl = sizeof unp;
+          getsockopt (1, SOL_SOCKET, LOCAL_PEEREID, &unp, &unpl);],
+          gnupg_cv_sys_so_local_peereid=yes,
+          gnupg_cv_sys_so_local_peereid=no)
+       ])
+  AC_MSG_RESULT($gnupg_cv_sys_so_local_peereid)
+
+  if test $gnupg_cv_sys_so_local_peereid = yes; then
+    AC_DEFINE(HAVE_LOCAL_PEEREID, 1,
+              [Defined if LOCAL_PEEREID is supported (NetBSD specific)])
+  else
+    # (Open)Solaris
+    AC_CHECK_FUNCS([getpeerucred], AC_CHECK_HEADERS([ucred.h]))
+    if test $ac_cv_func_getpeerucred != yes; then
+        # FreeBSD
+        AC_CHECK_FUNCS([getpeereid])
+    fi
+  fi
+fi
+
+
 #
 # W32 specific test
 #
 #
 # W32 specific test
 #
@@ -1550,6 +1595,7 @@ AC_SUBST(W32SOCKLIBS)
 #
 # Setup gcc specific options
 #
 #
 # Setup gcc specific options
 #
+USE_C99_CFLAGS=
 AC_MSG_NOTICE([checking for cc features])
 if test "$GCC" = yes; then
     mycflags=
 AC_MSG_NOTICE([checking for cc features])
 if test "$GCC" = yes; then
     mycflags=
@@ -1591,6 +1637,15 @@ if test "$GCC" = yes; then
         if test x"$_gcc_wopt" = xyes ; then
           mycflags="$mycflags -Wdeclaration-after-statement"
         fi
         if test x"$_gcc_wopt" = xyes ; then
           mycflags="$mycflags -Wdeclaration-after-statement"
         fi
+
+        AC_MSG_CHECKING([if gcc supports -Wlogical-op and -Wvla])
+        CFLAGS="-Wlogical-op -Wvla"
+        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_wopt=yes,_gcc_wopt=no)
+        AC_MSG_RESULT($_gcc_wopt)
+        if test x"$_gcc_wopt" = xyes ; then
+          mycflags="$mycflags -Wlogical-op -Wvla"
+        fi
+
     else
         mycflags="$mycflags -Wall"
     fi
     else
         mycflags="$mycflags -Wall"
     fi
@@ -1617,8 +1672,14 @@ if test "$GCC" = yes; then
     fi
 
     CFLAGS="$mycflags $mycflags_save"
     fi
 
     CFLAGS="$mycflags $mycflags_save"
+    if test "$use_libdns" = yes; then
+       # dirmngr/dns.{c,h} require C99 and GNU extensions.  */
+       USE_C99_CFLAGS="-std=gnu99"
+    fi
 fi
 
 fi
 
+AC_SUBST(USE_C99_CFLAGS)
+
 
 #
 # This is handy for debugging so the compiler doesn't rearrange
 
 #
 # This is handy for debugging so the compiler doesn't rearrange
@@ -1632,6 +1693,21 @@ AC_ARG_ENABLE(optimization,
                    fi])
 
 #
                    fi])
 
 #
+# We do not want support for the GNUPG_BUILDDIR environment variable
+# in a released version.  However, our regression tests suite requires
+# this and thus we build with support for it during "make distcheck".
+# This configure option implements this along with the top Makefile's
+# AM_DISTCHECK_CONFIGURE_FLAGS.
+#
+gnupg_builddir_envvar=no
+AC_ARG_ENABLE(gnupg-builddir-envvar,,
+              gnupg_builddir_envvar=$enableval)
+if test x"$gnupg_builddir_envvar" = x"yes"; then
+   AC_DEFINE(ENABLE_GNUPG_BUILDDIR_ENVVAR, 1,
+      [This is only used with "make distcheck"])
+fi
+
+#
 # Add user CFLAGS.
 #
 CFLAGS="$CFLAGS $CFLAGS_orig"
 # Add user CFLAGS.
 #
 CFLAGS="$CFLAGS $CFLAGS_orig"
@@ -1905,6 +1981,8 @@ tests/Makefile
 tests/gpgscm/Makefile
 tests/openpgp/Makefile
 tests/migrations/Makefile
 tests/gpgscm/Makefile
 tests/openpgp/Makefile
 tests/migrations/Makefile
+tests/gpgsm/Makefile
+tests/gpgme/Makefile
 tests/pkits/Makefile
 g10/gpg.w32-manifest
 ])
 tests/pkits/Makefile
 g10/gpg.w32-manifest
 ])