# initialize & set some vars
# ============================
-AC_INIT([strongSwan],[5.6.2dr4])
+AC_INIT([strongSwan],[5.8.0dr2])
AM_INIT_AUTOMAKE(m4_esyscmd([
echo tar-ustar
echo subdir-objects
ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.])
ARG_ENABL_SET([bliss], [enable BLISS software implementation plugin.])
ARG_ENABL_SET([blowfish], [enable Blowfish software implementation plugin.])
+ARG_ENABL_SET([botan], [enables the Botan crypto plugin.])
ARG_ENABL_SET([ccm], [enables the CCM AEAD wrapper crypto plugin.])
ARG_ENABL_SET([chapoly], [enables the ChaCha20/Poly1305 AEAD plugin.])
ARG_DISBL_SET([cmac], [disable CMAC crypto implementation plugin.])
ARG_DISBL_SET([nonce], [disable nonce generation plugin.])
ARG_ENABL_SET([ntru], [enables the NTRU crypto plugin.])
ARG_ENABL_SET([openssl], [enables the OpenSSL crypto plugin.])
+ARG_ENABL_SET([wolfssl], [enables the wolfSSL crypto plugin.])
ARG_ENABL_SET([padlock], [enables VIA Padlock crypto plugin.])
ARG_DISBL_SET([random], [disable RNG implementation on top of /dev/(u)random.])
ARG_DISBL_SET([rc2], [disable RC2 software implementation plugin.])
ARG_ENABL_SET([imv-os], [enable IMV operating system module.])
ARG_ENABL_SET([imc-attestation],[enable IMC attestation module.])
ARG_ENABL_SET([imv-attestation],[enable IMV attestation module.])
-ARG_ENABL_SET([imc-swid], [enable IMC swid module.])
-ARG_ENABL_SET([imv-swid], [enable IMV swid module.])
ARG_ENABL_SET([imc-swima], [enable IMC swima module.])
ARG_ENABL_SET([imv-swima], [enable IMV swima module.])
ARG_ENABL_SET([imc-hcd], [enable IMC hcd module.])
ARG_ENABL_SET([load-tester], [enable load testing plugin for IKEv2 daemon.])
ARG_ENABL_SET([lookip], [enable fast virtual IP lookup and notification plugin.])
ARG_ENABL_SET([radattr], [enable plugin to inject and process custom RADIUS attributes as IKEv2 client.])
+ARG_ENABL_SET([save-keys], [enable development/debugging plugin that saves IKE and ESP keys in Wireshark format.])
ARG_ENABL_SET([systime-fix], [enable plugin to handle cert lifetimes with invalid system time gracefully.])
ARG_ENABL_SET([test-vectors], [enable plugin providing crypto test vectors.])
ARG_DISBL_SET([updown], [disable updown firewall script plugin.])
ARG_DISBL_SET([charon], [disable the IKEv1/IKEv2 keying daemon charon.])
ARG_ENABL_SET([cmd], [enable the command line IKE client charon-cmd.])
ARG_ENABL_SET([conftest], [enforce Suite B conformance test framework.])
-ARG_ENABL_SET([dumm], [enable the DUMM UML test framework.])
ARG_ENABL_SET([fast], [enable libfast (FastCGI Application Server w/ templates.])
ARG_ENABL_SET([fuzzing], [enable fuzzing scripts (found in directory fuzz).])
ARG_ENABL_SET([libipsec], [enable user space IPsec implementation.])
radius=true;
fi
-if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then
+if test x$tnc_imc = xtrue -o x$tnc_imv = xtrue -o x$tnccs_11 = xtrue -o x$tnccs_20 = xtrue -o x$tnccs_dynamic = xtrue -o x$eap_tnc = xtrue; then
tnc_tnccs=true;
fi
tls=true;
fi
-if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swid = xtrue -o x$imv_swid = xtrue -o x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then
+if test x$imc_test = xtrue -o x$imv_test = xtrue -o x$imc_scanner = xtrue -o x$imv_scanner = xtrue -o x$imc_os = xtrue -o x$imv_os = xtrue -o x$imc_attestation = xtrue -o x$imv_attestation = xtrue -o x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imc_hcd = xtrue -o x$imv_hcd = xtrue; then
imcv=true;
fi
if test x$fips_prf = xtrue; then
- if test x$openssl = xfalse; then
+ if test x$openssl = xfalse -a x$wolfssl = xfalse; then
sha1=true;
fi
fi
fi
if test x$tss_tss2 = xtrue; then
+ PKG_CHECK_MODULES(tss2_sys, [tss2-sys],
+ [tss2_sys=true; AC_DEFINE([TSS2_SYS], [], [use TSS2 v2 System API])],
+ [tss2_sys=false])
+ PKG_CHECK_MODULES(tss2_esys, [tss2-esys],
+ [tss2_esys=true; AC_DEFINE([TSS2_ESYS], [], [use TSS2 v2 Extended System API])],
+ [tss2_esys=false])
PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd],
[tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Mamager])],
[tss2_tabrmd=false])
PKG_CHECK_MODULES(tss2_socket, [tcti-socket],
[tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])],
[tss2_socket=false])
- if test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
- AC_DEFINE([TSS_TSS2], [], [use TSS 2.0 libraries])
+ if test x$tss2_sys = xtrue; then
+ AC_DEFINE([TSS_TSS2_V2], [], [use TSS 2.0 v2 libraries])
+ AC_SUBST(tss2_CFLAGS, "$tss2_sys_CFLAGS")
+ AC_SUBST(tss2_LIBS, "$tss2_sys_LIBS")
+ elif test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
+ AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries])
AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS")
AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS")
else
- AC_MSG_FAILURE([no TSS2 TCTI library detected])
+ AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected])
fi
fi
-if test x$imc_swima = xtrue -o $imv_swima = xtrue -o x$imv_swid = xtrue; then
+if test x$imc_swima = xtrue -o $imv_swima = xtrue; then
PKG_CHECK_MODULES(json, [json-c], [],
[PKG_CHECK_MODULES(json, [json])])
AC_SUBST(json_CFLAGS)
AC_SUBST(json_LIBS)
fi
-if test x$dumm = xtrue; then
- PKG_CHECK_MODULES(gtk, [gtk+-2.0 vte])
- AC_SUBST(gtk_CFLAGS)
- AC_SUBST(gtk_LIBS)
- AC_CHECK_PROGS(RUBY, ruby)
- PKG_CHECK_MODULES(ruby, [ruby])
- saved_LIBS=$LIBS
- LIBS=$ruby_LIBS
- AC_CHECK_FUNCS(rb_errinfo)
- LIBS=$saved_LIBS
-fi
-
if test x$fast = xtrue; then
AC_CHECK_LIB([neo_utl],[hdf_init],[LIBS="$LIBS"],[AC_MSG_ERROR([ClearSilver library neo_utl not found!])],[])
AC_MSG_CHECKING([for -lneo_cgi and dependencies])
AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
fi
+if test x$wolfssl = xtrue; then
+ wolfssl_lib=wolfssl
+ AC_CHECK_LIB([$wolfssl_lib],[wolfSSL_Init],[LIBS="$LIBS"],
+ [AC_MSG_ERROR([wolfSSL lib$wolfssl_lib not found])],[$DLLIB])
+ AC_SUBST(WOLFSSL_LIB, [-l$wolfssl_lib])
+ AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
+fi
+
if test x$gcrypt = xtrue; then
AC_CHECK_LIB([gcrypt],[gcry_control],[LIBS="$LIBS"],[AC_MSG_ERROR([gcrypt library not found])],[-lgpg-error])
AC_CHECK_HEADER([gcrypt.h],,[AC_MSG_ERROR([gcrypt header gcrypt.h not found!])])
)
fi
+if test x$botan = xtrue; then
+ PKG_CHECK_MODULES(botan, [botan-2])
+ AC_SUBST(botan_CFLAGS)
+ AC_SUBST(botan_LIBS)
+fi
+
if test x$uci = xtrue; then
AC_CHECK_LIB([uci],[uci_alloc_context],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[])
AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
else
# required for libFuzzer
FUZZING_LDFLAGS="-stdlib=libc++ -lstdc++"
+ if test "$SANITIZER" = "coverage"; then
+ FUZZING_LDFLAGS="$FUZZING_LDFLAGS -lm"
+ fi
AC_SUBST(FUZZING_LDFLAGS)
fi
fi
AM_CONDITIONAL(RUBY_GEMS_INSTALL, [test "x$ruby_gems_install" = xtrue])
if test x$python_eggs = xtrue; then
- PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/dev/'`
+ PYTHON_PACKAGE_VERSION=`echo "$PACKAGE_VERSION" | $SED 's/dr/.dev/'`
AC_SUBST([PYTHON_PACKAGE_VERSION])
if test x$python_eggs_install = xtrue; then
AC_PATH_PROG([EASY_INSTALL], [easy_install], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
ADD_PLUGIN([pem], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
ADD_PLUGIN([padlock], [s charon])
ADD_PLUGIN([openssl], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ADD_PLUGIN([wolfssl], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
ADD_PLUGIN([gcrypt], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ADD_PLUGIN([botan], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
ADD_PLUGIN([fips-prf], [s charon nm cmd])
ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
ADD_PLUGIN([kernel-pfroute], [c charon starter nm cmd])
ADD_PLUGIN([kernel-netlink], [c charon starter nm cmd])
ADD_PLUGIN([resolve], [c charon cmd])
+ADD_PLUGIN([save-keys], [c])
ADD_PLUGIN([socket-default], [c charon nm cmd])
ADD_PLUGIN([socket-dynamic], [c charon cmd])
ADD_PLUGIN([socket-win], [c charon])
AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
+AM_CONDITIONAL(USE_WOLFSSL, test x$wolfssl = xtrue)
AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
+AM_CONDITIONAL(USE_BOTAN, test x$botan = xtrue)
AM_CONDITIONAL(USE_AGENT, test x$agent = xtrue)
AM_CONDITIONAL(USE_KEYCHAIN, test x$keychain = xtrue)
AM_CONDITIONAL(USE_PKCS11, test x$pkcs11 = xtrue)
AM_CONDITIONAL(USE_IMV_OS, test x$imv_os = xtrue)
AM_CONDITIONAL(USE_IMC_ATTESTATION, test x$imc_attestation = xtrue)
AM_CONDITIONAL(USE_IMV_ATTESTATION, test x$imv_attestation = xtrue)
-AM_CONDITIONAL(USE_IMC_SWID, test x$imc_swid = xtrue)
-AM_CONDITIONAL(USE_IMV_SWID, test x$imv_swid = xtrue)
AM_CONDITIONAL(USE_IMC_SWIMA, test x$imc_swima = xtrue)
AM_CONDITIONAL(USE_IMV_SWIMA, test x$imv_swima = xtrue)
AM_CONDITIONAL(USE_IMC_HCD, test x$imc_hcd = xtrue)
AM_CONDITIONAL(USE_IMV_HCD, test x$imv_hcd = xtrue)
+AM_CONDITIONAL(USE_SAVE_KEYS, test x$save_keys = xtrue)
AM_CONDITIONAL(USE_SOCKET_DEFAULT, test x$socket_default = xtrue)
AM_CONDITIONAL(USE_SOCKET_DYNAMIC, test x$socket_dynamic = xtrue)
AM_CONDITIONAL(USE_SOCKET_WIN, test x$socket_win = xtrue)
# ---------------
AM_CONDITIONAL(USE_LEAK_DETECTIVE, test x$leak_detective = xtrue)
AM_CONDITIONAL(USE_LOCK_PROFILER, test x$lock_profiler = xtrue)
-AM_CONDITIONAL(USE_DUMM, test x$dumm = xtrue)
AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
if test x$fuzzing = xtrue; then
AC_DEFINE([USE_FUZZING], [], [build code for fuzzing])
fi
-if test x$imc_swima = xtrue -o x$imv_swima = xtrue -o x$imv_swid = xtrue ; then
+if test x$imc_swima = xtrue -o x$imv_swima = xtrue; then
AC_DEFINE([USE_JSON], [], [build code for JSON])
fi
man/Makefile
init/Makefile
init/systemd/Makefile
- init/systemd-swanctl/Makefile
+ init/systemd-starter/Makefile
src/Makefile
src/include/Makefile
src/libstrongswan/Makefile
src/libstrongswan/plugins/sqlite/Makefile
src/libstrongswan/plugins/padlock/Makefile
src/libstrongswan/plugins/openssl/Makefile
+ src/libstrongswan/plugins/wolfssl/Makefile
src/libstrongswan/plugins/gcrypt/Makefile
+ src/libstrongswan/plugins/botan/Makefile
src/libstrongswan/plugins/agent/Makefile
src/libstrongswan/plugins/keychain/Makefile
src/libstrongswan/plugins/pkcs11/Makefile
src/libimcv/plugins/imv_os/Makefile
src/libimcv/plugins/imc_attestation/Makefile
src/libimcv/plugins/imv_attestation/Makefile
- src/libimcv/plugins/imc_swid/Makefile
- src/libimcv/plugins/imv_swid/Makefile
src/libimcv/plugins/imc_swima/Makefile
src/libimcv/plugins/imv_swima/Makefile
src/libimcv/plugins/imc_hcd/Makefile
src/libcharon/Makefile
src/libcharon/plugins/eap_aka/Makefile
src/libcharon/plugins/eap_aka_3gpp/Makefile
+ src/libcharon/plugins/eap_aka_3gpp/tests/Makefile
src/libcharon/plugins/eap_aka_3gpp2/Makefile
src/libcharon/plugins/eap_dynamic/Makefile
src/libcharon/plugins/eap_identity/Makefile
src/libcharon/plugins/xauth_noauth/Makefile
src/libcharon/plugins/tnc_ifmap/Makefile
src/libcharon/plugins/tnc_pdp/Makefile
+ src/libcharon/plugins/save_keys/Makefile
src/libcharon/plugins/socket_default/Makefile
src/libcharon/plugins/socket_dynamic/Makefile
src/libcharon/plugins/socket_win/Makefile
src/pki/Makefile
src/pki/man/Makefile
src/pool/Makefile
- src/dumm/Makefile
- src/dumm/ext/extconf.rb
src/libfast/Makefile
src/manager/Makefile
src/medsrv/Makefile
src/sw-collector/Makefile
src/sec-updater/Makefile
src/swanctl/Makefile
+ src/xfrmi/Makefile
scripts/Makefile
testing/Makefile
])