diff options
Diffstat (limited to 'configure.in')
| -rw-r--r-- | configure.in | 65 |
1 files changed, 53 insertions, 12 deletions
diff --git a/configure.in b/configure.in index efcccbb42..d829071ea 100644 --- a/configure.in +++ b/configure.in @@ -16,7 +16,7 @@ dnl =========================== dnl initialize & set some vars dnl =========================== -AC_INIT(strongSwan,4.4.0) +AC_INIT(strongSwan,4.4.1) AM_INIT_AUTOMAKE(tar-ustar) AC_CONFIG_MACRO_DIR([m4/config]) PKG_PROG_PKG_CONFIG @@ -40,7 +40,7 @@ ARG_WITH_SUBST([linux-headers], [\${top_srcdir}/src/include], [set director ARG_WITH_SUBST([routing-table], [220], [set routing table to use for IPsec routes]) ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table]) -ARG_WITH_SET([capabilities], [no], [set capability dropping library. Currently only the value "libcap" is supported]) +ARG_WITH_SET([capabilities], [no], [set capability dropping library. Currently supported values are "libcap" and "native"]) ARG_WITH_SET([mpz_powm_sec], [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available]) AC_ARG_WITH( @@ -78,6 +78,7 @@ ARG_DISBL_SET([fips-prf], [disable FIPS PRF software implementation plugin ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.]) ARG_DISBL_SET([random], [disable RNG implementation on top of /dev/(u)random.]) ARG_DISBL_SET([x509], [disable X509 certificate implementation plugin.]) +ARG_DISBL_SET([revocation], [disable X509 CRL/OCSP revocation check plugin.]) ARG_DISBL_SET([pubkey], [disable RAW public key support plugin.]) ARG_DISBL_SET([pkcs1], [disable PKCS1 key decoding plugin.]) ARG_DISBL_SET([pgp], [disable PGP key decoding plugin.]) @@ -101,6 +102,7 @@ ARG_ENABL_SET([unit-tests], [enable unit tests on IKEv2 daemon startup.]) ARG_ENABL_SET([load-tester], [enable load testing plugin for IKEv2 daemon.]) ARG_ENABL_SET([eap-sim], [enable SIM authenication module for EAP.]) ARG_ENABL_SET([eap-sim-file], [enable EAP-SIM backend based on a triplet file.]) +ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.]) ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.]) ARG_ENABL_SET([eap-simaka-reauth], [enable EAP-SIM/AKA reauthentication data storage plugin.]) ARG_ENABL_SET([eap-identity], [enable EAP module providing EAP-Identity helper.]) @@ -126,7 +128,9 @@ ARG_ENABL_SET([fast], [enable libfast (FastCGI Application Server w/ t ARG_ENABL_SET([manager], [enable web management console (proof of concept).]) ARG_ENABL_SET([mediation], [enable IKEv2 Mediation Extension.]) ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.]) +ARG_DISBL_SET([load-warning], [disable the charon/pluto plugin load option warning in starter.]) ARG_DISBL_SET([pluto], [disable the IKEv1 keying daemon pluto.]) +ARG_DISBL_SET([xauth], [disable xauth plugin.]) ARG_DISBL_SET([threads], [disable the use of threads in pluto. Charon always uses threads.]) ARG_DISBL_SET([charon], [disable the IKEv2 keying daemon charon.]) ARG_DISBL_SET([tools], [disable additional utilities (openac, scepclient and pki).]) @@ -140,6 +144,7 @@ ARG_ENABL_SET([padlock], [enables VIA Padlock crypto plugin.]) ARG_ENABL_SET([openssl], [enables the OpenSSL crypto plugin.]) ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.]) ARG_ENABL_SET([agent], [enables the ssh-agent signing plugin.]) +ARG_ENABL_SET([addrblock], [enables RFC 3779 address block constraint support.]) ARG_ENABL_SET([uci], [enable OpenWRT UCI configuration plugin.]) ARG_ENABL_SET([android], [enable Android specific plugin.]) ARG_ENABL_SET([nm], [enable NetworkManager plugin.]) @@ -334,6 +339,8 @@ LIBS=$saved_LIBS AC_CHECK_FUNCS(prctl) +AC_CHECK_FUNCS(mallinfo) + AC_CHECK_HEADERS(sys/sockio.h) AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h) @@ -572,7 +579,7 @@ if test x$openssl = xtrue; then fi if test x$gcrypt = xtrue; then - AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])]) + AC_HAVE_LIBRARY([gcrypt],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error]) AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])]) AC_MSG_CHECKING([gcrypt CAMELLIA cipher]) AC_TRY_COMPILE( @@ -611,9 +618,21 @@ if test x$eap_gtc = xtrue; then AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])]) fi +if test x$capabilities = xnative; then + AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead]) + dnl Linux requires the following for capset(), Android does not have it, + dnl but defines capset() in unistd.h instead. + AC_CHECK_HEADERS([sys/capability.h]) + AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])]) + AC_DEFINE(CAPABILITIES_NATIVE) +fi + if test x$capabilities = xlibcap; then AC_HAVE_LIBRARY([cap],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])]) - AC_CHECK_HEADER([sys/capability.h],,[AC_MSG_ERROR([libcap header sys/capability.h not found!])]) + AC_CHECK_HEADER([sys/capability.h], + [AC_DEFINE(HAVE_SYS_CAPABILITY_H)], + [AC_MSG_ERROR([libcap header sys/capability.h not found!])]) + AC_DEFINE(CAPABILITIES_LIBCAP) fi if test x$integrity_test = xtrue; then @@ -690,6 +709,9 @@ if test x$x509 = xtrue; then libstrongswan_plugins=${libstrongswan_plugins}" x509" pluto_plugins=${pluto_plugins}" x509" fi +if test x$revocation = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" revocation" +fi if test x$pubkey = xtrue; then libstrongswan_plugins=${libstrongswan_plugins}" pubkey" pluto_plugins=${pluto_plugins}" pubkey" @@ -746,13 +768,17 @@ if test x$gmp = xtrue; then libstrongswan_plugins=${libstrongswan_plugins}" gmp" pluto_plugins=${pluto_plugins}" gmp" fi +if test x$xauth = xtrue; then + pluto_plugins=${pluto_plugins}" xauth" +fi if test x$attr = xtrue; then libhydra_plugins=${libhydra_plugins}" attr" - pluto_plugins=${pluto_plugins}" attr" fi if test x$attr_sql = xtrue -o x$sql = xtrue; then libhydra_plugins=${libhydra_plugins}" attr-sql" - pluto_plugins=${pluto_plugins}" attr-sql" +fi +if test x$resolve = xtrue; then + libhydra_plugins=${libhydra_plugins}" resolve" fi AC_SUBST(libstrongswan_plugins) @@ -779,6 +805,7 @@ AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue) AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue) AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue) AM_CONDITIONAL(USE_X509, test x$x509 = xtrue) +AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue) AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue) AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue) AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue) @@ -788,7 +815,6 @@ AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue) AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue) AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue) AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue) -AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue) AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue) AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue) AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue) @@ -805,14 +831,13 @@ AM_CONDITIONAL(USE_ANDROID, test x$android = xtrue) AM_CONDITIONAL(USE_SMP, test x$smp = xtrue) AM_CONDITIONAL(USE_SQL, test x$sql = xtrue) AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue) -AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue) AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue) -AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue) AM_CONDITIONAL(USE_UNIT_TESTS, test x$unit_tests = xtrue) AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue) AM_CONDITIONAL(USE_HA, test x$ha = xtrue) AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue) AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue) +AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue) AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue) AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue) AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue) @@ -830,6 +855,17 @@ AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue) AM_CONDITIONAL(USE_SOCKET_RAW, test x$socket_raw = xtrue) AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue) AM_CONDITIONAL(USE_FARP, test x$farp = xtrue) +AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue) + +dnl hydra plugins +dnl ============= +AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue) +AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue) +AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue) + +dnl pluto plugins +dnl ============= +AM_CONDITIONAL(USE_XAUTH, test x$xauth = xtrue) dnl other options dnl ============= @@ -845,7 +881,7 @@ AM_CONDITIONAL(USE_FAST, test x$fast = xtrue) AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue) AM_CONDITIONAL(USE_ME, test x$mediation = xtrue) AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue) -AM_CONDITIONAL(USE_CAPABILITIES, test x$capabilities = xlibcap) +AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue) AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue) AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue) AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue) @@ -854,6 +890,7 @@ AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue) AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pluto = xtrue -o x$tools = xtrue) AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$pluto = xtrue) AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue) +AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap) AM_CONDITIONAL(USE_VSTR, test x$vstr = xtrue) AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue) AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue) @@ -865,7 +902,7 @@ dnl ============================== if test x$mediation = xtrue; then AC_DEFINE(ME) fi -if test x$capabilities = xlibcap; then +if test x$capabilities = xlibcap -o x$capabilities = xnative; then AC_DEFINE(CAPABILITIES) fi if test x$monolithic = xtrue; then @@ -895,6 +932,7 @@ AC_OUTPUT( src/libstrongswan/plugins/hmac/Makefile src/libstrongswan/plugins/xcbc/Makefile src/libstrongswan/plugins/x509/Makefile + src/libstrongswan/plugins/revocation/Makefile src/libstrongswan/plugins/pubkey/Makefile src/libstrongswan/plugins/pkcs1/Makefile src/libstrongswan/plugins/pgp/Makefile @@ -912,9 +950,11 @@ AC_OUTPUT( src/libhydra/Makefile src/libhydra/plugins/attr/Makefile src/libhydra/plugins/attr_sql/Makefile + src/libhydra/plugins/resolve/Makefile src/libfreeswan/Makefile src/libsimaka/Makefile src/pluto/Makefile + src/pluto/plugins/xauth/Makefile src/whack/Makefile src/charon/Makefile src/libcharon/Makefile @@ -925,6 +965,7 @@ AC_OUTPUT( src/libcharon/plugins/eap_gtc/Makefile src/libcharon/plugins/eap_sim/Makefile src/libcharon/plugins/eap_sim_file/Makefile + src/libcharon/plugins/eap_simaka_sql/Makefile src/libcharon/plugins/eap_simaka_pseudonym/Makefile src/libcharon/plugins/eap_simaka_reauth/Makefile src/libcharon/plugins/eap_mschapv2/Makefile @@ -942,13 +983,13 @@ AC_OUTPUT( src/libcharon/plugins/medsrv/Makefile src/libcharon/plugins/medcli/Makefile src/libcharon/plugins/nm/Makefile + src/libcharon/plugins/addrblock/Makefile src/libcharon/plugins/uci/Makefile src/libcharon/plugins/ha/Makefile src/libcharon/plugins/android/Makefile src/libcharon/plugins/stroke/Makefile src/libcharon/plugins/updown/Makefile src/libcharon/plugins/dhcp/Makefile - src/libcharon/plugins/resolve/Makefile src/libcharon/plugins/unit_tester/Makefile src/libcharon/plugins/load_tester/Makefile src/stroke/Makefile |