[strongswan.git] / configure.in

dnl  configure.in for linux strongSwan
dnl  Copyright (C) 2006 Martin Willi
dnl  Hochschule fuer Technik Rapperswil
dnl 
dnl  This program is free software; you can redistribute it and/or modify it
dnl  under the terms of the GNU General Public License as published by the
dnl  Free Software Foundation; either version 2 of the License, or (at your
dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
dnl 
dnl  This program is distributed in the hope that it will be useful, but
dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
dnl  for more details.

dnl ===========================
dnl  initialize & set some vars
dnl ===========================

AC_INIT(strongSwan,4.1.10)
AM_INIT_AUTOMAKE(tar-ustar)
AC_C_BIGENDIAN
AC_SUBST(confdir, '${sysconfdir}')

dnl =================================
dnl  check --enable-xxx & --with-xxx
dnl =================================


AC_ARG_WITH(
    [default-pkcs11],
    AS_HELP_STRING([--with-default-pkcs11=lib],[set the default PKCS11 library other than "/usr/lib/opensc-pkcs11.so"]),
    [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "$withval")],
    [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "/usr/lib/opensc-pkcs11.so")]
)

AC_ARG_WITH(
    [xauth-module],
    AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]),
    [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")],
)

AC_ARG_WITH(
    [random-device],
    AS_HELP_STRING([--with-random-device=dev],[set the device for real random data other than "/dev/random"]),
    [AC_DEFINE_UNQUOTED(DEV_RANDOM, "$withval")],
    [AC_DEFINE_UNQUOTED(DEV_RANDOM, "/dev/random")]
)
AC_ARG_WITH(
    [resolv-conf],
    AS_HELP_STRING([--with-resolv-conf=file],[set the file to store DNS server information other than "sysconfdir/resolv.conf"]),
    [AC_DEFINE_UNQUOTED(RESOLV_CONF, "$withval")],
    [AC_DEFINE_UNQUOTED(RESOLV_CONF, "${sysconfdir}/resolv.conf")]
)

AC_ARG_WITH(
    [urandom-device],
    AS_HELP_STRING([--with-urandom-device=dev],[set the device for pseudo random data other than "/dev/urandom"]),
    [AC_DEFINE_UNQUOTED(DEV_URANDOM, "$withval")],
    [AC_DEFINE_UNQUOTED(DEV_URANDOM, "/dev/urandom")]
)

AC_ARG_WITH(
    [ipsecdir],
    AS_HELP_STRING([--with-ipsecdir=dir],[installation path for ipsec tools other than "libexecdir/ipsec"]),
    [AC_SUBST(ipsecdir, "$withval")],
    [AC_SUBST(ipsecdir, "${libexecdir}/ipsec")]
)

AC_ARG_WITH(
    [piddir],
    AS_HELP_STRING([--with-piddir=dir],[path for PID and UNIX socket files other than "/var/run"]),
    [AC_SUBST(piddir, "$withval")],
    [AC_SUBST(piddir, "/var/run")]
)

AC_ARG_WITH(
    [eapdir],
    AS_HELP_STRING([--with-eapdir=dir],[path for pluggable EAP modules other than "ipsecdir/plugins/eap"]),
    [AC_SUBST(eapdir, "$withval")],
    [AC_SUBST(eapdir, "${ipsecdir}/plugins/eap")]
)

AC_ARG_WITH(
    [backenddir],
    AS_HELP_STRING([--with-backenddir=dir],[path for pluggable configuration backend modules other than "ipsecdir/plugins/backends"]),
    [AC_SUBST(backenddir, "$withval")],
    [AC_SUBST(backenddir, "${ipsecdir}/plugins/backends")]
)

AC_ARG_WITH(
    [interfacedir],
    AS_HELP_STRING([--with-interfacedir=dir],[path for pluggable control interface modules other than "ipsecdir/plugins/interfaces"]),
    [AC_SUBST(interfacedir, "$withval")],
    [AC_SUBST(interfacedir, "${ipsecdir}/plugins/interfaces")]
)

AC_ARG_WITH(
    [sim-reader],
    AS_HELP_STRING([--with-sim-reader=library.so],[library containing the sim_run_alg() function for EAP-SIM]),
    [AC_DEFINE_UNQUOTED(SIM_READER_LIB, "$withval")]
)

AC_ARG_WITH(
    [linux-headers],
    AS_HELP_STRING([--with-linux-headers=dir],[use the linux header files in dir instead of the supplied ones in "src/include"]),
    [AC_SUBST(linuxdir, "$withval")], [AC_SUBST(linuxdir, "../include")]
)
AC_SUBST(LINUX_HEADERS)

AC_ARG_WITH(
    [routing-table],
    AS_HELP_STRING([--with-routing-table=num],[use routing table for IPsec routes (default: 220)]),
    [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, $withval) AC_SUBST(IPSEC_ROUTING_TABLE, "$withval")], 
    [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, 220) AC_SUBST(IPSEC_ROUTING_TABLE, "220")]
)

AC_ARG_WITH(
    [routing-table-prio],
    AS_HELP_STRING([--with-routing-table-prio=prio],[priority for IPsec routing table (default: 220)]),
    [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, $withval) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "$withval")], 
    [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, 220) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "220")]
)

AC_ARG_WITH(
    [uid],
    AS_HELP_STRING([--with-uid=uid],[change user of the daemons to UID after startup (default is 0).]),
    [AC_DEFINE_UNQUOTED(IPSEC_UID, $withval) AC_SUBST(ipsecuid, "$withval")],
    [AC_DEFINE_UNQUOTED(IPSEC_UID, 0) AC_SUBST(ipsecuid, "0")]
)

AC_ARG_WITH(
    [gid],
    AS_HELP_STRING([--with-gid=gid],[change group of the daemons to GID after startup (default is 0).]),
    [AC_DEFINE_UNQUOTED(IPSEC_GID, $withval) AC_SUBST(ipsecgid, "$withval")],
    [AC_DEFINE_UNQUOTED(IPSEC_GID, 0) AC_SUBST(ipsecgid, "0")]
)

AC_ARG_ENABLE(
    [http],
    AS_HELP_STRING([--enable-http],[enable OCSP and fetching of Certificates and CRLs over HTTP (default is NO). Requires libcurl.]),
    [if test x$enableval = xyes; then
        http=true
        AC_DEFINE(LIBCURL)
    fi]
)
AM_CONDITIONAL(USE_LIBCURL, test x$http = xtrue)

AC_ARG_ENABLE(
    [ldap],
    AS_HELP_STRING([--enable-ldap],[enable fetching of CRLs from LDAP (default is NO). Requires openLDAP.]),
    [if test x$enableval = xyes; then
        ldap=true
        AC_DEFINE(LIBLDAP)
    fi]
)
AM_CONDITIONAL(USE_LIBLDAP, test x$ldap = xtrue)

AC_ARG_ENABLE(
    [stroke],
    AS_HELP_STRING([--disable-stroke],[disable charons stroke (pluto compatibility) configuration backend. (default is NO).]),
    [if test x$enableval = xyes; then
        stroke=true
     else
        stroke=false
    fi],
    stroke=true
)
AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)

AC_ARG_ENABLE(
    [dbus],
    AS_HELP_STRING([--enable-dbus],[enable DBUS configuration and control interface (default is NO). Requires libdbus.]),
    [if test x$enableval = xyes; then
        dbus=true
        AC_DEFINE(LIBDBUS)
    fi]
)
AM_CONDITIONAL(USE_LIBDBUS, test x$dbus = xtrue)

AC_ARG_ENABLE(
    [xml],
    AS_HELP_STRING([--enable-xml],[enable XML configuration and control interface (default is NO). Requires libxml.]),
    [if test x$enableval = xyes; then
        xml=true
        AC_DEFINE(LIBXML)
    fi]
)
AM_CONDITIONAL(USE_LIBXML, test x$xml = xtrue)

AC_ARG_ENABLE(
    [sqlite],
    AS_HELP_STRING([--enable-sqlite],[enable SQLite configuration backend (default is NO). Requires libsqlite3.]),
    [if test x$enableval = xyes; then
        sqlite=true
        AC_DEFINE(LIBSQLITE)
    fi]
)
AM_CONDITIONAL(USE_LIBSQLITE, test x$sqlite = xtrue)

AC_ARG_ENABLE(
    [smartcard],
    AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]),
    [if test x$enableval = xyes; then
        smartcard=true
        AC_DEFINE(SMARTCARD)
    fi]
)
AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue)

AC_ARG_ENABLE(
    [cisco-quirks],
    AS_HELP_STRING([--enable-cisco-quirks],[enable support of Cisco VPN client (default is NO).]),
    [if test x$enableval = xyes; then
        cisco_quirks=true
    fi]
)
AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue)

AC_ARG_ENABLE(
    [leak-detective],
    AS_HELP_STRING([--enable-leak-detective],[enable malloc hooks to find memory leaks (default is NO).]),
    [if test x$enableval = xyes; then
        leak_detective=true
    fi]
)
AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)

AC_ARG_ENABLE(
    [eap-sim],
    AS_HELP_STRING([--enable-eap-sim],[build SIM authenication module for EAP (default is NO).]),
    [if test x$enableval = xyes; then
        eap_sim=true
    fi]
)
AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)

AC_ARG_ENABLE(
    [eap-identity],
    AS_HELP_STRING([--enable-eap-identity],[build EAP module providing EAP-Identity helper (default is NO).]),
    [if test x$enableval = xyes; then
        eap_identity=true
    fi]
)
AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)

AC_ARG_ENABLE(
    [eap-md5],
    AS_HELP_STRING([--enable-eap-md5],[build MD5 (CHAP) authenication module for EAP (default is NO).]),
    [if test x$enableval = xyes; then
        eap_md5=true
    fi]
)
AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)

AC_ARG_ENABLE(
    [eap-aka],
    AS_HELP_STRING([--enable-eap-aka],[build AKA authentication module for EAP (default is NO).]),
    [if test x$enableval = xyes; then
        eap_aka=true
    fi]
)
AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)

AC_ARG_ENABLE(
    [nat-transport],
    AS_HELP_STRING([--enable-nat-transport],[enable NAT traversal with IPsec transport mode (default is NO).]),
    [if test x$enableval = xyes; then
        nat_transport=true
    fi]
)
AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue)

AC_ARG_ENABLE(
    [vendor-id],
    AS_HELP_STRING([--disable-vendor-id],[disable the sending of the strongSwan vendor ID (default is NO).]),
    [if test x$enableval = xyes; then
        vendor_id=true
     else
        vendor_id=false
    fi],
    vendor_id=true
)
AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue)

AC_ARG_ENABLE(
    [xauth-vid],
    AS_HELP_STRING([--disable-xauth-vid],[disable the sending of the XAUTH vendor ID (default is NO).]),
    [if test x$enableval = xyes; then
        xauth_vid=true
     else
        xauth_vid=false
    fi],
    xauth_vid=true
)
AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue)

AC_ARG_ENABLE(
    [uml],
    AS_HELP_STRING([--enable-uml],[build the UML test framework (default is NO).]),
    [if test x$enableval = xyes; then
        uml=true
    fi]
)
AM_CONDITIONAL(USE_UML, test x$uml = xtrue)

AC_ARG_ENABLE(
    [manager],
    AS_HELP_STRING([--enable-manager],[build web management console (default is NO).]),
    [if test x$enableval = xyes; then
        manager=true
    fi]
)
AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)

AC_ARG_ENABLE(
    [p2p],
    AS_HELP_STRING([--enable-p2p],[enable peer-to-peer NAT traversal (default is NO).]),
    [if test x$enableval = xyes; then
        p2p=true
        AC_DEFINE(P2P)
    fi]
)
AM_CONDITIONAL(USE_P2P, test x$p2p = xtrue)

AC_ARG_ENABLE(
    [integrity-test],
    AS_HELP_STRING([--enable-integrity-test],[enable the integrity test of the crypto library (default is NO).]),
    [if test x$enableval = xyes; then
        integrity_test=true 
        AC_DEFINE(INTEGRITY_TEST)
     fi]
)
AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)

AC_ARG_ENABLE(
    [self-test],
    AS_HELP_STRING([--disable-self-test],[disable the self-test of the crypto library (default is NO).]),
    [if test x$enableval = xyes; then
        self_test=true
     else
        self_test=false
        AC_DEFINE(NO_SELF_TEST)
     fi],
        self_test=true
)
AM_CONDITIONAL(USE_SELF_TEST, test x$self_test = xtrue)

AC_ARG_ENABLE(
    [pluto],
    AS_HELP_STRING([--disable-pluto],[disable the IKEv1 keying daemon pluto. (default is NO).]),
    [if test x$enableval = xyes; then
        pluto=true
     else
        pluto=false
    fi],
    pluto=true
)
AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)

AC_ARG_ENABLE(
    [charon],
    AS_HELP_STRING([--disable-charon],[disable the IKEv2 keying daemon charon. (default is NO).]),
    [if test x$enableval = xyes; then
        charon=true
     else
        charon=false
    fi],
    charon=true
)
AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)

AC_ARG_ENABLE(
    [tools],
    AS_HELP_STRING([--disable-tools],[disable additional utilities (openac and scepclient). (default is NO).]),
    [if test x$enableval = xyes; then
        tools=true
     else
        tools=false
    fi],
    tools=true
)
AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)

AM_CONDITIONAL(USE_PLUTO_OR_CHARON, test x$pluto = xtrue -o x$charon = xtrue)
AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue)
AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)

dnl =========================
dnl  check required programs
dnl =========================

AC_PROG_INSTALL
AC_PROG_LIBTOOL
AC_PROG_LEX
AC_PROG_YACC
AC_PROG_CC()
AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])

dnl ==========================
dnl  check required libraries
dnl ==========================

AC_CHECK_FUNCS(backtrace)
AC_CHECK_FUNCS(getifaddrs)

AC_HAVE_LIBRARY([gmp],[LIBS="$LIBS"],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])       
if test "$ldap" = "true"; then
    AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP enabled, but library ldap not found])])
    AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP enabled, but library lber not found])])
fi
if test "$http" = "true"; then
    AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([HTTP enabled, but library curl not found])])
fi

if test "$xml" = "true"; then
        PKG_CHECK_MODULES(xml, [libxml-2.0],, AC_MSG_ERROR([No libxml2 package information found]))
        AC_SUBST(xml_CFLAGS)
        AC_SUBST(xml_LIBS)
fi

if test "$dbus" = "true"; then
        PKG_CHECK_MODULES(dbus, [dbus-1],, AC_MSG_ERROR([No libdbus package information found]))
        AC_SUBST(dbus_CFLAGS)
        AC_SUBST(dbus_LIBS)
fi


dnl =============================
dnl  check required header files
dnl =============================


AC_MSG_CHECKING([gmp.h version >= 4.1.4])
AC_TRY_COMPILE(
    [#include "gmp.h"],
    [
        #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
            #error bad gmp
        #endif
    ], 
    [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
)
AC_MSG_CHECKING([capset() definition])
AC_TRY_COMPILE(
    [#include <linux/capset.h>],
    [
        void *test = capset;
    ], 
    [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_DEFINE_UNQUOTED(NO_CAPSET_DEFINED, 1)]
)
if test "$ldap" = "true"; then
    AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP enabled, but ldap.h not found!])])
fi
if test "$http" = "true"; then
    AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([HTTP enabled, but curl.h not found!])])
fi

dnl ==============================
dnl  build Makefiles
dnl ==============================

AC_OUTPUT(
        Makefile
        src/Makefile
        src/include/Makefile
        src/libstrongswan/Makefile
        src/libcrypto/Makefile
        src/libfreeswan/Makefile
        src/pluto/Makefile
        src/whack/Makefile
        src/charon/Makefile
        src/stroke/Makefile
        src/ipsec/Makefile
        src/starter/Makefile
        src/_updown/Makefile
        src/_updown_espmark/Makefile
        src/_copyright/Makefile
        src/openac/Makefile
        src/scepclient/Makefile
        src/dumm/Makefile
        src/manager/Makefile
        testing/Makefile
)