all x509 based ipv6/*-ikev2 scenarios require the revocation plugin
[strongswan.git] / configure.in
1 dnl  configure.in for linux strongSwan
2 dnl  Copyright (C) 2006 Martin Willi
3 dnl  Hochschule fuer Technik Rapperswil
4 dnl
5 dnl  This program is free software; you can redistribute it and/or modify it
6 dnl  under the terms of the GNU General Public License as published by the
7 dnl  Free Software Foundation; either version 2 of the License, or (at your
8 dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9 dnl
10 dnl  This program is distributed in the hope that it will be useful, but
11 dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13 dnl  for more details.
14
15 dnl ===========================
16 dnl  initialize & set some vars
17 dnl ===========================
18
19 AC_INIT(strongSwan,4.4.1)
20 AM_INIT_AUTOMAKE(tar-ustar)
21 AC_CONFIG_MACRO_DIR([m4/config])
22 PKG_PROG_PKG_CONFIG
23
24 dnl =================================
25 dnl  check --enable-xxx & --with-xxx
26 dnl =================================
27
28 m4_include(m4/macros/with.m4)
29
30 ARG_WITH_SUBST([default-pkcs11],     [/usr/lib/opensc-pkcs11.so], [set the default PKCS11 library])
31 ARG_WITH_SUBST([random-device],      [/dev/random], [set the device to read real random data from])
32 ARG_WITH_SUBST([urandom-device],     [/dev/urandom], [set the device to read pseudo random data from])
33 ARG_WITH_SUBST([strongswan-conf],    [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
34 ARG_WITH_SUBST([resolv-conf],        [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
35 ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX socket files])
36 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
37 ARG_WITH_SUBST([plugindir],          [${ipsecdir%/}/plugins], [set the installation path of plugins])
38 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM plugin uses to look up trusted root certificates])
39 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
40 ARG_WITH_SUBST([routing-table],      [220], [set routing table to use for IPsec routes])
41 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
42
43 ARG_WITH_SET([capabilities],         [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
44 ARG_WITH_SET([mpz_powm_sec],         [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
45
46 AC_ARG_WITH(
47         [xauth-module],
48         AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]),
49         [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")],
50 )
51
52 AC_ARG_WITH(
53         [user],
54         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
55         [AC_DEFINE_UNQUOTED(IPSEC_USER, "$withval") AC_SUBST(ipsecuser, "$withval")],
56         [AC_SUBST(ipsecuser, "root")]
57 )
58
59 AC_ARG_WITH(
60         [group],
61         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
62         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval") AC_SUBST(ipsecgroup, "$withval")],
63         [AC_SUBST(ipsecgroup, "root")]
64 )
65
66 m4_include(m4/macros/enable-disable.m4)
67
68 ARG_ENABL_SET([curl],           [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
69 ARG_ENABL_SET([ldap],           [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
70 ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
71 ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
72 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
73 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
74 ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
75 ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
76 ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
77 ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
78 ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
79 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
80 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
81 ARG_DISBL_SET([revocation],     [disable X509 CRL/OCSP revocation check plugin.])
82 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
83 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
84 ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
85 ARG_DISBL_SET([dnskey],         [disable DNS RR key decoding plugin.])
86 ARG_DISBL_SET([pem],            [disable PEM decoding plugin.])
87 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
88 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
89 ARG_ENABL_SET([test-vectors],   [enable plugin providing crypto test vectors.])
90 ARG_ENABL_SET([mysql],          [enable MySQL database support. Requires libmysqlclient_r.])
91 ARG_ENABL_SET([sqlite],         [enable SQLite database support. Requires libsqlite3.])
92 ARG_DISBL_SET([stroke],         [disable charons stroke (pluto compatibility) configuration backend.])
93 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
94 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
95 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
96 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
97 ARG_ENABL_SET([smartcard],      [enable smartcard support.])
98 ARG_ENABL_SET([cisco-quirks],   [enable support of Cisco VPN client.])
99 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
100 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
101 ARG_ENABL_SET([unit-tests],     [enable unit tests on IKEv2 daemon startup.])
102 ARG_ENABL_SET([load-tester],    [enable load testing plugin for IKEv2 daemon.])
103 ARG_ENABL_SET([eap-sim],        [enable SIM authenication module for EAP.])
104 ARG_ENABL_SET([eap-sim-file],   [enable EAP-SIM backend based on a triplet file.])
105 ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
106 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
107 ARG_ENABL_SET([eap-simaka-reauth],    [enable EAP-SIM/AKA reauthentication data storage plugin.])
108 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
109 ARG_ENABL_SET([eap-md5],        [enable EAP MD5 (CHAP) authenication module.])
110 ARG_ENABL_SET([eap-gtc],        [enable PAM based EAP GTC authenication module.])
111 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
112 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
113 ARG_ENABL_SET([eap-mschapv2],   [enable EAP MS-CHAPv2 authenication module.])
114 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authenication module.])
115 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
116 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
117 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
118 ARG_ENABL_SET([kernel-klips],   [enable the KLIPS kernel interface.])
119 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
120 ARG_ENABL_SET([socket-raw],     [enable raw socket implementation of charon, enforced if pluto is enabled])
121 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
122 ARG_ENABL_SET([farp],           [enable ARP faking plugin that responds to ARP requests to peers virtual IP])
123 ARG_ENABL_SET([nat-transport],  [enable NAT traversal with IPsec transport mode in pluto.])
124 ARG_DISBL_SET([vendor-id],      [disable the sending of the strongSwan vendor ID in pluto.])
125 ARG_DISBL_SET([xauth-vid],      [disable the sending of the XAUTH vendor ID.])
126 ARG_ENABL_SET([dumm],           [enable the DUMM UML test framework.])
127 ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ templates.])
128 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
129 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
130 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
131 ARG_DISBL_SET([load-warning],   [disable the charon/pluto plugin load option warning in starter.])
132 ARG_DISBL_SET([pluto],          [disable the IKEv1 keying daemon pluto.])
133 ARG_DISBL_SET([xauth],          [disable xauth plugin.])
134 ARG_DISBL_SET([threads],        [disable the use of threads in pluto. Charon always uses threads.])
135 ARG_DISBL_SET([charon],         [disable the IKEv2 keying daemon charon.])
136 ARG_DISBL_SET([tools],          [disable additional utilities (openac, scepclient and pki).])
137 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
138 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
139 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
140 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
141 ARG_ENABL_SET([dhcp],           [enable DHCP based attribute provider plugin.])
142 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
143 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
144 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
145 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
146 ARG_ENABL_SET([agent],          [enables the ssh-agent signing plugin.])
147 ARG_ENABL_SET([addrblock],      [enables RFC 3779 address block constraint support.])
148 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
149 ARG_ENABL_SET([android],        [enable Android specific plugin.])
150 ARG_ENABL_SET([nm],             [enable NetworkManager plugin.])
151 ARG_ENABL_SET([ha],             [enable high availability cluster plugin.])
152 ARG_ENABL_SET([vstr],           [enforce using the Vstr string library to replace glibc-like printf hooks.])
153 ARG_ENABL_SET([monolithic],     [build monolithic version of libstrongswan that includes all enabled plugins. Similarly, the plugins of charon are assembled in libcharon.])
154
155 dnl =========================
156 dnl  set up compiler and flags
157 dnl =========================
158
159 if test -z "$CFLAGS"; then
160         CFLAGS="-g -O2 -Wall -Wno-format -Wno-pointer-sign -Wno-strict-aliasing"
161 fi
162 AC_PROG_CC
163 AC_LIB_PREFIX
164 AC_C_BIGENDIAN
165
166 dnl =========================
167 dnl  check required programs
168 dnl =========================
169
170 AC_PROG_INSTALL
171 AC_PROG_LIBTOOL
172 AC_PROG_EGREP
173 AC_PROG_AWK
174 AC_PROG_LEX
175 AC_PROG_YACC
176 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
177 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
178
179 dnl because gperf is not needed by end-users we just report it but do not abort on failure
180 AC_MSG_CHECKING([gperf version >= 3.0.0])
181 if test -x "$GPERF"; then
182         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
183                 AC_MSG_RESULT([yes])
184         else
185                 AC_MSG_RESULT([no])
186         fi
187 else
188         AC_MSG_RESULT([not found])
189 fi
190
191 dnl translate user/group to numercial ids
192 AC_MSG_CHECKING([for uid of user "$ipsecuser"])
193 ipsecuid=`id -u $ipsecuser 2>/dev/null`
194 if test -n "$ipsecuid"; then
195         AC_MSG_RESULT([$ipsecuid])
196         AC_SUBST(ipsecuid)
197 else
198         AC_MSG_ERROR([not found])
199 fi
200 AC_MSG_CHECKING([for gid of group "$ipsecgroup"])
201 ipsecgid=`$EGREP "^$ipsecgroup:" /etc/group | $AWK -F: '{ print $3 }'`
202 if test -n "$ipsecgid"; then
203         AC_MSG_RESULT([$ipsecgid])
204         AC_SUBST(ipsecgid)
205 else
206         AC_MSG_ERROR([not found])
207 fi
208
209 dnl =========================
210 dnl  dependency calculation
211 dnl =========================
212
213 if test x$eap_aka_3gpp2 = xtrue; then
214         gmp=true;
215 fi
216
217 if test x$eap_aka = xtrue; then
218         fips_prf=true;
219         simaka=true;
220 fi
221
222 if test x$eap_sim = xtrue; then
223         fips_prf=true;
224         simaka=true;
225 fi
226
227 if test x$fips_prf = xtrue; then
228         if test x$openssl = xfalse; then
229                 sha1=true;
230         fi
231 fi
232
233 if test x$smp = xtrue; then
234         xml=true
235 fi
236
237 if test x$manager = xtrue; then
238         fast=true
239 fi
240
241 if test x$medsrv = xtrue; then
242         mediation=true
243         fast=true
244 fi
245
246 if test x$medcli = xtrue; then
247         mediation=true
248 fi
249
250 if test x$pluto = xtrue; then
251         if test x$socket_raw = xfalse; then
252                 AC_MSG_NOTICE([Enforcing --enable-socket-raw, as pluto is enabled])
253                 socket_raw=true
254                 if test x$socket_default_given = xfalse; then
255                         socket_default=false
256                 fi
257         fi
258 fi
259
260 dnl ===========================================
261 dnl  check required libraries and header files
262 dnl ===========================================
263
264 AC_HEADER_STDBOOL
265 AC_FUNC_ALLOCA
266
267 dnl libraries needed on some platforms but not on others
268 dnl ====================================================
269 saved_LIBS=$LIBS
270
271 dnl FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
272 LIBS=""
273 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
274 AC_SUBST(DLLIB)
275
276 dnl glibc's backtrace() can be replicated on FreeBSD with libexecinfo
277 LIBS=""
278 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
279 AC_CHECK_FUNCS(backtrace)
280 AC_SUBST(BTLIB)
281
282 dnl OpenSolaris needs libsocket and libnsl for socket()
283 LIBS=""
284 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
285         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
286 )
287 AC_SUBST(SOCKLIB)
288
289 dnl FreeBSD has clock_gettime in libc, Linux needs librt
290 LIBS=""
291 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
292 AC_CHECK_FUNCS(clock_gettime)
293 AC_SUBST(RTLIB)
294
295 dnl Android has pthread_* functions in bionic (libc), others need libpthread
296 LIBS=""
297 AC_SEARCH_LIBS(pthread_create, pthread, [PTHREADLIB=$LIBS])
298 AC_SUBST(PTHREADLIB)
299
300 LIBS=$saved_LIBS
301 dnl ======================
302
303 AC_MSG_CHECKING(for dladdr)
304 AC_TRY_COMPILE(
305         [#define _GNU_SOURCE
306          #include <dlfcn.h>],
307         [Dl_info* info = 0;
308          dladdr(0, info);],
309         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR])],
310         [AC_MSG_RESULT([no])]
311 )
312
313 dnl check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
314 saved_LIBS=$LIBS
315 LIBS=$PTHREADLIB
316 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
317 AC_TRY_RUN(
318         [#include <pthread.h>
319          int main() { pthread_condattr_t attr;
320                 pthread_condattr_init(&attr);
321                 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}],
322         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])],
323         [AC_MSG_RESULT([no])],
324         dnl Check existence of pthread_condattr_setclock if cross-compiling
325         [AC_MSG_RESULT([unknown]);
326          AC_CHECK_FUNCS(pthread_condattr_setclock,
327                 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])]
328         )]
329 )
330 dnl check if we actually are able to configure attributes on cond vars
331 AC_CHECK_FUNCS(pthread_condattr_init)
332 dnl instead of pthread_condattr_setclock Android has this function
333 AC_CHECK_FUNCS(pthread_cond_timedwait_monotonic)
334 dnl check if we can cancel threads
335 AC_CHECK_FUNCS(pthread_cancel)
336 dnl check if native rwlocks are available
337 AC_CHECK_FUNCS(pthread_rwlock_init)
338 LIBS=$saved_LIBS
339
340 AC_CHECK_FUNCS(prctl)
341
342 AC_CHECK_FUNCS(mallinfo)
343
344 AC_CHECK_HEADERS(sys/sockio.h)
345 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
346
347 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
348 [
349         #include <sys/types.h>
350         #include <sys/socket.h>
351 ])
352
353 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
354 [
355         #include <sys/types.h>
356         #ifdef HAVE_NET_PFKEYV2_H
357         #include <net/pfkeyv2.h>
358         #else
359         #include <stdint.h>
360         #include <linux/pfkeyv2.h>
361         #endif
362 ])
363
364 AC_MSG_CHECKING([for in6addr_any])
365 AC_TRY_COMPILE(
366         [#include <sys/types.h>
367         #include <sys/socket.h>
368         #include <netinet/in.h>],
369         [struct in6_addr in6;
370         in6 = in6addr_any;],
371         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IN6ADDR_ANY])],
372         [AC_MSG_RESULT([no])]
373 )
374
375 AC_MSG_CHECKING([for in6_pktinfo])
376 AC_TRY_COMPILE(
377         [#define _GNU_SOURCE
378         #include <sys/types.h>
379         #include <sys/socket.h>
380         #include <netinet/in.h>],
381         [struct in6_pktinfo pi;
382         if (pi.ipi6_ifindex)
383         {
384                 return 0;
385         }],
386         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IN6_PKTINFO])],
387         [AC_MSG_RESULT([no])]
388 )
389
390 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
391 AC_TRY_COMPILE(
392         [#include <sys/types.h>
393         #ifdef HAVE_NETIPSEC_IPSEC_H
394         #include <netipsec/ipsec.h>
395         #elif defined(HAVE_NETINET6_IPSEC_H)
396         #include <netinet6/ipsec.h>
397         #else
398         #include <stdint.h>
399         #include <linux/ipsec.h>
400         #endif],
401         [int mode = IPSEC_MODE_BEET;
402          return mode;],
403         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_MODE_BEET])],
404         [AC_MSG_RESULT([no])]
405 )
406
407 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
408 AC_TRY_COMPILE(
409         [#include <sys/types.h>
410         #ifdef HAVE_NETIPSEC_IPSEC_H
411         #include <netipsec/ipsec.h>
412         #elif defined(HAVE_NETINET6_IPSEC_H)
413         #include <netinet6/ipsec.h>
414         #else
415         #include <stdint.h>
416         #include <linux/ipsec.h>
417         #endif],
418         [int dir = IPSEC_DIR_FWD;
419          return dir;],
420         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_DIR_FWD])],
421         [AC_MSG_RESULT([no])]
422 )
423
424 AC_MSG_CHECKING([for gcc atomic operations])
425 AC_TRY_RUN(
426 [
427         int main() {
428                 volatile int ref = 1;
429                 __sync_fetch_and_add (&ref, 1);
430                 __sync_sub_and_fetch (&ref, 1);
431                 /* Make sure test fails if operations are not supported */
432                 __sync_val_compare_and_swap(&ref, 1, 0);
433                 return ref;
434         }
435 ],
436 [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_GCC_ATOMIC_OPERATIONS)],
437 [AC_MSG_RESULT([no])],
438 [AC_MSG_RESULT([no])])
439
440 dnl check for the new register_printf_specifier function with len argument,
441 dnl or the deprecated register_printf_function without
442 AC_CHECK_FUNC(
443         [register_printf_specifier],
444         [AC_DEFINE(HAVE_PRINTF_SPECIFIER)],
445         [AC_CHECK_FUNC(
446                 [register_printf_function],
447                 [AC_DEFINE(HAVE_PRINTF_FUNCTION)],
448                 [
449                         AC_MSG_NOTICE([printf does not support custom format specifiers!])
450                         vstr=true
451                 ]
452         )]
453 )
454
455 if test x$vstr = xtrue; then
456         AC_HAVE_LIBRARY([vstr],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])])
457         AC_DEFINE(USE_VSTR)
458 fi
459
460 if test x$gmp = xtrue; then
461         saved_LIBS=$LIBS
462         AC_HAVE_LIBRARY([gmp],,[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])
463         AC_MSG_CHECKING([mpz_powm_sec])
464         if test x$mpz_powm_sec = xyes; then
465                 AC_TRY_COMPILE(
466                         [#include "gmp.h"],
467                         [
468                                 void *x = mpz_powm_sec;
469                         ],
470                         [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_MPZ_POWM_SEC)], [AC_MSG_RESULT([no])]
471                 )
472         else
473                 AC_MSG_RESULT([disabled])
474         fi
475         LIBS=$saved_LIBS
476         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
477         AC_TRY_COMPILE(
478                 [#include "gmp.h"],
479                 [
480                         #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
481                                 #error bad gmp
482                         #endif
483                 ],
484                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
485         )
486 fi
487
488 if test x$ldap = xtrue; then
489         AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])])
490         AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])])
491         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
492 fi
493
494 if test x$curl = xtrue; then
495         AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])])
496         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
497 fi
498
499 if test x$xml = xtrue; then
500         PKG_CHECK_MODULES(xml, [libxml-2.0])
501         AC_SUBST(xml_CFLAGS)
502         AC_SUBST(xml_LIBS)
503 fi
504
505 if test x$dumm = xtrue; then
506         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
507         AC_SUBST(gtk_CFLAGS)
508         AC_SUBST(gtk_LIBS)
509         AC_CHECK_PROGS(RUBY, ruby)
510         AC_MSG_CHECKING([for Ruby header files])
511         if test -n "$RUBY"; then
512                 RUBYDIR=`($RUBY -rmkmf -e 'print Config::CONFIG[["archdir"]] || $archdir') 2>/dev/null`
513                 if test -n "$RUBYDIR"; then
514                         dirs="$RUBYDIR"
515                         RUBYINCLUDE=none
516                         for i in $dirs; do
517                                 if test -r $i/ruby.h; then
518                                         AC_MSG_RESULT([$i])
519                                         RUBYINCLUDE="-I$i"
520                                         break;
521                                 fi
522                         done
523                         if test x"$RUBYINCLUDE" = xnone; then
524                                 AC_MSG_ERROR([ruby.h not found])
525                         fi
526                         AC_SUBST(RUBYINCLUDE)
527                 else
528                         AC_MSG_ERROR([unable to determine ruby configuration])
529                 fi
530         else
531                 AC_MSG_ERROR([don't know how to run ruby])
532         fi
533 fi
534
535 if test x$fast = xtrue; then
536         AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])])
537         AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])])
538         AC_HAVE_LIBRARY([z],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver dependency zlib not found!])])
539 dnl autoconf does not like CamelCase!? How to fix this?
540 dnl     AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
541
542         AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])])
543         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
544 fi
545
546 if test x$mysql = xtrue; then
547         AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
548         if test x$MYSQLCONFIG = x; then
549                 AC_MSG_ERROR([mysql_config not found!])
550         fi
551         AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
552         AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
553 fi
554
555 if test x$sqlite = xtrue; then
556         AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])])
557         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
558         AC_MSG_CHECKING([sqlite3_prepare_v2])
559         AC_TRY_COMPILE(
560                 [#include <sqlite3.h>],
561                 [
562                         void *test = sqlite3_prepare_v2;
563                 ],
564                 [AC_MSG_RESULT([yes])]; AC_DEFINE_UNQUOTED(HAVE_SQLITE3_PREPARE_V2, 1), [AC_MSG_RESULT([no])])
565         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
566         AC_TRY_COMPILE(
567                 [#include <sqlite3.h>],
568                 [
569                         #if SQLITE_VERSION_NUMBER < 3003001
570                                 #error bad sqlite
571                         #endif
572                 ],
573                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])])
574 fi
575
576 if test x$openssl = xtrue; then
577         AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])])
578         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
579 fi
580
581 if test x$gcrypt = xtrue; then
582         AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
583         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
584         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
585         AC_TRY_COMPILE(
586                 [#include <gcrypt.h>],
587                 [enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;],
588                 [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA])],
589                 [AC_MSG_RESULT([no])]
590         )
591 fi
592
593 if test x$uci = xtrue; then
594         AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])])
595         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
596 fi
597
598 if test x$android = xtrue; then
599         AC_HAVE_LIBRARY([cutils],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])])
600         AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
601         dnl we have to force the use of libdl here because the autodetection
602         dnl above does not work correctly when cross-compiling for android.
603         DLLIB="-ldl"
604         AC_SUBST(DLLIB)
605 fi
606
607 if test x$nm = xtrue; then
608         PKG_CHECK_EXISTS([libnm-glib],
609                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-glib libnm-glib-vpn])],
610                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_glib libnm_glib_vpn])]
611         )
612         AC_SUBST(nm_CFLAGS)
613         AC_SUBST(nm_LIBS)
614 fi
615
616 if test x$eap_gtc = xtrue; then
617         AC_HAVE_LIBRARY([pam],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])])
618         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
619 fi
620
621 if test x$capabilities = xnative; then
622         AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead])
623         dnl Linux requires the following for capset(), Android does not have it,
624         dnl but defines capset() in unistd.h instead.
625         AC_CHECK_HEADERS([sys/capability.h])
626         AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])])
627         AC_DEFINE(CAPABILITIES_NATIVE)
628 fi
629
630 if test x$capabilities = xlibcap; then
631         AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])])
632         AC_CHECK_HEADER([sys/capability.h],
633                 [AC_DEFINE(HAVE_SYS_CAPABILITY_H)],
634                 [AC_MSG_ERROR([libcap header sys/capability.h not found!])])
635         AC_DEFINE(CAPABILITIES_LIBCAP)
636 fi
637
638 if test x$integrity_test = xtrue; then
639         AC_MSG_CHECKING([for dladdr()])
640         AC_TRY_COMPILE(
641                 [#define _GNU_SOURCE
642                  #include <dlfcn.h>],
643                 [Dl_info info; dladdr(main, &info);],
644                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
645                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
646         )
647         AC_MSG_CHECKING([for dl_iterate_phdr()])
648         AC_TRY_COMPILE(
649                 [#define _GNU_SOURCE
650                  #include <link.h>],
651                 [dl_iterate_phdr((void*)0, (void*)0);],
652                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
653                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
654         )
655 fi
656
657 dnl ==========================================================
658 dnl  collect all plugins for libstrongswan, libhydra and pluto
659 dnl ==========================================================
660
661 libstrongswan_plugins=
662 libhydra_plugins=
663 pluto_plugins=
664
665 if test x$test_vectors = xtrue; then
666         libstrongswan_plugins=${libstrongswan_plugins}" test-vectors"
667         pluto_plugins=${pluto_plugins}" test-vectors"
668 fi
669 if test x$curl = xtrue; then
670         libstrongswan_plugins=${libstrongswan_plugins}" curl"
671         pluto_plugins=${pluto_plugins}" curl"
672 fi
673 if test x$ldap = xtrue; then
674         libstrongswan_plugins=${libstrongswan_plugins}" ldap"
675         pluto_plugins=${pluto_plugins}" ldap"
676 fi
677 if test x$aes = xtrue; then
678         libstrongswan_plugins=${libstrongswan_plugins}" aes"
679         pluto_plugins=${pluto_plugins}" aes"
680 fi
681 if test x$des = xtrue; then
682         libstrongswan_plugins=${libstrongswan_plugins}" des"
683         pluto_plugins=${pluto_plugins}" des"
684 fi
685 if test x$blowfish = xtrue; then
686         libstrongswan_plugins=${libstrongswan_plugins}" blowfish"
687         pluto_plugins=${pluto_plugins}" blowfish"
688 fi
689 if test x$sha1 = xtrue; then
690         libstrongswan_plugins=${libstrongswan_plugins}" sha1"
691         pluto_plugins=${pluto_plugins}" sha1"
692 fi
693 if test x$sha2 = xtrue; then
694         libstrongswan_plugins=${libstrongswan_plugins}" sha2"
695         pluto_plugins=${pluto_plugins}" sha2"
696 fi
697 if test x$md4 = xtrue; then
698         libstrongswan_plugins=${libstrongswan_plugins}" md4"
699 fi
700 if test x$md5 = xtrue; then
701         libstrongswan_plugins=${libstrongswan_plugins}" md5"
702         pluto_plugins=${pluto_plugins}" md5"
703 fi
704 if test x$random = xtrue; then
705         libstrongswan_plugins=${libstrongswan_plugins}" random"
706         pluto_plugins=${pluto_plugins}" random"
707 fi
708 if test x$x509 = xtrue; then
709         libstrongswan_plugins=${libstrongswan_plugins}" x509"
710         pluto_plugins=${pluto_plugins}" x509"
711 fi
712 if test x$revocation = xtrue; then
713         libstrongswan_plugins=${libstrongswan_plugins}" revocation"
714 fi
715 if test x$pubkey = xtrue; then
716         libstrongswan_plugins=${libstrongswan_plugins}" pubkey"
717         pluto_plugins=${pluto_plugins}" pubkey"
718 fi
719 if test x$pkcs1 = xtrue; then
720         libstrongswan_plugins=${libstrongswan_plugins}" pkcs1"
721         pluto_plugins=${pluto_plugins}" pkcs1"
722 fi
723 if test x$pgp = xtrue; then
724         libstrongswan_plugins=${libstrongswan_plugins}" pgp"
725         pluto_plugins=${pluto_plugins}" pgp"
726 fi
727 if test x$dnskey = xtrue; then
728         libstrongswan_plugins=${libstrongswan_plugins}" dnskey"
729         pluto_plugins=${pluto_plugins}" dnskey"
730 fi
731 if test x$pem = xtrue; then
732         libstrongswan_plugins=${libstrongswan_plugins}" pem"
733         pluto_plugins=${pluto_plugins}" pem"
734 fi
735 if test x$mysql = xtrue; then
736         libstrongswan_plugins=${libstrongswan_plugins}" mysql"
737         pluto_plugins=${pluto_plugins}" mysql"
738 fi
739 if test x$sqlite = xtrue; then
740         libstrongswan_plugins=${libstrongswan_plugins}" sqlite"
741         pluto_plugins=${pluto_plugins}" sqlite"
742 fi
743 if test x$padlock = xtrue; then
744         libstrongswan_plugins=${libstrongswan_plugins}" padlock"
745 fi
746 if test x$openssl = xtrue; then
747         libstrongswan_plugins=${libstrongswan_plugins}" openssl"
748         pluto_plugins=${pluto_plugins}" openssl"
749 fi
750 if test x$gcrypt = xtrue; then
751         libstrongswan_plugins=${libstrongswan_plugins}" gcrypt"
752         pluto_plugins=${pluto_plugins}" gcrypt"
753 fi
754 if test x$fips_prf = xtrue; then
755         libstrongswan_plugins=${libstrongswan_plugins}" fips-prf"
756 fi
757 if test x$xcbc = xtrue; then
758         libstrongswan_plugins=${libstrongswan_plugins}" xcbc"
759 fi
760 if test x$hmac = xtrue; then
761         libstrongswan_plugins=${libstrongswan_plugins}" hmac"
762         pluto_plugins=${pluto_plugins}" hmac"
763 fi
764 if test x$agent = xtrue; then
765         libstrongswan_plugins=${libstrongswan_plugins}" agent"
766 fi
767 if test x$gmp = xtrue; then
768         libstrongswan_plugins=${libstrongswan_plugins}" gmp"
769         pluto_plugins=${pluto_plugins}" gmp"
770 fi
771 if test x$xauth = xtrue; then
772         pluto_plugins=${pluto_plugins}" xauth"
773 fi
774 if test x$attr = xtrue; then
775         libhydra_plugins=${libhydra_plugins}" attr"
776 fi
777 if test x$attr_sql = xtrue -o x$sql = xtrue; then
778         libhydra_plugins=${libhydra_plugins}" attr-sql"
779 fi
780 if test x$resolve = xtrue; then
781         libhydra_plugins=${libhydra_plugins}" resolve"
782 fi
783
784 AC_SUBST(libstrongswan_plugins)
785 AC_SUBST(libhydra_plugins)
786 AC_SUBST(pluto_plugins)
787
788 dnl =========================
789 dnl  set Makefile.am vars
790 dnl =========================
791
792 dnl libstrongswan plugins
793 dnl =====================
794 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
795 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
796 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
797 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
798 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
799 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
800 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
801 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
802 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
803 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
804 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
805 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
806 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
807 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
808 AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue)
809 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
810 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
811 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
812 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
813 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
814 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
815 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
816 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
817 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
818 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
819 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
820 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
821 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
822
823 dnl charon plugins
824 dnl ==============
825 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
826 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
827 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
828 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
829 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
830 AM_CONDITIONAL(USE_ANDROID, test x$android = xtrue)
831 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
832 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
833 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
834 AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue)
835 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unit_tests = xtrue)
836 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
837 AM_CONDITIONAL(USE_HA, test x$ha = xtrue)
838 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
839 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
840 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
841 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
842 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
843 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
844 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
845 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
846 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
847 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
848 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
849 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
850 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
851 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
852 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
853 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
854 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
855 AM_CONDITIONAL(USE_SOCKET_RAW, test x$socket_raw = xtrue)
856 AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
857 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
858 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
859
860 dnl hydra plugins
861 dnl =============
862 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
863 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue)
864 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
865
866 dnl pluto plugins
867 dnl =============
868 AM_CONDITIONAL(USE_XAUTH, test x$xauth = xtrue)
869
870 dnl other options
871 dnl =============
872 AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue)
873 AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue)
874 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
875 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
876 AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue)
877 AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue)
878 AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue)
879 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
880 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
881 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
882 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
883 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
884 AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
885 AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)
886 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
887 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
888 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
889 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
890 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$tools = xtrue)
891 AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$pluto = xtrue)
892 AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)
893 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
894 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
895 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
896 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
897
898 dnl ==============================
899 dnl  set global definitions
900 dnl ==============================
901
902 if test x$mediation = xtrue; then
903         AC_DEFINE(ME)
904 fi
905 if test x$capabilities = xlibcap -o x$capabilities = xnative; then
906         AC_DEFINE(CAPABILITIES)
907 fi
908 if test x$monolithic = xtrue; then
909         AC_DEFINE(MONOLITHIC)
910 fi
911
912
913 dnl ==============================
914 dnl  build Makefiles
915 dnl ==============================
916
917 AC_OUTPUT(
918         Makefile
919         src/Makefile
920         src/include/Makefile
921         src/libstrongswan/Makefile
922         src/libstrongswan/plugins/aes/Makefile
923         src/libstrongswan/plugins/des/Makefile
924         src/libstrongswan/plugins/blowfish/Makefile
925         src/libstrongswan/plugins/md4/Makefile
926         src/libstrongswan/plugins/md5/Makefile
927         src/libstrongswan/plugins/sha1/Makefile
928         src/libstrongswan/plugins/sha2/Makefile
929         src/libstrongswan/plugins/fips_prf/Makefile
930         src/libstrongswan/plugins/gmp/Makefile
931         src/libstrongswan/plugins/random/Makefile
932         src/libstrongswan/plugins/hmac/Makefile
933         src/libstrongswan/plugins/xcbc/Makefile
934         src/libstrongswan/plugins/x509/Makefile
935         src/libstrongswan/plugins/revocation/Makefile
936         src/libstrongswan/plugins/pubkey/Makefile
937         src/libstrongswan/plugins/pkcs1/Makefile
938         src/libstrongswan/plugins/pgp/Makefile
939         src/libstrongswan/plugins/dnskey/Makefile
940         src/libstrongswan/plugins/pem/Makefile
941         src/libstrongswan/plugins/curl/Makefile
942         src/libstrongswan/plugins/ldap/Makefile
943         src/libstrongswan/plugins/mysql/Makefile
944         src/libstrongswan/plugins/sqlite/Makefile
945         src/libstrongswan/plugins/padlock/Makefile
946         src/libstrongswan/plugins/openssl/Makefile
947         src/libstrongswan/plugins/gcrypt/Makefile
948         src/libstrongswan/plugins/agent/Makefile
949         src/libstrongswan/plugins/test_vectors/Makefile
950         src/libhydra/Makefile
951         src/libhydra/plugins/attr/Makefile
952         src/libhydra/plugins/attr_sql/Makefile
953         src/libhydra/plugins/resolve/Makefile
954         src/libfreeswan/Makefile
955         src/libsimaka/Makefile
956         src/pluto/Makefile
957         src/pluto/plugins/xauth/Makefile
958         src/whack/Makefile
959         src/charon/Makefile
960         src/libcharon/Makefile
961         src/libcharon/plugins/eap_aka/Makefile
962         src/libcharon/plugins/eap_aka_3gpp2/Makefile
963         src/libcharon/plugins/eap_identity/Makefile
964         src/libcharon/plugins/eap_md5/Makefile
965         src/libcharon/plugins/eap_gtc/Makefile
966         src/libcharon/plugins/eap_sim/Makefile
967         src/libcharon/plugins/eap_sim_file/Makefile
968         src/libcharon/plugins/eap_simaka_sql/Makefile
969         src/libcharon/plugins/eap_simaka_pseudonym/Makefile
970         src/libcharon/plugins/eap_simaka_reauth/Makefile
971         src/libcharon/plugins/eap_mschapv2/Makefile
972         src/libcharon/plugins/eap_radius/Makefile
973         src/libcharon/plugins/kernel_netlink/Makefile
974         src/libcharon/plugins/kernel_pfkey/Makefile
975         src/libcharon/plugins/kernel_pfroute/Makefile
976         src/libcharon/plugins/kernel_klips/Makefile
977         src/libcharon/plugins/socket_default/Makefile
978         src/libcharon/plugins/socket_raw/Makefile
979         src/libcharon/plugins/socket_dynamic/Makefile
980         src/libcharon/plugins/farp/Makefile
981         src/libcharon/plugins/smp/Makefile
982         src/libcharon/plugins/sql/Makefile
983         src/libcharon/plugins/medsrv/Makefile
984         src/libcharon/plugins/medcli/Makefile
985         src/libcharon/plugins/nm/Makefile
986         src/libcharon/plugins/addrblock/Makefile
987         src/libcharon/plugins/uci/Makefile
988         src/libcharon/plugins/ha/Makefile
989         src/libcharon/plugins/android/Makefile
990         src/libcharon/plugins/stroke/Makefile
991         src/libcharon/plugins/updown/Makefile
992         src/libcharon/plugins/dhcp/Makefile
993         src/libcharon/plugins/unit_tester/Makefile
994         src/libcharon/plugins/load_tester/Makefile
995         src/stroke/Makefile
996         src/ipsec/Makefile
997         src/starter/Makefile
998         src/_updown/Makefile
999         src/_updown_espmark/Makefile
1000         src/_copyright/Makefile
1001         src/openac/Makefile
1002         src/scepclient/Makefile
1003         src/pki/Makefile
1004         src/dumm/Makefile
1005         src/dumm/ext/extconf.rb
1006         src/libfast/Makefile
1007         src/manager/Makefile
1008         src/medsrv/Makefile
1009         src/checksum/Makefile
1010         scripts/Makefile
1011         testing/Makefile
1012 )