7d507966e7308a0531537d9c01df0a3bb576d228
[strongswan.git] / configure.in
1 dnl  configure.in for linux strongSwan
2 dnl  Copyright (C) 2006 Martin Willi
3 dnl  Hochschule fuer Technik Rapperswil
4 dnl
5 dnl  This program is free software; you can redistribute it and/or modify it
6 dnl  under the terms of the GNU General Public License as published by the
7 dnl  Free Software Foundation; either version 2 of the License, or (at your
8 dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9 dnl
10 dnl  This program is distributed in the hope that it will be useful, but
11 dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13 dnl  for more details.
14
15 dnl ===========================
16 dnl  initialize & set some vars
17 dnl ===========================
18
19 AC_INIT(strongSwan,4.3.5)
20 AM_INIT_AUTOMAKE(tar-ustar)
21 AC_SUBST(confdir, '${sysconfdir}')
22 PKG_PROG_PKG_CONFIG
23
24 dnl =================================
25 dnl  check --enable-xxx & --with-xxx
26 dnl =================================
27
28 AC_ARG_WITH(
29         [default-pkcs11],
30         AS_HELP_STRING([--with-default-pkcs11=lib],[set the default PKCS11 library other than "/usr/lib/opensc-pkcs11.so"]),
31         [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "$withval")],
32         [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "/usr/lib/opensc-pkcs11.so")]
33 )
34
35 AC_ARG_WITH(
36         [xauth-module],
37         AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]),
38         [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")],
39 )
40
41 AC_ARG_WITH(
42         [random-device],
43         AS_HELP_STRING([--with-random-device=dev],[set the device for real random data other than "/dev/random"]),
44         [AC_DEFINE_UNQUOTED(DEV_RANDOM, "$withval")],
45         [AC_DEFINE_UNQUOTED(DEV_RANDOM, "/dev/random")]
46 )
47 AC_ARG_WITH(
48         [resolv-conf],
49         AS_HELP_STRING([--with-resolv-conf=file],[set the file to use in DNS handler plugin other than "sysconfdir/resolv.conf"]),
50         [AC_SUBST(resolv_conf, "$withval")],
51         [AC_SUBST(resolv_conf, "${sysconfdir}/resolv.conf")]
52 )
53
54 AC_ARG_WITH(
55         [strongswan-conf],
56         AS_HELP_STRING([--with-strongswan-conf=file],[strongswan.conf file other than "sysconfdir/strongswan.conf"]),
57         [AC_SUBST(strongswan_conf, "$withval")],
58         [AC_SUBST(strongswan_conf, "${sysconfdir}/strongswan.conf")]
59 )
60
61 AC_ARG_WITH(
62         [urandom-device],
63         AS_HELP_STRING([--with-urandom-device=dev],[set the device for pseudo random data other than "/dev/urandom"]),
64         [AC_DEFINE_UNQUOTED(DEV_URANDOM, "$withval")],
65         [AC_DEFINE_UNQUOTED(DEV_URANDOM, "/dev/urandom")]
66 )
67
68 AC_ARG_WITH(
69         [piddir],
70         AS_HELP_STRING([--with-piddir=dir],[path for PID and UNIX socket files other than "/var/run"]),
71         [AC_SUBST(piddir, "$withval")],
72         [AC_SUBST(piddir, "/var/run")]
73 )
74
75 AC_ARG_WITH(
76         [ipsecdir],
77         AS_HELP_STRING([--with-ipsecdir=dir],[installation path for ipsec tools other than "libexecdir/ipsec"]),
78         [AC_SUBST(ipsecdir, "$withval")],
79         [AC_SUBST(ipsecdir, "${libexecdir%/}/ipsec")]
80 )
81 AC_SUBST(plugindir, "${ipsecdir%/}/plugins")
82
83 AC_ARG_WITH(
84         [plugindir],
85         AS_HELP_STRING([--with-plugindir=dir],[installation path for plugins other than "ipsecdir/plugins"]),
86         [AC_SUBST(plugindir, "$withval")],
87         [AC_SUBST(plugindir, "${ipsecdir%/}/plugins")]
88 )
89
90 AC_ARG_WITH(
91         [sim-reader],
92         AS_HELP_STRING([--with-sim-reader=library.so],[library containing the sim_run_alg()/sim_get_triplet() function for EAP-SIM]),
93         [AC_SUBST(simreader, "$withval")],
94         [AC_SUBST(simreader, "${plugindir%/}/libeapsim-file.so")]
95 )
96
97 AC_ARG_WITH(
98         [linux-headers],
99         AS_HELP_STRING([--with-linux-headers=dir],[use the linux header files in dir instead of the supplied ones in "src/include"]),
100         [AC_SUBST(linuxdir, "$withval")], [AC_SUBST(linuxdir, "\${top_srcdir}/src/include")]
101 )
102 AC_SUBST(LINUX_HEADERS)
103
104 AC_ARG_WITH(
105         [routing-table],
106         AS_HELP_STRING([--with-routing-table=num],[use routing table for IPsec routes (default: 220)]),
107         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, $withval) AC_SUBST(IPSEC_ROUTING_TABLE, "$withval")], 
108         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, 220) AC_SUBST(IPSEC_ROUTING_TABLE, "220")]
109 )
110
111 AC_ARG_WITH(
112         [routing-table-prio],
113         AS_HELP_STRING([--with-routing-table-prio=prio],[priority for IPsec routing table (default: 220)]),
114         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, $withval) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "$withval")], 
115         [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, 220) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "220")]
116 )
117
118 AC_ARG_WITH(
119         [uid],,[AC_MSG_ERROR([--with-uid is gone, use --with-user instead!])]
120 )
121
122 AC_ARG_WITH(
123         [gid],,[AC_MSG_ERROR([--with-gid is gone, use --with-group instead!])]
124 )
125
126 AC_ARG_WITH(
127         [user],
128         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
129         [AC_DEFINE_UNQUOTED(IPSEC_USER, "$withval") AC_SUBST(ipsecuser, "$withval")],
130         [AC_SUBST(ipsecuser, "root")]
131 )
132
133 AC_ARG_WITH(
134         [group],
135         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
136         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval") AC_SUBST(ipsecgroup, "$withval")],
137         [AC_SUBST(ipsecgroup, "root")]
138 )
139
140 dnl Will be extended to --with-capabilities=libcap|libcap2
141 AC_ARG_WITH(
142         [capabilities],
143         AS_HELP_STRING([--with-capabilities=libcap],[capability dropping using libcap. Currenlty only the value "libcap" is supported (default is NO).]),
144         [capabilities="$withval"],
145         [capabilities=no]
146 )
147
148 AC_ARG_ENABLE(
149         [curl],
150         AS_HELP_STRING([--enable-curl],[enable CURL fetcher plugin to fetch files via libcurl (default is NO). Requires libcurl.]),
151         [if test x$enableval = xyes; then
152                 curl=true
153         fi]
154 )
155
156 AC_ARG_ENABLE(
157         [ldap],
158         AS_HELP_STRING([--enable-ldap],[enable LDAP fetching plugin to fetch files via libldap (default is NO). Requires openLDAP.]),
159         [if test x$enableval = xyes; then
160                 ldap=true
161         fi]
162 )
163
164 AC_ARG_ENABLE(
165         [aes],
166         AS_HELP_STRING([--disable-aes],[disable own AES software implementation plugin. (default is NO).]),
167         [if test x$enableval = xyes; then
168                 aes=true
169          else
170                 aes=false
171         fi],
172         aes=true
173 )
174
175 AC_ARG_ENABLE(
176         [des],
177         AS_HELP_STRING([--disable-des],[disable own DES/3DES software implementation plugin. (default is NO).]),
178         [if test x$enableval = xyes; then
179                 des=true
180          else
181                 des=false
182         fi],
183         des=true
184 )
185
186 AC_ARG_ENABLE(
187         [blowfish],
188         AS_HELP_STRING([--enable-blowfish],[enable Blowfish software implementation plugin (default is NO).]),
189         [if test x$enableval = xyes; then
190                 blowfish=true
191         fi]
192 )
193
194 AC_ARG_ENABLE(
195         [md4],
196         AS_HELP_STRING([--enable-md4],[enable MD4 software implementation plugin (default is NO).]),
197         [if test x$enableval = xyes; then
198                 md4=true
199         fi]
200 )
201
202 AC_ARG_ENABLE(
203         [md5],
204         AS_HELP_STRING([--disable-md5],[disable own MD5 software implementation plugin. (default is NO).]),
205         [if test x$enableval = xyes; then
206                 md5=true
207          else
208                 md5=false
209         fi],
210         md5=true
211 )
212
213 AC_ARG_ENABLE(
214         [sha1],
215         AS_HELP_STRING([--disable-sha1],[disable own SHA1 software implementation plugin. (default is NO).]),
216         [if test x$enableval = xyes; then
217                 sha1=true
218          else
219                 sha1=false
220         fi],
221         sha1=true
222 )
223
224 AC_ARG_ENABLE(
225         [sha2],
226         AS_HELP_STRING([--disable-sha2],[disable own SHA256/SHA384/SHA512 software implementation plugin. (default is NO).]),
227         [if test x$enableval = xyes; then
228                 sha2=true
229          else
230                 sha2=false
231         fi],
232         sha2=true
233 )
234
235 AC_ARG_ENABLE(
236         [fips-prf],
237         AS_HELP_STRING([--disable-fips-prf],[disable FIPS PRF software implementation plugin. (default is NO).]),
238         [if test x$enableval = xyes; then
239                 fips_prf=true
240          else
241                 fips_prf=false
242         fi],
243         fips_prf=true
244 )
245
246 AC_ARG_ENABLE(
247         [gmp],
248         AS_HELP_STRING([--disable-gmp],[disable own GNU MP (libgmp) based crypto implementation plugin. (default is NO).]),
249         [if test x$enableval = xyes; then
250                 gmp=true
251          else
252                 gmp=false
253         fi],
254         gmp=true
255 )
256
257 AC_ARG_ENABLE(
258         [random],
259         AS_HELP_STRING([--disable-random],[disable RNG implementation on top of /dev/(u)random. (default is NO).]),
260         [if test x$enableval = xyes; then
261                 random=true
262          else
263                 random=false
264         fi],
265         random=true
266 )
267
268 AC_ARG_ENABLE(
269         [x509],
270         AS_HELP_STRING([--disable-x509],[disable own X509 certificate implementation plugin. (default is NO).]),
271         [if test x$enableval = xyes; then
272                 x509=true
273          else
274                 x509=false
275         fi],
276         x509=true
277 )
278
279 AC_ARG_ENABLE(
280         [pubkey],
281         AS_HELP_STRING([--disable-pubkey],[disable RAW public key support plugin. (default is NO).]),
282         [if test x$enableval = xyes; then
283                 pubkey=true
284          else
285                 pubkey=false
286         fi],
287         pubkey=true
288 )
289
290 AC_ARG_ENABLE(
291         [pkcs1],
292         AS_HELP_STRING([--disable-pkcs1],[disable PKCS1 key decoding plugin. (default is NO).]),
293         [if test x$enableval = xyes; then
294                 pkcs1=true
295          else
296                 pkcs1=false
297         fi],
298         pkcs1=true
299 )
300
301 AC_ARG_ENABLE(
302         [pgp],
303         AS_HELP_STRING([--disable-pgp],[disable PGP key decoding plugin. (default is NO).]),
304         [if test x$enableval = xyes; then
305                 pgp=true
306          else
307                 pgp=false
308         fi],
309         pgp=true
310 )
311
312 AC_ARG_ENABLE(
313         [dnskey],
314         AS_HELP_STRING([--disable-dnskey],[disable DNS RR key decoding plugin. (default is NO).]),
315         [if test x$enableval = xyes; then
316                 dnskey=true
317          else
318                 dnskey=false
319         fi],
320         dnskey=true
321 )
322
323 AC_ARG_ENABLE(
324         [pem],
325         AS_HELP_STRING([--disable-pem],[disable PEM decoding plugin. (default is NO).]),
326         [if test x$enableval = xyes; then
327                 pem=true
328          else
329                 pem=false
330         fi],
331         pem=true
332 )
333
334 AC_ARG_ENABLE(
335         [hmac],
336         AS_HELP_STRING([--disable-hmac],[disable HMAC crypto implementation plugin. (default is NO).]),
337         [if test x$enableval = xyes; then
338                 hmac=true
339          else
340                 hmac=false
341         fi],
342         hmac=true
343 )
344
345 AC_ARG_ENABLE(
346         [xcbc],
347         AS_HELP_STRING([--disable-xcbc],[disable xcbc crypto implementation plugin. (default is NO).]),
348         [if test x$enableval = xyes; then
349                 xcbc=true
350          else
351                 xcbc=false
352         fi],
353         xcbc=true
354 )
355
356 AC_ARG_ENABLE(
357         [test-vectors],
358         AS_HELP_STRING([--enable-test-vectors],[enable plugin providing crypto test vectors (default is NO).]),
359         [if test x$enableval = xyes; then
360                 test_vectors=true
361         fi]
362 )
363
364 AC_ARG_ENABLE(
365         [mysql],
366         AS_HELP_STRING([--enable-mysql],[enable MySQL database support (default is NO). Requires libmysqlclient_r.]),
367         [if test x$enableval = xyes; then
368                 mysql=true
369         fi]
370 )
371
372 AC_ARG_ENABLE(
373         [sqlite],
374         AS_HELP_STRING([--enable-sqlite],[enable SQLite database support (default is NO). Requires libsqlite3.]),
375         [if test x$enableval = xyes; then
376                 sqlite=true
377         fi]
378 )
379
380 AC_ARG_ENABLE(
381         [stroke],
382         AS_HELP_STRING([--disable-stroke],[disable charons stroke (pluto compatibility) configuration backend. (default is NO).]),
383         [if test x$enableval = xyes; then
384                 stroke=true
385          else
386                 stroke=false
387         fi],
388         stroke=true
389 )
390
391 AC_ARG_ENABLE(
392         [medsrv],
393         AS_HELP_STRING([--enable-medsrv],[enable mediation server web frontend and daemon plugin (default is NO).]),
394         [if test x$enableval = xyes; then
395                 medsrv=true
396         fi]
397 )
398
399 AC_ARG_ENABLE(
400         [medcli],
401         AS_HELP_STRING([--enable-medcli],[enable mediation client configuration database plugin (default is NO).]),
402         [if test x$enableval = xyes; then
403                 medcli=true
404         fi]
405 )
406
407 AC_ARG_ENABLE(
408         [smp],
409         AS_HELP_STRING([--enable-smp],[enable SMP configuration and control interface (default is NO). Requires libxml.]),
410         [if test x$enableval = xyes; then
411                 smp=true
412         fi]
413 )
414
415 AC_ARG_ENABLE(
416         [sql],
417         AS_HELP_STRING([--enable-sql],[enable SQL database configuration backend (default is NO).]),
418         [if test x$enableval = xyes; then
419                 sql=true
420         fi]
421 )
422
423 AC_ARG_ENABLE(
424         [smartcard],
425         AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]),
426         [if test x$enableval = xyes; then
427                 smartcard=true
428         fi]
429 )
430
431 AC_ARG_ENABLE(
432         [cisco-quirks],
433         AS_HELP_STRING([--enable-cisco-quirks],[enable support of Cisco VPN client (default is NO).]),
434         [if test x$enableval = xyes; then
435                 cisco_quirks=true
436         fi]
437 )
438
439 AC_ARG_ENABLE(
440         [leak-detective],
441         AS_HELP_STRING([--enable-leak-detective],[enable malloc hooks to find memory leaks (default is NO).]),
442         [if test x$enableval = xyes; then
443                 leak_detective=true
444         fi]
445 )
446
447 AC_ARG_ENABLE(
448         [lock-profiler],
449         AS_HELP_STRING([--enable-lock-profiler],[enable lock/mutex profiling code (default is NO).]),
450         [if test x$enableval = xyes; then
451                 lock_profiler=true
452         fi]
453 )
454
455 AC_ARG_ENABLE(
456         [unit-tests],
457         AS_HELP_STRING([--enable-unit-tests],[enable unit tests on IKEv2 daemon startup (default is NO).]),
458         [if test x$enableval = xyes; then
459                 unittest=true
460         fi]
461 )
462
463 AC_ARG_ENABLE(
464         [load-tests],
465         AS_HELP_STRING([--enable-load-tests],[enable load testing plugin for IKEv2 daemon (default is NO).]),
466         [if test x$enableval = xyes; then
467                 loadtest=true
468         fi]
469 )
470
471 AC_ARG_ENABLE(
472         [eap-sim],
473         AS_HELP_STRING([--enable-eap-sim],[build SIM authenication module for EAP (default is NO).]),
474         [if test x$enableval = xyes; then
475                 eap_sim=true
476         fi]
477 )
478
479 AC_ARG_ENABLE(
480         [eap-sim-file],
481         AS_HELP_STRING([--enable-eap-sim-file],[build EAP-SIM backend based on a triplet file (default is NO).]),
482         [if test x$enableval = xyes; then
483                 eap_sim_file=true
484         fi]
485 )
486
487 AC_ARG_ENABLE(
488         [eap-identity],
489         AS_HELP_STRING([--enable-eap-identity],[build EAP module providing EAP-Identity helper (default is NO).]),
490         [if test x$enableval = xyes; then
491                 eap_identity=true
492         fi]
493 )
494
495 AC_ARG_ENABLE(
496         [eap-md5],
497         AS_HELP_STRING([--enable-eap-md5],[build MD5 (CHAP) authenication module for EAP (default is NO).]),
498         [if test x$enableval = xyes; then
499                 eap_md5=true
500         fi]
501 )
502
503 AC_ARG_ENABLE(
504         [eap-gtc],
505         AS_HELP_STRING([--enable-eap-gtc],[build PAM based GTC authenication module for EAP (default is NO).]),
506         [if test x$enableval = xyes; then
507                 eap_gtc=true
508         fi]
509 )
510
511 AC_ARG_ENABLE(
512         [eap-aka],
513         AS_HELP_STRING([--enable-eap-aka],[build AKA authentication module for EAP (default is NO).]),
514         [if test x$enableval = xyes; then
515                 eap_aka=true
516         fi]
517 )
518
519 AC_ARG_ENABLE(
520         [eap-mschapv2],
521         AS_HELP_STRING([--enable-eap-mschapv2],[build MS-CHAPv2 authenication module for EAP (default is NO).]),
522         [if test x$enableval = xyes; then
523                 eap_mschapv2=true
524         fi]
525 )
526
527 AC_ARG_ENABLE(
528         [eap-radius],
529         AS_HELP_STRING([--enable-eap-radius],[build RADIUS proxy authenication module for EAP (default is NO).]),
530         [if test x$enableval = xyes; then
531                 eap_radius=true
532         fi]
533 )
534
535 AC_ARG_ENABLE(
536         [kernel-netlink],
537         AS_HELP_STRING([--disable-kernel-netlink],[disable the netlink kernel interface. (default is NO).]),
538         [if test x$enableval = xyes; then
539                 kernel_netlink=true
540          else
541                 kernel_netlink=false
542         fi],
543         kernel_netlink=true
544 )
545
546 AC_ARG_ENABLE(
547         [kernel-pfkey],
548         AS_HELP_STRING([--enable-kernel-pfkey],[enable the PF_KEY kernel interface. (default is NO).]),
549         [if test x$enableval = xyes; then
550                 kernel_pfkey=true
551         fi]
552 )
553
554 AC_ARG_ENABLE(
555         [kernel-pfroute],
556         AS_HELP_STRING([--enable-kernel-pfroute],[enable the PF_ROUTE kernel interface. (default is NO).]),
557         [if test x$enableval = xyes; then
558                 kernel_pfroute=true
559         fi]
560 )
561
562 AC_ARG_ENABLE(
563         [kernel-klips],
564         AS_HELP_STRING([--enable-kernel-klips],[enable the KLIPS kernel interface. (default is NO).]),
565         [if test x$enableval = xyes; then
566                 kernel_klips=true
567         fi]
568 )
569
570 AC_ARG_ENABLE(
571         [nat-transport],
572         AS_HELP_STRING([--enable-nat-transport],[enable NAT traversal with IPsec transport mode (default is NO).]),
573         [if test x$enableval = xyes; then
574                 nat_transport=true
575         fi]
576 )
577
578 AC_ARG_ENABLE(
579         [vendor-id],
580         AS_HELP_STRING([--disable-vendor-id],[disable the sending of the strongSwan vendor ID (default is NO).]),
581         [if test x$enableval = xyes; then
582                 vendor_id=true
583          else
584                 vendor_id=false
585         fi],
586         vendor_id=true
587 )
588
589 AC_ARG_ENABLE(
590         [xauth-vid],
591         AS_HELP_STRING([--disable-xauth-vid],[disable the sending of the XAUTH vendor ID (default is NO).]),
592         [if test x$enableval = xyes; then
593                 xauth_vid=true
594          else
595                 xauth_vid=false
596         fi],
597         xauth_vid=true
598 )
599
600 AC_ARG_ENABLE(
601         [dumm],
602         AS_HELP_STRING([--enable-dumm],[build the DUMM UML test framework (default is NO).]),
603         [if test x$enableval = xyes; then
604                 dumm=true
605         fi]
606 )
607
608 AC_ARG_ENABLE(
609         [fast],
610         AS_HELP_STRING([--enable-fast],[build libfast (FastCGI Application Server w/ templates (default is NO).]),
611         [if test x$enableval = xyes; then
612                 fast=true
613         fi]
614 )
615
616 AC_ARG_ENABLE(
617         [manager],
618         AS_HELP_STRING([--enable-manager],[build web management console (default is NO).]),
619         [if test x$enableval = xyes; then
620                 manager=true
621                 xml=true
622         fi]
623 )
624
625 AC_ARG_ENABLE(
626         [mediation],
627         AS_HELP_STRING([--enable-mediation],[enable IKEv2 Mediation Extension (default is NO).]),
628         [if test x$enableval = xyes; then
629                 me=true
630         fi]
631 )
632
633 AC_ARG_ENABLE(
634         [integrity-test],
635         AS_HELP_STRING([--enable-integrity-test],[enable integrity testing of libstrongswan and plugins (default is NO).]),
636         [if test x$enableval = xyes; then
637                 integrity_test=true 
638         fi]
639 )
640
641 AC_ARG_ENABLE(
642         [pluto],
643         AS_HELP_STRING([--disable-pluto],[disable the IKEv1 keying daemon pluto. (default is NO).]),
644         [if test x$enableval = xyes; then
645                 pluto=true
646          else
647                 pluto=false
648         fi],
649         pluto=true
650 )
651
652 AC_ARG_ENABLE(
653         [threads],
654         AS_HELP_STRING([--disable-threads],[disable the use of threads in pluto. Charon always uses threads. (default is NO).]),
655         [if test x$enableval = xyes; then
656                 threads=true
657          else
658                 threads=false
659         fi],
660         threads=true
661 )
662
663 AC_ARG_ENABLE(
664         [charon],
665         AS_HELP_STRING([--disable-charon],[disable the IKEv2 keying daemon charon. (default is NO).]),
666         [if test x$enableval = xyes; then
667                 charon=true
668          else
669                 charon=false
670         fi],
671         charon=true
672 )
673
674 AC_ARG_ENABLE(
675         [tools],
676         AS_HELP_STRING([--disable-tools],[disable additional utilities (openac, scepclient and pki). (default is NO).]),
677         [if test x$enableval = xyes; then
678                 tools=true
679          else
680                 tools=false
681         fi],
682         tools=true
683 )
684
685 AC_ARG_ENABLE(
686         [scripts],
687         AS_HELP_STRING([--disable-scripts],[disable additional utilities (found in directory scripts). (default is NO).]),
688         [if test x$enableval = xyes; then
689                 scripts=true
690          else
691                 scripts=false
692         fi],
693         scripts=true
694 )
695
696 AC_ARG_ENABLE(
697         [updown],
698         AS_HELP_STRING([--disable-updown],[disable updown firewall script plugin. (default is NO).]),
699         [if test x$enableval = xyes; then
700                 updown=true
701          else
702                 updown=false
703         fi],
704         updown=true
705 )
706
707 AC_ARG_ENABLE(
708         [attr],
709         AS_HELP_STRING([--disable-attr],[disable strongswan.conf based configuration attribute plugin. (default is NO).]),
710         [if test x$enableval = xyes; then
711                 attr=true
712          else
713                 attr=false
714         fi],
715         attr=true
716 )
717
718 AC_ARG_ENABLE(
719         [resolv-conf],
720         AS_HELP_STRING([--disable-resolv-conf],[disable resolv.conf DNS handler plugin. (default is NO).]),
721         [if test x$enableval = xyes; then
722                 resolvconf=true
723          else
724                 resolvconf=false
725         fi],
726         resolvconf=true
727 )
728
729 AC_ARG_ENABLE(
730         [padlock],
731         AS_HELP_STRING([--enable-padlock],[enables VIA Padlock crypto plugin. (default is NO).]),
732         [if test x$enableval = xyes; then
733                 padlock=true
734          else
735                 padlock=false
736         fi],
737 )
738
739 AC_ARG_ENABLE(
740         [openssl],
741         AS_HELP_STRING([--enable-openssl],[enables the OpenSSL crypto plugin. (default is NO).]),
742         [if test x$enableval = xyes; then
743                 openssl=true
744          else
745                 openssl=false
746         fi],
747 )
748
749 AC_ARG_ENABLE(
750         [gcrypt],
751         AS_HELP_STRING([--enable-gcrypt],[enables the libgcrypt plugin. (default is NO).]),
752         [if test x$enableval = xyes; then
753                 gcrypt=true
754          else
755                 gcrypt=false
756         fi],
757 )
758
759 AC_ARG_ENABLE(
760         [agent],
761         AS_HELP_STRING([--enable-agent],[enables the ssh-agent signing plugin. (default is NO).]),
762         [if test x$enableval = xyes; then
763                 agent=true
764          else
765                 agent=false
766         fi],
767 )
768
769 AC_ARG_ENABLE(
770         [uci],
771         AS_HELP_STRING([--enable-uci],[enable OpenWRT UCI configuration plugin (default is NO).]),
772         [if test x$enableval = xyes; then
773                 uci=true
774         fi]
775 )
776
777 AC_ARG_ENABLE(
778         [nm],
779         AS_HELP_STRING([--enable-nm],[enable NetworkManager plugin (default is NO).]),
780         [if test x$enableval = xyes; then
781                 nm=true
782         fi]
783 )
784
785 AC_ARG_ENABLE(
786         [vstr],
787         AS_HELP_STRING([--enable-vstr],[enforce using the Vstr string library to replace glibc-like printf hooks (default is NO).]),
788         [if test x$enableval = xyes; then
789                 vstr=true
790         fi]
791 )
792
793 dnl =========================
794 dnl  set up compiler and flags
795 dnl =========================
796
797 if test -z "$CFLAGS"; then
798         CFLAGS="-g -O2 -Wall -Wno-format -Wno-pointer-sign -Wno-strict-aliasing"
799 fi
800 AC_PROG_CC
801 AC_LIB_PREFIX
802 AC_C_BIGENDIAN
803
804 dnl =========================
805 dnl  check required programs
806 dnl =========================
807
808 AC_PROG_INSTALL
809 AC_PROG_LIBTOOL
810 AC_PROG_EGREP
811 AC_PROG_AWK
812 AC_PROG_LEX
813 AC_PROG_YACC
814 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
815 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
816
817 dnl because gperf is not needed by end-users we just report it but do not abort on failure
818 AC_MSG_CHECKING([gperf version >= 3.0.0])
819 if test -x "$GPERF"; then
820         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
821                 AC_MSG_RESULT([yes])
822         else
823                 AC_MSG_RESULT([no])
824         fi
825 else
826         AC_MSG_RESULT([not found])
827 fi
828
829 dnl translate user/group to numercial ids
830 AC_MSG_CHECKING([for uid of user "$ipsecuser"])
831 ipsecuid=`id -u $ipsecuser 2>/dev/null`
832 if test -n "$ipsecuid"; then
833         AC_MSG_RESULT([$ipsecuid])
834         AC_SUBST(ipsecuid)
835 else
836         AC_MSG_ERROR([not found])
837 fi
838 AC_MSG_CHECKING([for gid of group "$ipsecgroup"])
839 ipsecgid=`$EGREP "^$ipsecgroup:" /etc/group | $AWK -F: '{ print $3 }'`
840 if test -n "$ipsecgid"; then
841         AC_MSG_RESULT([$ipsecgid])
842         AC_SUBST(ipsecgid)
843 else
844         AC_MSG_ERROR([not found])
845 fi
846
847 dnl =========================
848 dnl  dependency calculation
849 dnl =========================
850
851 if test x$eap_aka = xtrue; then
852         gmp=true;
853         fips_prf=true;
854         sha1=true;
855 fi
856
857 if test x$eap_sim = xtrue; then
858         fips_prf=true;
859 fi
860
861 if test x$fips_prf = xtrue; then
862         sha1=true;
863 fi
864
865 if test x$smp = xtrue; then
866         xml=true
867 fi
868
869 if test x$manager = xtrue; then
870         fast=true
871 fi
872
873 if test x$medsrv = xtrue; then
874         me=true
875         fast=true
876 fi
877
878 if test x$medcli = xtrue; then
879         me=true
880 fi
881
882 dnl ===========================================
883 dnl  check required libraries and header files
884 dnl ===========================================
885
886 AC_HEADER_STDBOOL
887 AC_FUNC_ALLOCA
888
889 dnl libraries needed on some platforms but not on others
890 dnl ====================================================
891 saved_LIBS=$LIBS
892
893 dnl FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
894 LIBS=""
895 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
896 AC_SUBST(DLLIB)
897
898 dnl glibc's backtrace() can be replicated on FreeBSD with libexecinfo
899 LIBS=""
900 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
901 AC_CHECK_FUNCS(backtrace)
902 AC_SUBST(BTLIB)
903
904 dnl OpenSolaris needs libsocket and libnsl for socket()
905 LIBS=""
906 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
907         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
908 )
909 AC_SUBST(SOCKLIB)
910
911 dnl FreeBSD has clock_gettime in libc, Linux needs librt
912 LIBS=""
913 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
914 AC_CHECK_FUNCS(clock_gettime)
915 AC_SUBST(RTLIB)
916
917 LIBS=$saved_LIBS
918 dnl ======================
919
920 AC_MSG_CHECKING(for dladdr)
921 AC_TRY_COMPILE(
922         [#define _GNU_SOURCE
923          #include <dlfcn.h>],
924         [Dl_info* info = 0;
925          dladdr(0, info);],
926         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR])],
927         [AC_MSG_RESULT([no])]
928 )
929
930 dnl check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
931 saved_LIBS=$LIBS
932 LIBS="-lpthread"
933 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
934 AC_TRY_RUN(
935         [#include <pthread.h>
936          int main() { pthread_condattr_t attr;
937                 pthread_condattr_init(&attr);
938                 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}],
939         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])],
940         [AC_MSG_RESULT([no])]
941 )
942 LIBS=$saved_LIBS
943
944 AC_CHECK_FUNCS(prctl)
945
946 AC_CHECK_HEADERS(sys/sockio.h)
947 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
948
949 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
950 [
951         #include <sys/types.h>
952         #include <sys/socket.h>
953 ])
954
955 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
956 [
957         #include <sys/types.h>
958         #ifdef HAVE_NET_PFKEYV2_H
959         #include <net/pfkeyv2.h>
960         #else
961         #include <stdint.h>
962         #include <linux/pfkeyv2.h>
963         #endif
964 ])
965
966 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
967 AC_TRY_COMPILE(
968         [#include <sys/types.h>
969         #ifdef HAVE_NETIPSEC_IPSEC_H
970         #include <netipsec/ipsec.h>
971         #elif defined(HAVE_NETINET6_IPSEC_H)
972         #include <netinet6/ipsec.h>
973         #else
974         #include <stdint.h>
975         #include <linux/ipsec.h>
976         #endif],
977         [int mode = IPSEC_MODE_BEET;
978          return mode;],
979         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_MODE_BEET])],
980         [AC_MSG_RESULT([no])]
981 )
982
983 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
984 AC_TRY_COMPILE(
985         [#include <sys/types.h>
986         #ifdef HAVE_NETIPSEC_IPSEC_H
987         #include <netipsec/ipsec.h>
988         #elif defined(HAVE_NETINET6_IPSEC_H)
989         #include <netinet6/ipsec.h>
990         #else
991         #include <stdint.h>
992         #include <linux/ipsec.h>
993         #endif],
994         [int dir = IPSEC_DIR_FWD;
995          return dir;],
996         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_DIR_FWD])],
997         [AC_MSG_RESULT([no])]
998 )
999
1000 AC_MSG_CHECKING([for gcc atomic operations])
1001 AC_TRY_RUN(
1002 [
1003         int main() {
1004                 volatile int ref = 1;
1005                 __sync_fetch_and_add (&ref, 1);
1006                 __sync_sub_and_fetch (&ref, 1);
1007                 /* Make sure test fails if operations are not supported */
1008                 __sync_val_compare_and_swap(&ref, 1, 0);
1009                 return ref;
1010         }
1011 ],
1012 [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_GCC_ATOMIC_OPERATIONS)],
1013 [AC_MSG_RESULT([no])],
1014 [AC_MSG_RESULT([no])])
1015
1016 AC_CHECK_FUNC(
1017         [register_printf_function],
1018         [AC_DEFINE(HAVE_PRINTF_HOOKS)],
1019         [
1020                 AC_MSG_NOTICE([printf does not support custom format specifiers!])
1021                 vstr=true
1022         ]
1023 )
1024
1025 if test x$vstr = xtrue; then
1026         AC_HAVE_LIBRARY([vstr],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])])
1027         AC_DEFINE(USE_VSTR)
1028 fi
1029
1030 if test x$gmp = xtrue; then
1031         AC_HAVE_LIBRARY([gmp],[LIBS="$LIBS"],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])
1032         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
1033         AC_TRY_COMPILE(
1034                 [#include "gmp.h"],
1035                 [
1036                         #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
1037                                 #error bad gmp
1038                         #endif
1039                 ],
1040                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
1041         )
1042 fi
1043
1044 if test x$ldap = xtrue; then
1045         AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])])
1046         AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])])
1047         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
1048 fi
1049
1050 if test x$curl = xtrue; then
1051         AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])])
1052         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
1053 fi
1054
1055 if test x$xml = xtrue; then
1056         PKG_CHECK_MODULES(xml, [libxml-2.0])
1057         AC_SUBST(xml_CFLAGS)
1058         AC_SUBST(xml_LIBS)
1059 fi
1060
1061 if test x$dumm = xtrue; then
1062         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
1063         AC_SUBST(gtk_CFLAGS)
1064         AC_SUBST(gtk_LIBS)
1065         AC_CHECK_PROGS(RUBY, ruby)
1066         AC_MSG_CHECKING([for Ruby header files])
1067         if test -n "$RUBY"; then
1068                 RUBYDIR=`($RUBY -rmkmf -e 'print Config::CONFIG[["archdir"]] || $archdir') 2>/dev/null`
1069                 if test -n "$RUBYDIR"; then
1070                         dirs="$RUBYDIR"
1071                         RUBYINCLUDE=none
1072                         for i in $dirs; do
1073                                 if test -r $i/ruby.h; then
1074                                         AC_MSG_RESULT([$i])
1075                                         RUBYINCLUDE="-I$i"
1076                                         break;
1077                                 fi
1078                         done
1079                         if test x"$RUBYINCLUDE" = xnone; then
1080                                 AC_MSG_ERROR([ruby.h not found])
1081                         fi
1082                         AC_SUBST(RUBYINCLUDE)
1083                 else
1084                         AC_MSG_ERROR([unable to determine ruby configuration])
1085                 fi
1086         else
1087                 AC_MSG_ERROR([don't know how to run ruby])
1088         fi
1089 fi
1090
1091 if test x$fast = xtrue; then
1092         AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])])
1093         AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])])
1094         AC_HAVE_LIBRARY([z],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver dependency zlib not found!])])
1095 dnl autoconf does not like CamelCase!? How to fix this?
1096 dnl     AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
1097
1098         AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])])
1099         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
1100 fi
1101
1102 if test x$mysql = xtrue; then
1103         AC_HAVE_LIBRARY([mysqlclient_r],[LIBS="$LIBS"],[AC_MSG_ERROR([MySQL library mysqlclient_r not found])])
1104         AC_CHECK_HEADER([mysql/mysql.h],,[AC_MSG_ERROR([MySQL header mysql/mysql.h not found!])])
1105 fi
1106
1107 if test x$sqlite = xtrue; then
1108         AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])])
1109         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
1110         AC_MSG_CHECKING([sqlite3_prepare_v2])
1111         AC_TRY_COMPILE(
1112                 [#include <sqlite3.h>],
1113                 [
1114                         void *test = sqlite3_prepare_v2;
1115                 ],
1116                 [AC_MSG_RESULT([yes])]; AC_DEFINE_UNQUOTED(HAVE_SQLITE3_PREPARE_V2, 1), [AC_MSG_RESULT([no])])
1117         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
1118         AC_TRY_COMPILE(
1119                 [#include <sqlite3.h>],
1120                 [
1121                         #if SQLITE_VERSION_NUMBER < 3003001
1122                                 #error bad sqlite
1123                         #endif
1124                 ],
1125                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])])
1126 fi
1127
1128 if test x$openssl = xtrue; then
1129         AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])])
1130         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
1131 fi
1132
1133 if test x$gcrypt = xtrue; then
1134         AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])])
1135         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
1136         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
1137         AC_TRY_COMPILE(
1138                 [#include <gcrypt.h>],
1139                 [enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;],
1140                 [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA])],
1141                 [AC_MSG_RESULT([no])]
1142         )
1143 fi
1144
1145 if test x$uci = xtrue; then
1146         AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])])
1147         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
1148 fi
1149
1150 if test x$nm = xtrue; then
1151         PKG_CHECK_MODULES(nm, [NetworkManager libnm_glib_vpn gthread-2.0])
1152         AC_SUBST(nm_CFLAGS)
1153         AC_SUBST(nm_LIBS)
1154 fi
1155
1156 if test x$eap_gtc = xtrue; then
1157         AC_HAVE_LIBRARY([pam],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])])
1158         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
1159 fi
1160
1161 if test x$capabilities = xlibcap; then
1162         AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])])
1163         AC_CHECK_HEADER([sys/capability.h],,[AC_MSG_ERROR([libcap header sys/capability.h not found!])])
1164 fi
1165
1166 if test x$integrity_test = xtrue; then
1167         AC_MSG_CHECKING([for dladdr()])
1168         AC_TRY_COMPILE(
1169                 [#define _GNU_SOURCE
1170                  #include <dlfcn.h>],
1171                 [Dl_info info; dladdr(main, &info);],
1172                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
1173                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
1174         )
1175         AC_MSG_CHECKING([for dl_iterate_phdr()])
1176         AC_TRY_COMPILE(
1177                 [#define _GNU_SOURCE
1178                  #include <link.h>],
1179                 [dl_iterate_phdr((void*)0, (void*)0);],
1180                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
1181                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
1182         )
1183 fi
1184
1185 dnl ======================================
1186 dnl  collect all plugins for libstrongswan
1187 dnl ======================================
1188
1189 libstrongswan_plugins=
1190 pluto_plugins=
1191
1192 if test x$test_vectors = xtrue; then
1193         libstrongswan_plugins=${libstrongswan_plugins}" test-vectors"
1194         pluto_plugins=${pluto_plugins}" test-vectors"
1195 fi
1196 if test x$curl = xtrue; then
1197         libstrongswan_plugins=${libstrongswan_plugins}" curl"
1198         pluto_plugins=${pluto_plugins}" curl"
1199 fi
1200 if test x$ldap = xtrue; then
1201         libstrongswan_plugins=${libstrongswan_plugins}" ldap"
1202         pluto_plugins=${pluto_plugins}" ldap"
1203 fi
1204 if test x$aes = xtrue; then
1205         libstrongswan_plugins=${libstrongswan_plugins}" aes"
1206         pluto_plugins=${pluto_plugins}" aes"
1207 fi
1208 if test x$des = xtrue; then
1209         libstrongswan_plugins=${libstrongswan_plugins}" des"
1210         pluto_plugins=${pluto_plugins}" des"
1211 fi
1212 if test x$blowfish = xtrue; then
1213         libstrongswan_plugins=${libstrongswan_plugins}" blowfish"
1214         pluto_plugins=${pluto_plugins}" blowfish"
1215 fi
1216 if test x$sha1 = xtrue; then
1217         libstrongswan_plugins=${libstrongswan_plugins}" sha1"
1218         pluto_plugins=${pluto_plugins}" sha1"
1219 fi
1220 if test x$sha2 = xtrue; then
1221         libstrongswan_plugins=${libstrongswan_plugins}" sha2"
1222         pluto_plugins=${pluto_plugins}" sha2"
1223 fi
1224 if test x$md4 = xtrue; then
1225         libstrongswan_plugins=${libstrongswan_plugins}" md4"
1226 fi
1227 if test x$md5 = xtrue; then
1228         libstrongswan_plugins=${libstrongswan_plugins}" md5"
1229         pluto_plugins=${pluto_plugins}" md5"
1230 fi
1231 if test x$fips_prf = xtrue; then
1232         libstrongswan_plugins=${libstrongswan_plugins}" fips-prf"
1233 fi
1234 if test x$random = xtrue; then
1235         libstrongswan_plugins=${libstrongswan_plugins}" random"
1236         pluto_plugins=${pluto_plugins}" random"
1237 fi
1238 if test x$x509 = xtrue; then
1239         libstrongswan_plugins=${libstrongswan_plugins}" x509"
1240 fi
1241 if test x$pubkey = xtrue; then
1242         libstrongswan_plugins=${libstrongswan_plugins}" pubkey"
1243         pluto_plugins=${pluto_plugins}" pubkey"
1244 fi
1245 if test x$pkcs1 = xtrue; then
1246         libstrongswan_plugins=${libstrongswan_plugins}" pkcs1"
1247         pluto_plugins=${pluto_plugins}" pkcs1"
1248 fi
1249 if test x$pgp = xtrue; then
1250         libstrongswan_plugins=${libstrongswan_plugins}" pgp"
1251         pluto_plugins=${pluto_plugins}" pgp"
1252 fi
1253 if test x$dnskey = xtrue; then
1254         libstrongswan_plugins=${libstrongswan_plugins}" dnskey"
1255         pluto_plugins=${pluto_plugins}" dnskey"
1256 fi
1257 if test x$pem = xtrue; then
1258         libstrongswan_plugins=${libstrongswan_plugins}" pem"
1259         pluto_plugins=${pluto_plugins}" pem"
1260 fi
1261 if test x$mysql = xtrue; then
1262         libstrongswan_plugins=${libstrongswan_plugins}" mysql"
1263 fi
1264 if test x$sqlite = xtrue; then
1265         libstrongswan_plugins=${libstrongswan_plugins}" sqlite"
1266 fi
1267 if test x$padlock = xtrue; then
1268         libstrongswan_plugins=${libstrongswan_plugins}" padlock"
1269 fi
1270 if test x$openssl = xtrue; then
1271         libstrongswan_plugins=${libstrongswan_plugins}" openssl"
1272         pluto_plugins=${pluto_plugins}" openssl"
1273 fi
1274 if test x$gcrypt = xtrue; then
1275         libstrongswan_plugins=${libstrongswan_plugins}" gcrypt"
1276         pluto_plugins=${pluto_plugins}" gcrypt"
1277 fi
1278 if test x$xcbc = xtrue; then
1279         libstrongswan_plugins=${libstrongswan_plugins}" xcbc"
1280 fi
1281 if test x$hmac = xtrue; then
1282         libstrongswan_plugins=${libstrongswan_plugins}" hmac"
1283         pluto_plugins=${pluto_plugins}" hmac"
1284 fi
1285 if test x$agent = xtrue; then
1286         libstrongswan_plugins=${libstrongswan_plugins}" agent"
1287 fi
1288 if test x$gmp = xtrue; then
1289         libstrongswan_plugins=${libstrongswan_plugins}" gmp"
1290         pluto_plugins=${pluto_plugins}" gmp"
1291 fi
1292
1293 AC_SUBST(libstrongswan_plugins)
1294 AC_SUBST(pluto_plugins)
1295
1296 dnl =========================
1297 dnl  set Makefile.am vars
1298 dnl =========================
1299
1300 dnl libstrongswan plugins
1301 dnl =====================
1302 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
1303 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
1304 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
1305 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
1306 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
1307 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
1308 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
1309 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
1310 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
1311 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
1312 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
1313 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
1314 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
1315 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
1316 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
1317 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
1318 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
1319 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
1320 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
1321 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
1322 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
1323 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
1324 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
1325 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
1326 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
1327 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
1328 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
1329
1330 dnl charon plugins
1331 dnl ==============
1332 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
1333 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
1334 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
1335 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
1336 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
1337 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
1338 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
1339 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
1340 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
1341 AM_CONDITIONAL(USE_RESOLV_CONF, test x$resolvconf = xtrue)
1342 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unittest = xtrue)
1343 AM_CONDITIONAL(USE_LOAD_TESTS, test x$loadtest = xtrue)
1344 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
1345 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
1346 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
1347 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
1348 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
1349 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
1350 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
1351 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
1352 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
1353 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
1354 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
1355 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
1356
1357 dnl other options
1358 dnl =============
1359 AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue)
1360 AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue)
1361 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
1362 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
1363 AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue)
1364 AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue)
1365 AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue)
1366 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
1367 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
1368 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
1369 AM_CONDITIONAL(USE_ME, test x$me = xtrue)
1370 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
1371 AM_CONDITIONAL(USE_CAPABILITIES, test x$capabilities = xlibcap)
1372 AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)
1373 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
1374 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
1375 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
1376 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
1377 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$tools = xtrue)
1378 AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)
1379 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
1380
1381 dnl ==============================
1382 dnl  set global definitions
1383 dnl ==============================
1384
1385 if test x$me = xtrue; then
1386         AC_DEFINE(ME)
1387 fi
1388 if test x$capabilities = xlibcap; then
1389         AC_DEFINE(CAPABILITIES)
1390 fi
1391
1392 dnl ==============================
1393 dnl  build Makefiles
1394 dnl ==============================
1395
1396 AC_OUTPUT(
1397         Makefile
1398         src/Makefile
1399         src/include/Makefile
1400         src/libstrongswan/Makefile
1401         src/libstrongswan/plugins/aes/Makefile
1402         src/libstrongswan/plugins/des/Makefile
1403         src/libstrongswan/plugins/blowfish/Makefile
1404         src/libstrongswan/plugins/md4/Makefile
1405         src/libstrongswan/plugins/md5/Makefile
1406         src/libstrongswan/plugins/sha1/Makefile
1407         src/libstrongswan/plugins/sha2/Makefile
1408         src/libstrongswan/plugins/fips_prf/Makefile
1409         src/libstrongswan/plugins/gmp/Makefile
1410         src/libstrongswan/plugins/random/Makefile
1411         src/libstrongswan/plugins/hmac/Makefile
1412         src/libstrongswan/plugins/xcbc/Makefile
1413         src/libstrongswan/plugins/x509/Makefile
1414         src/libstrongswan/plugins/pubkey/Makefile
1415         src/libstrongswan/plugins/pkcs1/Makefile
1416         src/libstrongswan/plugins/pgp/Makefile
1417         src/libstrongswan/plugins/dnskey/Makefile
1418         src/libstrongswan/plugins/pem/Makefile
1419         src/libstrongswan/plugins/curl/Makefile
1420         src/libstrongswan/plugins/ldap/Makefile
1421         src/libstrongswan/plugins/mysql/Makefile
1422         src/libstrongswan/plugins/sqlite/Makefile
1423         src/libstrongswan/plugins/padlock/Makefile
1424         src/libstrongswan/plugins/openssl/Makefile
1425         src/libstrongswan/plugins/gcrypt/Makefile
1426         src/libstrongswan/plugins/agent/Makefile
1427         src/libstrongswan/plugins/test_vectors/Makefile
1428         src/libfreeswan/Makefile
1429         src/pluto/Makefile
1430         src/whack/Makefile
1431         src/charon/Makefile
1432         src/charon/plugins/eap_aka/Makefile
1433         src/charon/plugins/eap_identity/Makefile
1434         src/charon/plugins/eap_md5/Makefile
1435         src/charon/plugins/eap_gtc/Makefile
1436         src/charon/plugins/eap_sim/Makefile
1437         src/charon/plugins/eap_sim_file/Makefile
1438         src/charon/plugins/eap_mschapv2/Makefile
1439         src/charon/plugins/eap_radius/Makefile
1440         src/charon/plugins/kernel_netlink/Makefile
1441         src/charon/plugins/kernel_pfkey/Makefile
1442         src/charon/plugins/kernel_pfroute/Makefile
1443         src/charon/plugins/kernel_klips/Makefile
1444         src/charon/plugins/smp/Makefile
1445         src/charon/plugins/sql/Makefile
1446         src/charon/plugins/medsrv/Makefile
1447         src/charon/plugins/medcli/Makefile
1448         src/charon/plugins/nm/Makefile
1449         src/charon/plugins/uci/Makefile
1450         src/charon/plugins/stroke/Makefile
1451         src/charon/plugins/updown/Makefile
1452         src/charon/plugins/attr/Makefile
1453         src/charon/plugins/resolv_conf/Makefile
1454         src/charon/plugins/unit_tester/Makefile
1455         src/charon/plugins/load_tester/Makefile
1456         src/stroke/Makefile
1457         src/ipsec/Makefile
1458         src/starter/Makefile
1459         src/_updown/Makefile
1460         src/_updown_espmark/Makefile
1461         src/_copyright/Makefile
1462         src/openac/Makefile
1463         src/scepclient/Makefile
1464         src/pki/Makefile
1465         src/dumm/Makefile
1466         src/dumm/ext/extconf.rb
1467         src/libfast/Makefile
1468         src/manager/Makefile
1469         src/medsrv/Makefile
1470         src/checksum/Makefile
1471         scripts/Makefile
1472         testing/Makefile
1473 )