]>
Commit | Line | Data |
---|---|---|
f163b202 SB |
1 | # |
2 | # configure.ac | |
3 | # | |
4 | # The Initial Developer of the Original Code is International | |
5 | # Business Machines Corporation. Portions created by IBM | |
6 | # Corporation are Copyright (C) 2014 International Business | |
7 | # Machines Corporation. All Rights Reserved. | |
8 | # | |
9 | # This program is free software; you can redistribute it and/or modify | |
10 | # it under the terms of the Common Public License as published by | |
11 | # IBM Corporation; either version 1 of the License, or (at your option) | |
12 | # any later version. | |
13 | # | |
14 | # This program is distributed in the hope that it will be useful, | |
15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | # Common Public License for more details. | |
18 | # | |
19 | # You should have received a copy of the Common Public License | |
20 | # along with this program; if not, a copy can be viewed at | |
21 | # http://www.opensource.org/licenses/cpl1.0.php. | |
22 | # | |
23 | # This file is derived from tpm-tool's configure.in. | |
24 | # | |
25 | ||
26 | AC_INIT(swtpm, 0.1.0) | |
27 | AC_PREREQ(2.12) | |
28 | AC_CONFIG_SRCDIR(Makefile.am) | |
29 | AC_CONFIG_HEADER(config.h) | |
30 | ||
31 | SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1` | |
32 | SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2` | |
33 | SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3` | |
34 | ||
35 | AC_SUBST([SWTPM_VER_MAJOR]) | |
36 | AC_SUBST([SWTPM_VER_MINOR]) | |
37 | AC_SUBST([SWTPM_VER_MICRO]) | |
38 | ||
39 | dnl Check for programs | |
40 | AC_PROG_CC | |
41 | AC_PROG_INSTALL | |
42 | AC_PROG_LN_S | |
43 | AC_PROG_LIBTOOL | |
44 | ||
f163b202 SB |
45 | AC_CONFIG_MACRO_DIR([m4]) |
46 | AC_CANONICAL_TARGET | |
47 | AM_INIT_AUTOMAKE([foreign 1.6]) | |
48 | ||
49 | DEBUG="" | |
50 | AC_MSG_CHECKING([for debug-enabled build]) | |
51 | AC_ARG_ENABLE(debug, AC_HELP_STRING([--enable-debug], [create a debug build]), | |
52 | [if test "$enableval" = "yes"; then | |
53 | DEBUG="yes" | |
54 | AC_MSG_RESULT([yes]) | |
55 | else | |
56 | DEBUG="no" | |
57 | AC_MSG_RESULT([no]) | |
58 | fi], | |
59 | [DEBUG="no", | |
60 | AC_MSG_RESULT([no])]) | |
61 | ||
62 | # If the user has not set CFLAGS, do something appropriate | |
63 | test_CFLAGS=${CFLAGS+set} | |
64 | if test "$test_CFLAGS" != set; then | |
65 | if test "$DEBUG" == "yes"; then | |
66 | CFLAGS="-O0 -g -DDEBUG" | |
67 | else | |
68 | CFLAGS="-g -O2" | |
69 | fi | |
70 | elif test "$DEBUG" == "yes"; then | |
71 | CFLAGS="$CFLAGS -O0 -g -DDEBUG" | |
72 | fi | |
73 | ||
e46a2b66 SB |
74 | AC_HEADER_STDC |
75 | AC_C_CONST | |
76 | AC_C_INLINE | |
77 | ||
78 | AC_TYPE_SIZE_T | |
79 | AC_TYPE_SIGNAL | |
80 | ||
baecda40 SB |
81 | AC_PROG_CC |
82 | AC_PROG_INSTALL | |
3cb54a5d | 83 | AC_PROG_MKDIR_P |
e46a2b66 | 84 | |
ec37bb56 SB |
85 | AC_ARG_WITH([selinux], |
86 | AS_HELP_STRING([--with-selinux], | |
87 | [add SELinux policy extensions @<:@default=check@:>@])) | |
88 | m4_divert_text([DEFAULTS], [with_selinux=check]) | |
89 | ||
90 | dnl Check for SELinux policy support | |
91 | ||
92 | if test "$with_selinux" != "no"; then | |
93 | if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then | |
94 | if ! test -f /usr/share/selinux/devel/Makefile; then | |
95 | if test "$with_selinux" = "yes"; then | |
96 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
97 | else | |
98 | with_selinux="no" | |
99 | fi | |
100 | fi | |
101 | AC_PATH_PROG([SEMODULE], semodule) | |
102 | if test "x$SEMODULE" == "x"; then | |
103 | if test "$with_selinux" = "yes"; then | |
104 | AC_MSG_ERROR("Is selinux-policy-devel installed?") | |
105 | else | |
106 | with_selinux="no" | |
107 | fi | |
108 | fi | |
109 | if test "$with_selinux" = "check"; then | |
110 | with_selinux="yes" | |
111 | fi | |
112 | fi | |
113 | fi | |
114 | AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" == "xyes"]) | |
115 | ||
f163b202 SB |
116 | GLIB_CFLAGS=$(pkg-config --cflags glib-2.0) |
117 | if test $? -ne 0; then | |
118 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get cflags") | |
119 | fi | |
baecda40 | 120 | AC_SUBST([GLIB_CFLAGS]) |
f163b202 | 121 | |
baecda40 | 122 | GLIB_LIBS=$(pkg-config --libs glib-2.0) |
f163b202 SB |
123 | if test $? -ne 0; then |
124 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs") | |
125 | fi | |
baecda40 | 126 | AC_SUBST([GLIB_LIBS]) |
f163b202 | 127 | |
baecda40 | 128 | GTHREAD_LIBS=$(pkg-config --libs gthread-2.0) |
f163b202 SB |
129 | if test $? -ne 0; then |
130 | AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0") | |
131 | fi | |
baecda40 | 132 | AC_SUBST([GTHREAD_LIBS]) |
f163b202 | 133 | |
3bbdd7bc SB |
134 | cryptolib=freebl |
135 | ||
136 | AC_ARG_WITH([openssl], | |
137 | AC_HELP_STRING([--with-openssl], | |
213677a2 | 138 | [build with openssl library]), |
3bbdd7bc SB |
139 | [AC_CHECK_LIB(crypto, |
140 | [AES_set_encrypt_key], | |
141 | [], | |
142 | AC_MSG_ERROR(Faulty openssl crypto library)) | |
143 | AC_CHECK_HEADERS([openssl/aes.h],[], | |
144 | AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?)) | |
145 | AC_MSG_RESULT([Building with openssl crypto library]) | |
146 | cryptolib=openssl | |
147 | ] | |
148 | ) | |
149 | ||
150 | case "$cryptolib" in | |
151 | freebl) | |
152 | AM_CONDITIONAL(SWTPM_USE_FREEBL, true) | |
153 | AM_CONDITIONAL(SWTPM_USE_OPENSSL, false) | |
154 | AC_DEFINE([USE_FREEBL_CRYPTO_LIBRARY], | |
155 | [1], | |
156 | [use freebl crypto library]) | |
157 | ||
158 | NSPR_CFLAGS=$(nspr-config --cflags) | |
159 | if test $? -ne 0; then | |
160 | AC_MSG_ERROR("Could not find nspr-config. Is nspr-devel/libnspr4-dev installed?") | |
161 | fi | |
162 | AC_SUBST([NSPR_CFLAGS]) | |
163 | ||
164 | NSS_CFLAGS=$(nss-config --cflags) | |
165 | if test $? -ne 0; then | |
166 | AC_MSG_ERROR("Could not find nss-config. Is nss-devel/libnss3-dev installed?") | |
167 | fi | |
168 | AC_SUBST([NSS_CFLAGS]) | |
169 | ||
170 | NSS_LIBS=$(nss-config --libs) | |
171 | if test $? -ne 0; then | |
172 | AC_MSG_ERROR("Is nss-devel/libnss3-dev installed? -- could not get libs for nss") | |
173 | fi | |
174 | dnl On RHEL 7 ppc64 we need an explicit -lfreebl | |
175 | NSS_LIBS="$NSS_LIBS -lfreebl" | |
176 | AC_SUBST([NSS_LIBS]) | |
177 | ||
178 | CPPFLAGS="$NSS_CFLAGS $NSPR_CFLAGS" | |
179 | AC_CHECK_HEADERS([sslerr.h],[], | |
180 | AC_MSG_ERROR(nss-devel/libnss3-dev is bad)) | |
181 | ||
182 | # Check for missing headers | |
183 | CFLAGS_save="$CFLAGS" | |
184 | CFLAGS="$NSS_CFLAGS $NSPR_CFLAGS" | |
185 | AC_CHECK_HEADERS([blapi.h],[], | |
186 | AC_MSG_ERROR(nss-softokn-freebl-devel/libnss3-dev is missing blapi.h)) | |
187 | # Check for missing freebl library or missing library functions | |
188 | LIBS_save="$LIBS" | |
189 | LIBS="$(nss-config --libs) $(nspr-config --libs)" | |
190 | AC_SEARCH_LIBS([AES_CreateContext], [freebl],[], | |
191 | AC_MSG_ERROR("Could not find AES_CreateContext(). Is nss-softokn-freebl-devel/libnss3-dev installed?"), | |
192 | []) | |
193 | LIBS="$LIBS_save" | |
194 | CPPFLAGS="" | |
195 | CFLAGS="$CFLAGS_save" | |
196 | ||
197 | ;; | |
198 | openssl) | |
199 | AM_CONDITIONAL(SWTPM_USE_FREEBL, false) | |
200 | AM_CONDITIONAL(SWTPM_USE_OPENSSL, true) | |
201 | AC_DEFINE([USE_OPENSSL_CRYPTO_LIBRARY], | |
202 | [1], | |
203 | [use openssl crypto library]) | |
204 | ;; | |
205 | esac | |
833a5416 | 206 | |
baecda40 SB |
207 | LIBTASN1_LIBS=$(pkg-config --libs libtasn1) |
208 | if test $? -ne 0; then | |
209 | AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1") | |
210 | fi | |
211 | AC_SUBST([LIBTASN1_LIBS]) | |
f163b202 | 212 | |
baecda40 SB |
213 | LIBTPMS_LIBS=$(pkg-config --libs libtpms) |
214 | if test $? -ne 0; then | |
215 | AC_MSG_ERROR("Is libtpms-devel installed? -- could not get libs for libtpms") | |
216 | fi | |
217 | AC_SUBST([LIBTPMS_LIBS]) | |
f163b202 | 218 | |
e46a2b66 SB |
219 | AC_PATH_PROG([TPM_NVDEFINE], tpm_nvdefine) |
220 | if test "x$TPM_NVDEFINE" == "x"; then | |
221 | AC_MSG_ERROR([NVRAM area tools are need: tpm-tools package]) | |
222 | fi | |
223 | ||
baecda40 SB |
224 | LIBFUSE_CFLAGS=$(pkg-config fuse --cflags) |
225 | if test $? -ne 0; then | |
226 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse") | |
227 | fi | |
228 | AC_SUBST([LIBFUSE_CFLAGS]) | |
f163b202 | 229 | |
baecda40 SB |
230 | LIBFUSE_LIBS=$(pkg-config fuse --libs) |
231 | if test $? -ne 0; then | |
232 | AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse") | |
233 | fi | |
234 | AC_SUBST([LIBFUSE_LIBS]) | |
f163b202 | 235 | |
e46a2b66 SB |
236 | if test "x$with_gnutls" != "xno"; then |
237 | GNUTLS_LDFLAGS=$(pkg-config --libs gnutls) | |
238 | if test $? -ne 0; then | |
239 | if "x$with_gnutls" == "xyes"; then | |
240 | AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls") | |
241 | else | |
242 | with_gnutls=no | |
243 | fi | |
244 | fi | |
245 | fi | |
f163b202 | 246 | |
e46a2b66 | 247 | if test "x$with_gnutls" != "xno"; then |
baecda40 SB |
248 | GNUTLS_CFLAGS=$(pkg-config gnutls --cflags) |
249 | AC_CHECK_LIB([gnutls], [gnutls_x509_crt_set_key], [ | |
250 | GNUTLS_LIBS=-lgnutls | |
251 | ], | |
e46a2b66 SB |
252 | [if test "x$with_gnutls" == "xyes"; then |
253 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so]) | |
254 | else | |
255 | with_gnutls="no" | |
256 | fi]) | |
257 | fi | |
258 | ||
259 | if test "x$with_gnutls" != "xno"; then | |
260 | AC_CHECK_HEADER(gnutls/abstract.h, [], \ | |
261 | [if test "x$with_gnutls" == "xyes"; then | |
262 | AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h]) | |
263 | else | |
264 | with_gnutls="no" | |
265 | fi]) | |
266 | fi | |
267 | ||
268 | if test "x$with_gnutls" != "xno"; then | |
269 | with_gnutls="yes" | |
270 | fi | |
271 | AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" == "xyes"]) | |
baecda40 | 272 | AC_SUBST([GNUTLS_LIBS]) |
f163b202 | 273 | |
48abfbb1 SB |
274 | AC_PATH_PROG([EXPECT], expect) |
275 | if test "x$EXPECT" == "x"; then | |
276 | AC_MSG_ERROR([expect is required: expect package]) | |
277 | fi | |
278 | ||
b080afb5 SB |
279 | AC_PATH_PROG([GAWK], gawk) |
280 | if test "x$GAWK" == "x"; then | |
281 | AC_MSG_ERROR([gawk is required: gawk package]) | |
282 | fi | |
283 | ||
8cb126e4 SB |
284 | AC_PATH_PROG([SOCAT], socat) |
285 | if test "x$SOCAT" == "x"; then | |
286 | AC_MSG_ERROR([socat is required: socat package]) | |
287 | fi | |
288 | ||
08f1e70d SB |
289 | TMP="$($CC -fstack-protector-strong 2>&1)" |
290 | if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then | |
291 | HARDENING_CFLAGS="-fstack-protector -Wstack-protector " | |
f77427eb | 292 | else |
08f1e70d | 293 | HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector " |
f77427eb | 294 | fi |
a76b4eeb SB |
295 | |
296 | dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2 | |
297 | TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')" | |
298 | TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')" | |
299 | if test -z "$TMP1" && test -n "$TPM2"; then | |
300 | HARDENING_CFLAGS+="-D_FORTIFY_SOURCE=2 " | |
301 | fi | |
302 | dnl Check ld for 'relro' and 'now' | |
303 | if $LD --help 2>&1 | $GREP '\-z relro ' > /dev/null; then | |
304 | HARDENING_CFLAGS+="-Wl,-z,relro " | |
305 | fi | |
306 | if $LD --help 2>&1 | $GREP '\-z now ' > /dev/null; then | |
307 | HARDENING_CFLAGS+="-Wl,-z,now " | |
308 | fi | |
e6085e96 SB |
309 | AC_SUBST([HARDENING_CFLAGS]) |
310 | ||
c4ac0a11 SB |
311 | AC_ARG_WITH([tss-user], |
312 | AC_HELP_STRING([--with-tss-user=TSS_USER], | |
313 | [The tss user to use]), | |
314 | [TSS_USER="$withval"], | |
315 | [TSS_USER="tss"] | |
316 | ) | |
317 | ||
318 | AC_ARG_WITH([tss-group], | |
319 | AC_HELP_STRING([--with-tss-group=TSS_GROUP], | |
320 | [The tss group to use]), | |
321 | [TSS_GROUP="$withval"], | |
322 | [TSS_GROUP="tss"] | |
323 | ) | |
324 | AC_SUBST([TSS_USER]) | |
325 | AC_SUBST([TSS_GROUP]) | |
326 | ||
f163b202 SB |
327 | CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum" |
328 | CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror" | |
e6085e96 | 329 | CFLAGS="$CFLAGS -Wformat -Wformat-security" |
f163b202 | 330 | |
58774fd6 | 331 | AC_CONFIG_FILES([Makefile \ |
f163b202 | 332 | dist/swtpm.spec \ |
e46a2b66 SB |
333 | etc/Makefile \ |
334 | samples/Makefile \ | |
f163b202 SB |
335 | include/Makefile \ |
336 | include/swtpm/Makefile \ | |
337 | src/Makefile \ | |
338 | src/selinux/Makefile \ | |
339 | src/swtpm/Makefile \ | |
340 | src/swtpm/swtpm.h \ | |
e46a2b66 SB |
341 | src/swtpm_bios/Makefile \ |
342 | src/swtpm_cert/Makefile \ | |
343 | src/swtpm_ioctl/Makefile \ | |
344 | src/swtpm_setup/Makefile \ | |
c4ac0a11 SB |
345 | src/swtpm_setup/swtpm_setup.h \ |
346 | src/swtpm_setup/swtpm_setup.sh \ | |
f163b202 | 347 | man/Makefile \ |
39d0c3de | 348 | man/man3/Makefile \ |
f163b202 | 349 | man/man8/Makefile \ |
e46a2b66 | 350 | tests/Makefile \ |
c4ac0a11 | 351 | tests/test_config \ |
58774fd6 | 352 | ], [chmod 755 src/swtpm_setup/swtpm_setup.sh]) |
f163b202 SB |
353 | AC_OUTPUT |
354 | ||
e46a2b66 | 355 | echo |
ec37bb56 SB |
356 | printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls |
357 | printf "with_selinux: %5s (no = SELinux policy extenions will NOT be build)\n" $with_selinux | |
e46a2b66 | 358 | echo |
f163b202 | 359 | echo "CFLAGS=$CFLAGS" |
a76b4eeb | 360 | echo "HARDENING_CFLAGS=$HARDENING_CFLAGS" |
f163b202 | 361 | echo "LDFLAGS=$LDFLAGS" |
c4ac0a11 SB |
362 | echo |
363 | echo "TSS_USER=$TSS_USER" | |
364 | echo "TSS_GROUP=$TSS_GROUP" | |
365 | echo |