Added a libsimaka library with shared message handling code for EAP-SIM/AKA
[strongswan.git] / configure.in
1 dnl  configure.in for linux strongSwan
2 dnl  Copyright (C) 2006 Martin Willi
3 dnl  Hochschule fuer Technik Rapperswil
4 dnl
5 dnl  This program is free software; you can redistribute it and/or modify it
6 dnl  under the terms of the GNU General Public License as published by the
7 dnl  Free Software Foundation; either version 2 of the License, or (at your
8 dnl  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9 dnl
10 dnl  This program is distributed in the hope that it will be useful, but
11 dnl  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 dnl  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13 dnl  for more details.
14
15 dnl ===========================
16 dnl  initialize & set some vars
17 dnl ===========================
18
19 AC_INIT(strongSwan,4.3.6)
20 AM_INIT_AUTOMAKE(tar-ustar)
21 AC_CONFIG_MACRO_DIR([m4/config])
22 PKG_PROG_PKG_CONFIG
23
24 dnl =================================
25 dnl  check --enable-xxx & --with-xxx
26 dnl =================================
27
28 m4_include(m4/macros/with.m4)
29
30 ARG_WITH_SUBST([default-pkcs11],     [/usr/lib/opensc-pkcs11.so], [set the default PKCS11 library])
31 ARG_WITH_SUBST([random-device],      [/dev/random], [set the device to read real random data from])
32 ARG_WITH_SUBST([urandom-device],     [/dev/urandom], [set the device to read pseudo random data from])
33 ARG_WITH_SUBST([strongswan-conf],    [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
34 ARG_WITH_SUBST([resolv-conf],        [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
35 ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX socket files])
36 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
37 ARG_WITH_SUBST([plugindir],          [${ipsecdir%/}/plugins], [set the installation path of plugins])
38 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM plugin uses to look up trusted root certificates])
39 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
40 ARG_WITH_SUBST([routing-table],      [220], [set routing table to use for IPsec routes])
41 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
42
43 ARG_WITH_SET([capabilities],         [no], [set capability dropping library. Currently only the value "libcap" is supported])
44
45 AC_ARG_WITH(
46         [xauth-module],
47         AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]),
48         [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")],
49 )
50
51 AC_ARG_WITH(
52         [user],
53         AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
54         [AC_DEFINE_UNQUOTED(IPSEC_USER, "$withval") AC_SUBST(ipsecuser, "$withval")],
55         [AC_SUBST(ipsecuser, "root")]
56 )
57
58 AC_ARG_WITH(
59         [group],
60         AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
61         [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval") AC_SUBST(ipsecgroup, "$withval")],
62         [AC_SUBST(ipsecgroup, "root")]
63 )
64
65 m4_include(m4/macros/enable-disable.m4)
66
67 ARG_ENABL_SET([curl],           [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
68 ARG_ENABL_SET([ldap],           [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
69 ARG_DISBL_SET([aes],            [disable AES software implementation plugin.])
70 ARG_DISBL_SET([des],            [disable DES/3DES software implementation plugin.])
71 ARG_ENABL_SET([blowfish],       [enable Blowfish software implementation plugin.])
72 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
73 ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
74 ARG_DISBL_SET([sha1],           [disable SHA1 software implementation plugin.])
75 ARG_DISBL_SET([sha2],           [disable SHA256/SHA384/SHA512 software implementation plugin.])
76 ARG_DISBL_SET([fips-prf],       [disable FIPS PRF software implementation plugin.])
77 ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
78 ARG_DISBL_SET([random],         [disable RNG implementation on top of /dev/(u)random.])
79 ARG_DISBL_SET([x509],           [disable X509 certificate implementation plugin.])
80 ARG_DISBL_SET([pubkey],         [disable RAW public key support plugin.])
81 ARG_DISBL_SET([pkcs1],          [disable PKCS1 key decoding plugin.])
82 ARG_DISBL_SET([pgp],            [disable PGP key decoding plugin.])
83 ARG_DISBL_SET([dnskey],         [disable DNS RR key decoding plugin.])
84 ARG_DISBL_SET([pem],            [disable PEM decoding plugin.])
85 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
86 ARG_DISBL_SET([xcbc],           [disable xcbc crypto implementation plugin.])
87 ARG_ENABL_SET([test-vectors],   [enable plugin providing crypto test vectors.])
88 ARG_ENABL_SET([mysql],          [enable MySQL database support. Requires libmysqlclient_r.])
89 ARG_ENABL_SET([sqlite],         [enable SQLite database support. Requires libsqlite3.])
90 ARG_DISBL_SET([stroke],         [disable charons stroke (pluto compatibility) configuration backend.])
91 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
92 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
93 ARG_ENABL_SET([smp],            [enable SMP configuration and control interface. Requires libxml.])
94 ARG_ENABL_SET([sql],            [enable SQL database configuration backend.])
95 ARG_ENABL_SET([smartcard],      [enable smartcard support.])
96 ARG_ENABL_SET([cisco-quirks],   [enable support of Cisco VPN client.])
97 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
98 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
99 ARG_ENABL_SET([unit-tests],     [enable unit tests on IKEv2 daemon startup.])
100 ARG_ENABL_SET([load-tester],    [enable load testing plugin for IKEv2 daemon.])
101 ARG_ENABL_SET([eap-sim],        [enable SIM authenication module for EAP.])
102 ARG_ENABL_SET([eap-sim-file],   [enable EAP-SIM backend based on a triplet file.])
103 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
104 ARG_ENABL_SET([eap-md5],        [enable EAP MD5 (CHAP) authenication module.])
105 ARG_ENABL_SET([eap-gtc],        [enable PAM based EAP GTC authenication module.])
106 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
107 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
108 ARG_ENABL_SET([eap-mschapv2],   [enable EAP MS-CHAPv2 authenication module.])
109 ARG_ENABL_SET([eap-radius],     [enable RADIUS proxy authenication module.])
110 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
111 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
112 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
113 ARG_ENABL_SET([kernel-klips],   [enable the KLIPS kernel interface.])
114 ARG_ENABL_SET([nat-transport],  [enable NAT traversal with IPsec transport mode in pluto.])
115 ARG_DISBL_SET([vendor-id],      [disable the sending of the strongSwan vendor ID in pluto.])
116 ARG_DISBL_SET([xauth-vid],      [disable the sending of the XAUTH vendor ID.])
117 ARG_ENABL_SET([dumm],           [enable the DUMM UML test framework.])
118 ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ templates.])
119 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
120 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
121 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
122 ARG_DISBL_SET([pluto],          [disable the IKEv1 keying daemon pluto.])
123 ARG_DISBL_SET([threads],        [disable the use of threads in pluto. Charon always uses threads.])
124 ARG_DISBL_SET([charon],         [disable the IKEv2 keying daemon charon.])
125 ARG_DISBL_SET([tools],          [disable additional utilities (openac, scepclient and pki).])
126 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
127 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
128 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
129 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
130 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
131 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
132 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
133 ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
134 ARG_ENABL_SET([agent],          [enables the ssh-agent signing plugin.])
135 ARG_ENABL_SET([uci],            [enable OpenWRT UCI configuration plugin.])
136 ARG_ENABL_SET([nm],             [enable NetworkManager plugin.])
137 ARG_ENABL_SET([vstr],           [enforce using the Vstr string library to replace glibc-like printf hooks.])
138
139 dnl =========================
140 dnl  set up compiler and flags
141 dnl =========================
142
143 if test -z "$CFLAGS"; then
144         CFLAGS="-g -O2 -Wall -Wno-format -Wno-pointer-sign -Wno-strict-aliasing"
145 fi
146 AC_PROG_CC
147 AC_LIB_PREFIX
148 AC_C_BIGENDIAN
149
150 dnl =========================
151 dnl  check required programs
152 dnl =========================
153
154 AC_PROG_INSTALL
155 AC_PROG_LIBTOOL
156 AC_PROG_EGREP
157 AC_PROG_AWK
158 AC_PROG_LEX
159 AC_PROG_YACC
160 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
161 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
162
163 dnl because gperf is not needed by end-users we just report it but do not abort on failure
164 AC_MSG_CHECKING([gperf version >= 3.0.0])
165 if test -x "$GPERF"; then
166         if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
167                 AC_MSG_RESULT([yes])
168         else
169                 AC_MSG_RESULT([no])
170         fi
171 else
172         AC_MSG_RESULT([not found])
173 fi
174
175 dnl translate user/group to numercial ids
176 AC_MSG_CHECKING([for uid of user "$ipsecuser"])
177 ipsecuid=`id -u $ipsecuser 2>/dev/null`
178 if test -n "$ipsecuid"; then
179         AC_MSG_RESULT([$ipsecuid])
180         AC_SUBST(ipsecuid)
181 else
182         AC_MSG_ERROR([not found])
183 fi
184 AC_MSG_CHECKING([for gid of group "$ipsecgroup"])
185 ipsecgid=`$EGREP "^$ipsecgroup:" /etc/group | $AWK -F: '{ print $3 }'`
186 if test -n "$ipsecgid"; then
187         AC_MSG_RESULT([$ipsecgid])
188         AC_SUBST(ipsecgid)
189 else
190         AC_MSG_ERROR([not found])
191 fi
192
193 dnl =========================
194 dnl  dependency calculation
195 dnl =========================
196
197 if test x$eap_aka_3gpp2 = xtrue; then
198         gmp=true;
199 fi
200
201 if test x$eap_aka = xtrue; then
202         fips_prf=true;
203         sha1=true;
204         simaka=true;
205 fi
206
207 if test x$eap_sim = xtrue; then
208         fips_prf=true;
209         simaka=true;
210 fi
211
212 if test x$fips_prf = xtrue; then
213         sha1=true;
214 fi
215
216 if test x$smp = xtrue; then
217         xml=true
218 fi
219
220 if test x$manager = xtrue; then
221         fast=true
222 fi
223
224 if test x$medsrv = xtrue; then
225         mediation=true
226         fast=true
227 fi
228
229 if test x$medcli = xtrue; then
230         mediation=true
231 fi
232
233 dnl ===========================================
234 dnl  check required libraries and header files
235 dnl ===========================================
236
237 AC_HEADER_STDBOOL
238 AC_FUNC_ALLOCA
239
240 dnl libraries needed on some platforms but not on others
241 dnl ====================================================
242 saved_LIBS=$LIBS
243
244 dnl FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
245 LIBS=""
246 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
247 AC_SUBST(DLLIB)
248
249 dnl glibc's backtrace() can be replicated on FreeBSD with libexecinfo
250 LIBS=""
251 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
252 AC_CHECK_FUNCS(backtrace)
253 AC_SUBST(BTLIB)
254
255 dnl OpenSolaris needs libsocket and libnsl for socket()
256 LIBS=""
257 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
258         [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
259 )
260 AC_SUBST(SOCKLIB)
261
262 dnl FreeBSD has clock_gettime in libc, Linux needs librt
263 LIBS=""
264 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
265 AC_CHECK_FUNCS(clock_gettime)
266 AC_SUBST(RTLIB)
267
268 LIBS=$saved_LIBS
269 dnl ======================
270
271 AC_MSG_CHECKING(for dladdr)
272 AC_TRY_COMPILE(
273         [#define _GNU_SOURCE
274          #include <dlfcn.h>],
275         [Dl_info* info = 0;
276          dladdr(0, info);],
277         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR])],
278         [AC_MSG_RESULT([no])]
279 )
280
281 dnl check if pthread_condattr_setclock(CLOCK_MONOTONE) is supported
282 saved_LIBS=$LIBS
283 LIBS="-lpthread"
284 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONE)])
285 AC_TRY_RUN(
286         [#include <pthread.h>
287          int main() { pthread_condattr_t attr;
288                 pthread_condattr_init(&attr);
289                 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}],
290         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])],
291         [AC_MSG_RESULT([no])],
292         dnl Check existence of pthread_condattr_setclock if cross-compiling
293         [AC_MSG_RESULT([unknown]);
294          AC_CHECK_FUNCS(pthread_condattr_setclock,
295                 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC])]
296         )]
297 )
298
299 LIBS=$saved_LIBS
300
301 AC_CHECK_FUNCS(prctl)
302
303 AC_CHECK_HEADERS(sys/sockio.h)
304 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
305
306 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
307 [
308         #include <sys/types.h>
309         #include <sys/socket.h>
310 ])
311
312 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
313 [
314         #include <sys/types.h>
315         #ifdef HAVE_NET_PFKEYV2_H
316         #include <net/pfkeyv2.h>
317         #else
318         #include <stdint.h>
319         #include <linux/pfkeyv2.h>
320         #endif
321 ])
322
323 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
324 AC_TRY_COMPILE(
325         [#include <sys/types.h>
326         #ifdef HAVE_NETIPSEC_IPSEC_H
327         #include <netipsec/ipsec.h>
328         #elif defined(HAVE_NETINET6_IPSEC_H)
329         #include <netinet6/ipsec.h>
330         #else
331         #include <stdint.h>
332         #include <linux/ipsec.h>
333         #endif],
334         [int mode = IPSEC_MODE_BEET;
335          return mode;],
336         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_MODE_BEET])],
337         [AC_MSG_RESULT([no])]
338 )
339
340 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
341 AC_TRY_COMPILE(
342         [#include <sys/types.h>
343         #ifdef HAVE_NETIPSEC_IPSEC_H
344         #include <netipsec/ipsec.h>
345         #elif defined(HAVE_NETINET6_IPSEC_H)
346         #include <netinet6/ipsec.h>
347         #else
348         #include <stdint.h>
349         #include <linux/ipsec.h>
350         #endif],
351         [int dir = IPSEC_DIR_FWD;
352          return dir;],
353         [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_IPSEC_DIR_FWD])],
354         [AC_MSG_RESULT([no])]
355 )
356
357 AC_MSG_CHECKING([for gcc atomic operations])
358 AC_TRY_RUN(
359 [
360         int main() {
361                 volatile int ref = 1;
362                 __sync_fetch_and_add (&ref, 1);
363                 __sync_sub_and_fetch (&ref, 1);
364                 /* Make sure test fails if operations are not supported */
365                 __sync_val_compare_and_swap(&ref, 1, 0);
366                 return ref;
367         }
368 ],
369 [AC_MSG_RESULT([yes]); AC_DEFINE(HAVE_GCC_ATOMIC_OPERATIONS)],
370 [AC_MSG_RESULT([no])],
371 [AC_MSG_RESULT([no])])
372
373 AC_CHECK_FUNC(
374         [register_printf_function],
375         [AC_DEFINE(HAVE_PRINTF_HOOKS)],
376         [
377                 AC_MSG_NOTICE([printf does not support custom format specifiers!])
378                 vstr=true
379         ]
380 )
381
382 if test x$vstr = xtrue; then
383         AC_HAVE_LIBRARY([vstr],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])])
384         AC_DEFINE(USE_VSTR)
385 fi
386
387 if test x$gmp = xtrue; then
388         AC_HAVE_LIBRARY([gmp],[LIBS="$LIBS"],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])])
389         AC_MSG_CHECKING([gmp.h version >= 4.1.4])
390         AC_TRY_COMPILE(
391                 [#include "gmp.h"],
392                 [
393                         #if (__GNU_MP_VERSION*100 +  __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
394                                 #error bad gmp
395                         #endif
396                 ],
397                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
398         )
399 fi
400
401 if test x$ldap = xtrue; then
402         AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])])
403         AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])])
404         AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
405 fi
406
407 if test x$curl = xtrue; then
408         AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])])
409         AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
410 fi
411
412 if test x$xml = xtrue; then
413         PKG_CHECK_MODULES(xml, [libxml-2.0])
414         AC_SUBST(xml_CFLAGS)
415         AC_SUBST(xml_LIBS)
416 fi
417
418 if test x$dumm = xtrue; then
419         PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
420         AC_SUBST(gtk_CFLAGS)
421         AC_SUBST(gtk_LIBS)
422         AC_CHECK_PROGS(RUBY, ruby)
423         AC_MSG_CHECKING([for Ruby header files])
424         if test -n "$RUBY"; then
425                 RUBYDIR=`($RUBY -rmkmf -e 'print Config::CONFIG[["archdir"]] || $archdir') 2>/dev/null`
426                 if test -n "$RUBYDIR"; then
427                         dirs="$RUBYDIR"
428                         RUBYINCLUDE=none
429                         for i in $dirs; do
430                                 if test -r $i/ruby.h; then
431                                         AC_MSG_RESULT([$i])
432                                         RUBYINCLUDE="-I$i"
433                                         break;
434                                 fi
435                         done
436                         if test x"$RUBYINCLUDE" = xnone; then
437                                 AC_MSG_ERROR([ruby.h not found])
438                         fi
439                         AC_SUBST(RUBYINCLUDE)
440                 else
441                         AC_MSG_ERROR([unable to determine ruby configuration])
442                 fi
443         else
444                 AC_MSG_ERROR([don't know how to run ruby])
445         fi
446 fi
447
448 if test x$fast = xtrue; then
449         AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])])
450         AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])])
451         AC_HAVE_LIBRARY([z],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver dependency zlib not found!])])
452 dnl autoconf does not like CamelCase!? How to fix this?
453 dnl     AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])])
454
455         AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])])
456         AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
457 fi
458
459 if test x$mysql = xtrue; then
460         AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
461         if test x$MYSQLCONFIG = x; then
462                 AC_MSG_ERROR([mysql_config not found!])
463         fi
464         AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
465         AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
466 fi
467
468 if test x$sqlite = xtrue; then
469         AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])])
470         AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
471         AC_MSG_CHECKING([sqlite3_prepare_v2])
472         AC_TRY_COMPILE(
473                 [#include <sqlite3.h>],
474                 [
475                         void *test = sqlite3_prepare_v2;
476                 ],
477                 [AC_MSG_RESULT([yes])]; AC_DEFINE_UNQUOTED(HAVE_SQLITE3_PREPARE_V2, 1), [AC_MSG_RESULT([no])])
478         AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
479         AC_TRY_COMPILE(
480                 [#include <sqlite3.h>],
481                 [
482                         #if SQLITE_VERSION_NUMBER < 3003001
483                                 #error bad sqlite
484                         #endif
485                 ],
486                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])])
487 fi
488
489 if test x$openssl = xtrue; then
490         AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])])
491         AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
492 fi
493
494 if test x$gcrypt = xtrue; then
495         AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])])
496         AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
497         AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
498         AC_TRY_COMPILE(
499                 [#include <gcrypt.h>],
500                 [enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;],
501                 [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA])],
502                 [AC_MSG_RESULT([no])]
503         )
504 fi
505
506 if test x$uci = xtrue; then
507         AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])])
508         AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
509 fi
510
511 if test x$nm = xtrue; then
512         PKG_CHECK_MODULES(nm, [NetworkManager libnm_glib_vpn gthread-2.0])
513         AC_SUBST(nm_CFLAGS)
514         AC_SUBST(nm_LIBS)
515 fi
516
517 if test x$eap_gtc = xtrue; then
518         AC_HAVE_LIBRARY([pam],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])])
519         AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
520 fi
521
522 if test x$capabilities = xlibcap; then
523         AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])])
524         AC_CHECK_HEADER([sys/capability.h],,[AC_MSG_ERROR([libcap header sys/capability.h not found!])])
525 fi
526
527 if test x$integrity_test = xtrue; then
528         AC_MSG_CHECKING([for dladdr()])
529         AC_TRY_COMPILE(
530                 [#define _GNU_SOURCE
531                  #include <dlfcn.h>],
532                 [Dl_info info; dladdr(main, &info);],
533                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
534                  AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
535         )
536         AC_MSG_CHECKING([for dl_iterate_phdr()])
537         AC_TRY_COMPILE(
538                 [#define _GNU_SOURCE
539                  #include <link.h>],
540                 [dl_iterate_phdr((void*)0, (void*)0);],
541                 [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]);
542                  AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
543         )
544 fi
545
546 dnl ======================================
547 dnl  collect all plugins for libstrongswan
548 dnl ======================================
549
550 libstrongswan_plugins=
551 pluto_plugins=
552
553 if test x$test_vectors = xtrue; then
554         libstrongswan_plugins=${libstrongswan_plugins}" test-vectors"
555         pluto_plugins=${pluto_plugins}" test-vectors"
556 fi
557 if test x$curl = xtrue; then
558         libstrongswan_plugins=${libstrongswan_plugins}" curl"
559         pluto_plugins=${pluto_plugins}" curl"
560 fi
561 if test x$ldap = xtrue; then
562         libstrongswan_plugins=${libstrongswan_plugins}" ldap"
563         pluto_plugins=${pluto_plugins}" ldap"
564 fi
565 if test x$aes = xtrue; then
566         libstrongswan_plugins=${libstrongswan_plugins}" aes"
567         pluto_plugins=${pluto_plugins}" aes"
568 fi
569 if test x$des = xtrue; then
570         libstrongswan_plugins=${libstrongswan_plugins}" des"
571         pluto_plugins=${pluto_plugins}" des"
572 fi
573 if test x$blowfish = xtrue; then
574         libstrongswan_plugins=${libstrongswan_plugins}" blowfish"
575         pluto_plugins=${pluto_plugins}" blowfish"
576 fi
577 if test x$sha1 = xtrue; then
578         libstrongswan_plugins=${libstrongswan_plugins}" sha1"
579         pluto_plugins=${pluto_plugins}" sha1"
580 fi
581 if test x$sha2 = xtrue; then
582         libstrongswan_plugins=${libstrongswan_plugins}" sha2"
583         pluto_plugins=${pluto_plugins}" sha2"
584 fi
585 if test x$md4 = xtrue; then
586         libstrongswan_plugins=${libstrongswan_plugins}" md4"
587 fi
588 if test x$md5 = xtrue; then
589         libstrongswan_plugins=${libstrongswan_plugins}" md5"
590         pluto_plugins=${pluto_plugins}" md5"
591 fi
592 if test x$fips_prf = xtrue; then
593         libstrongswan_plugins=${libstrongswan_plugins}" fips-prf"
594 fi
595 if test x$random = xtrue; then
596         libstrongswan_plugins=${libstrongswan_plugins}" random"
597         pluto_plugins=${pluto_plugins}" random"
598 fi
599 if test x$x509 = xtrue; then
600         libstrongswan_plugins=${libstrongswan_plugins}" x509"
601         pluto_plugins=${pluto_plugins}" x509"
602 fi
603 if test x$pubkey = xtrue; then
604         libstrongswan_plugins=${libstrongswan_plugins}" pubkey"
605         pluto_plugins=${pluto_plugins}" pubkey"
606 fi
607 if test x$pkcs1 = xtrue; then
608         libstrongswan_plugins=${libstrongswan_plugins}" pkcs1"
609         pluto_plugins=${pluto_plugins}" pkcs1"
610 fi
611 if test x$pgp = xtrue; then
612         libstrongswan_plugins=${libstrongswan_plugins}" pgp"
613         pluto_plugins=${pluto_plugins}" pgp"
614 fi
615 if test x$dnskey = xtrue; then
616         libstrongswan_plugins=${libstrongswan_plugins}" dnskey"
617         pluto_plugins=${pluto_plugins}" dnskey"
618 fi
619 if test x$pem = xtrue; then
620         libstrongswan_plugins=${libstrongswan_plugins}" pem"
621         pluto_plugins=${pluto_plugins}" pem"
622 fi
623 if test x$mysql = xtrue; then
624         libstrongswan_plugins=${libstrongswan_plugins}" mysql"
625         pluto_plugins=${pluto_plugins}" mysql"
626 fi
627 if test x$sqlite = xtrue; then
628         libstrongswan_plugins=${libstrongswan_plugins}" sqlite"
629         pluto_plugins=${pluto_plugins}" sqlite"
630 fi
631 if test x$attr_sql = xtrue -o x$sql = xtrue; then
632         libstrongswan_plugins=${libstrongswan_plugins}" attr-sql"
633         pluto_plugins=${pluto_plugins}" attr-sql"
634 fi
635 if test x$padlock = xtrue; then
636         libstrongswan_plugins=${libstrongswan_plugins}" padlock"
637 fi
638 if test x$openssl = xtrue; then
639         libstrongswan_plugins=${libstrongswan_plugins}" openssl"
640         pluto_plugins=${pluto_plugins}" openssl"
641 fi
642 if test x$gcrypt = xtrue; then
643         libstrongswan_plugins=${libstrongswan_plugins}" gcrypt"
644         pluto_plugins=${pluto_plugins}" gcrypt"
645 fi
646 if test x$xcbc = xtrue; then
647         libstrongswan_plugins=${libstrongswan_plugins}" xcbc"
648 fi
649 if test x$hmac = xtrue; then
650         libstrongswan_plugins=${libstrongswan_plugins}" hmac"
651         pluto_plugins=${pluto_plugins}" hmac"
652 fi
653 if test x$agent = xtrue; then
654         libstrongswan_plugins=${libstrongswan_plugins}" agent"
655 fi
656 if test x$gmp = xtrue; then
657         libstrongswan_plugins=${libstrongswan_plugins}" gmp"
658         pluto_plugins=${pluto_plugins}" gmp"
659 fi
660
661 AC_SUBST(libstrongswan_plugins)
662 AC_SUBST(pluto_plugins)
663
664 dnl =========================
665 dnl  set Makefile.am vars
666 dnl =========================
667
668 dnl libstrongswan plugins
669 dnl =====================
670 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
671 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
672 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
673 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
674 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
675 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
676 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
677 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
678 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
679 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
680 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
681 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
682 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
683 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
684 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
685 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
686 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
687 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
688 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
689 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
690 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
691 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
692 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
693 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue)
694 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
695 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
696 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
697 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
698
699 dnl charon plugins
700 dnl ==============
701 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
702 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
703 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
704 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
705 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
706 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
707 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
708 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
709 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
710 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
711 AM_CONDITIONAL(USE_UNIT_TESTS, test x$unit_tests = xtrue)
712 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
713 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
714 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
715 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
716 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
717 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
718 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
719 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
720 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
721 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
722 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
723 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
724 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
725 AM_CONDITIONAL(USE_KERNEL_KLIPS, test x$kernel_klips = xtrue)
726
727 dnl other options
728 dnl =============
729 AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue)
730 AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue)
731 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
732 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
733 AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue)
734 AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue)
735 AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue)
736 AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
737 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
738 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
739 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
740 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
741 AM_CONDITIONAL(USE_CAPABILITIES, test x$capabilities = xlibcap)
742 AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)
743 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
744 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
745 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
746 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
747 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$tools = xtrue)
748 AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue)
749 AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue)
750 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
751
752 dnl ==============================
753 dnl  set global definitions
754 dnl ==============================
755
756 if test x$mediation = xtrue; then
757         AC_DEFINE(ME)
758 fi
759 if test x$capabilities = xlibcap; then
760         AC_DEFINE(CAPABILITIES)
761 fi
762
763 dnl ==============================
764 dnl  build Makefiles
765 dnl ==============================
766
767 AC_OUTPUT(
768         Makefile
769         src/Makefile
770         src/include/Makefile
771         src/libstrongswan/Makefile
772         src/libstrongswan/plugins/aes/Makefile
773         src/libstrongswan/plugins/des/Makefile
774         src/libstrongswan/plugins/blowfish/Makefile
775         src/libstrongswan/plugins/md4/Makefile
776         src/libstrongswan/plugins/md5/Makefile
777         src/libstrongswan/plugins/sha1/Makefile
778         src/libstrongswan/plugins/sha2/Makefile
779         src/libstrongswan/plugins/fips_prf/Makefile
780         src/libstrongswan/plugins/gmp/Makefile
781         src/libstrongswan/plugins/random/Makefile
782         src/libstrongswan/plugins/hmac/Makefile
783         src/libstrongswan/plugins/xcbc/Makefile
784         src/libstrongswan/plugins/x509/Makefile
785         src/libstrongswan/plugins/pubkey/Makefile
786         src/libstrongswan/plugins/pkcs1/Makefile
787         src/libstrongswan/plugins/pgp/Makefile
788         src/libstrongswan/plugins/dnskey/Makefile
789         src/libstrongswan/plugins/pem/Makefile
790         src/libstrongswan/plugins/curl/Makefile
791         src/libstrongswan/plugins/ldap/Makefile
792         src/libstrongswan/plugins/mysql/Makefile
793         src/libstrongswan/plugins/sqlite/Makefile
794         src/libstrongswan/plugins/attr_sql/Makefile
795         src/libstrongswan/plugins/padlock/Makefile
796         src/libstrongswan/plugins/openssl/Makefile
797         src/libstrongswan/plugins/gcrypt/Makefile
798         src/libstrongswan/plugins/agent/Makefile
799         src/libstrongswan/plugins/test_vectors/Makefile
800         src/libfreeswan/Makefile
801         src/libsimaka/Makefile
802         src/pluto/Makefile
803         src/whack/Makefile
804         src/charon/Makefile
805         src/charon/plugins/eap_aka/Makefile
806         src/charon/plugins/eap_aka_3gpp2/Makefile
807         src/charon/plugins/eap_identity/Makefile
808         src/charon/plugins/eap_md5/Makefile
809         src/charon/plugins/eap_gtc/Makefile
810         src/charon/plugins/eap_sim/Makefile
811         src/charon/plugins/eap_sim_file/Makefile
812         src/charon/plugins/eap_mschapv2/Makefile
813         src/charon/plugins/eap_radius/Makefile
814         src/charon/plugins/kernel_netlink/Makefile
815         src/charon/plugins/kernel_pfkey/Makefile
816         src/charon/plugins/kernel_pfroute/Makefile
817         src/charon/plugins/kernel_klips/Makefile
818         src/charon/plugins/smp/Makefile
819         src/charon/plugins/sql/Makefile
820         src/charon/plugins/medsrv/Makefile
821         src/charon/plugins/medcli/Makefile
822         src/charon/plugins/nm/Makefile
823         src/charon/plugins/uci/Makefile
824         src/charon/plugins/stroke/Makefile
825         src/charon/plugins/updown/Makefile
826         src/charon/plugins/attr/Makefile
827         src/charon/plugins/resolve/Makefile
828         src/charon/plugins/unit_tester/Makefile
829         src/charon/plugins/load_tester/Makefile
830         src/stroke/Makefile
831         src/ipsec/Makefile
832         src/starter/Makefile
833         src/_updown/Makefile
834         src/_updown_espmark/Makefile
835         src/_copyright/Makefile
836         src/openac/Makefile
837         src/scepclient/Makefile
838         src/pki/Makefile
839         src/dumm/Makefile
840         src/dumm/ext/extconf.rb
841         src/libfast/Makefile
842         src/manager/Makefile
843         src/medsrv/Makefile
844         src/checksum/Makefile
845         scripts/Makefile
846         testing/Makefile
847 )