]>
Commit | Line | Data |
---|---|---|
f163b202 SB |
1 | # |
2 | # configure.ac | |
3 | # | |
4 | # The Initial Developer of the Original Code is International | |
5 | # Business Machines Corporation. Portions created by IBM | |
6 | # Corporation are Copyright (C) 2014 International Business | |
7 | # Machines Corporation. All Rights Reserved. | |
8 | # | |
9 | # This program is free software; you can redistribute it and/or modify | |
10 | # it under the terms of the Common Public License as published by | |
11 | # IBM Corporation; either version 1 of the License, or (at your option) | |
12 | # any later version. | |
13 | # | |
14 | # This program is distributed in the hope that it will be useful, | |
15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | # Common Public License for more details. | |
18 | # | |
19 | # You should have received a copy of the Common Public License | |
20 | # along with this program; if not, a copy can be viewed at | |
21 | # http://www.opensource.org/licenses/cpl1.0.php. | |
22 | # | |
23 | # This file is derived from tpm-tool's configure.in. | |
24 | # | |
25 | ||
26 | AC_INIT(swtpm, 0.1.0) | |
27 | AC_PREREQ(2.12) | |
28 | AC_CONFIG_SRCDIR(Makefile.am) | |
29 | AC_CONFIG_HEADER(config.h) | |
30 | ||
31 | SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1` | |
32 | SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2` | |
33 | SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3` | |
34 | ||
35 | AC_SUBST([SWTPM_VER_MAJOR]) | |
36 | AC_SUBST([SWTPM_VER_MINOR]) | |
37 | AC_SUBST([SWTPM_VER_MICRO]) | |
38 | ||
39 | dnl Check for programs | |
40 | AC_PROG_CC | |
41 | AC_PROG_INSTALL | |
42 | AC_PROG_LN_S | |
43 | AC_PROG_LIBTOOL | |
44 | ||
f163b202 SB |
45 | AC_CONFIG_MACRO_DIR([m4]) |
46 | AC_CANONICAL_TARGET | |
c3fdf688 | 47 | AC_CANONICAL_HOST |
f163b202 SB |
48 | AM_INIT_AUTOMAKE([foreign 1.6]) |
49 | ||
50 | DEBUG="" | |
51 | AC_MSG_CHECKING([for debug-enabled build]) | |
52 | AC_ARG_ENABLE(debug, AC_HELP_STRING([--enable-debug], [create a debug build]), | |
53 | [if test "$enableval" = "yes"; then | |
54 | DEBUG="yes" | |
55 | AC_MSG_RESULT([yes]) | |
56 | else | |
57 | DEBUG="no" | |
58 | AC_MSG_RESULT([no]) | |
59 | fi], | |
60 | [DEBUG="no", | |
61 | AC_MSG_RESULT([no])]) | |
62 | ||
63 | # If the user has not set CFLAGS, do something appropriate | |
64 | test_CFLAGS=${CFLAGS+set} | |
65 | if test "$test_CFLAGS" != set; then | |
66 | if test "$DEBUG" == "yes"; then | |
67 | CFLAGS="-O0 -g -DDEBUG" | |
68 | else | |
69 | CFLAGS="-g -O2" | |
70 | fi | |
71 | elif test "$DEBUG" == "yes"; then | |
72 | CFLAGS="$CFLAGS -O0 -g -DDEBUG" | |
73 | fi | |
74 | ||
e46a2b66 SB |
75 | AC_HEADER_STDC |
76 | AC_C_CONST | |
77 | AC_C_INLINE | |
78 | ||
79 | AC_TYPE_SIZE_T | |
80 | AC_TYPE_SIGNAL | |
81 | ||
baecda40 SB |
82 | AC_PROG_CC |
83 | AC_PROG_INSTALL | |
3cb54a5d | 84 | AC_PROG_MKDIR_P |
e46a2b66 | 85 | |
ec37bb56 SB |
86 | AC_ARG_WITH([selinux], |
87 | AS_HELP_STRING([--with-selinux], | |
88 | [add SELinux policy extensions @<:@default=check@:>@])) | |
89 | m4_divert_text([DEFAULTS], [with_selinux=check]) | |
90 | ||
91 | dnl Check for SELinux policy support | |
92 | ||
93 | if test "$with_selinux" != "no"; then | |
94 | if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then | |
95 | if ! test -f /usr/share/selinux/devel/Makefile; then | |
96 | if test "$with_selinux" = "yes"; then | |
97 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
98 | else | |
99 | with_selinux="no" | |
100 | fi | |
101 | fi | |
102 | AC_PATH_PROG([SEMODULE], semodule) | |
103 | if test "x$SEMODULE" == "x"; then | |
104 | if test "$with_selinux" = "yes"; then | |
105 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
106 | else | |
107 | with_selinux="no" | |
108 | fi | |
109 | fi | |
110 | if test "$with_selinux" = "check"; then | |
111 | with_selinux="yes" | |
112 | fi | |
113 | fi | |
114 | fi | |
115 | AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" == "xyes"]) | |
116 | ||
f163b202 SB |
117 | GLIB_CFLAGS=$(pkg-config --cflags glib-2.0) |
118 | if test $? -ne 0; then | |
119 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get cflags") | |
120 | fi | |
baecda40 | 121 | AC_SUBST([GLIB_CFLAGS]) |
f163b202 | 122 | |
baecda40 | 123 | GLIB_LIBS=$(pkg-config --libs glib-2.0) |
f163b202 SB |
124 | if test $? -ne 0; then |
125 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs") | |
126 | fi | |
baecda40 | 127 | AC_SUBST([GLIB_LIBS]) |
f163b202 | 128 | |
baecda40 | 129 | GTHREAD_LIBS=$(pkg-config --libs gthread-2.0) |
f163b202 SB |
130 | if test $? -ne 0; then |
131 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0") | |
132 | fi | |
baecda40 | 133 | AC_SUBST([GTHREAD_LIBS]) |
f163b202 | 134 | |
7849b6c6 | 135 | cryptolib=openssl |
3bbdd7bc SB |
136 | |
137 | AC_ARG_WITH([openssl], | |
7849b6c6 SB |
138 | [AS_HELP_STRING([--with-openssl], |
139 | [build with openssl library])], | |
140 | [], | |
141 | []) | |
3bbdd7bc SB |
142 | |
143 | case "$cryptolib" in | |
3bbdd7bc | 144 | openssl) |
7849b6c6 SB |
145 | AC_CHECK_LIB(crypto, |
146 | [AES_set_encrypt_key], | |
147 | [], | |
148 | AC_MSG_ERROR(Faulty openssl crypto library)) | |
149 | AC_CHECK_HEADERS([openssl/aes.h],[], | |
150 | AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?)) | |
151 | AC_MSG_RESULT([Building with openssl crypto library]) | |
152 | ;; | |
3bbdd7bc | 153 | esac |
833a5416 | 154 | |
baecda40 SB |
155 | LIBTASN1_LIBS=$(pkg-config --libs libtasn1) |
156 | if test $? -ne 0; then | |
157 | AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1") | |
158 | fi | |
159 | AC_SUBST([LIBTASN1_LIBS]) | |
f163b202 | 160 | |
baecda40 SB |
161 | LIBTPMS_LIBS=$(pkg-config --libs libtpms) |
162 | if test $? -ne 0; then | |
163 | AC_MSG_ERROR("Is libtpms-devel installed? -- could not get libs for libtpms") | |
164 | fi | |
fbc596ab SB |
165 | AC_CHECK_LIB(tpms, |
166 | TPMLIB_ChooseTPMVersion,, | |
167 | AC_MSG_ERROR("libtpms 0.6 or later is required") | |
168 | ) | |
baecda40 | 169 | AC_SUBST([LIBTPMS_LIBS]) |
f163b202 | 170 | |
e46a2b66 | 171 | AC_PATH_PROG([TPM_NVDEFINE], tpm_nvdefine) |
c3fdf688 SB |
172 | case $host_os in |
173 | linux-*) | |
174 | if test "x$TPM_NVDEFINE" == "x"; then | |
175 | AC_MSG_ERROR([NVRAM area tools are needed: tpm-tools package]) | |
176 | fi | |
64faf455 | 177 | have_tcsd=yes |
c3fdf688 SB |
178 | ;; |
179 | *) | |
64faf455 | 180 | have_tcsd=no |
c3fdf688 | 181 | esac |
64faf455 SB |
182 | with_swtpm_setup=yes |
183 | AM_CONDITIONAL([HAVE_TCSD], test "$have_tcsd" != "no") | |
e46a2b66 | 184 | |
5cd844d0 SB |
185 | dnl If we have the tcsd package, we can build swtpm_setup, but need netstat also |
186 | AC_PATH_PROG([NETSTAT], [netstat]) | |
187 | case $host_os in | |
188 | linux-*) | |
64faf455 SB |
189 | if test "x$NETSTAT" == "x" && test "have_tcsd" != "no"; then |
190 | AC_MSG_ERROR([netstat tool is missing for tests: net-tools package]) | |
5cd844d0 SB |
191 | fi |
192 | ;; | |
193 | esac | |
194 | ||
09d1a532 SB |
195 | AC_MSG_CHECKING([for whether to build with CUSE interface]) |
196 | AC_ARG_WITH([cuse], | |
197 | AC_HELP_STRING([--with-cuse], | |
198 | [build with CUSE interface]), | |
199 | [], | |
200 | [with_cuse=check] | |
201 | ) | |
f163b202 | 202 | |
09d1a532 SB |
203 | if test "$with_cuse" != "no"; then |
204 | LIBFUSE_CFLAGS=$(pkg-config fuse --cflags 2>/dev/null) | |
205 | if test $? -ne 0; then | |
206 | if test "$with_cuse" = "yes"; then | |
207 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse") | |
208 | else | |
209 | with_cuse=no | |
210 | fi | |
211 | else | |
212 | with_cuse=yes | |
213 | fi | |
498433f7 | 214 | fi |
09d1a532 SB |
215 | |
216 | dnl with_cuse is now yes or no | |
217 | if test "$with_cuse" != "no"; then | |
218 | LIBFUSE_LIBS=$(pkg-config fuse --libs) | |
219 | if test $? -ne 0; then | |
220 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse") | |
221 | fi | |
222 | AC_SUBST([LIBFUSE_CFLAGS]) | |
223 | AC_SUBST([LIBFUSE_LIBS]) | |
224 | AC_DEFINE_UNQUOTED([WITH_CUSE], 1, | |
225 | [whether to build with CUSE interface]) | |
baecda40 | 226 | fi |
09d1a532 SB |
227 | AM_CONDITIONAL([WITH_CUSE],[test "$with_cuse" = "yes"]) |
228 | AC_MSG_RESULT($with_cuse) | |
f163b202 | 229 | |
498433f7 SB |
230 | AC_MSG_CHECKING([for whether to build with chardev interface]) |
231 | case $host_os in | |
232 | linux-*) | |
233 | with_chardev=yes | |
234 | AC_DEFINE_UNQUOTED([WITH_CHARDEV], 1, | |
235 | [whether to build with chardev interface]) | |
236 | ;; | |
237 | *) | |
238 | with_chardev=no | |
239 | esac | |
240 | AM_CONDITIONAL([WITH_CHARDEV],[test "$with_chardev" = "yes"]) | |
241 | AC_MSG_RESULT($with_cuse) | |
242 | ||
10002933 SB |
243 | AC_ARG_WITH([gnutls], |
244 | AC_HELP_STRING([--with-gnutls], | |
245 | [build with gnutls library]), | |
246 | [], | |
247 | [with_gnutls=check] | |
248 | ) | |
249 | ||
e46a2b66 SB |
250 | if test "x$with_gnutls" != "xno"; then |
251 | GNUTLS_LDFLAGS=$(pkg-config --libs gnutls) | |
252 | if test $? -ne 0; then | |
1828edee | 253 | if test "x$with_gnutls" == "xyes"; then |
e46a2b66 SB |
254 | AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls") |
255 | else | |
256 | with_gnutls=no | |
257 | fi | |
258 | fi | |
259 | fi | |
f163b202 | 260 | |
1828edee SB |
261 | if test "x$with_gnutls" != "xno"; then |
262 | AC_PATH_PROG([GNUTLS_CERTTOOL], certtool) | |
263 | if test "x$GNUTLS_CERTTOOL" == "x"; then | |
264 | if test "x$with_gnutls" == "xyes"; then | |
265 | AC_MSG_ERROR("Could not find certtool. Is gnutls-utils/gnutls-bin installed?") | |
266 | else | |
267 | with_gnutls=no | |
268 | fi | |
269 | fi | |
270 | fi | |
271 | ||
e46a2b66 | 272 | if test "x$with_gnutls" != "xno"; then |
571a8eed | 273 | ORIG_CFLAGS="$CFLAGS" |
baecda40 | 274 | GNUTLS_CFLAGS=$(pkg-config gnutls --cflags) |
571a8eed | 275 | CFLAGS="$CFLAGS $GNUTLS_CFLAGS $GNUTLS_LDFLAGS" |
10002933 | 276 | AC_CHECK_LIB([gnutls], [gnutls_load_file], [ |
baecda40 SB |
277 | GNUTLS_LIBS=-lgnutls |
278 | ], | |
e46a2b66 SB |
279 | [if test "x$with_gnutls" == "xyes"; then |
280 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so]) | |
281 | else | |
282 | with_gnutls="no" | |
283 | fi]) | |
571a8eed | 284 | CFLAGS="$ORIG_CFLAGS" |
e46a2b66 SB |
285 | fi |
286 | ||
287 | if test "x$with_gnutls" != "xno"; then | |
571a8eed SB |
288 | ORIG_CFLAGS="$CFLAGS" |
289 | CFLAGS="$CFLAGS $GNUTLS_CFLAGS" | |
e46a2b66 SB |
290 | AC_CHECK_HEADER(gnutls/abstract.h, [], \ |
291 | [if test "x$with_gnutls" == "xyes"; then | |
292 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h]) | |
293 | else | |
294 | with_gnutls="no" | |
295 | fi]) | |
571a8eed | 296 | CFLAGS="$ORIG_CFLAGS" |
e46a2b66 SB |
297 | fi |
298 | ||
299 | if test "x$with_gnutls" != "xno"; then | |
300 | with_gnutls="yes" | |
301 | fi | |
302 | AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" == "xyes"]) | |
baecda40 | 303 | AC_SUBST([GNUTLS_LIBS]) |
f163b202 | 304 | |
48abfbb1 SB |
305 | AC_PATH_PROG([EXPECT], expect) |
306 | if test "x$EXPECT" == "x"; then | |
307 | AC_MSG_ERROR([expect is required: expect package]) | |
308 | fi | |
309 | ||
b080afb5 SB |
310 | AC_PATH_PROG([GAWK], gawk) |
311 | if test "x$GAWK" == "x"; then | |
312 | AC_MSG_ERROR([gawk is required: gawk package]) | |
313 | fi | |
314 | ||
8cb126e4 SB |
315 | AC_PATH_PROG([SOCAT], socat) |
316 | if test "x$SOCAT" == "x"; then | |
317 | AC_MSG_ERROR([socat is required: socat package]) | |
318 | fi | |
319 | ||
dbb399de SB |
320 | AC_PATH_PROG([PYTHON], python) |
321 | if test "x$PYTHON" == "x"; then | |
322 | AC_MSG_ERROR([python is required: python2 or python3 package]) | |
323 | fi | |
324 | ||
08f1e70d SB |
325 | TMP="$($CC -fstack-protector-strong 2>&1)" |
326 | if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then | |
327 | HARDENING_CFLAGS="-fstack-protector -Wstack-protector " | |
f77427eb | 328 | else |
08f1e70d | 329 | HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector " |
f77427eb | 330 | fi |
a76b4eeb SB |
331 | |
332 | dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2 | |
333 | TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')" | |
334 | TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')" | |
335 | if test -z "$TMP1" && test -n "$TPM2"; then | |
336 | HARDENING_CFLAGS+="-D_FORTIFY_SOURCE=2 " | |
337 | fi | |
338 | dnl Check ld for 'relro' and 'now' | |
339 | if $LD --help 2>&1 | $GREP '\-z relro ' > /dev/null; then | |
340 | HARDENING_CFLAGS+="-Wl,-z,relro " | |
341 | fi | |
342 | if $LD --help 2>&1 | $GREP '\-z now ' > /dev/null; then | |
343 | HARDENING_CFLAGS+="-Wl,-z,now " | |
344 | fi | |
e6085e96 SB |
345 | AC_SUBST([HARDENING_CFLAGS]) |
346 | ||
c4ac0a11 SB |
347 | AC_ARG_WITH([tss-user], |
348 | AC_HELP_STRING([--with-tss-user=TSS_USER], | |
349 | [The tss user to use]), | |
350 | [TSS_USER="$withval"], | |
351 | [TSS_USER="tss"] | |
352 | ) | |
353 | ||
354 | AC_ARG_WITH([tss-group], | |
355 | AC_HELP_STRING([--with-tss-group=TSS_GROUP], | |
356 | [The tss group to use]), | |
357 | [TSS_GROUP="$withval"], | |
358 | [TSS_GROUP="tss"] | |
359 | ) | |
360 | AC_SUBST([TSS_USER]) | |
361 | AC_SUBST([TSS_GROUP]) | |
362 | ||
f163b202 SB |
363 | CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum" |
364 | CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror" | |
e6085e96 | 365 | CFLAGS="$CFLAGS -Wformat -Wformat-security" |
571a8eed | 366 | CFLAGS="$CFLAGS $GNUTLS_CFLAGS" |
f163b202 | 367 | |
f2458ef7 SB |
368 | dnl Simulate the following for systems with pkg-config < 0.28: |
369 | dnl PKG_CHECK_VAR([libtpms_cryptolib], [libtpms], [cryptolib], | |
370 | dnl [], AC_MSG_ERROR([Could not determine libtpms crypto library.])) | |
371 | PKG_PROG_PKG_CONFIG | |
372 | ||
373 | AC_MSG_CHECKING([Checking the crypto library libtpms is linked to]) | |
374 | libtpms_cryptolib=`$PKG_CONFIG --variable cryptolib libtpms` | |
375 | if test "x$libtpms_cryptolib" == "x"; then | |
376 | AC_MSG_ERROR([Could not determine the crypto library libtpms is using]) | |
377 | fi | |
378 | AC_MSG_RESULT($libtpms_cryptolib) | |
86cc4527 SB |
379 | |
380 | if test "$libtpms_cryptolib" != "$cryptolib"; then | |
381 | echo "libtpms is using $libtpms_cryptolib; we have to use the same" | |
382 | if test "$cryptolib" == "openssl"; then | |
383 | AC_MSG_ERROR([do not use --with-openssl]) | |
384 | else | |
385 | AC_MSG_ERROR([use --with-openssl]) | |
386 | fi | |
387 | fi | |
388 | ||
c751e32e SB |
389 | with_vtpm_proxy=no |
390 | case $host_os in | |
f071d820 | 391 | linux-*) |
c751e32e SB |
392 | with_vtpm_proxy=yes |
393 | AC_DEFINE_UNQUOTED([WITH_VTPM_PROXY], 1, | |
394 | [whether to build in vTPM proxy support (Linux only)]) | |
395 | esac | |
396 | ||
6286beac SB |
397 | case $host_os in |
398 | cygwin) | |
399 | CFLAGS="$CFLAGS -D__USE_LINUX_IOCTL_DEFS" | |
400 | esac | |
401 | ||
58774fd6 | 402 | AC_CONFIG_FILES([Makefile \ |
f163b202 | 403 | dist/swtpm.spec \ |
e46a2b66 SB |
404 | etc/Makefile \ |
405 | samples/Makefile \ | |
f163b202 SB |
406 | include/Makefile \ |
407 | include/swtpm/Makefile \ | |
a1fa5d77 | 408 | include/swtpm.h \ |
f163b202 SB |
409 | src/Makefile \ |
410 | src/selinux/Makefile \ | |
411 | src/swtpm/Makefile \ | |
e46a2b66 SB |
412 | src/swtpm_bios/Makefile \ |
413 | src/swtpm_cert/Makefile \ | |
414 | src/swtpm_ioctl/Makefile \ | |
415 | src/swtpm_setup/Makefile \ | |
c4ac0a11 | 416 | src/swtpm_setup/swtpm_setup.h \ |
f163b202 | 417 | man/Makefile \ |
39d0c3de | 418 | man/man3/Makefile \ |
f163b202 | 419 | man/man8/Makefile \ |
e46a2b66 | 420 | tests/Makefile \ |
c4ac0a11 | 421 | tests/test_config \ |
10002933 SB |
422 | ]) |
423 | AC_CONFIG_FILES([src/swtpm_setup/swtpm_setup.sh], | |
424 | [chmod 755 src/swtpm_setup/swtpm_setup.sh]) | |
f163b202 SB |
425 | AC_OUTPUT |
426 | ||
e46a2b66 | 427 | echo |
c3fdf688 SB |
428 | printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls |
429 | printf "with_selinux : %5s (no = SELinux policy extenions will NOT be built)\n" $with_selinux | |
430 | printf "with_cuse : %5s (no = no CUSE interface)\n" $with_cuse | |
498433f7 | 431 | printf "with_chardev : %5s (no = no chardev interface)\n" $with_chardev |
c3fdf688 | 432 | printf "with_swtpm_setup: %5s (no = swtpm_setup will NOT be built)\n" $with_swtpm_setup |
c751e32e | 433 | printf "with_vtpm_proxy : %5s (no = no vtpm proxy support; Linux only)\n" $with_vtpm_proxy |
e46a2b66 | 434 | echo |
10002933 SB |
435 | echo "cryptolib: $cryptolib" |
436 | echo | |
f163b202 | 437 | echo "CFLAGS=$CFLAGS" |
a76b4eeb | 438 | echo "HARDENING_CFLAGS=$HARDENING_CFLAGS" |
f163b202 | 439 | echo "LDFLAGS=$LDFLAGS" |
c4ac0a11 SB |
440 | echo |
441 | echo "TSS_USER=$TSS_USER" | |
442 | echo "TSS_GROUP=$TSS_GROUP" | |
443 | echo |