configure: Add an option to enable all optional features/plugins
[strongswan.git] / configure.ac
1 #
2 # Copyright (C) 2007-2014 Tobias Brunner
3 # Copyright (C) 2006-2013 Andreas Steffen
4 # Copyright (C) 2006-2013 Martin Willi
5 # Hochschule fuer Technik Rapperswil
6 #
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11 #
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17
18 # ============================
19 #  initialize & set some vars
20 # ============================
21
22 AC_INIT([strongSwan],[5.1.3dr1])
23 AM_INIT_AUTOMAKE(m4_esyscmd([
24         echo tar-ustar
25         echo subdir-objects
26         case `automake --version | head -n 1` in
27                 *" 1.9"*);;
28                 *" 1.10"*);;
29                 *" 1.11"*);;
30                 # don't use parallel test harness in 1.12 and up
31                 *) echo serial-tests;;
32         esac
33 ]))
34 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES])
35 AC_CONFIG_MACRO_DIR([m4/config])
36 AC_CONFIG_HEADERS([config.h])
37 AC_DEFINE([CONFIG_H_INCLUDED], [], [defined if config.h included])
38 PKG_PROG_PKG_CONFIG
39
40 m4_include(m4/macros/split-package-version.m4)
41 SPLIT_PACKAGE_VERSION
42
43 # =================================
44 #  check --enable-xxx & --with-xxx
45 # =================================
46
47 m4_include(m4/macros/with.m4)
48
49 ARG_WITH_SUBST([random-device],      [/dev/random], [set the device to read real random data from])
50 ARG_WITH_SUBST([urandom-device],     [/dev/urandom], [set the device to read pseudo random data from])
51 ARG_WITH_SUBST([strongswan-conf],    [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
52 ARG_WITH_SUBST([resolv-conf],        [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
53 ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX socket files])
54 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
55 ARG_WITH_SUBST([ipseclibdir],        [${libdir%/}/ipsec], [set installation path for ipsec libraries])
56 ARG_WITH_SUBST([plugindir],          [${ipseclibdir%/}/plugins], [set the installation path of plugins])
57 ARG_WITH_SUBST([imcvdir],            [${ipseclibdir%/}/imcvs], [set the installation path of IMC and IMV dynamic librariers])
58 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM backend uses to look up trusted root certificates])
59 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
60 ARG_WITH_SUBST([routing-table],      [220], [set routing table to use for IPsec routes])
61 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
62 ARG_WITH_SUBST([ipsec-script],       [ipsec], [change the name of the ipsec script])
63 ARG_WITH_SUBST([fips-mode],          [0], [set openssl FIPS mode: disabled(0), enabled(1), Suite B enabled(2)])
64
65 ARG_WITH_SET([tss],                  [no], [set implementation of the Trusted Computing Group's Software Stack (TSS). Currently the only supported value is "trousers"])
66 ARG_WITH_SET([capabilities],         [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
67 ARG_WITH_SET([mpz_powm_sec],         [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
68 ARG_WITH_SET([dev-headers],          [no], [install strongSwan development headers to directory.])
69
70 if test -n "$PKG_CONFIG"; then
71         systemdsystemunitdir_default=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
72 fi
73 ARG_WITH_SET([systemdsystemunitdir], [$systemdsystemunitdir_default], [directory for systemd service files])
74 AM_CONDITIONAL(HAVE_SYSTEMD, [test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno])
75 AC_SUBST(systemdsystemunitdir)
76
77 AC_ARG_WITH(
78         [user],
79         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
80         [AC_DEFINE_UNQUOTED([IPSEC_USER], "$withval", [username to run daemon with])
81          AC_SUBST(ipsecuser, "$withval")],
82         [AC_SUBST(ipsecuser, "root")]
83 )
84
85 AC_ARG_WITH(
86         [group],
87         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
88         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval", [groupname to run daemon with])
89          AC_SUBST(ipsecgroup, "$withval")],
90         [AC_SUBST(ipsecgroup, "root")]
91 )
92
93 AC_ARG_WITH(
94         [charon-udp-port],
95         AS_HELP_STRING([--with-charon-udp-port=port],[UDP port used by charon locally (default 500). Set to 0 to allocate randomly.]),
96         [AC_DEFINE_UNQUOTED(CHARON_UDP_PORT, [$withval], [UDP port used by charon locally])
97          AC_SUBST(charon_udp_port, [$withval])],
98         [AC_SUBST(charon_udp_port, 500)]
99 )
100
101 AC_ARG_WITH(
102         [charon-natt-port],
103         AS_HELP_STRING([--with-charon-natt-port=port],[UDP port used by charon locally in case a NAT is detected (must be different from charon-udp-port, default 4500). Set to 0 to allocate randomly.]),
104         [AC_DEFINE_UNQUOTED(CHARON_NATT_PORT, [$withval], [UDP post used by charon locally in case a NAT is detected])
105          AC_SUBST(charon_natt_port, [$withval])],
106         [AC_SUBST(charon_natt_port, 4500)]
107 )
108
109 AC_MSG_CHECKING([configured UDP ports ($charon_udp_port, $charon_natt_port)])
110 if test x$charon_udp_port != x0 -a x$charon_udp_port = x$charon_natt_port; then
111         AC_MSG_ERROR(the ports have to be different)
112 else
113         AC_MSG_RESULT(ok)
114 fi
115
116 # convert script name to uppercase
117 AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`])
118
119 m4_include(m4/macros/enable-disable.m4)
120
121 # crypto plugins
122 ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
123 ARG_ENABL_SET([af-alg],         [enable AF_ALG crypto interface to Linux Crypto API.])
124 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
125 ARG_ENABL_SET([ccm],            [enables the CCM AEAD wrapper crypto plugin.])
126 ARG_DISBL_SET([cmac],           [disable CMAC crypto implementation plugin.])
127 ARG_ENABL_SET([ctr],            [enables the Counter Mode wrapper crypto plugin.])
128 ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
129 ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
130 ARG_ENABL_SET([gcm],            [enables the GCM AEAD wrapper crypto plugin.])
131 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
132 ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
133 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
134 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
135 ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
136 ARG_DISBL_SET([nonce],          [disable nonce generation plugin.])
137 ARG_ENABL_SET([ntru],           [enables the NTRU crypto plugin.])
138 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
139 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
140 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
141 ARG_DISBL_SET([rc2],            [disable RC2 software implementation plugin.])
142 ARG_ENABL_SET([rdrand],         [enable Intel RDRAND random generator plugin.])
143 ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
144 ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
145 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
146 # encoding/decoding plugins
147 ARG_DISBL_SET([dnskey],         [disable DNS RR key decoding plugin.])
148 ARG_DISBL_SET([pem],            [disable PEM decoding plugin.])
149 ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
150 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
151 ARG_DISBL_SET([pkcs7],          [disable PKCS7 container support plugin.])
152 ARG_DISBL_SET([pkcs8],          [disable PKCS8 private key decoding plugin.])
153 ARG_DISBL_SET([pkcs12],         [disable PKCS12 container support plugin.])
154 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
155 ARG_DISBL_SET([sshkey],         [disable SSH key decoding plugin.])
156 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
157 # fetcher/resolver plugins
158 ARG_ENABL_SET([curl],           [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
159 ARG_ENABL_SET([ldap],           [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
160 ARG_ENABL_SET([soup],           [enable soup fetcher plugin to fetch from HTTP via libsoup. Requires libsoup.])
161 ARG_ENABL_SET([unbound],        [enable UNBOUND resolver plugin to perform DNS queries via libunbound. Requires libldns and libunbound.])
162 # database plugins
163 ARG_ENABL_SET([mysql],          [enable MySQL database support. Requires libmysqlclient_r.])
164 ARG_ENABL_SET([sqlite],         [enable SQLite database support. Requires libsqlite3.])
165 # authentication/credential plugins
166 ARG_ENABL_SET([addrblock],      [enables RFC 3779 address block constraint support.])
167 ARG_ENABL_SET([agent],          [enables the ssh-agent signing plugin.])
168 ARG_DISBL_SET([constraints],    [disable advanced X509 constraint checking plugin.])
169 ARG_ENABL_SET([coupling],       [enable IKEv2 plugin to couple peer certificates permanently to authentication.])
170 ARG_ENABL_SET([dnscert],        [enable DNSCERT authentication plugin.])
171 ARG_ENABL_SET([eap-sim],        [enable SIM authentication module for EAP.])
172 ARG_ENABL_SET([eap-sim-file],   [enable EAP-SIM backend based on a triplet file.])
173 ARG_ENABL_SET([eap-sim-pcsc],   [enable EAP-SIM backend based on a smartcard reader. Requires libpcsclite.])
174 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
175 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
176 ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
177 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
178 ARG_ENABL_SET([eap-simaka-reauth],    [enable EAP-SIM/AKA reauthentication data storage plugin.])
179 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
180 ARG_ENABL_SET([eap-md5],        [enable EAP MD5 (CHAP) authentication module.])
181 ARG_ENABL_SET([eap-gtc],        [enable EAP GTC authentication module.])
182 ARG_ENABL_SET([eap-mschapv2],   [enable EAP MS-CHAPv2 authentication module.])
183 ARG_ENABL_SET([eap-tls],        [enable EAP TLS authentication module.])
184 ARG_ENABL_SET([eap-ttls],       [enable EAP TTLS authentication module.])
185 ARG_ENABL_SET([eap-peap],       [enable EAP PEAP authentication module.])
186 ARG_ENABL_SET([eap-tnc],        [enable EAP TNC trusted network connect module.])
187 ARG_ENABL_SET([eap-dynamic],    [enable dynamic EAP proxy module.])
188 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authentication module.])
189 ARG_ENABL_SET([ipseckey],       [enable IPSECKEY authentication plugin.])
190 ARG_ENABL_SET([keychain],       [enables OS X Keychain Services credential set.])
191 ARG_ENABL_SET([pkcs11],         [enables the PKCS11 token support plugin.])
192 ARG_DISBL_SET([revocation],     [disable X509 CRL/OCSP revocation check plugin.])
193 ARG_ENABL_SET([whitelist],      [enable peer identity whitelisting plugin.])
194 ARG_DISBL_SET([xauth-generic],  [disable generic XAuth backend.])
195 ARG_ENABL_SET([xauth-eap],      [enable XAuth backend using EAP methods to verify passwords.])
196 ARG_ENABL_SET([xauth-pam],      [enable XAuth backend using PAM to verify passwords.])
197 ARG_ENABL_SET([xauth-noauth],   [enable XAuth pseudo-backend that does not actually verify or even request any credentials.])
198 # kernel interfaces / sockets
199 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
200 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
201 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
202 ARG_ENABL_SET([kernel-klips],   [enable the KLIPS kernel interface.])
203 ARG_ENABL_SET([kernel-libipsec],[enable the libipsec kernel interface.])
204 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
205 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
206 # configuration/control plugins
207 ARG_DISBL_SET([stroke],         [disable charons stroke configuration backend.])
208 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
209 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
210 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
211 # attribute provider/consumer plugins
212 ARG_ENABL_SET([android-dns],    [enable Android specific DNS handler.])
213 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
214 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
215 ARG_ENABL_SET([dhcp],           [enable DHCP based attribute provider plugin.])
216 ARG_ENABL_SET([osx-attr],       [enable OS X SystemConfiguration attribute handler.])
217 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
218 ARG_ENABL_SET([unity],          [enables Cisco Unity extension plugin.])
219 # TNC modules/plugins
220 ARG_ENABL_SET([imc-test],       [enable IMC test module.])
221 ARG_ENABL_SET([imv-test],       [enable IMV test module.])
222 ARG_ENABL_SET([imc-scanner],    [enable IMC port scanner module.])
223 ARG_ENABL_SET([imv-scanner],    [enable IMV port scanner module.])
224 ARG_ENABL_SET([imc-os],         [enable IMC operating system module.])
225 ARG_ENABL_SET([imv-os],         [enable IMV operating system module.])
226 ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.])
227 ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.])
228 ARG_ENABL_SET([imc-swid],       [enable IMC swid module.])
229 ARG_ENABL_SET([imv-swid],       [enable IMV swid module.])
230 ARG_ENABL_SET([tnc-ifmap],      [enable TNC IF-MAP module. Requires libxml])
231 ARG_ENABL_SET([tnc-imc],        [enable TNC IMC module.])
232 ARG_ENABL_SET([tnc-imv],        [enable TNC IMV module.])
233 ARG_ENABL_SET([tnc-pdp],        [enable TNC policy decision point module.])
234 ARG_ENABL_SET([tnccs-11],       [enable TNCCS 1.1 protocol module. Requires libxml])
235 ARG_ENABL_SET([tnccs-20],       [enable TNCCS 2.0 protocol module.])
236 ARG_ENABL_SET([tnccs-dynamic],  [enable dynamic TNCCS protocol discovery module.])
237 # misc plugins
238 ARG_ENABL_SET([android-log],    [enable Android specific logger plugin.])
239 ARG_ENABL_SET([certexpire],     [enable CSV export of expiration dates of used certificates.])
240 ARG_ENABL_SET([duplicheck],     [advanced duplicate checking plugin using liveness checks.])
241 ARG_ENABL_SET([error-notify],   [enable error notification plugin.])
242 ARG_ENABL_SET([farp],           [enable ARP faking plugin that responds to ARP requests to peers virtual IP])
243 ARG_ENABL_SET([ha],             [enable high availability cluster plugin.])
244 ARG_ENABL_SET([led],            [enable plugin to control LEDs on IKEv2 activity using the Linux kernel LED subsystem.])
245 ARG_ENABL_SET([load-tester],    [enable load testing plugin for IKEv2 daemon.])
246 ARG_ENABL_SET([lookip],         [enable fast virtual IP lookup and notification plugin.])
247 ARG_ENABL_SET([maemo],          [enable Maemo specific plugin.])
248 ARG_ENABL_SET([radattr],        [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.])
249 ARG_ENABL_SET([systime-fix],    [enable plugin to handle cert lifetimes with invalid system time gracefully.])
250 ARG_ENABL_SET([test-vectors],   [enable plugin providing crypto test vectors.])
251 ARG_ENABL_SET([unit-tester],    [enable unit tests on IKEv2 daemon startup.])
252 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
253 # programs/components
254 ARG_DISBL_SET([charon],         [disable the IKEv1/IKEv2 keying daemon charon.])
255 ARG_ENABL_SET([cmd],            [enable the command line IKE client charon-cmd.])
256 ARG_ENABL_SET([conftest],       [enforce Suite B conformance test framework.])
257 ARG_ENABL_SET([dumm],           [enable the DUMM UML test framework.])
258 ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ templates.])
259 ARG_ENABL_SET([libipsec],       [enable user space IPsec implementation.])
260 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
261 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
262 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
263 ARG_ENABL_SET([nm],             [enable NetworkManager backend.])
264 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
265 ARG_ENABL_SET([tkm],            [enable Trusted Key Manager support.])
266 ARG_DISBL_SET([tools],          [disable additional utilities (openac, scepclient and pki).])
267 # optional features
268 ARG_ENABL_SET([bfd-backtraces], [use binutils libbfd to resolve backtraces for memory leaks and segfaults.])
269 ARG_DISBL_SET([ikev1],          [disable IKEv1 protocol support in charon.])
270 ARG_DISBL_SET([ikev2],          [disable IKEv2 protocol support in charon.])
271 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
272 ARG_DISBL_SET([load-warning],   [disable the charon plugin load option warning in starter.])
273 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
274 ARG_ENABL_SET([unwind-backtraces],[use libunwind to create backtraces for memory leaks and segfaults.])
275 ARG_ENABL_SET([vstr],           [enforce using the Vstr string library to replace glibc-like printf hooks.])
276 # compile options
277 ARG_ENABL_SET([coverage],       [enable lcov coverage report generation.])
278 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
279 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
280 ARG_ENABL_SET([monolithic],     [build monolithic version of libstrongswan that includes all enabled plugins. Similarly, the plugins of charon are assembled in libcharon.])
281
282 # ===================================
283 #  option to disable default options
284 # ===================================
285
286 ARG_DISBL_SET([defaults],       [disable all default plugins (they can be enabled with their respective --enable options)])
287
288 if test x$defaults = xfalse; then
289         for option in $enabled_by_default; do
290                 eval test x\${${option}_given} = xtrue && continue
291                 eval $option=false
292         done
293 fi
294
295 # ==============================
296 #  option to enable all options
297 # ==============================
298
299 ARG_ENABL_SET([all],            [enable all plugins and features (they can be disabled with their respective --disable options). Mainly for testing.])
300
301 if test x$all_given = xtrue; then
302         for option in $disabled_by_default; do
303                 eval test x\${${option}_given} = xtrue && continue
304                 eval $option=true
305         done
306 fi
307
308 # ===========================
309 #  set up compiler and flags
310 # ===========================
311
312 if test -z "$CFLAGS"; then
313         CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign"
314 fi
315 AC_PROG_CC
316 AM_PROG_CC_C_O
317
318 AC_LIB_PREFIX
319 AC_C_BIGENDIAN
320
321 # =========================
322 #  check required programs
323 # =========================
324
325 LT_INIT
326 AC_PROG_INSTALL
327 AC_PROG_EGREP
328 AC_PROG_AWK
329 AC_PROG_LEX
330 AC_PROG_YACC
331 AM_PATH_PYTHON(,,[:])
332 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
333 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
334
335 # because gperf is not needed by end-users we just report it but do not abort on failure
336 AC_MSG_CHECKING([gperf version >= 3.0.0])
337 if test -x "$GPERF"; then
338         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
339                 AC_MSG_RESULT([yes])
340         else
341                 AC_MSG_RESULT([no])
342         fi
343 else
344         AC_MSG_RESULT([not found])
345 fi
346
347 # ========================
348 #  dependency calculation
349 # ========================
350
351 if test x$xauth_generic_given = xfalse -a x$ikev1 = xfalse; then
352         xauth_generic=false;
353 fi
354
355 if test x$kernel_libipsec = xtrue; then
356         libipsec=true;
357 fi
358
359 if test x$eap_aka_3gpp2 = xtrue; then
360         gmp=true;
361 fi
362
363 if test x$eap_aka = xtrue; then
364         fips_prf=true;
365         simaka=true;
366 fi
367
368 if test x$eap_sim = xtrue; then
369         fips_prf=true;
370         simaka=true;
371 fi
372
373 if test x$eap_radius = xtrue -o x$radattr = xtrue -o x$tnc_pdp = xtrue; then
374         radius=true;
375 fi
376
377 if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then
378         tnc_tnccs=true;
379 fi
380
381 if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue -o x$tnc_tnccs = xtrue; then
382         tls=true;
383 fi
384
385 if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swid = xtrue -o x$imv_swid = xtrue; then
386         imcv=true;
387 fi
388
389 if test x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swid = xtrue -o x$imv_swid = xtrue; then
390         pts=true;
391 fi
392
393 if test x$fips_prf = xtrue; then
394         if test x$openssl = xfalse; then
395                 sha1=true;
396         fi
397 fi
398
399 if test x$smp = xtrue -o x$tnccs_11 = xtrue -o x$tnc_ifmap = xtrue; then
400         xml=true
401 fi
402
403 if test x$manager = xtrue; then
404         fast=true
405 fi
406
407 if test x$medsrv = xtrue; then
408         mediation=true
409         fast=true
410 fi
411
412 if test x$medcli = xtrue; then
413         mediation=true
414 fi
415
416 # ===========================================
417 #  check required libraries and header files
418 # ===========================================
419
420 AC_HEADER_STDBOOL
421 AC_FUNC_ALLOCA
422 AC_FUNC_STRERROR_R
423
424 #  libraries needed on some platforms but not on others
425 # ------------------------------------------------------
426 saved_LIBS=$LIBS
427
428 # FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
429 LIBS=""
430 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
431 AC_SUBST(DLLIB)
432
433 # glibc's backtrace() can be replicated on FreeBSD with libexecinfo
434 LIBS=""
435 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
436 AC_CHECK_FUNCS(backtrace)
437 AC_SUBST(BTLIB)
438
439 # OpenSolaris needs libsocket and libnsl for socket()
440 LIBS=""
441 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
442         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
443 )
444 AC_SUBST(SOCKLIB)
445
446 # FreeBSD has clock_gettime in libc, Linux needs librt
447 LIBS=""
448 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
449 AC_CHECK_FUNCS(clock_gettime)
450 AC_SUBST(RTLIB)
451
452 # Android has pthread_* functions in bionic (libc), others need libpthread
453 LIBS=""
454 AC_SEARCH_LIBS(pthread_create, pthread, [PTHREADLIB=$LIBS])
455 AC_SUBST(PTHREADLIB)
456
457 LIBS=$saved_LIBS
458 # ------------------------------------------------------
459
460 AC_MSG_CHECKING(for dladdr)
461 AC_COMPILE_IFELSE(
462         [AC_LANG_PROGRAM(
463                 [[#define _GNU_SOURCE
464                   #include <dlfcn.h>]],
465                 [[Dl_info* info = 0;
466                   dladdr(0, info);]])],
467         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR], [], [have dladdr()])],
468         [AC_MSG_RESULT([no])]
469 )
470
471 # check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
472 saved_LIBS=$LIBS
473 LIBS=$PTHREADLIB
474 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
475 AC_RUN_IFELSE(
476         [AC_LANG_SOURCE(
477                 [[#include <pthread.h>
478                   int main() { pthread_condattr_t attr;
479                         pthread_condattr_init(&attr);
480                         return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}]])],
481         [AC_MSG_RESULT([yes]);
482          AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
483                            [pthread_condattr_setclock supports CLOCK_MONOTONIC])],
484         [AC_MSG_RESULT([no])],
485         # Check existence of pthread_condattr_setclock if cross-compiling
486         [AC_MSG_RESULT([unknown]);
487          AC_CHECK_FUNCS(pthread_condattr_setclock,
488                 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
489                                    [have pthread_condattr_setclock()])]
490         )]
491 )
492 # check if we actually are able to configure attributes on cond vars
493 AC_CHECK_FUNCS(pthread_condattr_init)
494 # instead of pthread_condattr_setclock Android has this function
495 AC_CHECK_FUNCS(pthread_cond_timedwait_monotonic)
496 # check if we can cancel threads
497 AC_CHECK_FUNCS(pthread_cancel)
498 # check if native rwlocks are available
499 AC_CHECK_FUNCS(pthread_rwlock_init)
500 # check if pthread spinlocks are available
501 AC_CHECK_FUNCS(pthread_spin_init)
502 # check if we have POSIX semaphore functions, including timed-wait
503 AC_CHECK_FUNCS(sem_timedwait)
504 LIBS=$saved_LIBS
505
506 AC_CHECK_FUNC(
507         [gettid],
508         [AC_DEFINE([HAVE_GETTID], [], [have gettid()])],
509         [AC_MSG_CHECKING([for SYS_gettid])
510          AC_COMPILE_IFELSE(
511                 [AC_LANG_PROGRAM(
512                         [[#define _GNU_SOURCE
513                           #include <unistd.h>
514                           #include <sys/syscall.h>]],
515                         [[int main() {
516                           return syscall(SYS_gettid);}]])],
517                 [AC_MSG_RESULT([yes]);
518                  AC_DEFINE([HAVE_GETTID], [], [have gettid()])
519                  AC_DEFINE([HAVE_SYS_GETTID], [], [have syscall(SYS_gettid)])],
520                 [AC_MSG_RESULT([no])]
521         )]
522 )
523
524 AC_CHECK_FUNC(
525         [qsort_r],
526         [
527                 AC_DEFINE([HAVE_QSORT_R], [], [have qsort_r()])
528                 # set -Werror so that we get an error for "argument ... has
529                 # incompatible pointer type" warnings
530                 save_CFLAGS="$CFLAGS"
531                 CFLAGS="$CFLAGS -Werror"
532                 AC_MSG_CHECKING([for GNU-style qsort_r])
533                 AC_COMPILE_IFELSE(
534                         [AC_LANG_PROGRAM(
535                                 [[#define _GNU_SOURCE
536                                   #include <stdlib.h>
537                                   int cmp (const void *a, const void *b, void *x) { return 0; }]],
538                                 [[int arr[] = { 0, 1 };
539                                   qsort_r(arr, 2, sizeof(int), cmp, arr);]])],
540                 [AC_MSG_RESULT([yes]);
541                  AC_DEFINE([HAVE_QSORT_R_GNU], [], [have GNU-style qsort_r()])],
542                 [
543                         AC_MSG_RESULT([no]);
544                         AC_MSG_CHECKING([for BSD-style qsort_r])
545                         AC_COMPILE_IFELSE(
546                                 [AC_LANG_PROGRAM(
547                                         [[#include <stdlib.h>
548                                           int cmp (void *x, const void *a, const void *b) { return 0; }]],
549                                         [[int arr[] = { 0, 1 };
550                                           qsort_r(arr, 2, sizeof(int), arr, cmp);]])],
551                         [AC_MSG_RESULT([yes]);
552                          AC_DEFINE([HAVE_QSORT_R_BSD], [], [have BSD-style qsort_r()])],
553                         [AC_MSG_RESULT([no]);
554                          AC_MSG_FAILURE([qsort_r has unknown semantics])])
555                 ])
556                 CFLAGS="$save_CFLAGS"
557         ]
558 )
559
560 AC_CHECK_FUNCS(prctl mallinfo getpass closefrom getpwnam_r getgrnam_r getpwuid_r)
561 AC_CHECK_FUNCS(fmemopen funopen mmap memrchr)
562
563 AC_CHECK_HEADERS(sys/sockio.h glob.h net/if_tun.h linux/fib_rules.h)
564 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
565 AC_CHECK_HEADERS(netinet/ip6.h, [], [],
566 [
567         #include <sys/types.h>
568         #include <netinet/in.h>
569 ])
570
571 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
572 [
573         #include <sys/types.h>
574         #include <sys/socket.h>
575 ])
576
577 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
578 [
579         #include <sys/types.h>
580         #ifdef HAVE_NET_PFKEYV2_H
581         #include <net/pfkeyv2.h>
582         #else
583         #include <stdint.h>
584         #include <linux/pfkeyv2.h>
585         #endif
586 ])
587
588 AC_MSG_CHECKING([for in6addr_any])
589 AC_COMPILE_IFELSE(
590         [AC_LANG_PROGRAM(
591                 [[#include <sys/types.h>
592                   #include <sys/socket.h>
593                   #include <netinet/in.h>]],
594                 [[struct in6_addr in6;
595                   in6 = in6addr_any;]])],
596         [AC_MSG_RESULT([yes]);
597          AC_DEFINE([HAVE_IN6ADDR_ANY], [], [have struct in6_addr in6addr_any])],
598         [AC_MSG_RESULT([no])]
599 )
600
601 AC_MSG_CHECKING([for in6_pktinfo])
602 AC_COMPILE_IFELSE(
603         [AC_LANG_PROGRAM(
604                 [[#define _GNU_SOURCE
605                   #include <sys/types.h>
606                   #include <sys/socket.h>
607                   #include <netinet/in.h>]],
608                 [[struct in6_pktinfo pi;
609                   if (pi.ipi6_ifindex)
610                   {
611                     return 0;
612                   }]])],
613         [AC_MSG_RESULT([yes]);
614          AC_DEFINE([HAVE_IN6_PKTINFO], [], [have struct in6_pktinfo.ipi6_ifindex])],
615         [AC_MSG_RESULT([no])]
616 )
617
618 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
619 AC_COMPILE_IFELSE(
620         [AC_LANG_PROGRAM(
621                 [[#include <sys/types.h>
622                   #ifdef HAVE_NETIPSEC_IPSEC_H
623                   #include <netipsec/ipsec.h>
624                   #elif defined(HAVE_NETINET6_IPSEC_H)
625                   #include <netinet6/ipsec.h>
626                   #else
627                   #include <stdint.h>
628                   #include <linux/ipsec.h>
629                   #endif]],
630                 [[int mode = IPSEC_MODE_BEET;
631                   return mode;]])],
632         [AC_MSG_RESULT([yes]);
633          AC_DEFINE([HAVE_IPSEC_MODE_BEET], [], [have IPSEC_MODE_BEET defined])],
634         [AC_MSG_RESULT([no])]
635 )
636
637 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
638 AC_COMPILE_IFELSE(
639         [AC_LANG_PROGRAM(
640                 [[#include <sys/types.h>
641                   #ifdef HAVE_NETIPSEC_IPSEC_H
642                   #include <netipsec/ipsec.h>
643                   #elif defined(HAVE_NETINET6_IPSEC_H)
644                   #include <netinet6/ipsec.h>
645                   #else
646                   #include <stdint.h>
647                   #include <linux/ipsec.h>
648                   #endif]],
649                 [[int dir = IPSEC_DIR_FWD;
650                   return dir;]])],
651         [AC_MSG_RESULT([yes]);
652          AC_DEFINE([HAVE_IPSEC_DIR_FWD], [], [have IPSEC_DIR_FWD defined])],
653         [AC_MSG_RESULT([no])]
654 )
655
656 AC_MSG_CHECKING([for RTA_TABLE])
657 AC_COMPILE_IFELSE(
658         [AC_LANG_PROGRAM(
659                 [[#include <sys/socket.h>
660                   #include <linux/netlink.h>
661                   #include <linux/rtnetlink.h>]],
662                 [[int rta_type = RTA_TABLE;
663                   return rta_type;]])],
664         [AC_MSG_RESULT([yes]);
665          AC_DEFINE([HAVE_RTA_TABLE], [], [have netlink RTA_TABLE defined])],
666         [AC_MSG_RESULT([no])]
667 )
668
669 AC_MSG_CHECKING([for gcc atomic operations])
670 AC_RUN_IFELSE([AC_LANG_SOURCE(
671         [[
672                         int main() {
673                         volatile int ref = 1;
674                         __sync_fetch_and_add (&ref, 1);
675                         __sync_sub_and_fetch (&ref, 1);
676                         /* Make sure test fails if operations are not supported */
677                         __sync_val_compare_and_swap(&ref, 1, 0);
678                         return ref;
679                 }
680         ]])],
681         [AC_MSG_RESULT([yes]);
682          AC_DEFINE([HAVE_GCC_ATOMIC_OPERATIONS], [],
683                    [have GCC __sync_* atomic operations])],
684         [AC_MSG_RESULT([no])],
685         [AC_MSG_RESULT([no])]
686 )
687
688 # check for the new register_printf_specifier function with len argument,
689 # or the deprecated register_printf_function without
690 AC_CHECK_FUNC(
691         [register_printf_specifier],
692         [AC_DEFINE([HAVE_PRINTF_SPECIFIER], [], [have register_printf_specifier()])],
693         [AC_CHECK_FUNC(
694                 [register_printf_function],
695                 [AC_DEFINE([HAVE_PRINTF_FUNCTION], [], [have register_printf_function()])],
696                 [
697                         AC_MSG_NOTICE([printf does not support custom format specifiers!])
698                         builtin_printf=true
699                 ]
700         )]
701 )
702
703 if test x$vstr = xtrue; then
704         AC_CHECK_LIB([vstr],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])],[])
705         AC_DEFINE([USE_VSTR], [], [use Vstr string library for printf hooks])
706         builtin_printf=false
707 fi
708
709 if test x$builtin_printf = xtrue; then
710         AC_DEFINE([USE_BUILTIN_PRINTF], [], [using builtin printf for printf hooks])
711 fi
712
713 if test x$gmp = xtrue; then
714         saved_LIBS=$LIBS
715         AC_CHECK_LIB([gmp],[main],[],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])],[])
716         AC_MSG_CHECKING([mpz_powm_sec])
717         if test x$mpz_powm_sec = xyes; then
718                 AC_COMPILE_IFELSE(
719                         [AC_LANG_PROGRAM(
720                                 [[#include "gmp.h"]],
721                                 [[void *x = mpz_powm_sec;]])],
722                         [AC_MSG_RESULT([yes]);
723                          AC_DEFINE([HAVE_MPZ_POWM_SEC], [], [have mpz_mown_sec()])],
724                         [AC_MSG_RESULT([no])]
725                 )
726         else
727                 AC_MSG_RESULT([disabled])
728         fi
729         LIBS=$saved_LIBS
730         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
731         AC_COMPILE_IFELSE(
732                 [AC_LANG_PROGRAM(
733                         [[#include "gmp.h"]],
734                         [[
735                                 #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
736                                         #error bad gmp
737                                 #endif]])],
738                 [AC_MSG_RESULT([yes])],
739                 [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
740         )
741 fi
742
743 if test x$ldap = xtrue; then
744         AC_CHECK_LIB([ldap],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])],[])
745         AC_CHECK_LIB([lber],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])],[])
746         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
747 fi
748
749 if test x$curl = xtrue; then
750         AC_CHECK_LIB([curl],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])],[])
751         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
752 fi
753
754 if test x$unbound = xtrue; then
755         AC_HAVE_LIBRARY([ldns],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library ldns not found])])
756         AC_CHECK_HEADER([ldns/ldns.h],,[AC_MSG_ERROR([UNBOUND header ldns/ldns.h not found!])])
757         AC_HAVE_LIBRARY([unbound],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library libunbound not found])])
758         AC_CHECK_HEADER([unbound.h],,[AC_MSG_ERROR([UNBOUND header unbound.h not found!])])
759 fi
760
761 if test x$soup = xtrue; then
762         PKG_CHECK_MODULES(soup, [libsoup-2.4])
763         AC_SUBST(soup_CFLAGS)
764         AC_SUBST(soup_LIBS)
765 fi
766
767 if test x$xml = xtrue; then
768         PKG_CHECK_MODULES(xml, [libxml-2.0])
769         AC_SUBST(xml_CFLAGS)
770         AC_SUBST(xml_LIBS)
771 fi
772
773 if test x$tss = xtrousers; then
774         AC_CHECK_LIB([tspi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([TrouSerS library libtspi not found])],[])
775         AC_CHECK_HEADER([trousers/tss.h],,[AC_MSG_ERROR([TrouSerS header trousers/tss.h not found!])])
776         AC_DEFINE([TSS_TROUSERS], [], [use TrouSerS library libtspi as TSS implementation])
777 fi
778
779 if test x$dumm = xtrue; then
780         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
781         AC_SUBST(gtk_CFLAGS)
782         AC_SUBST(gtk_LIBS)
783         AC_CHECK_PROGS(RUBY, ruby)
784         AC_MSG_CHECKING([for Ruby header files])
785         if test -n "$RUBY"; then
786                 RUBYINCLUDE=
787                 RUBYDIR=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["rubyhdrdir"]] || ""') 2>/dev/null`
788                 if test -n "$RUBYDIR" -a -r "$RUBYDIR/ruby.h"; then
789                         RUBYARCH=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["arch"]] || ""') 2>/dev/null`
790                         if test -n "$RUBYARCH"; then
791                                 AC_MSG_RESULT([$RUBYDIR])
792                                 RUBYINCLUDE="-I$RUBYDIR -I$RUBYDIR/$RUBYARCH"
793                         fi
794                 else
795                         RUBYDIR=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["archdir"]] || ""') 2>/dev/null`
796                         if test -n "$RUBYDIR" -a -r "$RUBYDIR/ruby.h"; then
797                                 AC_MSG_RESULT([$RUBYDIR])
798                                 RUBYINCLUDE="-I$RUBYDIR"
799                         fi
800                 fi
801                 if test -z "$RUBYINCLUDE"; then
802                         AC_MSG_ERROR([ruby.h not found])
803                 fi
804                 AC_SUBST(RUBYINCLUDE)
805         else
806                 AC_MSG_ERROR([don't know how to run ruby])
807         fi
808         AC_MSG_CHECKING([for libruby])
809         saved_LIBS=$LIBS
810         LIBS=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["LIBRUBYARG_SHARED"]] || ""') 2>/dev/null`
811         AC_TRY_LINK_FUNC(ruby_init,
812                 [AC_MSG_RESULT([$LIBS]); RUBYLIB=$LIBS],
813                 [AC_MSG_ERROR([not found])])
814         AC_SUBST(RUBYLIB)
815         AC_CHECK_FUNCS(rb_errinfo)
816         LIBS=$saved_LIBS
817 fi
818
819 if test x$fast = xtrue; then
820         AC_CHECK_LIB([neo_cgi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])],[])
821         AC_CHECK_LIB([neo_utl],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])],[])
822         AC_MSG_CHECKING([ClearSilver requires zlib])
823         saved_CFLAGS=$CFLAGS
824         saved_LIBS=$LIBS
825         LIBS="-lneo_cgi -lneo_cs -lneo_utl"
826         CFLAGS="-I/usr/include/ClearSilver"
827         AC_LINK_IFELSE(
828                 [AC_LANG_PROGRAM(
829                         [[#include <ClearSilver.h>]],
830                         [[NEOERR *err = cgi_display(NULL, NULL);]])],
831                 [AC_MSG_RESULT([no]); clearsilver_LIBS="$LIBS"],
832                 [AC_MSG_RESULT([yes]); clearsilver_LIBS="$LIBS -lz"]
833         )
834         AC_SUBST(clearsilver_LIBS)
835         LIBS=$saved_LIBS
836         CFLAGS=$saved_CFLAGS
837 # autoconf does not like CamelCase!? How to fix this?
838 #       AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
839
840         AC_CHECK_LIB([fcgi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])],[])
841         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
842 fi
843
844 if test x$mysql = xtrue; then
845         AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
846         if test x$MYSQLCONFIG = x; then
847                 AC_MSG_ERROR([mysql_config not found!])
848         fi
849         AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
850         AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
851 fi
852
853 if test x$sqlite = xtrue; then
854         AC_CHECK_LIB([sqlite3],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])],[])
855         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
856         AC_MSG_CHECKING([sqlite3_prepare_v2])
857         AC_COMPILE_IFELSE(
858                 [AC_LANG_PROGRAM(
859                         [[#include <sqlite3.h>]],
860                         [[void *test = sqlite3_prepare_v2;]])],
861                 [AC_MSG_RESULT([yes]);
862                  AC_DEFINE([HAVE_SQLITE3_PREPARE_V2], [], [have sqlite3_prepare_v2()])],
863                 [AC_MSG_RESULT([no])]
864         )
865         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
866         AC_COMPILE_IFELSE(
867                 [AC_LANG_PROGRAM(
868                         [[#include <sqlite3.h>]],
869                         [[
870                                 #if SQLITE_VERSION_NUMBER < 3003001
871                                         #error bad sqlite
872                                 #endif]])],
873                 [AC_MSG_RESULT([yes])],
874                 [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])]
875         )
876 fi
877
878 if test x$openssl = xtrue; then
879         AC_CHECK_LIB([crypto],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])],[])
880         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
881 fi
882
883 if test x$gcrypt = xtrue; then
884         AC_CHECK_LIB([gcrypt],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
885         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
886         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
887         AC_COMPILE_IFELSE(
888                 [AC_LANG_PROGRAM(
889                         [[#include <gcrypt.h>]],
890                         [[enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;]])],
891                 [AC_MSG_RESULT([yes]);
892                  AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA], [], [have GCRY_CIPHER_CAMELLIA128])],
893                 [AC_MSG_RESULT([no])]
894         )
895 fi
896
897 if test x$uci = xtrue; then
898         AC_CHECK_LIB([uci],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[])
899         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
900 fi
901
902 if test x$android_dns = xtrue; then
903         AC_CHECK_LIB([cutils],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])],[])
904         AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
905         # we have to force the use of libdl here because the autodetection
906         # above does not work correctly when cross-compiling for android.
907         DLLIB="-ldl"
908         AC_SUBST(DLLIB)
909 fi
910
911 if test x$maemo = xtrue; then
912         PKG_CHECK_MODULES(maemo, [glib-2.0 gthread-2.0 libosso osso-af-settings])
913         AC_SUBST(maemo_CFLAGS)
914         AC_SUBST(maemo_LIBS)
915         dbusservicedir="/usr/share/dbus-1/system-services"
916         AC_SUBST(dbusservicedir)
917 fi
918
919 if test x$eap_sim_pcsc = xtrue; then
920         PKG_CHECK_MODULES(pcsclite, [libpcsclite])
921         AC_SUBST(pcsclite_CFLAGS)
922         AC_SUBST(pcsclite_LIBS)
923 fi
924
925 if test x$nm = xtrue; then
926         PKG_CHECK_EXISTS([libnm-glib],
927                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-util libnm-glib libnm-glib-vpn])],
928                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_util libnm_glib libnm_glib_vpn])]
929         )
930         AC_SUBST(nm_CFLAGS)
931         AC_SUBST(nm_LIBS)
932 fi
933
934 if test x$xauth_pam = xtrue; then
935         AC_CHECK_LIB([pam],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])],[])
936         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
937 fi
938
939 if test x$capabilities = xnative; then
940         AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead])
941         # Linux requires the following for capset(), Android does not have it,
942         # but defines capset() in unistd.h instead.
943         AC_CHECK_HEADERS([sys/capability.h])
944         AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])])
945         AC_DEFINE([CAPABILITIES_NATIVE], [], [have native linux capset()])
946 fi
947
948 if test x$capabilities = xlibcap; then
949         AC_CHECK_LIB([cap],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])],[])
950         AC_CHECK_HEADER([sys/capability.h],
951                 [AC_DEFINE([HAVE_SYS_CAPABILITY_H], [], [have sys/capability.h])],
952                 [AC_MSG_ERROR([libcap header sys/capability.h not found!])])
953         AC_DEFINE([CAPABILITIES_LIBCAP], [], [have libpcap library])
954 fi
955
956 if test x$integrity_test = xtrue; then
957         AC_MSG_CHECKING([for dladdr()])
958         AC_COMPILE_IFELSE(
959                 [AC_LANG_PROGRAM(
960                         [[#define _GNU_SOURCE
961                           #include <dlfcn.h>]],
962                         [[Dl_info info; dladdr(main, &info);]])],
963                 [AC_MSG_RESULT([yes])],
964                 [AC_MSG_RESULT([no]);
965                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
966         )
967         AC_MSG_CHECKING([for dl_iterate_phdr()])
968         AC_COMPILE_IFELSE(
969                 [AC_LANG_PROGRAM(
970                         [[#define _GNU_SOURCE
971                           #include <link.h>]],
972                         [[dl_iterate_phdr((void*)0, (void*)0);]])],
973                 [AC_MSG_RESULT([yes])],
974                 [AC_MSG_RESULT([no]);
975                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
976         )
977 fi
978
979 if test x$bfd_backtraces = xtrue; then
980         AC_CHECK_LIB([bfd],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([binutils libbfd not found!])],[])
981         AC_CHECK_HEADER([bfd.h],[AC_DEFINE([HAVE_BFD_H],,[have binutils bfd.h])],
982                 [AC_MSG_ERROR([binutils bfd.h header not found!])])
983         BFDLIB="-lbfd"
984         AC_SUBST(BFDLIB)
985 fi
986
987 if test x$unwind_backtraces = xtrue; then
988         AC_CHECK_LIB([unwind],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([libunwind not found!])],[])
989         AC_CHECK_HEADER([libunwind.h],[AC_DEFINE([HAVE_LIBUNWIND_H],,[have libunwind.h])],
990                 [AC_MSG_ERROR([libunwind.h header not found!])])
991         UNWINDLIB="-lunwind"
992         AC_SUBST(UNWINDLIB)
993 fi
994
995 AM_CONDITIONAL(USE_DEV_HEADERS, [test "x$dev_headers" != xno])
996 if test x$dev_headers = xyes; then
997         dev_headers="$includedir/strongswan"
998 fi
999 AC_SUBST(dev_headers)
1000
1001 CFLAGS="$CFLAGS -include `pwd`/config.h"
1002
1003 if test x$tkm = xtrue; then
1004         AC_PATH_PROG([GPRBUILD], [gprbuild], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1005         if test x$GPRBUILD = x; then
1006                 AC_MSG_ERROR([gprbuild not found])
1007         fi
1008 fi
1009
1010 if test x$coverage = xtrue; then
1011         AC_PATH_PROG([LCOV], [lcov], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1012         if test x$LCOV = x; then
1013                 AC_MSG_ERROR([lcov not found])
1014         fi
1015         AC_PATH_PROG([GENHTML], [genhtml], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1016         if test x$GENHTML = x; then
1017                 AC_MSG_ERROR([genhtml not found])
1018         fi
1019
1020         COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage"
1021         COVERAGE_LDFLAGS="-fprofile-arcs"
1022         AC_SUBST(COVERAGE_CFLAGS)
1023         AC_SUBST(COVERAGE_LDFLAGS)
1024
1025         AC_MSG_NOTICE([coverage enabled, adding "-g -O0" to CFLAGS])
1026         CFLAGS="${CFLAGS} -g -O0"
1027 fi
1028
1029 # ===============================================
1030 #  collect plugin list for strongSwan components
1031 # ===============================================
1032
1033 m4_include(m4/macros/add-plugin.m4)
1034
1035 # plugin lists for all components
1036 charon_plugins=
1037 starter_plugins=
1038 pool_plugins=
1039 attest_plugins=
1040 openac_plugins=
1041 scepclient_plugins=
1042 pki_plugins=
1043 scripts_plugins=
1044 manager_plugins=
1045 medsrv_plugins=
1046 nm_plugins=
1047 cmd_plugins=
1048
1049 # location specific lists for checksumming,
1050 # for src/libcharon, src/libhydra, src/libstrongswan and src/libtnccs
1051 c_plugins=
1052 h_plugins=
1053 s_plugins=
1054 t_plugins=
1055
1056 ADD_PLUGIN([test-vectors],         [s charon openac scepclient pki])
1057 ADD_PLUGIN([curl],                 [s charon scepclient scripts nm cmd])
1058 ADD_PLUGIN([soup],                 [s charon scripts nm cmd])
1059 ADD_PLUGIN([unbound],              [s charon scripts])
1060 ADD_PLUGIN([ldap],                 [s charon scepclient scripts nm cmd])
1061 ADD_PLUGIN([mysql],                [s charon pool manager medsrv attest])
1062 ADD_PLUGIN([sqlite],               [s charon pool manager medsrv attest])
1063 ADD_PLUGIN([pkcs11],               [s charon pki nm cmd])
1064 ADD_PLUGIN([aes],                  [s charon openac scepclient pki scripts nm cmd])
1065 ADD_PLUGIN([des],                  [s charon openac scepclient pki scripts nm cmd])
1066 ADD_PLUGIN([blowfish],             [s charon openac scepclient pki scripts nm cmd])
1067 ADD_PLUGIN([rc2],                  [s charon openac scepclient pki scripts nm cmd])
1068 ADD_PLUGIN([sha1],                 [s charon openac scepclient pki scripts medsrv attest nm cmd])
1069 ADD_PLUGIN([sha2],                 [s charon openac scepclient pki scripts medsrv attest nm cmd])
1070 ADD_PLUGIN([md4],                  [s charon openac manager scepclient pki nm cmd])
1071 ADD_PLUGIN([md5],                  [s charon openac scepclient pki scripts attest nm cmd])
1072 ADD_PLUGIN([rdrand],               [s charon openac scepclient pki scripts medsrv attest nm cmd])
1073 ADD_PLUGIN([random],               [s charon openac scepclient pki scripts medsrv attest nm cmd])
1074 ADD_PLUGIN([nonce],                [s charon nm cmd])
1075 ADD_PLUGIN([x509],                 [s charon openac scepclient pki scripts attest nm cmd])
1076 ADD_PLUGIN([revocation],           [s charon nm cmd])
1077 ADD_PLUGIN([constraints],          [s charon nm cmd])
1078 ADD_PLUGIN([pubkey],               [s charon cmd])
1079 ADD_PLUGIN([pkcs1],                [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
1080 ADD_PLUGIN([pkcs7],                [s charon scepclient pki scripts nm cmd])
1081 ADD_PLUGIN([pkcs8],                [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
1082 ADD_PLUGIN([pkcs12],               [s charon scepclient pki scripts cmd])
1083 ADD_PLUGIN([pgp],                  [s charon])
1084 ADD_PLUGIN([dnskey],               [s charon pki])
1085 ADD_PLUGIN([sshkey],               [s charon pki nm cmd])
1086 ADD_PLUGIN([dnscert],              [c charon])
1087 ADD_PLUGIN([ipseckey],             [c charon])
1088 ADD_PLUGIN([pem],                  [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
1089 ADD_PLUGIN([padlock],              [s charon])
1090 ADD_PLUGIN([openssl],              [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
1091 ADD_PLUGIN([gcrypt],               [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
1092 ADD_PLUGIN([af-alg],               [s charon openac scepclient pki scripts medsrv attest nm cmd])
1093 ADD_PLUGIN([fips-prf],             [s charon nm cmd])
1094 ADD_PLUGIN([gmp],                  [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
1095 ADD_PLUGIN([agent],                [s charon nm cmd])
1096 ADD_PLUGIN([keychain],             [s charon cmd])
1097 ADD_PLUGIN([xcbc],                 [s charon nm cmd])
1098 ADD_PLUGIN([cmac],                 [s charon nm cmd])
1099 ADD_PLUGIN([hmac],                 [s charon scripts nm cmd])
1100 ADD_PLUGIN([ctr],                  [s charon scripts nm cmd])
1101 ADD_PLUGIN([ccm],                  [s charon scripts nm cmd])
1102 ADD_PLUGIN([gcm],                  [s charon scripts nm cmd])
1103 ADD_PLUGIN([ntru],                 [s charon scripts nm cmd])
1104 ADD_PLUGIN([attr],                 [h charon])
1105 ADD_PLUGIN([attr-sql],             [h charon])
1106 ADD_PLUGIN([load-tester],          [c charon])
1107 ADD_PLUGIN([kernel-libipsec],      [c charon cmd])
1108 ADD_PLUGIN([kernel-pfkey],         [h charon starter nm cmd])
1109 ADD_PLUGIN([kernel-pfroute],       [h charon starter nm cmd])
1110 ADD_PLUGIN([kernel-klips],         [h charon starter])
1111 ADD_PLUGIN([kernel-netlink],       [h charon starter nm cmd])
1112 ADD_PLUGIN([resolve],              [h charon cmd])
1113 ADD_PLUGIN([socket-default],       [c charon nm cmd])
1114 ADD_PLUGIN([socket-dynamic],       [c charon cmd])
1115 ADD_PLUGIN([farp],                 [c charon])
1116 ADD_PLUGIN([stroke],               [c charon])
1117 ADD_PLUGIN([smp],                  [c charon])
1118 ADD_PLUGIN([sql],                  [c charon])
1119 ADD_PLUGIN([updown],               [c charon])
1120 ADD_PLUGIN([eap-identity],         [c charon nm cmd])
1121 ADD_PLUGIN([eap-sim],              [c charon])
1122 ADD_PLUGIN([eap-sim-file],         [c charon])
1123 ADD_PLUGIN([eap-sim-pcsc],         [c charon])
1124 ADD_PLUGIN([eap-aka],              [c charon])
1125 ADD_PLUGIN([eap-aka-3gpp2],        [c charon])
1126 ADD_PLUGIN([eap-simaka-sql],       [c charon])
1127 ADD_PLUGIN([eap-simaka-pseudonym], [c charon])
1128 ADD_PLUGIN([eap-simaka-reauth],    [c charon])
1129 ADD_PLUGIN([eap-md5],              [c charon nm cmd])
1130 ADD_PLUGIN([eap-gtc],              [c charon nm cmd])
1131 ADD_PLUGIN([eap-mschapv2],         [c charon nm cmd])
1132 ADD_PLUGIN([eap-dynamic],          [c charon])
1133 ADD_PLUGIN([eap-radius],           [c charon])
1134 ADD_PLUGIN([eap-tls],              [c charon nm cmd])
1135 ADD_PLUGIN([eap-ttls],             [c charon nm cmd])
1136 ADD_PLUGIN([eap-peap],             [c charon nm cmd])
1137 ADD_PLUGIN([eap-tnc],              [c charon])
1138 ADD_PLUGIN([xauth-generic],        [c charon cmd])
1139 ADD_PLUGIN([xauth-eap],            [c charon])
1140 ADD_PLUGIN([xauth-pam],            [c charon])
1141 ADD_PLUGIN([xauth-noauth],         [c charon])
1142 ADD_PLUGIN([tnc-ifmap],            [c charon])
1143 ADD_PLUGIN([tnc-pdp],              [c charon])
1144 ADD_PLUGIN([tnc-imc],              [t charon])
1145 ADD_PLUGIN([tnc-imv],              [t charon])
1146 ADD_PLUGIN([tnc-tnccs],            [t charon])
1147 ADD_PLUGIN([tnccs-20],             [t charon])
1148 ADD_PLUGIN([tnccs-11],             [t charon])
1149 ADD_PLUGIN([tnccs-dynamic],        [t charon])
1150 ADD_PLUGIN([medsrv],               [c charon])
1151 ADD_PLUGIN([medcli],               [c charon])
1152 ADD_PLUGIN([dhcp],                 [c charon])
1153 ADD_PLUGIN([osx-attr],             [c charon cmd])
1154 ADD_PLUGIN([android-dns],          [c charon])
1155 ADD_PLUGIN([android-log],          [c charon])
1156 ADD_PLUGIN([ha],                   [c charon])
1157 ADD_PLUGIN([whitelist],            [c charon])
1158 ADD_PLUGIN([lookip],               [c charon])
1159 ADD_PLUGIN([error-notify],         [c charon])
1160 ADD_PLUGIN([certexpire],           [c charon])
1161 ADD_PLUGIN([systime-fix],          [c charon])
1162 ADD_PLUGIN([led],                  [c charon])
1163 ADD_PLUGIN([duplicheck],           [c charon])
1164 ADD_PLUGIN([coupling],             [c charon])
1165 ADD_PLUGIN([radattr],              [c charon])
1166 ADD_PLUGIN([maemo],                [c charon])
1167 ADD_PLUGIN([uci],                  [c charon])
1168 ADD_PLUGIN([addrblock],            [c charon])
1169 ADD_PLUGIN([unity],                [c charon])
1170 ADD_PLUGIN([unit-tester],          [c charon])
1171
1172 AC_SUBST(charon_plugins)
1173 AC_SUBST(starter_plugins)
1174 AC_SUBST(pool_plugins)
1175 AC_SUBST(attest_plugins)
1176 AC_SUBST(openac_plugins)
1177 AC_SUBST(scepclient_plugins)
1178 AC_SUBST(pki_plugins)
1179 AC_SUBST(scripts_plugins)
1180 AC_SUBST(manager_plugins)
1181 AC_SUBST(medsrv_plugins)
1182 AC_SUBST(nm_plugins)
1183 AC_SUBST(cmd_plugins)
1184
1185 AC_SUBST(c_plugins)
1186 AC_SUBST(h_plugins)
1187 AC_SUBST(s_plugins)
1188 AC_SUBST(t_plugins)
1189
1190 # ======================
1191 #  set Makefile.am vars
1192 # ======================
1193
1194 #  libstrongswan plugins
1195 # -----------------------
1196 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
1197 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
1198 AM_CONDITIONAL(USE_UNBOUND, test x$unbound = xtrue)
1199 AM_CONDITIONAL(USE_SOUP, test x$soup = xtrue)
1200 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
1201 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
1202 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
1203 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
1204 AM_CONDITIONAL(USE_RC2, test x$rc2 = xtrue)
1205 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
1206 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
1207 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
1208 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
1209 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
1210 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
1211 AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
1212 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
1213 AM_CONDITIONAL(USE_NONCE, test x$nonce = xtrue)
1214 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
1215 AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue)
1216 AM_CONDITIONAL(USE_CONSTRAINTS, test x$constraints = xtrue)
1217 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
1218 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
1219 AM_CONDITIONAL(USE_PKCS7, test x$pkcs7 = xtrue)
1220 AM_CONDITIONAL(USE_PKCS8, test x$pkcs8 = xtrue)
1221 AM_CONDITIONAL(USE_PKCS12, test x$pkcs12 = xtrue)
1222 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
1223 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
1224 AM_CONDITIONAL(USE_SSHKEY, test x$sshkey = xtrue)
1225 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
1226 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
1227 AM_CONDITIONAL(USE_CMAC, test x$cmac = xtrue)
1228 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
1229 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
1230 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
1231 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
1232 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
1233 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
1234 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
1235 AM_CONDITIONAL(USE_KEYCHAIN, test x$keychain = xtrue)
1236 AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue)
1237 AM_CONDITIONAL(USE_CTR, test x$ctr = xtrue)
1238 AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue)
1239 AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
1240 AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
1241 AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue)
1242
1243 #  charon plugins
1244 # ----------------
1245 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
1246 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
1247 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
1248 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
1249 AM_CONDITIONAL(USE_OSX_ATTR, test x$osx_attr = xtrue)
1250 AM_CONDITIONAL(USE_ANDROID_DNS, test x$android_dns = xtrue)
1251 AM_CONDITIONAL(USE_ANDROID_LOG, test x$android_log = xtrue)
1252 AM_CONDITIONAL(USE_MAEMO, test x$maemo = xtrue)
1253 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
1254 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
1255 AM_CONDITIONAL(USE_DNSCERT, test x$dnscert = xtrue)
1256 AM_CONDITIONAL(USE_IPSECKEY, test x$ipseckey = xtrue)
1257 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
1258 AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue)
1259 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unit_tester = xtrue)
1260 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
1261 AM_CONDITIONAL(USE_HA, test x$ha = xtrue)
1262 AM_CONDITIONAL(USE_KERNEL_LIBIPSEC, test x$kernel_libipsec = xtrue)
1263 AM_CONDITIONAL(USE_WHITELIST, test x$whitelist = xtrue)
1264 AM_CONDITIONAL(USE_LOOKIP, test x$lookip = xtrue)
1265 AM_CONDITIONAL(USE_ERROR_NOTIFY, test x$error_notify = xtrue)
1266 AM_CONDITIONAL(USE_CERTEXPIRE, test x$certexpire = xtrue)
1267 AM_CONDITIONAL(USE_SYSTIME_FIX, test x$systime_fix = xtrue)
1268 AM_CONDITIONAL(USE_LED, test x$led = xtrue)
1269 AM_CONDITIONAL(USE_DUPLICHECK, test x$duplicheck = xtrue)
1270 AM_CONDITIONAL(USE_COUPLING, test x$coupling = xtrue)
1271 AM_CONDITIONAL(USE_RADATTR, test x$radattr = xtrue)
1272 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
1273 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
1274 AM_CONDITIONAL(USE_EAP_SIM_PCSC, test x$eap_sim_pcsc = xtrue)
1275 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
1276 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
1277 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
1278 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
1279 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
1280 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
1281 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
1282 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
1283 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
1284 AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue)
1285 AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue)
1286 AM_CONDITIONAL(USE_EAP_PEAP, test x$eap_peap = xtrue)
1287 AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue)
1288 AM_CONDITIONAL(USE_EAP_DYNAMIC, test x$eap_dynamic = xtrue)
1289 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
1290 AM_CONDITIONAL(USE_XAUTH_GENERIC, test x$xauth_generic = xtrue)
1291 AM_CONDITIONAL(USE_XAUTH_EAP, test x$xauth_eap = xtrue)
1292 AM_CONDITIONAL(USE_XAUTH_PAM, test x$xauth_pam = xtrue)
1293 AM_CONDITIONAL(USE_XAUTH_NOAUTH, test x$xauth_noauth = xtrue)
1294 AM_CONDITIONAL(USE_TNC_IFMAP, test x$tnc_ifmap = xtrue)
1295 AM_CONDITIONAL(USE_TNC_PDP, test x$tnc_pdp = xtrue)
1296 AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
1297 AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue)
1298 AM_CONDITIONAL(USE_TNC_TNCCS, test x$tnc_tnccs = xtrue)
1299 AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue)
1300 AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue)
1301 AM_CONDITIONAL(USE_TNCCS_DYNAMIC, test x$tnccs_dynamic = xtrue)
1302 AM_CONDITIONAL(USE_IMC_TEST, test x$imc_test = xtrue)
1303 AM_CONDITIONAL(USE_IMV_TEST, test x$imv_test = xtrue)
1304 AM_CONDITIONAL(USE_IMC_SCANNER, test x$imc_scanner = xtrue)
1305 AM_CONDITIONAL(USE_IMV_SCANNER, test x$imv_scanner = xtrue)
1306 AM_CONDITIONAL(USE_IMC_OS, test x$imc_os = xtrue)
1307 AM_CONDITIONAL(USE_IMV_OS, test x$imv_os = xtrue)
1308 AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue)
1309 AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue)
1310 AM_CONDITIONAL(USE_IMC_SWID, test x$imc_swid = xtrue)
1311 AM_CONDITIONAL(USE_IMV_SWID, test x$imv_swid = xtrue)
1312 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
1313 AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
1314 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
1315 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
1316 AM_CONDITIONAL(USE_UNITY, test x$unity = xtrue)
1317
1318 #  hydra plugins
1319 # ---------------
1320 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
1321 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue)
1322 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
1323 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
1324 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
1325 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
1326 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
1327
1328 #  other options
1329 # ---------------
1330 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
1331 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
1332 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
1333 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
1334 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
1335 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
1336 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
1337 AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
1338 AM_CONDITIONAL(USE_IKEV1, test x$ikev1 = xtrue)
1339 AM_CONDITIONAL(USE_IKEV2, test x$ikev2 = xtrue)
1340 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
1341 AM_CONDITIONAL(USE_ADNS, test x$adns = xtrue)
1342 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
1343 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
1344 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
1345 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
1346 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
1347 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue)
1348 AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
1349 AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
1350 AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
1351 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
1352 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
1353 AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue)
1354 AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
1355 AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$tools = xtrue -o x$conftest = xtrue)
1356 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
1357 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
1358 AM_CONDITIONAL(USE_BUILTIN_PRINTF, test x$builtin_printf = xtrue)
1359 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
1360 AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
1361 AM_CONDITIONAL(USE_RADIUS, test x$radius = xtrue)
1362 AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
1363 AM_CONDITIONAL(USE_PTS, test x$pts = xtrue)
1364 AM_CONDITIONAL(USE_TROUSERS, test x$tss = xtrousers)
1365 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
1366 AM_CONDITIONAL(USE_SILENT_RULES, test x$enable_silent_rules = xyes)
1367 AM_CONDITIONAL(COVERAGE, test x$coverage = xtrue)
1368 AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
1369 AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
1370
1371 # ========================
1372 #  set global definitions
1373 # ========================
1374
1375 if test x$mediation = xtrue; then
1376         AC_DEFINE([ME], [], [mediation extension support])
1377 fi
1378 if test x$capabilities = xlibcap -o x$capabilities = xnative; then
1379         AC_DEFINE([CAPABILITIES], [], [capability dropping support])
1380 fi
1381 if test x$monolithic = xtrue; then
1382         AC_DEFINE([MONOLITHIC], [], [monolithic build embedding plugins])
1383 fi
1384 if test x$ikev1 = xtrue; then
1385         AC_DEFINE([USE_IKEV1], [], [support for IKEv1 protocol])
1386 fi
1387 if test x$ikev2 = xtrue; then
1388         AC_DEFINE([USE_IKEV2], [], [support for IKEv2 protocol])
1389 fi
1390
1391 # ====================================================
1392 #  options for enabled modules (see conf/Makefile.am)
1393 # ====================================================
1394
1395 strongswan_options=
1396
1397 AM_COND_IF([USE_ATTR_SQL], [strongswan_options=${strongswan_options}" pool"])
1398 AM_COND_IF([USE_CHARON], [strongswan_options=${strongswan_options}" charon charon-logging"])
1399 AM_COND_IF([USE_FILE_CONFIG], [strongswan_options=${strongswan_options}" starter"])
1400 AM_COND_IF([USE_IMV_ATTESTATION], [strongswan_options=${strongswan_options}" attest"])
1401 AM_COND_IF([USE_IMCV], [strongswan_options=${strongswan_options}" imcv"])
1402 AM_COND_IF([USE_IMV_OS], [strongswan_options=${strongswan_options}" pacman"])
1403 AM_COND_IF([USE_LIBTNCCS], [strongswan_options=${strongswan_options}" tnc"])
1404 AM_COND_IF([USE_MANAGER], [strongswan_options=${strongswan_options}" manager"])
1405 AM_COND_IF([USE_MEDSRV], [strongswan_options=${strongswan_options}" medsrv"])
1406 AM_COND_IF([USE_TOOLS], [strongswan_options=${strongswan_options}" tools"])
1407
1408 AC_SUBST(strongswan_options)
1409
1410 # =================
1411 #  build Makefiles
1412 # =================
1413
1414 AC_CONFIG_FILES([
1415         Makefile
1416         conf/Makefile
1417         man/Makefile
1418         init/Makefile
1419         init/systemd/Makefile
1420         src/Makefile
1421         src/include/Makefile
1422         src/libstrongswan/Makefile
1423         src/libstrongswan/plugins/aes/Makefile
1424         src/libstrongswan/plugins/cmac/Makefile
1425         src/libstrongswan/plugins/des/Makefile
1426         src/libstrongswan/plugins/blowfish/Makefile
1427         src/libstrongswan/plugins/rc2/Makefile
1428         src/libstrongswan/plugins/md4/Makefile
1429         src/libstrongswan/plugins/md5/Makefile
1430         src/libstrongswan/plugins/sha1/Makefile
1431         src/libstrongswan/plugins/sha2/Makefile
1432         src/libstrongswan/plugins/fips_prf/Makefile
1433         src/libstrongswan/plugins/gmp/Makefile
1434         src/libstrongswan/plugins/rdrand/Makefile
1435         src/libstrongswan/plugins/random/Makefile
1436         src/libstrongswan/plugins/nonce/Makefile
1437         src/libstrongswan/plugins/hmac/Makefile
1438         src/libstrongswan/plugins/xcbc/Makefile
1439         src/libstrongswan/plugins/x509/Makefile
1440         src/libstrongswan/plugins/revocation/Makefile
1441         src/libstrongswan/plugins/constraints/Makefile
1442         src/libstrongswan/plugins/pubkey/Makefile
1443         src/libstrongswan/plugins/pkcs1/Makefile
1444         src/libstrongswan/plugins/pkcs7/Makefile
1445         src/libstrongswan/plugins/pkcs8/Makefile
1446         src/libstrongswan/plugins/pkcs12/Makefile
1447         src/libstrongswan/plugins/pgp/Makefile
1448         src/libstrongswan/plugins/dnskey/Makefile
1449         src/libstrongswan/plugins/sshkey/Makefile
1450         src/libstrongswan/plugins/pem/Makefile
1451         src/libstrongswan/plugins/curl/Makefile
1452         src/libstrongswan/plugins/unbound/Makefile
1453         src/libstrongswan/plugins/soup/Makefile
1454         src/libstrongswan/plugins/ldap/Makefile
1455         src/libstrongswan/plugins/mysql/Makefile
1456         src/libstrongswan/plugins/sqlite/Makefile
1457         src/libstrongswan/plugins/padlock/Makefile
1458         src/libstrongswan/plugins/openssl/Makefile
1459         src/libstrongswan/plugins/gcrypt/Makefile
1460         src/libstrongswan/plugins/agent/Makefile
1461         src/libstrongswan/plugins/keychain/Makefile
1462         src/libstrongswan/plugins/pkcs11/Makefile
1463         src/libstrongswan/plugins/ctr/Makefile
1464         src/libstrongswan/plugins/ccm/Makefile
1465         src/libstrongswan/plugins/gcm/Makefile
1466         src/libstrongswan/plugins/af_alg/Makefile
1467         src/libstrongswan/plugins/ntru/Makefile
1468         src/libstrongswan/plugins/test_vectors/Makefile
1469         src/libstrongswan/tests/Makefile
1470         src/libhydra/Makefile
1471         src/libhydra/plugins/attr/Makefile
1472         src/libhydra/plugins/attr_sql/Makefile
1473         src/libhydra/plugins/kernel_klips/Makefile
1474         src/libhydra/plugins/kernel_netlink/Makefile
1475         src/libhydra/plugins/kernel_pfkey/Makefile
1476         src/libhydra/plugins/kernel_pfroute/Makefile
1477         src/libhydra/plugins/resolve/Makefile
1478         src/libipsec/Makefile
1479         src/libsimaka/Makefile
1480         src/libtls/Makefile
1481         src/libradius/Makefile
1482         src/libtncif/Makefile
1483         src/libtnccs/Makefile
1484         src/libtnccs/plugins/tnc_tnccs/Makefile
1485         src/libtnccs/plugins/tnc_imc/Makefile
1486         src/libtnccs/plugins/tnc_imv/Makefile
1487         src/libtnccs/plugins/tnccs_11/Makefile
1488         src/libtnccs/plugins/tnccs_20/Makefile
1489         src/libtnccs/plugins/tnccs_dynamic/Makefile
1490         src/libpttls/Makefile
1491         src/libpts/Makefile
1492         src/libpts/plugins/imc_attestation/Makefile
1493         src/libpts/plugins/imv_attestation/Makefile
1494         src/libpts/plugins/imc_swid/Makefile
1495         src/libpts/plugins/imv_swid/Makefile
1496         src/libimcv/Makefile
1497         src/libimcv/plugins/imc_test/Makefile
1498         src/libimcv/plugins/imv_test/Makefile
1499         src/libimcv/plugins/imc_scanner/Makefile
1500         src/libimcv/plugins/imv_scanner/Makefile
1501         src/libimcv/plugins/imc_os/Makefile
1502         src/libimcv/plugins/imv_os/Makefile
1503         src/charon/Makefile
1504         src/charon-nm/Makefile
1505         src/charon-tkm/Makefile
1506         src/charon-cmd/Makefile
1507         src/libcharon/Makefile
1508         src/libcharon/plugins/eap_aka/Makefile
1509         src/libcharon/plugins/eap_aka_3gpp2/Makefile
1510         src/libcharon/plugins/eap_dynamic/Makefile
1511         src/libcharon/plugins/eap_identity/Makefile
1512         src/libcharon/plugins/eap_md5/Makefile
1513         src/libcharon/plugins/eap_gtc/Makefile
1514         src/libcharon/plugins/eap_sim/Makefile
1515         src/libcharon/plugins/eap_sim_file/Makefile
1516         src/libcharon/plugins/eap_sim_pcsc/Makefile
1517         src/libcharon/plugins/eap_simaka_sql/Makefile
1518         src/libcharon/plugins/eap_simaka_pseudonym/Makefile
1519         src/libcharon/plugins/eap_simaka_reauth/Makefile
1520         src/libcharon/plugins/eap_mschapv2/Makefile
1521         src/libcharon/plugins/eap_tls/Makefile
1522         src/libcharon/plugins/eap_ttls/Makefile
1523         src/libcharon/plugins/eap_peap/Makefile
1524         src/libcharon/plugins/eap_tnc/Makefile
1525         src/libcharon/plugins/eap_radius/Makefile
1526         src/libcharon/plugins/xauth_generic/Makefile
1527         src/libcharon/plugins/xauth_eap/Makefile
1528         src/libcharon/plugins/xauth_pam/Makefile
1529         src/libcharon/plugins/xauth_noauth/Makefile
1530         src/libcharon/plugins/tnc_ifmap/Makefile
1531         src/libcharon/plugins/tnc_pdp/Makefile
1532         src/libcharon/plugins/socket_default/Makefile
1533         src/libcharon/plugins/socket_dynamic/Makefile
1534         src/libcharon/plugins/farp/Makefile
1535         src/libcharon/plugins/smp/Makefile
1536         src/libcharon/plugins/sql/Makefile
1537         src/libcharon/plugins/dnscert/Makefile
1538         src/libcharon/plugins/ipseckey/Makefile
1539         src/libcharon/plugins/medsrv/Makefile
1540         src/libcharon/plugins/medcli/Makefile
1541         src/libcharon/plugins/addrblock/Makefile
1542         src/libcharon/plugins/unity/Makefile
1543         src/libcharon/plugins/uci/Makefile
1544         src/libcharon/plugins/ha/Makefile
1545         src/libcharon/plugins/kernel_libipsec/Makefile
1546         src/libcharon/plugins/whitelist/Makefile
1547         src/libcharon/plugins/lookip/Makefile
1548         src/libcharon/plugins/error_notify/Makefile
1549         src/libcharon/plugins/certexpire/Makefile
1550         src/libcharon/plugins/systime_fix/Makefile
1551         src/libcharon/plugins/led/Makefile
1552         src/libcharon/plugins/duplicheck/Makefile
1553         src/libcharon/plugins/coupling/Makefile
1554         src/libcharon/plugins/radattr/Makefile
1555         src/libcharon/plugins/osx_attr/Makefile
1556         src/libcharon/plugins/android_dns/Makefile
1557         src/libcharon/plugins/android_log/Makefile
1558         src/libcharon/plugins/maemo/Makefile
1559         src/libcharon/plugins/stroke/Makefile
1560         src/libcharon/plugins/updown/Makefile
1561         src/libcharon/plugins/dhcp/Makefile
1562         src/libcharon/plugins/unit_tester/Makefile
1563         src/libcharon/plugins/load_tester/Makefile
1564         src/stroke/Makefile
1565         src/ipsec/Makefile
1566         src/starter/Makefile
1567         src/_updown/Makefile
1568         src/_updown_espmark/Makefile
1569         src/_copyright/Makefile
1570         src/openac/Makefile
1571         src/scepclient/Makefile
1572         src/pki/Makefile
1573         src/pki/man/Makefile
1574         src/pool/Makefile
1575         src/dumm/Makefile
1576         src/dumm/ext/extconf.rb
1577         src/libfast/Makefile
1578         src/manager/Makefile
1579         src/medsrv/Makefile
1580         src/checksum/Makefile
1581         src/conftest/Makefile
1582         src/pt-tls-client/Makefile
1583         scripts/Makefile
1584         testing/Makefile
1585 ])
1586
1587 # =================
1588 #  build man pages
1589 # =================
1590
1591 AC_CONFIG_FILES([
1592         conf/strongswan.conf.5.head
1593         conf/strongswan.conf.5.tail
1594         man/ipsec.conf.5
1595         man/ipsec.secrets.5
1596         src/charon-cmd/charon-cmd.8
1597         src/pki/man/pki.1
1598         src/pki/man/pki---gen.1
1599         src/pki/man/pki---issue.1
1600         src/pki/man/pki---keyid.1
1601         src/pki/man/pki---pkcs7.1
1602         src/pki/man/pki---print.1
1603         src/pki/man/pki---pub.1
1604         src/pki/man/pki---req.1
1605         src/pki/man/pki---self.1
1606         src/pki/man/pki---signcrl.1
1607         src/pki/man/pki---verify.1
1608 ])
1609
1610 AC_OUTPUT
1611
1612 # ========================
1613 #  report enabled plugins
1614 # ========================
1615
1616 AC_MSG_RESULT([])
1617 AC_MSG_RESULT([ strongSwan will be built with the following plugins])
1618 AC_MSG_RESULT([-----------------------------------------------------])
1619
1620 AC_MSG_RESULT([libstrongswan:$s_plugins])
1621 AC_MSG_RESULT([libcharon:    $c_plugins])
1622 AC_MSG_RESULT([libhydra:     $h_plugins])
1623 AC_MSG_RESULT([libtnccs:     $t_plugins])
1624 AC_MSG_RESULT([])