Created libtpmtss library handling access to v1.2 and v2.0 TPMs
[strongswan.git] / configure.ac
1 #
2 # Copyright (C) 2007-2015 Tobias Brunner
3 # Copyright (C) 2006-2016 Andreas Steffen
4 # Copyright (C) 2006-2014 Martin Willi
5 # HSR Hochschule fuer Technik Rapperswil
6 #
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11 #
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17
18 # ============================
19 #  initialize & set some vars
20 # ============================
21
22 AC_INIT([strongSwan],[5.4.1dr4])
23 AM_INIT_AUTOMAKE(m4_esyscmd([
24         echo tar-ustar
25         echo subdir-objects
26         case `automake --version | head -n 1` in
27                 *" 1.9"*);;
28                 *" 1.10"*);;
29                 *" 1.11"*);;
30                 # don't use parallel test harness in 1.12 and up
31                 *) echo serial-tests;;
32         esac
33 ]))
34 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES])
35 AC_CONFIG_MACRO_DIR([m4/config])
36 AC_CONFIG_HEADERS([config.h])
37 AC_DEFINE([CONFIG_H_INCLUDED], [], [defined if config.h included])
38 PKG_PROG_PKG_CONFIG
39
40 m4_include(m4/macros/split-package-version.m4)
41 SPLIT_PACKAGE_VERSION
42
43 # =================================
44 #  check --enable-xxx & --with-xxx
45 # =================================
46
47 m4_include(m4/macros/with.m4)
48
49 ARG_WITH_SUBST([random-device],      [/dev/random], [set the device to read real random data from])
50 ARG_WITH_SUBST([urandom-device],     [/dev/urandom], [set the device to read pseudo random data from])
51 ARG_WITH_SUBST([strongswan-conf],    [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
52 ARG_WITH_SUBST([resolv-conf],        [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
53 ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX socket files])
54 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
55 ARG_WITH_SUBST([ipseclibdir],        [${libdir%/}/ipsec], [set installation path for ipsec libraries])
56 ARG_WITH_SUBST([plugindir],          [${ipseclibdir%/}/plugins], [set the installation path of plugins])
57 ARG_WITH_SUBST([imcvdir],            [${ipseclibdir%/}/imcvs], [set the installation path of IMC and IMV dynamic librariers])
58 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM backend uses to look up trusted root certificates])
59 ARG_WITH_SUBST([swanctldir],         [${sysconfdir}/swanctl], [base directory for swanctl configuration files and credentials])
60 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
61 ARG_WITH_SUBST([routing-table],      [220], [set routing table to use for IPsec routes])
62 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
63 ARG_WITH_SUBST([ipsec-script],       [ipsec], [change the name of the ipsec script])
64 ARG_WITH_SUBST([fips-mode],          [0], [set openssl FIPS mode: disabled(0), enabled(1), Suite B enabled(2)])
65 ARG_WITH_SET([capabilities],         [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
66 ARG_WITH_SET([mpz_powm_sec],         [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
67 ARG_WITH_SET([dev-headers],          [no], [install strongSwan development headers to directory.])
68 ARG_WITH_SET([printf-hooks],         [auto], [force the use of a specific printf hook implementation (auto, builtin, glibc, vstr).])
69 ARG_WITH_SET([rubygemdir],           ["gem environment gemdir"], [path to install ruby gems to])
70 ARG_WITH_SET([pythoneggdir],         ["main site-packages directory"], [path to install python eggs to to])
71
72 if test -n "$PKG_CONFIG"; then
73         systemdsystemunitdir_default=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
74 fi
75 ARG_WITH_SET([systemdsystemunitdir], [$systemdsystemunitdir_default], [directory for systemd service files])
76 AC_SUBST(systemdsystemunitdir)
77
78 AC_ARG_WITH(
79         [user],
80         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
81         [AC_DEFINE_UNQUOTED([IPSEC_USER], "$withval", [username to run daemon with])
82          AC_SUBST(ipsecuser, "$withval")],
83         [AC_SUBST(ipsecuser, "root")]
84 )
85
86 AC_ARG_WITH(
87         [group],
88         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
89         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval", [groupname to run daemon with])
90          AC_SUBST(ipsecgroup, "$withval")],
91         [AC_SUBST(ipsecgroup, "root")]
92 )
93
94 AC_ARG_WITH(
95         [charon-udp-port],
96         AS_HELP_STRING([--with-charon-udp-port=port],[UDP port used by charon locally (default 500). Set to 0 to allocate randomly.]),
97         [AC_DEFINE_UNQUOTED(CHARON_UDP_PORT, [$withval], [UDP port used by charon locally])
98          AC_SUBST(charon_udp_port, [$withval])],
99         [AC_SUBST(charon_udp_port, 500)]
100 )
101
102 AC_ARG_WITH(
103         [charon-natt-port],
104         AS_HELP_STRING([--with-charon-natt-port=port],[UDP port used by charon locally in case a NAT is detected (must be different from charon-udp-port, default 4500). Set to 0 to allocate randomly.]),
105         [AC_DEFINE_UNQUOTED(CHARON_NATT_PORT, [$withval], [UDP post used by charon locally in case a NAT is detected])
106          AC_SUBST(charon_natt_port, [$withval])],
107         [AC_SUBST(charon_natt_port, 4500)]
108 )
109
110 AC_MSG_CHECKING([configured UDP ports ($charon_udp_port, $charon_natt_port)])
111 if test x$charon_udp_port != x0 -a x$charon_udp_port = x$charon_natt_port; then
112         AC_MSG_ERROR(the ports have to be different)
113 else
114         AC_MSG_RESULT(ok)
115 fi
116
117 # convert script name to uppercase
118 AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`])
119
120 m4_include(m4/macros/enable-disable.m4)
121
122 # crypto plugins
123 ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
124 ARG_ENABL_SET([af-alg],         [enable AF_ALG crypto interface to Linux Crypto API.])
125 ARG_ENABL_SET([bliss],          [enable BLISS software implementation plugin.])
126 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
127 ARG_ENABL_SET([ccm],            [enables the CCM AEAD wrapper crypto plugin.])
128 ARG_ENABL_SET([chapoly],        [enables the ChaCha20/Poly1305 AEAD plugin.])
129 ARG_DISBL_SET([cmac],           [disable CMAC crypto implementation plugin.])
130 ARG_ENABL_SET([ctr],            [enables the Counter Mode wrapper crypto plugin.])
131 ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
132 ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
133 ARG_ENABL_SET([gcm],            [enables the GCM AEAD wrapper crypto plugin.])
134 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
135 ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
136 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
137 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
138 ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
139 ARG_DISBL_SET([nonce],          [disable nonce generation plugin.])
140 ARG_ENABL_SET([ntru],           [enables the NTRU crypto plugin.])
141 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
142 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
143 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
144 ARG_DISBL_SET([rc2],            [disable RC2 software implementation plugin.])
145 ARG_ENABL_SET([rdrand],         [enable Intel RDRAND random generator plugin.])
146 ARG_ENABL_SET([aesni],          [enable Intel AES-NI crypto plugin.])
147 ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
148 ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
149 ARG_ENABL_SET([sha3],           [enable SHA3_224/SHA3_256/SHA3_384/SHA3_512 software implementation plugin.])
150 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
151 # encoding/decoding plugins
152 ARG_DISBL_SET([dnskey],         [disable DNS RR key decoding plugin.])
153 ARG_DISBL_SET([pem],            [disable PEM decoding plugin.])
154 ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
155 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
156 ARG_DISBL_SET([pkcs7],          [disable PKCS7 container support plugin.])
157 ARG_DISBL_SET([pkcs8],          [disable PKCS8 private key decoding plugin.])
158 ARG_DISBL_SET([pkcs12],         [disable PKCS12 container support plugin.])
159 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
160 ARG_DISBL_SET([sshkey],         [disable SSH key decoding plugin.])
161 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
162 # fetcher/resolver plugins
163 ARG_ENABL_SET([curl],           [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
164 ARG_ENABL_SET([files],          [enable simple file:// URI fetcher.])
165 ARG_ENABL_SET([ldap],           [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
166 ARG_ENABL_SET([soup],           [enable soup fetcher plugin to fetch from HTTP via libsoup. Requires libsoup.])
167 ARG_ENABL_SET([unbound],        [enable UNBOUND resolver plugin to perform DNS queries via libunbound. Requires libldns and libunbound.])
168 ARG_ENABL_SET([winhttp],        [enable WinHTTP based HTTP/HTTPS fetching plugin.])
169 # database plugins
170 ARG_ENABL_SET([mysql],          [enable MySQL database support. Requires libmysqlclient_r.])
171 ARG_ENABL_SET([sqlite],         [enable SQLite database support. Requires libsqlite3.])
172 # authentication/credential plugins
173 ARG_ENABL_SET([addrblock],      [enables RFC 3779 address block constraint support.])
174 ARG_ENABL_SET([acert],          [enable X509 attribute certificate checking plugin.])
175 ARG_ENABL_SET([agent],          [enables the ssh-agent signing plugin.])
176 ARG_DISBL_SET([constraints],    [disable advanced X509 constraint checking plugin.])
177 ARG_ENABL_SET([coupling],       [enable IKEv2 plugin to couple peer certificates permanently to authentication.])
178 ARG_ENABL_SET([dnscert],        [enable DNSCERT authentication plugin.])
179 ARG_ENABL_SET([eap-sim],        [enable SIM authentication module for EAP.])
180 ARG_ENABL_SET([eap-sim-file],   [enable EAP-SIM backend based on a triplet file.])
181 ARG_ENABL_SET([eap-sim-pcsc],   [enable EAP-SIM backend based on a smartcard reader. Requires libpcsclite.])
182 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
183 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
184 ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
185 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
186 ARG_ENABL_SET([eap-simaka-reauth],    [enable EAP-SIM/AKA reauthentication data storage plugin.])
187 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
188 ARG_ENABL_SET([eap-md5],        [enable EAP MD5 (CHAP) authentication module.])
189 ARG_ENABL_SET([eap-gtc],        [enable EAP GTC authentication module.])
190 ARG_ENABL_SET([eap-mschapv2],   [enable EAP MS-CHAPv2 authentication module.])
191 ARG_ENABL_SET([eap-tls],        [enable EAP TLS authentication module.])
192 ARG_ENABL_SET([eap-ttls],       [enable EAP TTLS authentication module.])
193 ARG_ENABL_SET([eap-peap],       [enable EAP PEAP authentication module.])
194 ARG_ENABL_SET([eap-tnc],        [enable EAP TNC trusted network connect module.])
195 ARG_ENABL_SET([eap-dynamic],    [enable dynamic EAP proxy module.])
196 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authentication module.])
197 ARG_ENABL_SET([ext-auth],       [enable plugin calling an external authorization script.])
198 ARG_ENABL_SET([ipseckey],       [enable IPSECKEY authentication plugin.])
199 ARG_ENABL_SET([keychain],       [enables OS X Keychain Services credential set.])
200 ARG_ENABL_SET([pkcs11],         [enables the PKCS11 token support plugin.])
201 ARG_DISBL_SET([revocation],     [disable X509 CRL/OCSP revocation check plugin.])
202 ARG_ENABL_SET([whitelist],      [enable peer identity whitelisting plugin.])
203 ARG_DISBL_SET([xauth-generic],  [disable generic XAuth backend.])
204 ARG_ENABL_SET([xauth-eap],      [enable XAuth backend using EAP methods to verify passwords.])
205 ARG_ENABL_SET([xauth-pam],      [enable XAuth backend using PAM to verify passwords.])
206 ARG_ENABL_SET([xauth-noauth],   [enable XAuth pseudo-backend that does not actually verify or even request any credentials.])
207 # kernel interfaces / sockets
208 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
209 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
210 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
211 ARG_ENABL_SET([kernel-iph],     [enable the Windows IP Helper based networking backend.])
212 ARG_ENABL_SET([kernel-libipsec],[enable the libipsec kernel interface.])
213 ARG_ENABL_SET([kernel-wfp],     [enable the Windows Filtering Platform IPsec backend.])
214 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
215 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
216 ARG_ENABL_SET([socket-win],     [enable Winsock2 based socket implementation for charon])
217 # configuration/control plugins
218 ARG_DISBL_SET([stroke],         [disable charons stroke configuration backend.])
219 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
220 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
221 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
222 ARG_DISBL_SET([vici],           [disable strongSwan IKE generic IPC interface plugin.])
223 # attribute provider/consumer plugins
224 ARG_ENABL_SET([android-dns],    [enable Android specific DNS handler.])
225 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
226 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
227 ARG_ENABL_SET([dhcp],           [enable DHCP based attribute provider plugin.])
228 ARG_ENABL_SET([osx-attr],       [enable OS X SystemConfiguration attribute handler.])
229 ARG_ENABL_SET([p-cscf],         [enable plugin to request P-CSCF server addresses from an ePDG.])
230 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
231 ARG_ENABL_SET([unity],          [enables Cisco Unity extension plugin.])
232 # TNC modules/plugins
233 ARG_ENABL_SET([imc-test],       [enable IMC test module.])
234 ARG_ENABL_SET([imv-test],       [enable IMV test module.])
235 ARG_ENABL_SET([imc-scanner],    [enable IMC port scanner module.])
236 ARG_ENABL_SET([imv-scanner],    [enable IMV port scanner module.])
237 ARG_ENABL_SET([imc-os],         [enable IMC operating system module.])
238 ARG_ENABL_SET([imv-os],         [enable IMV operating system module.])
239 ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.])
240 ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.])
241 ARG_ENABL_SET([imc-swid],       [enable IMC swid module.])
242 ARG_ENABL_SET([imv-swid],       [enable IMV swid module.])
243 ARG_ENABL_SET([imc-hcd],        [enable IMC hcd module.])
244 ARG_ENABL_SET([imv-hcd],        [enable IMV hcd module.])
245 ARG_ENABL_SET([tnc-ifmap],      [enable TNC IF-MAP module. Requires libxml])
246 ARG_ENABL_SET([tnc-imc],        [enable TNC IMC module.])
247 ARG_ENABL_SET([tnc-imv],        [enable TNC IMV module.])
248 ARG_ENABL_SET([tnc-pdp],        [enable TNC policy decision point module.])
249 ARG_ENABL_SET([tnccs-11],       [enable TNCCS 1.1 protocol module. Requires libxml])
250 ARG_ENABL_SET([tnccs-20],       [enable TNCCS 2.0 protocol module.])
251 ARG_ENABL_SET([tnccs-dynamic],  [enable dynamic TNCCS protocol discovery module.])
252 # misc plugins
253 ARG_ENABL_SET([android-log],    [enable Android specific logger plugin.])
254 ARG_ENABL_SET([certexpire],     [enable CSV export of expiration dates of used certificates.])
255 ARG_ENABL_SET([connmark],       [enable connmark plugin using conntrack based marks to select return path SA.])
256 ARG_ENABL_SET([forecast],       [enable forecast plugin forwarding broadcast/multicast messages.])
257 ARG_ENABL_SET([duplicheck],     [advanced duplicate checking plugin using liveness checks.])
258 ARG_ENABL_SET([error-notify],   [enable error notification plugin.])
259 ARG_ENABL_SET([farp],           [enable ARP faking plugin that responds to ARP requests to peers virtual IP])
260 ARG_ENABL_SET([ha],             [enable high availability cluster plugin.])
261 ARG_ENABL_SET([led],            [enable plugin to control LEDs on IKEv2 activity using the Linux kernel LED subsystem.])
262 ARG_ENABL_SET([load-tester],    [enable load testing plugin for IKEv2 daemon.])
263 ARG_ENABL_SET([lookip],         [enable fast virtual IP lookup and notification plugin.])
264 ARG_ENABL_SET([maemo],          [enable Maemo specific plugin.])
265 ARG_ENABL_SET([radattr],        [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.])
266 ARG_ENABL_SET([systime-fix],    [enable plugin to handle cert lifetimes with invalid system time gracefully.])
267 ARG_ENABL_SET([test-vectors],   [enable plugin providing crypto test vectors.])
268 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
269 # programs/components
270 ARG_ENABL_SET([aikgen],         [enable AIK generator for TPM 1.2.])
271 ARG_ENABL_SET([aikpub2],        [enable AIK extractor for TPM 2.0.])
272 ARG_DISBL_SET([charon],         [disable the IKEv1/IKEv2 keying daemon charon.])
273 ARG_ENABL_SET([cmd],            [enable the command line IKE client charon-cmd.])
274 ARG_ENABL_SET([conftest],       [enforce Suite B conformance test framework.])
275 ARG_ENABL_SET([dumm],           [enable the DUMM UML test framework.])
276 ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ templates.])
277 ARG_ENABL_SET([libipsec],       [enable user space IPsec implementation.])
278 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
279 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
280 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
281 ARG_ENABL_SET([nm],             [enable NetworkManager backend.])
282 ARG_DISBL_SET([pki],            [disable pki certificate utility.])
283 ARG_DISBL_SET([scepclient],     [disable SCEP client tool.])
284 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
285 ARG_ENABL_SET([svc],            [enable charon Windows service.])
286 ARG_ENABL_SET([systemd],        [enable systemd specific IKE daemon charon-systemd.])
287 ARG_DISBL_SET([swanctl],        [disable swanctl configuration and control tool.])
288 ARG_ENABL_SET([tkm],            [enable Trusted Key Manager support.])
289 # optional features
290 ARG_ENABL_SET([bfd-backtraces], [use binutils libbfd to resolve backtraces for memory leaks and segfaults.])
291 ARG_ENABL_SET([dbghelp-backtraces],[use dbghlp.dll on Windows to create and print backtraces for memory leaks and segfaults.])
292 ARG_DISBL_SET([ikev1],          [disable IKEv1 protocol support in charon.])
293 ARG_DISBL_SET([ikev2],          [disable IKEv2 protocol support in charon.])
294 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
295 ARG_DISBL_SET([load-warning],   [disable the charon plugin load option warning in starter.])
296 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
297 ARG_ENABL_SET([unwind-backtraces],[use libunwind to create backtraces for memory leaks and segfaults.])
298 ARG_ENABL_SET([ruby-gems],      [enable build of provided ruby gems.])
299 ARG_ENABL_SET([ruby-gems-install],[enable installation of provided ruby gems.])
300 ARG_ENABL_SET([python-eggs],    [enable build of provided python eggs.])
301 ARG_ENABL_SET([python-eggs-install],[enable installation of provided python eggs.])
302 ARG_ENABL_SET([perl-cpan],      [enable build of provided perl CPAN module.])
303 ARG_ENABL_SET([perl-cpan-install],[enable installation of provided CPAN module.])
304 ARG_ENABL_SET([tss-trousers],   [enable the use of the TrouSerS Trusted Software Stack])
305 ARG_ENABL_SET([tss-tss2],       [enable the use of the TSS 2.0 Trusted Software Stack])
306
307 # compile options
308 ARG_ENABL_SET([coverage],       [enable lcov coverage report generation.])
309 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
310 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
311 ARG_ENABL_SET([log-thread-ids], [use thread ID, if available, instead of an incremented value starting from 1, to identify threads.])
312 ARG_ENABL_SET([monolithic],     [build monolithic version of libstrongswan that includes all enabled plugins. Similarly, the plugins of charon are assembled in libcharon.])
313
314 # ===================================
315 #  option to disable default options
316 # ===================================
317
318 ARG_DISBL_SET([defaults],       [disable all default plugins (they can be enabled with their respective --enable options)])
319
320 if test x$defaults = xfalse; then
321         for option in $enabled_by_default; do
322                 eval test x\${${option}_given} = xtrue && continue
323                 eval $option=false
324         done
325 fi
326
327 # ==============================
328 #  option to enable all options
329 # ==============================
330
331 ARG_ENABL_SET([all],            [enable all plugins and features (they can be disabled with their respective --disable options). Mainly for testing.])
332
333 if test x$all_given = xtrue; then
334         for option in $disabled_by_default; do
335                 eval test x\${${option}_given} = xtrue && continue
336                 eval $option=true
337         done
338 fi
339
340 # ===========================
341 #  set up compiler and flags
342 # ===========================
343
344 if test -z "$CFLAGS"; then
345         CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign"
346 fi
347 AC_PROG_CC
348 AM_PROG_CC_C_O
349
350 AC_LIB_PREFIX
351 AC_C_BIGENDIAN
352
353 # =========================
354 #  check required programs
355 # =========================
356
357 LT_INIT
358 AC_PROG_INSTALL
359 AC_PROG_EGREP
360 AC_PROG_AWK
361 AC_PROG_LEX
362 AC_PROG_YACC
363 AM_PATH_PYTHON(,,[:])
364 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
365 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
366
367 # because gperf is not needed by end-users we just report it but do not abort on failure
368 AC_MSG_CHECKING([gperf version >= 3.0.0])
369 if test -x "$GPERF"; then
370         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
371                 AC_MSG_RESULT([yes])
372         else
373                 AC_MSG_RESULT([no])
374         fi
375 else
376         AC_MSG_RESULT([not found])
377 fi
378
379 # ========================
380 #  dependency calculation
381 # ========================
382
383 if test x$xauth_generic_given = xfalse -a x$ikev1 = xfalse; then
384         xauth_generic=false;
385 fi
386
387 if test x$kernel_libipsec = xtrue; then
388         libipsec=true;
389 fi
390
391 if test x$eap_aka_3gpp2 = xtrue; then
392         gmp=true;
393 fi
394
395 if test x$eap_aka = xtrue; then
396         fips_prf=true;
397         simaka=true;
398 fi
399
400 if test x$eap_sim = xtrue; then
401         fips_prf=true;
402         simaka=true;
403 fi
404
405 if test x$eap_radius = xtrue -o x$radattr = xtrue -o x$tnc_pdp = xtrue; then
406         radius=true;
407 fi
408
409 if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then
410         tnc_tnccs=true;
411 fi
412
413 if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue -o x$tnc_tnccs = xtrue; then
414         tls=true;
415 fi
416
417 if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swid = xtrue -o x$imv_swid = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then
418         imcv=true;
419 fi
420
421 if test x$fips_prf = xtrue; then
422         if test x$openssl = xfalse; then
423                 sha1=true;
424         fi
425 fi
426
427 if test x$swanctl = xtrue; then
428         vici=true
429 fi
430
431 if test x$smp = xtrue -o x$tnccs_11 = xtrue -o x$tnc_ifmap = xtrue; then
432         xml=true
433 fi
434
435 if test x$manager = xtrue; then
436         fast=true
437 fi
438
439 if test x$medsrv = xtrue; then
440         mediation=true
441         fast=true
442 fi
443
444 if test x$medcli = xtrue; then
445         mediation=true
446 fi
447
448 if test x$ruby_gems_install = xtrue; then
449         ruby_gems=true
450 fi
451
452 if test x$python_eggs_install = xtrue; then
453         python_eggs=true
454 fi
455
456 if test x$perl_cpan_install = xtrue; then
457         perl_cpan=true
458 fi
459
460 # ===========================================
461 #  check required libraries and header files
462 # ===========================================
463
464 AC_HEADER_STDBOOL
465 AC_FUNC_ALLOCA
466 AC_FUNC_STRERROR_R
467
468 #  libraries needed on some platforms but not on others
469 # ------------------------------------------------------
470 saved_LIBS=$LIBS
471
472 # FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
473 LIBS=""
474 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
475 AC_SUBST(DLLIB)
476
477 # glibc's backtrace() can be replicated on FreeBSD with libexecinfo
478 LIBS=""
479 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
480 AC_CHECK_FUNCS(backtrace)
481 AC_SUBST(BTLIB)
482
483 # OpenSolaris needs libsocket and libnsl for socket()
484 LIBS=""
485 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
486         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
487 )
488 AC_SUBST(SOCKLIB)
489
490 # Android has pthread_* functions in bionic (libc), others need libpthread
491 LIBS=$DLLIB
492 AC_SEARCH_LIBS(pthread_create, pthread, [PTHREADLIB=$LIBS])
493 AC_SUBST(PTHREADLIB)
494
495 # uClibc requires explicit -latomic for __atomic_* operations
496 LIBS=""
497 AC_SEARCH_LIBS(__atomic_load, atomic, [ATOMICLIB=$LIBS])
498 AC_SUBST(ATOMICLIB)
499
500 LIBS=$saved_LIBS
501 # ------------------------------------------------------
502
503 AC_MSG_CHECKING(for dladdr)
504 AC_COMPILE_IFELSE(
505         [AC_LANG_PROGRAM(
506                 [[#define _GNU_SOURCE
507                   #include <dlfcn.h>]],
508                 [[Dl_info* info = 0;
509                   dladdr(0, info);]])],
510         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR], [], [have dladdr()])],
511         [AC_MSG_RESULT([no])]
512 )
513
514 # check if pthread_condattr_setclock(CLOCK_MONOTONIC) is supported
515 saved_LIBS=$LIBS
516 LIBS=$PTHREADLIB
517 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONIC)])
518 AC_RUN_IFELSE(
519         [AC_LANG_SOURCE(
520                 [[#include <pthread.h>
521                   int main() { pthread_condattr_t attr;
522                         pthread_condattr_init(&attr);
523                         return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}]])],
524         [AC_MSG_RESULT([yes]);
525          AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
526                            [pthread_condattr_setclock supports CLOCK_MONOTONIC])],
527         [AC_MSG_RESULT([no])],
528         # Check existence of pthread_condattr_setclock if cross-compiling
529         [AC_MSG_RESULT([unknown]);
530          AC_CHECK_FUNCS(pthread_condattr_setclock,
531                 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
532                                    [have pthread_condattr_setclock()])]
533         )]
534 )
535 # check if we actually are able to configure attributes on cond vars
536 AC_CHECK_FUNCS(pthread_condattr_init)
537 # instead of pthread_condattr_setclock Android has this function
538 AC_CHECK_FUNCS(pthread_cond_timedwait_monotonic)
539 # check if we can cancel threads
540 AC_CHECK_FUNCS(pthread_cancel)
541 # check if native rwlocks are available
542 AC_CHECK_FUNCS(pthread_rwlock_init)
543 # check if pthread spinlocks are available
544 AC_CHECK_FUNCS(pthread_spin_init)
545 # check if we have POSIX semaphore functions, including timed-wait
546 AC_CHECK_FUNCS(sem_timedwait)
547 LIBS=$saved_LIBS
548
549 AC_CHECK_FUNC(
550         [gettid],
551         [AC_DEFINE([HAVE_GETTID], [], [have gettid()])],
552         [AC_MSG_CHECKING([for SYS_gettid])
553          AC_COMPILE_IFELSE(
554                 [AC_LANG_PROGRAM(
555                         [[#define _GNU_SOURCE
556                           #include <unistd.h>
557                           #include <sys/syscall.h>]],
558                         [[int main() {
559                           return syscall(SYS_gettid);}]])],
560                 [AC_MSG_RESULT([yes]);
561                  AC_DEFINE([HAVE_GETTID], [], [have gettid()])
562                  AC_DEFINE([HAVE_SYS_GETTID], [], [have syscall(SYS_gettid)])],
563                 [AC_MSG_RESULT([no])]
564         )]
565 )
566
567 AC_CHECK_FUNC(
568         [qsort_r],
569         [
570                 AC_DEFINE([HAVE_QSORT_R], [], [have qsort_r()])
571                 # set -Werror so that we get an error for "argument ... has
572                 # incompatible pointer type" warnings
573                 save_CFLAGS="$CFLAGS"
574                 CFLAGS="$CFLAGS -Werror -Wno-unused-parameter"
575                 AC_MSG_CHECKING([for GNU-style qsort_r])
576                 AC_COMPILE_IFELSE(
577                         [AC_LANG_PROGRAM(
578                                 [[#define _GNU_SOURCE
579                                   #include <stdlib.h>
580                                   int cmp (const void *a, const void *b, void *x) { return 0; }]],
581                                 [[int arr[] = { 0, 1 };
582                                   qsort_r(arr, 2, sizeof(int), cmp, arr);]])],
583                 [AC_MSG_RESULT([yes]);
584                  AC_DEFINE([HAVE_QSORT_R_GNU], [], [have GNU-style qsort_r()])],
585                 [
586                         AC_MSG_RESULT([no]);
587                         AC_MSG_CHECKING([for BSD-style qsort_r])
588                         AC_COMPILE_IFELSE(
589                                 [AC_LANG_PROGRAM(
590                                         [[#include <stdlib.h>
591                                           int cmp (void *x, const void *a, const void *b) { return 0; }]],
592                                         [[int arr[] = { 0, 1 };
593                                           qsort_r(arr, 2, sizeof(int), arr, cmp);]])],
594                         [AC_MSG_RESULT([yes]);
595                          AC_DEFINE([HAVE_QSORT_R_BSD], [], [have BSD-style qsort_r()])],
596                         [AC_MSG_RESULT([no]);
597                          AC_MSG_FAILURE([qsort_r has unknown semantics])])
598                 ])
599                 CFLAGS="$save_CFLAGS"
600         ]
601 )
602
603 AC_CHECK_FUNCS(prctl mallinfo getpass closefrom getpwnam_r getgrnam_r getpwuid_r)
604 AC_CHECK_FUNCS(fmemopen funopen mmap memrchr setlinebuf strptime dirfd sigwaitinfo)
605
606 AC_CHECK_FUNC([syslog], [
607         AC_DEFINE([HAVE_SYSLOG], [], [have syslog(3) and friends])
608         syslog=true
609 ])
610 AM_CONDITIONAL(USE_SYSLOG, [test "x$syslog" = xtrue])
611
612 AC_CHECK_HEADERS(sys/sockio.h sys/syscall.h glob.h net/if_tun.h)
613 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
614 AC_CHECK_HEADERS([netinet/ip6.h linux/fib_rules.h], [], [],
615 [
616         #include <sys/types.h>
617         #include <netinet/in.h>
618 ])
619
620 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
621 [
622         #include <sys/types.h>
623         #include <sys/socket.h>
624 ])
625
626 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
627 [
628         #include <sys/types.h>
629         #ifdef HAVE_NET_PFKEYV2_H
630         #include <net/pfkeyv2.h>
631         #else
632         #include <stdint.h>
633         #include <linux/pfkeyv2.h>
634         #endif
635 ])
636
637 AC_MSG_CHECKING([for in6addr_any])
638 AC_COMPILE_IFELSE(
639         [AC_LANG_PROGRAM(
640                 [[#include <sys/types.h>
641                   #include <sys/socket.h>
642                   #include <netinet/in.h>]],
643                 [[struct in6_addr in6 __attribute__((unused));
644                   in6 = in6addr_any;]])],
645         [AC_MSG_RESULT([yes]);
646          AC_DEFINE([HAVE_IN6ADDR_ANY], [], [have struct in6_addr in6addr_any])],
647         [AC_MSG_RESULT([no])]
648 )
649
650 AC_MSG_CHECKING([for in6_pktinfo])
651 AC_COMPILE_IFELSE(
652         [AC_LANG_PROGRAM(
653                 [[#define _GNU_SOURCE
654                   #include <sys/types.h>
655                   #include <sys/socket.h>
656                   #include <netinet/in.h>]],
657                 [[struct in6_pktinfo pi;
658                   if (pi.ipi6_ifindex)
659                   {
660                     return 0;
661                   }]])],
662         [AC_MSG_RESULT([yes]);
663          AC_DEFINE([HAVE_IN6_PKTINFO], [], [have struct in6_pktinfo.ipi6_ifindex])],
664         [AC_MSG_RESULT([no])]
665 )
666
667 AC_MSG_CHECKING([for RTM_IFANNOUNCE])
668 AC_COMPILE_IFELSE(
669         [AC_LANG_PROGRAM(
670                 [[#include <sys/socket.h>
671                   #include <net/if.h>
672                   #include <net/route.h>]],
673                 [[return RTM_IFANNOUNCE;]])],
674         [AC_MSG_RESULT([yes]);
675          AC_DEFINE([HAVE_RTM_IFANNOUNCE], [], [have PF_ROUTE RTM_IFANNOUNCE defined])],
676         [AC_MSG_RESULT([no])]
677 )
678
679 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
680 AC_COMPILE_IFELSE(
681         [AC_LANG_PROGRAM(
682                 [[#include <sys/types.h>
683                   #ifdef HAVE_NETIPSEC_IPSEC_H
684                   #include <netipsec/ipsec.h>
685                   #elif defined(HAVE_NETINET6_IPSEC_H)
686                   #include <netinet6/ipsec.h>
687                   #else
688                   #include <stdint.h>
689                   #include <linux/ipsec.h>
690                   #endif]],
691                 [[int mode = IPSEC_MODE_BEET;
692                   return mode;]])],
693         [AC_MSG_RESULT([yes]);
694          AC_DEFINE([HAVE_IPSEC_MODE_BEET], [], [have IPSEC_MODE_BEET defined])],
695         [AC_MSG_RESULT([no])]
696 )
697
698 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
699 AC_COMPILE_IFELSE(
700         [AC_LANG_PROGRAM(
701                 [[#include <sys/types.h>
702                   #ifdef HAVE_NETIPSEC_IPSEC_H
703                   #include <netipsec/ipsec.h>
704                   #elif defined(HAVE_NETINET6_IPSEC_H)
705                   #include <netinet6/ipsec.h>
706                   #else
707                   #include <stdint.h>
708                   #include <linux/ipsec.h>
709                   #endif]],
710                 [[int dir = IPSEC_DIR_FWD;
711                   return dir;]])],
712         [AC_MSG_RESULT([yes]);
713          AC_DEFINE([HAVE_IPSEC_DIR_FWD], [], [have IPSEC_DIR_FWD defined])],
714         [AC_MSG_RESULT([no])]
715 )
716
717 AC_MSG_CHECKING([for RTA_TABLE])
718 AC_COMPILE_IFELSE(
719         [AC_LANG_PROGRAM(
720                 [[#include <sys/socket.h>
721                   #include <linux/netlink.h>
722                   #include <linux/rtnetlink.h>]],
723                 [[int rta_type = RTA_TABLE;
724                   return rta_type;]])],
725         [AC_MSG_RESULT([yes]);
726          AC_DEFINE([HAVE_RTA_TABLE], [], [have netlink RTA_TABLE defined])],
727         [AC_MSG_RESULT([no])]
728 )
729
730 AC_MSG_CHECKING([for __int128])
731 AC_COMPILE_IFELSE(
732         [AC_LANG_PROGRAM(
733                 [[#include <sys/types.h>]],
734                 [[__int128 x = 0;
735                   return x;]])],
736         [AC_MSG_RESULT([yes]);
737          AC_DEFINE([HAVE_INT128], [], [have __int128 type support])],
738         [AC_MSG_RESULT([no])]
739 )
740
741 AC_MSG_CHECKING([for GCC __sync operations])
742 AC_RUN_IFELSE([AC_LANG_SOURCE(
743         [[
744                         int main() {
745                         int ref = 1;
746                         __sync_fetch_and_add (&ref, 1);
747                         __sync_sub_and_fetch (&ref, 1);
748                         __sync_val_compare_and_swap(&ref, 1, 0);
749                         return ref;
750                 }
751         ]])],
752         [AC_MSG_RESULT([yes]);
753          AC_DEFINE([HAVE_GCC_SYNC_OPERATIONS], [],
754                    [have GCC __sync_* operations])],
755         [AC_MSG_RESULT([no])],
756         [AC_MSG_RESULT([no])]
757 )
758
759 case "$printf_hooks" in
760 auto|builtin|glibc|vstr)
761         ;;
762 *)
763         AC_MSG_NOTICE([invalid printf hook implementation, defaulting to 'auto'])
764         printf_hooks=auto
765         ;;
766 esac
767
768 if test x$printf_hooks = xauto -o x$printf_hooks = xglibc; then
769         # check for the new register_printf_specifier function with len argument,
770         # or the deprecated register_printf_function without
771         AC_CHECK_FUNC(
772                 [register_printf_specifier],
773                 [AC_DEFINE([HAVE_PRINTF_SPECIFIER], [], [have register_printf_specifier()])],
774                 [AC_CHECK_FUNC(
775                         [register_printf_function],
776                         [AC_DEFINE([HAVE_PRINTF_FUNCTION], [], [have register_printf_function()])],
777                         [
778                                 AC_MSG_NOTICE([printf(3) does not support custom format specifiers!])
779                                 if test x$printf_hooks = xglibc; then
780                                         AC_MSG_ERROR([please select a different printf hook implementation])
781                                 else
782                                         # fallback to builtin printf hook implementation
783                                         printf_hooks=builtin
784                                 fi
785                         ]
786                 )]
787         )
788 fi
789
790 AC_MSG_CHECKING([for Windows target])
791 AC_COMPILE_IFELSE(
792         [AC_LANG_PROGRAM(
793                 [[#include <windows.h>]],
794                 [[#ifndef WIN32
795                   # error WIN32 undefined
796                   #endif
797                 ]])],
798         [
799                 AC_MSG_RESULT([yes])
800                 windows=true
801                 openssl_lib=eay32
802                 AC_SUBST(PTHREADLIB, "")
803                 # explicitly disable ms-bitfields, as it breaks __attribute__((packed))
804                 case "$CFLAGS" in
805                         *ms-bitfields*) ;;
806                         *) CFLAGS="$CFLAGS -mno-ms-bitfields" ;;
807                 esac
808         ],
809         [
810                 AC_MSG_RESULT([no])
811                 openssl_lib=crypto
812
813                 # check for clock_gettime() on non-Windows only. Otherwise this
814                 # check might find clock_gettime() in libwinpthread, but we don't want
815                 # to link against it.
816                 saved_LIBS=$LIBS
817                 # FreeBSD has clock_gettime in libc, Linux needs librt
818                 LIBS=""
819                 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
820                 AC_CHECK_FUNCS(clock_gettime)
821                 AC_SUBST(RTLIB)
822                 LIBS=$saved_LIBS
823         ]
824 )
825 AC_SUBST(OPENSSL_LIB, [-l$openssl_lib])
826 AM_CONDITIONAL(USE_WINDOWS, [test "x$windows" = xtrue])
827
828 AC_MSG_CHECKING([for working __attribute__((packed))])
829 AC_COMPILE_IFELSE(
830         [AC_LANG_PROGRAM([], [[
831                 struct test { char a; short b; } __attribute__((packed));
832                 char x[sizeof(struct test) == sizeof(char) + sizeof(short) ? 1 : -1]
833                         __attribute__((unused));
834                 return 0;
835         ]])],
836         [AC_MSG_RESULT([yes])],
837         [AC_MSG_RESULT([no]); AC_MSG_ERROR([__attribute__((packed)) does not work])]
838 )
839
840 AC_MSG_CHECKING([clang])
841 AC_COMPILE_IFELSE(
842         [AC_LANG_PROGRAM(
843                 [], [[
844                  #ifndef __clang__
845                  # error not using LLVM clang
846                  #endif
847                 ]])],
848         [
849                 AC_MSG_RESULT([yes])
850         ],
851         [
852                 AC_MSG_RESULT([no])
853                 # GCC, but not MinGW requires -rdynamic for plugins
854                 if test x$windows != xtrue; then
855                         AC_SUBST(PLUGIN_CFLAGS, [-rdynamic])
856                 fi
857         ]
858 )
859
860 AC_MSG_CHECKING([x86/x64 target])
861 AC_COMPILE_IFELSE(
862         [AC_LANG_PROGRAM(
863                 [], [[
864                  #if !defined(__i386__) && !defined(__x86_64__)
865                  # error not on x86/x64
866                  #endif
867                 ]])],
868         [
869                 x86x64=true
870                 AC_MSG_RESULT([yes])
871         ],
872         [AC_MSG_RESULT([no])]
873 )
874 AM_CONDITIONAL(USE_X86X64, [test "x$x86x64" = xtrue])
875
876 if test x$printf_hooks = xvstr; then
877         AC_CHECK_LIB([vstr],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])],[])
878         AC_DEFINE([USE_VSTR], [], [use Vstr string library for printf hooks])
879 fi
880
881 if test x$printf_hooks = xbuiltin; then
882         AC_DEFINE([USE_BUILTIN_PRINTF], [], [using builtin printf for printf hooks])
883 fi
884
885 if test x$gmp = xtrue; then
886         saved_LIBS=$LIBS
887         AC_CHECK_LIB([gmp],[main],[],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])],[])
888         AC_MSG_CHECKING([mpz_powm_sec])
889         if test x$mpz_powm_sec = xyes; then
890                 AC_COMPILE_IFELSE(
891                         [AC_LANG_PROGRAM(
892                                 [[#include "gmp.h"]],
893                                 [[void *x = mpz_powm_sec;]])],
894                         [AC_MSG_RESULT([yes]);
895                          AC_DEFINE([HAVE_MPZ_POWM_SEC], [], [have mpz_mown_sec()])],
896                         [AC_MSG_RESULT([no])]
897                 )
898         else
899                 AC_MSG_RESULT([disabled])
900         fi
901         LIBS=$saved_LIBS
902         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
903         AC_COMPILE_IFELSE(
904                 [AC_LANG_PROGRAM(
905                         [[#include "gmp.h"]],
906                         [[
907                                 #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
908                                         #error bad gmp
909                                 #endif]])],
910                 [AC_MSG_RESULT([yes])],
911                 [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
912         )
913 fi
914
915 if test x$ldap = xtrue; then
916         AC_CHECK_LIB([ldap],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])],[])
917         AC_CHECK_LIB([lber],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])],[])
918         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
919 fi
920
921 if test x$curl = xtrue; then
922         AC_CHECK_LIB([curl],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])],[])
923         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
924 fi
925
926 if test x$unbound = xtrue; then
927         AC_CHECK_LIB([ldns],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library ldns not found])],[])
928         AC_CHECK_HEADER([ldns/ldns.h],,[AC_MSG_ERROR([UNBOUND header ldns/ldns.h not found!])])
929         AC_CHECK_LIB([unbound],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library libunbound not found])],[])
930         AC_CHECK_HEADER([unbound.h],,[AC_MSG_ERROR([UNBOUND header unbound.h not found!])])
931 fi
932
933 if test x$soup = xtrue; then
934         PKG_CHECK_MODULES(soup, [libsoup-2.4])
935         AC_SUBST(soup_CFLAGS)
936         AC_SUBST(soup_LIBS)
937 fi
938
939 if test x$xml = xtrue; then
940         PKG_CHECK_MODULES(xml, [libxml-2.0])
941         AC_SUBST(xml_CFLAGS)
942         AC_SUBST(xml_LIBS)
943 fi
944
945 if test x$systemd = xtrue; then
946         AC_MSG_CHECKING([for systemd system unit directory])
947         if test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno; then
948                 AC_MSG_RESULT([$systemdsystemunitdir])
949         else
950                 AC_MSG_ERROR([not found (try --with-systemdsystemunitdir)])
951         fi
952
953         PKG_CHECK_MODULES(systemd, [libsystemd >= 209],
954                 [AC_SUBST(systemd_CFLAGS)
955                  AC_SUBST(systemd_LIBS)],
956                 [PKG_CHECK_MODULES(systemd_daemon, [libsystemd-daemon])
957                  AC_SUBST(systemd_daemon_CFLAGS)
958                  AC_SUBST(systemd_daemon_LIBS)
959                  PKG_CHECK_MODULES(systemd_journal, [libsystemd-journal])
960                  AC_SUBST(systemd_journal_CFLAGS)
961                  AC_SUBST(systemd_journal_LIBS)]
962         )
963 fi
964
965 if test x$tss_trousers = xtrue; then
966         AC_CHECK_LIB([tspi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([TrouSerS library libtspi not found])],[])
967         AC_CHECK_HEADER([trousers/tss.h],,[AC_MSG_ERROR([TrouSerS header trousers/tss.h not found!])])
968         AC_DEFINE([TSS_TROUSERS], [], [use TrouSerS library libtspi])
969 fi
970
971 if test x$tss_tss2 = xtrue; then
972         AC_CHECK_LIB([tss2],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([TTS 2.0 library libtss2 not found])],[])
973         AC_CHECK_HEADER([tss2/tpm20.h],,[AC_MSG_ERROR([TSS 2.0 header tss2/tpm20.h not found!])])
974         AC_DEFINE([TSS_TSS2], [], [use TSS 2.0 library libtss2])
975 fi
976 if test x$imv_swid = xtrue; then
977         PKG_CHECK_MODULES(json, [json-c], [],
978                 [PKG_CHECK_MODULES(json, [json])])
979         AC_SUBST(json_CFLAGS)
980         AC_SUBST(json_LIBS)
981 fi
982
983 if test x$dumm = xtrue; then
984         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
985         AC_SUBST(gtk_CFLAGS)
986         AC_SUBST(gtk_LIBS)
987         AC_CHECK_PROGS(RUBY, ruby)
988         AC_MSG_CHECKING([for Ruby header files])
989         if test -n "$RUBY"; then
990                 RUBYINCLUDE=
991                 RUBYDIR=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["rubyhdrdir"]] || ""') 2>/dev/null`
992                 if test -n "$RUBYDIR" -a -r "$RUBYDIR/ruby.h"; then
993                         RUBYARCH=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["arch"]] || ""') 2>/dev/null`
994                         if test -n "$RUBYARCH"; then
995                                 AC_MSG_RESULT([$RUBYDIR])
996                                 RUBYINCLUDE="-I$RUBYDIR -I$RUBYDIR/$RUBYARCH"
997                         fi
998                 else
999                         RUBYDIR=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["archdir"]] || ""') 2>/dev/null`
1000                         if test -n "$RUBYDIR" -a -r "$RUBYDIR/ruby.h"; then
1001                                 AC_MSG_RESULT([$RUBYDIR])
1002                                 RUBYINCLUDE="-I$RUBYDIR"
1003                         fi
1004                 fi
1005                 if test -z "$RUBYINCLUDE"; then
1006                         AC_MSG_ERROR([ruby.h not found])
1007                 fi
1008                 AC_SUBST(RUBYINCLUDE)
1009         else
1010                 AC_MSG_ERROR([don't know how to run ruby])
1011         fi
1012         AC_MSG_CHECKING([for libruby])
1013         saved_LIBS=$LIBS
1014         LIBS=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["LIBRUBYARG_SHARED"]] || ""') 2>/dev/null`
1015         AC_TRY_LINK_FUNC(ruby_init,
1016                 [AC_MSG_RESULT([$LIBS]); RUBYLIB=$LIBS],
1017                 [AC_MSG_ERROR([not found])])
1018         AC_SUBST(RUBYLIB)
1019         AC_CHECK_FUNCS(rb_errinfo)
1020         LIBS=$saved_LIBS
1021 fi
1022
1023 if test x$fast = xtrue; then
1024         AC_CHECK_LIB([neo_cgi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])],[])
1025         AC_CHECK_LIB([neo_utl],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])],[])
1026         AC_MSG_CHECKING([ClearSilver requires zlib])
1027         saved_CFLAGS=$CFLAGS
1028         saved_LIBS=$LIBS
1029         LIBS="-lneo_cgi -lneo_cs -lneo_utl"
1030         CFLAGS="-I/usr/include/ClearSilver"
1031         AC_LINK_IFELSE(
1032                 [AC_LANG_PROGRAM(
1033                         [[#include <ClearSilver.h>]],
1034                         [[NEOERR *err = cgi_display(NULL, NULL);]])],
1035                 [AC_MSG_RESULT([no]); clearsilver_LIBS="$LIBS"],
1036                 [AC_MSG_RESULT([yes]); clearsilver_LIBS="$LIBS -lz"]
1037         )
1038         AC_SUBST(clearsilver_LIBS)
1039         LIBS=$saved_LIBS
1040         CFLAGS=$saved_CFLAGS
1041 # autoconf does not like CamelCase!? How to fix this?
1042 #       AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
1043
1044         AC_CHECK_LIB([fcgi],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])],[])
1045         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
1046 fi
1047
1048 if test x$mysql = xtrue; then
1049         if test "x$windows" = xtrue; then
1050                 AC_CHECK_HEADER([mysql.h],,[AC_MSG_ERROR([MySQL header file mysql.h not found!])])
1051                 AC_CHECK_LIB([mysql],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([MySQL library not found!])],[])
1052                 AC_SUBST(MYSQLLIB, -lmysql)
1053         else
1054                 AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1055                 if test x$MYSQLCONFIG = x; then
1056                         AC_MSG_ERROR([mysql_config not found!])
1057                 fi
1058                 AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
1059                 AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
1060         fi
1061 fi
1062
1063 if test x$sqlite = xtrue; then
1064         AC_CHECK_LIB([sqlite3],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])],[])
1065         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
1066         AC_MSG_CHECKING([sqlite3_prepare_v2])
1067         AC_COMPILE_IFELSE(
1068                 [AC_LANG_PROGRAM(
1069                         [[#include <sqlite3.h>]],
1070                         [[void *test = sqlite3_prepare_v2;]])],
1071                 [AC_MSG_RESULT([yes]);
1072                  AC_DEFINE([HAVE_SQLITE3_PREPARE_V2], [], [have sqlite3_prepare_v2()])],
1073                 [AC_MSG_RESULT([no])]
1074         )
1075         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
1076         AC_COMPILE_IFELSE(
1077                 [AC_LANG_PROGRAM(
1078                         [[#include <sqlite3.h>]],
1079                         [[
1080                                 #if SQLITE_VERSION_NUMBER < 3003001
1081                                         #error bad sqlite
1082                                 #endif]])],
1083                 [AC_MSG_RESULT([yes])],
1084                 [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])]
1085         )
1086 fi
1087
1088 if test x$openssl = xtrue; then
1089         AC_CHECK_LIB([$openssl_lib],[main],[LIBS="$LIBS"],
1090                                  [AC_MSG_ERROR([OpenSSL lib$openssl_lib not found])],[$DLLIB])
1091         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
1092 fi
1093
1094 if test x$gcrypt = xtrue; then
1095         AC_CHECK_LIB([gcrypt],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
1096         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
1097         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
1098         AC_COMPILE_IFELSE(
1099                 [AC_LANG_PROGRAM(
1100                         [[#include <gcrypt.h>]],
1101                         [[enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;]])],
1102                 [AC_MSG_RESULT([yes]);
1103                  AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA], [], [have GCRY_CIPHER_CAMELLIA128])],
1104                 [AC_MSG_RESULT([no])]
1105         )
1106 fi
1107
1108 if test x$uci = xtrue; then
1109         AC_CHECK_LIB([uci],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[])
1110         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
1111 fi
1112
1113 if test x$android_dns = xtrue; then
1114         AC_CHECK_LIB([cutils],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])],[])
1115         AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
1116         # we have to force the use of libdl here because the autodetection
1117         # above does not work correctly when cross-compiling for android.
1118         DLLIB="-ldl"
1119         AC_SUBST(DLLIB)
1120 fi
1121
1122 if test x$maemo = xtrue; then
1123         PKG_CHECK_MODULES(maemo, [glib-2.0 gthread-2.0 libosso osso-af-settings])
1124         AC_SUBST(maemo_CFLAGS)
1125         AC_SUBST(maemo_LIBS)
1126         dbusservicedir="/usr/share/dbus-1/system-services"
1127         AC_SUBST(dbusservicedir)
1128 fi
1129
1130 if test x$eap_sim_pcsc = xtrue; then
1131         PKG_CHECK_MODULES(pcsclite, [libpcsclite])
1132         AC_SUBST(pcsclite_CFLAGS)
1133         AC_SUBST(pcsclite_LIBS)
1134 fi
1135
1136 if test x$nm = xtrue; then
1137         PKG_CHECK_EXISTS([libnm-glib],
1138                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-util libnm-glib libnm-glib-vpn])],
1139                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_util libnm_glib libnm_glib_vpn])]
1140         )
1141         AC_SUBST(nm_CFLAGS)
1142         AC_SUBST(nm_LIBS)
1143 fi
1144
1145 if test x$xauth_pam = xtrue; then
1146         AC_CHECK_LIB([pam],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])],[])
1147         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
1148 fi
1149
1150 if test x$connmark = xtrue -o x$forecast = xtrue; then
1151         PKG_CHECK_MODULES(libiptc, [libiptc])
1152         AC_SUBST(libiptc_CFLAGS)
1153         AC_SUBST(libiptc_LIBS)
1154 fi
1155
1156 if test x$capabilities = xnative; then
1157         AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead])
1158         # Linux requires the following for capset(), Android does not have it,
1159         # but defines capset() in unistd.h instead.
1160         AC_CHECK_HEADERS([sys/capability.h])
1161         AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])])
1162         AC_DEFINE([CAPABILITIES_NATIVE], [], [have native linux capset()])
1163 fi
1164
1165 if test x$capabilities = xlibcap; then
1166         AC_CHECK_LIB([cap],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])],[])
1167         AC_CHECK_HEADER([sys/capability.h],
1168                 [AC_DEFINE([HAVE_SYS_CAPABILITY_H], [], [have sys/capability.h])],
1169                 [AC_MSG_ERROR([libcap header sys/capability.h not found!])])
1170         AC_DEFINE([CAPABILITIES_LIBCAP], [], [have libpcap library])
1171 fi
1172
1173 if test x$integrity_test = xtrue; then
1174         AC_MSG_CHECKING([for dladdr()])
1175         AC_COMPILE_IFELSE(
1176                 [AC_LANG_PROGRAM(
1177                         [[#define _GNU_SOURCE
1178                           #include <dlfcn.h>]],
1179                         [[Dl_info info; dladdr(main, &info);]])],
1180                 [AC_MSG_RESULT([yes])],
1181                 [AC_MSG_RESULT([no]);
1182                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
1183         )
1184         AC_MSG_CHECKING([for dl_iterate_phdr()])
1185         AC_COMPILE_IFELSE(
1186                 [AC_LANG_PROGRAM(
1187                         [[#define _GNU_SOURCE
1188                           #include <link.h>]],
1189                         [[dl_iterate_phdr((void*)0, (void*)0);]])],
1190                 [AC_MSG_RESULT([yes])],
1191                 [AC_MSG_RESULT([no]);
1192                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
1193         )
1194 fi
1195
1196 if test x$bfd_backtraces = xtrue; then
1197         AC_CHECK_LIB([bfd],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([binutils libbfd not found!])],[])
1198         AC_CHECK_HEADER([bfd.h],[AC_DEFINE([HAVE_BFD_H],,[have binutils bfd.h])],
1199                 [AC_MSG_ERROR([binutils bfd.h header not found!])])
1200         BFDLIB="-lbfd"
1201         AC_SUBST(BFDLIB)
1202 fi
1203
1204 if test x$unwind_backtraces = xtrue; then
1205         AC_CHECK_LIB([unwind],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([libunwind not found!])],[])
1206         AC_CHECK_HEADER([libunwind.h],[AC_DEFINE([HAVE_LIBUNWIND_H],,[have libunwind.h])],
1207                 [AC_MSG_ERROR([libunwind.h header not found!])])
1208         UNWINDLIB="-lunwind"
1209         AC_SUBST(UNWINDLIB)
1210 fi
1211
1212 AM_CONDITIONAL(USE_DEV_HEADERS, [test "x$dev_headers" != xno])
1213 if test x$dev_headers = xyes; then
1214         dev_headers="$includedir/strongswan"
1215 fi
1216 AC_SUBST(dev_headers)
1217
1218 CFLAGS="$CFLAGS -include `pwd`/config.h"
1219
1220 if test x$tkm = xtrue; then
1221         AC_PATH_PROG([GPRBUILD], [gprbuild], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1222         if test x$GPRBUILD = x; then
1223                 AC_MSG_ERROR([gprbuild not found])
1224         fi
1225 fi
1226
1227 if test x$coverage = xtrue; then
1228         AC_PATH_PROG([LCOV], [lcov], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1229         if test x$LCOV = x; then
1230                 AC_MSG_ERROR([lcov not found])
1231         fi
1232         AC_PATH_PROG([GENHTML], [genhtml], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1233         if test x$GENHTML = x; then
1234                 AC_MSG_ERROR([genhtml not found])
1235         fi
1236
1237         COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage"
1238         COVERAGE_LDFLAGS="-fprofile-arcs"
1239         AC_SUBST(COVERAGE_CFLAGS)
1240         AC_SUBST(COVERAGE_LDFLAGS)
1241
1242         AC_MSG_NOTICE([coverage enabled, adding "-g -O0" to CFLAGS])
1243         CFLAGS="${CFLAGS} -g -O0"
1244 fi
1245
1246 if test x$ruby_gems = xtrue; then
1247         AC_PATH_PROG([GEM], [gem], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1248         if test x$GEM = x; then
1249                 AC_MSG_ERROR(RubyGems package manager not found)
1250         fi
1251         if test "x$rubygemdir" = "xgem environment gemdir"; then
1252                 rubygemdir=$($GEM environment gemdir)
1253         fi
1254         AC_SUBST(RUBYGEMDIR, "$rubygemdir")
1255 fi
1256 AM_CONDITIONAL(RUBY_GEMS_INSTALL, [test "x$ruby_gems_install" = xtrue])
1257
1258 if test x$python_eggs = xtrue; then
1259         PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/dev/'`
1260         AC_SUBST([PYTHON_PACKAGE_VERSION])
1261         if test x$python_eggs_install = xtrue; then
1262                 AC_PATH_PROG([EASY_INSTALL], [easy_install], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1263                 if test x$EASY_INSTALL = x; then
1264                         AC_MSG_ERROR(Python easy_install not found)
1265                 fi
1266         fi
1267         if test "x$pythoneggdir" = "xmain site-packages directory"; then
1268                 AC_SUBST(PYTHONEGGINSTALLDIR, "")
1269         else
1270                 AC_SUBST(PYTHONEGGINSTALLDIR, "--install-dir $pythoneggdir")
1271         fi
1272         AC_PATH_PROG([PY_TEST], [py.test], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1273 fi
1274 AM_CONDITIONAL(PYTHON_EGGS_INSTALL, [test "x$python_eggs_install" = xtrue])
1275
1276 AM_CONDITIONAL(PERL_CPAN_INSTALL, [test "x$perl_cpan_install" = xtrue])
1277
1278 # ===============================================
1279 #  collect plugin list for strongSwan components
1280 # ===============================================
1281
1282 m4_include(m4/macros/add-plugin.m4)
1283
1284 # plugin lists for all components
1285 charon_plugins=
1286 starter_plugins=
1287 pool_plugins=
1288 attest_plugins=
1289 scepclient_plugins=
1290 pki_plugins=
1291 scripts_plugins=
1292 manager_plugins=
1293 medsrv_plugins=
1294 nm_plugins=
1295 cmd_plugins=
1296 aikgen_plugins=
1297
1298 # location specific lists for checksumming,
1299 # for src/libcharon, src/libstrongswan and src/libtnccs
1300 c_plugins=
1301 s_plugins=
1302 t_plugins=
1303
1304 ADD_PLUGIN([test-vectors],         [s charon scepclient pki])
1305 ADD_PLUGIN([unbound],              [s charon scripts])
1306 ADD_PLUGIN([ldap],                 [s charon scepclient scripts nm cmd])
1307 ADD_PLUGIN([pkcs11],               [s charon pki nm cmd])
1308 ADD_PLUGIN([aesni],                [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
1309 ADD_PLUGIN([aes],                  [s charon scepclient pki scripts nm cmd])
1310 ADD_PLUGIN([des],                  [s charon scepclient pki scripts nm cmd])
1311 ADD_PLUGIN([blowfish],             [s charon scepclient pki scripts nm cmd])
1312 ADD_PLUGIN([rc2],                  [s charon scepclient pki scripts nm cmd])
1313 ADD_PLUGIN([sha2],                 [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
1314 ADD_PLUGIN([sha3],                 [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
1315 ADD_PLUGIN([sha1],                 [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1316 ADD_PLUGIN([md4],                  [s charon scepclient pki nm cmd])
1317 ADD_PLUGIN([md5],                  [s charon scepclient pki scripts attest nm cmd aikgen])
1318 ADD_PLUGIN([rdrand],               [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
1319 ADD_PLUGIN([random],               [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1320 ADD_PLUGIN([nonce],                [s charon nm cmd aikgen])
1321 ADD_PLUGIN([x509],                 [s charon scepclient pki scripts attest nm cmd aikgen])
1322 ADD_PLUGIN([revocation],           [s charon pki nm cmd])
1323 ADD_PLUGIN([constraints],          [s charon nm cmd])
1324 ADD_PLUGIN([acert],                [s charon])
1325 ADD_PLUGIN([pubkey],               [s charon cmd aikgen])
1326 ADD_PLUGIN([pkcs1],                [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1327 ADD_PLUGIN([pkcs7],                [s charon scepclient pki scripts nm cmd])
1328 ADD_PLUGIN([pkcs8],                [s charon scepclient pki scripts manager medsrv attest nm cmd])
1329 ADD_PLUGIN([pkcs12],               [s charon scepclient pki scripts cmd])
1330 ADD_PLUGIN([pgp],                  [s charon])
1331 ADD_PLUGIN([dnskey],               [s charon pki])
1332 ADD_PLUGIN([sshkey],               [s charon pki nm cmd])
1333 ADD_PLUGIN([dnscert],              [c charon])
1334 ADD_PLUGIN([ipseckey],             [c charon])
1335 ADD_PLUGIN([pem],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1336 ADD_PLUGIN([padlock],              [s charon])
1337 ADD_PLUGIN([openssl],              [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1338 ADD_PLUGIN([gcrypt],               [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1339 ADD_PLUGIN([af-alg],               [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
1340 ADD_PLUGIN([fips-prf],             [s charon nm cmd])
1341 ADD_PLUGIN([gmp],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
1342 ADD_PLUGIN([agent],                [s charon nm cmd])
1343 ADD_PLUGIN([keychain],             [s charon cmd])
1344 ADD_PLUGIN([chapoly],              [s charon scripts nm cmd])
1345 ADD_PLUGIN([xcbc],                 [s charon nm cmd])
1346 ADD_PLUGIN([cmac],                 [s charon nm cmd])
1347 ADD_PLUGIN([hmac],                 [s charon pki scripts nm cmd])
1348 ADD_PLUGIN([ctr],                  [s charon scripts nm cmd])
1349 ADD_PLUGIN([ccm],                  [s charon scripts nm cmd])
1350 ADD_PLUGIN([gcm],                  [s charon scripts nm cmd])
1351 ADD_PLUGIN([ntru],                 [s charon scripts nm cmd])
1352 ADD_PLUGIN([bliss],                [s charon pki scripts nm cmd])
1353 ADD_PLUGIN([curl],                 [s charon scepclient pki scripts nm cmd])
1354 ADD_PLUGIN([files],                [s charon scepclient pki scripts nm cmd])
1355 ADD_PLUGIN([winhttp],              [s charon pki scripts])
1356 ADD_PLUGIN([soup],                 [s charon pki scripts nm cmd])
1357 ADD_PLUGIN([mysql],                [s charon pool manager medsrv attest])
1358 ADD_PLUGIN([sqlite],               [s charon pool manager medsrv attest])
1359 ADD_PLUGIN([attr],                 [c charon])
1360 ADD_PLUGIN([attr-sql],             [c charon])
1361 ADD_PLUGIN([load-tester],          [c charon])
1362 ADD_PLUGIN([kernel-libipsec],      [c charon cmd])
1363 ADD_PLUGIN([kernel-wfp],           [c charon])
1364 ADD_PLUGIN([kernel-iph],           [c charon])
1365 ADD_PLUGIN([kernel-pfkey],         [c charon starter nm cmd])
1366 ADD_PLUGIN([kernel-pfroute],       [c charon starter nm cmd])
1367 ADD_PLUGIN([kernel-netlink],       [c charon starter nm cmd])
1368 ADD_PLUGIN([resolve],              [c charon cmd])
1369 ADD_PLUGIN([socket-default],       [c charon nm cmd])
1370 ADD_PLUGIN([socket-dynamic],       [c charon cmd])
1371 ADD_PLUGIN([socket-win],           [c charon])
1372 ADD_PLUGIN([connmark],             [c charon])
1373 ADD_PLUGIN([forecast],             [c charon])
1374 ADD_PLUGIN([farp],                 [c charon])
1375 ADD_PLUGIN([stroke],               [c charon])
1376 ADD_PLUGIN([vici],                 [c charon])
1377 ADD_PLUGIN([smp],                  [c charon])
1378 ADD_PLUGIN([sql],                  [c charon])
1379 ADD_PLUGIN([updown],               [c charon])
1380 ADD_PLUGIN([eap-identity],         [c charon nm cmd])
1381 ADD_PLUGIN([eap-sim],              [c charon])
1382 ADD_PLUGIN([eap-sim-file],         [c charon])
1383 ADD_PLUGIN([eap-sim-pcsc],         [c charon])
1384 ADD_PLUGIN([eap-aka],              [c charon])
1385 ADD_PLUGIN([eap-aka-3gpp2],        [c charon])
1386 ADD_PLUGIN([eap-simaka-sql],       [c charon])
1387 ADD_PLUGIN([eap-simaka-pseudonym], [c charon])
1388 ADD_PLUGIN([eap-simaka-reauth],    [c charon])
1389 ADD_PLUGIN([eap-md5],              [c charon nm cmd])
1390 ADD_PLUGIN([eap-gtc],              [c charon nm cmd])
1391 ADD_PLUGIN([eap-mschapv2],         [c charon nm cmd])
1392 ADD_PLUGIN([eap-dynamic],          [c charon])
1393 ADD_PLUGIN([eap-radius],           [c charon])
1394 ADD_PLUGIN([eap-tls],              [c charon nm cmd])
1395 ADD_PLUGIN([eap-ttls],             [c charon nm cmd])
1396 ADD_PLUGIN([eap-peap],             [c charon nm cmd])
1397 ADD_PLUGIN([eap-tnc],              [c charon])
1398 ADD_PLUGIN([xauth-generic],        [c charon cmd])
1399 ADD_PLUGIN([xauth-eap],            [c charon])
1400 ADD_PLUGIN([xauth-pam],            [c charon])
1401 ADD_PLUGIN([xauth-noauth],         [c charon])
1402 ADD_PLUGIN([tnc-ifmap],            [c charon])
1403 ADD_PLUGIN([tnc-pdp],              [c charon])
1404 ADD_PLUGIN([tnc-imc],              [t charon])
1405 ADD_PLUGIN([tnc-imv],              [t charon])
1406 ADD_PLUGIN([tnc-tnccs],            [t charon])
1407 ADD_PLUGIN([tnccs-20],             [t charon])
1408 ADD_PLUGIN([tnccs-11],             [t charon])
1409 ADD_PLUGIN([tnccs-dynamic],        [t charon])
1410 ADD_PLUGIN([medsrv],               [c charon])
1411 ADD_PLUGIN([medcli],               [c charon])
1412 ADD_PLUGIN([dhcp],                 [c charon])
1413 ADD_PLUGIN([osx-attr],             [c charon cmd])
1414 ADD_PLUGIN([p-cscf],               [c charon cmd])
1415 ADD_PLUGIN([android-dns],          [c charon])
1416 ADD_PLUGIN([android-log],          [c charon])
1417 ADD_PLUGIN([ha],                   [c charon])
1418 ADD_PLUGIN([whitelist],            [c charon])
1419 ADD_PLUGIN([ext-auth],             [c charon])
1420 ADD_PLUGIN([lookip],               [c charon])
1421 ADD_PLUGIN([error-notify],         [c charon])
1422 ADD_PLUGIN([certexpire],           [c charon])
1423 ADD_PLUGIN([systime-fix],          [c charon])
1424 ADD_PLUGIN([led],                  [c charon])
1425 ADD_PLUGIN([duplicheck],           [c charon])
1426 ADD_PLUGIN([coupling],             [c charon])
1427 ADD_PLUGIN([radattr],              [c charon])
1428 ADD_PLUGIN([maemo],                [c charon])
1429 ADD_PLUGIN([uci],                  [c charon])
1430 ADD_PLUGIN([addrblock],            [c charon])
1431 ADD_PLUGIN([unity],                [c charon])
1432
1433 AC_SUBST(charon_plugins)
1434 AC_SUBST(starter_plugins)
1435 AC_SUBST(pool_plugins)
1436 AC_SUBST(attest_plugins)
1437 AC_SUBST(scepclient_plugins)
1438 AC_SUBST(pki_plugins)
1439 AC_SUBST(scripts_plugins)
1440 AC_SUBST(manager_plugins)
1441 AC_SUBST(medsrv_plugins)
1442 AC_SUBST(nm_plugins)
1443 AC_SUBST(cmd_plugins)
1444 AC_SUBST(aikgen_plugins)
1445
1446 AC_SUBST(c_plugins)
1447 AC_SUBST(h_plugins)
1448 AC_SUBST(s_plugins)
1449 AC_SUBST(t_plugins)
1450
1451 # ======================
1452 #  set Makefile.am vars
1453 # ======================
1454
1455 #  libstrongswan plugins
1456 # -----------------------
1457 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
1458 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
1459 AM_CONDITIONAL(USE_FILES, test x$files = xtrue)
1460 AM_CONDITIONAL(USE_WINHTTP, test x$winhttp = xtrue)
1461 AM_CONDITIONAL(USE_UNBOUND, test x$unbound = xtrue)
1462 AM_CONDITIONAL(USE_SOUP, test x$soup = xtrue)
1463 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
1464 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
1465 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
1466 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
1467 AM_CONDITIONAL(USE_RC2, test x$rc2 = xtrue)
1468 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
1469 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
1470 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
1471 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
1472 AM_CONDITIONAL(USE_SHA3, test x$sha3 = xtrue)
1473 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
1474 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
1475 AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
1476 AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
1477 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
1478 AM_CONDITIONAL(USE_NONCE, test x$nonce = xtrue)
1479 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
1480 AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue)
1481 AM_CONDITIONAL(USE_CONSTRAINTS, test x$constraints = xtrue)
1482 AM_CONDITIONAL(USE_ACERT, test x$acert = xtrue)
1483 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
1484 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
1485 AM_CONDITIONAL(USE_PKCS7, test x$pkcs7 = xtrue)
1486 AM_CONDITIONAL(USE_PKCS8, test x$pkcs8 = xtrue)
1487 AM_CONDITIONAL(USE_PKCS12, test x$pkcs12 = xtrue)
1488 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
1489 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
1490 AM_CONDITIONAL(USE_SSHKEY, test x$sshkey = xtrue)
1491 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
1492 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
1493 AM_CONDITIONAL(USE_CMAC, test x$cmac = xtrue)
1494 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
1495 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
1496 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
1497 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
1498 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
1499 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
1500 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
1501 AM_CONDITIONAL(USE_KEYCHAIN, test x$keychain = xtrue)
1502 AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue)
1503 AM_CONDITIONAL(USE_CHAPOLY, test x$chapoly = xtrue)
1504 AM_CONDITIONAL(USE_CTR, test x$ctr = xtrue)
1505 AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue)
1506 AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
1507 AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
1508 AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue)
1509 AM_CONDITIONAL(USE_BLISS, test x$bliss = xtrue)
1510
1511 #  charon plugins
1512 # ----------------
1513 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
1514 AM_CONDITIONAL(USE_VICI, test x$vici = xtrue)
1515 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
1516 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
1517 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
1518 AM_CONDITIONAL(USE_OSX_ATTR, test x$osx_attr = xtrue)
1519 AM_CONDITIONAL(USE_P_CSCF, test x$p_cscf = xtrue)
1520 AM_CONDITIONAL(USE_ANDROID_DNS, test x$android_dns = xtrue)
1521 AM_CONDITIONAL(USE_ANDROID_LOG, test x$android_log = xtrue)
1522 AM_CONDITIONAL(USE_MAEMO, test x$maemo = xtrue)
1523 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
1524 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
1525 AM_CONDITIONAL(USE_DNSCERT, test x$dnscert = xtrue)
1526 AM_CONDITIONAL(USE_IPSECKEY, test x$ipseckey = xtrue)
1527 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
1528 AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue)
1529 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
1530 AM_CONDITIONAL(USE_HA, test x$ha = xtrue)
1531 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
1532 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
1533 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
1534 AM_CONDITIONAL(USE_KERNEL_LIBIPSEC, test x$kernel_libipsec = xtrue)
1535 AM_CONDITIONAL(USE_KERNEL_WFP, test x$kernel_wfp = xtrue)
1536 AM_CONDITIONAL(USE_KERNEL_IPH, test x$kernel_iph = xtrue)
1537 AM_CONDITIONAL(USE_WHITELIST, test x$whitelist = xtrue)
1538 AM_CONDITIONAL(USE_EXT_AUTH, test x$ext_auth = xtrue)
1539 AM_CONDITIONAL(USE_LOOKIP, test x$lookip = xtrue)
1540 AM_CONDITIONAL(USE_ERROR_NOTIFY, test x$error_notify = xtrue)
1541 AM_CONDITIONAL(USE_CERTEXPIRE, test x$certexpire = xtrue)
1542 AM_CONDITIONAL(USE_SYSTIME_FIX, test x$systime_fix = xtrue)
1543 AM_CONDITIONAL(USE_LED, test x$led = xtrue)
1544 AM_CONDITIONAL(USE_DUPLICHECK, test x$duplicheck = xtrue)
1545 AM_CONDITIONAL(USE_COUPLING, test x$coupling = xtrue)
1546 AM_CONDITIONAL(USE_RADATTR, test x$radattr = xtrue)
1547 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
1548 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
1549 AM_CONDITIONAL(USE_EAP_SIM_PCSC, test x$eap_sim_pcsc = xtrue)
1550 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
1551 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
1552 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
1553 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
1554 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
1555 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
1556 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
1557 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
1558 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
1559 AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue)
1560 AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue)
1561 AM_CONDITIONAL(USE_EAP_PEAP, test x$eap_peap = xtrue)
1562 AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue)
1563 AM_CONDITIONAL(USE_EAP_DYNAMIC, test x$eap_dynamic = xtrue)
1564 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
1565 AM_CONDITIONAL(USE_XAUTH_GENERIC, test x$xauth_generic = xtrue)
1566 AM_CONDITIONAL(USE_XAUTH_EAP, test x$xauth_eap = xtrue)
1567 AM_CONDITIONAL(USE_XAUTH_PAM, test x$xauth_pam = xtrue)
1568 AM_CONDITIONAL(USE_XAUTH_NOAUTH, test x$xauth_noauth = xtrue)
1569 AM_CONDITIONAL(USE_TNC_IFMAP, test x$tnc_ifmap = xtrue)
1570 AM_CONDITIONAL(USE_TNC_PDP, test x$tnc_pdp = xtrue)
1571 AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
1572 AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue)
1573 AM_CONDITIONAL(USE_TNC_TNCCS, test x$tnc_tnccs = xtrue)
1574 AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue)
1575 AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue)
1576 AM_CONDITIONAL(USE_TNCCS_DYNAMIC, test x$tnccs_dynamic = xtrue)
1577 AM_CONDITIONAL(USE_IMC_TEST, test x$imc_test = xtrue)
1578 AM_CONDITIONAL(USE_IMV_TEST, test x$imv_test = xtrue)
1579 AM_CONDITIONAL(USE_IMC_SCANNER, test x$imc_scanner = xtrue)
1580 AM_CONDITIONAL(USE_IMV_SCANNER, test x$imv_scanner = xtrue)
1581 AM_CONDITIONAL(USE_IMC_OS, test x$imc_os = xtrue)
1582 AM_CONDITIONAL(USE_IMV_OS, test x$imv_os = xtrue)
1583 AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue)
1584 AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue)
1585 AM_CONDITIONAL(USE_IMC_SWID, test x$imc_swid = xtrue)
1586 AM_CONDITIONAL(USE_IMV_SWID, test x$imv_swid = xtrue)
1587 AM_CONDITIONAL(USE_IMC_HCD, test x$imc_hcd = xtrue)
1588 AM_CONDITIONAL(USE_IMV_HCD, test x$imv_hcd = xtrue)
1589 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
1590 AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
1591 AM_CONDITIONAL(USE_SOCKET_WIN, test x$socket_win = xtrue)
1592 AM_CONDITIONAL(USE_CONNMARK, test x$connmark = xtrue)
1593 AM_CONDITIONAL(USE_FORECAST, test x$forecast = xtrue)
1594 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
1595 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
1596 AM_CONDITIONAL(USE_UNITY, test x$unity = xtrue)
1597 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
1598 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
1599 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue)
1600
1601 #  other options
1602 # ---------------
1603 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
1604 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
1605 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
1606 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
1607 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
1608 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
1609 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
1610 AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
1611 AM_CONDITIONAL(USE_IKEV1, test x$ikev1 = xtrue)
1612 AM_CONDITIONAL(USE_IKEV2, test x$ikev2 = xtrue)
1613 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
1614 AM_CONDITIONAL(USE_ADNS, test x$adns = xtrue)
1615 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
1616 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
1617 AM_CONDITIONAL(USE_PKI, test x$pki = xtrue)
1618 AM_CONDITIONAL(USE_SCEPCLIENT, test x$scepclient = xtrue)
1619 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
1620 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
1621 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$aikpub2 = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
1622 AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
1623 AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
1624 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
1625 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
1626 AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue)
1627 AM_CONDITIONAL(USE_LIBTPMTSS, test x$tss_trousers = xtrue -o x$tss_tss2 = xtrue -o x$aikgen = xtrue -o x$aikpub2 = xtrue )
1628 AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
1629 AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue)
1630 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
1631 AM_CONDITIONAL(USE_VSTR, test x$printf_hooks = xvstr)
1632 AM_CONDITIONAL(USE_BUILTIN_PRINTF, test x$printf_hooks = xbuiltin)
1633 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
1634 AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
1635 AM_CONDITIONAL(USE_RADIUS, test x$radius = xtrue)
1636 AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
1637 AM_CONDITIONAL(USE_TROUSERS, test x$tss_trousers = xtrue -o x$aikgen = xtrue)
1638 AM_CONDITIONAL(USE_TSS2, test x$tss_tss2 = xtrue -o x$aikpub2 = xtrue)
1639 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
1640 AM_CONDITIONAL(USE_SILENT_RULES, test x$enable_silent_rules = xyes)
1641 AM_CONDITIONAL(COVERAGE, test x$coverage = xtrue)
1642 AM_CONDITIONAL(USE_DBGHELP, test x$dbghelp_backtraces = xtrue)
1643 AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
1644 AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
1645 AM_CONDITIONAL(USE_AIKGEN, test x$aikgen = xtrue)
1646 AM_CONDITIONAL(USE_AIKPUB2, test x$aikpub2 = xtrue)
1647 AM_CONDITIONAL(USE_SWANCTL, test x$swanctl = xtrue)
1648 AM_CONDITIONAL(USE_SVC, test x$svc = xtrue)
1649 AM_CONDITIONAL(USE_SYSTEMD, test x$systemd = xtrue)
1650 AM_CONDITIONAL(USE_LEGACY_SYSTEMD, test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno)
1651 AM_CONDITIONAL(USE_RUBY_GEMS, test x$ruby_gems = xtrue)
1652 AM_CONDITIONAL(USE_PYTHON_EGGS, test x$python_eggs = xtrue)
1653 AM_CONDITIONAL(USE_PERL_CPAN, test x$perl_cpan = xtrue)
1654 AM_CONDITIONAL(USE_PY_TEST, test "x$PY_TEST" != x)
1655
1656 # ========================
1657 #  set global definitions
1658 # ========================
1659
1660 if test x$mediation = xtrue; then
1661         AC_DEFINE([ME], [], [mediation extension support])
1662 fi
1663 if test x$capabilities = xlibcap -o x$capabilities = xnative; then
1664         AC_DEFINE([CAPABILITIES], [], [capability dropping support])
1665 fi
1666 if test x$log_thread_ids = xtrue; then
1667         AC_DEFINE([USE_THREAD_IDS], [], [use thread ID for thread identification, if available])
1668 fi
1669 if test x$monolithic = xtrue; then
1670         AC_DEFINE([MONOLITHIC], [], [monolithic build embedding plugins])
1671 fi
1672 if test x$ikev1 = xtrue; then
1673         AC_DEFINE([USE_IKEV1], [], [support for IKEv1 protocol])
1674 fi
1675 if test x$ikev2 = xtrue; then
1676         AC_DEFINE([USE_IKEV2], [], [support for IKEv2 protocol])
1677 fi
1678
1679 # ====================================================
1680 #  options for enabled modules (see conf/Makefile.am)
1681 # ====================================================
1682
1683 strongswan_options=
1684
1685 AM_COND_IF([USE_AIKGEN], [strongswan_options=${strongswan_options}" aikgen"])
1686 AM_COND_IF([USE_AIKPUB2], [strongswan_options=${strongswan_options}" aikpub2"])
1687 AM_COND_IF([USE_ATTR_SQL], [strongswan_options=${strongswan_options}" pool"])
1688 AM_COND_IF([USE_CHARON], [strongswan_options=${strongswan_options}" charon charon-logging"])
1689 AM_COND_IF([USE_FILE_CONFIG], [strongswan_options=${strongswan_options}" starter"])
1690 AM_COND_IF([USE_IMV_ATTESTATION], [strongswan_options=${strongswan_options}" attest"])
1691 AM_COND_IF([USE_IMCV], [strongswan_options=${strongswan_options}" imcv"])
1692 AM_COND_IF([USE_IMV_OS], [strongswan_options=${strongswan_options}" pacman"])
1693 AM_COND_IF([USE_LIBTNCCS], [strongswan_options=${strongswan_options}" tnc"])
1694 AM_COND_IF([USE_MANAGER], [strongswan_options=${strongswan_options}" manager"])
1695 AM_COND_IF([USE_MEDSRV], [strongswan_options=${strongswan_options}" medsrv"])
1696 AM_COND_IF([USE_SCEPCLIENT], [strongswan_options=${strongswan_options}" scepclient"])
1697 AM_COND_IF([USE_PKI], [strongswan_options=${strongswan_options}" pki"])
1698 AM_COND_IF([USE_SWANCTL], [strongswan_options=${strongswan_options}" swanctl"])
1699
1700 AC_SUBST(strongswan_options)
1701
1702 # =================
1703 #  build Makefiles
1704 # =================
1705
1706 AC_CONFIG_FILES([
1707         Makefile
1708         conf/Makefile
1709         man/Makefile
1710         init/Makefile
1711         init/systemd/Makefile
1712         init/systemd-swanctl/Makefile
1713         src/Makefile
1714         src/include/Makefile
1715         src/libstrongswan/Makefile
1716         src/libstrongswan/plugins/aes/Makefile
1717         src/libstrongswan/plugins/cmac/Makefile
1718         src/libstrongswan/plugins/des/Makefile
1719         src/libstrongswan/plugins/blowfish/Makefile
1720         src/libstrongswan/plugins/rc2/Makefile
1721         src/libstrongswan/plugins/md4/Makefile
1722         src/libstrongswan/plugins/md5/Makefile
1723         src/libstrongswan/plugins/sha1/Makefile
1724         src/libstrongswan/plugins/sha2/Makefile
1725         src/libstrongswan/plugins/sha3/Makefile
1726         src/libstrongswan/plugins/fips_prf/Makefile
1727         src/libstrongswan/plugins/gmp/Makefile
1728         src/libstrongswan/plugins/rdrand/Makefile
1729         src/libstrongswan/plugins/aesni/Makefile
1730         src/libstrongswan/plugins/random/Makefile
1731         src/libstrongswan/plugins/nonce/Makefile
1732         src/libstrongswan/plugins/hmac/Makefile
1733         src/libstrongswan/plugins/xcbc/Makefile
1734         src/libstrongswan/plugins/x509/Makefile
1735         src/libstrongswan/plugins/revocation/Makefile
1736         src/libstrongswan/plugins/constraints/Makefile
1737         src/libstrongswan/plugins/acert/Makefile
1738         src/libstrongswan/plugins/pubkey/Makefile
1739         src/libstrongswan/plugins/pkcs1/Makefile
1740         src/libstrongswan/plugins/pkcs7/Makefile
1741         src/libstrongswan/plugins/pkcs8/Makefile
1742         src/libstrongswan/plugins/pkcs12/Makefile
1743         src/libstrongswan/plugins/pgp/Makefile
1744         src/libstrongswan/plugins/dnskey/Makefile
1745         src/libstrongswan/plugins/sshkey/Makefile
1746         src/libstrongswan/plugins/pem/Makefile
1747         src/libstrongswan/plugins/curl/Makefile
1748         src/libstrongswan/plugins/files/Makefile
1749         src/libstrongswan/plugins/winhttp/Makefile
1750         src/libstrongswan/plugins/unbound/Makefile
1751         src/libstrongswan/plugins/soup/Makefile
1752         src/libstrongswan/plugins/ldap/Makefile
1753         src/libstrongswan/plugins/mysql/Makefile
1754         src/libstrongswan/plugins/sqlite/Makefile
1755         src/libstrongswan/plugins/padlock/Makefile
1756         src/libstrongswan/plugins/openssl/Makefile
1757         src/libstrongswan/plugins/gcrypt/Makefile
1758         src/libstrongswan/plugins/agent/Makefile
1759         src/libstrongswan/plugins/keychain/Makefile
1760         src/libstrongswan/plugins/pkcs11/Makefile
1761         src/libstrongswan/plugins/chapoly/Makefile
1762         src/libstrongswan/plugins/ctr/Makefile
1763         src/libstrongswan/plugins/ccm/Makefile
1764         src/libstrongswan/plugins/gcm/Makefile
1765         src/libstrongswan/plugins/af_alg/Makefile
1766         src/libstrongswan/plugins/ntru/Makefile
1767         src/libstrongswan/plugins/bliss/Makefile
1768         src/libstrongswan/plugins/bliss/tests/Makefile
1769         src/libstrongswan/plugins/test_vectors/Makefile
1770         src/libstrongswan/tests/Makefile
1771         src/libipsec/Makefile
1772         src/libipsec/tests/Makefile
1773         src/libsimaka/Makefile
1774         src/libtls/Makefile
1775         src/libtls/tests/Makefile
1776         src/libradius/Makefile
1777         src/libtncif/Makefile
1778         src/libtnccs/Makefile
1779         src/libtnccs/plugins/tnc_tnccs/Makefile
1780         src/libtnccs/plugins/tnc_imc/Makefile
1781         src/libtnccs/plugins/tnc_imv/Makefile
1782         src/libtnccs/plugins/tnccs_11/Makefile
1783         src/libtnccs/plugins/tnccs_20/Makefile
1784         src/libtnccs/plugins/tnccs_dynamic/Makefile
1785         src/libpttls/Makefile
1786         src/libimcv/Makefile
1787         src/libimcv/plugins/imc_test/Makefile
1788         src/libimcv/plugins/imv_test/Makefile
1789         src/libimcv/plugins/imc_scanner/Makefile
1790         src/libimcv/plugins/imv_scanner/Makefile
1791         src/libimcv/plugins/imc_os/Makefile
1792         src/libimcv/plugins/imv_os/Makefile
1793         src/libimcv/plugins/imc_attestation/Makefile
1794         src/libimcv/plugins/imv_attestation/Makefile
1795         src/libimcv/plugins/imc_swid/Makefile
1796         src/libimcv/plugins/imv_swid/Makefile
1797         src/libimcv/plugins/imc_hcd/Makefile
1798         src/libimcv/plugins/imv_hcd/Makefile
1799         src/charon/Makefile
1800         src/charon-nm/Makefile
1801         src/charon-tkm/Makefile
1802         src/charon-cmd/Makefile
1803         src/charon-svc/Makefile
1804         src/charon-systemd/Makefile
1805         src/libcharon/Makefile
1806         src/libcharon/plugins/eap_aka/Makefile
1807         src/libcharon/plugins/eap_aka_3gpp2/Makefile
1808         src/libcharon/plugins/eap_dynamic/Makefile
1809         src/libcharon/plugins/eap_identity/Makefile
1810         src/libcharon/plugins/eap_md5/Makefile
1811         src/libcharon/plugins/eap_gtc/Makefile
1812         src/libcharon/plugins/eap_sim/Makefile
1813         src/libcharon/plugins/eap_sim_file/Makefile
1814         src/libcharon/plugins/eap_sim_pcsc/Makefile
1815         src/libcharon/plugins/eap_simaka_sql/Makefile
1816         src/libcharon/plugins/eap_simaka_pseudonym/Makefile
1817         src/libcharon/plugins/eap_simaka_reauth/Makefile
1818         src/libcharon/plugins/eap_mschapv2/Makefile
1819         src/libcharon/plugins/eap_tls/Makefile
1820         src/libcharon/plugins/eap_ttls/Makefile
1821         src/libcharon/plugins/eap_peap/Makefile
1822         src/libcharon/plugins/eap_tnc/Makefile
1823         src/libcharon/plugins/eap_radius/Makefile
1824         src/libcharon/plugins/xauth_generic/Makefile
1825         src/libcharon/plugins/xauth_eap/Makefile
1826         src/libcharon/plugins/xauth_pam/Makefile
1827         src/libcharon/plugins/xauth_noauth/Makefile
1828         src/libcharon/plugins/tnc_ifmap/Makefile
1829         src/libcharon/plugins/tnc_pdp/Makefile
1830         src/libcharon/plugins/socket_default/Makefile
1831         src/libcharon/plugins/socket_dynamic/Makefile
1832         src/libcharon/plugins/socket_win/Makefile
1833         src/libcharon/plugins/connmark/Makefile
1834         src/libcharon/plugins/forecast/Makefile
1835         src/libcharon/plugins/farp/Makefile
1836         src/libcharon/plugins/smp/Makefile
1837         src/libcharon/plugins/sql/Makefile
1838         src/libcharon/plugins/dnscert/Makefile
1839         src/libcharon/plugins/ipseckey/Makefile
1840         src/libcharon/plugins/medsrv/Makefile
1841         src/libcharon/plugins/medcli/Makefile
1842         src/libcharon/plugins/addrblock/Makefile
1843         src/libcharon/plugins/unity/Makefile
1844         src/libcharon/plugins/uci/Makefile
1845         src/libcharon/plugins/ha/Makefile
1846         src/libcharon/plugins/kernel_netlink/Makefile
1847         src/libcharon/plugins/kernel_pfkey/Makefile
1848         src/libcharon/plugins/kernel_pfroute/Makefile
1849         src/libcharon/plugins/kernel_libipsec/Makefile
1850         src/libcharon/plugins/kernel_wfp/Makefile
1851         src/libcharon/plugins/kernel_iph/Makefile
1852         src/libcharon/plugins/whitelist/Makefile
1853         src/libcharon/plugins/ext_auth/Makefile
1854         src/libcharon/plugins/lookip/Makefile
1855         src/libcharon/plugins/error_notify/Makefile
1856         src/libcharon/plugins/certexpire/Makefile
1857         src/libcharon/plugins/systime_fix/Makefile
1858         src/libcharon/plugins/led/Makefile
1859         src/libcharon/plugins/duplicheck/Makefile
1860         src/libcharon/plugins/coupling/Makefile
1861         src/libcharon/plugins/radattr/Makefile
1862         src/libcharon/plugins/osx_attr/Makefile
1863         src/libcharon/plugins/p_cscf/Makefile
1864         src/libcharon/plugins/android_dns/Makefile
1865         src/libcharon/plugins/android_log/Makefile
1866         src/libcharon/plugins/maemo/Makefile
1867         src/libcharon/plugins/stroke/Makefile
1868         src/libcharon/plugins/vici/Makefile
1869         src/libcharon/plugins/vici/ruby/Makefile
1870         src/libcharon/plugins/vici/perl/Makefile
1871         src/libcharon/plugins/vici/python/Makefile
1872         src/libcharon/plugins/updown/Makefile
1873         src/libcharon/plugins/dhcp/Makefile
1874         src/libcharon/plugins/load_tester/Makefile
1875         src/libcharon/plugins/resolve/Makefile
1876         src/libcharon/plugins/attr/Makefile
1877         src/libcharon/plugins/attr_sql/Makefile
1878         src/libcharon/tests/Makefile
1879         src/libtpmtss/Makefile
1880         src/stroke/Makefile
1881         src/ipsec/Makefile
1882         src/starter/Makefile
1883         src/starter/tests/Makefile
1884         src/_updown/Makefile
1885         src/_copyright/Makefile
1886         src/scepclient/Makefile
1887         src/aikgen/Makefile
1888         src/aikpub2/Makefile
1889         src/pki/Makefile
1890         src/pki/man/Makefile
1891         src/pool/Makefile
1892         src/dumm/Makefile
1893         src/dumm/ext/extconf.rb
1894         src/libfast/Makefile
1895         src/manager/Makefile
1896         src/medsrv/Makefile
1897         src/checksum/Makefile
1898         src/conftest/Makefile
1899         src/pt-tls-client/Makefile
1900         src/swanctl/Makefile
1901         scripts/Makefile
1902         testing/Makefile
1903 ])
1904
1905 # =================
1906 #  build man pages
1907 # =================
1908
1909 AC_CONFIG_FILES([
1910         conf/strongswan.conf.5.head
1911         conf/strongswan.conf.5.tail
1912         man/ipsec.conf.5
1913         man/ipsec.secrets.5
1914         src/charon-cmd/charon-cmd.8
1915         src/pki/man/pki.1
1916         src/pki/man/pki---acert.1
1917         src/pki/man/pki---dn.1
1918         src/pki/man/pki---gen.1
1919         src/pki/man/pki---issue.1
1920         src/pki/man/pki---keyid.1
1921         src/pki/man/pki---pkcs12.1
1922         src/pki/man/pki---pkcs7.1
1923         src/pki/man/pki---print.1
1924         src/pki/man/pki---pub.1
1925         src/pki/man/pki---req.1
1926         src/pki/man/pki---self.1
1927         src/pki/man/pki---signcrl.1
1928         src/pki/man/pki---verify.1
1929         src/swanctl/swanctl.8
1930         src/swanctl/swanctl.conf.5.head
1931         src/swanctl/swanctl.conf.5.tail
1932 ])
1933
1934 AC_OUTPUT
1935
1936 # ========================
1937 #  report enabled plugins
1938 # ========================
1939
1940 AC_MSG_RESULT([])
1941 AC_MSG_RESULT([ strongSwan will be built with the following plugins])
1942 AC_MSG_RESULT([-----------------------------------------------------])
1943
1944 AC_MSG_RESULT([libstrongswan:$s_plugins])
1945 AC_MSG_RESULT([libcharon:    $c_plugins])
1946 AC_MSG_RESULT([libtnccs:     $t_plugins])
1947 AC_MSG_RESULT([])