diff options
Diffstat (limited to 'configure.in')
| -rw-r--r-- | configure.in | 968 |
1 files changed, 681 insertions, 287 deletions
diff --git a/configure.in b/configure.in index 39623eba0..7c9db68ae 100644 --- a/configure.in +++ b/configure.in @@ -16,382 +16,552 @@ dnl =========================== dnl initialize & set some vars dnl =========================== -AC_INIT(strongSwan,4.1.11) +AC_INIT(strongSwan,4.2.4) AM_INIT_AUTOMAKE(tar-ustar) AC_C_BIGENDIAN AC_SUBST(confdir, '${sysconfdir}') +PKG_PROG_PKG_CONFIG dnl ================================= dnl check --enable-xxx & --with-xxx dnl ================================= - AC_ARG_WITH( - [default-pkcs11], - AS_HELP_STRING([--with-default-pkcs11=lib],[set the default PKCS11 library other than "/usr/lib/opensc-pkcs11.so"]), - [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "$withval")], - [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "/usr/lib/opensc-pkcs11.so")] + [default-pkcs11], + AS_HELP_STRING([--with-default-pkcs11=lib],[set the default PKCS11 library other than "/usr/lib/opensc-pkcs11.so"]), + [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "$withval")], + [AC_DEFINE_UNQUOTED(PKCS11_DEFAULT_LIB, "/usr/lib/opensc-pkcs11.so")] ) AC_ARG_WITH( - [xauth-module], - AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]), - [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")], + [xauth-module], + AS_HELP_STRING([--with-xauth-module=lib],[set the path to the XAUTH module]), + [AC_DEFINE_UNQUOTED(XAUTH_DEFAULT_LIB, "$withval")], ) AC_ARG_WITH( - [random-device], - AS_HELP_STRING([--with-random-device=dev],[set the device for real random data other than "/dev/random"]), - [AC_DEFINE_UNQUOTED(DEV_RANDOM, "$withval")], - [AC_DEFINE_UNQUOTED(DEV_RANDOM, "/dev/random")] + [random-device], + AS_HELP_STRING([--with-random-device=dev],[set the device for real random data other than "/dev/random"]), + [AC_DEFINE_UNQUOTED(DEV_RANDOM, "$withval")], + [AC_DEFINE_UNQUOTED(DEV_RANDOM, "/dev/random")] ) AC_ARG_WITH( - [resolv-conf], - AS_HELP_STRING([--with-resolv-conf=file],[set the file to store DNS server information other than "sysconfdir/resolv.conf"]), - [AC_DEFINE_UNQUOTED(RESOLV_CONF, "$withval")], - [AC_DEFINE_UNQUOTED(RESOLV_CONF, "${sysconfdir}/resolv.conf")] + [resolv-conf], + AS_HELP_STRING([--with-resolv-conf=file],[set the file to store DNS server information other than "sysconfdir/resolv.conf"]), + [AC_SUBST(resolv_conf, "$withval")], + [AC_SUBST(resolv_conf, "${sysconfdir}/resolv.conf")] ) AC_ARG_WITH( - [urandom-device], - AS_HELP_STRING([--with-urandom-device=dev],[set the device for pseudo random data other than "/dev/urandom"]), - [AC_DEFINE_UNQUOTED(DEV_URANDOM, "$withval")], - [AC_DEFINE_UNQUOTED(DEV_URANDOM, "/dev/urandom")] + [strongswan-conf], + AS_HELP_STRING([--with-strongswan-conf=file],[strongswan.conf file other than "sysconfdir/strongswan.conf"]), + [AC_SUBST(strongswan_conf, "$withval")], + [AC_SUBST(strongswan_conf, "${sysconfdir}/strongswan.conf")] ) AC_ARG_WITH( - [piddir], - AS_HELP_STRING([--with-piddir=dir],[path for PID and UNIX socket files other than "/var/run"]), - [AC_SUBST(piddir, "$withval")], - [AC_SUBST(piddir, "/var/run")] + [urandom-device], + AS_HELP_STRING([--with-urandom-device=dev],[set the device for pseudo random data other than "/dev/urandom"]), + [AC_DEFINE_UNQUOTED(DEV_URANDOM, "$withval")], + [AC_DEFINE_UNQUOTED(DEV_URANDOM, "/dev/urandom")] ) AC_ARG_WITH( - [ipsecdir], - AS_HELP_STRING([--with-ipsecdir=dir],[installation path for ipsec tools other than "libexecdir/ipsec"]), - [AC_SUBST(ipsecdir, "$withval")], - [AC_SUBST(ipsecdir, "${libexecdir}/ipsec")] + [piddir], + AS_HELP_STRING([--with-piddir=dir],[path for PID and UNIX socket files other than "/var/run"]), + [AC_SUBST(piddir, "$withval")], + [AC_SUBST(piddir, "/var/run")] ) AC_ARG_WITH( - [plugindir], - AS_HELP_STRING([--with-plugindir=dir],[installation path for plugins other than "ipsecdir/plugins"]), - [AC_SUBST(plugindir, "$withval")], - [AC_SUBST(plugindir, "${ipsecdir}/plugins")] + [ipsecdir], + AS_HELP_STRING([--with-ipsecdir=dir],[installation path for ipsec tools other than "libexecdir/ipsec"]), + [AC_SUBST(ipsecdir, "$withval")], + [AC_SUBST(ipsecdir, "${libexecdir}/ipsec")] ) +AC_SUBST(plugindir, "${ipsecdir}/plugins") AC_ARG_WITH( - [eapdir], - AS_HELP_STRING([--with-eapdir=dir],[path for pluggable EAP modules other than "plugindir/eap"]), - [AC_SUBST(eapdir, "$withval")], - [AC_SUBST(eapdir, "${plugindir}/eap")] + [plugindir], + AS_HELP_STRING([--with-plugindir=dir],[installation path for plugins other than "ipsecdir/plugins"]), + [AC_SUBST(plugindir, "$withval")], + [AC_SUBST(plugindir, "${ipsecdir}/plugins")] ) AC_ARG_WITH( - [backenddir], - AS_HELP_STRING([--with-backenddir=dir],[path for pluggable configuration backend modules other than "plugindir/backends"]), - [AC_SUBST(backenddir, "$withval")], - [AC_SUBST(backenddir, "${plugindir}/backends")] + [sim-reader], + AS_HELP_STRING([--with-sim-reader=library.so],[library containing the sim_run_alg()/sim_get_triplet() function for EAP-SIM]), + [AC_SUBST(simreader, "$withval")], + [AC_SUBST(simreader, "${plugindir}/libeapsim-file.so")] ) AC_ARG_WITH( - [interfacedir], - AS_HELP_STRING([--with-interfacedir=dir],[path for pluggable control interface modules other than "plugindir/interfaces"]), - [AC_SUBST(interfacedir, "$withval")], - [AC_SUBST(interfacedir, "${plugindir}/interfaces")] + [linux-headers], + AS_HELP_STRING([--with-linux-headers=dir],[use the linux header files in dir instead of the supplied ones in "src/include"]), + [AC_SUBST(linuxdir, "$withval")], [AC_SUBST(linuxdir, "../include")] ) +AC_SUBST(LINUX_HEADERS) AC_ARG_WITH( - [sim-reader], - AS_HELP_STRING([--with-sim-reader=library.so],[library containing the sim_run_alg()/sim_get_triplet() function for EAP-SIM]), - [AC_SUBST(simreader, "$withval")], - [AC_SUBST(simreader, "${plugindir}/libcharon-eapsim-file.so")] + [routing-table], + AS_HELP_STRING([--with-routing-table=num],[use routing table for IPsec routes (default: 220)]), + [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, $withval) AC_SUBST(IPSEC_ROUTING_TABLE, "$withval")], + [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, 220) AC_SUBST(IPSEC_ROUTING_TABLE, "220")] ) AC_ARG_WITH( - [linux-headers], - AS_HELP_STRING([--with-linux-headers=dir],[use the linux header files in dir instead of the supplied ones in "src/include"]), - [AC_SUBST(linuxdir, "$withval")], [AC_SUBST(linuxdir, "../include")] + [routing-table-prio], + AS_HELP_STRING([--with-routing-table-prio=prio],[priority for IPsec routing table (default: 220)]), + [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, $withval) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "$withval")], + [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, 220) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "220")] ) -AC_SUBST(LINUX_HEADERS) AC_ARG_WITH( - [routing-table], - AS_HELP_STRING([--with-routing-table=num],[use routing table for IPsec routes (default: 220)]), - [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, $withval) AC_SUBST(IPSEC_ROUTING_TABLE, "$withval")], - [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE, 220) AC_SUBST(IPSEC_ROUTING_TABLE, "220")] + [uid],,[AC_MSG_ERROR([--with-uid is gone, use --with-user instead!])] ) AC_ARG_WITH( - [routing-table-prio], - AS_HELP_STRING([--with-routing-table-prio=prio],[priority for IPsec routing table (default: 220)]), - [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, $withval) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "$withval")], - [AC_DEFINE_UNQUOTED(IPSEC_ROUTING_TABLE_PRIO, 220) AC_SUBST(IPSEC_ROUTING_TABLE_PRIO, "220")] + [gid],,[AC_MSG_ERROR([--with-gid is gone, use --with-group instead!])] ) AC_ARG_WITH( - [uid], - AS_HELP_STRING([--with-uid=uid],[change user of the daemons to UID after startup (default is 0).]), - [AC_DEFINE_UNQUOTED(IPSEC_UID, $withval) AC_SUBST(ipsecuid, "$withval")], - [AC_DEFINE_UNQUOTED(IPSEC_UID, 0) AC_SUBST(ipsecuid, "0")] + [user], + AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is 0).]), + [AC_DEFINE_UNQUOTED(IPSEC_USER, "$withval") AC_SUBST(ipsecuser, "$withval")], + [AC_SUBST(ipsecuser, "root")] ) AC_ARG_WITH( - [gid], - AS_HELP_STRING([--with-gid=gid],[change group of the daemons to GID after startup (default is 0).]), - [AC_DEFINE_UNQUOTED(IPSEC_GID, $withval) AC_SUBST(ipsecgid, "$withval")], - [AC_DEFINE_UNQUOTED(IPSEC_GID, 0) AC_SUBST(ipsecgid, "0")] + [group], + AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is 0).]), + [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval") AC_SUBST(ipsecgroup, "$withval")], + [AC_SUBST(ipsecgroup, "root")] ) AC_ARG_ENABLE( - [http], - AS_HELP_STRING([--enable-http],[enable OCSP and fetching of Certificates and CRLs over HTTP (default is NO). Requires libcurl.]), - [if test x$enableval = xyes; then - http=true - AC_DEFINE(LIBCURL) - fi] + [curl], + AS_HELP_STRING([--enable-curl],[enable CURL fetcher plugin to fetch files via libcurl (default is NO). Requires libcurl.]), + [if test x$enableval = xyes; then + curl=true + fi] ) -AM_CONDITIONAL(USE_LIBCURL, test x$http = xtrue) AC_ARG_ENABLE( - [ldap], - AS_HELP_STRING([--enable-ldap],[enable fetching of CRLs from LDAP (default is NO). Requires openLDAP.]), - [if test x$enableval = xyes; then - ldap=true - AC_DEFINE(LIBLDAP) - fi] + [ldap], + AS_HELP_STRING([--enable-ldap],[enable LDAP fetching plugin to fetch files via libldap (default is NO). Requires openLDAP.]), + [if test x$enableval = xyes; then + ldap=true + fi] ) -AM_CONDITIONAL(USE_LIBLDAP, test x$ldap = xtrue) AC_ARG_ENABLE( - [stroke], - AS_HELP_STRING([--disable-stroke],[disable charons stroke (pluto compatibility) configuration backend. (default is NO).]), - [if test x$enableval = xyes; then - stroke=true - else - stroke=false - fi], - stroke=true + [aes], + AS_HELP_STRING([--disable-aes],[disable own AES software implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + aes=true + else + aes=false + fi], + aes=true ) -AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue) AC_ARG_ENABLE( - [dbus], - AS_HELP_STRING([--enable-dbus],[enable DBUS configuration and control interface (default is NO). Requires libdbus.]), - [if test x$enableval = xyes; then - dbus=true - AC_DEFINE(LIBDBUS) - fi] + [des], + AS_HELP_STRING([--disable-des],[disable own DES/3DES software implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + des=true + else + des=false + fi], + des=true ) -AM_CONDITIONAL(USE_LIBDBUS, test x$dbus = xtrue) AC_ARG_ENABLE( - [xml], - AS_HELP_STRING([--enable-xml],[enable XML configuration and control interface (default is NO). Requires libxml.]), - [if test x$enableval = xyes; then - xml=true - AC_DEFINE(LIBXML) - fi] + [md5], + AS_HELP_STRING([--disable-md5],[disable own MD5 software implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + md5=true + else + md5=false + fi], + md5=true ) -AM_CONDITIONAL(USE_LIBXML, test x$xml = xtrue) AC_ARG_ENABLE( - [sqlite], - AS_HELP_STRING([--enable-sqlite],[enable SQLite configuration backend (default is NO). Requires libsqlite3.]), - [if test x$enableval = xyes; then - sqlite=true - AC_DEFINE(LIBSQLITE) - fi] + [sha1], + AS_HELP_STRING([--disable-sha1],[disable own SHA1 software implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + sha1=true + else + sha1=false + fi], + sha1=true ) -AM_CONDITIONAL(USE_LIBSQLITE, test x$sqlite = xtrue) AC_ARG_ENABLE( - [smartcard], - AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]), - [if test x$enableval = xyes; then - smartcard=true - AC_DEFINE(SMARTCARD) - fi] + [sha2], + AS_HELP_STRING([--disable-sha2],[disable own SHA256/SHA384/SHA512 software implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + sha2=true + else + sha2=false + fi], + sha2=true ) -AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue) AC_ARG_ENABLE( - [cisco-quirks], - AS_HELP_STRING([--enable-cisco-quirks],[enable support of Cisco VPN client (default is NO).]), - [if test x$enableval = xyes; then - cisco_quirks=true - fi] + [fips-prf], + AS_HELP_STRING([--disable-fips-prf],[disable FIPS PRF software implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + fips_prf=true + else + fips_prf=false + fi], + fips_prf=true ) -AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue) AC_ARG_ENABLE( - [leak-detective], - AS_HELP_STRING([--enable-leak-detective],[enable malloc hooks to find memory leaks (default is NO).]), - [if test x$enableval = xyes; then - leak_detective=true - fi] + [gmp], + AS_HELP_STRING([--disable-gmp],[disable own GNU MP (libgmp) based crypto implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + gmp=true + else + gmp=false + fi], + gmp=true ) -AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue) AC_ARG_ENABLE( - [eap-sim], - AS_HELP_STRING([--enable-eap-sim],[build SIM authenication module for EAP (default is NO).]), - [if test x$enableval = xyes; then - eap_sim=true - fi] + [random], + AS_HELP_STRING([--disable-random],[disable RNG implementation on top of /dev/(u)random. (default is NO).]), + [if test x$enableval = xyes; then + random=true + else + random=false + fi], + random=true ) -AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue) AC_ARG_ENABLE( - [eap-identity], - AS_HELP_STRING([--enable-eap-identity],[build EAP module providing EAP-Identity helper (default is NO).]), - [if test x$enableval = xyes; then - eap_identity=true - fi] + [x509], + AS_HELP_STRING([--disable-x509],[disable own X509 certificate implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + x509=true + else + x509=false + fi], + x509=true ) -AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue) AC_ARG_ENABLE( - [eap-md5], - AS_HELP_STRING([--enable-eap-md5],[build MD5 (CHAP) authenication module for EAP (default is NO).]), - [if test x$enableval = xyes; then - eap_md5=true - fi] + [pubkey], + AS_HELP_STRING([--disable-pubkey],[disable RAW public key support plugin. (default is NO).]), + [if test x$enableval = xyes; then + pubkey=true + else + pubkey=false + fi], + pubkey=true ) -AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue) AC_ARG_ENABLE( - [eap-aka], - AS_HELP_STRING([--enable-eap-aka],[build AKA authentication module for EAP (default is NO).]), - [if test x$enableval = xyes; then - eap_aka=true - fi] + [hmac], + AS_HELP_STRING([--disable-hmac],[disable HMAC crypto implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + hmac=true + else + hmac=false + fi], + hmac=true ) -AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue) AC_ARG_ENABLE( - [nat-transport], - AS_HELP_STRING([--enable-nat-transport],[enable NAT traversal with IPsec transport mode (default is NO).]), - [if test x$enableval = xyes; then - nat_transport=true - fi] + [xcbc], + AS_HELP_STRING([--disable-xcbc],[disable xcbc crypto implementation plugin. (default is NO).]), + [if test x$enableval = xyes; then + xcbc=true + else + xcbc=false + fi], + xcbc=true ) -AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue) AC_ARG_ENABLE( - [vendor-id], - AS_HELP_STRING([--disable-vendor-id],[disable the sending of the strongSwan vendor ID (default is NO).]), - [if test x$enableval = xyes; then - vendor_id=true - else - vendor_id=false - fi], - vendor_id=true + [mysql], + AS_HELP_STRING([--enable-mysql],[enable MySQL database support (default is NO). Requires libmysqlclient_r.]), + [if test x$enableval = xyes; then + mysql=true + fi] ) -AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue) AC_ARG_ENABLE( - [xauth-vid], - AS_HELP_STRING([--disable-xauth-vid],[disable the sending of the XAUTH vendor ID (default is NO).]), - [if test x$enableval = xyes; then - xauth_vid=true - else - xauth_vid=false - fi], - xauth_vid=true + [sqlite], + AS_HELP_STRING([--enable-sqlite],[enable SQLite database support (default is NO). Requires libsqlite3.]), + [if test x$enableval = xyes; then + sqlite=true + fi] ) -AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue) AC_ARG_ENABLE( - [uml], - AS_HELP_STRING([--enable-uml],[build the UML test framework (default is NO).]), - [if test x$enableval = xyes; then - uml=true - fi] + [stroke], + AS_HELP_STRING([--disable-stroke],[disable charons stroke (pluto compatibility) configuration backend. (default is NO).]), + [if test x$enableval = xyes; then + stroke=true + else + stroke=false + fi], + stroke=true ) -AM_CONDITIONAL(USE_UML, test x$uml = xtrue) AC_ARG_ENABLE( - [manager], - AS_HELP_STRING([--enable-manager],[build web management console (default is NO).]), - [if test x$enableval = xyes; then - manager=true - fi] + [medsrv], + AS_HELP_STRING([--enable-medsrv],[enable mediation server web frontend and daemon plugin (default is NO).]), + [if test x$enableval = xyes; then + medsrv=true + fi] ) -AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue) AC_ARG_ENABLE( - [p2p], - AS_HELP_STRING([--enable-p2p],[enable peer-to-peer NAT traversal (default is NO).]), - [if test x$enableval = xyes; then - p2p=true - AC_DEFINE(P2P) - fi] + [medcli], + AS_HELP_STRING([--enable-medcli],[enable mediation client configuration database plugin (default is NO).]), + [if test x$enableval = xyes; then + medcli=true + fi] ) -AM_CONDITIONAL(USE_P2P, test x$p2p = xtrue) AC_ARG_ENABLE( - [integrity-test], - AS_HELP_STRING([--enable-integrity-test],[enable the integrity test of the crypto library (default is NO).]), - [if test x$enableval = xyes; then - integrity_test=true - AC_DEFINE(INTEGRITY_TEST) - fi] + [smp], + AS_HELP_STRING([--enable-smp],[enable SMP configuration and control interface (default is NO). Requires libxml.]), + [if test x$enableval = xyes; then + smp=true + fi] ) -AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue) AC_ARG_ENABLE( - [self-test], - AS_HELP_STRING([--disable-self-test],[disable the self-test of the crypto library (default is NO).]), - [if test x$enableval = xyes; then - self_test=true - else - self_test=false - AC_DEFINE(NO_SELF_TEST) - fi], - self_test=true + [sql], + AS_HELP_STRING([--enable-sql],[enable SQL database configuration backend (default is NO).]), + [if test x$enableval = xyes; then + sql=true + fi] ) -AM_CONDITIONAL(USE_SELF_TEST, test x$self_test = xtrue) AC_ARG_ENABLE( - [pluto], - AS_HELP_STRING([--disable-pluto],[disable the IKEv1 keying daemon pluto. (default is NO).]), - [if test x$enableval = xyes; then - pluto=true - else - pluto=false - fi], - pluto=true + [smartcard], + AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]), + [if test x$enableval = xyes; then + smartcard=true + fi] ) -AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue) AC_ARG_ENABLE( - [charon], - AS_HELP_STRING([--disable-charon],[disable the IKEv2 keying daemon charon. (default is NO).]), - [if test x$enableval = xyes; then - charon=true - else - charon=false - fi], - charon=true + [cisco-quirks], + AS_HELP_STRING([--enable-cisco-quirks],[enable support of Cisco VPN client (default is NO).]), + [if test x$enableval = xyes; then + cisco_quirks=true + fi] ) -AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue) AC_ARG_ENABLE( - [tools], - AS_HELP_STRING([--disable-tools],[disable additional utilities (openac and scepclient). (default is NO).]), - [if test x$enableval = xyes; then - tools=true - else - tools=false - fi], - tools=true + [leak-detective], + AS_HELP_STRING([--enable-leak-detective],[enable malloc hooks to find memory leaks (default is NO).]), + [if test x$enableval = xyes; then + leak_detective=true + fi] ) -AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue) -AM_CONDITIONAL(USE_PLUTO_OR_CHARON, test x$pluto = xtrue -o x$charon = xtrue) -AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue) -AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue) +AC_ARG_ENABLE( + [unit-tests], + AS_HELP_STRING([--enable-unit-tests],[enable unit tests on IKEv2 daemon startup (default is NO).]), + [if test x$enableval = xyes; then + unittest=true + fi] +) + +AC_ARG_ENABLE( + [eap-sim], + AS_HELP_STRING([--enable-eap-sim],[build SIM authenication module for EAP (default is NO).]), + [if test x$enableval = xyes; then + eap_sim=true + fi] +) + +AC_ARG_ENABLE( + [eap-identity], + AS_HELP_STRING([--enable-eap-identity],[build EAP module providing EAP-Identity helper (default is NO).]), + [if test x$enableval = xyes; then + eap_identity=true + fi] +) + +AC_ARG_ENABLE( + [eap-md5], + AS_HELP_STRING([--enable-eap-md5],[build MD5 (CHAP) authenication module for EAP (default is NO).]), + [if test x$enableval = xyes; then + eap_md5=true + fi] +) + +AC_ARG_ENABLE( + [eap-aka], + AS_HELP_STRING([--enable-eap-aka],[build AKA authentication module for EAP (default is NO).]), + [if test x$enableval = xyes; then + eap_aka=true + fi] +) + +AC_ARG_ENABLE( + [nat-transport], + AS_HELP_STRING([--enable-nat-transport],[enable NAT traversal with IPsec transport mode (default is NO).]), + [if test x$enableval = xyes; then + nat_transport=true + fi] +) + +AC_ARG_ENABLE( + [vendor-id], + AS_HELP_STRING([--disable-vendor-id],[disable the sending of the strongSwan vendor ID (default is NO).]), + [if test x$enableval = xyes; then + vendor_id=true + else + vendor_id=false + fi], + vendor_id=true +) + +AC_ARG_ENABLE( + [xauth-vid], + AS_HELP_STRING([--disable-xauth-vid],[disable the sending of the XAUTH vendor ID (default is NO).]), + [if test x$enableval = xyes; then + xauth_vid=true + else + xauth_vid=false + fi], + xauth_vid=true +) + +AC_ARG_ENABLE( + [dumm], + AS_HELP_STRING([--enable-dumm],[build the DUMM UML test framework (default is NO).]), + [if test x$enableval = xyes; then + dumm=true + fi] +) + +AC_ARG_ENABLE( + [fast], + AS_HELP_STRING([--enable-fast],[build libfast (FastCGI Application Server w/ templates (default is NO).]), + [if test x$enableval = xyes; then + fast=true + fi] +) + +AC_ARG_ENABLE( + [manager], + AS_HELP_STRING([--enable-manager],[build web management console (default is NO).]), + [if test x$enableval = xyes; then + manager=true + xml=true + fi] +) + +AC_ARG_ENABLE( + [mediation], + AS_HELP_STRING([--enable-mediation],[enable IKEv2 Mediation Extension (default is NO).]), + [if test x$enableval = xyes; then + me=true + fi] +) + +AC_ARG_ENABLE( + [integrity-test], + AS_HELP_STRING([--enable-integrity-test],[enable the integrity test of the crypto library (default is NO).]), + [if test x$enableval = xyes; then + integrity_test=true + fi] +) + +AC_ARG_ENABLE( + [self-test], + AS_HELP_STRING([--disable-self-test],[disable the self-test of the crypto library (default is NO).]), + [if test x$enableval = xyes; then + self_test=true + else + self_test=false + fi], + self_test=true +) + +AC_ARG_ENABLE( + [pluto], + AS_HELP_STRING([--disable-pluto],[disable the IKEv1 keying daemon pluto. (default is NO).]), + [if test x$enableval = xyes; then + pluto=true + else + pluto=false + fi], + pluto=true +) + +AC_ARG_ENABLE( + [charon], + AS_HELP_STRING([--disable-charon],[disable the IKEv2 keying daemon charon. (default is NO).]), + [if test x$enableval = xyes; then + charon=true + else + charon=false + fi], + charon=true +) + +AC_ARG_ENABLE( + [tools], + AS_HELP_STRING([--disable-tools],[disable additional utilities (openac and scepclient). (default is NO).]), + [if test x$enableval = xyes; then + tools=true + else + tools=false + fi], + tools=true +) + +AC_ARG_ENABLE( + [updown], + AS_HELP_STRING([--disable-updown],[disable installation of firewall scripts. (default is NO).]), + [if test x$enableval = xyes; then + updown=true + else + updown=false + fi], + updown=true +) + +AC_ARG_ENABLE( + [padlock], + AS_HELP_STRING([--enable-padlock],[enables VIA Padlock crypto plugin. (default is NO).]), + [if test x$enableval = xyes; then + padlock=true + else + padlock=false + fi], +) + +AC_ARG_ENABLE( + [openssl], + AS_HELP_STRING([--enable-openssl],[enables the OpenSSL crypto plugin. (default is NO).]), + [if test x$enableval = xyes; then + openssl=true + else + openssl=false + fi], +) + +AC_ARG_ENABLE( + [uci], + AS_HELP_STRING([--enable-uci],[enable OpenWRT UCI configuration plugin (default is NO).]), + [if test x$enableval = xyes; then + uci=true + fi] +) dnl ========================= dnl check required programs @@ -405,63 +575,256 @@ AC_PROG_CC() AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin]) AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin]) -dnl ========================== -dnl check required libraries -dnl ========================== +dnl ========================= +dnl dependency calculation +dnl ========================= + +if test x$pluto = xtrue; then + gmp=true; +fi +if test x$tools = xtrue; then + gmp=true; +fi + +if test x$smp = xtrue; then + xml=true +fi + +if test x$manager = xtrue; then + fast=true +fi + +if test x$medsrv = xtrue; then + me=true + fast=true +fi + +if test x$medcli = xtrue; then + me=true +fi + +dnl ========================================== +dnl check required libraries and header files +dnl ========================================== + +AC_HAVE_LIBRARY(dl) AC_CHECK_FUNCS(backtrace) -AC_CHECK_FUNCS(getifaddrs) +AC_CHECK_FUNCS(dladdr) -AC_HAVE_LIBRARY([gmp],[LIBS="$LIBS"],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])]) -if test "$ldap" = "true"; then - AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP enabled, but library ldap not found])]) - AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP enabled, but library lber not found])]) +AC_MSG_CHECKING([capset() definition]) +AC_TRY_COMPILE( + [#include <linux/capset.h>], + [ + void *test = capset; + ], + [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_DEFINE_UNQUOTED(NO_CAPSET_DEFINED, 1)] +) + +if test x$gmp = xtrue; then + AC_HAVE_LIBRARY([gmp],[LIBS="$LIBS"],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])]) + AC_MSG_CHECKING([gmp.h version >= 4.1.4]) + AC_TRY_COMPILE( + [#include "gmp.h"], + [ + #if (__GNU_MP_VERSION*100 + __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414 + #error bad gmp + #endif + ], + [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])] + ) fi -if test "$http" = "true"; then - AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([HTTP enabled, but library curl not found])]) + +if test x$ldap = xtrue; then + AC_HAVE_LIBRARY([ldap],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])]) + AC_HAVE_LIBRARY([lber],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])]) + AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])]) fi -if test "$xml" = "true"; then - PKG_CHECK_MODULES(xml, [libxml-2.0],, AC_MSG_ERROR([No libxml2 package information found])) +if test x$curl = xtrue; then + AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])]) + AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])]) +fi + +if test x$xml = xtrue; then + PKG_CHECK_MODULES(xml, [libxml-2.0]) AC_SUBST(xml_CFLAGS) AC_SUBST(xml_LIBS) fi -if test "$dbus" = "true"; then - PKG_CHECK_MODULES(dbus, [dbus-1],, AC_MSG_ERROR([No libdbus package information found])) - AC_SUBST(dbus_CFLAGS) - AC_SUBST(dbus_LIBS) +if test x$dumm = xtrue; then + PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte]) + AC_SUBST(gtk_CFLAGS) + AC_SUBST(gtk_LIBS) fi +if test x$fast = xtrue; then + AC_HAVE_LIBRARY([neo_cgi],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_cgi not found!])]) + AC_HAVE_LIBRARY([neo_utl],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])]) + AC_HAVE_LIBRARY([z],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver dependency zlib not found!])]) +dnl autoconf does not like CamelCase!? How to fix this? +dnl AC_CHECK_HEADER([ClearSilver/ClearSilver.h],,[AC_MSG_ERROR([ClearSilver header file ClearSilver/ClearSilver.h not found!])]) + + AC_HAVE_LIBRARY([fcgi],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])]) + AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])]) +fi -dnl ============================= -dnl check required header files -dnl ============================= +if test x$mysql = xtrue; then + AC_HAVE_LIBRARY([mysqlclient_r],[LIBS="$LIBS"],[AC_MSG_ERROR([MySQL library mysqlclient_r not found])]) + AC_CHECK_HEADER([mysql/mysql.h],,[AC_MSG_ERROR([MySQL header mysql/mysql.h not found!])]) +fi +if test x$sqlite = xtrue; then + AC_HAVE_LIBRARY([sqlite3],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])]) + AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])]) + AC_MSG_CHECKING([sqlite3_prepare_v2]) + AC_TRY_COMPILE( + [#include <sqlite3.h>], + [ + void *test = sqlite3_prepare_v2; + ], + [AC_MSG_RESULT([yes])]; AC_DEFINE_UNQUOTED(HAVE_SQLITE3_PREPARE_V2, 1), [AC_MSG_RESULT([no])]) +fi -AC_MSG_CHECKING([gmp.h version >= 4.1.4]) -AC_TRY_COMPILE( - [#include "gmp.h"], - [ - #if (__GNU_MP_VERSION*100 + __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414 - #error bad gmp - #endif - ], - [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])] -) -AC_MSG_CHECKING([capset() definition]) -AC_TRY_COMPILE( - [#include <linux/capset.h>], - [ - void *test = capset; - ], - [AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]); AC_DEFINE_UNQUOTED(NO_CAPSET_DEFINED, 1)] -) -if test "$ldap" = "true"; then - AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP enabled, but ldap.h not found!])]) +if test x$openssl = xtrue; then + AC_HAVE_LIBRARY([crypto],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])]) + AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])]) +fi + +if test x$uci = xtrue; then + AC_HAVE_LIBRARY([uci],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])]) + AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])]) +fi + +dnl ====================================== +dnl collect all plugins for libstrongswan +dnl ====================================== + +libstrongswan_plugins= + +if test x$curl = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" curl" +fi +if test x$ldap = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" ldap" +fi +if test x$aes = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" aes" +fi +if test x$des = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" des" +fi +if test x$md5 = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" md5" +fi +if test x$sha1 = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" sha1" fi -if test "$http" = "true"; then - AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([HTTP enabled, but curl.h not found!])]) +if test x$sha2 = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" sha2" +fi +if test x$fips_prf = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" fips-prf" +fi +if test x$gmp = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" gmp" +fi +if test x$random = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" random" +fi +if test x$x509 = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" x509" +fi +if test x$pubkey = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" pubkey" +fi +if test x$hmac = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" hmac" +fi +if test x$xcbc = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" xcbc" +fi +if test x$mysql = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" mysql" +fi +if test x$sqlite = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" sqlite" +fi +if test x$padlock = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" padlock" +fi +if test x$openssl = xtrue; then + libstrongswan_plugins=${libstrongswan_plugins}" openssl" +fi + +AC_SUBST(libstrongswan_plugins) + +dnl ========================= +dnl set Makefile.am vars +dnl ========================= + +dnl libstrongswan plugins +dnl ===================== +AM_CONDITIONAL(USE_CURL, test x$curl = xtrue) +AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue) +AM_CONDITIONAL(USE_AES, test x$aes = xtrue) +AM_CONDITIONAL(USE_DES, test x$des = xtrue) +AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue) +AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue) +AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue) +AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue) +AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue) +AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue) +AM_CONDITIONAL(USE_X509, test x$x509 = xtrue) +AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue) +AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue) +AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue) +AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue) +AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue) +AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue) +AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue) + +dnl charon plugins +dnl ============== +AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue) +AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue) +AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue) +AM_CONDITIONAL(USE_UCI, test x$uci = xtrue) +AM_CONDITIONAL(USE_SMP, test x$smp = xtrue) +AM_CONDITIONAL(USE_SQL, test x$sql = xtrue) +AM_CONDITIONAL(USE_UNIT_TESTS, test x$unittest = xtrue) +AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue) +AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue) +AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue) +AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue) + +dnl other options +dnl ============= +AM_CONDITIONAL(USE_SMARTCARD, test x$smartcard = xtrue) +AM_CONDITIONAL(USE_CISCO_QUIRKS, test x$cisco_quirks = xtrue) +AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue) +AM_CONDITIONAL(USE_NAT_TRANSPORT, test x$nat_transport = xtrue) +AM_CONDITIONAL(USE_VENDORID, test x$vendor_id = xtrue) +AM_CONDITIONAL(USE_XAUTH_VID, test x$xauth_vid = xtrue) +AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue) +AM_CONDITIONAL(USE_FAST, test x$fast = xtrue) +AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue) +AM_CONDITIONAL(USE_ME, test x$me = xtrue) +AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue) +AM_CONDITIONAL(USE_SELF_TEST, test x$self_test = xtrue) +AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue) +AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue) +AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue) +AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue) +AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue) +AM_CONDITIONAL(USE_FILE_CONFIG, test x$pluto = xtrue -o x$stroke = xtrue) + +dnl ============================== +dnl set global definitions +dnl ============================== + +if test x$me = xtrue; then + AC_DEFINE(ME) fi dnl ============================== @@ -473,11 +836,40 @@ AC_OUTPUT( src/Makefile src/include/Makefile src/libstrongswan/Makefile + src/libstrongswan/plugins/aes/Makefile + src/libstrongswan/plugins/des/Makefile + src/libstrongswan/plugins/md5/Makefile + src/libstrongswan/plugins/sha1/Makefile + src/libstrongswan/plugins/sha2/Makefile + src/libstrongswan/plugins/fips_prf/Makefile + src/libstrongswan/plugins/gmp/Makefile + src/libstrongswan/plugins/random/Makefile + src/libstrongswan/plugins/hmac/Makefile + src/libstrongswan/plugins/xcbc/Makefile + src/libstrongswan/plugins/x509/Makefile + src/libstrongswan/plugins/pubkey/Makefile + src/libstrongswan/plugins/curl/Makefile + src/libstrongswan/plugins/ldap/Makefile + src/libstrongswan/plugins/mysql/Makefile + src/libstrongswan/plugins/sqlite/Makefile + src/libstrongswan/plugins/padlock/Makefile + src/libstrongswan/plugins/openssl/Makefile src/libcrypto/Makefile src/libfreeswan/Makefile src/pluto/Makefile src/whack/Makefile src/charon/Makefile + src/charon/plugins/eap_aka/Makefile + src/charon/plugins/eap_identity/Makefile + src/charon/plugins/eap_md5/Makefile + src/charon/plugins/eap_sim/Makefile + src/charon/plugins/smp/Makefile + src/charon/plugins/sql/Makefile + src/charon/plugins/medsrv/Makefile + src/charon/plugins/medcli/Makefile + src/charon/plugins/uci/Makefile + src/charon/plugins/stroke/Makefile + src/charon/plugins/unit_tester/Makefile src/stroke/Makefile src/ipsec/Makefile src/starter/Makefile @@ -487,6 +879,8 @@ AC_OUTPUT( src/openac/Makefile src/scepclient/Makefile src/dumm/Makefile + src/libfast/Makefile src/manager/Makefile + src/medsrv/Makefile testing/Makefile ) |