X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=configure.ac;h=78b38773471da5104b0bd027be4bd3e507fadaf8;hb=02b348403a44f5fb1f9a3773da2a58fc29b25c13;hp=2dfd4264aea785f0b1ff622ebb308d43f098973f;hpb=8806b00f43895b948a0514c550c2beca99723edf;p=thirdparty%2Fstrongswan.git diff --git a/configure.ac b/configure.ac index 2dfd4264ae..78b3877347 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ # -# Copyright (C) 2007-2015 Tobias Brunner -# Copyright (C) 2006-2016 Andreas Steffen +# Copyright (C) 2007-2017 Tobias Brunner +# Copyright (C) 2006-2017 Andreas Steffen # Copyright (C) 2006-2014 Martin Willi # HSR Hochschule fuer Technik Rapperswil # @@ -19,7 +19,7 @@ # initialize & set some vars # ============================ -AC_INIT([strongSwan],[5.5.3dr2]) +AC_INIT([strongSwan],[5.8.0dr2]) AM_INIT_AUTOMAKE(m4_esyscmd([ echo tar-ustar echo subdir-objects @@ -35,6 +35,7 @@ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES]) AC_CONFIG_MACRO_DIR([m4/config]) AC_CONFIG_HEADERS([config.h]) AC_DEFINE([CONFIG_H_INCLUDED], [], [defined if config.h included]) +AC_DISABLE_STATIC PKG_PROG_PKG_CONFIG m4_include(m4/macros/split-package-version.m4) @@ -125,6 +126,7 @@ ARG_DISBL_SET([aes], [disable AES software implementation plugin.]) ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.]) ARG_ENABL_SET([bliss], [enable BLISS software implementation plugin.]) ARG_ENABL_SET([blowfish], [enable Blowfish software implementation plugin.]) +ARG_ENABL_SET([botan], [enables the Botan crypto plugin.]) ARG_ENABL_SET([ccm], [enables the CCM AEAD wrapper crypto plugin.]) ARG_ENABL_SET([chapoly], [enables the ChaCha20/Poly1305 AEAD plugin.]) ARG_DISBL_SET([cmac], [disable CMAC crypto implementation plugin.]) @@ -143,6 +145,7 @@ ARG_ENABL_SET([newhope], [enable New Hope crypto plugin.]) ARG_DISBL_SET([nonce], [disable nonce generation plugin.]) ARG_ENABL_SET([ntru], [enables the NTRU crypto plugin.]) ARG_ENABL_SET([openssl], [enables the OpenSSL crypto plugin.]) +ARG_ENABL_SET([wolfssl], [enables the wolfSSL crypto plugin.]) ARG_ENABL_SET([padlock], [enables VIA Padlock crypto plugin.]) ARG_DISBL_SET([random], [disable RNG implementation on top of /dev/(u)random.]) ARG_DISBL_SET([rc2], [disable RC2 software implementation plugin.]) @@ -184,6 +187,7 @@ ARG_ENABL_SET([eap-sim], [enable SIM authentication module for EAP.]) ARG_ENABL_SET([eap-sim-file], [enable EAP-SIM backend based on a triplet file.]) ARG_ENABL_SET([eap-sim-pcsc], [enable EAP-SIM backend based on a smartcard reader. Requires libpcsclite.]) ARG_ENABL_SET([eap-aka], [enable EAP AKA authentication module.]) +ARG_ENABL_SET([eap-aka-3gpp], [enable EAP AKA backend implementing 3GPP MILENAGE algorithms in software.]) ARG_ENABL_SET([eap-aka-3gpp2], [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.]) ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.]) ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.]) @@ -243,8 +247,8 @@ ARG_ENABL_SET([imc-os], [enable IMC operating system module.]) ARG_ENABL_SET([imv-os], [enable IMV operating system module.]) ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.]) ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.]) -ARG_ENABL_SET([imc-swid], [enable IMC swid module.]) -ARG_ENABL_SET([imv-swid], [enable IMV swid module.]) +ARG_ENABL_SET([imc-swima], [enable IMC swima module.]) +ARG_ENABL_SET([imv-swima], [enable IMV swima module.]) ARG_ENABL_SET([imc-hcd], [enable IMC hcd module.]) ARG_ENABL_SET([imv-hcd], [enable IMV hcd module.]) ARG_ENABL_SET([tnc-ifmap], [enable TNC IF-MAP module. Requires libxml]) @@ -259,6 +263,7 @@ ARG_ENABL_SET([android-log], [enable Android specific logger plugin.]) ARG_ENABL_SET([bypass-lan], [enable plugin to install bypass policies for local subnets.]) ARG_ENABL_SET([certexpire], [enable CSV export of expiration dates of used certificates.]) ARG_ENABL_SET([connmark], [enable connmark plugin using conntrack based marks to select return path SA.]) +ARG_ENABL_SET([counters], [enable plugin that collects several performance counters.]) ARG_ENABL_SET([forecast], [enable forecast plugin forwarding broadcast/multicast messages.]) ARG_ENABL_SET([duplicheck], [advanced duplicate checking plugin using liveness checks.]) ARG_ENABL_SET([error-notify], [enable error notification plugin.]) @@ -268,6 +273,7 @@ ARG_ENABL_SET([led], [enable plugin to control LEDs on IKEv2 activity ARG_ENABL_SET([load-tester], [enable load testing plugin for IKEv2 daemon.]) ARG_ENABL_SET([lookip], [enable fast virtual IP lookup and notification plugin.]) ARG_ENABL_SET([radattr], [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.]) +ARG_ENABL_SET([save-keys], [enable development/debugging plugin that saves IKE and ESP keys in Wireshark format.]) ARG_ENABL_SET([systime-fix], [enable plugin to handle cert lifetimes with invalid system time gracefully.]) ARG_ENABL_SET([test-vectors], [enable plugin providing crypto test vectors.]) ARG_DISBL_SET([updown], [disable updown firewall script plugin.]) @@ -276,7 +282,6 @@ ARG_ENABL_SET([aikgen], [enable AIK generator for TPM 1.2.]) ARG_DISBL_SET([charon], [disable the IKEv1/IKEv2 keying daemon charon.]) ARG_ENABL_SET([cmd], [enable the command line IKE client charon-cmd.]) ARG_ENABL_SET([conftest], [enforce Suite B conformance test framework.]) -ARG_ENABL_SET([dumm], [enable the DUMM UML test framework.]) ARG_ENABL_SET([fast], [enable libfast (FastCGI Application Server w/ templates.]) ARG_ENABL_SET([fuzzing], [enable fuzzing scripts (found in directory fuzz).]) ARG_ENABL_SET([libipsec], [enable user space IPsec implementation.]) @@ -349,6 +354,7 @@ fi if test -z "$CFLAGS"; then CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign" fi +AC_SUBST(PLUGIN_CFLAGS) AC_PROG_CC AM_PROG_CC_C_O @@ -373,6 +379,21 @@ AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin]) AC_MSG_CHECKING([gperf version >= 3.0.0]) if test -x "$GPERF"; then if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then + GPERF_OUTPUT="`echo foo | ${GPERF}`" + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[#include + const char *in_word_set(const char*, size_t); $GPERF_OUTPUT]])], + [GPERF_LEN_TYPE=size_t], + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[#include + const char *in_word_set(const char*, unsigned); $GPERF_OUTPUT]])], + [GPERF_LEN_TYPE=unsigned], + [AC_MSG_ERROR([unable to determine gperf len type])] + )] + ) + AC_SUBST(GPERF_LEN_TYPE) AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) @@ -411,7 +432,7 @@ if test x$eap_radius = xtrue -o x$radattr = xtrue -o x$tnc_pdp = xtrue; then radius=true; fi -if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then +if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_20 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then tnc_tnccs=true; fi @@ -419,12 +440,12 @@ if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue -o x$tnc_t tls=true; fi -if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swid = xtrue -o x$imv_swid = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then +if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then imcv=true; fi if test x$fips_prf = xtrue; then - if test x$openssl = xfalse; then + if test x$openssl = xfalse -a x$wolfssl = xfalse; then sha1=true; fi fi @@ -466,10 +487,14 @@ if test x$aikgen = xtrue; then tss_trousers=true fi -if test x$ntru = xtrue -o x$bliss = xtrue; then +if test x$gmp = xtrue -o x$ntru = xtrue -o x$bliss = xtrue; then mgf1=true fi +if test x$stroke = xtrue; then + counters=true +fi + # =========================================== # check required libraries and header files # =========================================== @@ -822,7 +847,7 @@ AC_COMPILE_IFELSE( [ AC_MSG_RESULT([yes]) windows=true - openssl_lib=eay32 + AC_SUBST(PTHREADLIB, "") # explicitly disable ms-bitfields, as it breaks __attribute__((packed)) case "$CFLAGS" in @@ -832,7 +857,6 @@ AC_COMPILE_IFELSE( ], [ AC_MSG_RESULT([no]) - openssl_lib=crypto # check for clock_gettime() on non-Windows only. Otherwise this # check might find clock_gettime() in libwinpthread, but we don't want @@ -846,7 +870,6 @@ AC_COMPILE_IFELSE( LIBS=$saved_LIBS ] ) -AC_SUBST(OPENSSL_LIB, [-l$openssl_lib]) AM_CONDITIONAL(USE_WINDOWS, [test "x$windows" = xtrue]) AC_MSG_CHECKING([for working __attribute__((packed))]) @@ -876,7 +899,7 @@ AC_COMPILE_IFELSE( AC_MSG_RESULT([no]) # GCC, but not MinGW requires -rdynamic for plugins if test x$windows != xtrue; then - AC_SUBST(PLUGIN_CFLAGS, [-rdynamic]) + PLUGIN_CFLAGS="$PLUGIN_CFLAGS -rdynamic" fi ] ) @@ -914,9 +937,9 @@ if test x$gmp = xtrue; then AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[#include "gmp.h"]], - [[void *x = mpz_powm_sec;]])], + [[void *x __attribute__((unused)); x = mpz_powm_sec;]])], [AC_MSG_RESULT([yes]); - AC_DEFINE([HAVE_MPZ_POWM_SEC], [], [have mpz_mown_sec()])], + AC_DEFINE([HAVE_MPZ_POWM_SEC], [], [have mpz_powm_sec()])], [AC_MSG_RESULT([no])] ) else @@ -984,6 +1007,10 @@ if test x$systemd = xtrue; then AC_SUBST(systemd_journal_CFLAGS) AC_SUBST(systemd_journal_LIBS)] ) + saved_LIBS=$LIBS + LIBS="$systemd_LIBS $systemd_daemon_LIBS" + AC_CHECK_FUNCS(sd_listen_fds_with_names) + LIBS=$saved_LIBS fi if test x$tss_trousers = xtrue; then @@ -993,58 +1020,38 @@ if test x$tss_trousers = xtrue; then fi if test x$tss_tss2 = xtrue; then - PKG_CHECK_MODULES(tss2, [tcti-socket], [AC_DEFINE([TSS_TSS2], [], [use TSS 2.0 libraries])]) - AC_SUBST(tss2_CFLAGS) - AC_SUBST(tss2_LIBS) + PKG_CHECK_MODULES(tss2_sys, [tss2-sys], + [tss2_sys=true; AC_DEFINE([TSS2_SYS], [], [use TSS2 v2 System API])], + [tss2_sys=false]) + PKG_CHECK_MODULES(tss2_esys, [tss2-esys], + [tss2_esys=true; AC_DEFINE([TSS2_ESYS], [], [use TSS2 v2 Extended System API])], + [tss2_esys=false]) + PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd], + [tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Mamager])], + [tss2_tabrmd=false]) + PKG_CHECK_MODULES(tss2_socket, [tcti-socket], + [tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])], + [tss2_socket=false]) + if test x$tss2_sys = xtrue; then + AC_DEFINE([TSS_TSS2_V2], [], [use TSS 2.0 v2 libraries]) + AC_SUBST(tss2_CFLAGS, "$tss2_sys_CFLAGS") + AC_SUBST(tss2_LIBS, "$tss2_sys_LIBS") + elif test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then + AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries]) + AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS") + AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS") + else + AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected]) + fi fi -if test x$imv_swid = xtrue; then +if test x$imc_swima = xtrue -o $imv_swima = xtrue; then PKG_CHECK_MODULES(json, [json-c], [], [PKG_CHECK_MODULES(json, [json])]) AC_SUBST(json_CFLAGS) AC_SUBST(json_LIBS) fi -if test x$dumm = xtrue; then - PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte]) - AC_SUBST(gtk_CFLAGS) - AC_SUBST(gtk_LIBS) - AC_CHECK_PROGS(RUBY, ruby) - AC_MSG_CHECKING([for Ruby header files]) - if test -n "$RUBY"; then - RUBYINCLUDE= - RUBYDIR=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["rubyhdrdir"]] || ""') 2>/dev/null` - if test -n "$RUBYDIR" -a -r "$RUBYDIR/ruby.h"; then - RUBYARCH=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["arch"]] || ""') 2>/dev/null` - if test -n "$RUBYARCH"; then - AC_MSG_RESULT([$RUBYDIR]) - RUBYINCLUDE="-I$RUBYDIR -I$RUBYDIR/$RUBYARCH" - fi - else - RUBYDIR=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["archdir"]] || ""') 2>/dev/null` - if test -n "$RUBYDIR" -a -r "$RUBYDIR/ruby.h"; then - AC_MSG_RESULT([$RUBYDIR]) - RUBYINCLUDE="-I$RUBYDIR" - fi - fi - if test -z "$RUBYINCLUDE"; then - AC_MSG_ERROR([ruby.h not found]) - fi - AC_SUBST(RUBYINCLUDE) - else - AC_MSG_ERROR([don't know how to run ruby]) - fi - AC_MSG_CHECKING([for libruby]) - saved_LIBS=$LIBS - LIBS=`($RUBY -r rbconfig -e 'print RbConfig::CONFIG[["LIBRUBYARG_SHARED"]] || ""') 2>/dev/null` - AC_TRY_LINK_FUNC(ruby_init, - [AC_MSG_RESULT([$LIBS]); RUBYLIB=$LIBS], - [AC_MSG_ERROR([not found])]) - AC_SUBST(RUBYLIB) - AC_CHECK_FUNCS(rb_errinfo) - LIBS=$saved_LIBS -fi - if test x$fast = xtrue; then AC_CHECK_LIB([neo_utl],[hdf_init],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])],[]) AC_MSG_CHECKING([for -lneo_cgi and dependencies]) @@ -1116,11 +1123,28 @@ if test x$sqlite = xtrue; then fi if test x$openssl = xtrue; then - AC_CHECK_LIB([$openssl_lib],[EVP_CIPHER_CTX_new],[LIBS="$LIBS"], - [AC_MSG_ERROR([OpenSSL lib$openssl_lib not found])],[$DLLIB]) + if test "x$windows" = xtrue; then + openssl_lib=eay32 + AC_CHECK_LIB([$openssl_lib],[EVP_CIPHER_CTX_new],[LIBS="$LIBS"], + [AC_MSG_RESULT([no]);openssl_lib=""],[$DLLIB]) + fi + if test -z "$openssl_lib"; then + openssl_lib=crypto + AC_CHECK_LIB([$openssl_lib],[EVP_CIPHER_CTX_new],[LIBS="$LIBS"], + [AC_MSG_ERROR([OpenSSL lib$openssl_lib not found])],[$DLLIB]) + fi + AC_SUBST(OPENSSL_LIB, [-l$openssl_lib]) AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])]) fi +if test x$wolfssl = xtrue; then + wolfssl_lib=wolfssl + AC_CHECK_LIB([$wolfssl_lib],[wolfSSL_Init],[LIBS="$LIBS"], + [AC_MSG_ERROR([wolfSSL lib$wolfssl_lib not found])],[$DLLIB]) + AC_SUBST(WOLFSSL_LIB, [-l$wolfssl_lib]) + AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])]) +fi + if test x$gcrypt = xtrue; then AC_CHECK_LIB([gcrypt],[gcry_control],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error]) AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])]) @@ -1135,6 +1159,12 @@ if test x$gcrypt = xtrue; then ) fi +if test x$botan = xtrue; then + PKG_CHECK_MODULES(botan, [botan-2]) + AC_SUBST(botan_CFLAGS) + AC_SUBST(botan_LIBS) +fi + if test x$uci = xtrue; then AC_CHECK_LIB([uci],[uci_alloc_context],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[]) AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])]) @@ -1156,10 +1186,7 @@ if test x$eap_sim_pcsc = xtrue; then fi if test x$nm = xtrue; then - PKG_CHECK_EXISTS([libnm-glib], - [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-util libnm-glib libnm-glib-vpn])], - [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_util libnm_glib libnm_glib_vpn])] - ) + PKG_CHECK_MODULES(nm, [gthread-2.0 libnm]) AC_SUBST(nm_CFLAGS) AC_SUBST(nm_LIBS) fi @@ -1260,14 +1287,25 @@ if test x$coverage = xtrue; then COVERAGE_LDFLAGS="-fprofile-arcs" AC_SUBST(COVERAGE_CFLAGS) AC_SUBST(COVERAGE_LDFLAGS) + PLUGIN_CFLAGS="$PLUGIN_CFLAGS $COVERAGE_CFLAGS" AC_MSG_NOTICE([coverage enabled, adding "-g -O0" to CFLAGS]) CFLAGS="${CFLAGS} -g -O0" fi if test x$fuzzing = xtrue; then - AC_MSG_NOTICE([fuzzing enabled, modifying CFLAGS]) - CFLAGS="${CFLAGS} -fsanitize-coverage=trace-pc-guard -fsanitize=address" + if test x$libfuzzer = x; then + AC_MSG_NOTICE([fuzz targets enabled without libFuzzer, using local driver]) + CFLAGS="${CFLAGS} -fsanitize=address" + libfuzzer="libFuzzerLocal.a" + else + # required for libFuzzer + FUZZING_LDFLAGS="-stdlib=libc++ -lstdc++" + if test "$SANITIZER" = "coverage"; then + FUZZING_LDFLAGS="$FUZZING_LDFLAGS -lm" + fi + AC_SUBST(FUZZING_LDFLAGS) + fi fi if test x$ruby_gems = xtrue; then @@ -1283,7 +1321,7 @@ fi AM_CONDITIONAL(RUBY_GEMS_INSTALL, [test "x$ruby_gems_install" = xtrue]) if test x$python_eggs = xtrue; then - PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/dev/'` + PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/.dev/'` AC_SUBST([PYTHON_PACKAGE_VERSION]) if test x$python_eggs_install = xtrue; then AC_PATH_PROG([EASY_INSTALL], [easy_install], [], [$PATH:/bin:/usr/bin:/usr/local/bin]) @@ -1302,6 +1340,19 @@ AM_CONDITIONAL(PYTHON_EGGS_INSTALL, [test "x$python_eggs_install" = xtrue]) AM_CONDITIONAL(PERL_CPAN_INSTALL, [test "x$perl_cpan_install" = xtrue]) +AC_CACHE_CHECK( + [if plugin constructors should be resolved statically], + [ss_cv_static_plugin_constructors], + [if test x$monolithic = xtrue -a x$enable_static = xyes; then + ss_cv_static_plugin_constructors=yes + else + ss_cv_static_plugin_constructors="no (enabled for static, monolithic builds)" + fi] +) +if test "x$ss_cv_static_plugin_constructors" = xyes; then + static_plugin_constructors=true +fi + # =============================================== # collect plugin list for strongSwan components # =============================================== @@ -1353,7 +1404,7 @@ ADD_PLUGIN([x509], [s charon scepclient pki scripts attest nm cm ADD_PLUGIN([revocation], [s charon pki nm cmd]) ADD_PLUGIN([constraints], [s charon nm cmd]) ADD_PLUGIN([acert], [s charon]) -ADD_PLUGIN([pubkey], [s charon cmd aikgen]) +ADD_PLUGIN([pubkey], [s charon pki cmd aikgen]) ADD_PLUGIN([pkcs1], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) ADD_PLUGIN([pkcs7], [s charon scepclient pki scripts nm cmd]) ADD_PLUGIN([pkcs8], [s charon scepclient pki scripts manager medsrv attest nm cmd]) @@ -1366,7 +1417,9 @@ ADD_PLUGIN([ipseckey], [c charon]) ADD_PLUGIN([pem], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) ADD_PLUGIN([padlock], [s charon]) ADD_PLUGIN([openssl], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) +ADD_PLUGIN([wolfssl], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) ADD_PLUGIN([gcrypt], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) +ADD_PLUGIN([botan], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen]) ADD_PLUGIN([fips-prf], [s charon nm cmd]) ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) @@ -1399,6 +1452,7 @@ ADD_PLUGIN([kernel-pfkey], [c charon starter nm cmd]) ADD_PLUGIN([kernel-pfroute], [c charon starter nm cmd]) ADD_PLUGIN([kernel-netlink], [c charon starter nm cmd]) ADD_PLUGIN([resolve], [c charon cmd]) +ADD_PLUGIN([save-keys], [c]) ADD_PLUGIN([socket-default], [c charon nm cmd]) ADD_PLUGIN([socket-dynamic], [c charon cmd]) ADD_PLUGIN([socket-win], [c charon]) @@ -1416,6 +1470,7 @@ ADD_PLUGIN([eap-sim], [c charon]) ADD_PLUGIN([eap-sim-file], [c charon]) ADD_PLUGIN([eap-sim-pcsc], [c charon]) ADD_PLUGIN([eap-aka], [c charon]) +ADD_PLUGIN([eap-aka-3gpp], [c charon]) ADD_PLUGIN([eap-aka-3gpp2], [c charon]) ADD_PLUGIN([eap-simaka-sql], [c charon]) ADD_PLUGIN([eap-simaka-pseudonym], [c charon]) @@ -1462,6 +1517,7 @@ ADD_PLUGIN([radattr], [c charon]) ADD_PLUGIN([uci], [c charon]) ADD_PLUGIN([addrblock], [c charon]) ADD_PLUGIN([unity], [c charon]) +ADD_PLUGIN([counters], [c charon]) AC_SUBST(charon_plugins) AC_SUBST(starter_plugins) @@ -1532,7 +1588,9 @@ AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue) AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue) AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue) AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue) +AM_CONDITIONAL(USE_WOLFSSL, test x$wolfssl = xtrue) AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue) +AM_CONDITIONAL(USE_BOTAN, test x$botan = xtrue) AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue) AM_CONDITIONAL(USE_KEYCHAIN, test x$keychain = xtrue) AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue) @@ -1591,6 +1649,7 @@ AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue) AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue) AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue) AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue) +AM_CONDITIONAL(USE_EAP_AKA_3GPP, test x$eap_aka_3gpp = xtrue) AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue) AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue) AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue) @@ -1619,10 +1678,11 @@ AM_CONDITIONAL(USE_IMC_OS, test x$imc_os = xtrue) AM_CONDITIONAL(USE_IMV_OS, test x$imv_os = xtrue) AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue) AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue) -AM_CONDITIONAL(USE_IMC_SWID, test x$imc_swid = xtrue) -AM_CONDITIONAL(USE_IMV_SWID, test x$imv_swid = xtrue) +AM_CONDITIONAL(USE_IMC_SWIMA, test x$imc_swima = xtrue) +AM_CONDITIONAL(USE_IMV_SWIMA, test x$imv_swima = xtrue) AM_CONDITIONAL(USE_IMC_HCD, test x$imc_hcd = xtrue) AM_CONDITIONAL(USE_IMV_HCD, test x$imv_hcd = xtrue) +AM_CONDITIONAL(USE_SAVE_KEYS, test x$save_keys = xtrue) AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue) AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue) AM_CONDITIONAL(USE_SOCKET_WIN, test x$socket_win = xtrue) @@ -1635,12 +1695,12 @@ AM_CONDITIONAL(USE_UNITY, test x$unity = xtrue) AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue) AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue) AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue) +AM_CONDITIONAL(USE_COUNTERS, test x$counters = xtrue) # other options # --------------- AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue) AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue) -AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue) AM_CONDITIONAL(USE_FAST, test x$fast = xtrue) AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue) AM_CONDITIONAL(USE_ME, test x$mediation = xtrue) @@ -1664,7 +1724,7 @@ AM_CONDITIONAL(USE_LIBNTTFFT, test x$bliss = xtrue -o x$newhope = xtrue) AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue) AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue) AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue) -AM_CONDITIONAL(USE_LIBTPMTSS, test x$tss_trousers = xtrue -o x$tss_tss2 = xtrue -o x$tpm -o x$aikgen = xtrue -o x$imcv = xtrue) +AM_CONDITIONAL(USE_LIBTPMTSS, test x$tss_trousers = xtrue -o x$tss_tss2 = xtrue -o x$tpm = xtrue -o x$aikgen = xtrue -o x$imcv = xtrue) AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue) AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue) AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap) @@ -1677,6 +1737,7 @@ AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue) AM_CONDITIONAL(USE_TROUSERS, test x$tss_trousers = xtrue) AM_CONDITIONAL(USE_TSS2, test x$tss_tss2 = xtrue) AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue) +AM_CONDITIONAL(STATIC_PLUGIN_CONSTRUCTORS, test x$static_plugin_constructors = xtrue) AM_CONDITIONAL(USE_SILENT_RULES, test x$enable_silent_rules = xyes) AM_CONDITIONAL(COVERAGE, test x$coverage = xtrue) AM_CONDITIONAL(USE_DBGHELP, test x$dbghelp_backtraces = xtrue) @@ -1708,12 +1769,21 @@ fi if test x$monolithic = xtrue; then AC_DEFINE([MONOLITHIC], [], [monolithic build embedding plugins]) fi +if test x$static_plugin_constructors = xtrue; then + AC_DEFINE([STATIC_PLUGIN_CONSTRUCTORS], [], [static plugin constructors]) +fi if test x$ikev1 = xtrue; then AC_DEFINE([USE_IKEV1], [], [support for IKEv1 protocol]) fi if test x$ikev2 = xtrue; then AC_DEFINE([USE_IKEV2], [], [support for IKEv2 protocol]) fi +if test x$fuzzing = xtrue; then + AC_DEFINE([USE_FUZZING], [], [build code for fuzzing]) +fi +if test x$imc_swima = xtrue -o x$imv_swima = xtrue; then + AC_DEFINE([USE_JSON], [], [build code for JSON]) +fi # ==================================================== # options for enabled modules (see conf/Makefile.am) @@ -1727,13 +1797,14 @@ AM_COND_IF([USE_CHARON], [strongswan_options=${strongswan_options}" charon charo AM_COND_IF([USE_FILE_CONFIG], [strongswan_options=${strongswan_options}" starter"]) AM_COND_IF([USE_IMV_ATTESTATION], [strongswan_options=${strongswan_options}" attest"]) AM_COND_IF([USE_IMCV], [strongswan_options=${strongswan_options}" imcv"]) -AM_COND_IF([USE_IMV_OS], [strongswan_options=${strongswan_options}" pacman"]) +AM_COND_IF([USE_IMV_SWIMA], [strongswan_options=${strongswan_options}" sec-updater"]) AM_COND_IF([USE_LIBTNCCS], [strongswan_options=${strongswan_options}" tnc"]) AM_COND_IF([USE_MANAGER], [strongswan_options=${strongswan_options}" manager"]) AM_COND_IF([USE_MEDSRV], [strongswan_options=${strongswan_options}" medsrv"]) AM_COND_IF([USE_SCEPCLIENT], [strongswan_options=${strongswan_options}" scepclient"]) AM_COND_IF([USE_PKI], [strongswan_options=${strongswan_options}" pki"]) AM_COND_IF([USE_SWANCTL], [strongswan_options=${strongswan_options}" swanctl"]) +AM_COND_IF([USE_SYSTEMD], [strongswan_options=${strongswan_options}" charon-systemd"]) AC_SUBST(strongswan_options) @@ -1748,7 +1819,7 @@ AC_CONFIG_FILES([ man/Makefile init/Makefile init/systemd/Makefile - init/systemd-swanctl/Makefile + init/systemd-starter/Makefile src/Makefile src/include/Makefile src/libstrongswan/Makefile @@ -1797,7 +1868,9 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/sqlite/Makefile src/libstrongswan/plugins/padlock/Makefile src/libstrongswan/plugins/openssl/Makefile + src/libstrongswan/plugins/wolfssl/Makefile src/libstrongswan/plugins/gcrypt/Makefile + src/libstrongswan/plugins/botan/Makefile src/libstrongswan/plugins/agent/Makefile src/libstrongswan/plugins/keychain/Makefile src/libstrongswan/plugins/pkcs11/Makefile @@ -1837,8 +1910,8 @@ AC_CONFIG_FILES([ src/libimcv/plugins/imv_os/Makefile src/libimcv/plugins/imc_attestation/Makefile src/libimcv/plugins/imv_attestation/Makefile - src/libimcv/plugins/imc_swid/Makefile - src/libimcv/plugins/imv_swid/Makefile + src/libimcv/plugins/imc_swima/Makefile + src/libimcv/plugins/imv_swima/Makefile src/libimcv/plugins/imc_hcd/Makefile src/libimcv/plugins/imv_hcd/Makefile src/charon/Makefile @@ -1849,6 +1922,8 @@ AC_CONFIG_FILES([ src/charon-systemd/Makefile src/libcharon/Makefile src/libcharon/plugins/eap_aka/Makefile + src/libcharon/plugins/eap_aka_3gpp/Makefile + src/libcharon/plugins/eap_aka_3gpp/tests/Makefile src/libcharon/plugins/eap_aka_3gpp2/Makefile src/libcharon/plugins/eap_dynamic/Makefile src/libcharon/plugins/eap_identity/Makefile @@ -1872,11 +1947,13 @@ AC_CONFIG_FILES([ src/libcharon/plugins/xauth_noauth/Makefile src/libcharon/plugins/tnc_ifmap/Makefile src/libcharon/plugins/tnc_pdp/Makefile + src/libcharon/plugins/save_keys/Makefile src/libcharon/plugins/socket_default/Makefile src/libcharon/plugins/socket_dynamic/Makefile src/libcharon/plugins/socket_win/Makefile src/libcharon/plugins/bypass_lan/Makefile src/libcharon/plugins/connmark/Makefile + src/libcharon/plugins/counters/Makefile src/libcharon/plugins/forecast/Makefile src/libcharon/plugins/farp/Makefile src/libcharon/plugins/smp/Makefile @@ -1931,18 +2008,20 @@ AC_CONFIG_FILES([ src/_copyright/Makefile src/scepclient/Makefile src/aikgen/Makefile + src/tpm_extendpcr/Makefile src/pki/Makefile src/pki/man/Makefile src/pool/Makefile - src/dumm/Makefile - src/dumm/ext/extconf.rb src/libfast/Makefile src/manager/Makefile src/medsrv/Makefile src/checksum/Makefile src/conftest/Makefile src/pt-tls-client/Makefile + src/sw-collector/Makefile + src/sec-updater/Makefile src/swanctl/Makefile + src/xfrmi/Makefile scripts/Makefile testing/Makefile ]) @@ -1974,6 +2053,9 @@ AC_CONFIG_FILES([ src/swanctl/swanctl.8 src/swanctl/swanctl.conf.5.head src/swanctl/swanctl.conf.5.tail + src/pt-tls-client/pt-tls-client.1 + src/sw-collector/sw-collector.8 + src/sec-updater/sec-updater.8 ]) AC_OUTPUT