2 # Copyright (C) 2007-2022 Tobias Brunner
3 # Copyright (C) 2006-2022 Andreas Steffen
4 # Copyright (C) 2006-2014 Martin Willi
6 # Copyright (C) secunet Security Networks AG
8 # This program is free software; you can redistribute it and/or modify it
9 # under the terms of the GNU General Public License as published by the
10 # Free Software Foundation; either version 2 of the License, or (at your
11 # option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13 # This program is distributed in the hope that it will be useful, but
14 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
19 # ============================
20 # initialize & set some vars
21 # ============================
23 AC_INIT([strongSwan],[5.9.14])
24 AM_INIT_AUTOMAKE(m4_esyscmd([
27 case `automake --version | head -n 1` in
31 # don't use parallel test harness in 1.12 and up
32 *) echo serial-tests;;
35 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES])
36 AC_CONFIG_MACRO_DIR([m4/config])
37 AC_CONFIG_HEADERS([config.h])
38 AC_DEFINE([CONFIG_H_INCLUDED], [], [defined if config.h included])
42 m4_include(m4/macros/split-package-version.m4)
45 # =================================
46 # check --enable-xxx & --with-xxx
47 # =================================
49 m4_include(m4/macros/with.m4)
51 ARG_WITH_SUBST([random-device], [/dev/random], [set the device to read real random data from])
52 ARG_WITH_SUBST([urandom-device], [/dev/urandom], [set the device to read pseudo random data from])
53 ARG_WITH_SUBST([strongswan-conf], [${sysconfdir}/strongswan.conf], [set the strongswan.conf file location])
54 ARG_WITH_SUBST([resolv-conf], [${sysconfdir}/resolv.conf], [set the file to use in DNS handler plugin])
55 ARG_WITH_SUBST([piddir], [/var/run], [set path for PID and UNIX socket files])
56 ARG_WITH_SUBST([ipsecdir], [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
57 ARG_WITH_SUBST([ipseclibdir], [${libdir%/}/ipsec], [set installation path for ipsec libraries])
58 ARG_WITH_SUBST([plugindir], [${ipseclibdir%/}/plugins], [set the installation path of plugins])
59 ARG_WITH_SUBST([imcvdir], [${ipseclibdir%/}/imcvs], [set the installation path of IMC and IMV dynamic libraries])
60 ARG_WITH_SUBST([nm-ca-dir], [/usr/share/ca-certificates], [directory the NM backend uses to look up trusted root certificates])
61 ARG_WITH_SUBST([swanctldir], [${sysconfdir}/swanctl], [base directory for swanctl configuration files and credentials])
62 ARG_WITH_SUBST([linux-headers], [\${top_srcdir}/src/include], [set directory of linux header files to use])
63 ARG_WITH_SUBST([routing-table], [220], [set routing table to use for IPsec routes])
64 ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
65 ARG_WITH_SUBST([ipsec-script], [ipsec], [change the name of the ipsec script])
66 ARG_WITH_SUBST([fips-mode], [0], [set openssl FIPS mode: disabled(0), enabled(1), Suite B enabled(2)])
67 ARG_WITH_SUBST([libfuzzer], [], [-fsanitize=fuzzer or path to libFuzzer.a, a local driver is used if not specified])
68 ARG_WITH_SET([capabilities], [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
69 ARG_WITH_SET([mpz_powm_sec], [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
70 ARG_WITH_SET([dev-headers], [no], [install strongSwan development headers to directory.])
71 ARG_WITH_SET([printf-hooks], [auto], [force the use of a specific printf hook implementation (auto, builtin, glibc, vstr).])
72 ARG_WITH_SET([rubygemdir], ["gem environment gemdir"], [path to install ruby gems to])
73 ARG_WITH_SET([pythoneggdir], ["main site-packages directory"], [path to install python eggs to to])
75 if test -n "$PKG_CONFIG"; then
76 systemdsystemunitdir_default=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
78 ARG_WITH_SET([systemdsystemunitdir], [$systemdsystemunitdir_default], [directory for systemd service files])
79 AC_SUBST(systemdsystemunitdir)
83 AS_HELP_STRING([--with-dbuspolicydir=arg],[directory for D-Bus policies (default: ${dbusdatadir|datarootdir}/dbus-1/system.d)]),
84 [dbuspolicydir="$withval"],
85 [PKG_CHECK_VAR([dbusdatadir], [dbus-1], [datadir], , [dbusdatadir="${datarootdir}"])
86 dbuspolicydir="${dbusdatadir}/dbus-1/system.d"]
88 AC_SUBST(dbuspolicydir)
92 AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
93 [AC_DEFINE_UNQUOTED([IPSEC_USER], "$withval", [username to run daemon with])
94 AC_SUBST(ipsecuser, "$withval")],
95 [AC_SUBST(ipsecuser, "root")]
100 AS_HELP_STRING([--with-group=group],[change group of the daemons to "group" after startup (default is "root").]),
101 [AC_DEFINE_UNQUOTED(IPSEC_GROUP, "$withval", [groupname to run daemon with])
102 AC_SUBST(ipsecgroup, "$withval")],
103 [AC_SUBST(ipsecgroup, "root")]
108 AS_HELP_STRING([--with-charon-udp-port=port],[UDP port used by charon locally (default 500). Set to 0 to allocate randomly.]),
109 [AC_DEFINE_UNQUOTED(CHARON_UDP_PORT, [$withval], [UDP port used by charon locally])
110 AC_SUBST(charon_udp_port, [$withval])],
111 [AC_SUBST(charon_udp_port, 500)]
116 AS_HELP_STRING([--with-charon-natt-port=port],[UDP port used by charon locally in case a NAT is detected (must be different from charon-udp-port, default 4500). Set to 0 to allocate randomly.]),
117 [AC_DEFINE_UNQUOTED(CHARON_NATT_PORT, [$withval], [UDP post used by charon locally in case a NAT is detected])
118 AC_SUBST(charon_natt_port, [$withval])],
119 [AC_SUBST(charon_natt_port, 4500)]
122 AC_MSG_CHECKING([configured UDP ports ($charon_udp_port, $charon_natt_port)])
123 if test x$charon_udp_port != x0 -a x$charon_udp_port = x$charon_natt_port; then
124 AC_MSG_ERROR(the ports have to be different)
129 # convert script name to uppercase
130 AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`])
132 m4_include(m4/macros/enable-disable.m4)
135 ARG_DISBL_SET([aes], [disable AES software implementation plugin.])
136 ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.])
137 ARG_ENABL_SET([bliss], [enable BLISS software implementation plugin.])
138 ARG_ENABL_SET([blowfish], [enable Blowfish software implementation plugin.])
139 ARG_ENABL_SET([botan], [enables the Botan crypto plugin.])
140 ARG_ENABL_SET([ccm], [enables the CCM AEAD wrapper crypto plugin.])
141 ARG_ENABL_SET([chapoly], [enables the ChaCha20/Poly1305 AEAD plugin.])
142 ARG_DISBL_SET([cmac], [disable CMAC crypto implementation plugin.])
143 ARG_ENABL_SET([ctr], [enables the Counter Mode wrapper crypto plugin.])
144 ARG_DISBL_SET([des], [disable DES/3DES software implementation plugin.])
145 ARG_DISBL_SET([drbg], [disable the NIST Deterministic Random Bit Generator plugin.])
146 ARG_DISBL_SET([fips-prf], [disable FIPS PRF software implementation plugin.])
147 ARG_DISBL_SET([gcm], [disable the GCM AEAD wrapper crypto plugin.])
148 ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.])
149 ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.])
150 ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.])
151 ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.])
152 ARG_DISBL_SET([kdf], [disable KDF (prf+) implementation plugin.])
153 ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.])
154 ARG_DISBL_SET([md5], [disable MD5 software implementation plugin.])
155 ARG_ENABL_SET([mgf1], [enable the MGF1 software implementation plugin.])
156 ARG_ENABL_SET([newhope], [enable New Hope crypto plugin.])
157 ARG_DISBL_SET([nonce], [disable nonce generation plugin.])
158 ARG_ENABL_SET([ntru], [enables the NTRU crypto plugin.])
159 ARG_ENABL_SET([openssl], [enables the OpenSSL crypto plugin.])
160 ARG_ENABL_SET([wolfssl], [enables the wolfSSL crypto plugin.])
161 ARG_ENABL_SET([padlock], [enables VIA Padlock crypto plugin.])
162 ARG_DISBL_SET([random], [disable RNG implementation on top of /dev/(u)random.])
163 ARG_DISBL_SET([rc2], [disable RC2 software implementation plugin.])
164 ARG_ENABL_SET([rdrand], [enable Intel RDRAND random generator plugin.])
165 ARG_ENABL_SET([aesni], [enable Intel AES-NI crypto plugin.])
166 ARG_DISBL_SET([sha1], [disable SHA1 software implementation plugin.])
167 ARG_DISBL_SET([sha2], [disable SHA256/SHA384/SHA512 software implementation plugin.])
168 ARG_ENABL_SET([sha3], [enable SHA3_224/SHA3_256/SHA3_384/SHA3_512 software implementation plugin.])
169 ARG_DISBL_SET([xcbc], [disable xcbc crypto implementation plugin.])
170 # encoding/decoding plugins
171 ARG_DISBL_SET([dnskey], [disable DNS RR key decoding plugin.])
172 ARG_DISBL_SET([pem], [disable PEM decoding plugin.])
173 ARG_DISBL_SET([pgp], [disable PGP key decoding plugin.])
174 ARG_DISBL_SET([pkcs1], [disable PKCS1 key decoding plugin.])
175 ARG_DISBL_SET([pkcs7], [disable PKCS7 container support plugin.])
176 ARG_DISBL_SET([pkcs8], [disable PKCS8 private key decoding plugin.])
177 ARG_DISBL_SET([pkcs12], [disable PKCS12 container support plugin.])
178 ARG_DISBL_SET([pubkey], [disable RAW public key support plugin.])
179 ARG_DISBL_SET([sshkey], [disable SSH key decoding plugin.])
180 ARG_DISBL_SET([x509], [disable X509 certificate implementation plugin.])
181 ARG_ENABL_SET([openxpki], [enable OCSP responder accessing OpenXPKI certificate database.])
182 # fetcher/resolver plugins
183 ARG_ENABL_SET([curl], [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
184 ARG_ENABL_SET([files], [enable simple file:// URI fetcher.])
185 ARG_ENABL_SET([ldap], [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.])
186 ARG_ENABL_SET([soup], [enable soup fetcher plugin to fetch from HTTP via libsoup. Requires libsoup.])
187 ARG_ENABL_SET([unbound], [enable UNBOUND resolver plugin to perform DNS queries via libunbound. Requires libldns and libunbound.])
188 ARG_ENABL_SET([winhttp], [enable WinHTTP based HTTP/HTTPS fetching plugin.])
190 ARG_ENABL_SET([mysql], [enable MySQL database support. Requires libmysqlclient_r.])
191 ARG_ENABL_SET([sqlite], [enable SQLite database support. Requires libsqlite3.])
192 # authentication/credential plugins
193 ARG_ENABL_SET([addrblock], [enables RFC 3779 address block constraint support.])
194 ARG_ENABL_SET([acert], [enable X509 attribute certificate checking plugin.])
195 ARG_ENABL_SET([agent], [enables the ssh-agent signing plugin.])
196 ARG_DISBL_SET([constraints], [disable advanced X509 constraint checking plugin.])
197 ARG_ENABL_SET([coupling], [enable IKEv2 plugin to couple peer certificates permanently to authentication.])
198 ARG_ENABL_SET([dnscert], [enable DNSCERT authentication plugin.])
199 ARG_ENABL_SET([eap-sim], [enable SIM authentication module for EAP.])
200 ARG_ENABL_SET([eap-sim-file], [enable EAP-SIM backend based on a triplet file.])
201 ARG_ENABL_SET([eap-sim-pcsc], [enable EAP-SIM backend based on a smartcard reader. Requires libpcsclite.])
202 ARG_ENABL_SET([eap-aka], [enable EAP AKA authentication module.])
203 ARG_ENABL_SET([eap-aka-3gpp], [enable EAP AKA backend implementing 3GPP MILENAGE algorithms in software.])
204 ARG_ENABL_SET([eap-aka-3gpp2], [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
205 ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
206 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
207 ARG_ENABL_SET([eap-simaka-reauth], [enable EAP-SIM/AKA reauthentication data storage plugin.])
208 ARG_ENABL_SET([eap-identity], [enable EAP module providing EAP-Identity helper.])
209 ARG_ENABL_SET([eap-md5], [enable EAP MD5 (CHAP) authentication module.])
210 ARG_ENABL_SET([eap-gtc], [enable EAP GTC authentication module.])
211 ARG_ENABL_SET([eap-mschapv2], [enable EAP MS-CHAPv2 authentication module.])
212 ARG_ENABL_SET([eap-tls], [enable EAP TLS authentication module.])
213 ARG_ENABL_SET([eap-ttls], [enable EAP TTLS authentication module.])
214 ARG_ENABL_SET([eap-peap], [enable EAP PEAP authentication module.])
215 ARG_ENABL_SET([eap-tnc], [enable EAP TNC trusted network connect module.])
216 ARG_ENABL_SET([eap-dynamic], [enable dynamic EAP proxy module.])
217 ARG_ENABL_SET([eap-radius], [enable RADIUS proxy authentication module.])
218 ARG_ENABL_SET([ext-auth], [enable plugin calling an external authorization script.])
219 ARG_ENABL_SET([ipseckey], [enable IPSECKEY authentication plugin.])
220 ARG_ENABL_SET([keychain], [enables OS X Keychain Services credential set.])
221 ARG_ENABL_SET([pkcs11], [enables the PKCS11 token support plugin.])
222 ARG_ENABL_SET([tpm], [enables the TPM plugin to access private keys and certificates bound to a TPM 2.0.])
223 ARG_DISBL_SET([revocation], [disable X509 CRL/OCSP revocation check plugin.])
224 ARG_ENABL_SET([whitelist], [enable peer identity whitelisting plugin.])
225 ARG_DISBL_SET([xauth-generic], [disable generic XAuth backend.])
226 ARG_ENABL_SET([xauth-eap], [enable XAuth backend using EAP methods to verify passwords.])
227 ARG_ENABL_SET([xauth-pam], [enable XAuth backend using PAM to verify passwords.])
228 ARG_ENABL_SET([xauth-noauth], [enable XAuth pseudo-backend that does not actually verify or even request any credentials.])
229 # kernel interfaces / sockets
230 ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
231 ARG_ENABL_SET([kernel-pfkey], [enable the PF_KEY kernel interface.])
232 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
233 ARG_ENABL_SET([kernel-iph], [enable the Windows IP Helper based networking backend.])
234 ARG_ENABL_SET([kernel-libipsec],[enable the libipsec kernel interface.])
235 ARG_ENABL_SET([kernel-wfp], [enable the Windows Filtering Platform IPsec backend.])
236 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
237 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
238 ARG_ENABL_SET([socket-win], [enable Winsock2 based socket implementation for charon])
239 # configuration/control plugins
240 ARG_DISBL_SET([stroke], [disable charons stroke configuration backend.])
241 ARG_ENABL_SET([smp], [enable SMP configuration and control interface. Requires libxml.])
242 ARG_ENABL_SET([sql], [enable SQL database configuration backend.])
243 ARG_ENABL_SET([uci], [enable OpenWRT UCI configuration plugin.])
244 ARG_DISBL_SET([vici], [disable strongSwan IKE generic IPC interface plugin.])
245 # attribute provider/consumer plugins
246 ARG_ENABL_SET([android-dns], [enable Android specific DNS handler.])
247 ARG_DISBL_SET([attr], [disable strongswan.conf based configuration attribute plugin.])
248 ARG_ENABL_SET([attr-sql], [enable SQL based configuration attribute plugin.])
249 ARG_ENABL_SET([dhcp], [enable DHCP based attribute provider plugin.])
250 ARG_ENABL_SET([osx-attr], [enable OS X SystemConfiguration attribute handler.])
251 ARG_ENABL_SET([p-cscf], [enable plugin to request P-CSCF server addresses from an ePDG.])
252 ARG_DISBL_SET([resolve], [disable resolve DNS handler plugin.])
253 ARG_ENABL_SET([unity], [enables Cisco Unity extension plugin.])
254 # TNC modules/plugins
255 ARG_ENABL_SET([imc-test], [enable IMC test module.])
256 ARG_ENABL_SET([imv-test], [enable IMV test module.])
257 ARG_ENABL_SET([imc-scanner], [enable IMC port scanner module.])
258 ARG_ENABL_SET([imv-scanner], [enable IMV port scanner module.])
259 ARG_ENABL_SET([imc-os], [enable IMC operating system module.])
260 ARG_ENABL_SET([imv-os], [enable IMV operating system module.])
261 ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.])
262 ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.])
263 ARG_ENABL_SET([imc-swima], [enable IMC swima module.])
264 ARG_ENABL_SET([imv-swima], [enable IMV swima module.])
265 ARG_ENABL_SET([imc-hcd], [enable IMC hcd module.])
266 ARG_ENABL_SET([imv-hcd], [enable IMV hcd module.])
267 ARG_ENABL_SET([tnc-ifmap], [enable TNC IF-MAP module. Requires libxml])
268 ARG_ENABL_SET([tnc-imc], [enable TNC IMC module.])
269 ARG_ENABL_SET([tnc-imv], [enable TNC IMV module.])
270 ARG_ENABL_SET([tnc-pdp], [enable TNC policy decision point module.])
271 ARG_ENABL_SET([tnccs-11], [enable TNCCS 1.1 protocol module. Requires libxml])
272 ARG_ENABL_SET([tnccs-20], [enable TNCCS 2.0 protocol module.])
273 ARG_ENABL_SET([tnccs-dynamic], [enable dynamic TNCCS protocol discovery module.])
275 ARG_ENABL_SET([android-log], [enable Android specific logger plugin.])
276 ARG_ENABL_SET([bypass-lan], [enable plugin to install bypass policies for local subnets.])
277 ARG_ENABL_SET([certexpire], [enable CSV export of expiration dates of used certificates.])
278 ARG_ENABL_SET([connmark], [enable connmark plugin using conntrack based marks to select return path SA.])
279 ARG_ENABL_SET([counters], [enable plugin that collects several performance counters.])
280 ARG_ENABL_SET([forecast], [enable forecast plugin forwarding broadcast/multicast messages.])
281 ARG_ENABL_SET([duplicheck], [advanced duplicate checking plugin using liveness checks.])
282 ARG_ENABL_SET([error-notify], [enable error notification plugin.])
283 ARG_ENABL_SET([farp], [enable ARP faking plugin that responds to ARP requests to peers virtual IP])
284 ARG_ENABL_SET([ha], [enable high availability cluster plugin.])
285 ARG_ENABL_SET([led], [enable plugin to control LEDs on IKEv2 activity using the Linux kernel LED subsystem.])
286 ARG_ENABL_SET([load-tester], [enable load testing plugin for IKEv2 daemon.])
287 ARG_ENABL_SET([lookip], [enable fast virtual IP lookup and notification plugin.])
288 ARG_ENABL_SET([radattr], [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.])
289 ARG_ENABL_SET([save-keys], [enable development/debugging plugin that saves IKE and ESP keys in Wireshark format.])
290 ARG_ENABL_SET([systime-fix], [enable plugin to handle cert lifetimes with invalid system time gracefully.])
291 ARG_ENABL_SET([test-vectors], [enable plugin providing crypto test vectors.])
292 ARG_DISBL_SET([updown], [disable updown firewall script plugin.])
293 # programs/components
294 ARG_ENABL_SET([aikgen], [enable AIK generator for TPM 1.2.])
295 ARG_DISBL_SET([charon], [disable the IKEv1/IKEv2 keying daemon charon.])
296 ARG_ENABL_SET([cmd], [enable the command line IKE client charon-cmd.])
297 ARG_ENABL_SET([conftest], [enforce Suite B conformance test framework.])
298 ARG_ENABL_SET([fast], [enable libfast (FastCGI Application Server w/ templates.])
299 ARG_ENABL_SET([fuzzing], [enable fuzzing scripts (found in directory fuzz).])
300 ARG_ENABL_SET([libipsec], [enable user space IPsec implementation.])
301 ARG_ENABL_SET([manager], [enable web management console (proof of concept).])
302 ARG_ENABL_SET([medcli], [enable mediation client configuration database plugin.])
303 ARG_ENABL_SET([medsrv], [enable mediation server web frontend and daemon plugin.])
304 ARG_ENABL_SET([nm], [enable NetworkManager backend.])
305 ARG_DISBL_SET([pki], [disable pki certificate utility.])
306 ARG_DISBL_SET([scripts], [disable additional utilities (found in directory scripts).])
307 ARG_ENABL_SET([svc], [enable charon Windows service.])
308 ARG_ENABL_SET([systemd], [enable systemd specific IKE daemon charon-systemd.])
309 ARG_DISBL_SET([swanctl], [disable swanctl configuration and control tool.])
310 ARG_ENABL_SET([tkm], [enable Trusted Key Manager support.])
311 ARG_ENABL_SET([cert-enroll], [enable automatic certificate enrollment via EST or SCEP.])
313 ARG_ENABL_SET([bfd-backtraces], [use binutils libbfd to resolve backtraces for memory leaks and segfaults.])
314 ARG_ENABL_SET([dbghelp-backtraces],[use dbghlp.dll on Windows to create and print backtraces for memory leaks and segfaults.])
315 ARG_DISBL_SET([ikev1], [disable IKEv1 protocol support in charon.])
316 ARG_DISBL_SET([ikev2], [disable IKEv2 protocol support in charon.])
317 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
318 ARG_DISBL_SET([load-warning], [disable the charon plugin load option warning in starter.])
319 ARG_ENABL_SET([mediation], [enable IKEv2 Mediation Extension.])
320 ARG_ENABL_SET([unwind-backtraces],[use libunwind to create backtraces for memory leaks and segfaults.])
321 ARG_ENABL_SET([ruby-gems], [enable build of provided ruby gems.])
322 ARG_ENABL_SET([ruby-gems-install],[enable installation of provided ruby gems.])
323 ARG_ENABL_SET([python-eggs], [enable build of provided python eggs.])
324 ARG_ENABL_SET([python-eggs-install],[enable installation of provided python eggs.])
325 ARG_ENABL_SET([perl-cpan], [enable build of provided perl CPAN module.])
326 ARG_ENABL_SET([perl-cpan-install],[enable installation of provided CPAN module.])
327 ARG_ENABL_SET([selinux], [enable SELinux support for labeled IPsec.])
328 ARG_ENABL_SET([tss-trousers], [enable the use of the TrouSerS Trusted Software Stack])
329 ARG_ENABL_SET([tss-tss2], [enable the use of the TSS 2.0 Trusted Software Stack])
330 ARG_ENABL_SET([cert-enroll-timer],[enable installation of cert-enroll as a systemd timer.])
333 ARG_ENABL_SET([asan], [enable build with AddressSanitizer (ASan).])
334 ARG_ENABL_SET([coverage], [enable lcov coverage report generation.])
335 ARG_ENABL_SET([git-version], [use output of 'git describe' as version information in executables.])
336 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
337 ARG_ENABL_SET([lock-profiler], [enable lock/mutex profiling code.])
338 ARG_ENABL_SET([log-thread-ids], [use thread ID, if available, instead of an incremented value starting from 1, to identify threads.])
339 ARG_ENABL_SET([monolithic], [build monolithic version of libstrongswan that includes all enabled plugins. Similarly, the plugins of charon are assembled in libcharon.])
340 ARG_ENABL_SET([warnings], [enable extended compiler warnings and -Werror (auto-enabled when building from the repository).])
342 # ===================================
343 # option to disable default options
344 # ===================================
346 ARG_DISBL_SET([defaults], [disable all default plugins (they can be enabled with their respective --enable options)])
348 if test x$defaults = xfalse; then
349 for option in $enabled_by_default; do
350 eval test x\${${option}_given} = xtrue && continue
355 # ==============================
356 # option to enable all options
357 # ==============================
359 ARG_ENABL_SET([all], [enable all plugins and features (they can be disabled with their respective --disable options). Mainly for testing.])
361 if test x$all_given = xtrue; then
362 for option in $disabled_by_default; do
363 eval test x\${${option}_given} = xtrue && continue
368 # ===========================
369 # set up compiler and flags
370 # ===========================
372 if test -z "$CFLAGS"; then
375 AC_SUBST(PLUGIN_CFLAGS)
382 # =========================
383 # check required programs
384 # =========================
390 AC_PROG_LEX(noyywrap)
392 AM_PATH_PYTHON(,,[:])
393 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
394 AC_ARG_VAR([PERL], [the Perl interpreter])
395 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
396 AC_ARG_VAR([GPERF], [the GNU gperf program])
398 # because gperf is not needed by end-users we only abort if generated files don't exist
399 AC_MSG_CHECKING([gperf len type])
400 if test -x "$GPERF"; then
401 GPERF_OUTPUT="`echo foo | ${GPERF}`"
404 [[#include <string.h>
405 const char *in_word_set(const char*, size_t); $GPERF_OUTPUT]])],
406 [GPERF_LEN_TYPE=size_t],
409 [[#include <string.h>
410 const char *in_word_set(const char*, unsigned); $GPERF_OUTPUT]])],
411 [GPERF_LEN_TYPE=unsigned],
412 [AC_MSG_ERROR([unable to determine gperf len type])]
415 AC_SUBST(GPERF_LEN_TYPE)
416 AC_MSG_RESULT([$GPERF_LEN_TYPE])
418 AC_MSG_RESULT([not found])
419 GPERF_TEST_FILE="$srcdir/src/libstrongswan/crypto/proposal/proposal_keywords_static.c"
420 if test ! -f "$GPERF_TEST_FILE"; then
421 AC_MSG_ERROR([GNU gperf required to generate e.g. $GPERF_TEST_FILE])
425 # ========================
426 # dependency calculation
427 # ========================
429 if test x$xauth_generic_given = xfalse -a x$ikev1 = xfalse; then
433 if test x$kernel_libipsec = xtrue; then
437 if test x$eap_aka_3gpp2 = xtrue; then
441 if test x$eap_aka = xtrue; then
446 if test x$eap_sim = xtrue; then
451 if test x$eap_radius = xtrue -o x$radattr = xtrue -o x$tnc_pdp = xtrue; then
455 if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_20 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then
459 if test x$eap_tls = xtrue -o x$eap_ttls = xtrue -o x$eap_peap = xtrue -o x$tnc_tnccs = xtrue -o x$pki = xtrue; then
463 if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then
467 if test x$fips_prf = xtrue; then
468 if test x$openssl = xfalse -a x$wolfssl = xfalse; then
473 if test x$swanctl = xtrue; then
477 if test x$smp = xtrue -o x$tnccs_11 = xtrue -o x$tnc_ifmap = xtrue; then
481 if test x$manager = xtrue; then
485 if test x$medsrv = xtrue; then
490 if test x$medcli = xtrue; then
494 if test x$ruby_gems_install = xtrue; then
498 if test x$python_eggs_install = xtrue; then
502 if test x$perl_cpan_install = xtrue; then
506 if test x$aikgen = xtrue; then
510 if test x$tpm = xtrue; then
514 if test x$gmp = xtrue -o x$ntru = xtrue -o x$bliss = xtrue; then
518 if test x$stroke = xtrue; then
522 if test x$cert_enroll = xtrue; then
526 if test x$kdf = xfalse; then
527 if test x$aesni = xtrue -o x$cmac = xtrue -o x$xcbc = xtrue; then
528 AC_MSG_WARN(m4_normalize([
529 kdf plugin is required for possible use of PRF_AES128_XCBC/CMAC
530 by one of these plugins: aesni, cmac, xcbc]))
532 elif test x$botan = xfalse -a x$openssl = xfalse -a x$wolfssl = xfalse; then
533 AC_MSG_WARN(m4_normalize([
534 kdf plugin is required because none of the following plugins is
535 enabled: botan, openssl, wolfssl]))
540 # enable warnings and -Werror by default when building from the repo (check with
541 # -e as .git is a file in worktrees)
542 if test x$warnings_given = xfalse -a -e "$srcdir"/.git; then
546 # ===========================================
547 # check required libraries and header files
548 # ===========================================
554 # libraries needed on some platforms but not on others
555 # ------------------------------------------------------
558 # FreeBSD and Mac OS X have dlopen integrated in libc, Linux needs libdl
560 AC_SEARCH_LIBS(dlopen, dl, [DLLIB=$LIBS])
563 # glibc's backtrace() can be replicated on FreeBSD with libexecinfo
565 AC_SEARCH_LIBS(backtrace, execinfo, [BTLIB=$LIBS])
566 AC_CHECK_FUNCS(backtrace)
569 # OpenSolaris needs libsocket and libnsl for socket()
571 AC_SEARCH_LIBS(socket, socket, [SOCKLIB=$LIBS],
572 [AC_CHECK_LIB(nsl, socket, [SOCKLIB="-lsocket -lnsl"], [], [-lsocket])]
576 # Android has pthread_* functions in bionic (libc), others need libpthread
578 AC_SEARCH_LIBS(pthread_create, pthread, [PTHREADLIB=$LIBS])
581 # Some architectures require explicit -latomic for __atomic_* operations
582 # AC_SEARCH_LIBS() does not work when checking built-ins due to conflicting types
584 AC_MSG_CHECKING(for library containing __atomic_and_fetch)
586 [AC_LANG_PROGRAM([[]], [[int x; __atomic_and_fetch(&x, 1, __ATOMIC_RELAXED);]])],
587 [AC_MSG_RESULT([none required])],
590 [AC_LANG_PROGRAM([[]], [[int x; __atomic_and_fetch(&x, 1, __ATOMIC_RELAXED);]])],
591 [AC_MSG_RESULT([-latomic]); ATOMICLIB=$LIBS],
592 [AC_MSG_RESULT([no])])
598 # ------------------------------------------------------
600 AC_MSG_CHECKING(for dladdr)
603 [[#define _GNU_SOURCE
604 #include <dlfcn.h>]],
606 dladdr(0, info);]])],
607 [AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_DLADDR], [], [have dladdr()])],
608 [AC_MSG_RESULT([no])]
611 # check if pthread_condattr_setclock(CLOCK_MONOTONIC) is supported
614 AC_MSG_CHECKING([for pthread_condattr_setclock(CLOCK_MONOTONIC)])
617 [[#include <pthread.h>
618 int main() { pthread_condattr_t attr;
619 pthread_condattr_init(&attr);
620 return pthread_condattr_setclock(&attr, CLOCK_MONOTONIC);}]])],
621 [AC_MSG_RESULT([yes]);
622 AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
623 [pthread_condattr_setclock supports CLOCK_MONOTONIC])],
624 [AC_MSG_RESULT([no])],
625 # Check existence of pthread_condattr_setclock if cross-compiling
626 [AC_MSG_RESULT([unknown]);
627 AC_CHECK_FUNCS(pthread_condattr_setclock,
628 [AC_DEFINE([HAVE_CONDATTR_CLOCK_MONOTONIC], [],
629 [have pthread_condattr_setclock()])]
632 # check if we actually are able to configure attributes on cond vars
633 AC_CHECK_FUNCS(pthread_condattr_init)
634 # instead of pthread_condattr_setclock Android has this function
635 AC_CHECK_FUNCS(pthread_cond_timedwait_monotonic)
636 # check if we can cancel threads
637 AC_CHECK_FUNCS(pthread_cancel)
638 # check if native rwlocks are available
639 AC_CHECK_FUNCS(pthread_rwlock_init)
640 # check if pthread spinlocks are available
641 AC_CHECK_FUNCS(pthread_spin_init)
642 # check if we have POSIX semaphore functions, including timed-wait
643 AC_CHECK_FUNCS(sem_timedwait)
648 [AC_DEFINE([HAVE_GETTID], [], [have gettid()])],
649 [AC_MSG_CHECKING([for SYS_gettid])
652 [[#define _GNU_SOURCE
654 #include <sys/syscall.h>]],
656 return syscall(SYS_gettid);}]])],
657 [AC_MSG_RESULT([yes]);
658 AC_DEFINE([HAVE_GETTID], [], [have gettid()])
659 AC_DEFINE([HAVE_SYS_GETTID], [], [have syscall(SYS_gettid)])],
660 [AC_MSG_RESULT([no])]
667 AC_DEFINE([HAVE_QSORT_R], [], [have qsort_r()])
668 # set -Werror so that we get an error for "argument ... has
669 # incompatible pointer type" warnings
670 save_CFLAGS="$CFLAGS"
671 CFLAGS="$CFLAGS -Werror -Wno-unused-parameter"
672 AC_MSG_CHECKING([for GNU-style qsort_r])
675 [[#define _GNU_SOURCE
677 int cmp (const void *a, const void *b, void *x) { return 0; }]],
678 [[int arr[] = { 0, 1 };
679 qsort_r(arr, 2, sizeof(int), cmp, arr);]])],
680 [AC_MSG_RESULT([yes]);
681 AC_DEFINE([HAVE_QSORT_R_GNU], [], [have GNU-style qsort_r()])],
684 AC_MSG_CHECKING([for BSD-style qsort_r])
687 [[#include <stdlib.h>
688 int cmp (void *x, const void *a, const void *b) { return 0; }]],
689 [[int arr[] = { 0, 1 };
690 qsort_r(arr, 2, sizeof(int), arr, cmp);]])],
691 [AC_MSG_RESULT([yes]);
692 AC_DEFINE([HAVE_QSORT_R_BSD], [], [have BSD-style qsort_r()])],
693 [AC_MSG_RESULT([no]);
694 AC_MSG_FAILURE([qsort_r has unknown semantics])])
696 CFLAGS="$save_CFLAGS"
700 AC_CHECK_FUNCS(prctl mallinfo mallinfo2 getpass closefrom getpwnam_r getgrnam_r getpwuid_r chown)
701 AC_CHECK_FUNCS(fmemopen funopen mmap memrchr setlinebuf strptime dirfd sigwaitinfo explicit_bzero)
703 AC_CHECK_FUNC([syslog], [
704 AC_DEFINE([HAVE_SYSLOG], [], [have syslog(3) and friends])
707 AM_CONDITIONAL(USE_SYSLOG, [test "x$syslog" = xtrue])
709 AC_CHECK_HEADERS(sys/sockio.h sys/syscall.h sys/param.h glob.h net/if_tun.h)
710 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
711 AC_CHECK_HEADERS([netinet/ip6.h linux/fib_rules.h], [], [],
713 #include <sys/types.h>
714 #include <netinet/in.h>
717 AC_CHECK_MEMBERS([struct sockaddr.sa_len], [], [],
719 #include <sys/types.h>
720 #include <sys/socket.h>
723 AC_CHECK_MEMBERS([struct sadb_x_policy.sadb_x_policy_priority], [], [],
725 #include <sys/types.h>
726 #ifdef HAVE_NET_PFKEYV2_H
727 #include <net/pfkeyv2.h>
730 #include <linux/pfkeyv2.h>
734 AC_MSG_CHECKING([for in6addr_any])
737 [[#include <sys/types.h>
738 #include <sys/socket.h>
739 #include <netinet/in.h>]],
740 [[struct in6_addr in6 __attribute__((unused));
741 in6 = in6addr_any;]])],
742 [AC_MSG_RESULT([yes]);
743 AC_DEFINE([HAVE_IN6ADDR_ANY], [], [have struct in6_addr in6addr_any])],
744 [AC_MSG_RESULT([no])]
747 AC_MSG_CHECKING([for in6_pktinfo])
750 [[#define _GNU_SOURCE
751 #include <sys/types.h>
752 #include <sys/socket.h>
753 #include <netinet/in.h>]],
754 [[struct in6_pktinfo pi = {};
759 [AC_MSG_RESULT([yes]);
760 AC_DEFINE([HAVE_IN6_PKTINFO], [], [have struct in6_pktinfo.ipi6_ifindex])],
761 [AC_MSG_RESULT([no])]
764 AC_MSG_CHECKING([for RTM_IFANNOUNCE])
767 [[#include <sys/socket.h>
769 #include <net/route.h>]],
770 [[return RTM_IFANNOUNCE;]])],
771 [AC_MSG_RESULT([yes]);
772 AC_DEFINE([HAVE_RTM_IFANNOUNCE], [], [have PF_ROUTE RTM_IFANNOUNCE defined])],
773 [AC_MSG_RESULT([no])]
776 AC_MSG_CHECKING([for IPSEC_MODE_BEET])
779 [[#include <sys/types.h>
780 #ifdef HAVE_NETIPSEC_IPSEC_H
781 #include <netipsec/ipsec.h>
782 #elif defined(HAVE_NETINET6_IPSEC_H)
783 #include <netinet6/ipsec.h>
786 #include <linux/ipsec.h>
788 [[int mode = IPSEC_MODE_BEET;
790 [AC_MSG_RESULT([yes]);
791 AC_DEFINE([HAVE_IPSEC_MODE_BEET], [], [have IPSEC_MODE_BEET defined])],
792 [AC_MSG_RESULT([no])]
795 AC_MSG_CHECKING([for IPSEC_DIR_FWD])
798 [[#include <sys/types.h>
799 #ifdef HAVE_NETIPSEC_IPSEC_H
800 #include <netipsec/ipsec.h>
801 #elif defined(HAVE_NETINET6_IPSEC_H)
802 #include <netinet6/ipsec.h>
805 #include <linux/ipsec.h>
807 [[int dir = IPSEC_DIR_FWD;
809 [AC_MSG_RESULT([yes]);
810 AC_DEFINE([HAVE_IPSEC_DIR_FWD], [], [have IPSEC_DIR_FWD defined])],
811 [AC_MSG_RESULT([no])]
814 AC_MSG_CHECKING([for RTA_TABLE])
817 [[#include <sys/socket.h>
818 #include <linux/netlink.h>
819 #include <linux/rtnetlink.h>]],
820 [[int rta_type = RTA_TABLE;
821 return rta_type;]])],
822 [AC_MSG_RESULT([yes]);
823 AC_DEFINE([HAVE_RTA_TABLE], [], [have netlink RTA_TABLE defined])],
824 [AC_MSG_RESULT([no])]
827 AC_MSG_CHECKING([for __int128])
830 [[#include <sys/types.h>]],
833 [AC_MSG_RESULT([yes]);
834 AC_DEFINE([HAVE_INT128], [], [have __int128 type support])],
835 [AC_MSG_RESULT([no])]
838 AC_MSG_CHECKING([for GCC __sync operations])
839 AC_RUN_IFELSE([AC_LANG_SOURCE(
843 __sync_fetch_and_add (&ref, 1);
844 __sync_sub_and_fetch (&ref, 1);
845 __sync_val_compare_and_swap(&ref, 1, 0);
849 [AC_MSG_RESULT([yes]);
850 AC_DEFINE([HAVE_GCC_SYNC_OPERATIONS], [],
851 [have GCC __sync_* operations])],
852 [AC_MSG_RESULT([no])],
853 [AC_MSG_RESULT([no])]
856 case "$printf_hooks" in
857 auto|builtin|glibc|vstr)
860 AC_MSG_NOTICE([invalid printf hook implementation, defaulting to 'auto'])
865 if test x$printf_hooks = xauto -o x$printf_hooks = xglibc; then
866 # check for the new register_printf_specifier function with len argument,
867 # or the deprecated register_printf_function without
869 [register_printf_specifier],
870 [AC_DEFINE([HAVE_PRINTF_SPECIFIER], [], [have register_printf_specifier()])],
872 [register_printf_function],
873 [AC_DEFINE([HAVE_PRINTF_FUNCTION], [], [have register_printf_function()])],
875 AC_MSG_NOTICE([printf(3) does not support custom format specifiers!])
876 if test x$printf_hooks = xglibc; then
877 AC_MSG_ERROR([please select a different printf hook implementation])
879 # fallback to builtin printf hook implementation
887 AC_MSG_CHECKING([for Windows target])
890 [[#include <windows.h>]],
892 # error WIN32 undefined
899 AC_SUBST(PTHREADLIB, "")
900 # explicitly disable ms-bitfields, as it breaks __attribute__((packed))
903 *) CFLAGS="$CFLAGS -mno-ms-bitfields" ;;
909 # check for clock_gettime() on non-Windows only. Otherwise this
910 # check might find clock_gettime() in libwinpthread, but we don't want
911 # to link against it.
913 # FreeBSD has clock_gettime in libc, Linux needs librt
915 AC_SEARCH_LIBS(clock_gettime, rt, [RTLIB=$LIBS])
916 AC_CHECK_FUNCS(clock_gettime)
921 AM_CONDITIONAL(USE_WINDOWS, [test "x$windows" = xtrue])
923 AC_MSG_CHECKING([for working __attribute__((packed))])
925 [AC_LANG_PROGRAM([], [[
926 struct test { char a; short b; } __attribute__((packed));
927 char x[sizeof(struct test) == sizeof(char) + sizeof(short) ? 1 : -1]
928 __attribute__((unused));
931 [AC_MSG_RESULT([yes])],
932 [AC_MSG_RESULT([no]); AC_MSG_ERROR([__attribute__((packed)) does not work])]
935 AC_MSG_CHECKING([clang])
940 # error not using LLVM clang
948 # GCC, but not MinGW requires -rdynamic for plugins
949 if test x$windows != xtrue; then
950 PLUGIN_CFLAGS="$PLUGIN_CFLAGS -rdynamic"
955 AC_MSG_CHECKING([x86/x64 target])
959 #if !defined(__i386__) && !defined(__x86_64__)
960 # error not on x86/x64
967 [AC_MSG_RESULT([no])]
969 AM_CONDITIONAL(USE_X86X64, [test "x$x86x64" = xtrue])
971 if test x$printf_hooks = xvstr; then
972 AC_CHECK_LIB([vstr],[vstr_init],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])],[])
973 AC_DEFINE([USE_VSTR], [], [use Vstr string library for printf hooks])
976 if test x$printf_hooks = xbuiltin; then
977 AC_DEFINE([USE_BUILTIN_PRINTF], [], [using builtin printf for printf hooks])
980 if test x$gmp = xtrue; then
982 AC_CHECK_LIB([gmp],[__gmpz_init],[],[AC_MSG_ERROR([GNU Multi Precision library gmp not found])],[])
983 AC_MSG_CHECKING([mpz_powm_sec])
984 if test x$mpz_powm_sec = xyes; then
987 [[#include "gmp.h"]],
988 [[void *x __attribute__((unused)); x = mpz_powm_sec;]])],
989 [AC_MSG_RESULT([yes]);
990 AC_DEFINE([HAVE_MPZ_POWM_SEC], [], [have mpz_powm_sec()])],
991 [AC_MSG_RESULT([no])]
994 AC_MSG_RESULT([disabled])
997 AC_MSG_CHECKING([gmp.h version >= 4.1.4])
1000 [[#include "gmp.h"]],
1002 #if (__GNU_MP_VERSION*100 + __GNU_MP_VERSION_MINOR*10 + __GNU_MP_VERSION_PATCHLEVEL) < 414
1005 [AC_MSG_RESULT([yes])],
1006 [AC_MSG_RESULT([no]); AC_MSG_ERROR([No usable gmp.h found!])]
1010 if test x$ldap = xtrue; then
1011 AC_CHECK_LIB([ldap],[ldap_init],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library ldap not found])],[])
1012 AC_CHECK_LIB([lber],[ber_free],[LIBS="$LIBS"],[AC_MSG_ERROR([LDAP library lber not found])],[])
1013 AC_CHECK_HEADER([ldap.h],,[AC_MSG_ERROR([LDAP header ldap.h not found!])])
1016 if test x$curl = xtrue; then
1017 AC_CHECK_LIB([curl],[curl_global_init],[LIBS="$LIBS"],[AC_MSG_ERROR([CURL library curl not found])],[])
1018 AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])])
1021 if test x$unbound = xtrue; then
1022 AC_CHECK_LIB([ldns],[ldns_rr_get_type],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library ldns not found])],[])
1023 AC_CHECK_HEADER([ldns/ldns.h],,[AC_MSG_ERROR([UNBOUND header ldns/ldns.h not found!])])
1024 AC_CHECK_LIB([unbound],[ub_ctx_create],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library libunbound not found])],[])
1025 AC_CHECK_HEADER([unbound.h],,[AC_MSG_ERROR([UNBOUND header unbound.h not found!])])
1028 if test x$soup = xtrue; then
1029 PKG_CHECK_MODULES(soup, [libsoup-2.4])
1030 AC_SUBST(soup_CFLAGS)
1034 if test x$xml = xtrue; then
1035 PKG_CHECK_MODULES(xml, [libxml-2.0])
1036 AC_SUBST(xml_CFLAGS)
1040 if test x$systemd = xtrue -o x$cert_enroll_timer = xtrue; then
1041 AC_MSG_CHECKING([for systemd system unit directory])
1042 if test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno; then
1043 AC_MSG_RESULT([$systemdsystemunitdir])
1045 AC_MSG_ERROR([not found (try --with-systemdsystemunitdir)])
1049 if test x$systemd = xtrue; then
1050 PKG_CHECK_MODULES(systemd, [libsystemd >= 209],
1051 [AC_SUBST(systemd_CFLAGS)
1052 AC_SUBST(systemd_LIBS)],
1053 [PKG_CHECK_MODULES(systemd_daemon, [libsystemd-daemon])
1054 AC_SUBST(systemd_daemon_CFLAGS)
1055 AC_SUBST(systemd_daemon_LIBS)
1056 PKG_CHECK_MODULES(systemd_journal, [libsystemd-journal])
1057 AC_SUBST(systemd_journal_CFLAGS)
1058 AC_SUBST(systemd_journal_LIBS)]
1061 LIBS="$systemd_LIBS $systemd_daemon_LIBS"
1062 AC_CHECK_FUNCS(sd_listen_fds_with_names)
1066 if test x$tss_trousers = xtrue; then
1067 AC_CHECK_LIB([tspi],[Tspi_Context_Create],[LIBS="$LIBS"],[AC_MSG_ERROR([TrouSerS library libtspi not found])],[])
1068 AC_CHECK_HEADER([trousers/tss.h],,[AC_MSG_ERROR([TrouSerS header trousers/tss.h not found!])])
1069 AC_DEFINE([TSS_TROUSERS], [], [use TrouSerS library libtspi])
1072 if test x$tss_tss2 = xtrue; then
1073 PKG_CHECK_MODULES(tss2_sys, [tss2-sys],
1074 [tss2_sys=true; AC_DEFINE([TSS2_SYS], [], [use TSS2 v2 System API])],
1076 PKG_CHECK_MODULES(tss2_esys, [tss2-esys],
1077 [tss2_esys=true; AC_DEFINE([TSS2_ESYS], [], [use TSS2 v2 Extended System API])],
1079 if test x$tss2_sys = xtrue; then
1080 AC_DEFINE([TSS_TSS2_V2], [], [use TSS 2.0 v2 libraries])
1081 AC_SUBST(tss2_CFLAGS, "$tss2_sys_CFLAGS")
1082 AC_SUBST(tss2_LIBS, "$tss2_sys_LIBS")
1084 PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd],
1085 [tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Manager])],
1086 [tss2_tabrmd=false])
1087 PKG_CHECK_MODULES(tss2_socket, [tcti-socket],
1088 [tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])],
1089 [tss2_socket=false])
1090 if test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
1091 AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries])
1092 AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS")
1093 AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS")
1095 AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected])
1100 if test x$imc_swima = xtrue -o x$imv_swima = xtrue; then
1101 PKG_CHECK_MODULES(json, [json-c], [],
1102 [PKG_CHECK_MODULES(json, [json])])
1103 AC_SUBST(json_CFLAGS)
1107 if test x$fast = xtrue; then
1108 AC_CHECK_LIB([neo_utl],[hdf_init],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])],[])
1109 AC_MSG_CHECKING([for -lneo_cgi and dependencies])
1110 saved_CFLAGS=$CFLAGS
1112 LIBS="-lneo_cgi -lneo_cs -lneo_utl"
1113 CFLAGS="-I/usr/include/ClearSilver"
1116 [[#include <cgi/cgi.h>]],
1117 [[NEOERR *err = cgi_display(NULL, NULL);]])],
1118 [AC_MSG_RESULT([yes])],
1122 [[#include <cgi/cgi.h>]],
1123 [[NEOERR *err = cgi_display(NULL, NULL);]])],
1124 [AC_MSG_RESULT([yes, zlib required])],
1125 [AC_MSG_ERROR([not found])]
1128 clearsilver_LIBS="$LIBS"
1129 AC_SUBST(clearsilver_LIBS)
1131 CFLAGS=$saved_CFLAGS
1133 AC_CHECK_LIB([fcgi],[FCGX_Init],[LIBS="$LIBS"],[AC_MSG_ERROR([FastCGI library fcgi not found!])],[])
1134 AC_CHECK_HEADER([fcgiapp.h],,[AC_MSG_ERROR([FastCGI header file fcgiapp.h not found!])])
1137 if test x$mysql = xtrue; then
1138 if test "x$windows" = xtrue; then
1139 AC_CHECK_HEADER([mysql.h],,[AC_MSG_ERROR([MySQL header file mysql.h not found!])])
1140 AC_CHECK_LIB([mysql],[mysql_database_init],[LIBS="$LIBS"],[AC_MSG_ERROR([MySQL library not found!])],[])
1141 AC_SUBST(MYSQLLIB, -lmysql)
1143 AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1144 if test x$MYSQLCONFIG = x; then
1145 AC_MSG_ERROR([mysql_config not found!])
1147 AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
1148 AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
1152 if test x$sqlite = xtrue; then
1153 AC_CHECK_LIB([sqlite3],[sqlite3_open],[LIBS="$LIBS"],[AC_MSG_ERROR([SQLite library sqlite3 not found])],[])
1154 AC_CHECK_HEADER([sqlite3.h],,[AC_MSG_ERROR([SQLite header sqlite3.h not found!])])
1155 AC_MSG_CHECKING([sqlite3_prepare_v2])
1158 [[#include <sqlite3.h>]],
1159 [[void *test = sqlite3_prepare_v2;]])],
1160 [AC_MSG_RESULT([yes]);
1161 AC_DEFINE([HAVE_SQLITE3_PREPARE_V2], [], [have sqlite3_prepare_v2()])],
1162 [AC_MSG_RESULT([no])]
1164 AC_MSG_CHECKING([sqlite3.h version >= 3.3.1])
1167 [[#include <sqlite3.h>]],
1169 #if SQLITE_VERSION_NUMBER < 3003001
1172 [AC_MSG_RESULT([yes])],
1173 [AC_MSG_RESULT([no]); AC_MSG_ERROR([SQLite version >= 3.3.1 required!])]
1177 if test x$openssl = xtrue; then
1178 if test "x$windows" = xtrue; then
1180 AC_CHECK_LIB([$openssl_lib],[EVP_CIPHER_CTX_new],[LIBS="$LIBS"],
1181 [openssl_lib=""],[$DLLIB])
1183 if test -z "$openssl_lib"; then
1185 AC_CHECK_LIB([$openssl_lib],[EVP_CIPHER_CTX_new],[LIBS="$LIBS"],
1186 [AC_MSG_ERROR([OpenSSL lib$openssl_lib not found])],[$DLLIB])
1188 AC_SUBST(OPENSSL_LIB, [-l$openssl_lib])
1189 AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
1192 if test x$wolfssl = xtrue; then
1193 PKG_CHECK_MODULES(wolfssl, [wolfssl])
1194 AC_SUBST(wolfssl_CFLAGS)
1195 AC_SUBST(wolfssl_LIBS)
1198 if test x$gcrypt = xtrue; then
1199 AC_CHECK_LIB([gcrypt],[gcry_control],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
1200 AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
1201 AC_MSG_CHECKING([gcrypt CAMELLIA cipher])
1204 [[#include <gcrypt.h>]],
1205 [[enum gcry_cipher_algos alg = GCRY_CIPHER_CAMELLIA128;]])],
1206 [AC_MSG_RESULT([yes]);
1207 AC_DEFINE([HAVE_GCRY_CIPHER_CAMELLIA], [], [have GCRY_CIPHER_CAMELLIA128])],
1208 [AC_MSG_RESULT([no])]
1212 if test x$botan = xtrue; then
1213 PKG_CHECK_MODULES(botan, [botan-3], [],
1214 [PKG_CHECK_MODULES(botan, [botan-2])])
1215 AC_SUBST(botan_CFLAGS)
1216 AC_SUBST(botan_LIBS)
1219 AC_CHECK_FUNCS(botan_rng_init_custom botan_pubkey_ecc_key_used_explicit_encoding)
1223 if test x$uci = xtrue; then
1224 AC_CHECK_LIB([uci],[uci_alloc_context],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[])
1225 AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
1228 if test x$android_dns = xtrue; then
1229 AC_CHECK_LIB([cutils],[property_get],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])],[])
1230 AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
1231 # we have to force the use of libdl here because the autodetection
1232 # above does not work correctly when cross-compiling for android.
1237 if test x$eap_sim_pcsc = xtrue; then
1238 PKG_CHECK_MODULES(pcsclite, [libpcsclite])
1239 AC_SUBST(pcsclite_CFLAGS)
1240 AC_SUBST(pcsclite_LIBS)
1243 if test x$nm = xtrue; then
1244 PKG_CHECK_MODULES(nm, [gthread-2.0 libnm])
1248 AC_MSG_CHECKING([for D-Bus policy directory])
1249 if test -n "$dbuspolicydir" -a "x$dbuspolicydir" != xno; then
1250 AC_MSG_RESULT([$dbuspolicydir])
1252 AC_MSG_ERROR([not found (try --with-dbuspolicydir)])
1256 if test x$xauth_pam = xtrue; then
1257 AC_CHECK_LIB([pam],[pam_start],[LIBS="$LIBS"],[AC_MSG_ERROR([PAM library not found])],[])
1258 AC_CHECK_HEADER([security/pam_appl.h],,[AC_MSG_ERROR([PAM header security/pam_appl.h not found!])])
1261 if test x$connmark = xtrue -o x$forecast = xtrue; then
1262 PKG_CHECK_MODULES(libiptc, [libip4tc])
1263 AC_SUBST(libiptc_CFLAGS)
1264 AC_SUBST(libiptc_LIBS)
1267 if test x$capabilities = xnative; then
1268 AC_MSG_NOTICE([Usage of the native Linux capabilities interface is deprecated, use libcap instead])
1269 # Linux requires the following for capset(), Android does not have it,
1270 # but defines capset() in unistd.h instead.
1271 AC_CHECK_HEADERS([sys/capability.h])
1272 AC_CHECK_FUNC(capset,,[AC_MSG_ERROR([capset() not found!])])
1273 AC_DEFINE([CAPABILITIES_NATIVE], [], [have native linux capset()])
1276 if test x$capabilities = xlibcap; then
1277 AC_CHECK_LIB([cap],[cap_init],[LIBS="$LIBS"],[AC_MSG_ERROR([libcap library not found])],[])
1278 AC_CHECK_HEADER([sys/capability.h],
1279 [AC_DEFINE([HAVE_SYS_CAPABILITY_H], [], [have sys/capability.h])],
1280 [AC_MSG_ERROR([libcap header sys/capability.h not found!])])
1281 AC_DEFINE([CAPABILITIES_LIBCAP], [], [have libpcap library])
1284 if test x$selinux = xtrue; then
1285 PKG_CHECK_MODULES(selinux, [libselinux])
1286 AC_SUBST(selinux_CFLAGS)
1287 AC_SUBST(selinux_LIBS)
1288 AC_DEFINE([USE_SELINUX], [], [build with support for SELinux])
1291 if test x$integrity_test = xtrue; then
1292 AC_MSG_CHECKING([for dladdr()])
1295 [[#define _GNU_SOURCE
1296 #include <dlfcn.h>]],
1297 [[Dl_info info; dladdr(main, &info);]])],
1298 [AC_MSG_RESULT([yes])],
1299 [AC_MSG_RESULT([no]);
1300 AC_MSG_ERROR([dladdr() not supported, required by integrity-test!])]
1302 AC_MSG_CHECKING([for dl_iterate_phdr()])
1305 [[#define _GNU_SOURCE
1306 #include <link.h>]],
1307 [[dl_iterate_phdr((void*)0, (void*)0);]])],
1308 [AC_MSG_RESULT([yes])],
1309 [AC_MSG_RESULT([no]);
1310 AC_MSG_ERROR([dl_iterate_phdr() not supported, required by integrity-test!])]
1314 if test x$bfd_backtraces = xtrue; then
1315 AC_CHECK_LIB([bfd],[bfd_init],[LIBS="$LIBS"],[AC_MSG_ERROR([binutils libbfd not found!])],[])
1316 AC_CHECK_HEADER([bfd.h],[AC_DEFINE([HAVE_BFD_H],,[have binutils bfd.h])],
1317 [AC_MSG_ERROR([binutils bfd.h header not found!])])
1319 [bfd_section_flags, bfd_get_section_flags,
1320 bfd_section_vma, bfd_get_section_vma,
1321 bfd_section_size, bfd_get_section_size], [], [],
1322 [[#include <bfd.h>]])
1327 if test x$unwind_backtraces = xtrue; then
1328 AC_CHECK_LIB([unwind],[unw_backtrace],[LIBS="$LIBS"],[AC_MSG_ERROR([libunwind not found!])],[])
1329 AC_CHECK_HEADER([libunwind.h],[AC_DEFINE([HAVE_LIBUNWIND_H],,[have libunwind.h])],
1330 [AC_MSG_ERROR([libunwind.h header not found!])])
1331 UNWINDLIB="-lunwind"
1335 AM_CONDITIONAL(USE_DEV_HEADERS, [test "x$dev_headers" != xno])
1336 if test x$dev_headers = xyes; then
1337 dev_headers="$includedir/strongswan"
1339 AC_SUBST(dev_headers)
1341 if test x$tkm = xtrue; then
1342 AC_PATH_PROG([GPRBUILD], [gprbuild], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1343 if test x$GPRBUILD = x; then
1344 AC_MSG_ERROR([gprbuild not found])
1348 if test x$coverage = xtrue; then
1349 AC_PATH_PROG([LCOV], [lcov], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1350 if test x$LCOV = x; then
1351 AC_MSG_ERROR([lcov not found])
1353 AC_PATH_PROG([GENHTML], [genhtml], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1354 if test x$GENHTML = x; then
1355 AC_MSG_ERROR([genhtml not found])
1358 COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage"
1359 COVERAGE_LDFLAGS="-fprofile-arcs"
1360 AC_SUBST(COVERAGE_CFLAGS)
1361 AC_SUBST(COVERAGE_LDFLAGS)
1362 PLUGIN_CFLAGS="$PLUGIN_CFLAGS $COVERAGE_CFLAGS"
1364 AC_MSG_NOTICE([coverage enabled, adding "-g -O0" to CFLAGS])
1365 CFLAGS="${CFLAGS} -g -O0"
1368 if test x$fuzzing = xtrue; then
1369 case "$libfuzzer" in
1371 AC_MSG_NOTICE([fuzz targets enabled without libFuzzer, using local driver])
1372 CFLAGS="${CFLAGS} -fsanitize=address"
1373 libfuzzer="libFuzzerLocal.a"
1375 "-fsanitize=fuzzer")
1377 FUZZING_CFLAGS="-fsanitize=fuzzer"
1378 AC_SUBST(FUZZING_CFLAGS)
1381 # required for libFuzzer
1382 FUZZING_LDFLAGS="-stdlib=libc++ -lstdc++"
1383 if test "$SANITIZER" = "coverage"; then
1384 FUZZING_LDFLAGS="$FUZZING_LDFLAGS -lm"
1386 AC_SUBST(FUZZING_LDFLAGS)
1391 if test x$asan = xtrue; then
1392 # adding this here and not earlier or passed to the script avoids issues
1393 # e.g. with libpthread (libasan provides stubs for its functions but no full
1394 # implementation so configure does not detect that -lpthread is required
1395 # when GCC is used, clang always adds -lpthread)
1396 CFLAGS="$CFLAGS -fsanitize=address -fno-omit-frame-pointer"
1397 # this is necessary so AddressSanitizer can resolve symbols e.g. for
1398 # C++ exceptions that are used in libbotan
1399 if test x$botan = xtrue; then
1400 LDFLAGS="$LDFLAGS -lstdc++"
1402 if test x$openssl = xtrue; then
1403 # we need to suppress some leaks with OpenSSL 3 as we don't deinitialze
1405 AC_SUBST(LSAN_OPTIONS, [suppressions=\${abs_top_srcdir}/.lsan.suppressions])
1406 # use this instead of AM_TESTS_ENVIRONMENT as we don't use the parallel
1408 AC_SUBST(TESTS_ENVIRONMENT, ['export LSAN_OPTIONS="$(LSAN_OPTIONS)";'])
1412 if test x$ruby_gems = xtrue; then
1413 AC_PATH_PROG([GEM], [gem], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1414 if test x$GEM = x; then
1415 AC_MSG_ERROR(RubyGems package manager not found)
1417 if test "x$rubygemdir" = "xgem environment gemdir"; then
1418 rubygemdir=$($GEM environment gemdir)
1420 AC_SUBST(RUBYGEMDIR, "$rubygemdir")
1422 AM_CONDITIONAL(RUBY_GEMS_INSTALL, [test "x$ruby_gems_install" = xtrue])
1424 if test x$python_eggs = xtrue; then
1425 PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/.dev/'`
1426 AC_SUBST([PYTHON_PACKAGE_VERSION])
1427 if test x$python_eggs_install = xtrue; then
1428 AC_PATH_PROG([EASY_INSTALL], [easy_install], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1429 if test x$EASY_INSTALL = x; then
1430 AC_MSG_ERROR(Python easy_install not found)
1433 if test "x$pythoneggdir" = "xmain site-packages directory"; then
1434 AC_SUBST(PYTHONEGGINSTALLDIR, "")
1436 AC_SUBST(PYTHONEGGINSTALLDIR, "--install-dir $pythoneggdir")
1438 AC_PATH_PROG([TOX], [tox], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1439 AC_PATH_PROG([PY_TEST], [py.test], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
1441 AM_CONDITIONAL(PYTHON_EGGS_INSTALL, [test "x$python_eggs_install" = xtrue])
1443 AM_CONDITIONAL(PERL_CPAN_INSTALL, [test "x$perl_cpan_install" = xtrue])
1446 [if plugin constructors should be resolved statically],
1447 [ss_cv_static_plugin_constructors],
1448 [if test x$monolithic = xtrue -a x$enable_static = xyes; then
1449 ss_cv_static_plugin_constructors=yes
1451 ss_cv_static_plugin_constructors="no (enabled for static, monolithic builds)"
1454 if test "x$ss_cv_static_plugin_constructors" = xyes; then
1455 static_plugin_constructors=true
1456 if test "$PYTHON" = ":"; then
1457 AC_MSG_FAILURE([Python is required to resolve plugin constructors statically])
1461 AC_MSG_CHECKING([version from Git repository])
1462 AC_SUBST(GIT_VERSION, [$($srcdir/scripts/git-version "$srcdir")])
1463 case "$GIT_VERSION" in
1464 "$PACKAGE_VERSION"*)
1465 AC_MSG_RESULT([$GIT_VERSION])
1468 AC_MSG_RESULT([$GIT_VERSION (could be due to insufficient clone depth)])
1471 AC_MSG_ERROR([$PACKAGE_VERSION is not a prefix of $GIT_VERSION, tag missing?])
1475 if test x$git_version = xtrue -a "$GIT_VERSION" != "UNKNOWN"; then
1476 AC_DEFINE_UNQUOTED(VERSION, ["$GIT_VERSION"])
1479 # modify CFLAGS as needed, do this late so we don't affect configure checks
1480 CFLAGS="$CFLAGS -include $(pwd)/config.h"
1482 AC_MSG_CHECKING([for use of -Werror and additional warnings])
1484 if test x$warnings = xtrue; then
1485 WARN_CFLAGS="-Werror -Wall -Wextra"
1486 AC_MSG_RESULT([yes])
1490 # disable some warnings, whether explicitly enabled above or by default
1491 # these are not compatible with our custom printf specifiers
1492 WARN_CFLAGS="$WARN_CFLAGS -Wno-format"
1493 WARN_CFLAGS="$WARN_CFLAGS -Wno-format-security"
1494 # we generally use comments, but GCC doesn't seem to recognize many of them
1495 WARN_CFLAGS="$WARN_CFLAGS -Wno-implicit-fallthrough"
1496 # we often omit fields when initializing structs (e.g. when using INIT)
1497 WARN_CFLAGS="$WARN_CFLAGS -Wno-missing-field-initializers"
1498 # allow assigning char* to u_char* (e.g. in chunk_create())
1499 WARN_CFLAGS="$WARN_CFLAGS -Wno-pointer-sign"
1500 # allow comparing e.g. int with chunk_t::len or countof(...)
1501 WARN_CFLAGS="$WARN_CFLAGS -Wno-sign-compare"
1502 # allow defensive checks like e.g. unsigned_var < CONST(= currently 0)
1503 WARN_CFLAGS="$WARN_CFLAGS -Wno-type-limits"
1504 # we often don't use function parameters when implementing interfaces
1505 WARN_CFLAGS="$WARN_CFLAGS -Wno-unused-parameter"
1506 # add the flags before existing CFLAGS so warning flags can be overridden
1507 CFLAGS="$WARN_CFLAGS $CFLAGS"
1509 # ===============================================
1510 # collect plugin list for strongSwan components
1511 # ===============================================
1513 m4_include(m4/macros/add-plugin.m4)
1515 # plugin lists for all components
1528 # location specific lists for checksumming,
1529 # for src/libcharon, src/libstrongswan, src/libtnccs and src/libtpmtss
1535 ADD_PLUGIN([test-vectors], [s charon pki])
1536 ADD_PLUGIN([unbound], [s charon scripts])
1537 ADD_PLUGIN([ldap], [s charon scripts nm cmd])
1538 ADD_PLUGIN([pkcs11], [s charon pki nm cmd])
1539 ADD_PLUGIN([tpm], [p charon pki nm cmd])
1540 ADD_PLUGIN([aesni], [s charon pki scripts medsrv attest nm cmd aikgen])
1541 ADD_PLUGIN([aes], [s charon pki scripts nm cmd])
1542 ADD_PLUGIN([des], [s charon pki scripts nm cmd])
1543 ADD_PLUGIN([blowfish], [s charon pki scripts nm cmd])
1544 ADD_PLUGIN([rc2], [s charon pki scripts nm cmd])
1545 ADD_PLUGIN([sha2], [s charon pki scripts medsrv attest nm cmd aikgen fuzz])
1546 ADD_PLUGIN([sha3], [s charon pki scripts medsrv attest nm cmd aikgen fuzz])
1547 ADD_PLUGIN([sha1], [s charon pki scripts manager medsrv attest nm cmd aikgen fuzz])
1548 ADD_PLUGIN([md4], [s charon pki nm cmd])
1549 ADD_PLUGIN([md5], [s charon pki scripts attest nm cmd aikgen])
1550 ADD_PLUGIN([mgf1], [s charon pki scripts medsrv attest nm cmd aikgen])
1551 ADD_PLUGIN([rdrand], [s charon pki scripts medsrv attest nm cmd aikgen])
1552 ADD_PLUGIN([random], [s charon pki scripts manager medsrv attest nm cmd aikgen])
1553 ADD_PLUGIN([nonce], [s charon nm cmd aikgen])
1554 ADD_PLUGIN([x509], [s charon pki scripts attest nm cmd aikgen fuzz])
1555 ADD_PLUGIN([revocation], [s charon pki nm cmd])
1556 ADD_PLUGIN([constraints], [s charon pki nm cmd])
1557 ADD_PLUGIN([acert], [s charon])
1558 ADD_PLUGIN([pubkey], [s charon pki cmd aikgen])
1559 ADD_PLUGIN([pkcs1], [s charon pki scripts manager medsrv attest nm cmd aikgen fuzz])
1560 ADD_PLUGIN([pkcs7], [s charon pki scripts nm cmd])
1561 ADD_PLUGIN([pkcs12], [s charon pki scripts cmd])
1562 ADD_PLUGIN([pgp], [s charon])
1563 ADD_PLUGIN([dnskey], [s charon pki])
1564 ADD_PLUGIN([sshkey], [s charon pki nm cmd])
1565 ADD_PLUGIN([dnscert], [c charon])
1566 ADD_PLUGIN([ipseckey], [c charon])
1567 ADD_PLUGIN([pem], [s charon pki scripts manager medsrv attest nm cmd aikgen fuzz])
1568 ADD_PLUGIN([padlock], [s charon])
1569 ADD_PLUGIN([openssl], [s charon pki scripts manager medsrv attest nm cmd aikgen])
1570 ADD_PLUGIN([wolfssl], [s charon pki scripts manager medsrv attest nm cmd aikgen])
1571 ADD_PLUGIN([gcrypt], [s charon pki scripts manager medsrv attest nm cmd aikgen])
1572 ADD_PLUGIN([botan], [s charon pki scripts manager medsrv attest nm cmd aikgen])
1573 ADD_PLUGIN([pkcs8], [s charon pki scripts manager medsrv attest nm cmd])
1574 ADD_PLUGIN([af-alg], [s charon pki scripts medsrv attest nm cmd aikgen])
1575 ADD_PLUGIN([fips-prf], [s charon nm cmd])
1576 ADD_PLUGIN([gmp], [s charon pki scripts manager medsrv attest nm cmd aikgen fuzz])
1577 ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd])
1578 ADD_PLUGIN([agent], [s charon nm cmd])
1579 ADD_PLUGIN([keychain], [s charon cmd])
1580 ADD_PLUGIN([chapoly], [s charon scripts nm cmd])
1581 ADD_PLUGIN([xcbc], [s charon nm cmd])
1582 ADD_PLUGIN([cmac], [s charon nm cmd])
1583 ADD_PLUGIN([hmac], [s charon pki scripts nm cmd])
1584 ADD_PLUGIN([kdf], [s charon pki scripts nm cmd])
1585 ADD_PLUGIN([ctr], [s charon scripts nm cmd])
1586 ADD_PLUGIN([ccm], [s charon scripts nm cmd])
1587 ADD_PLUGIN([gcm], [s charon scripts nm cmd])
1588 ADD_PLUGIN([ntru], [s charon scripts nm cmd])
1589 ADD_PLUGIN([drbg], [s charon pki scripts nm cmd])
1590 ADD_PLUGIN([newhope], [s charon scripts nm cmd])
1591 ADD_PLUGIN([bliss], [s charon pki scripts nm cmd])
1592 ADD_PLUGIN([curl], [s charon pki scripts nm cmd])
1593 ADD_PLUGIN([files], [s charon pki scripts nm cmd])
1594 ADD_PLUGIN([winhttp], [s charon pki scripts])
1595 ADD_PLUGIN([soup], [s charon pki scripts nm cmd])
1596 ADD_PLUGIN([mysql], [s charon pki pool manager medsrv attest])
1597 ADD_PLUGIN([sqlite], [s charon pki pool manager medsrv attest])
1598 ADD_PLUGIN([openxpki], [s pki])
1599 ADD_PLUGIN([attr], [c charon])
1600 ADD_PLUGIN([attr-sql], [c charon])
1601 ADD_PLUGIN([load-tester], [c charon])
1602 ADD_PLUGIN([kernel-libipsec], [c charon cmd])
1603 ADD_PLUGIN([kernel-wfp], [c charon])
1604 ADD_PLUGIN([kernel-iph], [c charon])
1605 ADD_PLUGIN([kernel-pfkey], [c charon nm cmd])
1606 ADD_PLUGIN([kernel-pfroute], [c charon nm cmd])
1607 ADD_PLUGIN([kernel-netlink], [c charon nm cmd])
1608 ADD_PLUGIN([selinux], [c charon nm cmd])
1609 ADD_PLUGIN([resolve], [c charon cmd])
1610 ADD_PLUGIN([save-keys], [c])
1611 ADD_PLUGIN([socket-default], [c charon nm cmd])
1612 ADD_PLUGIN([socket-dynamic], [c charon cmd])
1613 ADD_PLUGIN([socket-win], [c charon])
1614 ADD_PLUGIN([bypass-lan], [c charon nm cmd])
1615 ADD_PLUGIN([connmark], [c charon])
1616 ADD_PLUGIN([forecast], [c charon])
1617 ADD_PLUGIN([farp], [c charon])
1618 ADD_PLUGIN([stroke], [c charon])
1619 ADD_PLUGIN([vici], [c charon])
1620 ADD_PLUGIN([smp], [c charon])
1621 ADD_PLUGIN([sql], [c charon])
1622 ADD_PLUGIN([updown], [c charon])
1623 ADD_PLUGIN([eap-identity], [c charon nm cmd])
1624 ADD_PLUGIN([eap-sim], [c charon])
1625 ADD_PLUGIN([eap-sim-file], [c charon])
1626 ADD_PLUGIN([eap-sim-pcsc], [c charon])
1627 ADD_PLUGIN([eap-aka], [c charon])
1628 ADD_PLUGIN([eap-aka-3gpp], [c charon])
1629 ADD_PLUGIN([eap-aka-3gpp2], [c charon])
1630 ADD_PLUGIN([eap-simaka-sql], [c charon])
1631 ADD_PLUGIN([eap-simaka-pseudonym], [c charon])
1632 ADD_PLUGIN([eap-simaka-reauth], [c charon])
1633 ADD_PLUGIN([eap-md5], [c charon nm cmd])
1634 ADD_PLUGIN([eap-gtc], [c charon nm cmd])
1635 ADD_PLUGIN([eap-mschapv2], [c charon nm cmd])
1636 ADD_PLUGIN([eap-dynamic], [c charon])
1637 ADD_PLUGIN([eap-radius], [c charon])
1638 ADD_PLUGIN([eap-tls], [c charon nm cmd])
1639 ADD_PLUGIN([eap-ttls], [c charon nm cmd])
1640 ADD_PLUGIN([eap-peap], [c charon nm cmd])
1641 ADD_PLUGIN([eap-tnc], [c charon])
1642 ADD_PLUGIN([xauth-generic], [c charon cmd])
1643 ADD_PLUGIN([xauth-eap], [c charon])
1644 ADD_PLUGIN([xauth-pam], [c charon])
1645 ADD_PLUGIN([xauth-noauth], [c charon])
1646 ADD_PLUGIN([tnc-ifmap], [c charon])
1647 ADD_PLUGIN([tnc-pdp], [c charon])
1648 ADD_PLUGIN([tnc-imc], [t charon])
1649 ADD_PLUGIN([tnc-imv], [t charon])
1650 ADD_PLUGIN([tnc-tnccs], [t charon])
1651 ADD_PLUGIN([tnccs-20], [t charon])
1652 ADD_PLUGIN([tnccs-11], [t charon])
1653 ADD_PLUGIN([tnccs-dynamic], [t charon])
1654 ADD_PLUGIN([medsrv], [c charon])
1655 ADD_PLUGIN([medcli], [c charon])
1656 ADD_PLUGIN([dhcp], [c charon])
1657 ADD_PLUGIN([osx-attr], [c charon cmd])
1658 ADD_PLUGIN([p-cscf], [c charon cmd])
1659 ADD_PLUGIN([android-dns], [c charon])
1660 ADD_PLUGIN([android-log], [c charon])
1661 ADD_PLUGIN([ha], [c charon])
1662 ADD_PLUGIN([whitelist], [c charon])
1663 ADD_PLUGIN([ext-auth], [c charon])
1664 ADD_PLUGIN([lookip], [c charon])
1665 ADD_PLUGIN([error-notify], [c charon])
1666 ADD_PLUGIN([certexpire], [c charon])
1667 ADD_PLUGIN([systime-fix], [c charon])
1668 ADD_PLUGIN([led], [c charon])
1669 ADD_PLUGIN([duplicheck], [c charon])
1670 ADD_PLUGIN([coupling], [c charon])
1671 ADD_PLUGIN([radattr], [c charon])
1672 ADD_PLUGIN([uci], [c charon])
1673 ADD_PLUGIN([addrblock], [c charon])
1674 ADD_PLUGIN([unity], [c charon])
1675 ADD_PLUGIN([counters], [c charon])
1677 AC_SUBST(charon_plugins)
1678 AC_SUBST(pool_plugins)
1679 AC_SUBST(attest_plugins)
1680 AC_SUBST(pki_plugins)
1681 AC_SUBST(scripts_plugins)
1682 AC_SUBST(fuzz_plugins)
1683 AC_SUBST(manager_plugins)
1684 AC_SUBST(medsrv_plugins)
1685 AC_SUBST(nm_plugins)
1686 AC_SUBST(cmd_plugins)
1687 AC_SUBST(aikgen_plugins)
1694 # ======================
1695 # set Makefile.am vars
1696 # ======================
1698 # libstrongswan plugins
1699 # -----------------------
1700 AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue)
1701 AM_CONDITIONAL(USE_CURL, test x$curl = xtrue)
1702 AM_CONDITIONAL(USE_FILES, test x$files = xtrue)
1703 AM_CONDITIONAL(USE_WINHTTP, test x$winhttp = xtrue)
1704 AM_CONDITIONAL(USE_UNBOUND, test x$unbound = xtrue)
1705 AM_CONDITIONAL(USE_SOUP, test x$soup = xtrue)
1706 AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue)
1707 AM_CONDITIONAL(USE_AES, test x$aes = xtrue)
1708 AM_CONDITIONAL(USE_DES, test x$des = xtrue)
1709 AM_CONDITIONAL(USE_BLOWFISH, test x$blowfish = xtrue)
1710 AM_CONDITIONAL(USE_RC2, test x$rc2 = xtrue)
1711 AM_CONDITIONAL(USE_MD4, test x$md4 = xtrue)
1712 AM_CONDITIONAL(USE_MD5, test x$md5 = xtrue)
1713 AM_CONDITIONAL(USE_SHA1, test x$sha1 = xtrue)
1714 AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
1715 AM_CONDITIONAL(USE_SHA3, test x$sha3 = xtrue)
1716 AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue)
1717 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
1718 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
1719 AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue)
1720 AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
1721 AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
1722 AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
1723 AM_CONDITIONAL(USE_NONCE, test x$nonce = xtrue)
1724 AM_CONDITIONAL(USE_X509, test x$x509 = xtrue)
1725 AM_CONDITIONAL(USE_REVOCATION, test x$revocation = xtrue)
1726 AM_CONDITIONAL(USE_CONSTRAINTS, test x$constraints = xtrue)
1727 AM_CONDITIONAL(USE_ACERT, test x$acert = xtrue)
1728 AM_CONDITIONAL(USE_PUBKEY, test x$pubkey = xtrue)
1729 AM_CONDITIONAL(USE_PKCS1, test x$pkcs1 = xtrue)
1730 AM_CONDITIONAL(USE_PKCS7, test x$pkcs7 = xtrue)
1731 AM_CONDITIONAL(USE_PKCS8, test x$pkcs8 = xtrue)
1732 AM_CONDITIONAL(USE_PKCS12, test x$pkcs12 = xtrue)
1733 AM_CONDITIONAL(USE_OPENXPKI, test x$openxpki = xtrue)
1734 AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
1735 AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
1736 AM_CONDITIONAL(USE_SSHKEY, test x$sshkey = xtrue)
1737 AM_CONDITIONAL(USE_PEM, test x$pem = xtrue)
1738 AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
1739 AM_CONDITIONAL(USE_KDF, test x$kdf = xtrue)
1740 AM_CONDITIONAL(USE_CMAC, test x$cmac = xtrue)
1741 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
1742 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
1743 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
1744 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
1745 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
1746 AM_CONDITIONAL(USE_WOLFSSL, test x$wolfssl = xtrue)
1747 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
1748 AM_CONDITIONAL(USE_BOTAN, test x$botan = xtrue)
1749 AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
1750 AM_CONDITIONAL(USE_KEYCHAIN, test x$keychain = xtrue)
1751 AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue)
1752 AM_CONDITIONAL(USE_TPM, test x$tpm = xtrue)
1753 AM_CONDITIONAL(USE_CHAPOLY, test x$chapoly = xtrue)
1754 AM_CONDITIONAL(USE_CTR, test x$ctr = xtrue)
1755 AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue)
1756 AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
1757 AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
1758 AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue)
1759 AM_CONDITIONAL(USE_NEWHOPE, test x$newhope = xtrue)
1760 AM_CONDITIONAL(USE_BLISS, test x$bliss = xtrue)
1761 AM_CONDITIONAL(USE_DRBG, test x$drbg = xtrue)
1765 AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
1766 AM_CONDITIONAL(USE_VICI, test x$vici = xtrue)
1767 AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
1768 AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
1769 AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
1770 AM_CONDITIONAL(USE_OSX_ATTR, test x$osx_attr = xtrue)
1771 AM_CONDITIONAL(USE_P_CSCF, test x$p_cscf = xtrue)
1772 AM_CONDITIONAL(USE_ANDROID_DNS, test x$android_dns = xtrue)
1773 AM_CONDITIONAL(USE_ANDROID_LOG, test x$android_log = xtrue)
1774 AM_CONDITIONAL(USE_SMP, test x$smp = xtrue)
1775 AM_CONDITIONAL(USE_SQL, test x$sql = xtrue)
1776 AM_CONDITIONAL(USE_DNSCERT, test x$dnscert = xtrue)
1777 AM_CONDITIONAL(USE_IPSECKEY, test x$ipseckey = xtrue)
1778 AM_CONDITIONAL(USE_UPDOWN, test x$updown = xtrue)
1779 AM_CONDITIONAL(USE_DHCP, test x$dhcp = xtrue)
1780 AM_CONDITIONAL(USE_LOAD_TESTER, test x$load_tester = xtrue)
1781 AM_CONDITIONAL(USE_HA, test x$ha = xtrue)
1782 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
1783 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
1784 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
1785 AM_CONDITIONAL(USE_KERNEL_LIBIPSEC, test x$kernel_libipsec = xtrue)
1786 AM_CONDITIONAL(USE_KERNEL_WFP, test x$kernel_wfp = xtrue)
1787 AM_CONDITIONAL(USE_KERNEL_IPH, test x$kernel_iph = xtrue)
1788 AM_CONDITIONAL(USE_WHITELIST, test x$whitelist = xtrue)
1789 AM_CONDITIONAL(USE_EXT_AUTH, test x$ext_auth = xtrue)
1790 AM_CONDITIONAL(USE_LOOKIP, test x$lookip = xtrue)
1791 AM_CONDITIONAL(USE_ERROR_NOTIFY, test x$error_notify = xtrue)
1792 AM_CONDITIONAL(USE_CERTEXPIRE, test x$certexpire = xtrue)
1793 AM_CONDITIONAL(USE_SYSTIME_FIX, test x$systime_fix = xtrue)
1794 AM_CONDITIONAL(USE_LED, test x$led = xtrue)
1795 AM_CONDITIONAL(USE_DUPLICHECK, test x$duplicheck = xtrue)
1796 AM_CONDITIONAL(USE_COUPLING, test x$coupling = xtrue)
1797 AM_CONDITIONAL(USE_RADATTR, test x$radattr = xtrue)
1798 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
1799 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
1800 AM_CONDITIONAL(USE_EAP_SIM_PCSC, test x$eap_sim_pcsc = xtrue)
1801 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
1802 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
1803 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
1804 AM_CONDITIONAL(USE_EAP_IDENTITY, test x$eap_identity = xtrue)
1805 AM_CONDITIONAL(USE_EAP_MD5, test x$eap_md5 = xtrue)
1806 AM_CONDITIONAL(USE_EAP_GTC, test x$eap_gtc = xtrue)
1807 AM_CONDITIONAL(USE_EAP_AKA, test x$eap_aka = xtrue)
1808 AM_CONDITIONAL(USE_EAP_AKA_3GPP, test x$eap_aka_3gpp = xtrue)
1809 AM_CONDITIONAL(USE_EAP_AKA_3GPP2, test x$eap_aka_3gpp2 = xtrue)
1810 AM_CONDITIONAL(USE_EAP_MSCHAPV2, test x$eap_mschapv2 = xtrue)
1811 AM_CONDITIONAL(USE_EAP_TLS, test x$eap_tls = xtrue)
1812 AM_CONDITIONAL(USE_EAP_TTLS, test x$eap_ttls = xtrue)
1813 AM_CONDITIONAL(USE_EAP_PEAP, test x$eap_peap = xtrue)
1814 AM_CONDITIONAL(USE_EAP_TNC, test x$eap_tnc = xtrue)
1815 AM_CONDITIONAL(USE_EAP_DYNAMIC, test x$eap_dynamic = xtrue)
1816 AM_CONDITIONAL(USE_EAP_RADIUS, test x$eap_radius = xtrue)
1817 AM_CONDITIONAL(USE_XAUTH_GENERIC, test x$xauth_generic = xtrue)
1818 AM_CONDITIONAL(USE_XAUTH_EAP, test x$xauth_eap = xtrue)
1819 AM_CONDITIONAL(USE_XAUTH_PAM, test x$xauth_pam = xtrue)
1820 AM_CONDITIONAL(USE_XAUTH_NOAUTH, test x$xauth_noauth = xtrue)
1821 AM_CONDITIONAL(USE_TNC_IFMAP, test x$tnc_ifmap = xtrue)
1822 AM_CONDITIONAL(USE_TNC_PDP, test x$tnc_pdp = xtrue)
1823 AM_CONDITIONAL(USE_TNC_IMC, test x$tnc_imc = xtrue)
1824 AM_CONDITIONAL(USE_TNC_IMV, test x$tnc_imv = xtrue)
1825 AM_CONDITIONAL(USE_TNC_TNCCS, test x$tnc_tnccs = xtrue)
1826 AM_CONDITIONAL(USE_TNCCS_11, test x$tnccs_11 = xtrue)
1827 AM_CONDITIONAL(USE_TNCCS_20, test x$tnccs_20 = xtrue)
1828 AM_CONDITIONAL(USE_TNCCS_DYNAMIC, test x$tnccs_dynamic = xtrue)
1829 AM_CONDITIONAL(USE_IMC_TEST, test x$imc_test = xtrue)
1830 AM_CONDITIONAL(USE_IMV_TEST, test x$imv_test = xtrue)
1831 AM_CONDITIONAL(USE_IMC_SCANNER, test x$imc_scanner = xtrue)
1832 AM_CONDITIONAL(USE_IMV_SCANNER, test x$imv_scanner = xtrue)
1833 AM_CONDITIONAL(USE_IMC_OS, test x$imc_os = xtrue)
1834 AM_CONDITIONAL(USE_IMV_OS, test x$imv_os = xtrue)
1835 AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue)
1836 AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue)
1837 AM_CONDITIONAL(USE_IMC_SWIMA, test x$imc_swima = xtrue)
1838 AM_CONDITIONAL(USE_IMV_SWIMA, test x$imv_swima = xtrue)
1839 AM_CONDITIONAL(USE_IMC_HCD, test x$imc_hcd = xtrue)
1840 AM_CONDITIONAL(USE_IMV_HCD, test x$imv_hcd = xtrue)
1841 AM_CONDITIONAL(USE_SAVE_KEYS, test x$save_keys = xtrue)
1842 AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
1843 AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
1844 AM_CONDITIONAL(USE_SOCKET_WIN, test x$socket_win = xtrue)
1845 AM_CONDITIONAL(USE_BYPASS_LAN, test x$bypass_lan = xtrue)
1846 AM_CONDITIONAL(USE_CONNMARK, test x$connmark = xtrue)
1847 AM_CONDITIONAL(USE_FORECAST, test x$forecast = xtrue)
1848 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
1849 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
1850 AM_CONDITIONAL(USE_UNITY, test x$unity = xtrue)
1851 AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
1852 AM_CONDITIONAL(USE_ATTR, test x$attr = xtrue)
1853 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue)
1854 AM_CONDITIONAL(USE_COUNTERS, test x$counters = xtrue)
1855 AM_CONDITIONAL(USE_SELINUX, test x$selinux = xtrue)
1856 AM_CONDITIONAL(USE_PF_HANDLER, test x$dhcp = xtrue -o x$farp = xtrue)
1860 AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
1861 AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
1862 AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
1863 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
1864 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
1865 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
1866 AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
1867 AM_CONDITIONAL(USE_IKEV1, test x$ikev1 = xtrue)
1868 AM_CONDITIONAL(USE_IKEV2, test x$ikev2 = xtrue)
1869 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
1870 AM_CONDITIONAL(USE_ADNS, test x$adns = xtrue)
1871 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
1872 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
1873 AM_CONDITIONAL(USE_PKI, test x$pki = xtrue)
1874 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
1875 AM_CONDITIONAL(USE_FUZZING, test x$fuzzing = xtrue)
1876 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
1877 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
1878 AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
1879 AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
1880 AM_CONDITIONAL(USE_LIBNTTFFT, test x$bliss = xtrue -o x$newhope = xtrue)
1881 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
1882 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
1883 AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue)
1884 AM_CONDITIONAL(USE_LIBTPMTSS, test x$tss_trousers = xtrue -o x$tss_tss2 = xtrue -o x$tpm = xtrue -o x$aikgen = xtrue -o x$imcv = xtrue)
1885 AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
1886 AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$conftest = xtrue)
1887 AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
1888 AM_CONDITIONAL(USE_VSTR, test x$printf_hooks = xvstr)
1889 AM_CONDITIONAL(USE_BUILTIN_PRINTF, test x$printf_hooks = xbuiltin)
1890 AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
1891 AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
1892 AM_CONDITIONAL(USE_RADIUS, test x$radius = xtrue)
1893 AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
1894 AM_CONDITIONAL(USE_TROUSERS, test x$tss_trousers = xtrue)
1895 AM_CONDITIONAL(USE_TSS2, test x$tss_tss2 = xtrue)
1896 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
1897 AM_CONDITIONAL(STATIC_PLUGIN_CONSTRUCTORS, test x$static_plugin_constructors = xtrue)
1898 AM_CONDITIONAL(USE_SILENT_RULES, test x$enable_silent_rules = xyes)
1899 AM_CONDITIONAL(COVERAGE, test x$coverage = xtrue)
1900 AM_CONDITIONAL(USE_DBGHELP, test x$dbghelp_backtraces = xtrue)
1901 AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
1902 AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
1903 AM_CONDITIONAL(USE_AIKGEN, test x$aikgen = xtrue)
1904 AM_CONDITIONAL(USE_SWANCTL, test x$swanctl = xtrue)
1905 AM_CONDITIONAL(USE_SVC, test x$svc = xtrue)
1906 AM_CONDITIONAL(USE_SYSTEMD, test x$systemd = xtrue)
1907 AM_CONDITIONAL(USE_LEGACY_SYSTEMD, test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno)
1908 AM_CONDITIONAL(USE_CERT_ENROLL, test x$cert_enroll = xtrue)
1909 AM_CONDITIONAL(USE_CERT_ENROLL_TIMER, test x$cert_enroll_timer = xtrue)
1910 AM_CONDITIONAL(USE_RUBY_GEMS, test x$ruby_gems = xtrue)
1911 AM_CONDITIONAL(USE_PYTHON_EGGS, test x$python_eggs = xtrue)
1912 AM_CONDITIONAL(USE_PERL_CPAN, test x$perl_cpan = xtrue)
1913 AM_CONDITIONAL(USE_TOX, test "x$TOX" != x)
1914 AM_CONDITIONAL(USE_PY_TEST, test "x$PY_TEST" != x -a "x$TOX" = x)
1916 # ========================
1917 # set global definitions
1918 # ========================
1920 if test x$mediation = xtrue; then
1921 AC_DEFINE([ME], [], [mediation extension support])
1923 if test x$capabilities = xlibcap -o x$capabilities = xnative; then
1924 AC_DEFINE([CAPABILITIES], [], [capability dropping support])
1926 if test x$log_thread_ids = xtrue; then
1927 AC_DEFINE([USE_THREAD_IDS], [], [use thread ID for thread identification, if available])
1929 if test x$monolithic = xtrue; then
1930 AC_DEFINE([MONOLITHIC], [], [monolithic build embedding plugins])
1932 if test x$static_plugin_constructors = xtrue; then
1933 AC_DEFINE([STATIC_PLUGIN_CONSTRUCTORS], [], [static plugin constructors])
1935 if test x$ikev1 = xtrue; then
1936 AC_DEFINE([USE_IKEV1], [], [support for IKEv1 protocol])
1938 if test x$ikev2 = xtrue; then
1939 AC_DEFINE([USE_IKEV2], [], [support for IKEv2 protocol])
1941 if test x$fuzzing = xtrue; then
1942 AC_DEFINE([USE_FUZZING], [], [build code for fuzzing])
1944 if test x$imc_swima = xtrue -o x$imv_swima = xtrue; then
1945 AC_DEFINE([USE_JSON], [], [build code for JSON])
1948 # ====================================================
1949 # options for enabled modules (see conf/Makefile.am)
1950 # ====================================================
1954 AM_COND_IF([USE_AIKGEN], [strongswan_options=${strongswan_options}" aikgen"])
1955 AM_COND_IF([USE_ATTR_SQL], [strongswan_options=${strongswan_options}" pool"])
1956 AM_COND_IF([USE_CHARON], [strongswan_options=${strongswan_options}" charon charon-logging"])
1957 AM_COND_IF([USE_FILE_CONFIG], [strongswan_options=${strongswan_options}" starter"])
1958 AM_COND_IF([USE_IMV_ATTESTATION], [strongswan_options=${strongswan_options}" attest"])
1959 AM_COND_IF([USE_IMCV], [strongswan_options=${strongswan_options}" imcv"])
1960 AM_COND_IF([USE_IMV_SWIMA], [strongswan_options=${strongswan_options}" sec-updater"])
1961 AM_COND_IF([USE_LIBTNCCS], [strongswan_options=${strongswan_options}" tnc"])
1962 AM_COND_IF([USE_MANAGER], [strongswan_options=${strongswan_options}" manager"])
1963 AM_COND_IF([USE_MEDSRV], [strongswan_options=${strongswan_options}" medsrv"])
1964 AM_COND_IF([USE_PKI], [strongswan_options=${strongswan_options}" pki"])
1965 AM_COND_IF([USE_SWANCTL], [strongswan_options=${strongswan_options}" swanctl"])
1966 AM_COND_IF([USE_SYSTEMD], [strongswan_options=${strongswan_options}" charon-systemd"])
1968 AC_SUBST(strongswan_options)
1980 init/systemd/Makefile
1981 init/systemd-starter/Makefile
1983 src/include/Makefile
1984 src/libstrongswan/Makefile
1985 src/libstrongswan/math/libnttfft/Makefile
1986 src/libstrongswan/math/libnttfft/tests/Makefile
1987 src/libstrongswan/plugins/aes/Makefile
1988 src/libstrongswan/plugins/cmac/Makefile
1989 src/libstrongswan/plugins/des/Makefile
1990 src/libstrongswan/plugins/blowfish/Makefile
1991 src/libstrongswan/plugins/rc2/Makefile
1992 src/libstrongswan/plugins/md4/Makefile
1993 src/libstrongswan/plugins/md5/Makefile
1994 src/libstrongswan/plugins/sha1/Makefile
1995 src/libstrongswan/plugins/sha2/Makefile
1996 src/libstrongswan/plugins/sha3/Makefile
1997 src/libstrongswan/plugins/mgf1/Makefile
1998 src/libstrongswan/plugins/fips_prf/Makefile
1999 src/libstrongswan/plugins/gmp/Makefile
2000 src/libstrongswan/plugins/curve25519/Makefile
2001 src/libstrongswan/plugins/rdrand/Makefile
2002 src/libstrongswan/plugins/aesni/Makefile
2003 src/libstrongswan/plugins/random/Makefile
2004 src/libstrongswan/plugins/nonce/Makefile
2005 src/libstrongswan/plugins/hmac/Makefile
2006 src/libstrongswan/plugins/kdf/Makefile
2007 src/libstrongswan/plugins/xcbc/Makefile
2008 src/libstrongswan/plugins/x509/Makefile
2009 src/libstrongswan/plugins/revocation/Makefile
2010 src/libstrongswan/plugins/constraints/Makefile
2011 src/libstrongswan/plugins/acert/Makefile
2012 src/libstrongswan/plugins/pubkey/Makefile
2013 src/libstrongswan/plugins/pkcs1/Makefile
2014 src/libstrongswan/plugins/pkcs7/Makefile
2015 src/libstrongswan/plugins/pkcs8/Makefile
2016 src/libstrongswan/plugins/pkcs12/Makefile
2017 src/libstrongswan/plugins/openxpki/Makefile
2018 src/libstrongswan/plugins/pgp/Makefile
2019 src/libstrongswan/plugins/dnskey/Makefile
2020 src/libstrongswan/plugins/sshkey/Makefile
2021 src/libstrongswan/plugins/pem/Makefile
2022 src/libstrongswan/plugins/curl/Makefile
2023 src/libstrongswan/plugins/files/Makefile
2024 src/libstrongswan/plugins/winhttp/Makefile
2025 src/libstrongswan/plugins/unbound/Makefile
2026 src/libstrongswan/plugins/soup/Makefile
2027 src/libstrongswan/plugins/ldap/Makefile
2028 src/libstrongswan/plugins/mysql/Makefile
2029 src/libstrongswan/plugins/sqlite/Makefile
2030 src/libstrongswan/plugins/padlock/Makefile
2031 src/libstrongswan/plugins/openssl/Makefile
2032 src/libstrongswan/plugins/wolfssl/Makefile
2033 src/libstrongswan/plugins/gcrypt/Makefile
2034 src/libstrongswan/plugins/botan/Makefile
2035 src/libstrongswan/plugins/agent/Makefile
2036 src/libstrongswan/plugins/keychain/Makefile
2037 src/libstrongswan/plugins/pkcs11/Makefile
2038 src/libstrongswan/plugins/chapoly/Makefile
2039 src/libstrongswan/plugins/ctr/Makefile
2040 src/libstrongswan/plugins/ccm/Makefile
2041 src/libstrongswan/plugins/gcm/Makefile
2042 src/libstrongswan/plugins/af_alg/Makefile
2043 src/libstrongswan/plugins/drbg/Makefile
2044 src/libstrongswan/plugins/ntru/Makefile
2045 src/libstrongswan/plugins/bliss/Makefile
2046 src/libstrongswan/plugins/bliss/tests/Makefile
2047 src/libstrongswan/plugins/newhope/Makefile
2048 src/libstrongswan/plugins/newhope/tests/Makefile
2049 src/libstrongswan/plugins/test_vectors/Makefile
2050 src/libstrongswan/tests/Makefile
2051 src/libipsec/Makefile
2052 src/libipsec/tests/Makefile
2053 src/libsimaka/Makefile
2055 src/libtls/tests/Makefile
2056 src/libradius/Makefile
2057 src/libtncif/Makefile
2058 src/libtnccs/Makefile
2059 src/libtnccs/plugins/tnc_tnccs/Makefile
2060 src/libtnccs/plugins/tnc_imc/Makefile
2061 src/libtnccs/plugins/tnc_imv/Makefile
2062 src/libtnccs/plugins/tnccs_11/Makefile
2063 src/libtnccs/plugins/tnccs_20/Makefile
2064 src/libtnccs/plugins/tnccs_dynamic/Makefile
2065 src/libpttls/Makefile
2066 src/libimcv/Makefile
2067 src/libimcv/plugins/imc_test/Makefile
2068 src/libimcv/plugins/imv_test/Makefile
2069 src/libimcv/plugins/imc_scanner/Makefile
2070 src/libimcv/plugins/imv_scanner/Makefile
2071 src/libimcv/plugins/imc_os/Makefile
2072 src/libimcv/plugins/imv_os/Makefile
2073 src/libimcv/plugins/imc_attestation/Makefile
2074 src/libimcv/plugins/imv_attestation/Makefile
2075 src/libimcv/plugins/imc_swima/Makefile
2076 src/libimcv/plugins/imv_swima/Makefile
2077 src/libimcv/plugins/imc_hcd/Makefile
2078 src/libimcv/plugins/imv_hcd/Makefile
2080 src/charon-nm/Makefile
2081 src/charon-tkm/Makefile
2082 src/charon-cmd/Makefile
2083 src/charon-svc/Makefile
2084 src/charon-systemd/Makefile
2085 src/libcharon/Makefile
2086 src/libcharon/plugins/eap_aka/Makefile
2087 src/libcharon/plugins/eap_aka_3gpp/Makefile
2088 src/libcharon/plugins/eap_aka_3gpp/tests/Makefile
2089 src/libcharon/plugins/eap_aka_3gpp2/Makefile
2090 src/libcharon/plugins/eap_dynamic/Makefile
2091 src/libcharon/plugins/eap_identity/Makefile
2092 src/libcharon/plugins/eap_md5/Makefile
2093 src/libcharon/plugins/eap_gtc/Makefile
2094 src/libcharon/plugins/eap_sim/Makefile
2095 src/libcharon/plugins/eap_sim_file/Makefile
2096 src/libcharon/plugins/eap_sim_pcsc/Makefile
2097 src/libcharon/plugins/eap_simaka_sql/Makefile
2098 src/libcharon/plugins/eap_simaka_pseudonym/Makefile
2099 src/libcharon/plugins/eap_simaka_reauth/Makefile
2100 src/libcharon/plugins/eap_mschapv2/Makefile
2101 src/libcharon/plugins/eap_tls/Makefile
2102 src/libcharon/plugins/eap_ttls/Makefile
2103 src/libcharon/plugins/eap_peap/Makefile
2104 src/libcharon/plugins/eap_tnc/Makefile
2105 src/libcharon/plugins/eap_radius/Makefile
2106 src/libcharon/plugins/xauth_generic/Makefile
2107 src/libcharon/plugins/xauth_eap/Makefile
2108 src/libcharon/plugins/xauth_pam/Makefile
2109 src/libcharon/plugins/xauth_noauth/Makefile
2110 src/libcharon/plugins/tnc_ifmap/Makefile
2111 src/libcharon/plugins/tnc_pdp/Makefile
2112 src/libcharon/plugins/save_keys/Makefile
2113 src/libcharon/plugins/socket_default/Makefile
2114 src/libcharon/plugins/socket_dynamic/Makefile
2115 src/libcharon/plugins/socket_win/Makefile
2116 src/libcharon/plugins/bypass_lan/Makefile
2117 src/libcharon/plugins/connmark/Makefile
2118 src/libcharon/plugins/counters/Makefile
2119 src/libcharon/plugins/forecast/Makefile
2120 src/libcharon/plugins/farp/Makefile
2121 src/libcharon/plugins/smp/Makefile
2122 src/libcharon/plugins/sql/Makefile
2123 src/libcharon/plugins/dnscert/Makefile
2124 src/libcharon/plugins/ipseckey/Makefile
2125 src/libcharon/plugins/medsrv/Makefile
2126 src/libcharon/plugins/medcli/Makefile
2127 src/libcharon/plugins/addrblock/Makefile
2128 src/libcharon/plugins/unity/Makefile
2129 src/libcharon/plugins/uci/Makefile
2130 src/libcharon/plugins/ha/Makefile
2131 src/libcharon/plugins/kernel_netlink/Makefile
2132 src/libcharon/plugins/kernel_pfkey/Makefile
2133 src/libcharon/plugins/kernel_pfroute/Makefile
2134 src/libcharon/plugins/kernel_libipsec/Makefile
2135 src/libcharon/plugins/kernel_wfp/Makefile
2136 src/libcharon/plugins/kernel_iph/Makefile
2137 src/libcharon/plugins/whitelist/Makefile
2138 src/libcharon/plugins/ext_auth/Makefile
2139 src/libcharon/plugins/lookip/Makefile
2140 src/libcharon/plugins/error_notify/Makefile
2141 src/libcharon/plugins/certexpire/Makefile
2142 src/libcharon/plugins/systime_fix/Makefile
2143 src/libcharon/plugins/led/Makefile
2144 src/libcharon/plugins/duplicheck/Makefile
2145 src/libcharon/plugins/coupling/Makefile
2146 src/libcharon/plugins/radattr/Makefile
2147 src/libcharon/plugins/osx_attr/Makefile
2148 src/libcharon/plugins/p_cscf/Makefile
2149 src/libcharon/plugins/android_dns/Makefile
2150 src/libcharon/plugins/android_log/Makefile
2151 src/libcharon/plugins/stroke/Makefile
2152 src/libcharon/plugins/vici/Makefile
2153 src/libcharon/plugins/vici/ruby/Makefile
2154 src/libcharon/plugins/vici/perl/Makefile
2155 src/libcharon/plugins/vici/python/Makefile
2156 src/libcharon/plugins/updown/Makefile
2157 src/libcharon/plugins/dhcp/Makefile
2158 src/libcharon/plugins/load_tester/Makefile
2159 src/libcharon/plugins/resolve/Makefile
2160 src/libcharon/plugins/attr/Makefile
2161 src/libcharon/plugins/attr_sql/Makefile
2162 src/libcharon/plugins/selinux/Makefile
2163 src/libcharon/tests/Makefile
2164 src/libtpmtss/Makefile
2165 src/libtpmtss/plugins/tpm/Makefile
2168 src/starter/Makefile
2169 src/starter/tests/Makefile
2170 src/_updown/Makefile
2172 src/tpm_extendpcr/Makefile
2174 src/pki/man/Makefile
2176 src/libfast/Makefile
2177 src/manager/Makefile
2179 src/checksum/Makefile
2180 src/conftest/Makefile
2181 src/pt-tls-client/Makefile
2182 src/sw-collector/Makefile
2183 src/sec-updater/Makefile
2184 src/swanctl/Makefile
2185 src/cert-enroll/Makefile
2196 conf/strongswan.conf.5.head
2197 conf/strongswan.conf.5.tail
2200 src/charon-cmd/charon-cmd.8
2202 src/pki/man/pki---acert.1
2203 src/pki/man/pki---dn.1
2204 src/pki/man/pki---est.1
2205 src/pki/man/pki---estca.1
2206 src/pki/man/pki---gen.1
2207 src/pki/man/pki---issue.1
2208 src/pki/man/pki---keyid.1
2209 src/pki/man/pki---ocsp.1
2210 src/pki/man/pki---pkcs12.1
2211 src/pki/man/pki---pkcs7.1
2212 src/pki/man/pki---print.1
2213 src/pki/man/pki---pub.1
2214 src/pki/man/pki---req.1
2215 src/pki/man/pki---scep.1
2216 src/pki/man/pki---scepca.1
2217 src/pki/man/pki---self.1
2218 src/pki/man/pki---signcrl.1
2219 src/pki/man/pki---verify.1
2220 src/swanctl/swanctl.8
2221 src/swanctl/swanctl.conf.5.head
2222 src/swanctl/swanctl.conf.5.tail
2223 src/pt-tls-client/pt-tls-client.1
2224 src/sw-collector/sw-collector.8
2225 src/sec-updater/sec-updater.8
2226 src/cert-enroll/cert-enroll.8
2231 # ========================
2232 # report enabled plugins
2233 # ========================
2236 AC_MSG_RESULT([ strongSwan will be built with the following plugins])
2237 AC_MSG_RESULT([-----------------------------------------------------])
2239 AC_MSG_RESULT([libstrongswan:$s_plugins])
2240 AC_MSG_RESULT([libcharon: $c_plugins])
2241 AC_MSG_RESULT([libtnccs: $t_plugins])
2242 AC_MSG_RESULT([libtpmtss: $p_plugins])
projects / thirdparty / strongswan.git / blob