]>
Commit | Line | Data |
---|---|---|
f163b202 SB |
1 | # |
2 | # configure.ac | |
3 | # | |
4 | # The Initial Developer of the Original Code is International | |
5 | # Business Machines Corporation. Portions created by IBM | |
6 | # Corporation are Copyright (C) 2014 International Business | |
7 | # Machines Corporation. All Rights Reserved. | |
8 | # | |
9 | # This program is free software; you can redistribute it and/or modify | |
10 | # it under the terms of the Common Public License as published by | |
11 | # IBM Corporation; either version 1 of the License, or (at your option) | |
12 | # any later version. | |
13 | # | |
14 | # This program is distributed in the hope that it will be useful, | |
15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | # Common Public License for more details. | |
18 | # | |
19 | # You should have received a copy of the Common Public License | |
20 | # along with this program; if not, a copy can be viewed at | |
21 | # http://www.opensource.org/licenses/cpl1.0.php. | |
22 | # | |
23 | # This file is derived from tpm-tool's configure.in. | |
24 | # | |
25 | ||
26 | AC_INIT(swtpm, 0.1.0) | |
27 | AC_PREREQ(2.12) | |
28 | AC_CONFIG_SRCDIR(Makefile.am) | |
29 | AC_CONFIG_HEADER(config.h) | |
30 | ||
31 | SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1` | |
32 | SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2` | |
33 | SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3` | |
34 | ||
35 | AC_SUBST([SWTPM_VER_MAJOR]) | |
36 | AC_SUBST([SWTPM_VER_MINOR]) | |
37 | AC_SUBST([SWTPM_VER_MICRO]) | |
38 | ||
39 | dnl Check for programs | |
40 | AC_PROG_CC | |
41 | AC_PROG_INSTALL | |
42 | AC_PROG_LN_S | |
43 | AC_PROG_LIBTOOL | |
44 | ||
f163b202 SB |
45 | AC_CONFIG_MACRO_DIR([m4]) |
46 | AC_CANONICAL_TARGET | |
c3fdf688 | 47 | AC_CANONICAL_HOST |
f163b202 SB |
48 | AM_INIT_AUTOMAKE([foreign 1.6]) |
49 | ||
50 | DEBUG="" | |
51 | AC_MSG_CHECKING([for debug-enabled build]) | |
52 | AC_ARG_ENABLE(debug, AC_HELP_STRING([--enable-debug], [create a debug build]), | |
53 | [if test "$enableval" = "yes"; then | |
54 | DEBUG="yes" | |
55 | AC_MSG_RESULT([yes]) | |
56 | else | |
57 | DEBUG="no" | |
58 | AC_MSG_RESULT([no]) | |
59 | fi], | |
60 | [DEBUG="no", | |
61 | AC_MSG_RESULT([no])]) | |
62 | ||
63 | # If the user has not set CFLAGS, do something appropriate | |
64 | test_CFLAGS=${CFLAGS+set} | |
65 | if test "$test_CFLAGS" != set; then | |
66 | if test "$DEBUG" == "yes"; then | |
67 | CFLAGS="-O0 -g -DDEBUG" | |
68 | else | |
69 | CFLAGS="-g -O2" | |
70 | fi | |
71 | elif test "$DEBUG" == "yes"; then | |
72 | CFLAGS="$CFLAGS -O0 -g -DDEBUG" | |
73 | fi | |
74 | ||
e46a2b66 SB |
75 | AC_HEADER_STDC |
76 | AC_C_CONST | |
77 | AC_C_INLINE | |
78 | ||
79 | AC_TYPE_SIZE_T | |
80 | AC_TYPE_SIGNAL | |
81 | ||
baecda40 SB |
82 | AC_PROG_CC |
83 | AC_PROG_INSTALL | |
3cb54a5d | 84 | AC_PROG_MKDIR_P |
e46a2b66 | 85 | |
ec37bb56 SB |
86 | AC_ARG_WITH([selinux], |
87 | AS_HELP_STRING([--with-selinux], | |
88 | [add SELinux policy extensions @<:@default=check@:>@])) | |
89 | m4_divert_text([DEFAULTS], [with_selinux=check]) | |
90 | ||
91 | dnl Check for SELinux policy support | |
92 | ||
93 | if test "$with_selinux" != "no"; then | |
94 | if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then | |
95 | if ! test -f /usr/share/selinux/devel/Makefile; then | |
96 | if test "$with_selinux" = "yes"; then | |
97 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
98 | else | |
99 | with_selinux="no" | |
100 | fi | |
101 | fi | |
102 | AC_PATH_PROG([SEMODULE], semodule) | |
103 | if test "x$SEMODULE" == "x"; then | |
104 | if test "$with_selinux" = "yes"; then | |
105 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
106 | else | |
107 | with_selinux="no" | |
108 | fi | |
109 | fi | |
110 | if test "$with_selinux" = "check"; then | |
111 | with_selinux="yes" | |
112 | fi | |
113 | fi | |
114 | fi | |
115 | AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" == "xyes"]) | |
116 | ||
f163b202 SB |
117 | GLIB_CFLAGS=$(pkg-config --cflags glib-2.0) |
118 | if test $? -ne 0; then | |
119 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get cflags") | |
120 | fi | |
baecda40 | 121 | AC_SUBST([GLIB_CFLAGS]) |
f163b202 | 122 | |
baecda40 | 123 | GLIB_LIBS=$(pkg-config --libs glib-2.0) |
f163b202 SB |
124 | if test $? -ne 0; then |
125 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs") | |
126 | fi | |
baecda40 | 127 | AC_SUBST([GLIB_LIBS]) |
f163b202 | 128 | |
baecda40 | 129 | GTHREAD_LIBS=$(pkg-config --libs gthread-2.0) |
f163b202 SB |
130 | if test $? -ne 0; then |
131 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0") | |
132 | fi | |
baecda40 | 133 | AC_SUBST([GTHREAD_LIBS]) |
f163b202 | 134 | |
7849b6c6 | 135 | cryptolib=openssl |
3bbdd7bc SB |
136 | |
137 | AC_ARG_WITH([openssl], | |
7849b6c6 SB |
138 | [AS_HELP_STRING([--with-openssl], |
139 | [build with openssl library])], | |
140 | [], | |
141 | []) | |
3bbdd7bc SB |
142 | |
143 | case "$cryptolib" in | |
3bbdd7bc | 144 | openssl) |
7849b6c6 SB |
145 | AC_CHECK_LIB(crypto, |
146 | [AES_set_encrypt_key], | |
147 | [], | |
148 | AC_MSG_ERROR(Faulty openssl crypto library)) | |
149 | AC_CHECK_HEADERS([openssl/aes.h],[], | |
150 | AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?)) | |
151 | AC_MSG_RESULT([Building with openssl crypto library]) | |
152 | ;; | |
3bbdd7bc | 153 | esac |
833a5416 | 154 | |
baecda40 SB |
155 | LIBTASN1_LIBS=$(pkg-config --libs libtasn1) |
156 | if test $? -ne 0; then | |
157 | AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1") | |
158 | fi | |
159 | AC_SUBST([LIBTASN1_LIBS]) | |
f163b202 | 160 | |
baecda40 SB |
161 | LIBTPMS_LIBS=$(pkg-config --libs libtpms) |
162 | if test $? -ne 0; then | |
163 | AC_MSG_ERROR("Is libtpms-devel installed? -- could not get libs for libtpms") | |
164 | fi | |
fbc596ab SB |
165 | AC_CHECK_LIB(tpms, |
166 | TPMLIB_ChooseTPMVersion,, | |
167 | AC_MSG_ERROR("libtpms 0.6 or later is required") | |
168 | ) | |
baecda40 | 169 | AC_SUBST([LIBTPMS_LIBS]) |
f163b202 | 170 | |
e46a2b66 | 171 | AC_PATH_PROG([TPM_NVDEFINE], tpm_nvdefine) |
c3fdf688 SB |
172 | case $host_os in |
173 | linux-*) | |
174 | if test "x$TPM_NVDEFINE" == "x"; then | |
175 | AC_MSG_ERROR([NVRAM area tools are needed: tpm-tools package]) | |
176 | fi | |
177 | with_tcsd=yes | |
178 | ;; | |
179 | *) | |
180 | with_tcsd=no | |
181 | esac | |
182 | with_swtpm_setup=$with_tcsd | |
183 | AM_CONDITIONAL([WITH_SWTPM_SETUP], test "$with_swtpm_setup" != "no") | |
e46a2b66 | 184 | |
09d1a532 SB |
185 | AC_MSG_CHECKING([for whether to build with CUSE interface]) |
186 | AC_ARG_WITH([cuse], | |
187 | AC_HELP_STRING([--with-cuse], | |
188 | [build with CUSE interface]), | |
189 | [], | |
190 | [with_cuse=check] | |
191 | ) | |
f163b202 | 192 | |
09d1a532 SB |
193 | if test "$with_cuse" != "no"; then |
194 | LIBFUSE_CFLAGS=$(pkg-config fuse --cflags 2>/dev/null) | |
195 | if test $? -ne 0; then | |
196 | if test "$with_cuse" = "yes"; then | |
197 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse") | |
198 | else | |
199 | with_cuse=no | |
200 | fi | |
201 | else | |
202 | with_cuse=yes | |
203 | fi | |
498433f7 | 204 | fi |
09d1a532 SB |
205 | |
206 | dnl with_cuse is now yes or no | |
207 | if test "$with_cuse" != "no"; then | |
208 | LIBFUSE_LIBS=$(pkg-config fuse --libs) | |
209 | if test $? -ne 0; then | |
210 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse") | |
211 | fi | |
212 | AC_SUBST([LIBFUSE_CFLAGS]) | |
213 | AC_SUBST([LIBFUSE_LIBS]) | |
214 | AC_DEFINE_UNQUOTED([WITH_CUSE], 1, | |
215 | [whether to build with CUSE interface]) | |
baecda40 | 216 | fi |
09d1a532 SB |
217 | AM_CONDITIONAL([WITH_CUSE],[test "$with_cuse" = "yes"]) |
218 | AC_MSG_RESULT($with_cuse) | |
f163b202 | 219 | |
498433f7 SB |
220 | AC_MSG_CHECKING([for whether to build with chardev interface]) |
221 | case $host_os in | |
222 | linux-*) | |
223 | with_chardev=yes | |
224 | AC_DEFINE_UNQUOTED([WITH_CHARDEV], 1, | |
225 | [whether to build with chardev interface]) | |
226 | ;; | |
227 | *) | |
228 | with_chardev=no | |
229 | esac | |
230 | AM_CONDITIONAL([WITH_CHARDEV],[test "$with_chardev" = "yes"]) | |
231 | AC_MSG_RESULT($with_cuse) | |
232 | ||
10002933 SB |
233 | AC_ARG_WITH([gnutls], |
234 | AC_HELP_STRING([--with-gnutls], | |
235 | [build with gnutls library]), | |
236 | [], | |
237 | [with_gnutls=check] | |
238 | ) | |
239 | ||
e46a2b66 SB |
240 | if test "x$with_gnutls" != "xno"; then |
241 | GNUTLS_LDFLAGS=$(pkg-config --libs gnutls) | |
242 | if test $? -ne 0; then | |
1828edee | 243 | if test "x$with_gnutls" == "xyes"; then |
e46a2b66 SB |
244 | AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls") |
245 | else | |
246 | with_gnutls=no | |
247 | fi | |
248 | fi | |
249 | fi | |
f163b202 | 250 | |
1828edee SB |
251 | if test "x$with_gnutls" != "xno"; then |
252 | AC_PATH_PROG([GNUTLS_CERTTOOL], certtool) | |
253 | if test "x$GNUTLS_CERTTOOL" == "x"; then | |
254 | if test "x$with_gnutls" == "xyes"; then | |
255 | AC_MSG_ERROR("Could not find certtool. Is gnutls-utils/gnutls-bin installed?") | |
256 | else | |
257 | with_gnutls=no | |
258 | fi | |
259 | fi | |
260 | fi | |
261 | ||
e46a2b66 | 262 | if test "x$with_gnutls" != "xno"; then |
baecda40 | 263 | GNUTLS_CFLAGS=$(pkg-config gnutls --cflags) |
10002933 | 264 | AC_CHECK_LIB([gnutls], [gnutls_load_file], [ |
baecda40 SB |
265 | GNUTLS_LIBS=-lgnutls |
266 | ], | |
e46a2b66 SB |
267 | [if test "x$with_gnutls" == "xyes"; then |
268 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so]) | |
269 | else | |
270 | with_gnutls="no" | |
271 | fi]) | |
272 | fi | |
273 | ||
274 | if test "x$with_gnutls" != "xno"; then | |
275 | AC_CHECK_HEADER(gnutls/abstract.h, [], \ | |
276 | [if test "x$with_gnutls" == "xyes"; then | |
277 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h]) | |
278 | else | |
279 | with_gnutls="no" | |
280 | fi]) | |
281 | fi | |
282 | ||
283 | if test "x$with_gnutls" != "xno"; then | |
284 | with_gnutls="yes" | |
285 | fi | |
286 | AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" == "xyes"]) | |
baecda40 | 287 | AC_SUBST([GNUTLS_LIBS]) |
f163b202 | 288 | |
48abfbb1 SB |
289 | AC_PATH_PROG([EXPECT], expect) |
290 | if test "x$EXPECT" == "x"; then | |
291 | AC_MSG_ERROR([expect is required: expect package]) | |
292 | fi | |
293 | ||
b080afb5 SB |
294 | AC_PATH_PROG([GAWK], gawk) |
295 | if test "x$GAWK" == "x"; then | |
296 | AC_MSG_ERROR([gawk is required: gawk package]) | |
297 | fi | |
298 | ||
8cb126e4 SB |
299 | AC_PATH_PROG([SOCAT], socat) |
300 | if test "x$SOCAT" == "x"; then | |
301 | AC_MSG_ERROR([socat is required: socat package]) | |
302 | fi | |
303 | ||
08f1e70d SB |
304 | TMP="$($CC -fstack-protector-strong 2>&1)" |
305 | if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then | |
306 | HARDENING_CFLAGS="-fstack-protector -Wstack-protector " | |
f77427eb | 307 | else |
08f1e70d | 308 | HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector " |
f77427eb | 309 | fi |
a76b4eeb SB |
310 | |
311 | dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2 | |
312 | TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')" | |
313 | TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')" | |
314 | if test -z "$TMP1" && test -n "$TPM2"; then | |
315 | HARDENING_CFLAGS+="-D_FORTIFY_SOURCE=2 " | |
316 | fi | |
317 | dnl Check ld for 'relro' and 'now' | |
318 | if $LD --help 2>&1 | $GREP '\-z relro ' > /dev/null; then | |
319 | HARDENING_CFLAGS+="-Wl,-z,relro " | |
320 | fi | |
321 | if $LD --help 2>&1 | $GREP '\-z now ' > /dev/null; then | |
322 | HARDENING_CFLAGS+="-Wl,-z,now " | |
323 | fi | |
e6085e96 SB |
324 | AC_SUBST([HARDENING_CFLAGS]) |
325 | ||
c4ac0a11 SB |
326 | AC_ARG_WITH([tss-user], |
327 | AC_HELP_STRING([--with-tss-user=TSS_USER], | |
328 | [The tss user to use]), | |
329 | [TSS_USER="$withval"], | |
330 | [TSS_USER="tss"] | |
331 | ) | |
332 | ||
333 | AC_ARG_WITH([tss-group], | |
334 | AC_HELP_STRING([--with-tss-group=TSS_GROUP], | |
335 | [The tss group to use]), | |
336 | [TSS_GROUP="$withval"], | |
337 | [TSS_GROUP="tss"] | |
338 | ) | |
339 | AC_SUBST([TSS_USER]) | |
340 | AC_SUBST([TSS_GROUP]) | |
341 | ||
f163b202 SB |
342 | CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum" |
343 | CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror" | |
e6085e96 | 344 | CFLAGS="$CFLAGS -Wformat -Wformat-security" |
f163b202 | 345 | |
86cc4527 SB |
346 | dnl We have to make sure libtpms is using the same crypto library |
347 | dnl to avoid problems | |
348 | AC_MSG_CHECKING([the crypto library libtpms is using]) | |
349 | dirs=$($CC $CFLAGS -Xlinker --verbose 2>/dev/null | \ | |
350 | sed -n '/SEARCH_DIR/p' | \ | |
06b8d032 SB |
351 | sed 's/SEARCH_DIR("\(@<:@^"@:>@*\)"); */\1 /g' | \ |
352 | sed 's|=/|/|g') | |
4c0b273b | 353 | for dir in $dirs $LIBRARY_PATH; do |
86cc4527 SB |
354 | if test -r $dir/libtpms.so; then |
355 | if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then | |
356 | libtpms_cryptolib="openssl" | |
357 | break | |
358 | fi | |
359 | if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then | |
360 | libtpms_cryptolib="freebl" | |
361 | break | |
362 | fi | |
363 | fi | |
6286beac | 364 | case $host_os in |
06b8d032 | 365 | cygwin|openbsd*) |
6286beac SB |
366 | if test -r $dir/libtpms.a; then |
367 | if test -n "$(nm $dir/libtpms.a | grep "U AES_encrypt")"; then | |
368 | libtpms_cryptolib="openssl" | |
369 | fi | |
370 | fi | |
06b8d032 | 371 | ;; |
6286beac | 372 | esac |
86cc4527 SB |
373 | done |
374 | ||
375 | if test -z "$libtpms_cryptolib"; then | |
376 | AC_MSG_ERROR([Could not determine libtpms crypto library.]) | |
377 | fi | |
378 | ||
379 | AC_MSG_RESULT([$libtpms_cryptolib]) | |
380 | ||
381 | if test "$libtpms_cryptolib" != "$cryptolib"; then | |
382 | echo "libtpms is using $libtpms_cryptolib; we have to use the same" | |
383 | if test "$cryptolib" == "openssl"; then | |
384 | AC_MSG_ERROR([do not use --with-openssl]) | |
385 | else | |
386 | AC_MSG_ERROR([use --with-openssl]) | |
387 | fi | |
388 | fi | |
389 | ||
c751e32e SB |
390 | with_vtpm_proxy=no |
391 | case $host_os in | |
f071d820 | 392 | linux-*) |
c751e32e SB |
393 | with_vtpm_proxy=yes |
394 | AC_DEFINE_UNQUOTED([WITH_VTPM_PROXY], 1, | |
395 | [whether to build in vTPM proxy support (Linux only)]) | |
396 | esac | |
397 | ||
6286beac SB |
398 | case $host_os in |
399 | cygwin) | |
400 | CFLAGS="$CFLAGS -D__USE_LINUX_IOCTL_DEFS" | |
401 | esac | |
402 | ||
58774fd6 | 403 | AC_CONFIG_FILES([Makefile \ |
f163b202 | 404 | dist/swtpm.spec \ |
e46a2b66 SB |
405 | etc/Makefile \ |
406 | samples/Makefile \ | |
f163b202 SB |
407 | include/Makefile \ |
408 | include/swtpm/Makefile \ | |
a1fa5d77 | 409 | include/swtpm.h \ |
f163b202 SB |
410 | src/Makefile \ |
411 | src/selinux/Makefile \ | |
412 | src/swtpm/Makefile \ | |
e46a2b66 SB |
413 | src/swtpm_bios/Makefile \ |
414 | src/swtpm_cert/Makefile \ | |
415 | src/swtpm_ioctl/Makefile \ | |
416 | src/swtpm_setup/Makefile \ | |
c4ac0a11 | 417 | src/swtpm_setup/swtpm_setup.h \ |
f163b202 | 418 | man/Makefile \ |
39d0c3de | 419 | man/man3/Makefile \ |
f163b202 | 420 | man/man8/Makefile \ |
e46a2b66 | 421 | tests/Makefile \ |
c4ac0a11 | 422 | tests/test_config \ |
10002933 SB |
423 | ]) |
424 | AC_CONFIG_FILES([src/swtpm_setup/swtpm_setup.sh], | |
425 | [chmod 755 src/swtpm_setup/swtpm_setup.sh]) | |
f163b202 SB |
426 | AC_OUTPUT |
427 | ||
e46a2b66 | 428 | echo |
c3fdf688 SB |
429 | printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls |
430 | printf "with_selinux : %5s (no = SELinux policy extenions will NOT be built)\n" $with_selinux | |
431 | printf "with_cuse : %5s (no = no CUSE interface)\n" $with_cuse | |
498433f7 | 432 | printf "with_chardev : %5s (no = no chardev interface)\n" $with_chardev |
c3fdf688 | 433 | printf "with_swtpm_setup: %5s (no = swtpm_setup will NOT be built)\n" $with_swtpm_setup |
c751e32e | 434 | printf "with_vtpm_proxy : %5s (no = no vtpm proxy support; Linux only)\n" $with_vtpm_proxy |
e46a2b66 | 435 | echo |
10002933 SB |
436 | echo "cryptolib: $cryptolib" |
437 | echo | |
f163b202 | 438 | echo "CFLAGS=$CFLAGS" |
a76b4eeb | 439 | echo "HARDENING_CFLAGS=$HARDENING_CFLAGS" |
f163b202 | 440 | echo "LDFLAGS=$LDFLAGS" |
c4ac0a11 SB |
441 | echo |
442 | echo "TSS_USER=$TSS_USER" | |
443 | echo "TSS_GROUP=$TSS_GROUP" | |
444 | echo |