use m4/ autoconf subdirectory
[strongswan.git] / configure.in
1 dnl  configure.in for linux strongSwan
2 dnl  Copyright (C) 2006 Martin Willi
3 dnl  Hochschule fuer Technik Rapperswil
4 dnl
5 dnl  This program is free software; you can redistribute it and/or modify it
6 dnl  under the terms of the GNU General Public License as published by the
7 dnl  Free Software Foundation; either version 2 of the License, or (at your
8 dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9 dnl
10 dnl  This program is distributed in the hope that it will be useful, but
11 dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13 dnl  for more details.
14
15 dnl ===========================
16 dnl  initialize & set some vars
17 dnl ===========================
18
19 AC_INIT(strongSwan,4.3.5)
20 AM_INIT_AUTOMAKE(tar-ustar)
21 AC_CONFIG_MACRO_DIR([m4/config])
22 AC_SUBST(confdir, '${sysconfdir}')
23 PKG_PROG_PKG_CONFIG
24
25 dnl =================================
26 dnl  check --enable-xxx & --with-xxx
27 dnl =================================
28
29 AC_ARG_WITH(
30         [default-pkcs11],
31         AS_HELP_STRING([--with-default-pkcs11=lib],[set the default PKCS11 library other than "/usr/lib/opensc-pkcs11.so"]),
32         [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "$withval")],
33         [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "/usr/lib/opensc-pkcs11.so")]
34 )
35
36 AC_ARG_WITH(
37         [xauth-module],
38         AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]),
39         [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")],
40 )
41
42 AC_ARG_WITH(
43         [random-device],
44         AS_HELP_STRING([--with-random-device=dev],[set the device for real random data other than "/dev/random"]),
45         [AC_DEFINE_UNQUOTED(DEV_RANDOM, "$withval")],
46         [AC_DEFINE_UNQUOTED(DEV_RANDOM, "/dev/random")]
47 )
48 AC_ARG_WITH(
49         [resolv-conf],
50         AS_HELP_STRING([--with-resolv-conf=file],[set the file to use in DNS handler plugin other than "sysconfdir/resolv.conf"]),
51         [AC_SUBST(resolv_conf, "$withval")],
52         [AC_SUBST(resolv_conf, "${sysconfdir}/resolv.conf")]
53 )
54
55 AC_ARG_WITH(
56         [strongswan-conf],
57         AS_HELP_STRING([--with-strongswan-conf=file],[strongswan.conf file other than "sysconfdir/strongswan.conf"]),
58         [AC_SUBST(strongswan_conf, "$withval")],
59         [AC_SUBST(strongswan_conf, "${sysconfdir}/strongswan.conf")]
60 )
61
62 AC_ARG_WITH(
63         [urandom-device],
64         AS_HELP_STRING([--with-urandom-device=dev],[set the device for pseudo random data other than "/dev/urandom"]),
65         [AC_DEFINE_UNQUOTED(DEV_URANDOM, "$withval")],
66         [AC_DEFINE_UNQUOTED(DEV_URANDOM, "/dev/urandom")]
67 )
68
69 AC_ARG_WITH(
70         [piddir],
71         AS_HELP_STRING([--with-piddir=dir],[path for PID and UNIX socket files other than "/var/run"]),
72         [AC_SUBST(piddir, "$withval")],
73         [AC_SUBST(piddir, "/var/run")]
74 )
75
76 AC_ARG_WITH(
77         [ipsecdir],
78         AS_HELP_STRING([--with-ipsecdir=dir],[installation path for ipsec tools other than "libexecdir/ipsec"]),
79         [AC_SUBST(ipsecdir, "$withval")],
80         [AC_SUBST(ipsecdir, "${libexecdir%/}/ipsec")]
81 )
82 AC_SUBST(plugindir, "${ipsecdir%/}/plugins")
83
84 AC_ARG_WITH(
85         [plugindir],
86         AS_HELP_STRING([--with-plugindir=dir],[installation path for plugins other than "ipsecdir/plugins"]),
87         [AC_SUBST(plugindir, "$withval")],
88         [AC_SUBST(plugindir, "${ipsecdir%/}/plugins")]
89 )
90
91 AC_ARG_WITH(
92         [sim-reader],
93         AS_HELP_STRING([--with-sim-reader=library.so],[library containing the sim_run_alg()/sim_get_triplet() function for EAP-SIM]),
94         [AC_SUBST(simreader, "$withval")],
95         [AC_SUBST(simreader, "${plugindir%/}/libeapsim-file.so")]
96 )
97
98 AC_ARG_WITH(
99         [linux-headers],
100         AS_HELP_STRING([--with-linux-headers=dir],[use the linux header files in dir instead of the supplied ones in "src/include"]),
101         [AC_SUBST(linuxdir, "$withval")], [AC_SUBST(linuxdir, "\${top_srcdir}/src/include")]
102 )
103 AC_SUBST(LINUX_HEADERS)
104
105 AC_ARG_WITH(
106         [routing-table],
107         AS_HELP_STRING([--with-routing-table=num],[use routing table for IPsec routes (default: 220)]),
108         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, $withval) AC_SUBST(IPSEC_ROUTING_TABLE, "$withval")], 
109         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, 220) AC_SUBST(IPSEC_ROUTING_TABLE, "220")]
110 )
111
112 AC_ARG_WITH(
113         [routing-table-prio],
114         AS_HELP_STRING([--with-routing-table-prio=prio],[priority for IPsec routing table (default: 220)]),
115         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, $withval) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "$withval")], 
116         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, 220) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "220")]
117 )
118
119 AC_ARG_WITH(
120         [uid],,[AC_MSG_ERROR([--with-uid is gone, use --with-user instead!])]
121 )
122
123 AC_ARG_WITH(
124         [gid],,[AC_MSG_ERROR([--with-gid is gone, use --with-group instead!])]
125 )
126
127 AC_ARG_WITH(
128         [user],
129         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
130         [AC_DEFINE_UNQUOTED(IPSEC_USER, "$withval") AC_SUBST(ipsecuser, "$withval")],
131         [AC_SUBST(ipsecuser, "root")]
132 )
133
134 AC_ARG_WITH(
135         [group],
136         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
137         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval") AC_SUBST(ipsecgroup, "$withval")],
138         [AC_SUBST(ipsecgroup, "root")]
139 )
140
141 dnl Will be extended to --with-capabilities=libcap|libcap2
142 AC_ARG_WITH(
143         [capabilities],
144         AS_HELP_STRING([--with-capabilities=libcap],[capability dropping using libcap. Currenlty only the value "libcap" is supported (default is NO).]),
145         [capabilities="$withval"],
146         [capabilities=no]
147 )
148
149 AC_ARG_ENABLE(
150         [curl],
151         AS_HELP_STRING([--enable-curl],[enable CURL fetcher plugin to fetch files via libcurl (default is NO). Requires libcurl.]),
152         [if test x$enableval = xyes; then
153                 curl=true
154         fi]
155 )
156
157 AC_ARG_ENABLE(
158         [ldap],
159         AS_HELP_STRING([--enable-ldap],[enable LDAP fetching plugin to fetch files via libldap (default is NO). Requires openLDAP.]),
160         [if test x$enableval = xyes; then
161                 ldap=true
162         fi]
163 )
164
165 AC_ARG_ENABLE(
166         [aes],
167         AS_HELP_STRING([--disable-aes],[disable own AES software implementation plugin. (default is NO).]),
168         [if test x$enableval = xyes; then
169                 aes=true
170          else
171                 aes=false
172         fi],
173         aes=true
174 )
175
176 AC_ARG_ENABLE(
177         [des],
178         AS_HELP_STRING([--disable-des],[disable own DES/3DES software implementation plugin. (default is NO).]),
179         [if test x$enableval = xyes; then
180                 des=true
181          else
182                 des=false
183         fi],
184         des=true
185 )
186
187 AC_ARG_ENABLE(
188         [blowfish],
189         AS_HELP_STRING([--enable-blowfish],[enable Blowfish software implementation plugin (default is NO).]),
190         [if test x$enableval = xyes; then
191                 blowfish=true
192         fi]
193 )
194
195 AC_ARG_ENABLE(
196         [md4],
197         AS_HELP_STRING([--enable-md4],[enable MD4 software implementation plugin (default is NO).]),
198         [if test x$enableval = xyes; then
199                 md4=true
200         fi]
201 )
202
203 AC_ARG_ENABLE(
204         [md5],
205         AS_HELP_STRING([--disable-md5],[disable own MD5 software implementation plugin. (default is NO).]),
206         [if test x$enableval = xyes; then
207                 md5=true
208          else
209                 md5=false
210         fi],
211         md5=true
212 )
213
214 AC_ARG_ENABLE(
215         [sha1],
216         AS_HELP_STRING([--disable-sha1],[disable own SHA1 software implementation plugin. (default is NO).]),
217         [if test x$enableval = xyes; then
218                 sha1=true
219          else
220                 sha1=false
221         fi],
222         sha1=true
223 )
224
225 AC_ARG_ENABLE(
226         [sha2],
227         AS_HELP_STRING([--disable-sha2],[disable own SHA256/SHA384/SHA512 software implementation plugin. (default is NO).]),
228         [if test x$enableval = xyes; then
229                 sha2=true
230          else
231                 sha2=false
232         fi],
233         sha2=true
234 )
235
236 AC_ARG_ENABLE(
237         [fips-prf],
238         AS_HELP_STRING([--disable-fips-prf],[disable FIPS PRF software implementation plugin. (default is NO).]),
239         [if test x$enableval = xyes; then
240                 fips_prf=true
241          else
242                 fips_prf=false
243         fi],
244         fips_prf=true
245 )
246
247 AC_ARG_ENABLE(
248         [gmp],
249         AS_HELP_STRING([--disable-gmp],[disable own GNU MP (libgmp) based crypto implementation plugin. (default is NO).]),
250         [if test x$enableval = xyes; then
251                 gmp=true
252          else
253                 gmp=false
254         fi],
255         gmp=true
256 )
257
258 AC_ARG_ENABLE(
259         [random],
260         AS_HELP_STRING([--disable-random],[disable RNG implementation on top of /dev/(u)random. (default is NO).]),
261         [if test x$enableval = xyes; then
262                 random=true
263          else
264                 random=false
265         fi],
266         random=true
267 )
268
269 AC_ARG_ENABLE(
270         [x509],
271         AS_HELP_STRING([--disable-x509],[disable own X509 certificate implementation plugin. (default is NO).]),
272         [if test x$enableval = xyes; then
273                 x509=true
274          else
275                 x509=false
276         fi],
277         x509=true
278 )
279
280 AC_ARG_ENABLE(
281         [pubkey],
282         AS_HELP_STRING([--disable-pubkey],[disable RAW public key support plugin. (default is NO).]),
283         [if test x$enableval = xyes; then
284                 pubkey=true
285          else
286                 pubkey=false
287         fi],
288         pubkey=true
289 )
290
291 AC_ARG_ENABLE(
292         [pkcs1],
293         AS_HELP_STRING([--disable-pkcs1],[disable PKCS1 key decoding plugin. (default is NO).]),
294         [if test x$enableval = xyes; then
295                 pkcs1=true
296          else
297                 pkcs1=false
298         fi],
299         pkcs1=true
300 )
301
302 AC_ARG_ENABLE(
303         [pgp],
304         AS_HELP_STRING([--disable-pgp],[disable PGP key decoding plugin. (default is NO).]),
305         [if test x$enableval = xyes; then
306                 pgp=true
307          else
308                 pgp=false
309         fi],
310         pgp=true
311 )
312
313 AC_ARG_ENABLE(
314         [dnskey],
315         AS_HELP_STRING([--disable-dnskey],[disable DNS RR key decoding plugin. (default is NO).]),
316         [if test x$enableval = xyes; then
317                 dnskey=true
318          else
319                 dnskey=false
320         fi],
321         dnskey=true
322 )
323
324 AC_ARG_ENABLE(
325         [pem],
326         AS_HELP_STRING([--disable-pem],[disable PEM decoding plugin. (default is NO).]),
327         [if test x$enableval = xyes; then
328                 pem=true
329          else
330                 pem=false
331         fi],
332         pem=true
333 )
334
335 AC_ARG_ENABLE(
336         [hmac],
337         AS_HELP_STRING([--disable-hmac],[disable HMAC crypto implementation plugin. (default is NO).]),
338         [if test x$enableval = xyes; then
339                 hmac=true
340          else
341                 hmac=false
342         fi],
343         hmac=true
344 )
345
346 AC_ARG_ENABLE(
347         [xcbc],
348         AS_HELP_STRING([--disable-xcbc],[disable xcbc crypto implementation plugin. (default is NO).]),
349         [if test x$enableval = xyes; then
350                 xcbc=true
351          else
352                 xcbc=false
353         fi],
354         xcbc=true
355 )
356
357 AC_ARG_ENABLE(
358         [test-vectors],
359         AS_HELP_STRING([--enable-test-vectors],[enable plugin providing crypto test vectors (default is NO).]),
360         [if test x$enableval = xyes; then
361                 test_vectors=true
362         fi]
363 )
364
365 AC_ARG_ENABLE(
366         [mysql],
367         AS_HELP_STRING([--enable-mysql],[enable MySQL database support (default is NO). Requires libmysqlclient_r.]),
368         [if test x$enableval = xyes; then
369                 mysql=true
370         fi]
371 )
372
373 AC_ARG_ENABLE(
374         [sqlite],
375         AS_HELP_STRING([--enable-sqlite],[enable SQLite database support (default is NO). Requires libsqlite3.]),
376         [if test x$enableval = xyes; then
377                 sqlite=true
378         fi]
379 )
380
381 AC_ARG_ENABLE(
382         [stroke],
383         AS_HELP_STRING([--disable-stroke],[disable charons stroke (pluto compatibility) configuration backend. (default is NO).]),
384         [if test x$enableval = xyes; then
385                 stroke=true
386          else
387                 stroke=false
388         fi],
389         stroke=true
390 )
391
392 AC_ARG_ENABLE(
393         [medsrv],
394         AS_HELP_STRING([--enable-medsrv],[enable mediation server web frontend and daemon plugin (default is NO).]),
395         [if test x$enableval = xyes; then
396                 medsrv=true
397         fi]
398 )
399
400 AC_ARG_ENABLE(
401         [medcli],
402         AS_HELP_STRING([--enable-medcli],[enable mediation client configuration database plugin (default is NO).]),
403         [if test x$enableval = xyes; then
404                 medcli=true
405         fi]
406 )
407
408 AC_ARG_ENABLE(
409         [smp],
410         AS_HELP_STRING([--enable-smp],[enable SMP configuration and control interface (default is NO). Requires libxml.]),
411         [if test x$enableval = xyes; then
412                 smp=true
413         fi]
414 )
415
416 AC_ARG_ENABLE(
417         [sql],
418         AS_HELP_STRING([--enable-sql],[enable SQL database configuration backend (default is NO).]),
419         [if test x$enableval = xyes; then
420                 sql=true
421         fi]
422 )
423
424 AC_ARG_ENABLE(
425         [smartcard],
426         AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]),
427         [if test x$enableval = xyes; then
428                 smartcard=true
429         fi]
430 )
431
432 AC_ARG_ENABLE(
433         [cisco-quirks],
434         AS_HELP_STRING([--enable-cisco-quirks],[enable support of Cisco VPN client (default is NO).]),
435         [if test x$enableval = xyes; then
436                 cisco_quirks=true
437         fi]
438 )
439
440 AC_ARG_ENABLE(
441         [leak-detective],
442         AS_HELP_STRING([--enable-leak-detective],[enable malloc hooks to find memory leaks (default is NO).]),
443         [if test x$enableval = xyes; then
444                 leak_detective=true
445         fi]
446 )
447
448 AC_ARG_ENABLE(
449         [lock-profiler],
450         AS_HELP_STRING([--enable-lock-profiler],[enable lock/mutex profiling code (default is NO).]),
451         [if test x$enableval = xyes; then
452                 lock_profiler=true
453         fi]
454 )
455
456 AC_ARG_ENABLE(
457         [unit-tests],
458         AS_HELP_STRING([--enable-unit-tests],[enable unit tests on IKEv2 daemon startup (default is NO).]),
459         [if test x$enableval = xyes; then
460                 unittest=true
461         fi]
462 )
463
464 AC_ARG_ENABLE(
465         [load-tests],
466         AS_HELP_STRING([--enable-load-tests],[enable load testing plugin for IKEv2 daemon (default is NO).]),
467         [if test x$enableval = xyes; then
468                 loadtest=true
469         fi]
470 )
471
472 AC_ARG_ENABLE(
473         [eap-sim],
474         AS_HELP_STRING([--enable-eap-sim],[build SIM authenication module for EAP (default is NO).]),
475         [if test x$enableval = xyes; then
476                 eap_sim=true
477         fi]
478 )
479
480 AC_ARG_ENABLE(
481         [eap-sim-file],
482         AS_HELP_STRING([--enable-eap-sim-file],[build EAP-SIM backend based on a triplet file (default is NO).]),
483         [if test x$enableval = xyes; then
484                 eap_sim_file=true
485         fi]
486 )
487
488 AC_ARG_ENABLE(
489         [eap-identity],
490         AS_HELP_STRING([--enable-eap-identity],[build EAP module providing EAP-Identity helper (default is NO).]),
491         [if test x$enableval = xyes; then
492                 eap_identity=true
493         fi]
494 )
495
496 AC_ARG_ENABLE(
497         [eap-md5],
498         AS_HELP_STRING([--enable-eap-md5],[build MD5 (CHAP) authenication module for EAP (default is NO).]),
499         [if test x$enableval = xyes; then
500                 eap_md5=true
501         fi]
502 )
503
504 AC_ARG_ENABLE(
505         [eap-gtc],
506         AS_HELP_STRING([--enable-eap-gtc],[build PAM based GTC authenication module for EAP (default is NO).]),
507         [if test x$enableval = xyes; then
508                 eap_gtc=true
509         fi]
510 )
511
512 AC_ARG_ENABLE(
513         [eap-aka],
514         AS_HELP_STRING([--enable-eap-aka],[build AKA authentication module for EAP (default is NO).]),
515         [if test x$enableval = xyes; then
516                 eap_aka=true
517         fi]
518 )
519
520 AC_ARG_ENABLE(
521         [eap-mschapv2],
522         AS_HELP_STRING([--enable-eap-mschapv2],[build MS-CHAPv2 authenication module for EAP (default is NO).]),
523         [if test x$enableval = xyes; then
524                 eap_mschapv2=true
525         fi]
526 )
527
528 AC_ARG_ENABLE(
529         [eap-radius],
530         AS_HELP_STRING([--enable-eap-radius],[build RADIUS proxy authenication module for EAP (default is NO).]),
531         [if test x$enableval = xyes; then
532                 eap_radius=true
533         fi]
534 )
535
536 AC_ARG_ENABLE(
537         [kernel-netlink],
538         AS_HELP_STRING([--disable-kernel-netlink],[disable the netlink kernel interface. (default is NO).]),
539         [if test x$enableval = xyes; then
540                 kernel_netlink=true
541          else
542                 kernel_netlink=false
543         fi],
544         kernel_netlink=true
545 )
546
547 AC_ARG_ENABLE(
548         [kernel-pfkey],
549         AS_HELP_STRING([--enable-kernel-pfkey],[enable the PF_KEY kernel interface. (default is NO).]),
550         [if test x$enableval = xyes; then
551                 kernel_pfkey=true
552         fi]
553 )
554
555 AC_ARG_ENABLE(
556         [kernel-pfroute],
557         AS_HELP_STRING([--enable-kernel-pfroute],[enable the PF_ROUTE kernel interface. (default is NO).]),
558         [if test x$enableval = xyes; then
559                 kernel_pfroute=true
560         fi]
561 )
562
563 AC_ARG_ENABLE(
564         [kernel-klips],
565         AS_HELP_STRING([--enable-kernel-klips],[enable the KLIPS kernel interface. (default is NO).]),
566         [if test x$enableval = xyes; then
567                 kernel_klips=true
568         fi]
569 )
570
571 AC_ARG_ENABLE(
572         [nat-transport],
573         AS_HELP_STRING([--enable-nat-transport],[enable NAT traversal with IPsec transport mode (default is NO).]),
574         [if test x$enableval = xyes; then
575                 nat_transport=true
576         fi]
577 )
578
579 AC_ARG_ENABLE(
580         [vendor-id],
581         AS_HELP_STRING([--disable-vendor-id],[disable the sending of the strongSwan vendor ID (default is NO).]),
582         [if test x$enableval = xyes; then
583                 vendor_id=true
584          else
585                 vendor_id=false
586         fi],
587         vendor_id=true
588 )
589
590 AC_ARG_ENABLE(
591         [xauth-vid],
592         AS_HELP_STRING([--disable-xauth-vid],[disable the sending of the XAUTH vendor ID (default is NO).]),
593         [if test x$enableval = xyes; then
594                 xauth_vid=true
595          else
596                 xauth_vid=false
597         fi],
598         xauth_vid=true
599 )
600
601 AC_ARG_ENABLE(
602         [dumm],
603         AS_HELP_STRING([--enable-dumm],[build the DUMM UML test framework (default is NO).]),
604         [if test x$enableval = xyes; then
605                 dumm=true
606         fi]
607 )
608
609 AC_ARG_ENABLE(
610         [fast],
611         AS_HELP_STRING([--enable-fast],[build libfast (FastCGI Application Server w/ templates (default is NO).]),
612         [if test x$enableval = xyes; then
613                 fast=true
614         fi]
615 )
616
617 AC_ARG_ENABLE(
618         [manager],
619         AS_HELP_STRING([--enable-manager],[build web management console (default is NO).]),
620         [if test x$enableval = xyes; then
621                 manager=true
622                 xml=true
623         fi]
624 )
625
626 AC_ARG_ENABLE(
627         [mediation],
628         AS_HELP_STRING([--enable-mediation],[enable IKEv2 Mediation Extension (default is NO).]),
629         [if test x$enableval = xyes; then
630                 me=true
631         fi]
632 )
633
634 AC_ARG_ENABLE(
635         [integrity-test],
636         AS_HELP_STRING([--enable-integrity-test],[enable integrity testing of libstrongswan and plugins (default is NO).]),
637         [if test x$enableval = xyes; then
638                 integrity_test=true 
639         fi]
640 )
641
642 AC_ARG_ENABLE(
643         [pluto],
644         AS_HELP_STRING([--disable-pluto],[disable the IKEv1 keying daemon pluto. (default is NO).]),
645         [if test x$enableval = xyes; then
646                 pluto=true
647          else
648                 pluto=false
649         fi],
650         pluto=true
651 )
652
653 AC_ARG_ENABLE(
654         [threads],
655         AS_HELP_STRING([--disable-threads],[disable the use of threads in pluto. Charon always uses threads. (default is NO).]),
656         [if test x$enableval = xyes; then
657                 threads=true
658          else
659                 threads=false
660         fi],
661         threads=true
662 )
663
664 AC_ARG_ENABLE(
665         [charon],
666         AS_HELP_STRING([--disable-charon],[disable the IKEv2 keying daemon charon. (default is NO).]),
667         [if test x$enableval = xyes; then
668                 charon=true
669          else
670                 charon=false
671         fi],
672         charon=true
673 )
674
675 AC_ARG_ENABLE(
676         [tools],
677         AS_HELP_STRING([--disable-tools],[disable additional utilities (openac, scepclient and pki). (default is NO).]),
678         [if test x$enableval = xyes; then
679                 tools=true
680          else
681                 tools=false
682         fi],
683         tools=true
684 )
685
686 AC_ARG_ENABLE(
687         [scripts],
688         AS_HELP_STRING([--disable-scripts],[disable additional utilities (found in directory scripts). (default is NO).]),
689         [if test x$enableval = xyes; then
690                 scripts=true
691          else
692                 scripts=false
693         fi],
694         scripts=true
695 )
696
697 AC_ARG_ENABLE(
698         [updown],
699         AS_HELP_STRING([--disable-updown],[disable updown firewall script plugin. (default is NO).]),
700         [if test x$enableval = xyes; then
701                 updown=true
702          else
703                 updown=false
704         fi],
705         updown=true
706 )
707
708 AC_ARG_ENABLE(
709         [attr],
710         AS_HELP_STRING([--disable-attr],[disable strongswan.conf based configuration attribute plugin. (default is NO).]),
711         [if test x$enableval = xyes; then
712                 attr=true
713          else
714                 attr=false
715         fi],
716         attr=true
717 )
718
719 AC_ARG_ENABLE(
720         [resolv-conf],
721         AS_HELP_STRING([--disable-resolv-conf],[disable resolv.conf DNS handler plugin. (default is NO).]),
722         [if test x$enableval = xyes; then
723                 resolvconf=true
724          else
725                 resolvconf=false
726         fi],
727         resolvconf=true
728 )
729
730 AC_ARG_ENABLE(
731         [padlock],
732         AS_HELP_STRING([--enable-padlock],[enables VIA Padlock crypto plugin. (default is NO).]),
733         [if test x$enableval = xyes; then
734                 padlock=true
735          else
736                 padlock=false
737         fi],
738 )
739
740 AC_ARG_ENABLE(
741         [openssl],
742         AS_HELP_STRING([--enable-openssl],[enables the OpenSSL crypto plugin. (default is NO).]),
743         [if test x$enableval = xyes; then
744                 openssl=true
745          else
746                 openssl=false
747         fi],
748 )
749
750 AC_ARG_ENABLE(
751         [gcrypt],
752         AS_HELP_STRING([--enable-gcrypt],[enables the libgcrypt plugin. (default is NO).]),
753         [if test x$enableval = xyes; then
754                 gcrypt=true
755          else
756                 gcrypt=false
757         fi],
758 )
759
760 AC_ARG_ENABLE(
761         [agent],
762         AS_HELP_STRING([--enable-agent],[enables the ssh-agent signing plugin. (default is NO).]),
763         [if test x$enableval = xyes; then
764                 agent=true
765          else
766                 agent=false
767         fi],
768 )
769
770 AC_ARG_ENABLE(
771         [uci],
772         AS_HELP_STRING([--enable-uci],[enable OpenWRT UCI configuration plugin (default is NO).]),
773         [if test x$enableval = xyes; then
774                 uci=true
775         fi]
776 )
777
778 AC_ARG_ENABLE(
779         [nm],
780         AS_HELP_STRING([--enable-nm],[enable NetworkManager plugin (default is NO).]),
781         [if test x$enableval = xyes; then
782                 nm=true
783         fi]
784 )
785
786 AC_ARG_ENABLE(
787         [vstr],
788         AS_HELP_STRING([--enable-vstr],[enforce using the Vstr string library to replace glibc-like printf hooks (default is NO).]),
789         [if test x$enableval = xyes; then
790                 vstr=true
791         fi]
792 )
793
794 dnl =========================
795 dnl  set up compiler and flags
796 dnl =========================
797
798 if test -z "$CFLAGS"; then
799         CFLAGS="-g -O2 -Wall -Wno-format -Wno-pointer-sign -Wno-strict-aliasing"
800 fi
801 AC_PROG_CC
802 AC_LIB_PREFIX
803 AC_C_BIGENDIAN
804
805 dnl =========================
806 dnl  check required programs
807 dnl =========================
808
809 AC_PROG_INSTALL
810 AC_PROG_LIBTOOL
811 AC_PROG_EGREP
812 AC_PROG_AWK
813 AC_PROG_LEX
814 AC_PROG_YACC
815 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
816 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
817
818 dnl because gperf is not needed by end-users we just report it but do not abort on failure
819 AC_MSG_CHECKING([gperf version >= 3.0.0])
820 if test -x "$GPERF"; then
821         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
822                 AC_MSG_RESULT([yes])
823         else
824                 AC_MSG_RESULT([no])
825         fi
826 else
827         AC_MSG_RESULT([not found])
828 fi
829
830 dnl translate user/group to numercial ids
831 AC_MSG_CHECKING([for uid of user "$ipsecuser"])
832 ipsecuid=`id -u $ipsecuser 2>/dev/null`
833 if test -n "$ipsecuid"; then
834         AC_MSG_RESULT([$ipsecuid])
835         AC_SUBST(ipsecuid)
836 else
837         AC_MSG_ERROR([not found])
838 fi
839 AC_MSG_CHECKING([for gid of group "$ipsecgroup"])
840 ipsecgid=`$EGREP "^$ipsecgroup:" /etc/group | $AWK -F: '{ print $3 }'`
841 if test -n "$ipsecgid"; then
842         AC_MSG_RESULT([$ipsecgid])
843         AC_SUBST(ipsecgid)
844 else
845         AC_MSG_ERROR([not found])
846 fi
847
848 dnl =========================
849 dnl  dependency calculation
850 dnl =========================
851
852 if test x$eap_aka = xtrue; then
853         gmp=true;
854         fips_prf=true;
855         sha1=true;
856 fi
857
858 if test x$eap_sim = xtrue; then
859         fips_prf=true;
860 fi
861
862 if test x$fips_prf = xtrue; then
863         sha1=true;
864 fi
865
866 if test x$smp = xtrue; then
867         xml=true
868 fi
869
870 if test x$manager = xtrue; then
871         fast=true
872 fi
873
874 if test x$medsrv = xtrue; then
875         me=true
876         fast=true
877 fi
878
879 if test x$medcli = xtrue; then
880         me=true
881 fi
882
883 dnl ===========================================
884 dnl  check required libraries and header files
885 dnl ===========================================
886
887 AC_HEADER_STDBOOL
888 AC_FUNC_ALLOCA
889
890 dnl libraries needed on some platforms but not on others
891 dnl ====================================================
892 saved_LIBS=$LIBS
893
894 dnl FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
895 LIBS=""
896 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
897 AC_SUBST(DLLIB)
898
899 dnl glibc's backtrace() can be replicated on FreeBSD with libexecinfo
900 LIBS=""
901 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
902 AC_CHECK_FUNCS(backtrace)
903 AC_SUBST(BTLIB)
904
905 dnl OpenSolaris needs libsocket and libnsl for socket()
906 LIBS=""
907 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
908         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
909 )
910 AC_SUBST(SOCKLIB)
911
912 dnl FreeBSD has clock_gettime in libc, Linux needs librt
913 LIBS=""
914 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
915 AC_CHECK_FUNCS(clock_gettime)
916 AC_SUBST(RTLIB)
917
918 LIBS=$saved_LIBS
919 dnl ======================
920
921 AC_MSG_CHECKING(for dladdr)
922 AC_TRY_COMPILE(
923         [#define _GNU_SOURCE
924          #include <dlfcn.h>],
925         [Dl_info* info = 0;
926          dladdr(0, info);],
927         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR])],
928         [AC_MSG_RESULT([no])]
929 )
930
931 dnl check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
932 saved_LIBS=$LIBS
933 LIBS="-lpthread"
934 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
935 AC_TRY_RUN(
936         [#include <pthread.h>
937          int main() { pthread_condattr_t attr;
938                 pthread_condattr_init(&attr);
939                 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}],
940         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])],
941         [AC_MSG_RESULT([no])]
942 )
943 LIBS=$saved_LIBS
944
945 AC_CHECK_FUNCS(prctl)
946
947 AC_CHECK_HEADERS(sys/sockio.h)
948 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
949
950 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
951 [
952         #include <sys/types.h>
953         #include <sys/socket.h>
954 ])
955
956 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
957 [
958         #include <sys/types.h>
959         #ifdef HAVE_NET_PFKEYV2_H
960         #include <net/pfkeyv2.h>
961         #else
962         #include <stdint.h>
963         #include <linux/pfkeyv2.h>
964         #endif
965 ])
966
967 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
968 AC_TRY_COMPILE(
969         [#include <sys/types.h>
970         #ifdef HAVE_NETIPSEC_IPSEC_H
971         #include <netipsec/ipsec.h>
972         #elif defined(HAVE_NETINET6_IPSEC_H)
973         #include <netinet6/ipsec.h>
974         #else
975         #include <stdint.h>
976         #include <linux/ipsec.h>
977         #endif],
978         [int mode = IPSEC_MODE_BEET;
979          return mode;],
980         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_MODE_BEET])],
981         [AC_MSG_RESULT([no])]
982 )
983
984 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
985 AC_TRY_COMPILE(
986         [#include <sys/types.h>
987         #ifdef HAVE_NETIPSEC_IPSEC_H
988         #include <netipsec/ipsec.h>
989         #elif defined(HAVE_NETINET6_IPSEC_H)
990         #include <netinet6/ipsec.h>
991         #else
992         #include <stdint.h>
993         #include <linux/ipsec.h>
994         #endif],
995         [int dir = IPSEC_DIR_FWD;
996          return dir;],
997         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_DIR_FWD])],
998         [AC_MSG_RESULT([no])]
999 )
1000
1001 AC_MSG_CHECKING([for gcc atomic operations])
1002 AC_TRY_RUN(
1003 [
1004         int main() {
1005                 volatile int ref = 1;
1006                 __sync_fetch_and_add (&ref, 1);
1007                 __sync_sub_and_fetch (&ref, 1);
1008                 /* Make sure test fails if operations are not supported */
1009                 __sync_val_compare_and_swap(&ref, 1, 0);
1010                 return ref;
1011         }
1012 ],
1013 [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_GCC_ATOMIC_OPERATIONS)],
1014 [AC_MSG_RESULT([no])],
1015 [AC_MSG_RESULT([no])])
1016
1017 AC_CHECK_FUNC(
1018         [register_printf_function],
1019         [AC_DEFINE(HAVE_PRINTF_HOOKS)],
1020         [
1021                 AC_MSG_NOTICE([printf does not support custom format specifiers!])
1022                 vstr=true
1023         ]
1024 )
1025
1026 if test x$vstr = xtrue; then
1027         AC_HAVE_LIBRARY([vstr],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])])
1028         AC_DEFINE(USE_VSTR)
1029 fi
1030
1031 if test x$gmp = xtrue; then
1032         AC_HAVE_LIBRARY([gmp],[LIBS="$LIBS"],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])
1033         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
1034         AC_TRY_COMPILE(
1035                 [#include "gmp.h"],
1036                 [
1037                         #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
1038                                 #error bad gmp
1039                         #endif
1040                 ],
1041                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
1042         )
1043 fi
1044
1045 if test x$ldap = xtrue; then
1046         AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])])
1047         AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])])
1048         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
1049 fi
1050
1051 if test x$curl = xtrue; then
1052         AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])])
1053         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
1054 fi
1055
1056 if test x$xml = xtrue; then
1057         PKG_CHECK_MODULES(xml, [libxml-2.0])
1058         AC_SUBST(xml_CFLAGS)
1059         AC_SUBST(xml_LIBS)
1060 fi
1061
1062 if test x$dumm = xtrue; then
1063         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
1064         AC_SUBST(gtk_CFLAGS)
1065         AC_SUBST(gtk_LIBS)
1066         AC_CHECK_PROGS(RUBY, ruby)
1067         AC_MSG_CHECKING([for Ruby header files])
1068         if test -n "$RUBY"; then
1069                 RUBYDIR=`($RUBY -rmkmf -e 'print Config::CONFIG[["archdir"]] || $archdir') 2>/dev/null`
1070                 if test -n "$RUBYDIR"; then
1071                         dirs="$RUBYDIR"
1072                         RUBYINCLUDE=none
1073                         for i in $dirs; do
1074                                 if test -r $i/ruby.h; then
1075                                         AC_MSG_RESULT([$i])
1076                                         RUBYINCLUDE="-I$i"
1077                                         break;
1078                                 fi
1079                         done
1080                         if test x"$RUBYINCLUDE" = xnone; then
1081                                 AC_MSG_ERROR([ruby.h not found])
1082                         fi
1083                         AC_SUBST(RUBYINCLUDE)
1084                 else
1085                         AC_MSG_ERROR([unable to determine ruby configuration])
1086                 fi
1087         else
1088                 AC_MSG_ERROR([don't know how to run ruby])
1089         fi
1090 fi
1091
1092 if test x$fast = xtrue; then
1093         AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])])
1094         AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])])
1095         AC_HAVE_LIBRARY([z],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver dependency zlib not found!])])
1096 dnl autoconf does not like CamelCase!? How to fix this?
1097 dnl     AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
1098
1099         AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])])
1100         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
1101 fi
1102
1103 if test x$mysql = xtrue; then
1104         AC_HAVE_LIBRARY([mysqlclient_r],[LIBS="$LIBS"],[AC_MSG_ERROR([MySQL library mysqlclient_r not found])])
1105         AC_CHECK_HEADER([mysql/mysql.h],,[AC_MSG_ERROR([MySQL header mysql/mysql.h not found!])])
1106 fi
1107
1108 if test x$sqlite = xtrue; then
1109         AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])])
1110         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
1111         AC_MSG_CHECKING([sqlite3_prepare_v2])
1112         AC_TRY_COMPILE(
1113                 [#include <sqlite3.h>],
1114                 [
1115                         void *test = sqlite3_prepare_v2;
1116                 ],
1117                 [AC_MSG_RESULT([yes])]; AC_DEFINE_UNQUOTED(HAVE_SQLITE3_PREPARE_V2, 1), [AC_MSG_RESULT([no])])
1118         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
1119         AC_TRY_COMPILE(
1120                 [#include <sqlite3.h>],
1121                 [
1122                         #if SQLITE_VERSION_NUMBER < 3003001
1123                                 #error bad sqlite
1124                         #endif
1125                 ],
1126                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])])
1127 fi
1128
1129 if test x$openssl = xtrue; then
1130         AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])])
1131         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
1132 fi
1133
1134 if test x$gcrypt = xtrue; then
1135         AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])])
1136         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
1137         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
1138         AC_TRY_COMPILE(
1139                 [#include <gcrypt.h>],
1140                 [enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;],
1141                 [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA])],
1142                 [AC_MSG_RESULT([no])]
1143         )
1144 fi
1145
1146 if test x$uci = xtrue; then
1147         AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])])
1148         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
1149 fi
1150
1151 if test x$nm = xtrue; then
1152         PKG_CHECK_MODULES(nm, [NetworkManager libnm_glib_vpn gthread-2.0])
1153         AC_SUBST(nm_CFLAGS)
1154         AC_SUBST(nm_LIBS)
1155 fi
1156
1157 if test x$eap_gtc = xtrue; then
1158         AC_HAVE_LIBRARY([pam],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])])
1159         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
1160 fi
1161
1162 if test x$capabilities = xlibcap; then
1163         AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])])
1164         AC_CHECK_HEADER([sys/capability.h],,[AC_MSG_ERROR([libcap header sys/capability.h not found!])])
1165 fi
1166
1167 if test x$integrity_test = xtrue; then
1168         AC_MSG_CHECKING([for dladdr()])
1169         AC_TRY_COMPILE(
1170                 [#define _GNU_SOURCE
1171                  #include <dlfcn.h>],
1172                 [Dl_info info; dladdr(main, &info);],
1173                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
1174                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
1175         )
1176         AC_MSG_CHECKING([for dl_iterate_phdr()])
1177         AC_TRY_COMPILE(
1178                 [#define _GNU_SOURCE
1179                  #include <link.h>],
1180                 [dl_iterate_phdr((void*)0, (void*)0);],
1181                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
1182                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
1183         )
1184 fi
1185
1186 dnl ======================================
1187 dnl  collect all plugins for libstrongswan
1188 dnl ======================================
1189
1190 libstrongswan_plugins=
1191 pluto_plugins=
1192
1193 if test x$test_vectors = xtrue; then
1194         libstrongswan_plugins=${libstrongswan_plugins}" test-vectors"
1195         pluto_plugins=${pluto_plugins}" test-vectors"
1196 fi
1197 if test x$curl = xtrue; then
1198         libstrongswan_plugins=${libstrongswan_plugins}" curl"
1199         pluto_plugins=${pluto_plugins}" curl"
1200 fi
1201 if test x$ldap = xtrue; then
1202         libstrongswan_plugins=${libstrongswan_plugins}" ldap"
1203         pluto_plugins=${pluto_plugins}" ldap"
1204 fi
1205 if test x$aes = xtrue; then
1206         libstrongswan_plugins=${libstrongswan_plugins}" aes"
1207         pluto_plugins=${pluto_plugins}" aes"
1208 fi
1209 if test x$des = xtrue; then
1210         libstrongswan_plugins=${libstrongswan_plugins}" des"
1211         pluto_plugins=${pluto_plugins}" des"
1212 fi
1213 if test x$blowfish = xtrue; then
1214         libstrongswan_plugins=${libstrongswan_plugins}" blowfish"
1215         pluto_plugins=${pluto_plugins}" blowfish"
1216 fi
1217 if test x$sha1 = xtrue; then
1218         libstrongswan_plugins=${libstrongswan_plugins}" sha1"
1219         pluto_plugins=${pluto_plugins}" sha1"
1220 fi
1221 if test x$sha2 = xtrue; then
1222         libstrongswan_plugins=${libstrongswan_plugins}" sha2"
1223         pluto_plugins=${pluto_plugins}" sha2"
1224 fi
1225 if test x$md4 = xtrue; then
1226         libstrongswan_plugins=${libstrongswan_plugins}" md4"
1227 fi
1228 if test x$md5 = xtrue; then
1229         libstrongswan_plugins=${libstrongswan_plugins}" md5"
1230         pluto_plugins=${pluto_plugins}" md5"
1231 fi
1232 if test x$fips_prf = xtrue; then
1233         libstrongswan_plugins=${libstrongswan_plugins}" fips-prf"
1234 fi
1235 if test x$random = xtrue; then
1236         libstrongswan_plugins=${libstrongswan_plugins}" random"
1237         pluto_plugins=${pluto_plugins}" random"
1238 fi
1239 if test x$x509 = xtrue; then
1240         libstrongswan_plugins=${libstrongswan_plugins}" x509"
1241 fi
1242 if test x$pubkey = xtrue; then
1243         libstrongswan_plugins=${libstrongswan_plugins}" pubkey"
1244         pluto_plugins=${pluto_plugins}" pubkey"
1245 fi
1246 if test x$pkcs1 = xtrue; then
1247         libstrongswan_plugins=${libstrongswan_plugins}" pkcs1"
1248         pluto_plugins=${pluto_plugins}" pkcs1"
1249 fi
1250 if test x$pgp = xtrue; then
1251         libstrongswan_plugins=${libstrongswan_plugins}" pgp"
1252         pluto_plugins=${pluto_plugins}" pgp"
1253 fi
1254 if test x$dnskey = xtrue; then
1255         libstrongswan_plugins=${libstrongswan_plugins}" dnskey"
1256         pluto_plugins=${pluto_plugins}" dnskey"
1257 fi
1258 if test x$pem = xtrue; then
1259         libstrongswan_plugins=${libstrongswan_plugins}" pem"
1260         pluto_plugins=${pluto_plugins}" pem"
1261 fi
1262 if test x$mysql = xtrue; then
1263         libstrongswan_plugins=${libstrongswan_plugins}" mysql"
1264 fi
1265 if test x$sqlite = xtrue; then
1266         libstrongswan_plugins=${libstrongswan_plugins}" sqlite"
1267 fi
1268 if test x$padlock = xtrue; then
1269         libstrongswan_plugins=${libstrongswan_plugins}" padlock"
1270 fi
1271 if test x$openssl = xtrue; then
1272         libstrongswan_plugins=${libstrongswan_plugins}" openssl"
1273         pluto_plugins=${pluto_plugins}" openssl"
1274 fi
1275 if test x$gcrypt = xtrue; then
1276         libstrongswan_plugins=${libstrongswan_plugins}" gcrypt"
1277         pluto_plugins=${pluto_plugins}" gcrypt"
1278 fi
1279 if test x$xcbc = xtrue; then
1280         libstrongswan_plugins=${libstrongswan_plugins}" xcbc"
1281 fi
1282 if test x$hmac = xtrue; then
1283         libstrongswan_plugins=${libstrongswan_plugins}" hmac"
1284         pluto_plugins=${pluto_plugins}" hmac"
1285 fi
1286 if test x$agent = xtrue; then
1287         libstrongswan_plugins=${libstrongswan_plugins}" agent"
1288 fi
1289 if test x$gmp = xtrue; then
1290         libstrongswan_plugins=${libstrongswan_plugins}" gmp"
1291         pluto_plugins=${pluto_plugins}" gmp"
1292 fi
1293
1294 AC_SUBST(libstrongswan_plugins)
1295 AC_SUBST(pluto_plugins)
1296
1297 dnl =========================
1298 dnl  set Makefile.am vars
1299 dnl =========================
1300
1301 dnl libstrongswan plugins
1302 dnl =====================
1303 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
1304 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
1305 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
1306 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
1307 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
1308 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
1309 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
1310 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
1311 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
1312 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
1313 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
1314 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
1315 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
1316 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
1317 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
1318 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
1319 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
1320 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
1321 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
1322 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
1323 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
1324 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
1325 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
1326 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
1327 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
1328 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
1329 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
1330
1331 dnl charon plugins
1332 dnl ==============
1333 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
1334 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
1335 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
1336 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
1337 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
1338 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
1339 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
1340 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
1341 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
1342 AM_CONDITIONAL(USE_RESOLV_CONF, test x$resolvconf = xtrue)
1343 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unittest = xtrue)
1344 AM_CONDITIONAL(USE_LOAD_TESTS, test x$loadtest = xtrue)
1345 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
1346 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
1347 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
1348 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
1349 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
1350 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
1351 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
1352 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
1353 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
1354 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
1355 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
1356 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
1357
1358 dnl other options
1359 dnl =============
1360 AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue)
1361 AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue)
1362 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
1363 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
1364 AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue)
1365 AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue)
1366 AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue)
1367 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
1368 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
1369 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
1370 AM_CONDITIONAL(USE_ME, test x$me = xtrue)
1371 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
1372 AM_CONDITIONAL(USE_CAPABILITIES, test x$capabilities = xlibcap)
1373 AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)
1374 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
1375 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
1376 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
1377 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
1378 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$tools = xtrue)
1379 AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)
1380 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
1381
1382 dnl ==============================
1383 dnl  set global definitions
1384 dnl ==============================
1385
1386 if test x$me = xtrue; then
1387         AC_DEFINE(ME)
1388 fi
1389 if test x$capabilities = xlibcap; then
1390         AC_DEFINE(CAPABILITIES)
1391 fi
1392
1393 dnl ==============================
1394 dnl  build Makefiles
1395 dnl ==============================
1396
1397 AC_OUTPUT(
1398         Makefile
1399         src/Makefile
1400         src/include/Makefile
1401         src/libstrongswan/Makefile
1402         src/libstrongswan/plugins/aes/Makefile
1403         src/libstrongswan/plugins/des/Makefile
1404         src/libstrongswan/plugins/blowfish/Makefile
1405         src/libstrongswan/plugins/md4/Makefile
1406         src/libstrongswan/plugins/md5/Makefile
1407         src/libstrongswan/plugins/sha1/Makefile
1408         src/libstrongswan/plugins/sha2/Makefile
1409         src/libstrongswan/plugins/fips_prf/Makefile
1410         src/libstrongswan/plugins/gmp/Makefile
1411         src/libstrongswan/plugins/random/Makefile
1412         src/libstrongswan/plugins/hmac/Makefile
1413         src/libstrongswan/plugins/xcbc/Makefile
1414         src/libstrongswan/plugins/x509/Makefile
1415         src/libstrongswan/plugins/pubkey/Makefile
1416         src/libstrongswan/plugins/pkcs1/Makefile
1417         src/libstrongswan/plugins/pgp/Makefile
1418         src/libstrongswan/plugins/dnskey/Makefile
1419         src/libstrongswan/plugins/pem/Makefile
1420         src/libstrongswan/plugins/curl/Makefile
1421         src/libstrongswan/plugins/ldap/Makefile
1422         src/libstrongswan/plugins/mysql/Makefile
1423         src/libstrongswan/plugins/sqlite/Makefile
1424         src/libstrongswan/plugins/padlock/Makefile
1425         src/libstrongswan/plugins/openssl/Makefile
1426         src/libstrongswan/plugins/gcrypt/Makefile
1427         src/libstrongswan/plugins/agent/Makefile
1428         src/libstrongswan/plugins/test_vectors/Makefile
1429         src/libfreeswan/Makefile
1430         src/pluto/Makefile
1431         src/whack/Makefile
1432         src/charon/Makefile
1433         src/charon/plugins/eap_aka/Makefile
1434         src/charon/plugins/eap_identity/Makefile
1435         src/charon/plugins/eap_md5/Makefile
1436         src/charon/plugins/eap_gtc/Makefile
1437         src/charon/plugins/eap_sim/Makefile
1438         src/charon/plugins/eap_sim_file/Makefile
1439         src/charon/plugins/eap_mschapv2/Makefile
1440         src/charon/plugins/eap_radius/Makefile
1441         src/charon/plugins/kernel_netlink/Makefile
1442         src/charon/plugins/kernel_pfkey/Makefile
1443         src/charon/plugins/kernel_pfroute/Makefile
1444         src/charon/plugins/kernel_klips/Makefile
1445         src/charon/plugins/smp/Makefile
1446         src/charon/plugins/sql/Makefile
1447         src/charon/plugins/medsrv/Makefile
1448         src/charon/plugins/medcli/Makefile
1449         src/charon/plugins/nm/Makefile
1450         src/charon/plugins/uci/Makefile
1451         src/charon/plugins/stroke/Makefile
1452         src/charon/plugins/updown/Makefile
1453         src/charon/plugins/attr/Makefile
1454         src/charon/plugins/resolv_conf/Makefile
1455         src/charon/plugins/unit_tester/Makefile
1456         src/charon/plugins/load_tester/Makefile
1457         src/stroke/Makefile
1458         src/ipsec/Makefile
1459         src/starter/Makefile
1460         src/_updown/Makefile
1461         src/_updown_espmark/Makefile
1462         src/_copyright/Makefile
1463         src/openac/Makefile
1464         src/scepclient/Makefile
1465         src/pki/Makefile
1466         src/dumm/Makefile
1467         src/dumm/ext/extconf.rb
1468         src/libfast/Makefile
1469         src/manager/Makefile
1470         src/medsrv/Makefile
1471         src/checksum/Makefile
1472         scripts/Makefile
1473         testing/Makefile
1474 )