added EAP-PEAP options to strongswan.conf
[strongswan.git] / configure.in
1 dnl  configure.in for linux strongSwan
2 dnl  Copyright (C) 2006 Martin Willi
3 dnl  Hochschule fuer Technik Rapperswil
4 dnl
5 dnl  This program is free software; you can redistribute it and/or modify it
6 dnl  under the terms of the GNU General Public License as published by the
7 dnl  Free Software Foundation; either version 2 of the License, or (at your
8 dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9 dnl
10 dnl  This program is distributed in the hope that it will be useful, but
11 dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13 dnl  for more details.
14
15 dnl ===========================
16 dnl  initialize & set some vars
17 dnl ===========================
18
19 AC_INIT(strongSwan,4.5.2dr4)
20 AM_INIT_AUTOMAKE(tar-ustar)
21 AC_CONFIG_MACRO_DIR([m4/config])
22 PKG_PROG_PKG_CONFIG
23
24 dnl =================================
25 dnl  check --enable-xxx & --with-xxx
26 dnl =================================
27
28 m4_include(m4/macros/with.m4)
29
30 ARG_WITH_SUBST([default-pkcs11],     [/usr/lib/opensc-pkcs11.so], [set the default PKCS11 library])
31 ARG_WITH_SUBST([random-device],      [/dev/random], [set the device to read real random data from])
32 ARG_WITH_SUBST([urandom-device],     [/dev/urandom], [set the device to read pseudo random data from])
33 ARG_WITH_SUBST([strongswan-conf],    [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
34 ARG_WITH_SUBST([resolv-conf],        [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
35 ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX socket files])
36 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
37 ARG_WITH_SUBST([plugindir],          [${ipsecdir%/}/plugins], [set the installation path of plugins])
38 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM plugin uses to look up trusted root certificates])
39 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
40 ARG_WITH_SUBST([routing-table],      [220], [set routing table to use for IPsec routes])
41 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
42
43 ARG_WITH_SET([capabilities],         [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
44 ARG_WITH_SET([mpz_powm_sec],         [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
45
46 if test -n "$PKG_CONFIG"; then
47         systemdsystemunitdir_default=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
48 fi
49 ARG_WITH_SET([systemdsystemunitdir], [$systemdsystemunitdir_default], [directory for systemd service files])
50 AM_CONDITIONAL(HAVE_SYSTEMD, [test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno])
51 AC_SUBST(systemdsystemunitdir)
52
53 AC_ARG_WITH(
54         [xauth-module],
55         AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]),
56         [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")],
57 )
58
59 AC_ARG_WITH(
60         [user],
61         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
62         [AC_DEFINE_UNQUOTED(IPSEC_USER, "$withval") AC_SUBST(ipsecuser, "$withval")],
63         [AC_SUBST(ipsecuser, "root")]
64 )
65
66 AC_ARG_WITH(
67         [group],
68         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
69         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval") AC_SUBST(ipsecgroup, "$withval")],
70         [AC_SUBST(ipsecgroup, "root")]
71 )
72
73 m4_include(m4/macros/enable-disable.m4)
74
75 ARG_ENABL_SET([curl],           [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
76 ARG_ENABL_SET([soup],           [enable soup fetcher plugin to fetch from HTTP via libsoup. Requires libsoup.])
77 ARG_ENABL_SET([ldap],           [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
78 ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
79 ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
80 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
81 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
82 ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
83 ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
84 ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
85 ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
86 ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
87 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
88 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
89 ARG_DISBL_SET([revocation],     [disable X509 CRL/OCSP revocation check plugin.])
90 ARG_DISBL_SET([constraints],    [disable advanced X509 constraint checking plugin.])
91 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
92 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
93 ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
94 ARG_DISBL_SET([dnskey],         [disable DNS RR key decoding plugin.])
95 ARG_DISBL_SET([pem],            [disable PEM decoding plugin.])
96 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
97 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
98 ARG_ENABL_SET([af-alg],         [enable AF_ALG crypto interface to Linux Crypto API.])
99 ARG_ENABL_SET([test-vectors],   [enable plugin providing crypto test vectors.])
100 ARG_ENABL_SET([mysql],          [enable MySQL database support. Requires libmysqlclient_r.])
101 ARG_ENABL_SET([sqlite],         [enable SQLite database support. Requires libsqlite3.])
102 ARG_DISBL_SET([stroke],         [disable charons stroke (pluto compatibility) configuration backend.])
103 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
104 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
105 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
106 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
107 ARG_ENABL_SET([smartcard],      [enable smartcard support.])
108 ARG_ENABL_SET([cisco-quirks],   [enable support of Cisco VPN client.])
109 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
110 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
111 ARG_ENABL_SET([unit-tests],     [enable unit tests on IKEv2 daemon startup.])
112 ARG_ENABL_SET([load-tester],    [enable load testing plugin for IKEv2 daemon.])
113 ARG_ENABL_SET([eap-sim],        [enable SIM authentication module for EAP.])
114 ARG_ENABL_SET([eap-sim-file],   [enable EAP-SIM backend based on a triplet file.])
115 ARG_ENABL_SET([eap-sim-pcsc],   [enable EAP-SIM backend based on a smartcard reader. Requires libpcsclite.])
116 ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
117 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
118 ARG_ENABL_SET([eap-simaka-reauth],    [enable EAP-SIM/AKA reauthentication data storage plugin.])
119 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
120 ARG_ENABL_SET([eap-md5],        [enable EAP MD5 (CHAP) authentication module.])
121 ARG_ENABL_SET([eap-gtc],        [enable PAM based EAP GTC authentication module.])
122 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
123 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
124 ARG_ENABL_SET([eap-mschapv2],   [enable EAP MS-CHAPv2 authentication module.])
125 ARG_ENABL_SET([eap-tls],        [enable EAP TLS authentication module.])
126 ARG_ENABL_SET([eap-ttls],       [enable EAP TTLS authentication module.])
127 ARG_ENABL_SET([eap-peap],       [enable EAP PEAP authentication module.])
128 ARG_ENABL_SET([eap-tnc],        [enable EAP TNC trusted network connect module.])
129 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authentication module.])
130 ARG_ENABL_SET([tnc-imc],        [enable TNC IMC module.])
131 ARG_ENABL_SET([tnc-imv],        [enable TNC IMV module.])
132 ARG_ENABL_SET([tnccs-11],       [enable TNCCS 1.1 protocol module.])
133 ARG_ENABL_SET([tnccs-20],       [enable TNCCS 2.0 protocol module.])
134 ARG_ENABL_SET([tnccs-dynamic],  [enable dynamic TNCCS protocol discovery module.])
135 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
136 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
137 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
138 ARG_ENABL_SET([kernel-klips],   [enable the KLIPS kernel interface.])
139 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
140 ARG_ENABL_SET([socket-raw],     [enable raw socket implementation of charon, enforced if pluto is enabled])
141 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
142 ARG_ENABL_SET([farp],           [enable ARP faking plugin that responds to ARP requests to peers virtual IP])
143 ARG_ENABL_SET([nat-transport],  [enable NAT traversal with IPsec transport mode in pluto.])
144 ARG_DISBL_SET([vendor-id],      [disable the sending of the strongSwan vendor ID in pluto.])
145 ARG_DISBL_SET([xauth-vid],      [disable the sending of the XAUTH vendor ID.])
146 ARG_ENABL_SET([dumm],           [enable the DUMM UML test framework.])
147 ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ templates.])
148 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
149 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
150 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
151 ARG_DISBL_SET([load-warning],   [disable the charon/pluto plugin load option warning in starter.])
152 ARG_DISBL_SET([pluto],          [disable the IKEv1 keying daemon pluto.])
153 ARG_DISBL_SET([xauth],          [disable xauth plugin.])
154 ARG_DISBL_SET([threads],        [disable the use of threads in pluto. Charon always uses threads.])
155 ARG_DISBL_SET([charon],         [disable the IKEv2 keying daemon charon.])
156 ARG_DISBL_SET([tools],          [disable additional utilities (openac, scepclient and pki).])
157 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
158 ARG_ENABL_SET([conftest],       [enforce Suite B conformance test framework.])
159 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
160 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
161 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
162 ARG_ENABL_SET([dhcp],           [enable DHCP based attribute provider plugin.])
163 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
164 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
165 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
166 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
167 ARG_ENABL_SET([agent],          [enables the ssh-agent signing plugin.])
168 ARG_ENABL_SET([pkcs11],         [enables the PKCS11 token support plugin.])
169 ARG_ENABL_SET([ctr],            [enables the Counter Mode wrapper crypto plugin.])
170 ARG_ENABL_SET([ccm],            [enables the CCM AEAD wrapper crypto plugin.])
171 ARG_ENABL_SET([gcm],            [enables the GCM AEAD wrapper crypto plugin.])
172 ARG_ENABL_SET([addrblock],      [enables RFC 3779 address block constraint support.])
173 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
174 ARG_ENABL_SET([android],        [enable Android specific plugin.])
175 ARG_ENABL_SET([maemo],          [enable Maemo specific plugin.])
176 ARG_ENABL_SET([nm],             [enable NetworkManager plugin.])
177 ARG_ENABL_SET([ha],             [enable high availability cluster plugin.])
178 ARG_ENABL_SET([whitelist],      [enable peer identity whitelisting plugin.])
179 ARG_ENABL_SET([led],            [enable plugin to control LEDs on IKEv2 activity using the Linux kernel LED subsystem.])
180 ARG_ENABL_SET([duplicheck],     [advanced duplicate checking plugin using liveness checks.])
181 ARG_ENABL_SET([coupling],       [enable IKEv2 plugin to couple peer certificates permanently to authentication.])
182 ARG_ENABL_SET([vstr],           [enforce using the Vstr string library to replace glibc-like printf hooks.])
183 ARG_ENABL_SET([monolithic],     [build monolithic version of libstrongswan that includes all enabled plugins. Similarly, the plugins of charon are assembled in libcharon.])
184
185 dnl =========================
186 dnl  set up compiler and flags
187 dnl =========================
188
189 if test -z "$CFLAGS"; then
190         CFLAGS="-g -O2 -Wall -Wno-format -Wno-pointer-sign -Wno-strict-aliasing"
191 fi
192 AC_PROG_CC
193 AC_LIB_PREFIX
194 AC_C_BIGENDIAN
195
196 dnl =========================
197 dnl  check required programs
198 dnl =========================
199
200 AC_PROG_INSTALL
201 AC_PROG_LIBTOOL
202 AC_PROG_EGREP
203 AC_PROG_AWK
204 AC_PROG_LEX
205 AC_PROG_YACC
206 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
207 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
208
209 dnl because gperf is not needed by end-users we just report it but do not abort on failure
210 AC_MSG_CHECKING([gperf version >= 3.0.0])
211 if test -x "$GPERF"; then
212         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
213                 AC_MSG_RESULT([yes])
214         else
215                 AC_MSG_RESULT([no])
216         fi
217 else
218         AC_MSG_RESULT([not found])
219 fi
220
221 dnl =========================
222 dnl  dependency calculation
223 dnl =========================
224
225 if test x$eap_aka_3gpp2 = xtrue; then
226         gmp=true;
227 fi
228
229 if test x$eap_aka = xtrue; then
230         fips_prf=true;
231         simaka=true;
232 fi
233
234 if test x$eap_sim = xtrue; then
235         fips_prf=true;
236         simaka=true;
237 fi
238
239 if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue; then
240         tls=true;
241 fi
242
243 if test x$fips_prf = xtrue; then
244         if test x$openssl = xfalse; then
245                 sha1=true;
246         fi
247 fi
248
249 if test x$smp = xtrue -o x$tnccs_11 = xtrue; then
250         xml=true
251 fi
252
253 if test x$manager = xtrue; then
254         fast=true
255 fi
256
257 if test x$medsrv = xtrue; then
258         mediation=true
259         fast=true
260 fi
261
262 if test x$medcli = xtrue; then
263         mediation=true
264 fi
265
266 if test x$pluto = xtrue; then
267         if test x$socket_raw = xfalse; then
268                 AC_MSG_NOTICE([Enforcing --enable-socket-raw, as pluto is enabled])
269                 socket_raw=true
270                 if test x$socket_default_given = xfalse; then
271                         socket_default=false
272                 fi
273         fi
274 fi
275
276 dnl ===========================================
277 dnl  check required libraries and header files
278 dnl ===========================================
279
280 AC_HEADER_STDBOOL
281 AC_FUNC_ALLOCA
282
283 dnl libraries needed on some platforms but not on others
284 dnl ====================================================
285 saved_LIBS=$LIBS
286
287 dnl FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
288 LIBS=""
289 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
290 AC_SUBST(DLLIB)
291
292 dnl glibc's backtrace() can be replicated on FreeBSD with libexecinfo
293 LIBS=""
294 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
295 AC_CHECK_FUNCS(backtrace)
296 AC_SUBST(BTLIB)
297
298 dnl OpenSolaris needs libsocket and libnsl for socket()
299 LIBS=""
300 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
301         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
302 )
303 AC_SUBST(SOCKLIB)
304
305 dnl FreeBSD has clock_gettime in libc, Linux needs librt
306 LIBS=""
307 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
308 AC_CHECK_FUNCS(clock_gettime)
309 AC_SUBST(RTLIB)
310
311 dnl Android has pthread_* functions in bionic (libc), others need libpthread
312 LIBS=""
313 AC_SEARCH_LIBS(pthread_create, pthread, [PTHREADLIB=$LIBS])
314 AC_SUBST(PTHREADLIB)
315
316 LIBS=$saved_LIBS
317 dnl ======================
318
319 AC_MSG_CHECKING(for dladdr)
320 AC_TRY_COMPILE(
321         [#define _GNU_SOURCE
322          #include <dlfcn.h>],
323         [Dl_info* info = 0;
324          dladdr(0, info);],
325         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR])],
326         [AC_MSG_RESULT([no])]
327 )
328
329 dnl check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
330 saved_LIBS=$LIBS
331 LIBS=$PTHREADLIB
332 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
333 AC_TRY_RUN(
334         [#include <pthread.h>
335          int main() { pthread_condattr_t attr;
336                 pthread_condattr_init(&attr);
337                 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}],
338         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])],
339         [AC_MSG_RESULT([no])],
340         dnl Check existence of pthread_condattr_setclock if cross-compiling
341         [AC_MSG_RESULT([unknown]);
342          AC_CHECK_FUNCS(pthread_condattr_setclock,
343                 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])]
344         )]
345 )
346 dnl check if we actually are able to configure attributes on cond vars
347 AC_CHECK_FUNCS(pthread_condattr_init)
348 dnl instead of pthread_condattr_setclock Android has this function
349 AC_CHECK_FUNCS(pthread_cond_timedwait_monotonic)
350 dnl check if we can cancel threads
351 AC_CHECK_FUNCS(pthread_cancel)
352 dnl check if native rwlocks are available
353 AC_CHECK_FUNCS(pthread_rwlock_init)
354 LIBS=$saved_LIBS
355
356 AC_CHECK_FUNCS(prctl)
357
358 AC_CHECK_FUNCS(mallinfo)
359
360 AC_CHECK_HEADERS(sys/sockio.h glob.h)
361 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
362
363 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
364 [
365         #include <sys/types.h>
366         #include <sys/socket.h>
367 ])
368
369 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
370 [
371         #include <sys/types.h>
372         #ifdef HAVE_NET_PFKEYV2_H
373         #include <net/pfkeyv2.h>
374         #else
375         #include <stdint.h>
376         #include <linux/pfkeyv2.h>
377         #endif
378 ])
379
380 AC_MSG_CHECKING([for in6addr_any])
381 AC_TRY_COMPILE(
382         [#include <sys/types.h>
383         #include <sys/socket.h>
384         #include <netinet/in.h>],
385         [struct in6_addr in6;
386         in6 = in6addr_any;],
387         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IN6ADDR_ANY])],
388         [AC_MSG_RESULT([no])]
389 )
390
391 AC_MSG_CHECKING([for in6_pktinfo])
392 AC_TRY_COMPILE(
393         [#define _GNU_SOURCE
394         #include <sys/types.h>
395         #include <sys/socket.h>
396         #include <netinet/in.h>],
397         [struct in6_pktinfo pi;
398         if (pi.ipi6_ifindex)
399         {
400                 return 0;
401         }],
402         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IN6_PKTINFO])],
403         [AC_MSG_RESULT([no])]
404 )
405
406 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
407 AC_TRY_COMPILE(
408         [#include <sys/types.h>
409         #ifdef HAVE_NETIPSEC_IPSEC_H
410         #include <netipsec/ipsec.h>
411         #elif defined(HAVE_NETINET6_IPSEC_H)
412         #include <netinet6/ipsec.h>
413         #else
414         #include <stdint.h>
415         #include <linux/ipsec.h>
416         #endif],
417         [int mode = IPSEC_MODE_BEET;
418          return mode;],
419         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_MODE_BEET])],
420         [AC_MSG_RESULT([no])]
421 )
422
423 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
424 AC_TRY_COMPILE(
425         [#include <sys/types.h>
426         #ifdef HAVE_NETIPSEC_IPSEC_H
427         #include <netipsec/ipsec.h>
428         #elif defined(HAVE_NETINET6_IPSEC_H)
429         #include <netinet6/ipsec.h>
430         #else
431         #include <stdint.h>
432         #include <linux/ipsec.h>
433         #endif],
434         [int dir = IPSEC_DIR_FWD;
435          return dir;],
436         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_DIR_FWD])],
437         [AC_MSG_RESULT([no])]
438 )
439
440 AC_MSG_CHECKING([for gcc atomic operations])
441 AC_TRY_RUN(
442 [
443         int main() {
444                 volatile int ref = 1;
445                 __sync_fetch_and_add (&ref, 1);
446                 __sync_sub_and_fetch (&ref, 1);
447                 /* Make sure test fails if operations are not supported */
448                 __sync_val_compare_and_swap(&ref, 1, 0);
449                 return ref;
450         }
451 ],
452 [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_GCC_ATOMIC_OPERATIONS)],
453 [AC_MSG_RESULT([no])],
454 [AC_MSG_RESULT([no])])
455
456 dnl check for the new register_printf_specifier function with len argument,
457 dnl or the deprecated register_printf_function without
458 AC_CHECK_FUNC(
459         [register_printf_specifier],
460         [AC_DEFINE(HAVE_PRINTF_SPECIFIER)],
461         [AC_CHECK_FUNC(
462                 [register_printf_function],
463                 [AC_DEFINE(HAVE_PRINTF_FUNCTION)],
464                 [
465                         AC_MSG_NOTICE([printf does not support custom format specifiers!])
466                         vstr=true
467                 ]
468         )]
469 )
470
471 if test x$vstr = xtrue; then
472         AC_HAVE_LIBRARY([vstr],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])])
473         AC_DEFINE(USE_VSTR)
474 fi
475
476 if test x$gmp = xtrue; then
477         saved_LIBS=$LIBS
478         AC_HAVE_LIBRARY([gmp],,[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])
479         AC_MSG_CHECKING([mpz_powm_sec])
480         if test x$mpz_powm_sec = xyes; then
481                 AC_TRY_COMPILE(
482                         [#include "gmp.h"],
483                         [
484                                 void *x = mpz_powm_sec;
485                         ],
486                         [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_MPZ_POWM_SEC)], [AC_MSG_RESULT([no])]
487                 )
488         else
489                 AC_MSG_RESULT([disabled])
490         fi
491         LIBS=$saved_LIBS
492         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
493         AC_TRY_COMPILE(
494                 [#include "gmp.h"],
495                 [
496                         #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
497                                 #error bad gmp
498                         #endif
499                 ],
500                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
501         )
502 fi
503
504 if test x$ldap = xtrue; then
505         AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])])
506         AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])])
507         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
508 fi
509
510 if test x$curl = xtrue; then
511         AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])])
512         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
513 fi
514
515 if test x$soup = xtrue; then
516         PKG_CHECK_MODULES(soup, [libsoup-2.4])
517         AC_SUBST(soup_CFLAGS)
518         AC_SUBST(soup_LIBS)
519 fi
520
521 if test x$xml = xtrue; then
522         PKG_CHECK_MODULES(xml, [libxml-2.0])
523         AC_SUBST(xml_CFLAGS)
524         AC_SUBST(xml_LIBS)
525 fi
526
527 if test x$dumm = xtrue; then
528         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
529         AC_SUBST(gtk_CFLAGS)
530         AC_SUBST(gtk_LIBS)
531         AC_CHECK_PROGS(RUBY, ruby)
532         AC_MSG_CHECKING([for Ruby header files])
533         if test -n "$RUBY"; then
534                 RUBYDIR=`($RUBY -rmkmf -e 'print Config::CONFIG[["archdir"]] || $archdir') 2>/dev/null`
535                 if test -n "$RUBYDIR"; then
536                         dirs="$RUBYDIR"
537                         RUBYINCLUDE=none
538                         for i in $dirs; do
539                                 if test -r $i/ruby.h; then
540                                         AC_MSG_RESULT([$i])
541                                         RUBYINCLUDE="-I$i"
542                                         break;
543                                 fi
544                         done
545                         if test x"$RUBYINCLUDE" = xnone; then
546                                 AC_MSG_ERROR([ruby.h not found])
547                         fi
548                         AC_SUBST(RUBYINCLUDE)
549                 else
550                         AC_MSG_ERROR([unable to determine ruby configuration])
551                 fi
552         else
553                 AC_MSG_ERROR([don't know how to run ruby])
554         fi
555 fi
556
557 if test x$fast = xtrue; then
558         AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])])
559         AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])])
560         AC_HAVE_LIBRARY([z],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver dependency zlib not found!])])
561 dnl autoconf does not like CamelCase!? How to fix this?
562 dnl     AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
563
564         AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])])
565         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
566 fi
567
568 if test x$mysql = xtrue; then
569         AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
570         if test x$MYSQLCONFIG = x; then
571                 AC_MSG_ERROR([mysql_config not found!])
572         fi
573         AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
574         AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
575 fi
576
577 if test x$sqlite = xtrue; then
578         AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])])
579         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
580         AC_MSG_CHECKING([sqlite3_prepare_v2])
581         AC_TRY_COMPILE(
582                 [#include <sqlite3.h>],
583                 [
584                         void *test = sqlite3_prepare_v2;
585                 ],
586                 [AC_MSG_RESULT([yes])]; AC_DEFINE_UNQUOTED(HAVE_SQLITE3_PREPARE_V2, 1), [AC_MSG_RESULT([no])])
587         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
588         AC_TRY_COMPILE(
589                 [#include <sqlite3.h>],
590                 [
591                         #if SQLITE_VERSION_NUMBER < 3003001
592                                 #error bad sqlite
593                         #endif
594                 ],
595                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])])
596 fi
597
598 if test x$openssl = xtrue; then
599         AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])])
600         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
601 fi
602
603 if test x$gcrypt = xtrue; then
604         AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
605         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
606         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
607         AC_TRY_COMPILE(
608                 [#include <gcrypt.h>],
609                 [enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;],
610                 [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA])],
611                 [AC_MSG_RESULT([no])]
612         )
613 fi
614
615 if test x$uci = xtrue; then
616         AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])])
617         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
618 fi
619
620 if test x$android = xtrue; then
621         AC_HAVE_LIBRARY([cutils],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])])
622         AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
623         dnl we have to force the use of libdl here because the autodetection
624         dnl above does not work correctly when cross-compiling for android.
625         DLLIB="-ldl"
626         AC_SUBST(DLLIB)
627 fi
628
629 if test x$maemo = xtrue; then
630         PKG_CHECK_MODULES(maemo, [glib-2.0 gthread-2.0 libosso osso-af-settings])
631         AC_SUBST(maemo_CFLAGS)
632         AC_SUBST(maemo_LIBS)
633         dbusservicedir="/usr/share/dbus-1/system-services"
634         AC_SUBST(dbusservicedir)
635 fi
636
637 if test x$eap_sim_pcsc = xtrue; then
638         PKG_CHECK_MODULES(pcsclite, [libpcsclite])
639         AC_SUBST(pcsclite_CFLAGS)
640         AC_SUBST(pcsclite_LIBS)
641 fi
642
643 if test x$nm = xtrue; then
644         PKG_CHECK_EXISTS([libnm-glib],
645                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-glib libnm-glib-vpn])],
646                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_glib libnm_glib_vpn])]
647         )
648         AC_SUBST(nm_CFLAGS)
649         AC_SUBST(nm_LIBS)
650 fi
651
652 if test x$eap_gtc = xtrue; then
653         AC_HAVE_LIBRARY([pam],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])])
654         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
655 fi
656
657 if test x$capabilities = xnative; then
658         AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead])
659         dnl Linux requires the following for capset(), Android does not have it,
660         dnl but defines capset() in unistd.h instead.
661         AC_CHECK_HEADERS([sys/capability.h])
662         AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])])
663         AC_DEFINE(CAPABILITIES_NATIVE)
664 fi
665
666 if test x$capabilities = xlibcap; then
667         AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])])
668         AC_CHECK_HEADER([sys/capability.h],
669                 [AC_DEFINE(HAVE_SYS_CAPABILITY_H)],
670                 [AC_MSG_ERROR([libcap header sys/capability.h not found!])])
671         AC_DEFINE(CAPABILITIES_LIBCAP)
672 fi
673
674 if test x$integrity_test = xtrue; then
675         AC_MSG_CHECKING([for dladdr()])
676         AC_TRY_COMPILE(
677                 [#define _GNU_SOURCE
678                  #include <dlfcn.h>],
679                 [Dl_info info; dladdr(main, &info);],
680                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
681                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
682         )
683         AC_MSG_CHECKING([for dl_iterate_phdr()])
684         AC_TRY_COMPILE(
685                 [#define _GNU_SOURCE
686                  #include <link.h>],
687                 [dl_iterate_phdr((void*)0, (void*)0);],
688                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
689                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
690         )
691 fi
692
693 dnl ==============================================
694 dnl  collect plugin list for strongSwan components
695 dnl ==============================================
696
697 m4_include(m4/macros/add-plugin.m4)
698
699 # plugin lists for all components
700 libcharon_plugins=
701 pluto_plugins=
702 pool_plugins=
703 openac_plugins=
704 scepclient_plugins=
705 pki_plugins=
706 scripts_plugins=
707 manager_plugins=
708 medsrv_plugins=
709
710 # location specific lists for checksumming,
711 # for src/libcharon, src/pluto, src/libhydra and src/libstrongswan
712 c_plugins=
713 p_plugins=
714 h_plugins=
715 s_plugins=
716
717 ADD_PLUGIN([test-vectors],         [s libcharon pluto openac scepclient pki])
718 ADD_PLUGIN([curl],                 [s libcharon pluto scepclient scripts])
719 ADD_PLUGIN([soup],                 [s libcharon pluto scripts])
720 ADD_PLUGIN([ldap],                 [s libcharon pluto scepclient scripts])
721 ADD_PLUGIN([mysql],                [s libcharon pluto pool manager medsrv])
722 ADD_PLUGIN([sqlite],               [s libcharon pluto pool manager medsrv])
723 ADD_PLUGIN([aes],                  [s libcharon pluto openac scepclient pki scripts])
724 ADD_PLUGIN([des],                  [s libcharon pluto openac scepclient pki scripts])
725 ADD_PLUGIN([blowfish],             [s libcharon pluto openac scepclient pki scripts])
726 ADD_PLUGIN([sha1],                 [s libcharon pluto openac scepclient pki scripts medsrv])
727 ADD_PLUGIN([sha2],                 [s libcharon pluto openac scepclient pki scripts medsrv])
728 ADD_PLUGIN([md4],                  [s libcharon openac manager scepclient pki])
729 ADD_PLUGIN([md5],                  [s libcharon pluto openac scepclient pki])
730 ADD_PLUGIN([random],               [s libcharon pluto openac scepclient pki scripts medsrv])
731 ADD_PLUGIN([x509],                 [s libcharon pluto openac scepclient pki scripts])
732 ADD_PLUGIN([revocation],           [s libcharon])
733 ADD_PLUGIN([constraints],          [s libcharon])
734 ADD_PLUGIN([pubkey],               [s libcharon])
735 ADD_PLUGIN([pkcs1],                [s libcharon pluto openac scepclient pki scripts manager medsrv])
736 ADD_PLUGIN([pgp],                  [s libcharon pluto])
737 ADD_PLUGIN([dnskey],               [s pluto])
738 ADD_PLUGIN([pem],                  [s libcharon pluto openac scepclient pki scripts manager medsrv])
739 ADD_PLUGIN([padlock],              [s libcharon])
740 ADD_PLUGIN([openssl],              [s libcharon pluto openac scepclient pki scripts manager medsrv])
741 ADD_PLUGIN([gcrypt],               [s libcharon pluto openac scepclient pki scripts manager medsrv])
742 ADD_PLUGIN([fips-prf],             [s libcharon])
743 ADD_PLUGIN([gmp],                  [s libcharon pluto openac scepclient pki scripts manager medsrv])
744 ADD_PLUGIN([agent],                [s libcharon])
745 ADD_PLUGIN([pkcs11],               [s libcharon pki])
746 ADD_PLUGIN([xcbc],                 [s libcharon])
747 ADD_PLUGIN([hmac],                 [s libcharon pluto scripts])
748 ADD_PLUGIN([ctr],                  [s libcharon scripts])
749 ADD_PLUGIN([ccm],                  [s libcharon scripts])
750 ADD_PLUGIN([gcm],                  [s libcharon scripts])
751 ADD_PLUGIN([af-alg],               [s libcharon pluto openac scepclient pki scripts medsrv])
752 ADD_PLUGIN([xauth],                [p pluto])
753 ADD_PLUGIN([attr],                 [h libcharon pluto])
754 ADD_PLUGIN([attr-sql],             [h libcharon pluto])
755 ADD_PLUGIN([load-tester],          [c libcharon])
756 ADD_PLUGIN([kernel-pfkey],         [h libcharon pluto])
757 ADD_PLUGIN([kernel-pfroute],       [h libcharon pluto])
758 ADD_PLUGIN([kernel-klips],         [h libcharon pluto])
759 ADD_PLUGIN([kernel-netlink],       [h libcharon pluto])
760 ADD_PLUGIN([resolve],              [h libcharon pluto])
761 ADD_PLUGIN([socket-default],       [c libcharon])
762 ADD_PLUGIN([socket-raw],           [c libcharon])
763 ADD_PLUGIN([socket-dynamic],       [c libcharon])
764 ADD_PLUGIN([farp],                 [c libcharon])
765 ADD_PLUGIN([stroke],               [c libcharon])
766 ADD_PLUGIN([smp],                  [c libcharon])
767 ADD_PLUGIN([sql],                  [c libcharon])
768 ADD_PLUGIN([updown],               [c libcharon])
769 ADD_PLUGIN([eap-identity],         [c libcharon])
770 ADD_PLUGIN([eap-sim],              [c libcharon])
771 ADD_PLUGIN([eap-sim-file],         [c libcharon])
772 ADD_PLUGIN([eap-sim-pcsc],         [c libcharon])
773 ADD_PLUGIN([eap-simaka-sql],       [c libcharon])
774 ADD_PLUGIN([eap-simaka-pseudonym], [c libcharon])
775 ADD_PLUGIN([eap-simaka-reauth],    [c libcharon])
776 ADD_PLUGIN([eap-aka],              [c libcharon])
777 ADD_PLUGIN([eap-aka-3gpp2],        [c libcharon])
778 ADD_PLUGIN([eap-md5],              [c libcharon])
779 ADD_PLUGIN([eap-gtc],              [c libcharon])
780 ADD_PLUGIN([eap-mschapv2],         [c libcharon])
781 ADD_PLUGIN([eap-radius],           [c libcharon])
782 ADD_PLUGIN([eap-tls],              [c libcharon])
783 ADD_PLUGIN([eap-ttls],             [c libcharon])
784 ADD_PLUGIN([eap-peap],             [c libcharon])
785 ADD_PLUGIN([eap-tnc],              [c libcharon])
786 ADD_PLUGIN([tnccs-20],             [c libcharon])
787 ADD_PLUGIN([tnccs-11],             [c libcharon])
788 ADD_PLUGIN([tnccs-dynamic],        [c libcharon])
789 ADD_PLUGIN([tnc-imc],              [c libcharon])
790 ADD_PLUGIN([tnc-imv],              [c libcharon])
791 ADD_PLUGIN([medsrv],               [c libcharon])
792 ADD_PLUGIN([medcli],               [c libcharon])
793 ADD_PLUGIN([nm],                   [c libcharon])
794 ADD_PLUGIN([dhcp],                 [c libcharon])
795 ADD_PLUGIN([android],              [c libcharon])
796 ADD_PLUGIN([ha],                   [c libcharon])
797 ADD_PLUGIN([whitelist],            [c libcharon])
798 ADD_PLUGIN([led],                  [c libcharon])
799 ADD_PLUGIN([duplicheck],           [c libcharon])
800 ADD_PLUGIN([coupling],             [c libcharon])
801 ADD_PLUGIN([maemo],                [c libcharon])
802 ADD_PLUGIN([uci],                  [c libcharon])
803 ADD_PLUGIN([addrblock],            [c libcharon])
804 ADD_PLUGIN([unit-tester],          [c libcharon])
805
806 AC_SUBST(libcharon_plugins)
807 AC_SUBST(pluto_plugins)
808 AC_SUBST(pool_plugins)
809 AC_SUBST(openac_plugins)
810 AC_SUBST(scepclient_plugins)
811 AC_SUBST(pki_plugins)
812 AC_SUBST(scripts_plugins)
813 AC_SUBST(manager_plugins)
814 AC_SUBST(medsrv_plugins)
815
816 AC_SUBST(c_plugins)
817 AC_SUBST(p_plugins)
818 AC_SUBST(h_plugins)
819 AC_SUBST(s_plugins)
820
821 dnl =========================
822 dnl  set Makefile.am vars
823 dnl =========================
824
825 dnl libstrongswan plugins
826 dnl =====================
827 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
828 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
829 AM_CONDITIONAL(USE_SOUP, test x$soup = xtrue)
830 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
831 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
832 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
833 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
834 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
835 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
836 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
837 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
838 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
839 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
840 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
841 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
842 AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue)
843 AM_CONDITIONAL(USE_CONSTRAINTS, test x$constraints = xtrue)
844 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
845 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
846 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
847 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
848 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
849 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
850 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
851 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
852 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
853 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
854 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
855 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
856 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
857 AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue)
858 AM_CONDITIONAL(USE_CTR, test x$ctr = xtrue)
859 AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue)
860 AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
861 AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
862
863 dnl charon plugins
864 dnl ==============
865 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
866 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
867 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
868 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
869 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
870 AM_CONDITIONAL(USE_ANDROID, test x$android = xtrue)
871 AM_CONDITIONAL(USE_MAEMO, test x$maemo = xtrue)
872 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
873 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
874 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
875 AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue)
876 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unit_tests = xtrue)
877 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
878 AM_CONDITIONAL(USE_HA, test x$ha = xtrue)
879 AM_CONDITIONAL(USE_WHITELIST, test x$whitelist = xtrue)
880 AM_CONDITIONAL(USE_LED, test x$led = xtrue)
881 AM_CONDITIONAL(USE_DUPLICHECK, test x$duplicheck = xtrue)
882 AM_CONDITIONAL(USE_COUPLING, test x$coupling = xtrue)
883 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
884 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
885 AM_CONDITIONAL(USE_EAP_SIM_PCSC, test x$eap_sim_pcsc = xtrue)
886 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
887 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
888 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
889 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
890 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
891 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
892 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
893 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
894 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
895 AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue)
896 AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue)
897 AM_CONDITIONAL(USE_EAP_PEAP, test x$eap_peap = xtrue)
898 AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue)
899 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
900 AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
901 AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue)
902 AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue)
903 AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue)
904 AM_CONDITIONAL(USE_TNCCS_DYNAMIC, test x$tnccs_dynamic = xtrue)
905 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
906 AM_CONDITIONAL(USE_SOCKET_RAW, test x$socket_raw = xtrue)
907 AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
908 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
909 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
910
911 dnl hydra plugins
912 dnl =============
913 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
914 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue)
915 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
916 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
917 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
918 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
919 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
920
921 dnl pluto plugins
922 dnl =============
923 AM_CONDITIONAL(USE_XAUTH, test x$xauth = xtrue)
924
925 dnl other options
926 dnl =============
927 AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue)
928 AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue)
929 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
930 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
931 AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue)
932 AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue)
933 AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue)
934 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
935 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
936 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
937 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
938 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
939 AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
940 AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)
941 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
942 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
943 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
944 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
945 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
946 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$tools = xtrue -o x$conftest = xtrue)
947 AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$pluto = xtrue)
948 AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue)
949 AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)
950 AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$pluto = xtrue -o x$stroke = xtrue -o x$tools = xtrue -o x$conftest = xtrue)
951 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
952 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
953 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
954 AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
955 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
956
957 dnl ==============================
958 dnl  set global definitions
959 dnl ==============================
960
961 if test x$mediation = xtrue; then
962         AC_DEFINE(ME)
963 fi
964 if test x$capabilities = xlibcap -o x$capabilities = xnative; then
965         AC_DEFINE(CAPABILITIES)
966 fi
967 if test x$monolithic = xtrue; then
968         AC_DEFINE(MONOLITHIC)
969 fi
970
971
972 dnl ==============================
973 dnl  build Makefiles
974 dnl ==============================
975
976 AC_OUTPUT(
977         Makefile
978         man/Makefile
979         init/Makefile
980         init/systemd/Makefile
981         src/Makefile
982         src/include/Makefile
983         src/libstrongswan/Makefile
984         src/libstrongswan/plugins/aes/Makefile
985         src/libstrongswan/plugins/des/Makefile
986         src/libstrongswan/plugins/blowfish/Makefile
987         src/libstrongswan/plugins/md4/Makefile
988         src/libstrongswan/plugins/md5/Makefile
989         src/libstrongswan/plugins/sha1/Makefile
990         src/libstrongswan/plugins/sha2/Makefile
991         src/libstrongswan/plugins/fips_prf/Makefile
992         src/libstrongswan/plugins/gmp/Makefile
993         src/libstrongswan/plugins/random/Makefile
994         src/libstrongswan/plugins/hmac/Makefile
995         src/libstrongswan/plugins/xcbc/Makefile
996         src/libstrongswan/plugins/x509/Makefile
997         src/libstrongswan/plugins/revocation/Makefile
998         src/libstrongswan/plugins/constraints/Makefile
999         src/libstrongswan/plugins/pubkey/Makefile
1000         src/libstrongswan/plugins/pkcs1/Makefile
1001         src/libstrongswan/plugins/pgp/Makefile
1002         src/libstrongswan/plugins/dnskey/Makefile
1003         src/libstrongswan/plugins/pem/Makefile
1004         src/libstrongswan/plugins/curl/Makefile
1005         src/libstrongswan/plugins/soup/Makefile
1006         src/libstrongswan/plugins/ldap/Makefile
1007         src/libstrongswan/plugins/mysql/Makefile
1008         src/libstrongswan/plugins/sqlite/Makefile
1009         src/libstrongswan/plugins/padlock/Makefile
1010         src/libstrongswan/plugins/openssl/Makefile
1011         src/libstrongswan/plugins/gcrypt/Makefile
1012         src/libstrongswan/plugins/agent/Makefile
1013         src/libstrongswan/plugins/pkcs11/Makefile
1014         src/libstrongswan/plugins/ctr/Makefile
1015         src/libstrongswan/plugins/ccm/Makefile
1016         src/libstrongswan/plugins/gcm/Makefile
1017         src/libstrongswan/plugins/af_alg/Makefile
1018         src/libstrongswan/plugins/test_vectors/Makefile
1019         src/libhydra/Makefile
1020         src/libhydra/plugins/attr/Makefile
1021         src/libhydra/plugins/attr_sql/Makefile
1022         src/libhydra/plugins/kernel_klips/Makefile
1023         src/libhydra/plugins/kernel_netlink/Makefile
1024         src/libhydra/plugins/kernel_pfkey/Makefile
1025         src/libhydra/plugins/kernel_pfroute/Makefile
1026         src/libhydra/plugins/resolve/Makefile
1027         src/libfreeswan/Makefile
1028         src/libsimaka/Makefile
1029         src/libtls/Makefile
1030         src/pluto/Makefile
1031         src/pluto/plugins/xauth/Makefile
1032         src/whack/Makefile
1033         src/charon/Makefile
1034         src/libcharon/Makefile
1035         src/libcharon/plugins/eap_aka/Makefile
1036         src/libcharon/plugins/eap_aka_3gpp2/Makefile
1037         src/libcharon/plugins/eap_identity/Makefile
1038         src/libcharon/plugins/eap_md5/Makefile
1039         src/libcharon/plugins/eap_gtc/Makefile
1040         src/libcharon/plugins/eap_sim/Makefile
1041         src/libcharon/plugins/eap_sim_file/Makefile
1042         src/libcharon/plugins/eap_sim_pcsc/Makefile
1043         src/libcharon/plugins/eap_simaka_sql/Makefile
1044         src/libcharon/plugins/eap_simaka_pseudonym/Makefile
1045         src/libcharon/plugins/eap_simaka_reauth/Makefile
1046         src/libcharon/plugins/eap_mschapv2/Makefile
1047         src/libcharon/plugins/eap_tls/Makefile
1048         src/libcharon/plugins/eap_ttls/Makefile
1049         src/libcharon/plugins/eap_peap/Makefile
1050         src/libcharon/plugins/eap_tnc/Makefile
1051         src/libcharon/plugins/eap_radius/Makefile
1052         src/libcharon/plugins/tnc_imc/Makefile
1053         src/libcharon/plugins/tnc_imv/Makefile
1054         src/libcharon/plugins/tnccs_11/Makefile
1055         src/libcharon/plugins/tnccs_20/Makefile
1056         src/libcharon/plugins/tnccs_dynamic/Makefile
1057         src/libcharon/plugins/socket_default/Makefile
1058         src/libcharon/plugins/socket_raw/Makefile
1059         src/libcharon/plugins/socket_dynamic/Makefile
1060         src/libcharon/plugins/farp/Makefile
1061         src/libcharon/plugins/smp/Makefile
1062         src/libcharon/plugins/sql/Makefile
1063         src/libcharon/plugins/medsrv/Makefile
1064         src/libcharon/plugins/medcli/Makefile
1065         src/libcharon/plugins/nm/Makefile
1066         src/libcharon/plugins/addrblock/Makefile
1067         src/libcharon/plugins/uci/Makefile
1068         src/libcharon/plugins/ha/Makefile
1069         src/libcharon/plugins/whitelist/Makefile
1070         src/libcharon/plugins/led/Makefile
1071         src/libcharon/plugins/duplicheck/Makefile
1072         src/libcharon/plugins/coupling/Makefile
1073         src/libcharon/plugins/android/Makefile
1074         src/libcharon/plugins/maemo/Makefile
1075         src/libcharon/plugins/stroke/Makefile
1076         src/libcharon/plugins/updown/Makefile
1077         src/libcharon/plugins/dhcp/Makefile
1078         src/libcharon/plugins/unit_tester/Makefile
1079         src/libcharon/plugins/load_tester/Makefile
1080         src/stroke/Makefile
1081         src/ipsec/Makefile
1082         src/starter/Makefile
1083         src/_updown/Makefile
1084         src/_updown_espmark/Makefile
1085         src/_copyright/Makefile
1086         src/openac/Makefile
1087         src/scepclient/Makefile
1088         src/pki/Makefile
1089         src/dumm/Makefile
1090         src/dumm/ext/extconf.rb
1091         src/libfast/Makefile
1092         src/manager/Makefile
1093         src/medsrv/Makefile
1094         src/checksum/Makefile
1095         src/conftest/Makefile
1096         scripts/Makefile
1097         testing/Makefile
1098 )