X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=configure.ac;h=78b38773471da5104b0bd027be4bd3e507fadaf8;hb=02b348403a44f5fb1f9a3773da2a58fc29b25c13;hp=511e914626e559d3d19bcdce9267be444dc826d7;hpb=5d3eb57cfda594c1df1ce558c96ac8c44bbee0c6;p=thirdparty%2Fstrongswan.git diff --git a/configure.ac b/configure.ac index 511e914626..78b3877347 100644 --- a/configure.ac +++ b/configure.ac @@ -19,7 +19,7 @@ # initialize & set some vars # ============================ -AC_INIT([strongSwan],[5.6.2dr2]) +AC_INIT([strongSwan],[5.8.0dr2]) AM_INIT_AUTOMAKE(m4_esyscmd([ echo tar-ustar echo subdir-objects @@ -126,6 +126,7 @@ ARG_DISBL_SET([aes], [disable AES software implementation plugin.]) ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.]) ARG_ENABL_SET([bliss], [enable BLISS software implementation plugin.]) ARG_ENABL_SET([blowfish], [enable Blowfish software implementation plugin.]) +ARG_ENABL_SET([botan], [enables the Botan crypto plugin.]) ARG_ENABL_SET([ccm], [enables the CCM AEAD wrapper crypto plugin.]) ARG_ENABL_SET([chapoly], [enables the ChaCha20/Poly1305 AEAD plugin.]) ARG_DISBL_SET([cmac], [disable CMAC crypto implementation plugin.]) @@ -144,6 +145,7 @@ ARG_ENABL_SET([newhope], [enable New Hope crypto plugin.]) ARG_DISBL_SET([nonce], [disable nonce generation plugin.]) ARG_ENABL_SET([ntru], [enables the NTRU crypto plugin.]) ARG_ENABL_SET([openssl], [enables the OpenSSL crypto plugin.]) +ARG_ENABL_SET([wolfssl], [enables the wolfSSL crypto plugin.]) ARG_ENABL_SET([padlock], [enables VIA Padlock crypto plugin.]) ARG_DISBL_SET([random], [disable RNG implementation on top of /dev/(u)random.]) ARG_DISBL_SET([rc2], [disable RC2 software implementation plugin.]) @@ -245,8 +247,6 @@ ARG_ENABL_SET([imc-os], [enable IMC operating system module.]) ARG_ENABL_SET([imv-os], [enable IMV operating system module.]) ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.]) ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.]) -ARG_ENABL_SET([imc-swid], [enable IMC swid module.]) -ARG_ENABL_SET([imv-swid], [enable IMV swid module.]) ARG_ENABL_SET([imc-swima], [enable IMC swima module.]) ARG_ENABL_SET([imv-swima], [enable IMV swima module.]) ARG_ENABL_SET([imc-hcd], [enable IMC hcd module.]) @@ -273,6 +273,7 @@ ARG_ENABL_SET([led], [enable plugin to control LEDs on IKEv2 activity ARG_ENABL_SET([load-tester], [enable load testing plugin for IKEv2 daemon.]) ARG_ENABL_SET([lookip], [enable fast virtual IP lookup and notification plugin.]) ARG_ENABL_SET([radattr], [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.]) +ARG_ENABL_SET([save-keys], [enable development/debugging plugin that saves IKE and ESP keys in Wireshark format.]) ARG_ENABL_SET([systime-fix], [enable plugin to handle cert lifetimes with invalid system time gracefully.]) ARG_ENABL_SET([test-vectors], [enable plugin providing crypto test vectors.]) ARG_DISBL_SET([updown], [disable updown firewall script plugin.]) @@ -281,7 +282,6 @@ ARG_ENABL_SET([aikgen], [enable AIK generator for TPM 1.2.]) ARG_DISBL_SET([charon], [disable the IKEv1/IKEv2 keying daemon charon.]) ARG_ENABL_SET([cmd], [enable the command line IKE client charon-cmd.]) ARG_ENABL_SET([conftest], [enforce Suite B conformance test framework.]) -ARG_ENABL_SET([dumm], [enable the DUMM UML test framework.]) ARG_ENABL_SET([fast], [enable libfast (FastCGI Application Server w/ templates.]) ARG_ENABL_SET([fuzzing], [enable fuzzing scripts (found in directory fuzz).]) ARG_ENABL_SET([libipsec], [enable user space IPsec implementation.]) @@ -432,7 +432,7 @@ if test x$eap_radius = xtrue -o x$radattr = xtrue -o x$tnc_pdp = xtrue; then radius=true; fi -if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then +if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_20 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then tnc_tnccs=true; fi @@ -440,12 +440,12 @@ if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue -o x$tnc_t tls=true; fi -if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swid = xtrue -o x$imv_swid = xtrue -o x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then +if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then imcv=true; fi if test x$fips_prf = xtrue; then - if test x$openssl = xfalse; then + if test x$openssl = xfalse -a x$wolfssl = xfalse; then sha1=true; fi fi @@ -1020,40 +1020,38 @@ if test x$tss_trousers = xtrue; then fi if test x$tss_tss2 = xtrue; then + PKG_CHECK_MODULES(tss2_sys, [tss2-sys], + [tss2_sys=true; AC_DEFINE([TSS2_SYS], [], [use TSS2 v2 System API])], + [tss2_sys=false]) + PKG_CHECK_MODULES(tss2_esys, [tss2-esys], + [tss2_esys=true; AC_DEFINE([TSS2_ESYS], [], [use TSS2 v2 Extended System API])], + [tss2_esys=false]) PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd], [tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Mamager])], [tss2_tabrmd=false]) PKG_CHECK_MODULES(tss2_socket, [tcti-socket], [tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])], [tss2_socket=false]) - if test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then - AC_DEFINE([TSS_TSS2], [], [use TSS 2.0 libraries]) + if test x$tss2_sys = xtrue; then + AC_DEFINE([TSS_TSS2_V2], [], [use TSS 2.0 v2 libraries]) + AC_SUBST(tss2_CFLAGS, "$tss2_sys_CFLAGS") + AC_SUBST(tss2_LIBS, "$tss2_sys_LIBS") + elif test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then + AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries]) AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS") AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS") else - AC_MSG_FAILURE([no TSS2 TCTI library detected]) + AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected]) fi fi -if test x$imc_swima = xtrue -o $imv_swima = xtrue -o x$imv_swid = xtrue; then +if test x$imc_swima = xtrue -o $imv_swima = xtrue; then PKG_CHECK_MODULES(json, [json-c], [], [PKG_CHECK_MODULES(json, [json])]) AC_SUBST(json_CFLAGS) AC_SUBST(json_LIBS) fi -if test x$dumm = xtrue; then - PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte]) - AC_SUBST(gtk_CFLAGS) - AC_SUBST(gtk_LIBS) - AC_CHECK_PROGS(RUBY, ruby) - PKG_CHECK_MODULES(ruby, [ruby]) - saved_LIBS=$LIBS - LIBS=$ruby_LIBS - AC_CHECK_FUNCS(rb_errinfo) - LIBS=$saved_LIBS -fi - if test x$fast = xtrue; then AC_CHECK_LIB([neo_utl],[hdf_init],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])],[]) AC_MSG_CHECKING([for -lneo_cgi and dependencies]) @@ -1139,6 +1137,14 @@ if test x$openssl = xtrue; then AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])]) fi +if test x$wolfssl = xtrue; then + wolfssl_lib=wolfssl + AC_CHECK_LIB([$wolfssl_lib],[wolfSSL_Init],[LIBS="$LIBS"], + [AC_MSG_ERROR([wolfSSL lib$wolfssl_lib not found])],[$DLLIB]) + AC_SUBST(WOLFSSL_LIB, [-l$wolfssl_lib]) + AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])]) +fi + if test x$gcrypt = xtrue; then AC_CHECK_LIB([gcrypt],[gcry_control],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error]) AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])]) @@ -1153,6 +1159,12 @@ if test x$gcrypt = xtrue; then ) fi +if test x$botan = xtrue; then + PKG_CHECK_MODULES(botan, [botan-2]) + AC_SUBST(botan_CFLAGS) + AC_SUBST(botan_LIBS) +fi + if test x$uci = xtrue; then AC_CHECK_LIB([uci],[uci_alloc_context],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[]) AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])]) @@ -1174,10 +1186,7 @@ if test x$eap_sim_pcsc = xtrue; then fi if test x$nm = xtrue; then - PKG_CHECK_EXISTS([libnm-glib], - [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm-util libnm-glib libnm-glib-vpn])], - [PKG_CHECK_MODULES(nm, [NetworkManager gthread-2.0 libnm_util libnm_glib libnm_glib_vpn])] - ) + PKG_CHECK_MODULES(nm, [gthread-2.0 libnm]) AC_SUBST(nm_CFLAGS) AC_SUBST(nm_LIBS) fi @@ -1292,6 +1301,9 @@ if test x$fuzzing = xtrue; then else # required for libFuzzer FUZZING_LDFLAGS="-stdlib=libc++ -lstdc++" + if test "$SANITIZER" = "coverage"; then + FUZZING_LDFLAGS="$FUZZING_LDFLAGS -lm" + fi AC_SUBST(FUZZING_LDFLAGS) fi fi @@ -1309,7 +1321,7 @@ fi AM_CONDITIONAL(RUBY_GEMS_INSTALL, [test "x$ruby_gems_install" = xtrue]) if test x$python_eggs = xtrue; then - PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/dev/'` + PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/.dev/'` AC_SUBST([PYTHON_PACKAGE_VERSION]) if test x$python_eggs_install = xtrue; then AC_PATH_PROG([EASY_INSTALL], [easy_install], [], [$PATH:/bin:/usr/bin:/usr/local/bin]) @@ -1405,7 +1417,9 @@ ADD_PLUGIN([ipseckey], [c charon]) ADD_PLUGIN([pem], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) ADD_PLUGIN([padlock], [s charon]) ADD_PLUGIN([openssl], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) +ADD_PLUGIN([wolfssl], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) ADD_PLUGIN([gcrypt], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) +ADD_PLUGIN([botan], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen]) ADD_PLUGIN([fips-prf], [s charon nm cmd]) ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) @@ -1438,6 +1452,7 @@ ADD_PLUGIN([kernel-pfkey], [c charon starter nm cmd]) ADD_PLUGIN([kernel-pfroute], [c charon starter nm cmd]) ADD_PLUGIN([kernel-netlink], [c charon starter nm cmd]) ADD_PLUGIN([resolve], [c charon cmd]) +ADD_PLUGIN([save-keys], [c]) ADD_PLUGIN([socket-default], [c charon nm cmd]) ADD_PLUGIN([socket-dynamic], [c charon cmd]) ADD_PLUGIN([socket-win], [c charon]) @@ -1573,7 +1588,9 @@ AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue) AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue) AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue) AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue) +AM_CONDITIONAL(USE_WOLFSSL, test x$wolfssl = xtrue) AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue) +AM_CONDITIONAL(USE_BOTAN, test x$botan = xtrue) AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue) AM_CONDITIONAL(USE_KEYCHAIN, test x$keychain = xtrue) AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue) @@ -1661,12 +1678,11 @@ AM_CONDITIONAL(USE_IMC_OS, test x$imc_os = xtrue) AM_CONDITIONAL(USE_IMV_OS, test x$imv_os = xtrue) AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue) AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue) -AM_CONDITIONAL(USE_IMC_SWID, test x$imc_swid = xtrue) -AM_CONDITIONAL(USE_IMV_SWID, test x$imv_swid = xtrue) AM_CONDITIONAL(USE_IMC_SWIMA, test x$imc_swima = xtrue) AM_CONDITIONAL(USE_IMV_SWIMA, test x$imv_swima = xtrue) AM_CONDITIONAL(USE_IMC_HCD, test x$imc_hcd = xtrue) AM_CONDITIONAL(USE_IMV_HCD, test x$imv_hcd = xtrue) +AM_CONDITIONAL(USE_SAVE_KEYS, test x$save_keys = xtrue) AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue) AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue) AM_CONDITIONAL(USE_SOCKET_WIN, test x$socket_win = xtrue) @@ -1685,7 +1701,6 @@ AM_CONDITIONAL(USE_COUNTERS, test x$counters = xtrue) # --------------- AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue) AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue) -AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue) AM_CONDITIONAL(USE_FAST, test x$fast = xtrue) AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue) AM_CONDITIONAL(USE_ME, test x$mediation = xtrue) @@ -1766,7 +1781,7 @@ fi if test x$fuzzing = xtrue; then AC_DEFINE([USE_FUZZING], [], [build code for fuzzing]) fi -if test x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imv_swid = xtrue ; then +if test x$imc_swima = xtrue -o x$imv_swima = xtrue; then AC_DEFINE([USE_JSON], [], [build code for JSON]) fi @@ -1804,7 +1819,7 @@ AC_CONFIG_FILES([ man/Makefile init/Makefile init/systemd/Makefile - init/systemd-swanctl/Makefile + init/systemd-starter/Makefile src/Makefile src/include/Makefile src/libstrongswan/Makefile @@ -1853,7 +1868,9 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/sqlite/Makefile src/libstrongswan/plugins/padlock/Makefile src/libstrongswan/plugins/openssl/Makefile + src/libstrongswan/plugins/wolfssl/Makefile src/libstrongswan/plugins/gcrypt/Makefile + src/libstrongswan/plugins/botan/Makefile src/libstrongswan/plugins/agent/Makefile src/libstrongswan/plugins/keychain/Makefile src/libstrongswan/plugins/pkcs11/Makefile @@ -1893,8 +1910,6 @@ AC_CONFIG_FILES([ src/libimcv/plugins/imv_os/Makefile src/libimcv/plugins/imc_attestation/Makefile src/libimcv/plugins/imv_attestation/Makefile - src/libimcv/plugins/imc_swid/Makefile - src/libimcv/plugins/imv_swid/Makefile src/libimcv/plugins/imc_swima/Makefile src/libimcv/plugins/imv_swima/Makefile src/libimcv/plugins/imc_hcd/Makefile @@ -1908,6 +1923,7 @@ AC_CONFIG_FILES([ src/libcharon/Makefile src/libcharon/plugins/eap_aka/Makefile src/libcharon/plugins/eap_aka_3gpp/Makefile + src/libcharon/plugins/eap_aka_3gpp/tests/Makefile src/libcharon/plugins/eap_aka_3gpp2/Makefile src/libcharon/plugins/eap_dynamic/Makefile src/libcharon/plugins/eap_identity/Makefile @@ -1931,6 +1947,7 @@ AC_CONFIG_FILES([ src/libcharon/plugins/xauth_noauth/Makefile src/libcharon/plugins/tnc_ifmap/Makefile src/libcharon/plugins/tnc_pdp/Makefile + src/libcharon/plugins/save_keys/Makefile src/libcharon/plugins/socket_default/Makefile src/libcharon/plugins/socket_dynamic/Makefile src/libcharon/plugins/socket_win/Makefile @@ -1991,11 +2008,10 @@ AC_CONFIG_FILES([ src/_copyright/Makefile src/scepclient/Makefile src/aikgen/Makefile + src/tpm_extendpcr/Makefile src/pki/Makefile src/pki/man/Makefile src/pool/Makefile - src/dumm/Makefile - src/dumm/ext/extconf.rb src/libfast/Makefile src/manager/Makefile src/medsrv/Makefile @@ -2005,6 +2021,7 @@ AC_CONFIG_FILES([ src/sw-collector/Makefile src/sec-updater/Makefile src/swanctl/Makefile + src/xfrmi/Makefile scripts/Makefile testing/Makefile ])