Project

General

Profile

Autoconf options for the most current strongSwan release » History » Version 41

Tobias Brunner, 27.08.2015 12:18
Updated for 5.3.3

1 28 Tobias Brunner
h1. Autoconf options for the most current strongSwan release
2 1 Andreas Steffen
3 2 Andreas Steffen
{{>toc}}
4 2 Andreas Steffen
5 19 Tobias Brunner
bq. *Please note:* This page documents the _./configure_ options for the most current release. Therefore, you should always use _./configure --help_ to check which options are actually available for the release you are using.
6 1 Andreas Steffen
7 1 Andreas Steffen
h2. --dir options
8 1 Andreas Steffen
9 19 Tobias Brunner
*Some directories can be configure through [[Autoconf#--with-options|--with options]].*
10 19 Tobias Brunner
11 1 Andreas Steffen
--prefix=PREFIX
12 1 Andreas Steffen
13 1 Andreas Steffen
p((. where to put installation [ _/usr/local_ ]. Most Linux distributions use _"/usr"_.
14 1 Andreas Steffen
15 1 Andreas Steffen
--libexecdir=LIBEXECDIR
16 1 Andreas Steffen
17 1 Andreas Steffen
p((. program executables [ _PREFIX/libexec_ ]
18 16 Tobias Brunner
19 16 Tobias Brunner
--libdir=LIBDIR
20 16 Tobias Brunner
21 16 Tobias Brunner
p((. shared libraries [ _PREFIX/lib_ ]
22 1 Andreas Steffen
 
23 1 Andreas Steffen
--sysconfdir=SYSCONFDIR
24 1 Andreas Steffen
25 1 Andreas Steffen
p((. where to put configuration files [ _PREFIX/etc_ ]. We strongly recommend _"/etc"_.
26 1 Andreas Steffen
27 17 Tobias Brunner
h2. --enable options
28 1 Andreas Steffen
29 17 Tobias Brunner
*The [[pluginlist|plugin list]] provides more information on specific plugins.*
30 17 Tobias Brunner
31 34 Tobias Brunner
--enable-acert
32 34 Tobias Brunner
33 34 Tobias Brunner
p((. enable X.509 attribute certificate checking plugin [ _no_ ]. Since [[5.1.3]].
34 34 Tobias Brunner
35 1 Andreas Steffen
--enable-addrblock
36 1 Andreas Steffen
37 34 Tobias Brunner
p((. enable RFC 3779 address block constraint support plugin [ _no_ ].
38 1 Andreas Steffen
39 40 Tobias Brunner
--enable-aesni
40 40 Tobias Brunner
41 40 Tobias Brunner
p((. enable Intel AES-NI crypto plugin [ _no_ ]. Since version:5.3.1.
42 40 Tobias Brunner
43 6 Andreas Steffen
--enable-af-alg
44 6 Andreas Steffen
45 6 Andreas Steffen
p((. enable AF_ALG crypto interface to Linux Crypto API [ _no_ ]. 
46 6 Andreas Steffen
47 1 Andreas Steffen
--enable-agent
48 1 Andreas Steffen
49 6 Andreas Steffen
p((. enable the ssh-agent signing plugin [ _no_ ]. 
50 1 Andreas Steffen
51 35 Tobias Brunner
--enable-aikgen
52 35 Tobias Brunner
53 35 Tobias Brunner
p((. enable AIK generator [ _no_ ]. Since [[5.2.0]].
54 35 Tobias Brunner
55 34 Tobias Brunner
--enable-all
56 34 Tobias Brunner
57 34 Tobias Brunner
p((. enable all optional plugins and features (they can be disabled with their respective --disable options) [ _no_ ]. Mainly intended for testing. Since [[5.1.3]].
58 34 Tobias Brunner
59 1 Andreas Steffen
--enable-android
60 1 Andreas Steffen
61 22 Tobias Brunner
p((. enable Android specific plugin [ _no_ ]. 
62 1 Andreas Steffen
63 22 Tobias Brunner
--enable-android-log
64 22 Tobias Brunner
65 22 Tobias Brunner
p((. enable Android specific logger plugin [ _no_ ].
66 22 Tobias Brunner
67 1 Andreas Steffen
--enable-attr-sql
68 1 Andreas Steffen
69 6 Andreas Steffen
p((. enable the SQL based configuration attribute plugin [ _no_ ]. 
70 1 Andreas Steffen
 This is a plugin for VPN gateways only, serving virtual IP addresses
71 1 Andreas Steffen
72 28 Tobias Brunner
--enable-bfd-backtraces
73 28 Tobias Brunner
74 28 Tobias Brunner
p((. use binutil's libbfd to resolve backtraces for memory leaks and segfaults [ _no_ ]. Since [[5.0.1]].
75 28 Tobias Brunner
76 38 Tobias Brunner
--enable-bliss
77 38 Tobias Brunner
78 38 Tobias Brunner
p((. enable Bimodal Lattice Signature Scheme (BLISS) software implementation plugin [ _no_ ]. Since version:5.2.2.
79 38 Tobias Brunner
80 1 Andreas Steffen
--enable-blowfish
81 1 Andreas Steffen
82 1 Andreas Steffen
p((. enable Blowfish software implementation plugin [ _no_ ].
83 1 Andreas Steffen
84 1 Andreas Steffen
--enable-ccm
85 1 Andreas Steffen
86 1 Andreas Steffen
p((. enable the CCM AEAD wrapper crypto plugin [ _no_ ].
87 1 Andreas Steffen
88 41 Tobias Brunner
--enable-chapoly
89 41 Tobias Brunner
90 41 Tobias Brunner
p((. enables the ChaCha20/Poly1305 AEAD plugin [ _no_ ]. Since version:5.3.3.
91 41 Tobias Brunner
92 19 Tobias Brunner
--enable-certexpire
93 19 Tobias Brunner
94 19 Tobias Brunner
p((. enable CSV export of expiration dates of used certificates [ _no_ ].
95 1 Andreas Steffen
96 28 Tobias Brunner
--enable-cmd
97 28 Tobias Brunner
98 28 Tobias Brunner
p((. enable the command line IKE client charon-cmd [ _no_ ]. Since [[5.1.0]].
99 28 Tobias Brunner
100 6 Andreas Steffen
--enable-conftest
101 1 Andreas Steffen
102 33 Tobias Brunner
p((. enable the [[IpsecConftest|IKE conformance test framework]] [ _no_ ].
103 9 Andreas Steffen
104 39 Tobias Brunner
--enable-connmark
105 39 Tobias Brunner
106 39 Tobias Brunner
p((. enable [[connmark]] plugin, which enables conntrack based marks to select return path SA [ _no_ ]. Since version:5.3.0.
107 39 Tobias Brunner
108 1 Andreas Steffen
--enable-coupling
109 1 Andreas Steffen
110 19 Tobias Brunner
p((. enable IKEv2 plugin to couple peer certificates permanently to authentication [ _no_ ].
111 1 Andreas Steffen
112 28 Tobias Brunner
--enable-coverage
113 28 Tobias Brunner
114 28 Tobias Brunner
p((. enable lcov coverage report report generation [ _no_ ]. Since [[5.1.0]].
115 28 Tobias Brunner
*Note:* This disables any optimization, so it shouldn't be enabled when building production releases.
116 28 Tobias Brunner
117 1 Andreas Steffen
--enable-ctr
118 1 Andreas Steffen
119 1 Andreas Steffen
p((. enable the counter mode wrapper crypto plugin [ _no_ ].
120 16 Tobias Brunner
121 16 Tobias Brunner
--enable-curl
122 1 Andreas Steffen
123 16 Tobias Brunner
p((. enable plugin to fetch files (CRL/OCSP) via libcurl [ _no_ ]. Requires libcurl.
124 16 Tobias Brunner
125 35 Tobias Brunner
--enable-dbghelp-backtraces
126 35 Tobias Brunner
127 35 Tobias Brunner
p((. use dbghlp.dll on Windows to create and print backtraces for memory leaks and segfaults [ _no_ ]. Since [[5.2.0]].
128 35 Tobias Brunner
129 1 Andreas Steffen
--enable-dhcp
130 1 Andreas Steffen
131 19 Tobias Brunner
p((. enable DHCP based attribute provider plugin. [ _no_ ].
132 1 Andreas Steffen
133 30 Tobias Brunner
--enable-dnscert
134 30 Tobias Brunner
135 30 Tobias Brunner
p((. enable plugin that authenticates peers based on CERT resource records in the DNS protected by DNSSEC [ _no_ ]. Since [[5.1.1]].
136 30 Tobias Brunner
137 1 Andreas Steffen
--enable-dumm
138 1 Andreas Steffen
139 1 Andreas Steffen
p((. build the new UML test framework [ _no_ ]. See [[DynamicUmlMeshModeler|DUMM]].
140 1 Andreas Steffen
141 9 Andreas Steffen
--enable-duplicheck
142 9 Andreas Steffen
143 19 Tobias Brunner
p((. enable advanced duplicate checking plugin using liveness checks [ _no_ ].
144 1 Andreas Steffen
145 1 Andreas Steffen
--enable-eap-aka
146 1 Andreas Steffen
147 19 Tobias Brunner
p((. build EAP AKA authentication module [ _no_ ].
148 1 Andreas Steffen
149 1 Andreas Steffen
--enable-eap-aka-3gpp2
150 1 Andreas Steffen
151 1 Andreas Steffen
p((. build EAP AKA backend module implementing 3GPP2 algorithm in software [ _no_ ]. Requires libgmp.
152 1 Andreas Steffen
153 22 Tobias Brunner
--enable-eap-dynamic
154 22 Tobias Brunner
155 22 Tobias Brunner
p((. build dynamic EAP proxy module [ _no_ ].
156 22 Tobias Brunner
157 1 Andreas Steffen
--enable-eap-gtc
158 1 Andreas Steffen
159 22 Tobias Brunner
p((. build [[EapGtc|EAP GTC]] authentication module [ _no_ ].
160 1 Andreas Steffen
161 1 Andreas Steffen
--enable-eap-identity
162 1 Andreas Steffen
163 1 Andreas Steffen
p((. build EAP module providing EAP-Identity helper [ _no_ ].
164 1 Andreas Steffen
165 1 Andreas Steffen
--enable-eap-md5
166 1 Andreas Steffen
167 19 Tobias Brunner
p((. build EAP MD5 (CHAP) authentication module [ _no_ ].
168 1 Andreas Steffen
169 1 Andreas Steffen
--enable-eap-mschapv2
170 1 Andreas Steffen
171 19 Tobias Brunner
p((. enable EAP MS-CHAPv2 authentication module [ _no_ ].
172 10 Andreas Steffen
173 10 Andreas Steffen
--enable-eap-peap
174 1 Andreas Steffen
175 1 Andreas Steffen
p((. enable EAP PEAP authentication plugin [ _no_ ].
176 1 Andreas Steffen
177 1 Andreas Steffen
--enable-eap-radius
178 1 Andreas Steffen
179 19 Tobias Brunner
p((. enable [[EapRadius|RADIUS]] proxy authentication module for EAP [ _no_ ].
180 1 Andreas Steffen
181 1 Andreas Steffen
--enable-eap-sim
182 1 Andreas Steffen
183 19 Tobias Brunner
p((. enable EAP-SIM authentication module [ _no_ ].
184 1 Andreas Steffen
185 16 Tobias Brunner
--enable-eap-sim-file
186 11 Andreas Steffen
187 19 Tobias Brunner
p((. enable EAP-SIM back end based on a triplets file [ _no_ ].
188 11 Andreas Steffen
189 11 Andreas Steffen
--enable-eap-sim-pcsc
190 1 Andreas Steffen
191 19 Tobias Brunner
p((. enable EAP-SIM back end based on a smartcard reader [ _no_ ]. Requires libpcsclite.
192 1 Andreas Steffen
193 1 Andreas Steffen
--enable-eap-simaka-pseudonym
194 1 Andreas Steffen
195 1 Andreas Steffen
p((. enable EAP-SIM/AKA pseudonym storage [ _no_ ].
196 1 Andreas Steffen
197 1 Andreas Steffen
--enable-eap-simaka-reauth
198 1 Andreas Steffen
199 1 Andreas Steffen
p((. enable EAP-SIM/AKA reauthentication data storage [ _no_ ].
200 1 Andreas Steffen
201 1 Andreas Steffen
--enable-eap-simaka-sql
202 1 Andreas Steffen
203 19 Tobias Brunner
p((. enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database [ _no_ ].
204 1 Andreas Steffen
205 1 Andreas Steffen
--enable-eap-tls
206 1 Andreas Steffen
207 1 Andreas Steffen
p((. enable EAP TLS authentication plugin [ _no_ ].
208 1 Andreas Steffen
209 1 Andreas Steffen
--enable-eap-tnc
210 1 Andreas Steffen
211 1 Andreas Steffen
p((. enable EAP TNC trusted network connect plugin [ _no_ ].
212 1 Andreas Steffen
213 1 Andreas Steffen
--enable-eap-ttls
214 1 Andreas Steffen
215 1 Andreas Steffen
p((. enable EAP TTLS authentication plugin [ _no_ ].
216 1 Andreas Steffen
217 23 Tobias Brunner
--enable-error-notify
218 23 Tobias Brunner
219 23 Tobias Brunner
p((. enable [[ErrorNotifyPlugin|error notification plugin]] [ _no_ ].
220 23 Tobias Brunner
221 37 Tobias Brunner
--enable-ext-auth
222 37 Tobias Brunner
223 37 Tobias Brunner
p((. enable plugin calling an external authorization script [ _no_ ]. Since version:5.2.1.
224 37 Tobias Brunner
225 1 Andreas Steffen
--enable-farp
226 1 Andreas Steffen
227 19 Tobias Brunner
p((.  enable ARP faking plugin that responds to ARP requests for virtual IPs assigned to peers [ _no_ ].
228 1 Andreas Steffen
229 1 Andreas Steffen
--enable-fast
230 1 Andreas Steffen
231 19 Tobias Brunner
p((. build libfast (FastCGI Application Server w/ templates) [ _no_ ]. See [[libfast]].
232 1 Andreas Steffen
233 39 Tobias Brunner
--enable-files
234 39 Tobias Brunner
235 39 Tobias Brunner
p((. enable simple file:// URI fetcher [ _no_ ]. Since version:5.3.0.
236 39 Tobias Brunner
237 39 Tobias Brunner
--enable-forecast
238 39 Tobias Brunner
239 39 Tobias Brunner
p((. enable [[forecast]] plugin, which forwards broadcast/multicast messages [ _no_ ]. Since version:5.3.0.
240 39 Tobias Brunner
241 1 Andreas Steffen
--enable-gcm
242 1 Andreas Steffen
243 1 Andreas Steffen
p((. enable the GCM AEAD wrapper crypto plugin [ _no_ ].
244 1 Andreas Steffen
245 1 Andreas Steffen
--enable-gcrypt
246 1 Andreas Steffen
247 1 Andreas Steffen
p((. enable the libgcrypt plugin [ _no_ ]. Requires the GNU Libgcrypt library.
248 1 Andreas Steffen
249 1 Andreas Steffen
--enable-ha
250 1 Andreas Steffen
251 1 Andreas Steffen
p((. enable the [[HighAvailability|high availability]] cluster plugin [ _no_ ]. 
252 19 Tobias Brunner
253 19 Tobias Brunner
--enable-imc-attestation
254 1 Andreas Steffen
255 23 Tobias Brunner
p((. enable IMC attestation module [ _no_ ].
256 1 Andreas Steffen
257 41 Tobias Brunner
--enable-imc-hcd
258 41 Tobias Brunner
259 41 Tobias Brunner
p((. enable [[HCD-IMC|IMC hcd]] module [ _no_ ]. Since version:5.3.3.
260 41 Tobias Brunner
261 23 Tobias Brunner
--enable-imc-os
262 23 Tobias Brunner
263 23 Tobias Brunner
p((. enable IMC operating system module [ _no_ ].
264 23 Tobias Brunner
265 1 Andreas Steffen
--enable-imc-scanner
266 1 Andreas Steffen
267 19 Tobias Brunner
p((. enable IMC port scanner module [ _no_ ].
268 13 Andreas Steffen
269 30 Tobias Brunner
--enable-imc-swid
270 30 Tobias Brunner
271 30 Tobias Brunner
p((. enable IMC swid module [ _no_ ]. Since [[5.1.1]].
272 30 Tobias Brunner
273 1 Andreas Steffen
--enable-imc-test
274 13 Andreas Steffen
275 19 Tobias Brunner
p((. enable IMC test module [ _no_ ].
276 12 Andreas Steffen
277 19 Tobias Brunner
--enable-imv-attestation
278 19 Tobias Brunner
279 19 Tobias Brunner
p((. enable IMV attestation module [ _no_ ].
280 41 Tobias Brunner
281 41 Tobias Brunner
--enable-imv-hcd
282 41 Tobias Brunner
283 41 Tobias Brunner
p((. enable [[HCD-IMV|IMV hcd]] module [ _no_ ]. Since version:5.3.3.
284 1 Andreas Steffen
285 23 Tobias Brunner
--enable-imv-os
286 23 Tobias Brunner
287 23 Tobias Brunner
p((. enable IMV operating system module [ _no_ ].
288 23 Tobias Brunner
289 13 Andreas Steffen
--enable-imv-scanner
290 13 Andreas Steffen
291 19 Tobias Brunner
p((. enable IMV port scanner module [ _no_ ].
292 30 Tobias Brunner
293 30 Tobias Brunner
--enable-imv-swid
294 30 Tobias Brunner
295 30 Tobias Brunner
p((. enable IMV swid module [ _no_ ]. Since [[5.1.1]].
296 1 Andreas Steffen
297 12 Andreas Steffen
--enable-imv-test
298 12 Andreas Steffen
299 19 Tobias Brunner
p((. enable IMV test module [ _no_ ].
300 12 Andreas Steffen
301 1 Andreas Steffen
--enable-integrity-test
302 1 Andreas Steffen
303 24 Tobias Brunner
p((. enable [[IntegrityTest|integrity testing]] of the daemon, libraries and loaded plugins [ _no_ ].
304 24 Tobias Brunner
305 24 Tobias Brunner
--enable-ipseckey
306 24 Tobias Brunner
307 1 Andreas Steffen
p((. enable IPSECKEY authentication plugin, which authenticates peers based on IPSECKEY resource records in the DNS protected by DNSSEC [ _no_ ]. Since [[5.0.3]].
308 1 Andreas Steffen
309 35 Tobias Brunner
--enable-kernel-iph
310 1 Andreas Steffen
311 35 Tobias Brunner
p((. enable the [[Kernel-iph|Windows IP Helper based networking backend]] [ _no_ ]. Since [[5.2.0]].
312 1 Andreas Steffen
313 28 Tobias Brunner
--enable-kernel-libipsec
314 28 Tobias Brunner
315 29 Tobias Brunner
p((. enable the [[kernel-libipsec|libipsec-based user-space "kernel" interface]] [ _no_ ]. Since [[5.1.0]].
316 28 Tobias Brunner
317 1 Andreas Steffen
--enable-kernel-pfkey
318 1 Andreas Steffen
319 19 Tobias Brunner
p((. enable the PF_KEYv2 NETKEY kernel interface [ _no_ ].
320 1 Andreas Steffen
321 1 Andreas Steffen
--enable-kernel-pfroute
322 1 Andreas Steffen
323 1 Andreas Steffen
p((. enable the PF_ROUTE kernel interface [ _no_ ]. Required for FreeBSD and Mac OS X.
324 1 Andreas Steffen
325 35 Tobias Brunner
--enable-kernel-wfp
326 35 Tobias Brunner
327 35 Tobias Brunner
p((. enable the [[Kernel-wfp|Windows Filtering Platform IPsec backend]] [ _no_ ]. Since [[5.2.0]].
328 35 Tobias Brunner
329 28 Tobias Brunner
--enable-keychain
330 28 Tobias Brunner
331 28 Tobias Brunner
p((. enable Mac OS X Keychain Services credential set [ _no_ ]. Since [[5.1.0]].
332 28 Tobias Brunner
333 22 Tobias Brunner
--enable-libipsec
334 22 Tobias Brunner
335 22 Tobias Brunner
p((. enable user space IPsec implementation [ _no_ ].
336 22 Tobias Brunner
337 1 Andreas Steffen
--enable-ldap
338 1 Andreas Steffen
339 1 Andreas Steffen
p((. enable LDAP fetcher to fetch files (CRLs) from an LDAP server [ _no_ ]. Requires OpenLDAP.
340 1 Andreas Steffen
341 1 Andreas Steffen
--enable-leak-detective
342 1 Andreas Steffen
343 1 Andreas Steffen
p((. enable malloc hooks to find memory leaks [ _no_ ].
344 5 Andreas Steffen
345 5 Andreas Steffen
--enable-led
346 5 Andreas Steffen
347 19 Tobias Brunner
p((. enable plugin to control LEDs on IKEv2 activity using the Linux kernel LED subsystem [ _no_ ].
348 1 Andreas Steffen
349 1 Andreas Steffen
--enable-load-tester
350 1 Andreas Steffen
351 1 Andreas Steffen
p((. enable load testing plugin for IKEv2 daemon [ _no_ ].
352 1 Andreas Steffen
353 1 Andreas Steffen
--enable-lock-profiler
354 1 Andreas Steffen
355 1 Andreas Steffen
p((. enable lock/mutex profiling code [ _no_ ].
356 1 Andreas Steffen
357 23 Tobias Brunner
--enable-lookip
358 23 Tobias Brunner
359 23 Tobias Brunner
p((. enable fast virtual IP [[lookip|lookup and notification plugin]] [ _no_ ].
360 23 Tobias Brunner
361 16 Tobias Brunner
--enable-maemo
362 1 Andreas Steffen
363 16 Tobias Brunner
p((. enable the Maemo specific plugin [ _no_ ].
364 16 Tobias Brunner
365 1 Andreas Steffen
--enable-manager
366 1 Andreas Steffen
367 1 Andreas Steffen
p((. build the strongSwan manager web application [ _no_ ]. See [[Manager]].
368 1 Andreas Steffen
369 16 Tobias Brunner
--enable-md4
370 16 Tobias Brunner
371 16 Tobias Brunner
p((. enable MD4 software implementation plugin. Required for eap-mschapv2 plugin [ _no_ ].
372 1 Andreas Steffen
373 1 Andreas Steffen
--enable-medcli
374 1 Andreas Steffen
375 1 Andreas Steffen
p((. enable mediation client web front end and daemon plugin [ _no_ ].
376 1 Andreas Steffen
377 1 Andreas Steffen
--enable-mediation
378 1 Andreas Steffen
379 1 Andreas Steffen
p((. enable IKEv2 Mediation Extension [ _no_ ].
380 1 Andreas Steffen
381 1 Andreas Steffen
--enable-medsrv
382 1 Andreas Steffen
383 1 Andreas Steffen
p((. enable mediation server web front end and daemon plugin [ _no_ ].
384 1 Andreas Steffen
385 1 Andreas Steffen
--enable-monolithic
386 1 Andreas Steffen
387 19 Tobias Brunner
p((. build monolithic versions of libstrongswan, libhydra, and libcharon that include all enabled plugins [ _no_ ].
388 1 Andreas Steffen
389 1 Andreas Steffen
--enable-mysql
390 1 Andreas Steffen
391 1 Andreas Steffen
p((. enable MySQL database support [ _no_ ]. Requires libmysqlclient_r.
392 19 Tobias Brunner
393 1 Andreas Steffen
--enable-nm
394 1 Andreas Steffen
395 20 Tobias Brunner
p((. enable the [[NetworkManager]] backend [ _no_ ].
396 1 Andreas Steffen
397 31 Andreas Steffen
--enable-ntru
398 31 Andreas Steffen
399 31 Andreas Steffen
p((. enable the NTRUEncrypt key exchange plugin [ _no_ ]. Since [[5.1.2]]
400 31 Andreas Steffen
401 1 Andreas Steffen
--enable-openssl
402 1 Andreas Steffen
403 1 Andreas Steffen
p((. enable the OpenSSL crypto plugin [ _no_ ]. Requires libcrypto.so.0.9.8.
404 1 Andreas Steffen
405 28 Tobias Brunner
--enable-osx-attr
406 28 Tobias Brunner
407 28 Tobias Brunner
p((. enable Mac OS X SystemConfiguration attribute handler [ _no_ ]. Since [[5.1.0]].
408 28 Tobias Brunner
409 1 Andreas Steffen
--enable-padlock
410 1 Andreas Steffen
411 1 Andreas Steffen
p((. enable the padlock crypto plugin [ _no_ ]. Requires a VIA Padlock crypto engine.
412 19 Tobias Brunner
413 1 Andreas Steffen
--enable-pkcs11
414 1 Andreas Steffen
415 1 Andreas Steffen
p((. enable the [[SmartcardsIKEv2|PKCS#11 crypto token]] support plugin [ _no_ ].
416 39 Tobias Brunner
417 39 Tobias Brunner
--enable-python-eggs
418 1 Andreas Steffen
419 40 Tobias Brunner
p((. enable build of provided python eggs (such as that for the [[vici]] protocol) [ _no_ ]. Since version:5.3.0.
420 1 Andreas Steffen
421 40 Tobias Brunner
--enable-python-eggs-install
422 40 Tobias Brunner
423 40 Tobias Brunner
p((. enable local installation of provided python eggs [ _no_ ]. Since version:5.3.1.
424 40 Tobias Brunner
425 23 Tobias Brunner
--enable-rdrand
426 23 Tobias Brunner
427 23 Tobias Brunner
p((. enable the Intel RDRAND random generator plugin [ _no_ ].
428 37 Tobias Brunner
429 1 Andreas Steffen
--enable-ruby-gems
430 1 Andreas Steffen
431 40 Tobias Brunner
p((. enable build of provided ruby gems (such as that for the [[vici]] protocol) [ _no_ ]. Since version:5.2.1.
432 40 Tobias Brunner
433 40 Tobias Brunner
--enable-ruby-gems-install
434 40 Tobias Brunner
435 40 Tobias Brunner
p((. enable local installation of provided ruby gems [ _no_ ]. Since version:5.3.1.
436 37 Tobias Brunner
437 1 Andreas Steffen
--enable-smp
438 1 Andreas Steffen
439 1 Andreas Steffen
p((. enable XML configuration and control interface [ _no_ ]. Requires libxml. See [[SMP]].
440 1 Andreas Steffen
441 1 Andreas Steffen
--enable-socket-dynamic
442 1 Andreas Steffen
443 1 Andreas Steffen
p((. enable dynamic socket implementation for charon [ _no_ ].
444 1 Andreas Steffen
445 35 Tobias Brunner
--enable-socket-win
446 35 Tobias Brunner
447 35 Tobias Brunner
p((. enable [[Socket-win|Winsock2 based socket implementation]] for charon [ _no_ ]. Since [[5.2.0]].
448 35 Tobias Brunner
449 1 Andreas Steffen
--enable-soup
450 1 Andreas Steffen
451 1 Andreas Steffen
p((. enable soup fetcher plugin to fetch from HTTP URIs. [ _no_ ]. Requires libsoup.
452 1 Andreas Steffen
453 1 Andreas Steffen
--enable-sql
454 1 Andreas Steffen
455 1 Andreas Steffen
p((. enable SQL database configuration backend [ _no_ ]. See [[SQL]].
456 16 Tobias Brunner
457 16 Tobias Brunner
--enable-sqlite
458 16 Tobias Brunner
459 1 Andreas Steffen
p((. enable SQLite database support [ _no_ ]. Requires libsqlite3.
460 1 Andreas Steffen
461 35 Tobias Brunner
--enable-svc
462 35 Tobias Brunner
463 35 Tobias Brunner
p((. enable [[Charon-svc|charon Windows service]] [ _no_ ]. Since [[5.2.0]].
464 35 Tobias Brunner
465 35 Tobias Brunner
--enable-swanctl
466 35 Tobias Brunner
467 35 Tobias Brunner
p((. enable [[swanctl]] configuration and control tool [ _no_ ]. Since [[5.2.0]].
468 35 Tobias Brunner
469 37 Tobias Brunner
--enable-systemd
470 37 Tobias Brunner
471 37 Tobias Brunner
p((. enable systemd specific IKE daemon charon-systemd [ _no_ ]. Since version:5.2.1.
472 37 Tobias Brunner
473 24 Tobias Brunner
--enable-systime-fix
474 24 Tobias Brunner
475 24 Tobias Brunner
p((. enable plugin to handle cert lifetimes with invalid system time gracefully [ _no_ ]. See [[SystimeFixPlugin]]. Since [[5.0.3]].
476 24 Tobias Brunner
477 16 Tobias Brunner
--enable-test-vectors
478 16 Tobias Brunner
479 1 Andreas Steffen
p((. enable [[CryptoTest|crypto test]] vectors plugin [ _no_ ].
480 16 Tobias Brunner
481 24 Tobias Brunner
--enable-tkm
482 24 Tobias Brunner
483 24 Tobias Brunner
p((. enable _charon-tkm_ an IKEv2 daemon that is backed by a Trusted Key Manager (TKM) [ _no_ ]. More information can be found on http://www.codelabs.ch/tkm/. Since [[5.0.3]].
484 24 Tobias Brunner
485 1 Andreas Steffen
--enable-tnccs-11
486 1 Andreas Steffen
487 1 Andreas Steffen
p((. enable TNCCS 1.1 protocol module [ _no_ ]. Requires libxml2.
488 1 Andreas Steffen
489 1 Andreas Steffen
--enable-tnccs-20
490 1 Andreas Steffen
491 8 Andreas Steffen
p((. enable TNCCS 2.0 protocol module [ _no_ ].
492 6 Andreas Steffen
493 1 Andreas Steffen
--enable-tnccs-dynamic
494 1 Andreas Steffen
495 1 Andreas Steffen
p((. enable dynamic TNCCS protocol discovery module [ _no_ ].
496 1 Andreas Steffen
497 19 Tobias Brunner
--enable-tnc-ifmap
498 19 Tobias Brunner
499 19 Tobias Brunner
p((. enable TNC IF-MAP module [ _no_ ].
500 19 Tobias Brunner
501 4 Andreas Steffen
--enable-tnc-imc
502 4 Andreas Steffen
503 4 Andreas Steffen
p((. enable TNC IMC integrity measurement collector module [ _no_ ].
504 4 Andreas Steffen
505 4 Andreas Steffen
-enable-tnc-imv
506 1 Andreas Steffen
507 1 Andreas Steffen
p((. enable TNC IMV integrity measurement verifier module [ _no_ ].
508 1 Andreas Steffen
509 24 Tobias Brunner
--enable-uci
510 24 Tobias Brunner
511 24 Tobias Brunner
p((. enable the OpenWRT UCI configuration plugin [ _no_ ].
512 24 Tobias Brunner
513 1 Andreas Steffen
--enable-unbound
514 1 Andreas Steffen
515 1 Andreas Steffen
p((. DNSSEC-enabled resolver plugin based on libunbound [ _no_ ].
516 1 Andreas Steffen
517 28 Tobias Brunner
--enable-unity
518 28 Tobias Brunner
519 28 Tobias Brunner
p((. enable Cisco Unity extension plugin [ _no_ ].
520 28 Tobias Brunner
521 1 Andreas Steffen
--enable-unwind-backtraces
522 1 Andreas Steffen
523 1 Andreas Steffen
p((. use libunwind to create backtraces for memory leaks and segfaults [ _no_ ]. Since [[5.1.0]].
524 1 Andreas Steffen
525 35 Tobias Brunner
--enable-vici
526 35 Tobias Brunner
527 35 Tobias Brunner
p((. enable the [[Vici|Versatile IKE Configuration Interface]] plugin. [ _no_ ]. Since [[5.2.0]].
528 35 Tobias Brunner
529 18 Tobias Brunner
--enable-whitelist
530 1 Andreas Steffen
531 1 Andreas Steffen
p((. enable peer identity whitelisting plugin [ _no_ ]. 
532 1 Andreas Steffen
533 35 Tobias Brunner
--enable-winhttp
534 35 Tobias Brunner
535 35 Tobias Brunner
p((. enable [[Winhttp|WinHTTP based HTTP/HTTPS fetching plugin]]. [ _no_ ]. Since [[5.2.0]].
536 35 Tobias Brunner
537 1 Andreas Steffen
--enable-xauth-eap
538 1 Andreas Steffen
539 19 Tobias Brunner
p((. enable XAuth backend using EAP methods to verify password [ _no_ ].
540 24 Tobias Brunner
541 24 Tobias Brunner
--enable-xauth-noauth
542 24 Tobias Brunner
543 24 Tobias Brunner
p((. enable XAuth pseudo-backend that does not actually verify or even request any credentials [ _no_ ]. Since [[5.0.3]].
544 1 Andreas Steffen
545 22 Tobias Brunner
--enable-xauth-pam
546 22 Tobias Brunner
547 22 Tobias Brunner
p((. enable [[XAuthPam|XAuth backend using PAM]] to verify passwords [ _no_ ].
548 22 Tobias Brunner
549 1 Andreas Steffen
h2. --disable options
550 19 Tobias Brunner
551 19 Tobias Brunner
*The [[pluginlist|plugin list]] provides more information on specific plugins.*
552 19 Tobias Brunner
553 19 Tobias Brunner
--disable-aes
554 1 Andreas Steffen
555 1 Andreas Steffen
p((. disable default AES software implementation plugin [ _no_ ].
556 1 Andreas Steffen
557 1 Andreas Steffen
--disable-attr
558 1 Andreas Steffen
559 1 Andreas Steffen
p((. disable strongswan.conf based configuration of DNS and WINS server attributes [ _no_ ].
560 1 Andreas Steffen
 This is a plugin for VPN gateways only, serving internal DNS and WINS nameserver information.
561 1 Andreas Steffen
562 1 Andreas Steffen
--disable-charon
563 1 Andreas Steffen
564 20 Tobias Brunner
p((. disable the build of the IKEv1/IKEv2 keying daemon charon [ _no_ ].
565 7 Andreas Steffen
566 21 Tobias Brunner
--disable-cmac
567 21 Tobias Brunner
568 21 Tobias Brunner
p((. disable CMAC crypto implementation plugin [ _no_ ].
569 21 Tobias Brunner
570 7 Andreas Steffen
--disable-constraints
571 7 Andreas Steffen
572 7 Andreas Steffen
p((. disable advanced X.509 constraint checking plugin [ _no_ ].
573 1 Andreas Steffen
574 26 Tobias Brunner
--disable-defaults
575 26 Tobias Brunner
576 26 Tobias Brunner
p((. disable all features that are enabled by default [ _no_ ]. Basically it's short for adding all options listed in this section. Since [[5.0.3]].
577 26 Tobias Brunner
578 1 Andreas Steffen
--disable-des
579 1 Andreas Steffen
580 1 Andreas Steffen
p((. disable default DES/3DES software implementation plugin [ _no_ ].
581 1 Andreas Steffen
582 1 Andreas Steffen
--disable-dnskey
583 1 Andreas Steffen
584 1 Andreas Steffen
p((. disable DNS RR key decoding plugin [ _no_ ].
585 1 Andreas Steffen
586 1 Andreas Steffen
--disable-fips-prf
587 1 Andreas Steffen
588 1 Andreas Steffen
p((. disable default FIPS PRF software implementation plugin [ _no_ ].
589 1 Andreas Steffen
590 1 Andreas Steffen
--disable-gmp
591 1 Andreas Steffen
592 1 Andreas Steffen
p((. disable default GNU Multi Precision (libgmp) based public key cryptography implementation plugin [ _no_ ].
593 1 Andreas Steffen
594 1 Andreas Steffen
--disable-hmac
595 1 Andreas Steffen
596 1 Andreas Steffen
p((. disable default HMAC crypto implementation plugin [ _no_ ].
597 1 Andreas Steffen
598 20 Tobias Brunner
--disable-ikev1
599 20 Tobias Brunner
600 20 Tobias Brunner
p((. disable IKEv1 protocol support in charon [ _no_ ].
601 20 Tobias Brunner
602 20 Tobias Brunner
--disable-ikev2
603 20 Tobias Brunner
604 20 Tobias Brunner
p((. disable IKEv2 protocol support in charon [ _no_ ].
605 20 Tobias Brunner
606 1 Andreas Steffen
--disable-kernel-netlink
607 1 Andreas Steffen
608 1 Andreas Steffen
p((. disable default Netlink kernel interface [ _no_ ].
609 1 Andreas Steffen
610 1 Andreas Steffen
--disable-load-warning
611 1 Andreas Steffen
612 20 Tobias Brunner
p((. disable the charon plugin load option warning in starter [ _no_ ]
613 16 Tobias Brunner
614 16 Tobias Brunner
--disable-md5
615 16 Tobias Brunner
616 16 Tobias Brunner
p((. disable default MD5 software implementation plugin [ _no_ ].
617 1 Andreas Steffen
618 20 Tobias Brunner
--disable-nonce
619 20 Tobias Brunner
620 20 Tobias Brunner
p((. disable nonce generation plugin [ _no_ ].
621 20 Tobias Brunner
622 1 Andreas Steffen
--disable-pem
623 1 Andreas Steffen
624 1 Andreas Steffen
p((. disable PEM decoding plugin [ _no_ ].
625 1 Andreas Steffen
626 1 Andreas Steffen
--disable-pgp
627 19 Tobias Brunner
628 1 Andreas Steffen
p((. disable PGP key decoding plugin [ _no_ ].
629 19 Tobias Brunner
630 19 Tobias Brunner
--disable-pkcs1
631 19 Tobias Brunner
632 19 Tobias Brunner
p((. disable PKCS#1 key decoding plugin [ _no_ ].
633 1 Andreas Steffen
634 23 Tobias Brunner
--disable-pkcs7
635 23 Tobias Brunner
636 23 Tobias Brunner
p((. disable PKCS#7 container support plugin [ _no_ ].
637 23 Tobias Brunner
638 1 Andreas Steffen
--disable-pkcs8
639 1 Andreas Steffen
640 1 Andreas Steffen
p((. disable PKCS#8 private key decoding plugin [ _no_ ].
641 1 Andreas Steffen
642 28 Tobias Brunner
--disable-pkcs12
643 28 Tobias Brunner
644 1 Andreas Steffen
p((. disable PKCS#12 container support plugin [ _no_ ]. Since [[5.1.0]].
645 1 Andreas Steffen
646 35 Tobias Brunner
--disable-pki
647 35 Tobias Brunner
648 35 Tobias Brunner
p((. disable [[ipsecpki|pki]] certificate utility [ _no_ ]. Separate option since [[5.2.0]], was included in _--disable-tools_ before.
649 35 Tobias Brunner
650 1 Andreas Steffen
--disable-pubkey
651 1 Andreas Steffen
652 1 Andreas Steffen
p((. disable default RAW public key support plugin [ _no_ ].
653 1 Andreas Steffen
654 1 Andreas Steffen
--disable-random
655 1 Andreas Steffen
656 1 Andreas Steffen
p((. disable default RNG implementation using the raw /dev/(u)random devices [ _no_ ].
657 1 Andreas Steffen
658 28 Tobias Brunner
--disable-rc2
659 28 Tobias Brunner
660 28 Tobias Brunner
p((. disable RC2 software implementation plugin [ _no_ ]. Since [[5.1.0]].
661 1 Andreas Steffen
662 1 Andreas Steffen
--disable-resolve
663 1 Andreas Steffen
664 1 Andreas Steffen
p((. disable writing DNS information received via configuration payload to /etc/resolv.conf [ _no_ ].
665 7 Andreas Steffen
 This is a plugin for VPN clients only.
666 1 Andreas Steffen
667 1 Andreas Steffen
--disable-revocation
668 1 Andreas Steffen
669 1 Andreas Steffen
p((. disable X.509 CRL/OCSP revocation check plugin [ _no_ ].
670 1 Andreas Steffen
671 36 Tobias Brunner
--disable-scepclient
672 36 Tobias Brunner
673 36 Tobias Brunner
p((. disable [[ScepClient|SCEP client]] tool [ _no_ ]. Separate option since [[5.2.0]], was included in _--disable-tools_ before.
674 36 Tobias Brunner
675 1 Andreas Steffen
--disable-scripts
676 1 Andreas Steffen
677 1 Andreas Steffen
p((. disable the build of additional utilities (found in directory scripts) [ _no_ ].
678 1 Andreas Steffen
679 1 Andreas Steffen
--disable-sha1
680 1 Andreas Steffen
681 16 Tobias Brunner
p((. disable default SHA-1 software implementation plugin [ _no_ ].
682 19 Tobias Brunner
683 16 Tobias Brunner
--disable-sha2
684 1 Andreas Steffen
685 1 Andreas Steffen
p((. disable default SHA-256/SHA-384/SHA-512 software implementation plugin [ _no_ ].
686 1 Andreas Steffen
687 1 Andreas Steffen
--disable-socket-default
688 1 Andreas Steffen
689 28 Tobias Brunner
p((. disable default socket implementation for charon [ _no_ ].
690 28 Tobias Brunner
691 28 Tobias Brunner
--disable-sshkey
692 28 Tobias Brunner
693 1 Andreas Steffen
p((. disable SSH key decoding plugin [ _no_ ]. Since [[5.1.0]].
694 1 Andreas Steffen
695 1 Andreas Steffen
--disable-stroke
696 1 Andreas Steffen
697 35 Tobias Brunner
p((. disable charon's stroke configuration backend [ _no_ ].
698 1 Andreas Steffen
699 1 Andreas Steffen
--disable-updown
700 1 Andreas Steffen
701 1 Andreas Steffen
p((. disable updown firewall script plugin [ _no_ ].  
702 1 Andreas Steffen
703 1 Andreas Steffen
--disable-x509
704 1 Andreas Steffen
705 19 Tobias Brunner
p((. disable default X.509 certificate implementation plugin [ _no_ ].
706 16 Tobias Brunner
707 20 Tobias Brunner
--disable-xauth-generic
708 16 Tobias Brunner
709 20 Tobias Brunner
p((. disable generic XAauth backend [ _no_ ].
710 1 Andreas Steffen
711 16 Tobias Brunner
--disable-xcbc
712 16 Tobias Brunner
713 16 Tobias Brunner
p((. disable default XCBC crypto implementation plugin [ _no_ ].
714 1 Andreas Steffen
715 1 Andreas Steffen
h2. --with options
716 1 Andreas Steffen
717 1 Andreas Steffen
--with-capabilities=LIBCAP
718 1 Andreas Steffen
719 1 Andreas Steffen
p((. set capability dropping library. Currently supported values are _libcap_ and _native_ [ _no_ ].
720 22 Tobias Brunner
721 22 Tobias Brunner
--with-charon-udp-port=PORT
722 22 Tobias Brunner
723 22 Tobias Brunner
p((. UDP port used by charon locally. Set to 0 to allocate randomly. [ _500_ ]
724 22 Tobias Brunner
725 22 Tobias Brunner
--with-charon-natt-port=PORT
726 22 Tobias Brunner
727 22 Tobias Brunner
p((. UDP port used by charon locally in case a NAT is detected (must be different from charon-udp-port). Set to 0 to allocate randomly. [ _4500_ ]
728 22 Tobias Brunner
729 22 Tobias Brunner
--with-dev-headers=DIR
730 22 Tobias Brunner
731 22 Tobias Brunner
p((. install strongSwan development headers to DIR [ _no_ ].
732 19 Tobias Brunner
733 27 Tobias Brunner
--with-fips-mode=MODE
734 27 Tobias Brunner
735 27 Tobias Brunner
p((. set OpenSSL FIPS mode: disabled (0), enabled (1), Suite B enabled (2) [ _0_ ].
736 27 Tobias Brunner
737 1 Andreas Steffen
--with-group=GROUP
738 16 Tobias Brunner
739 19 Tobias Brunner
p((. [[ReducedPrivileges|change group]] of the daemons to GROUP after startup [ _root_ ].
740 1 Andreas Steffen
741 1 Andreas Steffen
--with-imcvdir=IMCVDIR
742 1 Andreas Steffen
743 1 Andreas Steffen
p((. set the installation path of IMC and IMV dynamic libraries [ _IPSECLIBDIR/imcvs_ ].
744 1 Andreas Steffen
745 1 Andreas Steffen
--with-ipsecdir=IPSECDIR
746 16 Tobias Brunner
747 1 Andreas Steffen
p((. installation path for ipsec tools [ _LIBEXECDIR/ipsec_ ].
748 1 Andreas Steffen
749 1 Andreas Steffen
--with-ipseclibdir=IPSECLIBDIR
750 1 Andreas Steffen
751 1 Andreas Steffen
p((. installation path for ipsec libraries (libstrongswan, libhydra, libcharon etc.) [ _LIBDIR/ipsec_ ].
752 1 Andreas Steffen
753 20 Tobias Brunner
--with-ipsec-script=SCRIPTNAME
754 20 Tobias Brunner
755 20 Tobias Brunner
p((. change the name of the ipsec script [ _ipsec_].
756 20 Tobias Brunner
757 1 Andreas Steffen
--with-linux-headers=DIR
758 16 Tobias Brunner
759 1 Andreas Steffen
p((. linux header files to be used [ _../include_ ].
760 1 Andreas Steffen
761 19 Tobias Brunner
--with-mpz_powm_sec=YES|NO
762 19 Tobias Brunner
763 19 Tobias Brunner
p((. use the more side-channel resistant mpz_powm_sec in libgmp, if available [ _yes_ ].
764 19 Tobias Brunner
765 16 Tobias Brunner
--with-nm-ca-dir=NMCADIR
766 16 Tobias Brunner
767 20 Tobias Brunner
p((. directory the NM backend uses to look up trusted root certificates [ _/usr/share/ca-certificates_ ].
768 16 Tobias Brunner
769 1 Andreas Steffen
--with-piddir=DIR
770 1 Andreas Steffen
771 1 Andreas Steffen
p((. path for PID and UNIX socket files [ _/var/run_ ].
772 1 Andreas Steffen
773 1 Andreas Steffen
--with-plugindir=PLUGINDIR
774 1 Andreas Steffen
775 1 Andreas Steffen
p((. installation path for plugins [ _IPSECLIBDIR/plugins_ ].
776 1 Andreas Steffen
777 1 Andreas Steffen
--with-printf-hooks=IMPL
778 1 Andreas Steffen
779 1 Andreas Steffen
p((. force the use of a specific printf()-hook implementation (auto, builtin, glibc, vstr) [ _auto_ ], since [[5.1.3]].
780 39 Tobias Brunner
781 39 Tobias Brunner
--with-pythoneggdir=arg
782 39 Tobias Brunner
783 39 Tobias Brunner
p((. path to install python eggs to [ _site-packages directory_ ]. Since version:5.3.0.
784 16 Tobias Brunner
785 1 Andreas Steffen
--with-random-device=DEV
786 1 Andreas Steffen
787 16 Tobias Brunner
p((. set the device for true random data [ _/dev/random_ ].
788 1 Andreas Steffen
789 1 Andreas Steffen
--with-resolv-conf=FILE
790 1 Andreas Steffen
791 19 Tobias Brunner
p((. set the file to store DNS server information [ _SYSCONFDIR/resolv.conf_ ].
792 1 Andreas Steffen
793 1 Andreas Steffen
--with-routing-table=NUM
794 1 Andreas Steffen
795 1 Andreas Steffen
p((. routing table for IPsec source routes (set to 0 to use default routing table) [ _220_ ].
796 1 Andreas Steffen
797 19 Tobias Brunner
--with-routing-table-prio=PRIO
798 19 Tobias Brunner
799 19 Tobias Brunner
p((. priority for IPsec routing table [ _220_ ].
800 37 Tobias Brunner
801 37 Tobias Brunner
--with-rubygemdir=arg
802 37 Tobias Brunner
803 37 Tobias Brunner
p((. path to install ruby gems to [ _gem environment gemdir_ ]. Since version:5.2.1.
804 19 Tobias Brunner
805 19 Tobias Brunner
--with-strongswan-conf=FILE
806 19 Tobias Brunner
807 19 Tobias Brunner
p((. set the strongswan.conf file location [ _SYSCONFDIR/strongswan.conf_ ].
808 19 Tobias Brunner
809 1 Andreas Steffen
--with-systemdsystemunitdir=arg
810 1 Andreas Steffen
811 1 Andreas Steffen
p((. directory for systemd service files [ _$systemdsystemunitdir_default_ ].
812 35 Tobias Brunner
813 35 Tobias Brunner
--with-swanctldir=arg
814 35 Tobias Brunner
815 35 Tobias Brunner
p((. base directory for [[swanctl]] configuration files and credentials [ _SYSCONFDIR/swanctl_ ]. Since [[5.2.0]].
816 23 Tobias Brunner
817 23 Tobias Brunner
--with-tss=TSS
818 23 Tobias Brunner
819 23 Tobias Brunner
p((. set implementation of the Trusted Computing Group's Software Stack (TSS). Currently the only supported value is "trousers".
820 1 Andreas Steffen
821 1 Andreas Steffen
--with-urandom-device=DEV
822 1 Andreas Steffen
823 1 Andreas Steffen
p((. set the device for pseudo random data [ _/dev/urandom_ ].
824 1 Andreas Steffen
825 1 Andreas Steffen
--with-user=USER
826 1 Andreas Steffen
827 19 Tobias Brunner
p((. [[nonRoot|change user]] of the daemons to USER after startup [ _root_ ].