]>
Commit | Line | Data |
---|---|---|
f163b202 SB |
1 | # |
2 | # configure.ac | |
3 | # | |
4 | # The Initial Developer of the Original Code is International | |
5 | # Business Machines Corporation. Portions created by IBM | |
6 | # Corporation are Copyright (C) 2014 International Business | |
7 | # Machines Corporation. All Rights Reserved. | |
8 | # | |
9 | # This program is free software; you can redistribute it and/or modify | |
10 | # it under the terms of the Common Public License as published by | |
11 | # IBM Corporation; either version 1 of the License, or (at your option) | |
12 | # any later version. | |
13 | # | |
14 | # This program is distributed in the hope that it will be useful, | |
15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | # Common Public License for more details. | |
18 | # | |
19 | # You should have received a copy of the Common Public License | |
20 | # along with this program; if not, a copy can be viewed at | |
21 | # http://www.opensource.org/licenses/cpl1.0.php. | |
22 | # | |
23 | # This file is derived from tpm-tool's configure.in. | |
24 | # | |
25 | ||
26 | AC_INIT(swtpm, 0.1.0) | |
27 | AC_PREREQ(2.12) | |
28 | AC_CONFIG_SRCDIR(Makefile.am) | |
29 | AC_CONFIG_HEADER(config.h) | |
30 | ||
31 | SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1` | |
32 | SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2` | |
33 | SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3` | |
34 | ||
35 | AC_SUBST([SWTPM_VER_MAJOR]) | |
36 | AC_SUBST([SWTPM_VER_MINOR]) | |
37 | AC_SUBST([SWTPM_VER_MICRO]) | |
38 | ||
39 | dnl Check for programs | |
40 | AC_PROG_CC | |
41 | AC_PROG_INSTALL | |
42 | AC_PROG_LN_S | |
43 | AC_PROG_LIBTOOL | |
44 | ||
f163b202 SB |
45 | AC_CONFIG_MACRO_DIR([m4]) |
46 | AC_CANONICAL_TARGET | |
47 | AM_INIT_AUTOMAKE([foreign 1.6]) | |
48 | ||
49 | DEBUG="" | |
50 | AC_MSG_CHECKING([for debug-enabled build]) | |
51 | AC_ARG_ENABLE(debug, AC_HELP_STRING([--enable-debug], [create a debug build]), | |
52 | [if test "$enableval" = "yes"; then | |
53 | DEBUG="yes" | |
54 | AC_MSG_RESULT([yes]) | |
55 | else | |
56 | DEBUG="no" | |
57 | AC_MSG_RESULT([no]) | |
58 | fi], | |
59 | [DEBUG="no", | |
60 | AC_MSG_RESULT([no])]) | |
61 | ||
62 | # If the user has not set CFLAGS, do something appropriate | |
63 | test_CFLAGS=${CFLAGS+set} | |
64 | if test "$test_CFLAGS" != set; then | |
65 | if test "$DEBUG" == "yes"; then | |
66 | CFLAGS="-O0 -g -DDEBUG" | |
67 | else | |
68 | CFLAGS="-g -O2" | |
69 | fi | |
70 | elif test "$DEBUG" == "yes"; then | |
71 | CFLAGS="$CFLAGS -O0 -g -DDEBUG" | |
72 | fi | |
73 | ||
e46a2b66 SB |
74 | AC_HEADER_STDC |
75 | AC_C_CONST | |
76 | AC_C_INLINE | |
77 | ||
78 | AC_TYPE_SIZE_T | |
79 | AC_TYPE_SIGNAL | |
80 | ||
baecda40 SB |
81 | AC_PROG_CC |
82 | AC_PROG_INSTALL | |
3cb54a5d | 83 | AC_PROG_MKDIR_P |
e46a2b66 | 84 | |
ec37bb56 SB |
85 | AC_ARG_WITH([selinux], |
86 | AS_HELP_STRING([--with-selinux], | |
87 | [add SELinux policy extensions @<:@default=check@:>@])) | |
88 | m4_divert_text([DEFAULTS], [with_selinux=check]) | |
89 | ||
90 | dnl Check for SELinux policy support | |
91 | ||
92 | if test "$with_selinux" != "no"; then | |
93 | if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then | |
94 | if ! test -f /usr/share/selinux/devel/Makefile; then | |
95 | if test "$with_selinux" = "yes"; then | |
96 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
97 | else | |
98 | with_selinux="no" | |
99 | fi | |
100 | fi | |
101 | AC_PATH_PROG([SEMODULE], semodule) | |
102 | if test "x$SEMODULE" == "x"; then | |
103 | if test "$with_selinux" = "yes"; then | |
104 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
105 | else | |
106 | with_selinux="no" | |
107 | fi | |
108 | fi | |
109 | if test "$with_selinux" = "check"; then | |
110 | with_selinux="yes" | |
111 | fi | |
112 | fi | |
113 | fi | |
114 | AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" == "xyes"]) | |
115 | ||
f163b202 SB |
116 | GLIB_CFLAGS=$(pkg-config --cflags glib-2.0) |
117 | if test $? -ne 0; then | |
118 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get cflags") | |
119 | fi | |
baecda40 | 120 | AC_SUBST([GLIB_CFLAGS]) |
f163b202 | 121 | |
baecda40 | 122 | GLIB_LIBS=$(pkg-config --libs glib-2.0) |
f163b202 SB |
123 | if test $? -ne 0; then |
124 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs") | |
125 | fi | |
baecda40 | 126 | AC_SUBST([GLIB_LIBS]) |
f163b202 | 127 | |
baecda40 | 128 | GTHREAD_LIBS=$(pkg-config --libs gthread-2.0) |
f163b202 SB |
129 | if test $? -ne 0; then |
130 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0") | |
131 | fi | |
baecda40 | 132 | AC_SUBST([GTHREAD_LIBS]) |
f163b202 | 133 | |
3bbdd7bc SB |
134 | cryptolib=freebl |
135 | ||
136 | AC_ARG_WITH([openssl], | |
137 | AC_HELP_STRING([--with-openssl], | |
213677a2 | 138 | [build with openssl library]), |
3bbdd7bc SB |
139 | [AC_CHECK_LIB(crypto, |
140 | [AES_set_encrypt_key], | |
141 | [], | |
142 | AC_MSG_ERROR(Faulty openssl crypto library)) | |
143 | AC_CHECK_HEADERS([openssl/aes.h],[], | |
144 | AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?)) | |
145 | AC_MSG_RESULT([Building with openssl crypto library]) | |
146 | cryptolib=openssl | |
147 | ] | |
148 | ) | |
149 | ||
150 | case "$cryptolib" in | |
151 | freebl) | |
152 | AM_CONDITIONAL(SWTPM_USE_FREEBL, true) | |
153 | AM_CONDITIONAL(SWTPM_USE_OPENSSL, false) | |
154 | AC_DEFINE([USE_FREEBL_CRYPTO_LIBRARY], | |
155 | [1], | |
156 | [use freebl crypto library]) | |
157 | ||
158 | NSPR_CFLAGS=$(nspr-config --cflags) | |
159 | if test $? -ne 0; then | |
160 | AC_MSG_ERROR("Could not find nspr-config. Is nspr-devel/libnspr4-dev installed?") | |
161 | fi | |
162 | AC_SUBST([NSPR_CFLAGS]) | |
163 | ||
164 | NSS_CFLAGS=$(nss-config --cflags) | |
165 | if test $? -ne 0; then | |
166 | AC_MSG_ERROR("Could not find nss-config. Is nss-devel/libnss3-dev installed?") | |
167 | fi | |
168 | AC_SUBST([NSS_CFLAGS]) | |
169 | ||
170 | NSS_LIBS=$(nss-config --libs) | |
171 | if test $? -ne 0; then | |
172 | AC_MSG_ERROR("Is nss-devel/libnss3-dev installed? -- could not get libs for nss") | |
173 | fi | |
174 | dnl On RHEL 7 ppc64 we need an explicit -lfreebl | |
175 | NSS_LIBS="$NSS_LIBS -lfreebl" | |
176 | AC_SUBST([NSS_LIBS]) | |
177 | ||
178 | CPPFLAGS="$NSS_CFLAGS $NSPR_CFLAGS" | |
179 | AC_CHECK_HEADERS([sslerr.h],[], | |
180 | AC_MSG_ERROR(nss-devel/libnss3-dev is bad)) | |
181 | ||
182 | # Check for missing headers | |
183 | CFLAGS_save="$CFLAGS" | |
184 | CFLAGS="$NSS_CFLAGS $NSPR_CFLAGS" | |
185 | AC_CHECK_HEADERS([blapi.h],[], | |
186 | AC_MSG_ERROR(nss-softokn-freebl-devel/libnss3-dev is missing blapi.h)) | |
187 | # Check for missing freebl library or missing library functions | |
188 | LIBS_save="$LIBS" | |
189 | LIBS="$(nss-config --libs) $(nspr-config --libs)" | |
190 | AC_SEARCH_LIBS([AES_CreateContext], [freebl],[], | |
191 | AC_MSG_ERROR("Could not find AES_CreateContext(). Is nss-softokn-freebl-devel/libnss3-dev installed?"), | |
192 | []) | |
193 | LIBS="$LIBS_save" | |
194 | CPPFLAGS="" | |
195 | CFLAGS="$CFLAGS_save" | |
196 | ||
197 | ;; | |
198 | openssl) | |
199 | AM_CONDITIONAL(SWTPM_USE_FREEBL, false) | |
200 | AM_CONDITIONAL(SWTPM_USE_OPENSSL, true) | |
201 | AC_DEFINE([USE_OPENSSL_CRYPTO_LIBRARY], | |
202 | [1], | |
203 | [use openssl crypto library]) | |
204 | ;; | |
205 | esac | |
833a5416 | 206 | |
baecda40 SB |
207 | LIBTASN1_LIBS=$(pkg-config --libs libtasn1) |
208 | if test $? -ne 0; then | |
209 | AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1") | |
210 | fi | |
211 | AC_SUBST([LIBTASN1_LIBS]) | |
f163b202 | 212 | |
baecda40 SB |
213 | LIBTPMS_LIBS=$(pkg-config --libs libtpms) |
214 | if test $? -ne 0; then | |
215 | AC_MSG_ERROR("Is libtpms-devel installed? -- could not get libs for libtpms") | |
216 | fi | |
217 | AC_SUBST([LIBTPMS_LIBS]) | |
f163b202 | 218 | |
e46a2b66 SB |
219 | AC_PATH_PROG([TPM_NVDEFINE], tpm_nvdefine) |
220 | if test "x$TPM_NVDEFINE" == "x"; then | |
221 | AC_MSG_ERROR([NVRAM area tools are need: tpm-tools package]) | |
222 | fi | |
223 | ||
baecda40 SB |
224 | LIBFUSE_CFLAGS=$(pkg-config fuse --cflags) |
225 | if test $? -ne 0; then | |
226 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse") | |
227 | fi | |
228 | AC_SUBST([LIBFUSE_CFLAGS]) | |
f163b202 | 229 | |
baecda40 SB |
230 | LIBFUSE_LIBS=$(pkg-config fuse --libs) |
231 | if test $? -ne 0; then | |
232 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse") | |
233 | fi | |
234 | AC_SUBST([LIBFUSE_LIBS]) | |
f163b202 | 235 | |
10002933 SB |
236 | AC_ARG_WITH([gnutls], |
237 | AC_HELP_STRING([--with-gnutls], | |
238 | [build with gnutls library]), | |
239 | [], | |
240 | [with_gnutls=check] | |
241 | ) | |
242 | ||
e46a2b66 SB |
243 | if test "x$with_gnutls" != "xno"; then |
244 | GNUTLS_LDFLAGS=$(pkg-config --libs gnutls) | |
245 | if test $? -ne 0; then | |
246 | if "x$with_gnutls" == "xyes"; then | |
247 | AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls") | |
248 | else | |
249 | with_gnutls=no | |
250 | fi | |
251 | fi | |
252 | fi | |
f163b202 | 253 | |
e46a2b66 | 254 | if test "x$with_gnutls" != "xno"; then |
baecda40 | 255 | GNUTLS_CFLAGS=$(pkg-config gnutls --cflags) |
10002933 | 256 | AC_CHECK_LIB([gnutls], [gnutls_load_file], [ |
baecda40 SB |
257 | GNUTLS_LIBS=-lgnutls |
258 | ], | |
e46a2b66 SB |
259 | [if test "x$with_gnutls" == "xyes"; then |
260 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so]) | |
261 | else | |
262 | with_gnutls="no" | |
263 | fi]) | |
264 | fi | |
265 | ||
266 | if test "x$with_gnutls" != "xno"; then | |
267 | AC_CHECK_HEADER(gnutls/abstract.h, [], \ | |
268 | [if test "x$with_gnutls" == "xyes"; then | |
269 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h]) | |
270 | else | |
271 | with_gnutls="no" | |
272 | fi]) | |
273 | fi | |
274 | ||
275 | if test "x$with_gnutls" != "xno"; then | |
276 | with_gnutls="yes" | |
277 | fi | |
278 | AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" == "xyes"]) | |
baecda40 | 279 | AC_SUBST([GNUTLS_LIBS]) |
f163b202 | 280 | |
48abfbb1 SB |
281 | AC_PATH_PROG([EXPECT], expect) |
282 | if test "x$EXPECT" == "x"; then | |
283 | AC_MSG_ERROR([expect is required: expect package]) | |
284 | fi | |
285 | ||
b080afb5 SB |
286 | AC_PATH_PROG([GAWK], gawk) |
287 | if test "x$GAWK" == "x"; then | |
288 | AC_MSG_ERROR([gawk is required: gawk package]) | |
289 | fi | |
290 | ||
8cb126e4 SB |
291 | AC_PATH_PROG([SOCAT], socat) |
292 | if test "x$SOCAT" == "x"; then | |
293 | AC_MSG_ERROR([socat is required: socat package]) | |
294 | fi | |
295 | ||
08f1e70d SB |
296 | TMP="$($CC -fstack-protector-strong 2>&1)" |
297 | if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then | |
298 | HARDENING_CFLAGS="-fstack-protector -Wstack-protector " | |
f77427eb | 299 | else |
08f1e70d | 300 | HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector " |
f77427eb | 301 | fi |
a76b4eeb SB |
302 | |
303 | dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2 | |
304 | TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')" | |
305 | TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')" | |
306 | if test -z "$TMP1" && test -n "$TPM2"; then | |
307 | HARDENING_CFLAGS+="-D_FORTIFY_SOURCE=2 " | |
308 | fi | |
309 | dnl Check ld for 'relro' and 'now' | |
310 | if $LD --help 2>&1 | $GREP '\-z relro ' > /dev/null; then | |
311 | HARDENING_CFLAGS+="-Wl,-z,relro " | |
312 | fi | |
313 | if $LD --help 2>&1 | $GREP '\-z now ' > /dev/null; then | |
314 | HARDENING_CFLAGS+="-Wl,-z,now " | |
315 | fi | |
e6085e96 SB |
316 | AC_SUBST([HARDENING_CFLAGS]) |
317 | ||
c4ac0a11 SB |
318 | AC_ARG_WITH([tss-user], |
319 | AC_HELP_STRING([--with-tss-user=TSS_USER], | |
320 | [The tss user to use]), | |
321 | [TSS_USER="$withval"], | |
322 | [TSS_USER="tss"] | |
323 | ) | |
324 | ||
325 | AC_ARG_WITH([tss-group], | |
326 | AC_HELP_STRING([--with-tss-group=TSS_GROUP], | |
327 | [The tss group to use]), | |
328 | [TSS_GROUP="$withval"], | |
329 | [TSS_GROUP="tss"] | |
330 | ) | |
331 | AC_SUBST([TSS_USER]) | |
332 | AC_SUBST([TSS_GROUP]) | |
333 | ||
f163b202 SB |
334 | CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum" |
335 | CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror" | |
e6085e96 | 336 | CFLAGS="$CFLAGS -Wformat -Wformat-security" |
f163b202 | 337 | |
58774fd6 | 338 | AC_CONFIG_FILES([Makefile \ |
f163b202 | 339 | dist/swtpm.spec \ |
e46a2b66 SB |
340 | etc/Makefile \ |
341 | samples/Makefile \ | |
f163b202 SB |
342 | include/Makefile \ |
343 | include/swtpm/Makefile \ | |
a1fa5d77 | 344 | include/swtpm.h \ |
f163b202 SB |
345 | src/Makefile \ |
346 | src/selinux/Makefile \ | |
347 | src/swtpm/Makefile \ | |
e46a2b66 SB |
348 | src/swtpm_bios/Makefile \ |
349 | src/swtpm_cert/Makefile \ | |
350 | src/swtpm_ioctl/Makefile \ | |
351 | src/swtpm_setup/Makefile \ | |
c4ac0a11 | 352 | src/swtpm_setup/swtpm_setup.h \ |
f163b202 | 353 | man/Makefile \ |
39d0c3de | 354 | man/man3/Makefile \ |
f163b202 | 355 | man/man8/Makefile \ |
e46a2b66 | 356 | tests/Makefile \ |
c4ac0a11 | 357 | tests/test_config \ |
10002933 SB |
358 | ]) |
359 | AC_CONFIG_FILES([src/swtpm_setup/swtpm_setup.sh], | |
360 | [chmod 755 src/swtpm_setup/swtpm_setup.sh]) | |
f163b202 SB |
361 | AC_OUTPUT |
362 | ||
e46a2b66 | 363 | echo |
ec37bb56 SB |
364 | printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls |
365 | printf "with_selinux: %5s (no = SELinux policy extenions will NOT be build)\n" $with_selinux | |
e46a2b66 | 366 | echo |
10002933 SB |
367 | echo "cryptolib: $cryptolib" |
368 | echo | |
f163b202 | 369 | echo "CFLAGS=$CFLAGS" |
a76b4eeb | 370 | echo "HARDENING_CFLAGS=$HARDENING_CFLAGS" |
f163b202 | 371 | echo "LDFLAGS=$LDFLAGS" |
c4ac0a11 SB |
372 | echo |
373 | echo "TSS_USER=$TSS_USER" | |
374 | echo "TSS_GROUP=$TSS_GROUP" | |
375 | echo |