]> ruderich.org/simon Gitweb - tlsproxy/tlsproxy.git/blobdiff - configure.ac
ruderich.org/simon / tlsproxy / tlsproxy.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
src/tlsproxy.c: Minor documentation update.
[tlsproxy/tlsproxy.git] / configure.ac
diff --git a/configure.ac b/configure.ac
index e52a12e702b4fe241384d36c4cb1a7b5fdd00270..c71222a93dba29cd77a109a74daed2dcd9896c3e 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,20 @@
-AC_INIT([tlsproxy], [0.1], [simon@ruderich.org])
+dnl Copyright (C) 2011-2012  Simon Ruderich
+dnl
+dnl This program is free software: you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation, either version 3 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+AC_INIT([tlsproxy], [0.2], [simon@ruderich.org])
 
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_MACRO_DIR([m4])
@@ -9,18 +25,20 @@ AM_INIT_AUTOMAKE([foreign -Wall -Werror])
 AC_PROG_CC
 
 if test "x$GCC" = xyes; then
-    CFLAGS="-std=c89 -pedantic -Wall -Wextra -Werror -D_XOPEN_SOURCE=500 $CFLAGS"
+    CFLAGS="-std=c89 -pedantic -Wall -Wextra -Werror $CFLAGS"
+    CFLAGS="-D_XOPEN_SOURCE=500 -Wno-error=int-to-pointer-cast $CFLAGS"
+    # Additional security flags.
+    CFLAGS="$CFLAGS -Wformat -Wformat-security -Werror=format-security"
+    CFLAGS="$CFLAGS -fstack-protector-all -Wstack-protector"
+    CFLAGS="$CFLAGS --param ssp-buffer-size=1"
+    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2 -fPIE"
+    LDFLAGS="$LDFLAGS -Wl,-z,relro -Wl,-z,now -fPIE -pie"
 fi
 
-AC_CHECK_LIB([pthread], [pthread_create])
-if test "x$ac_cv_lib_pthread_pthread_create" != xyes; then
-   AC_MSG_ERROR([pthread is required])
-fi
-
-AC_CHECK_LIB([gnutls], [gnutls_certificate_verify_peers2])
-if test "x$ac_cv_lib_gnutls_gnutls_certificate_verify_peers2" != xyes; then
-   AC_MSG_ERROR([GnuTLS is required])
-fi
+AC_CHECK_LIB([pthread], [pthread_create],
+             [], [AC_MSG_ERROR([pthread is required])])
+AC_CHECK_LIB([gnutls], [gnutls_certificate_verify_peers2],
+             [], [AC_MSG_ERROR([GnuTLS is required])])
 
 AC_ARG_ENABLE([debug],
               [AC_HELP_STRING([--enable-debug], [enable debug output])],
@@ -28,6 +46,13 @@ AC_ARG_ENABLE([debug],
                    AC_DEFINE([DEBUG], 1, [Define to enable debug output.])
                fi])
 
+AC_ARG_ENABLE([ipv6],
+              [AC_HELP_STRING([--disable-ipv6],
+                              [disable IPv6, for IPv4 only network stacks])],
+              [if test "x$enableval" = xno; then
+                   AC_DEFINE([USE_IPV4_ONLY], 1, [Define to not use IPv6.])
+               fi])
+
 AC_CONFIG_HEADERS([config.h])
-AC_CONFIG_FILES([Makefile src/Makefile])
+AC_CONFIG_FILES([Makefile src/Makefile tests/Makefile])
 AC_OUTPUT
Certificate verifying tlsproxy, prevents MITMs by (manipulated) CAs by verifying the server certificate.