diff options
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 289 |
1 files changed, 189 insertions, 100 deletions
diff --git a/configure.ac b/configure.ac index f507ebc3..46eef3a7 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. # # This file is part of TALER -# Copyright (C) 2014-2023 Taler Systems SA +# Copyright (C) 2014-2024 Taler Systems SA # # TALER is free software; you can redistribute it and/or modify it under the # terms of the GNU General Public License as published by the Free Software @@ -18,7 +18,7 @@ # This configure file is in the public domain AC_PREREQ([2.69]) -AC_INIT([taler-merchant],[0.9.1],[taler-bug@gnunet.org]) +AC_INIT([taler-merchant],[0.10.2],[taler-bug@gnunet.org]) AC_CONFIG_SRCDIR([src/backend/taler-merchant-httpd.c]) AC_CONFIG_HEADERS([taler_merchant_config.h]) # support for non-recursive builds @@ -61,76 +61,36 @@ AS_IF([test "x$doc_only" != xyes],[ # Checks for programs. AC_PROG_CC -CFLAGS="-Wall -Wno-address-of-packed-member $CFLAGS" -# Checks for header files. -AC_CHECK_HEADERS([stdint.h stdlib.h string.h unistd.h]) -# Check for GNUnet's libgnunetutil. -libgnunetutil=0 -AC_MSG_CHECKING([for libgnunetutil]) -AC_ARG_WITH(gnunet, - [AS_HELP_STRING([--with-gnunet=PFX], [base of GNUnet installation])], - [AC_MSG_RESULT([given as $with_gnunet])], - [AC_MSG_RESULT(not given) - with_gnunet=yes]) -AS_CASE([$with_gnunet], - [yes], [], - [no], [AC_MSG_ERROR([--with-gnunet is required])], - [LDFLAGS="-L$with_gnunet/lib $LDFLAGS" - CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"]) -AC_CHECK_HEADERS([gnunet/gnunet_util_lib.h], - [AC_CHECK_LIB([gnunetutil], [GNUNET_SCHEDULER_run], libgnunetutil=1)]) -AS_IF([test $libgnunetutil != 1], - [AC_MSG_ERROR([[ -*** -*** You need libgnunetutil to build this program. -*** This library is part of GNUnet, available at -*** https://gnunet.org -*** ]])]) +CFLAGS="-Wall -Wno-address-of-packed-member $CFLAGS" +# Adam shostack suggests the following for Windows: +# -D_FORTIFY_SOURCE=2 -fstack-protector-all +AC_ARG_ENABLE(gcc-hardening, + AS_HELP_STRING(--enable-gcc-hardening, enable compiler security checks), +[AS_IF([test x$enableval = xyes],[ + CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-all" + CFLAGS="$CFLAGS -fwrapv -fPIE -Wstack-protector" + CFLAGS="$CFLAGS --param ssp-buffer-size=1" + LDFLAGS="$LDFLAGS -pie"])]) -# test for postgres -AX_LIB_POSTGRESQL([13.0]) -AS_IF([test "x$found_postgresql" = "xyes"], - [SAVE_CPPFLAGS="$CPPFLAGS" - CPPFLAGS="$POSTGRES_CPPFLAGS $CPPFLAGS" - AC_CHECK_HEADERS([libpq-fe.h], [postgres=1], [postgres=0])]) -AS_IF([test "x$postgres" != "x1"], - [AC_MSG_ERROR([[ -*** -*** You need libpq(-dev) >= 13.0 to build this program. -*** ]])]) -AM_CONDITIONAL([HAVE_POSTGRESQL], [test "x$postgres" = "x1"]) -AC_DEFINE_UNQUOTED([HAVE_POSTGRESQL], [$postgres], - [Define to 1 if Postgres is available]) -TALER_LIB_LDFLAGS="-export-dynamic -no-undefined" -TALER_PLUGIN_LDFLAGS="-export-dynamic -avoid-version -module -no-undefined" +# Linker hardening options +# Currently these options are ELF specific - you can't use this with MacOSX +AC_ARG_ENABLE(linker-hardening, + AS_HELP_STRING(--enable-linker-hardening, enable linker security fixups), + [AS_IF([test x$enableval = xyes],[LDFLAGS="$LDFLAGS -z relro -z now"])]) -AC_SUBST(TALER_LIB_LDFLAGS) -AC_SUBST(TALER_PLUGIN_LDFLAGS) +AC_ARG_ENABLE(sanitizer, + AS_HELP_STRING(--enable-sanitizer, enable Address Sanitizer and Undefined Behavior Sanitizer), +[AS_IF([test x$enableval = xyes],[ + LDFLAGS="$CFLAGS -fsanitize=address,undefined -fno-omit-frame-pointer" + ])]) -# Check for Taler's libtalerpq -libtalerpq=0 -AC_MSG_CHECKING([for libtalerpq]) -AC_ARG_WITH(exchange, - [AS_HELP_STRING([--with-exchange=PFX], [base of Taler EXCHANGE installation])], - [AC_MSG_RESULT([given as $with_exchange])], - [AC_MSG_RESULT(not given) - with_exchange=yes]) -AS_CASE([$with_exchange], - [yes], [], - [no], [AC_MSG_ERROR([--with-exchange is required])], - [LDFLAGS="-L$with_exchange/lib $LDFLAGS" - CPPFLAGS="-I$with_exchange/include $CPPFLAGS"]) - -CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS" - -AC_CHECK_HEADERS([gnunet/gnunet_pq_lib.h], - [AC_CHECK_LIB([gnunetpq], [GNUNET_PQ_connect_with_cfg], libgnunetpq=1)]) -AM_CONDITIONAL(HAVE_GNUNETPQ, test x$libgnunetpq = x1) +# Checks for header files. +AC_CHECK_HEADERS([stdint.h stdlib.h string.h unistd.h]) # check for libmicrohttpd AC_MSG_CHECKING([for microhttpd]) @@ -146,6 +106,7 @@ AS_CASE([$with_microhttpd], CPPFLAGS="-I$with_microhttpd/include $CPPFLAGS"]) MHD_VERSION_AT_LEAST([0.9.71]) + jansson=0 PKG_CHECK_MODULES([JANSSON], [jansson >= 2.3], [LDFLAGS="$JANSSON_LIBS $LDFLAGS" @@ -156,6 +117,33 @@ PKG_CHECK_MODULES([JANSSON], [jansson >= 2.3], ***]])]) +# Require minimum libgcrypt version +need_libgcrypt_version=1.6.1 +AC_DEFINE_UNQUOTED([NEED_LIBGCRYPT_VERSION], ["$need_libgcrypt_version"], + [minimum version of libgcrypt required]) +AM_PATH_LIBGCRYPT([$need_libgcrypt_version]) + + +# NOTE: If we find libcurl here we set LIBCURL to -lcurl +# This affects the LIBCURL_CHECK_CONFIG call below as it takes LIBCURL into +# account when checking for curl. +AC_CHECK_LIB([curl], + [curl_easy_getinfo], + [LIBCURL="-lcurl" + curl_gnutls=1], + [curl_gnutls=0]) + +LIBCURL_CHECK_CONFIG([], [7.34.0], [], + [AC_MSG_ERROR([cURL must have a version >= 7.34.0])]) + +# Even if curl is found, we check for this constant in order to determine +# if we can use this feature. +AC_CHECK_HEADER([curl/curl.h], + [AC_CHECK_DECLS([CURLINFO_TLS_SSL_PTR], + [], + [AC_MSG_ERROR([cURL must support CURLINFO_TLS_SSL_PTR])], + [[#include <curl/curl.h>]])]) + # test for libqrencode qrencode=0 QR_LIBS="-lqrencode" @@ -184,33 +172,75 @@ AS_IF([test "$qrencode" != 1], *** You need libqrencode to build this program. *** ]])]) - AC_SUBST(QR_CFLAGS) AC_SUBST(QR_LIBS) -# NOTE: If we find libcurl here we set LIBCURL to -lcurl -# This affects the LIBCURL_CHECK_CONFIG call below as it takes LIBCURL into -# account when checking for curl. -AC_CHECK_LIB([curl], - [curl_easy_getinfo], - [LIBCURL="-lcurl" - curl_gnutls=1], - [curl_gnutls=0]) -LIBCURL_CHECK_CONFIG([], [7.34.0], [], - [AC_MSG_ERROR([cURL must have a version >= 7.34.0])]) +# test for postgres +AX_LIB_POSTGRESQL([15.0]) +AS_IF([test "x$found_postgresql" = "xyes"], + [SAVE_CPPFLAGS="$CPPFLAGS" + CPPFLAGS="$POSTGRES_CPPFLAGS $CPPFLAGS" + AC_CHECK_HEADERS([libpq-fe.h], [postgres=1], [postgres=0])]) +AS_IF([test "x$postgres" != "x1"], + [AC_MSG_ERROR([[ +*** +*** You need libpq(-dev) >= 15.0 to build this program. +*** ]])]) +AM_CONDITIONAL([HAVE_POSTGRESQL], [test "x$postgres" = "x1"]) +AC_DEFINE_UNQUOTED([HAVE_POSTGRESQL], [$postgres], + [Define to 1 if Postgres is available]) -# Even if curl is found, we check for this constant in order to determine -# if we can use this feature. -AC_CHECK_HEADER([curl/curl.h], - [AC_CHECK_DECLS([CURLINFO_TLS_SSL_PTR], - [], - [AC_MSG_ERROR([cURL must support CURLINFO_TLS_SSL_PTR])], - [[#include <curl/curl.h>]])]) -# Check for Taler's libtalerfakebank -libtalerfakebank=0 -AC_MSG_CHECKING([for libtalerfakebank]) +CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS" + +# Check for GNUnet's libgnunetutil. +libgnunetutil=0 +AC_MSG_CHECKING([for libgnunetutil]) +AC_ARG_WITH(gnunet, + [AS_HELP_STRING([--with-gnunet=PFX], [base of GNUnet installation])], + [AC_MSG_RESULT([given as $with_gnunet])], + [AC_MSG_RESULT(not given) + with_gnunet=yes]) +AS_CASE([$with_gnunet], + [yes], [], + [no], [AC_MSG_ERROR([--with-gnunet is required])], + [LDFLAGS="-L$with_gnunet/lib $LDFLAGS" + CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"]) +AC_CHECK_HEADERS([gnunet/gnunet_util_lib.h], + [AC_CHECK_LIB([gnunetutil], [GNUNET_SCHEDULER_run], libgnunetutil=1)]) +AS_IF([test $libgnunetutil != 1], + [AC_MSG_ERROR([[ +*** +*** You need libgnunetutil >= 0.21.0 to build this program. +*** This library is part of GNUnet, available at +*** https://gnunet.org +*** ]])]) + +libgnunetpq=0 +AC_CHECK_HEADERS([gnunet/gnunet_pq_lib.h], + [AC_CHECK_LIB([gnunetpq], [GNUNET_PQ_query_param_blind_sign_priv], libgnunetpq=1)]) + +AS_IF([test $libgnunetpq != 1], + [AC_MSG_ERROR([[ +*** +*** You need libgnunetpq >= 0.21.2 (API v7) to build this program. +*** This library is part of GNUnet, available at +*** https://gnunet.org +*** ]])]) + +AM_CONDITIONAL(HAVE_GNUNETPQ, test x$libgnunetpq = x1) + +TALER_LIB_LDFLAGS="-export-dynamic -no-undefined" +TALER_PLUGIN_LDFLAGS="-export-dynamic -avoid-version -module -no-undefined" + + +AC_SUBST(TALER_LIB_LDFLAGS) +AC_SUBST(TALER_PLUGIN_LDFLAGS) + + +libtalerutil=0 +AC_MSG_CHECKING([for libtalerutil]) AC_ARG_WITH(exchange, [AS_HELP_STRING([--with-exchange=PFX], [base of Taler EXCHANGE installation])], [AC_MSG_RESULT([given as $with_exchange])], @@ -222,13 +252,80 @@ AS_CASE([$with_exchange], [LDFLAGS="-L$with_exchange/lib $LDFLAGS" CPPFLAGS="-I$with_exchange/include $CPPFLAGS $POSTGRESQL_CPPFLAGS"]) -CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS" +AC_CHECK_HEADERS([taler/taler_util.h], + [AC_CHECK_LIB([talerutil], [TALER_payto_normalize], libtalerutil=1)]) +AM_CONDITIONAL(HAVE_TALERUTIL, test x$libtalerutil = x1) +AS_IF([test $libtalerutil != 1], + [AC_MSG_ERROR([[ +*** +*** You need libtalerutil >= 0.9.4 to build this program. +*** This library is part of the GNU Taler exchange, available at +*** https://taler.net +*** ]])]) + + +libtalermhd=0 +AC_MSG_CHECKING([for libtalermhd]) +AC_ARG_WITH(exchange, + [AS_HELP_STRING([--with-exchange=PFX], [base of Taler EXCHANGE installation])], + [AC_MSG_RESULT([given as $with_exchange])], + [AC_MSG_RESULT(not given) + with_exchange=yes]) +AS_CASE([$with_exchange], + [yes], [], + [no], [AC_MSG_ERROR([--with-exchange is required])], + [LDFLAGS="-L$with_exchange/lib $LDFLAGS" + CPPFLAGS="-I$with_exchange/include $CPPFLAGS $POSTGRESQL_CPPFLAGS"]) + +AC_CHECK_HEADERS([taler/taler_mhd_lib.h], + [AC_CHECK_LIB([talermhd], [TALER_MHD_parse_request_arg_snumber], libtalermhd=1)]) +AM_CONDITIONAL(HAVE_TALERMHD, test x$libtalermhd = x1) +AS_IF([test $libtalermhd != 1], + [AC_MSG_ERROR([[ +*** +*** You need libtalermhd >= 0.10.1 (API v2) to build this program. +*** This library is part of the GNU Taler exchange, available at +*** https://taler.net +*** ]])]) + +libtalerjson=0 +AC_CHECK_HEADERS([taler/taler_json_lib.h], + [AC_CHECK_LIB([talerjson], [TALER_JSON_spec_otp_type], libtalerjson=1)]) +AM_CONDITIONAL(HAVE_TALERJSON, test x$libtalerjson = x1) +AS_IF([test $libtalerjson != 1], + [AC_MSG_ERROR([[ +*** +*** You need libtalerjson >= 0.9.4 to build this program. +*** This library is part of the GNU Taler exchange, available at +*** https://taler.net +*** ]])]) + + +# Check for Taler's libtalerpq + +libtalerpq=0 +AC_MSG_CHECKING([for libtalerpq]) +AC_CHECK_HEADERS([taler/taler_pq_lib.h], + [AC_CHECK_LIB([talerpq], [TALER_PQ_query_param_array_blinded_denom_sig], libtalerpq=1)]) +AM_CONDITIONAL(HAVE_TALERPQ, test x$libtalerpq = x1) +AS_IF([test $libtalerpq != 1], + [AC_MSG_ERROR([[ +*** +*** You need libtalerpq >= 0.9.4 to build this program. +*** This library is part of the GNU Taler exchange, available at +*** https://taler.net +*** ]])]) + +# Check for Taler's libtalerfakebank +libtalerfakebank=0 +AC_MSG_CHECKING([for libtalerfakebank]) AC_CHECK_HEADERS([taler/taler_fakebank_lib.h], [AC_CHECK_LIB([talerfakebank], [TALER_FAKEBANK_start], libtalerfakebank=1)]) AM_CONDITIONAL(HAVE_TALERFAKEBANK, test x$libtalerfakebank = x1) + # check for libtalertwister twistertesting=0 AC_MSG_CHECKING([for talerwtistertesting]) @@ -257,11 +354,6 @@ AC_ARG_ENABLE([coverage], AC_MSG_RESULT($use_gcov) AM_CONDITIONAL([USE_COVERAGE], [test "x$use_gcov" = "xyes"]) -# Require minimum libgcrypt version -need_libgcrypt_version=1.6.1 -AC_DEFINE_UNQUOTED([NEED_LIBGCRYPT_VERSION], ["$need_libgcrypt_version"], - [minimum version of libgcrypt required]) -AM_PATH_LIBGCRYPT([$need_libgcrypt_version]) # logging extra_logging=0 @@ -280,7 +372,7 @@ AC_MSG_CHECKING(for source being under a VCS) git_version= AS_IF([test ! "X$gitcommand" = "X"], [ - git_version=$(cd $srcdir ; git rev-list --full-history --all --abbrev-commit | head -n 1 2>/dev/null) + git_version=$(cd $srcdir ; git rev-list -n 1 --abbrev-commit HEAD 2>/dev/null) ]) AS_IF([test "X$git_version" = "X"], [ @@ -310,13 +402,6 @@ AC_TYPE_UINTMAX_T AC_CHECK_FUNCS([strdup]) -# -# Check for tsc -# -AC_CHECK_PROG([tsc],[tsc],[yes],[no]) -AM_CONDITIONAL([HAVE_TSC], [test "x$tsc" = xyes]) - - AC_ARG_ENABLE([[doc]], [AS_HELP_STRING([[--disable-doc]], [do not build any documentation])], , [enable_doc=yes]) @@ -329,8 +414,11 @@ AM_CONDITIONAL([ENABLE_DOC], [test "x$enable_doc" = "xyes"]) # logic if doc_only is set, make sure conditionals are still defined AM_CONDITIONAL([HAVE_GNUNETPQ], [false]) AM_CONDITIONAL([HAVE_POSTGRESQL], [false]) +AM_CONDITIONAL([HAVE_TALERUTIL], [false]) +AM_CONDITIONAL([HAVE_TALERPQ], [false]) +AM_CONDITIONAL([HAVE_TALERMHD], [false]) +AM_CONDITIONAL([HAVE_TALERJSON], [false]) AM_CONDITIONAL([HAVE_TALERFAKEBANK], [false]) -AM_CONDITIONAL([HAVE_TSC], [false]) AM_CONDITIONAL([USE_COVERAGE], [false]) AM_CONDITIONAL([ENABLE_DOC], [true]) AM_CONDITIONAL([HAVE_TWISTER], [true]) @@ -355,6 +443,7 @@ contrib/Makefile doc/Makefile doc/doxygen/Makefile src/Makefile +src/bank/Makefile src/backend/Makefile src/backenddb/Makefile src/include/Makefile |