# initialize & set some vars
# ============================
-AC_INIT([strongSwan],[5.9.11dr3])
+AC_INIT([strongSwan],[5.9.14])
AM_INIT_AUTOMAKE(m4_esyscmd([
echo tar-ustar
echo subdir-objects
ARG_DISBL_SET([pubkey], [disable RAW public key support plugin.])
ARG_DISBL_SET([sshkey], [disable SSH key decoding plugin.])
ARG_DISBL_SET([x509], [disable X509 certificate implementation plugin.])
+ARG_ENABL_SET([openxpki], [enable OCSP responder accessing OpenXPKI certificate database.])
# fetcher/resolver plugins
ARG_ENABL_SET([curl], [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.])
ARG_ENABL_SET([files], [enable simple file:// URI fetcher.])
ARG_ENABL_SET([systemd], [enable systemd specific IKE daemon charon-systemd.])
ARG_DISBL_SET([swanctl], [disable swanctl configuration and control tool.])
ARG_ENABL_SET([tkm], [enable Trusted Key Manager support.])
+ARG_ENABL_SET([cert-enroll], [enable automatic certificate enrollment via EST or SCEP.])
# optional features
ARG_ENABL_SET([bfd-backtraces], [use binutils libbfd to resolve backtraces for memory leaks and segfaults.])
ARG_ENABL_SET([dbghelp-backtraces],[use dbghlp.dll on Windows to create and print backtraces for memory leaks and segfaults.])
ARG_ENABL_SET([selinux], [enable SELinux support for labeled IPsec.])
ARG_ENABL_SET([tss-trousers], [enable the use of the TrouSerS Trusted Software Stack])
ARG_ENABL_SET([tss-tss2], [enable the use of the TSS 2.0 Trusted Software Stack])
+ARG_ENABL_SET([cert-enroll-timer],[enable installation of cert-enroll as a systemd timer.])
# compile options
ARG_ENABL_SET([asan], [enable build with AddressSanitizer (ASan).])
mgf1=true
fi
-if test x$stroke = xtrue; then
+if test x$stroke = xtrue -o x$vici = xtrue; then
counters=true
fi
+if test x$cert_enroll = xtrue; then
+ pki=true
+fi
+
if test x$kdf = xfalse; then
if test x$aesni = xtrue -o x$cmac = xtrue -o x$xcbc = xtrue; then
AC_MSG_WARN(m4_normalize([
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>]],
- [[struct in6_pktinfo pi;
+ [[struct in6_pktinfo pi = {};
if (pi.ipi6_ifindex)
{
return 0;
AC_SUBST(xml_LIBS)
fi
-if test x$systemd = xtrue; then
+if test x$systemd = xtrue -o x$cert_enroll_timer = xtrue; then
AC_MSG_CHECKING([for systemd system unit directory])
if test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno; then
AC_MSG_RESULT([$systemdsystemunitdir])
else
AC_MSG_ERROR([not found (try --with-systemdsystemunitdir)])
fi
+fi
+if test x$systemd = xtrue; then
PKG_CHECK_MODULES(systemd, [libsystemd >= 209],
[AC_SUBST(systemd_CFLAGS)
AC_SUBST(systemd_LIBS)],
AC_SUBST(botan_LIBS)
saved_LIBS=$LIBS
LIBS="$botan_LIBS"
- AC_CHECK_FUNCS(botan_rng_init_custom)
+ AC_CHECK_FUNCS(botan_rng_init_custom botan_pubkey_ecc_key_used_explicit_encoding)
LIBS=$saved_LIBS
fi
ADD_PLUGIN([nonce], [s charon nm cmd aikgen])
ADD_PLUGIN([x509], [s charon pki scripts attest nm cmd aikgen fuzz])
ADD_PLUGIN([revocation], [s charon pki nm cmd])
-ADD_PLUGIN([constraints], [s charon nm cmd])
+ADD_PLUGIN([constraints], [s charon pki nm cmd])
ADD_PLUGIN([acert], [s charon])
ADD_PLUGIN([pubkey], [s charon pki cmd aikgen])
ADD_PLUGIN([pkcs1], [s charon pki scripts manager medsrv attest nm cmd aikgen fuzz])
ADD_PLUGIN([files], [s charon pki scripts nm cmd])
ADD_PLUGIN([winhttp], [s charon pki scripts])
ADD_PLUGIN([soup], [s charon pki scripts nm cmd])
-ADD_PLUGIN([mysql], [s charon pool manager medsrv attest])
-ADD_PLUGIN([sqlite], [s charon pool manager medsrv attest])
+ADD_PLUGIN([mysql], [s charon pki pool manager medsrv attest])
+ADD_PLUGIN([sqlite], [s charon pki pool manager medsrv attest])
+ADD_PLUGIN([openxpki], [s pki])
ADD_PLUGIN([attr], [c charon])
ADD_PLUGIN([attr-sql], [c charon])
ADD_PLUGIN([load-tester], [c charon])
AM_CONDITIONAL(USE_PKCS7, test x$pkcs7 = xtrue)
AM_CONDITIONAL(USE_PKCS8, test x$pkcs8 = xtrue)
AM_CONDITIONAL(USE_PKCS12, test x$pkcs12 = xtrue)
+AM_CONDITIONAL(USE_OPENXPKI, test x$openxpki = xtrue)
AM_CONDITIONAL(USE_PGP, test x$pgp = xtrue)
AM_CONDITIONAL(USE_DNSKEY, test x$dnskey = xtrue)
AM_CONDITIONAL(USE_SSHKEY, test x$sshkey = xtrue)
AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue)
AM_CONDITIONAL(USE_COUNTERS, test x$counters = xtrue)
AM_CONDITIONAL(USE_SELINUX, test x$selinux = xtrue)
+AM_CONDITIONAL(USE_PF_HANDLER, test x$dhcp = xtrue -o x$farp = xtrue)
# other options
# ---------------
AM_CONDITIONAL(USE_SVC, test x$svc = xtrue)
AM_CONDITIONAL(USE_SYSTEMD, test x$systemd = xtrue)
AM_CONDITIONAL(USE_LEGACY_SYSTEMD, test -n "$systemdsystemunitdir" -a "x$systemdsystemunitdir" != xno)
+AM_CONDITIONAL(USE_CERT_ENROLL, test x$cert_enroll = xtrue)
+AM_CONDITIONAL(USE_CERT_ENROLL_TIMER, test x$cert_enroll_timer = xtrue)
AM_CONDITIONAL(USE_RUBY_GEMS, test x$ruby_gems = xtrue)
AM_CONDITIONAL(USE_PYTHON_EGGS, test x$python_eggs = xtrue)
AM_CONDITIONAL(USE_PERL_CPAN, test x$perl_cpan = xtrue)
src/libstrongswan/plugins/pkcs7/Makefile
src/libstrongswan/plugins/pkcs8/Makefile
src/libstrongswan/plugins/pkcs12/Makefile
+ src/libstrongswan/plugins/openxpki/Makefile
src/libstrongswan/plugins/pgp/Makefile
src/libstrongswan/plugins/dnskey/Makefile
src/libstrongswan/plugins/sshkey/Makefile
src/sw-collector/Makefile
src/sec-updater/Makefile
src/swanctl/Makefile
+ src/cert-enroll/Makefile
src/xfrmi/Makefile
scripts/Makefile
testing/Makefile
src/pki/man/pki---gen.1
src/pki/man/pki---issue.1
src/pki/man/pki---keyid.1
+ src/pki/man/pki---ocsp.1
src/pki/man/pki---pkcs12.1
src/pki/man/pki---pkcs7.1
src/pki/man/pki---print.1
src/pt-tls-client/pt-tls-client.1
src/sw-collector/sw-collector.8
src/sec-updater/sec-updater.8
+ src/cert-enroll/cert-enroll.8
])
AC_OUTPUT