Use and install a config.h AC_CONFIG_HEADER that contains all AC_DEFINE results
[strongswan.git] / configure.in
1 dnl  configure.in for linux strongSwan
2 dnl  Copyright (C) 2006 Martin Willi
3 dnl  Hochschule fuer Technik Rapperswil
4 dnl
5 dnl  This program is free software; you can redistribute it and/or modify it
6 dnl  under the terms of the GNU General Public License as published by the
7 dnl  Free Software Foundation; either version 2 of the License, or (at your
8 dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9 dnl
10 dnl  This program is distributed in the hope that it will be useful, but
11 dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13 dnl  for more details.
14
15 dnl ===========================
16 dnl  initialize & set some vars
17 dnl ===========================
18
19 AC_INIT(strongSwan,5.0.0)
20 AM_INIT_AUTOMAKE(tar-ustar)
21 AC_CONFIG_MACRO_DIR([m4/config])
22 AC_CONFIG_HEADERS([config.h])
23 PKG_PROG_PKG_CONFIG
24
25 dnl =================================
26 dnl  check --enable-xxx & --with-xxx
27 dnl =================================
28
29 m4_include(m4/macros/with.m4)
30
31 ARG_WITH_SUBST([random-device],      [/dev/random], [set the device to read real random data from])
32 ARG_WITH_SUBST([urandom-device],     [/dev/urandom], [set the device to read pseudo random data from])
33 ARG_WITH_SUBST([strongswan-conf],    [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
34 ARG_WITH_SUBST([resolv-conf],        [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
35 ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX socket files])
36 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
37 ARG_WITH_SUBST([ipseclibdir],        [${libdir%/}/ipsec], [set installation path for ipsec libraries])
38 ARG_WITH_SUBST([plugindir],          [${ipseclibdir%/}/plugins], [set the installation path of plugins])
39 ARG_WITH_SUBST([imcvdir],            [${ipseclibdir%/}/imcvs], [set the installation path of IMC and IMV dynamic librariers])
40 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM backend uses to look up trusted root certificates])
41 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
42 ARG_WITH_SUBST([routing-table],      [220], [set routing table to use for IPsec routes])
43 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
44 ARG_WITH_SUBST([ipsec-script],       [ipsec], [change the name of the ipsec script])
45
46 ARG_WITH_SET([capabilities],         [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
47 ARG_WITH_SET([mpz_powm_sec],         [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
48
49 if test -n "$PKG_CONFIG"; then
50         systemdsystemunitdir_default=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
51 fi
52 ARG_WITH_SET([systemdsystemunitdir], [$systemdsystemunitdir_default], [directory for systemd service files])
53 AM_CONDITIONAL(HAVE_SYSTEMD, [test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno])
54 AC_SUBST(systemdsystemunitdir)
55
56 AC_ARG_WITH(
57         [user],
58         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
59         [AC_DEFINE_UNQUOTED([IPSEC_USER], "$withval", [username to run daemon with])
60          AC_SUBST(ipsecuser, "$withval")],
61         [AC_SUBST(ipsecuser, "root")]
62 )
63
64 AC_ARG_WITH(
65         [group],
66         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
67         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval", [groupname to run daemon with])
68          AC_SUBST(ipsecgroup, "$withval")],
69         [AC_SUBST(ipsecgroup, "root")]
70 )
71
72 # convert script name to uppercase
73 AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`])
74
75 m4_include(m4/macros/enable-disable.m4)
76
77 ARG_ENABL_SET([curl],           [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
78 ARG_ENABL_SET([soup],           [enable soup fetcher plugin to fetch from HTTP via libsoup. Requires libsoup.])
79 ARG_ENABL_SET([ldap],           [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
80 ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
81 ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
82 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
83 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
84 ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
85 ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
86 ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
87 ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
88 ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
89 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
90 ARG_DISBL_SET([nonce],          [disable nonce generation plugin.])
91 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
92 ARG_DISBL_SET([revocation],     [disable X509 CRL/OCSP revocation check plugin.])
93 ARG_DISBL_SET([constraints],    [disable advanced X509 constraint checking plugin.])
94 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
95 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
96 ARG_DISBL_SET([pkcs8],          [disable PKCS8 private key decoding plugin.])
97 ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
98 ARG_DISBL_SET([dnskey],         [disable DNS RR key decoding plugin.])
99 ARG_DISBL_SET([pem],            [disable PEM decoding plugin.])
100 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
101 ARG_DISBL_SET([cmac],           [disable CMAC crypto implementation plugin.])
102 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
103 ARG_ENABL_SET([af-alg],         [enable AF_ALG crypto interface to Linux Crypto API.])
104 ARG_ENABL_SET([test-vectors],   [enable plugin providing crypto test vectors.])
105 ARG_ENABL_SET([mysql],          [enable MySQL database support. Requires libmysqlclient_r.])
106 ARG_ENABL_SET([sqlite],         [enable SQLite database support. Requires libsqlite3.])
107 ARG_DISBL_SET([stroke],         [disable charons stroke configuration backend.])
108 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
109 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
110 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
111 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
112 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
113 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
114 ARG_ENABL_SET([unit-tester],    [enable unit tests on IKEv2 daemon startup.])
115 ARG_ENABL_SET([load-tester],    [enable load testing plugin for IKEv2 daemon.])
116 ARG_ENABL_SET([eap-sim],        [enable SIM authentication module for EAP.])
117 ARG_ENABL_SET([eap-sim-file],   [enable EAP-SIM backend based on a triplet file.])
118 ARG_ENABL_SET([eap-sim-pcsc],   [enable EAP-SIM backend based on a smartcard reader. Requires libpcsclite.])
119 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
120 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
121 ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
122 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
123 ARG_ENABL_SET([eap-simaka-reauth],    [enable EAP-SIM/AKA reauthentication data storage plugin.])
124 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
125 ARG_ENABL_SET([eap-md5],        [enable EAP MD5 (CHAP) authentication module.])
126 ARG_ENABL_SET([eap-gtc],        [enable PAM based EAP GTC authentication module.])
127 ARG_ENABL_SET([eap-mschapv2],   [enable EAP MS-CHAPv2 authentication module.])
128 ARG_ENABL_SET([eap-tls],        [enable EAP TLS authentication module.])
129 ARG_ENABL_SET([eap-ttls],       [enable EAP TTLS authentication module.])
130 ARG_ENABL_SET([eap-peap],       [enable EAP PEAP authentication module.])
131 ARG_ENABL_SET([eap-tnc],        [enable EAP TNC trusted network connect module.])
132 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authentication module.])
133 ARG_DISBL_SET([xauth-generic],  [disable generic XAuth backend.])
134 ARG_ENABL_SET([xauth-eap],      [enable XAuth backend using EAP methods to verify passwords.])
135 ARG_ENABL_SET([tnc-ifmap],      [enable TNC IF-MAP module.])
136 ARG_ENABL_SET([tnc-pdp],        [enable TNC policy decision point module.])
137 ARG_ENABL_SET([tnc-imc],        [enable TNC IMC module.])
138 ARG_ENABL_SET([tnc-imv],        [enable TNC IMV module.])
139 ARG_ENABL_SET([tnccs-11],       [enable TNCCS 1.1 protocol module.])
140 ARG_ENABL_SET([tnccs-20],       [enable TNCCS 2.0 protocol module.])
141 ARG_ENABL_SET([tnccs-dynamic],  [enable dynamic TNCCS protocol discovery module.])
142 ARG_ENABL_SET([imc-test],       [enable IMC test module.])
143 ARG_ENABL_SET([imv-test],       [enable IMV test module.])
144 ARG_ENABL_SET([imc-scanner],    [enable IMC port scanner module.])
145 ARG_ENABL_SET([imv-scanner],    [enable IMV port scanner module.])
146 ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.])
147 ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.])
148 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
149 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
150 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
151 ARG_ENABL_SET([kernel-klips],   [enable the KLIPS kernel interface.])
152 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
153 ARG_ENABL_SET([socket-raw],     [enable raw socket implementation of charon])
154 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
155 ARG_ENABL_SET([farp],           [enable ARP faking plugin that responds to ARP requests to peers virtual IP])
156 ARG_ENABL_SET([dumm],           [enable the DUMM UML test framework.])
157 ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ templates.])
158 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
159 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
160 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
161 ARG_DISBL_SET([load-warning],   [disable the charon plugin load option warning in starter.])
162 ARG_DISBL_SET([ikev1],          [disable IKEv1 protocol support in charon.])
163 ARG_DISBL_SET([ikev2],          [disable IKEv2 protocol support in charon.])
164 ARG_DISBL_SET([charon],         [disable the IKEv1/IKEv2 keying daemon charon.])
165 ARG_DISBL_SET([tools],          [disable additional utilities (openac, scepclient and pki).])
166 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
167 ARG_ENABL_SET([conftest],       [enforce Suite B conformance test framework.])
168 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
169 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
170 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
171 ARG_ENABL_SET([dhcp],           [enable DHCP based attribute provider plugin.])
172 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
173 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
174 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
175 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
176 ARG_ENABL_SET([agent],          [enables the ssh-agent signing plugin.])
177 ARG_ENABL_SET([pkcs11],         [enables the PKCS11 token support plugin.])
178 ARG_ENABL_SET([ctr],            [enables the Counter Mode wrapper crypto plugin.])
179 ARG_ENABL_SET([ccm],            [enables the CCM AEAD wrapper crypto plugin.])
180 ARG_ENABL_SET([gcm],            [enables the GCM AEAD wrapper crypto plugin.])
181 ARG_ENABL_SET([addrblock],      [enables RFC 3779 address block constraint support.])
182 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
183 ARG_ENABL_SET([android],        [enable Android specific plugin.])
184 ARG_ENABL_SET([maemo],          [enable Maemo specific plugin.])
185 ARG_ENABL_SET([nm],             [enable NetworkManager backend.])
186 ARG_ENABL_SET([ha],             [enable high availability cluster plugin.])
187 ARG_ENABL_SET([whitelist],      [enable peer identity whitelisting plugin.])
188 ARG_ENABL_SET([certexpire],     [enable CSV export of expiration dates of used certificates.])
189 ARG_ENABL_SET([led],            [enable plugin to control LEDs on IKEv2 activity using the Linux kernel LED subsystem.])
190 ARG_ENABL_SET([duplicheck],     [advanced duplicate checking plugin using liveness checks.])
191 ARG_ENABL_SET([coupling],       [enable IKEv2 plugin to couple peer certificates permanently to authentication.])
192 ARG_ENABL_SET([radattr],        [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.])
193 ARG_ENABL_SET([vstr],           [enforce using the Vstr string library to replace glibc-like printf hooks.])
194 ARG_ENABL_SET([monolithic],     [build monolithic version of libstrongswan that includes all enabled plugins. Similarly, the plugins of charon are assembled in libcharon.])
195
196 dnl =========================
197 dnl  set up compiler and flags
198 dnl =========================
199
200 if test -z "$CFLAGS"; then
201         CFLAGS="-g -O2 -Wall -Wno-format -Wno-pointer-sign"
202 fi
203 AC_PROG_CC
204 AC_LIB_PREFIX
205 AC_C_BIGENDIAN
206
207 dnl =========================
208 dnl  check required programs
209 dnl =========================
210
211 AC_PROG_INSTALL
212 AC_PROG_LIBTOOL
213 AC_PROG_EGREP
214 AC_PROG_AWK
215 AC_PROG_LEX
216 AC_PROG_YACC
217 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
218 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
219
220 dnl because gperf is not needed by end-users we just report it but do not abort on failure
221 AC_MSG_CHECKING([gperf version >= 3.0.0])
222 if test -x "$GPERF"; then
223         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
224                 AC_MSG_RESULT([yes])
225         else
226                 AC_MSG_RESULT([no])
227         fi
228 else
229         AC_MSG_RESULT([not found])
230 fi
231
232 dnl =========================
233 dnl  dependency calculation
234 dnl =========================
235
236 if test x$xauth_generic_given = xfalse -a x$ikev1 = xfalse; then
237         xauth_generic=false;
238 fi
239
240 if test x$eap_aka_3gpp2 = xtrue; then
241         gmp=true;
242 fi
243
244 if test x$eap_aka = xtrue; then
245         fips_prf=true;
246         simaka=true;
247 fi
248
249 if test x$eap_sim = xtrue; then
250         fips_prf=true;
251         simaka=true;
252 fi
253
254 if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue; then
255         tls=true;
256 fi
257
258 if test x$eap_radius = xtrue -o x$radattr = xtrue -o x$tnc_pdp = xtrue; then
259         radius=true;
260 fi
261
262 if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then
263         tnc_tnccs=true;
264 fi
265
266 if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue; then
267         imcv=true;
268 fi
269
270 if test x$imc_attestation = xtrue -o x$imv_attestation = xtrue; then
271         pts=true;
272 fi
273
274 if test x$fips_prf = xtrue; then
275         if test x$openssl = xfalse; then
276                 sha1=true;
277         fi
278 fi
279
280 if test x$smp = xtrue -o x$tnccs_11 = xtrue; then
281         xml=true
282 fi
283
284 if test x$tnc_ifmap = xtrue; then
285         axis2c=true
286 fi
287
288 if test x$manager = xtrue; then
289         fast=true
290 fi
291
292 if test x$medsrv = xtrue; then
293         mediation=true
294         fast=true
295 fi
296
297 if test x$medcli = xtrue; then
298         mediation=true
299 fi
300
301 dnl ===========================================
302 dnl  check required libraries and header files
303 dnl ===========================================
304
305 AC_HEADER_STDBOOL
306 AC_FUNC_ALLOCA
307 AC_FUNC_STRERROR_R
308
309 dnl libraries needed on some platforms but not on others
310 dnl ====================================================
311 saved_LIBS=$LIBS
312
313 dnl FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
314 LIBS=""
315 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
316 AC_SUBST(DLLIB)
317
318 dnl glibc's backtrace() can be replicated on FreeBSD with libexecinfo
319 LIBS=""
320 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
321 AC_CHECK_FUNCS(backtrace)
322 AC_SUBST(BTLIB)
323
324 dnl OpenSolaris needs libsocket and libnsl for socket()
325 LIBS=""
326 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
327         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
328 )
329 AC_SUBST(SOCKLIB)
330
331 dnl FreeBSD has clock_gettime in libc, Linux needs librt
332 LIBS=""
333 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
334 AC_CHECK_FUNCS(clock_gettime)
335 AC_SUBST(RTLIB)
336
337 dnl Android has pthread_* functions in bionic (libc), others need libpthread
338 LIBS=""
339 AC_SEARCH_LIBS(pthread_create, pthread, [PTHREADLIB=$LIBS])
340 AC_SUBST(PTHREADLIB)
341
342 LIBS=$saved_LIBS
343 dnl ======================
344
345 AC_MSG_CHECKING(for dladdr)
346 AC_TRY_COMPILE(
347         [#define _GNU_SOURCE
348          #include <dlfcn.h>],
349         [Dl_info* info = 0;
350          dladdr(0, info);],
351         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR], [], [have dladdr()])],
352         [AC_MSG_RESULT([no])]
353 )
354
355 dnl check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
356 saved_LIBS=$LIBS
357 LIBS=$PTHREADLIB
358 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
359 AC_TRY_RUN(
360         [#include <pthread.h>
361          int main() { pthread_condattr_t attr;
362                 pthread_condattr_init(&attr);
363                 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}],
364         [AC_MSG_RESULT([yes]);
365          AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
366                            [pthread_condattr_setclock supports CLOCK_MONOTONIC])],
367         [AC_MSG_RESULT([no])],
368         dnl Check existence of pthread_condattr_setclock if cross-compiling
369         [AC_MSG_RESULT([unknown]);
370          AC_CHECK_FUNCS(pthread_condattr_setclock,
371                 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
372                                    [have pthread_condattr_setclock()])]
373         )]
374 )
375 dnl check if we actually are able to configure attributes on cond vars
376 AC_CHECK_FUNCS(pthread_condattr_init)
377 dnl instead of pthread_condattr_setclock Android has this function
378 AC_CHECK_FUNCS(pthread_cond_timedwait_monotonic)
379 dnl check if we can cancel threads
380 AC_CHECK_FUNCS(pthread_cancel)
381 dnl check if native rwlocks are available
382 AC_CHECK_FUNCS(pthread_rwlock_init)
383 LIBS=$saved_LIBS
384
385 AC_CHECK_FUNC(
386         [gettid],
387         [AC_DEFINE([HAVE_GETTID], [], [have gettid()])],
388         [AC_MSG_CHECKING([for SYS_gettid])
389          AC_TRY_COMPILE(
390                 [#define _GNU_SOURCE
391                  #include <unistd.h>
392                  #include <sys/syscall.h>],
393                 [int main() {
394                         return syscall(SYS_gettid);}],
395                 [AC_MSG_RESULT([yes]);
396                  AC_DEFINE([HAVE_GETTID], [], [have gettid()])
397                  AC_DEFINE([HAVE_SYS_GETTID], [], [have syscall(SYS_gettid)])],
398                 [AC_MSG_RESULT([no])]
399         )]
400 )
401
402 AC_CHECK_FUNCS(prctl mallinfo getpass closefrom getpwnam_r getgrnam_r)
403
404 AC_CHECK_HEADERS(sys/sockio.h glob.h)
405 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
406
407 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
408 [
409         #include <sys/types.h>
410         #include <sys/socket.h>
411 ])
412
413 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
414 [
415         #include <sys/types.h>
416         #ifdef HAVE_NET_PFKEYV2_H
417         #include <net/pfkeyv2.h>
418         #else
419         #include <stdint.h>
420         #include <linux/pfkeyv2.h>
421         #endif
422 ])
423
424 AC_MSG_CHECKING([for in6addr_any])
425 AC_TRY_COMPILE(
426         [#include <sys/types.h>
427         #include <sys/socket.h>
428         #include <netinet/in.h>],
429         [struct in6_addr in6;
430         in6 = in6addr_any;],
431         [AC_MSG_RESULT([yes]);
432          AC_DEFINE([HAVE_IN6ADDR_ANY], [], [have struct in6_addr in6addr_any])],
433         [AC_MSG_RESULT([no])]
434 )
435
436 AC_MSG_CHECKING([for in6_pktinfo])
437 AC_TRY_COMPILE(
438         [#define _GNU_SOURCE
439         #include <sys/types.h>
440         #include <sys/socket.h>
441         #include <netinet/in.h>],
442         [struct in6_pktinfo pi;
443         if (pi.ipi6_ifindex)
444         {
445                 return 0;
446         }],
447         [AC_MSG_RESULT([yes]);
448          AC_DEFINE([HAVE_IN6_PKTINFO], [], [have struct in6_pktinfo.ipi6_ifindex])],
449         [AC_MSG_RESULT([no])]
450 )
451
452 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
453 AC_TRY_COMPILE(
454         [#include <sys/types.h>
455         #ifdef HAVE_NETIPSEC_IPSEC_H
456         #include <netipsec/ipsec.h>
457         #elif defined(HAVE_NETINET6_IPSEC_H)
458         #include <netinet6/ipsec.h>
459         #else
460         #include <stdint.h>
461         #include <linux/ipsec.h>
462         #endif],
463         [int mode = IPSEC_MODE_BEET;
464          return mode;],
465         [AC_MSG_RESULT([yes]);
466          AC_DEFINE([HAVE_IPSEC_MODE_BEET], [], [have IPSEC_MODE_BEET defined])],
467         [AC_MSG_RESULT([no])]
468 )
469
470 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
471 AC_TRY_COMPILE(
472         [#include <sys/types.h>
473         #ifdef HAVE_NETIPSEC_IPSEC_H
474         #include <netipsec/ipsec.h>
475         #elif defined(HAVE_NETINET6_IPSEC_H)
476         #include <netinet6/ipsec.h>
477         #else
478         #include <stdint.h>
479         #include <linux/ipsec.h>
480         #endif],
481         [int dir = IPSEC_DIR_FWD;
482          return dir;],
483         [AC_MSG_RESULT([yes]);
484          AC_DEFINE([HAVE_IPSEC_DIR_FWD], [], [have IPSEC_DIR_FWD defined])],
485         [AC_MSG_RESULT([no])]
486 )
487
488 AC_MSG_CHECKING([for RTA_TABLE])
489 AC_TRY_COMPILE(
490         [#include <sys/socket.h>
491         #include <linux/netlink.h>
492         #include <linux/rtnetlink.h>],
493         [int rta_type = RTA_TABLE;
494          return rta_type;],
495         [AC_MSG_RESULT([yes]);
496          AC_DEFINE([HAVE_RTA_TABLE], [], [have netlink RTA_TABLE defined])],
497         [AC_MSG_RESULT([no])]
498 )
499
500 AC_MSG_CHECKING([for gcc atomic operations])
501 AC_TRY_RUN(
502 [
503         int main() {
504                 volatile int ref = 1;
505                 __sync_fetch_and_add (&ref, 1);
506                 __sync_sub_and_fetch (&ref, 1);
507                 /* Make sure test fails if operations are not supported */
508                 __sync_val_compare_and_swap(&ref, 1, 0);
509                 return ref;
510         }
511 ],
512 [AC_MSG_RESULT([yes]);
513  AC_DEFINE([HAVE_GCC_ATOMIC_OPERATIONS], [],
514                    [have GCC __sync_* atomic operations])],
515 [AC_MSG_RESULT([no])],
516 [AC_MSG_RESULT([no])])
517
518 dnl check for the new register_printf_specifier function with len argument,
519 dnl or the deprecated register_printf_function without
520 AC_CHECK_FUNC(
521         [register_printf_specifier],
522         [AC_DEFINE([HAVE_PRINTF_SPECIFIER], [], [have register_printf_specifier()])],
523         [AC_CHECK_FUNC(
524                 [register_printf_function],
525                 [AC_DEFINE([HAVE_PRINTF_FUNCTION], [], [have register_printf_function()])],
526                 [
527                         AC_MSG_NOTICE([printf does not support custom format specifiers!])
528                         vstr=true
529                 ]
530         )]
531 )
532
533 if test x$vstr = xtrue; then
534         AC_HAVE_LIBRARY([vstr],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])])
535         AC_DEFINE([USE_VSTR], [], [use vstring library for printf hooks])
536 fi
537
538 if test x$gmp = xtrue; then
539         saved_LIBS=$LIBS
540         AC_HAVE_LIBRARY([gmp],,[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])
541         AC_MSG_CHECKING([mpz_powm_sec])
542         if test x$mpz_powm_sec = xyes; then
543                 AC_TRY_COMPILE(
544                         [#include "gmp.h"],
545                         [
546                                 void *x = mpz_powm_sec;
547                         ],
548                         [AC_MSG_RESULT([yes]);
549                          AC_DEFINE([HAVE_MPZ_POWM_SEC], [], [have mpz_mown_sec()])],
550                         [AC_MSG_RESULT([no])]
551                 )
552         else
553                 AC_MSG_RESULT([disabled])
554         fi
555         LIBS=$saved_LIBS
556         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
557         AC_TRY_COMPILE(
558                 [#include "gmp.h"],
559                 [
560                         #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
561                                 #error bad gmp
562                         #endif
563                 ],
564                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
565         )
566 fi
567
568 if test x$ldap = xtrue; then
569         AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])])
570         AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])])
571         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
572 fi
573
574 if test x$curl = xtrue; then
575         AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])])
576         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
577 fi
578
579 if test x$soup = xtrue; then
580         PKG_CHECK_MODULES(soup, [libsoup-2.4])
581         AC_SUBST(soup_CFLAGS)
582         AC_SUBST(soup_LIBS)
583 fi
584
585 if test x$xml = xtrue; then
586         PKG_CHECK_MODULES(xml, [libxml-2.0])
587         AC_SUBST(xml_CFLAGS)
588         AC_SUBST(xml_LIBS)
589 fi
590
591 if test x$axis2c = xtrue; then
592         PKG_CHECK_MODULES(axis2c, [axis2c])
593         AC_SUBST(axis2c_CFLAGS)
594         AC_SUBST(axis2c_LIBS)
595 fi
596
597 if test x$imc_attestation = xtrue -o x$imv_attestation = xtrue; then
598         AC_HAVE_LIBRARY([tspi],[LIBS="$LIBS"],[AC_MSG_ERROR([TrouSerS library libtspi not found])])
599         AC_CHECK_HEADER([trousers/tss.h],,[AC_MSG_ERROR([TrouSerS header trousers/tss.h not found!])])
600 fi
601
602 if test x$dumm = xtrue; then
603         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
604         AC_SUBST(gtk_CFLAGS)
605         AC_SUBST(gtk_LIBS)
606         AC_CHECK_PROGS(RUBY, ruby)
607         AC_MSG_CHECKING([for Ruby header files])
608         if test -n "$RUBY"; then
609                 RUBYDIR=`($RUBY -rmkmf -e 'print Config::CONFIG[["archdir"]] || $archdir') 2>/dev/null`
610                 if test -n "$RUBYDIR"; then
611                         dirs="$RUBYDIR"
612                         RUBYINCLUDE=none
613                         for i in $dirs; do
614                                 if test -r $i/ruby.h; then
615                                         AC_MSG_RESULT([$i])
616                                         RUBYINCLUDE="-I$i"
617                                         break;
618                                 fi
619                         done
620                         if test x"$RUBYINCLUDE" = xnone; then
621                                 AC_MSG_ERROR([ruby.h not found])
622                         fi
623                         AC_SUBST(RUBYINCLUDE)
624                 else
625                         AC_MSG_ERROR([unable to determine ruby configuration])
626                 fi
627         else
628                 AC_MSG_ERROR([don't know how to run ruby])
629         fi
630 fi
631
632 if test x$fast = xtrue; then
633         AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])])
634         AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])])
635         AC_MSG_CHECKING([ClearSilver requires zlib])
636         saved_CFLAGS=$CFLAGS
637         saved_LIBS=$LIBS
638         LIBS="-lneo_cgi -lneo_cs -lneo_utl"
639         CFLAGS="-I/usr/include/ClearSilver"
640         AC_TRY_LINK(
641                 [#include <ClearSilver.h>],
642                 [
643                         NEOERR *err = cgi_display(NULL, NULL);
644                 ],
645                 [AC_MSG_RESULT([no]); clearsilver_LIBS="$LIBS"],
646                 [AC_MSG_RESULT([yes]); clearsilver_LIBS="$LIBS -lz"]
647         )
648         AC_SUBST(clearsilver_LIBS)
649         LIBS=$saved_LIBS
650         CFLAGS=$saved_CFLAGS
651 dnl autoconf does not like CamelCase!? How to fix this?
652 dnl     AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
653
654         AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])])
655         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
656 fi
657
658 if test x$mysql = xtrue; then
659         AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
660         if test x$MYSQLCONFIG = x; then
661                 AC_MSG_ERROR([mysql_config not found!])
662         fi
663         AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
664         AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
665 fi
666
667 if test x$sqlite = xtrue; then
668         AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])])
669         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
670         AC_MSG_CHECKING([sqlite3_prepare_v2])
671         AC_TRY_COMPILE(
672                 [#include <sqlite3.h>],
673                 [
674                         void *test = sqlite3_prepare_v2;
675                 ],
676                 [AC_MSG_RESULT([yes])];
677                  AC_DEFINE([HAVE_SQLITE3_PREPARE_V2], [], [have sqlite3_prepare_v2()]),
678                 [AC_MSG_RESULT([no])])
679         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
680         AC_TRY_COMPILE(
681                 [#include <sqlite3.h>],
682                 [
683                         #if SQLITE_VERSION_NUMBER < 3003001
684                                 #error bad sqlite
685                         #endif
686                 ],
687                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])])
688 fi
689
690 if test x$openssl = xtrue; then
691         AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])])
692         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
693 fi
694
695 if test x$gcrypt = xtrue; then
696         AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
697         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
698         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
699         AC_TRY_COMPILE(
700                 [#include <gcrypt.h>],
701                 [enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;],
702                 [AC_MSG_RESULT([yes]);
703                  AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA], [], [have GCRY_CIPHER_CAMELLIA128])],
704                 [AC_MSG_RESULT([no])]
705         )
706 fi
707
708 if test x$uci = xtrue; then
709         AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])])
710         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
711 fi
712
713 if test x$android = xtrue; then
714         AC_HAVE_LIBRARY([cutils],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])])
715         AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
716         dnl we have to force the use of libdl here because the autodetection
717         dnl above does not work correctly when cross-compiling for android.
718         DLLIB="-ldl"
719         AC_SUBST(DLLIB)
720 fi
721
722 if test x$maemo = xtrue; then
723         PKG_CHECK_MODULES(maemo, [glib-2.0 gthread-2.0 libosso osso-af-settings])
724         AC_SUBST(maemo_CFLAGS)
725         AC_SUBST(maemo_LIBS)
726         dbusservicedir="/usr/share/dbus-1/system-services"
727         AC_SUBST(dbusservicedir)
728 fi
729
730 if test x$eap_sim_pcsc = xtrue; then
731         PKG_CHECK_MODULES(pcsclite, [libpcsclite])
732         AC_SUBST(pcsclite_CFLAGS)
733         AC_SUBST(pcsclite_LIBS)
734 fi
735
736 if test x$nm = xtrue; then
737         PKG_CHECK_EXISTS([libnm-glib],
738                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-util libnm-glib libnm-glib-vpn])],
739                 [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_util libnm_glib libnm_glib_vpn])]
740         )
741         AC_SUBST(nm_CFLAGS)
742         AC_SUBST(nm_LIBS)
743 fi
744
745 if test x$eap_gtc = xtrue; then
746         AC_HAVE_LIBRARY([pam],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])])
747         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
748 fi
749
750 if test x$capabilities = xnative; then
751         AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead])
752         dnl Linux requires the following for capset(), Android does not have it,
753         dnl but defines capset() in unistd.h instead.
754         AC_CHECK_HEADERS([sys/capability.h])
755         AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])])
756         AC_DEFINE([CAPABILITIES_NATIVE], [], [have native linux capset()])
757 fi
758
759 if test x$capabilities = xlibcap; then
760         AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])])
761         AC_CHECK_HEADER([sys/capability.h],
762                 [AC_DEFINE([HAVE_SYS_CAPABILITY_H], [], [have sys/capability.h])],
763                 [AC_MSG_ERROR([libcap header sys/capability.h not found!])])
764         AC_DEFINE([CAPABILITIES_LIBCAP], [], [have libpcap library])
765 fi
766
767 if test x$integrity_test = xtrue; then
768         AC_MSG_CHECKING([for dladdr()])
769         AC_TRY_COMPILE(
770                 [#define _GNU_SOURCE
771                  #include <dlfcn.h>],
772                 [Dl_info info; dladdr(main, &info);],
773                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
774                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
775         )
776         AC_MSG_CHECKING([for dl_iterate_phdr()])
777         AC_TRY_COMPILE(
778                 [#define _GNU_SOURCE
779                  #include <link.h>],
780                 [dl_iterate_phdr((void*)0, (void*)0);],
781                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
782                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
783         )
784 fi
785
786 CFLAGS="$CFLAGS -include `pwd`/config.h"
787
788 dnl ==============================================
789 dnl  collect plugin list for strongSwan components
790 dnl ==============================================
791
792 m4_include(m4/macros/add-plugin.m4)
793
794 # plugin lists for all components
795 charon_plugins=
796 starter_plugins=
797 pool_plugins=
798 attest_plugins=
799 openac_plugins=
800 scepclient_plugins=
801 pki_plugins=
802 scripts_plugins=
803 manager_plugins=
804 medsrv_plugins=
805 nm_plugins=
806
807 # location specific lists for checksumming,
808 # for src/libcharon, src/libhydra and src/libstrongswan
809 c_plugins=
810 h_plugins=
811 s_plugins=
812
813 ADD_PLUGIN([test-vectors],         [s charon openac scepclient pki])
814 ADD_PLUGIN([curl],                 [s charon scepclient scripts nm])
815 ADD_PLUGIN([soup],                 [s charon scripts nm])
816 ADD_PLUGIN([ldap],                 [s charon scepclient scripts nm])
817 ADD_PLUGIN([mysql],                [s charon pool manager medsrv attest])
818 ADD_PLUGIN([sqlite],               [s charon pool manager medsrv attest])
819 ADD_PLUGIN([pkcs11],               [s charon pki nm])
820 ADD_PLUGIN([aes],                  [s charon openac scepclient pki scripts nm])
821 ADD_PLUGIN([des],                  [s charon openac scepclient pki scripts nm])
822 ADD_PLUGIN([blowfish],             [s charon openac scepclient pki scripts nm])
823 ADD_PLUGIN([sha1],                 [s charon openac scepclient pki scripts medsrv attest nm])
824 ADD_PLUGIN([sha2],                 [s charon openac scepclient pki scripts medsrv attest nm])
825 ADD_PLUGIN([md4],                  [s charon openac manager scepclient pki nm])
826 ADD_PLUGIN([md5],                  [s charon openac scepclient pki scripts attest nm])
827 ADD_PLUGIN([random],               [s charon openac scepclient pki scripts medsrv attest nm])
828 ADD_PLUGIN([nonce],                [s charon nm])
829 ADD_PLUGIN([x509],                 [s charon openac scepclient pki scripts attest nm])
830 ADD_PLUGIN([revocation],           [s charon nm])
831 ADD_PLUGIN([constraints],          [s charon nm])
832 ADD_PLUGIN([pubkey],               [s charon])
833 ADD_PLUGIN([pkcs1],                [s charon openac scepclient pki scripts manager medsrv attest nm])
834 ADD_PLUGIN([pkcs8],                [s charon openac scepclient pki scripts manager medsrv attest nm])
835 ADD_PLUGIN([pgp],                  [s charon])
836 ADD_PLUGIN([dnskey],               [s charon])
837 ADD_PLUGIN([pem],                  [s charon openac scepclient pki scripts manager medsrv attest nm])
838 ADD_PLUGIN([padlock],              [s charon])
839 ADD_PLUGIN([openssl],              [s charon openac scepclient pki scripts manager medsrv attest nm])
840 ADD_PLUGIN([gcrypt],               [s charon openac scepclient pki scripts manager medsrv attest nm])
841 ADD_PLUGIN([af-alg],               [s charon openac scepclient pki scripts medsrv attest nm])
842 ADD_PLUGIN([fips-prf],             [s charon nm])
843 ADD_PLUGIN([gmp],                  [s charon openac scepclient pki scripts manager medsrv attest nm])
844 ADD_PLUGIN([agent],                [s charon nm])
845 ADD_PLUGIN([xcbc],                 [s charon nm])
846 ADD_PLUGIN([cmac],                 [s charon nm])
847 ADD_PLUGIN([hmac],                 [s charon scripts nm])
848 ADD_PLUGIN([ctr],                  [s charon scripts nm])
849 ADD_PLUGIN([ccm],                  [s charon scripts nm])
850 ADD_PLUGIN([gcm],                  [s charon scripts nm])
851 ADD_PLUGIN([attr],                 [h charon])
852 ADD_PLUGIN([attr-sql],             [h charon])
853 ADD_PLUGIN([load-tester],          [c charon])
854 ADD_PLUGIN([kernel-pfkey],         [h charon starter nm])
855 ADD_PLUGIN([kernel-pfroute],       [h charon starter nm])
856 ADD_PLUGIN([kernel-klips],         [h charon starter])
857 ADD_PLUGIN([kernel-netlink],       [h charon starter nm])
858 ADD_PLUGIN([resolve],              [h charon])
859 ADD_PLUGIN([socket-default],       [c charon nm])
860 ADD_PLUGIN([socket-raw],           [c charon nm])
861 ADD_PLUGIN([socket-dynamic],       [c charon])
862 ADD_PLUGIN([farp],                 [c charon])
863 ADD_PLUGIN([stroke],               [c charon])
864 ADD_PLUGIN([smp],                  [c charon])
865 ADD_PLUGIN([sql],                  [c charon])
866 ADD_PLUGIN([updown],               [c charon])
867 ADD_PLUGIN([eap-identity],         [c charon nm])
868 ADD_PLUGIN([eap-sim],              [c charon])
869 ADD_PLUGIN([eap-sim-file],         [c charon])
870 ADD_PLUGIN([eap-sim-pcsc],         [c charon])
871 ADD_PLUGIN([eap-aka],              [c charon])
872 ADD_PLUGIN([eap-aka-3gpp2],        [c charon])
873 ADD_PLUGIN([eap-simaka-sql],       [c charon])
874 ADD_PLUGIN([eap-simaka-pseudonym], [c charon])
875 ADD_PLUGIN([eap-simaka-reauth],    [c charon])
876 ADD_PLUGIN([eap-md5],              [c charon nm])
877 ADD_PLUGIN([eap-gtc],              [c charon nm])
878 ADD_PLUGIN([eap-mschapv2],         [c charon nm])
879 ADD_PLUGIN([eap-radius],           [c charon])
880 ADD_PLUGIN([eap-tls],              [c charon nm])
881 ADD_PLUGIN([eap-ttls],             [c charon nm])
882 ADD_PLUGIN([eap-peap],             [c charon nm])
883 ADD_PLUGIN([eap-tnc],              [c charon])
884 ADD_PLUGIN([xauth-generic],        [c charon])
885 ADD_PLUGIN([xauth-eap],            [c charon])
886 ADD_PLUGIN([tnc-ifmap],            [c charon])
887 ADD_PLUGIN([tnc-pdp],              [c charon])
888 ADD_PLUGIN([tnc-imc],              [c charon])
889 ADD_PLUGIN([tnc-imv],              [c charon])
890 ADD_PLUGIN([tnc-tnccs],            [c charon])
891 ADD_PLUGIN([tnccs-20],             [c charon])
892 ADD_PLUGIN([tnccs-11],             [c charon])
893 ADD_PLUGIN([tnccs-dynamic],        [c charon])
894 ADD_PLUGIN([medsrv],               [c charon])
895 ADD_PLUGIN([medcli],               [c charon])
896 ADD_PLUGIN([dhcp],                 [c charon])
897 ADD_PLUGIN([android],              [c charon])
898 ADD_PLUGIN([ha],                   [c charon])
899 ADD_PLUGIN([whitelist],            [c charon])
900 ADD_PLUGIN([certexpire],           [c charon])
901 ADD_PLUGIN([led],                  [c charon])
902 ADD_PLUGIN([duplicheck],           [c charon])
903 ADD_PLUGIN([coupling],             [c charon])
904 ADD_PLUGIN([radattr],              [c charon])
905 ADD_PLUGIN([maemo],                [c charon])
906 ADD_PLUGIN([uci],                  [c charon])
907 ADD_PLUGIN([addrblock],            [c charon])
908 ADD_PLUGIN([unit-tester],          [c charon])
909
910 AC_SUBST(charon_plugins)
911 AC_SUBST(starter_plugins)
912 AC_SUBST(pool_plugins)
913 AC_SUBST(attest_plugins)
914 AC_SUBST(openac_plugins)
915 AC_SUBST(scepclient_plugins)
916 AC_SUBST(pki_plugins)
917 AC_SUBST(scripts_plugins)
918 AC_SUBST(manager_plugins)
919 AC_SUBST(medsrv_plugins)
920 AC_SUBST(nm_plugins)
921
922 AC_SUBST(c_plugins)
923 AC_SUBST(p_plugins)
924 AC_SUBST(h_plugins)
925 AC_SUBST(s_plugins)
926
927 dnl =========================
928 dnl  set Makefile.am vars
929 dnl =========================
930
931 dnl libstrongswan plugins
932 dnl =====================
933 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
934 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
935 AM_CONDITIONAL(USE_SOUP, test x$soup = xtrue)
936 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
937 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
938 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
939 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
940 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
941 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
942 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
943 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
944 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
945 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
946 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
947 AM_CONDITIONAL(USE_NONCE, test x$nonce = xtrue)
948 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
949 AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue)
950 AM_CONDITIONAL(USE_CONSTRAINTS, test x$constraints = xtrue)
951 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
952 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
953 AM_CONDITIONAL(USE_PKCS8, test x$pkcs8 = xtrue)
954 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
955 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
956 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
957 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
958 AM_CONDITIONAL(USE_CMAC, test x$cmac = xtrue)
959 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
960 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
961 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
962 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
963 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
964 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
965 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
966 AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue)
967 AM_CONDITIONAL(USE_CTR, test x$ctr = xtrue)
968 AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue)
969 AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
970 AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
971
972 dnl charon plugins
973 dnl ==============
974 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
975 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
976 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
977 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
978 AM_CONDITIONAL(USE_ANDROID, test x$android = xtrue)
979 AM_CONDITIONAL(USE_MAEMO, test x$maemo = xtrue)
980 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
981 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
982 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
983 AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue)
984 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unit_tester = xtrue)
985 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
986 AM_CONDITIONAL(USE_HA, test x$ha = xtrue)
987 AM_CONDITIONAL(USE_WHITELIST, test x$whitelist = xtrue)
988 AM_CONDITIONAL(USE_CERTEXPIRE, test x$certexpire = xtrue)
989 AM_CONDITIONAL(USE_LED, test x$led = xtrue)
990 AM_CONDITIONAL(USE_DUPLICHECK, test x$duplicheck = xtrue)
991 AM_CONDITIONAL(USE_COUPLING, test x$coupling = xtrue)
992 AM_CONDITIONAL(USE_RADATTR, test x$radattr = xtrue)
993 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
994 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
995 AM_CONDITIONAL(USE_EAP_SIM_PCSC, test x$eap_sim_pcsc = xtrue)
996 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
997 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
998 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
999 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
1000 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
1001 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
1002 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
1003 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
1004 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
1005 AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue)
1006 AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue)
1007 AM_CONDITIONAL(USE_EAP_PEAP, test x$eap_peap = xtrue)
1008 AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue)
1009 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
1010 AM_CONDITIONAL(USE_XAUTH_GENERIC, test x$xauth_generic = xtrue)
1011 AM_CONDITIONAL(USE_XAUTH_EAP, test x$xauth_eap = xtrue)
1012 AM_CONDITIONAL(USE_TNC_IFMAP, test x$tnc_ifmap = xtrue)
1013 AM_CONDITIONAL(USE_TNC_PDP, test x$tnc_pdp = xtrue)
1014 AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
1015 AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue)
1016 AM_CONDITIONAL(USE_TNC_TNCCS, test x$tnc_tnccs = xtrue)
1017 AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue)
1018 AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue)
1019 AM_CONDITIONAL(USE_TNCCS_DYNAMIC, test x$tnccs_dynamic = xtrue)
1020 AM_CONDITIONAL(USE_IMC_TEST, test x$imc_test = xtrue)
1021 AM_CONDITIONAL(USE_IMV_TEST, test x$imv_test = xtrue)
1022 AM_CONDITIONAL(USE_IMC_SCANNER, test x$imc_scanner = xtrue)
1023 AM_CONDITIONAL(USE_IMV_SCANNER, test x$imv_scanner = xtrue)
1024 AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue)
1025 AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue)
1026 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
1027 AM_CONDITIONAL(USE_SOCKET_RAW, test x$socket_raw = xtrue)
1028 AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
1029 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
1030 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
1031
1032 dnl hydra plugins
1033 dnl =============
1034 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
1035 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue)
1036 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
1037 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
1038 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
1039 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
1040 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
1041
1042 dnl other options
1043 dnl =============
1044 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
1045 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
1046 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
1047 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
1048 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
1049 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
1050 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
1051 AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
1052 AM_CONDITIONAL(USE_IKEV1, test x$ikev1 = xtrue)
1053 AM_CONDITIONAL(USE_IKEV2, test x$ikev2 = xtrue)
1054 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
1055 AM_CONDITIONAL(USE_ADNS, test x$adns = xtrue)
1056 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
1057 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
1058 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
1059 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
1060 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
1061 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue)
1062 AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue)
1063 AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue)
1064 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
1065 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
1066 AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
1067 AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$tools = xtrue -o x$conftest = xtrue)
1068 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
1069 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
1070 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
1071 AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
1072 AM_CONDITIONAL(USE_RADIUS, test x$radius = xtrue)
1073 AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
1074 AM_CONDITIONAL(USE_PTS, test x$pts = xtrue)
1075 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
1076
1077 dnl ==============================
1078 dnl  set global definitions
1079 dnl ==============================
1080
1081 if test x$mediation = xtrue; then
1082         AC_DEFINE([ME], [], [mediation extension support])
1083 fi
1084 if test x$capabilities = xlibcap -o x$capabilities = xnative; then
1085         AC_DEFINE([CAPABILITIES], [], [capability dropping support])
1086 fi
1087 if test x$monolithic = xtrue; then
1088         AC_DEFINE([MONOLITHIC], [], [monolithic build embedding plugins])
1089 fi
1090 if test x$ikev1 = xtrue; then
1091         AC_DEFINE([USE_IKEV1], [], [support for IKEv1 protocol])
1092 fi
1093 if test x$ikev2 = xtrue; then
1094         AC_DEFINE([USE_IKEV2], [], [support for IKEv2 protocol])
1095 fi
1096
1097 dnl ==============================
1098 dnl  build Makefiles
1099 dnl ==============================
1100
1101 AC_OUTPUT(
1102         Makefile
1103         man/Makefile
1104         init/Makefile
1105         init/systemd/Makefile
1106         src/Makefile
1107         src/include/Makefile
1108         src/libstrongswan/Makefile
1109         src/libstrongswan/plugins/aes/Makefile
1110         src/libstrongswan/plugins/cmac/Makefile
1111         src/libstrongswan/plugins/des/Makefile
1112         src/libstrongswan/plugins/blowfish/Makefile
1113         src/libstrongswan/plugins/md4/Makefile
1114         src/libstrongswan/plugins/md5/Makefile
1115         src/libstrongswan/plugins/sha1/Makefile
1116         src/libstrongswan/plugins/sha2/Makefile
1117         src/libstrongswan/plugins/fips_prf/Makefile
1118         src/libstrongswan/plugins/gmp/Makefile
1119         src/libstrongswan/plugins/random/Makefile
1120         src/libstrongswan/plugins/nonce/Makefile
1121         src/libstrongswan/plugins/hmac/Makefile
1122         src/libstrongswan/plugins/xcbc/Makefile
1123         src/libstrongswan/plugins/x509/Makefile
1124         src/libstrongswan/plugins/revocation/Makefile
1125         src/libstrongswan/plugins/constraints/Makefile
1126         src/libstrongswan/plugins/pubkey/Makefile
1127         src/libstrongswan/plugins/pkcs1/Makefile
1128         src/libstrongswan/plugins/pkcs8/Makefile
1129         src/libstrongswan/plugins/pgp/Makefile
1130         src/libstrongswan/plugins/dnskey/Makefile
1131         src/libstrongswan/plugins/pem/Makefile
1132         src/libstrongswan/plugins/curl/Makefile
1133         src/libstrongswan/plugins/soup/Makefile
1134         src/libstrongswan/plugins/ldap/Makefile
1135         src/libstrongswan/plugins/mysql/Makefile
1136         src/libstrongswan/plugins/sqlite/Makefile
1137         src/libstrongswan/plugins/padlock/Makefile
1138         src/libstrongswan/plugins/openssl/Makefile
1139         src/libstrongswan/plugins/gcrypt/Makefile
1140         src/libstrongswan/plugins/agent/Makefile
1141         src/libstrongswan/plugins/pkcs11/Makefile
1142         src/libstrongswan/plugins/ctr/Makefile
1143         src/libstrongswan/plugins/ccm/Makefile
1144         src/libstrongswan/plugins/gcm/Makefile
1145         src/libstrongswan/plugins/af_alg/Makefile
1146         src/libstrongswan/plugins/test_vectors/Makefile
1147         src/libhydra/Makefile
1148         src/libhydra/plugins/attr/Makefile
1149         src/libhydra/plugins/attr_sql/Makefile
1150         src/libhydra/plugins/kernel_klips/Makefile
1151         src/libhydra/plugins/kernel_netlink/Makefile
1152         src/libhydra/plugins/kernel_pfkey/Makefile
1153         src/libhydra/plugins/kernel_pfroute/Makefile
1154         src/libhydra/plugins/resolve/Makefile
1155         src/libsimaka/Makefile
1156         src/libtls/Makefile
1157         src/libradius/Makefile
1158         src/libtncif/Makefile
1159         src/libtnccs/Makefile
1160         src/libpts/Makefile
1161         src/libpts/plugins/imc_attestation/Makefile
1162         src/libpts/plugins/imv_attestation/Makefile
1163         src/libimcv/Makefile
1164         src/libimcv/plugins/imc_test/Makefile
1165         src/libimcv/plugins/imv_test/Makefile
1166         src/libimcv/plugins/imc_scanner/Makefile
1167         src/libimcv/plugins/imv_scanner/Makefile
1168         src/charon/Makefile
1169         src/charon-nm/Makefile
1170         src/libcharon/Makefile
1171         src/libcharon/plugins/eap_aka/Makefile
1172         src/libcharon/plugins/eap_aka_3gpp2/Makefile
1173         src/libcharon/plugins/eap_identity/Makefile
1174         src/libcharon/plugins/eap_md5/Makefile
1175         src/libcharon/plugins/eap_gtc/Makefile
1176         src/libcharon/plugins/eap_sim/Makefile
1177         src/libcharon/plugins/eap_sim_file/Makefile
1178         src/libcharon/plugins/eap_sim_pcsc/Makefile
1179         src/libcharon/plugins/eap_simaka_sql/Makefile
1180         src/libcharon/plugins/eap_simaka_pseudonym/Makefile
1181         src/libcharon/plugins/eap_simaka_reauth/Makefile
1182         src/libcharon/plugins/eap_mschapv2/Makefile
1183         src/libcharon/plugins/eap_tls/Makefile
1184         src/libcharon/plugins/eap_ttls/Makefile
1185         src/libcharon/plugins/eap_peap/Makefile
1186         src/libcharon/plugins/eap_tnc/Makefile
1187         src/libcharon/plugins/eap_radius/Makefile
1188         src/libcharon/plugins/xauth_generic/Makefile
1189         src/libcharon/plugins/xauth_eap/Makefile
1190         src/libcharon/plugins/tnc_ifmap/Makefile
1191         src/libcharon/plugins/tnc_pdp/Makefile
1192         src/libcharon/plugins/tnc_imc/Makefile
1193         src/libcharon/plugins/tnc_imv/Makefile
1194         src/libcharon/plugins/tnc_tnccs/Makefile
1195         src/libcharon/plugins/tnccs_11/Makefile
1196         src/libcharon/plugins/tnccs_20/Makefile
1197         src/libcharon/plugins/tnccs_dynamic/Makefile
1198         src/libcharon/plugins/socket_default/Makefile
1199         src/libcharon/plugins/socket_raw/Makefile
1200         src/libcharon/plugins/socket_dynamic/Makefile
1201         src/libcharon/plugins/farp/Makefile
1202         src/libcharon/plugins/smp/Makefile
1203         src/libcharon/plugins/sql/Makefile
1204         src/libcharon/plugins/medsrv/Makefile
1205         src/libcharon/plugins/medcli/Makefile
1206         src/libcharon/plugins/addrblock/Makefile
1207         src/libcharon/plugins/uci/Makefile
1208         src/libcharon/plugins/ha/Makefile
1209         src/libcharon/plugins/whitelist/Makefile
1210         src/libcharon/plugins/certexpire/Makefile
1211         src/libcharon/plugins/led/Makefile
1212         src/libcharon/plugins/duplicheck/Makefile
1213         src/libcharon/plugins/coupling/Makefile
1214         src/libcharon/plugins/radattr/Makefile
1215         src/libcharon/plugins/android/Makefile
1216         src/libcharon/plugins/maemo/Makefile
1217         src/libcharon/plugins/stroke/Makefile
1218         src/libcharon/plugins/updown/Makefile
1219         src/libcharon/plugins/dhcp/Makefile
1220         src/libcharon/plugins/unit_tester/Makefile
1221         src/libcharon/plugins/load_tester/Makefile
1222         src/stroke/Makefile
1223         src/ipsec/Makefile
1224         src/starter/Makefile
1225         src/_updown/Makefile
1226         src/_updown_espmark/Makefile
1227         src/_copyright/Makefile
1228         src/openac/Makefile
1229         src/scepclient/Makefile
1230         src/pki/Makefile
1231         src/dumm/Makefile
1232         src/dumm/ext/extconf.rb
1233         src/libfast/Makefile
1234         src/manager/Makefile
1235         src/medsrv/Makefile
1236         src/checksum/Makefile
1237         src/conftest/Makefile
1238         scripts/Makefile
1239         testing/Makefile
1240 )