]> git.proxmox.com Git - swtpm.git/blame - configure.ac
projects / swtpm.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
build-sys: Show the value of with_chardev after test for chardev
[swtpm.git] / configure.ac
CommitLineData
f163b202
SB		 1#
2# configure.ac
3#
4# The Initial Developer of the Original Code is International
5# Business Machines Corporation. Portions created by IBM
6# Corporation are Copyright (C) 2014 International Business
7# Machines Corporation. All Rights Reserved.
8#
9# This program is free software; you can redistribute it and/or modify
10# it under the terms of the Common Public License as published by
11# IBM Corporation; either version 1 of the License, or (at your option)
12# any later version.
13#
14# This program is distributed in the hope that it will be useful,
15# but WITHOUT ANY WARRANTY; without even the implied warranty of
16# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17# Common Public License for more details.
18#
19# You should have received a copy of the Common Public License
20# along with this program; if not, a copy can be viewed at
21# http://www.opensource.org/licenses/cpl1.0.php.
22#
23# This file is derived from tpm-tool's configure.in.
24#
25
3115dff0 26AC_INIT([swtpm],[0.8.0])
b295c768 27AC_PREREQ([2.69])
f163b202 28AC_CONFIG_SRCDIR(Makefile.am)
b295c768 29AC_CONFIG_HEADERS([config.h])
f163b202
SB		 30
31SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1`
32SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2`
33SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3`
34
35AC_SUBST([SWTPM_VER_MAJOR])
36AC_SUBST([SWTPM_VER_MINOR])
37AC_SUBST([SWTPM_VER_MICRO])
38
39dnl Check for programs
40AC_PROG_CC
41AC_PROG_INSTALL
42AC_PROG_LN_S
908afaf5 43LT_INIT
f163b202 44
f163b202
SB		 45AC_CONFIG_MACRO_DIR([m4])
46AC_CANONICAL_TARGET
c3fdf688 47AC_CANONICAL_HOST
f163b202 48AM_INIT_AUTOMAKE([foreign 1.6])
13cb26d8 49AM_SILENT_RULES([yes])
f163b202
SB		 50
51DEBUG=""
52AC_MSG_CHECKING([for debug-enabled build])
b295c768 53AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug],[create a debug build]),
f163b202
SB		 54 [if test "$enableval" = "yes"; then
55 DEBUG="yes"
56 AC_MSG_RESULT([yes])
57 else
58 DEBUG="no"
59 AC_MSG_RESULT([no])
60 fi],
61 [DEBUG="no",
62 AC_MSG_RESULT([no])])
63
64# If the user has not set CFLAGS, do something appropriate
65test_CFLAGS=${CFLAGS+set}
66if test "$test_CFLAGS" != set; then
33be7be2 67 if test "$DEBUG" = "yes"; then
f163b202
SB		 68 CFLAGS="-O0 -g -DDEBUG"
69 else
70 CFLAGS="-g -O2"
71 fi
33be7be2 72elif test "$DEBUG" = "yes"; then
f163b202
SB		 73 CFLAGS="$CFLAGS -O0 -g -DDEBUG"
74fi
75
e46a2b66
SB		 76AC_C_CONST
77AC_C_INLINE
78
79AC_TYPE_SIZE_T
e46a2b66 80
baecda40
SB		 81AC_PROG_CC
82AC_PROG_INSTALL
3cb54a5d 83AC_PROG_MKDIR_P
e46a2b66 84
ec37bb56
SB		 85AC_ARG_WITH([selinux],
86 AS_HELP_STRING([--with-selinux],
87 [add SELinux policy extensions @<:@default=check@:>@]))
88m4_divert_text([DEFAULTS], [with_selinux=check])
89
90dnl Check for SELinux policy support
91
92if test "$with_selinux" != "no"; then
93 if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then
94 if ! test -f /usr/share/selinux/devel/Makefile; then
95 if test "$with_selinux" = "yes"; then
96 AC_MSG_ERROR("Is selinux-policy-devel installed?")
97 else
98 with_selinux="no"
99 fi
100 fi
101 AC_PATH_PROG([SEMODULE], semodule)
33be7be2 102 if test "x$SEMODULE" = "x"; then
ec37bb56
SB		 103 if test "$with_selinux" = "yes"; then
104 AC_MSG_ERROR("Is selinux-policy-devel installed?")
105 else
106 with_selinux="no"
107 fi
108 fi
109 if test "$with_selinux" = "check"; then
110 with_selinux="yes"
111 fi
112 fi
113fi
33be7be2 114AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" = "xyes"])
ec37bb56 115
b096be26
SB		 116if test "$prefix" = "/usr" && test "$sysconfdir" = '${prefix}/etc'; then
117 sysconfdir="/etc"
118fi
119if test "$prefix" = "" && test "$datarootdir" = '${prefix}/share'; then
120 datarootdir="/usr/share"
121fi
d16b86b7
SB		 122if test "$prefix" = "/usr" && test "$localstatedir" = '${prefix}/var'; then
123 localstatedir="/var"
124fi
5d35321e
SB		 125if test "x$prefix" = "xNONE"; then
126 prefix="/usr/local"
127fi
fd00c5ff
SB		 128if test "x$exec_prefix" = "xNONE"; then
129 exec_prefix=$prefix
130fi
0432b653
SB		 131SYSCONFDIR=`eval echo $sysconfdir`
132DATAROOTDIR=`eval echo $datarootdir`
d16b86b7 133LOCALSTATEDIR=`eval echo $localstatedir`
fd00c5ff 134BINDIR=`eval echo $bindir`
0432b653
SB		 135AC_SUBST([SYSCONFDIR])
136AC_SUBST([DATAROOTDIR])
d16b86b7 137AC_SUBST([LOCALSTATEDIR])
fd00c5ff 138AC_SUBST([BINDIR])
b096be26 139
7849b6c6 140cryptolib=openssl
3bbdd7bc
SB		 141
142AC_ARG_WITH([openssl],
7849b6c6
SB		 143 [AS_HELP_STRING([--with-openssl],
144 [build with openssl library])],
145 [],
146 [])
3bbdd7bc
SB		 147
148case "$cryptolib" in
3bbdd7bc 149openssl)
7849b6c6
SB		 150 AC_CHECK_LIB(crypto,
151 [AES_set_encrypt_key],
b78b6af2 152 [true],
7849b6c6
SB		 153 AC_MSG_ERROR(Faulty openssl crypto library))
154 AC_CHECK_HEADERS([openssl/aes.h],[],
155 AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?))
156 AC_MSG_RESULT([Building with openssl crypto library])
0371b63b
SB		 157 LIBCRYPTO_LIBS=$(pkg-config --libs libcrypto)
158 AC_SUBST([LIBCRYPTO_LIBS])
7849b6c6 159 ;;
3bbdd7bc 160esac
833a5416 161
baecda40
SB		 162LIBTASN1_LIBS=$(pkg-config --libs libtasn1)
163if test $? -ne 0; then
164 AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1")
165fi
166AC_SUBST([LIBTASN1_LIBS])
f163b202 167
3b33116d
SB		 168PKG_CHECK_MODULES(
169 [LIBTPMS],
170 [libtpms],
171 ,
172 AC_MSG_ERROR("no libtpms.pc found; please set PKG_CONFIG_PATH to the directory where libtpms.pc is located")
173)
8d086ee9 174LDFLAGS="$LDFLAGS $LIBTPMS_LIBS"
b4374c33 175CFLAGS="$CFLAGS $LIBTPMS_CFLAGS"
fbc596ab 176AC_CHECK_LIB(tpms,
b78b6af2 177 TPMLIB_ChooseTPMVersion,[true],
fbc596ab
SB		 178 AC_MSG_ERROR("libtpms 0.6 or later is required")
179)
baecda40 180AC_SUBST([LIBTPMS_LIBS])
f163b202 181
5478de0a
SB		 182AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt")
183AC_SUBST([LIBRT_LIBS])
184
cc410ca9
SB		 185AC_PATH_PROG([TCSD], tcsd)
186if test "x$TCSD" = "x"; then
64faf455 187 have_tcsd=no
cc410ca9 188 AC_MSG_WARN([tcsd could not be found; typically need it for tss user account and tests])
ef606d4a
SB		 189else
190 have_tcsd=yes
191fi
64faf455 192AM_CONDITIONAL([HAVE_TCSD], test "$have_tcsd" != "no")
e46a2b66 193
d4c60e44 194dnl We either need netstat (more common across systems) or 'ss' for test cases
5cd844d0 195AC_PATH_PROG([NETSTAT], [netstat])
d4c60e44
SB		 196if test "x$NETSTAT" = "x"; then
197 AC_PATH_PROG([SS], [ss])
198 if test "x$SS" = "x"; then
199 AC_MSG_ERROR(['netstat' and 'ss' tools are missing for tests: net-tools OR iproute/iproute2 package])
200 fi
201fi
5cd844d0 202
09d1a532
SB		 203AC_MSG_CHECKING([for whether to build with CUSE interface])
204AC_ARG_WITH([cuse],
b295c768 205 AS_HELP_STRING([--with-cuse],[build with CUSE interface]),
09d1a532
SB		 206 [],
207 [with_cuse=check]
208)
f163b202 209
09d1a532
SB		 210if test "$with_cuse" != "no"; then
211 LIBFUSE_CFLAGS=$(pkg-config fuse --cflags 2>/dev/null)
212 if test $? -ne 0; then
213 if test "$with_cuse" = "yes"; then
214 AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse")
215 else
216 with_cuse=no
217 fi
218 else
219 with_cuse=yes
220 fi
498433f7 221fi
09d1a532 222
c125e34b
SB		 223JSON_GLIB_CFLAGS=$(pkg-config --cflags json-glib-1.0)
224if test $? -ne 0; then
225 AC_MSG_ERROR("Is libjson-glib-dev/json-glib-devel installed? -- could not get cflags")
226fi
227AC_SUBST([JSON_GLIB_CFLAGS])
228
229JSON_GLIB_LIBS=$(pkg-config --libs json-glib-1.0)
230if test $? -ne 0; then
231 AC_MSG_ERROR("Is libjson-glib-dev/json-glib-devel installed? -- could not get libs")
232fi
233AC_SUBST([JSON_GLIB_LIBS])
234
235GLIB_CFLAGS=$(pkg-config --cflags glib-2.0)
236if test $? -ne 0; then
237 AC_MSG_ERROR("Is libglib-2.0-dev/glib2-devel installed? -- could not get cflags")
238fi
239AC_SUBST([GLIB_CFLAGS])
240
241GLIB_LIBS=$(pkg-config --libs glib-2.0)
242if test $? -ne 0; then
4e1ce735 243 AC_MSG_ERROR("Is libglib-2.0-dev/glib2-devel installed? -- could not get libs")
c125e34b
SB		 244fi
245AC_SUBST([GLIB_LIBS])
246
09d1a532
SB		 247dnl with_cuse is now yes or no
248if test "$with_cuse" != "no"; then
249 LIBFUSE_LIBS=$(pkg-config fuse --libs)
250 if test $? -ne 0; then
251 AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse")
252 fi
253 AC_SUBST([LIBFUSE_CFLAGS])
254 AC_SUBST([LIBFUSE_LIBS])
255 AC_DEFINE_UNQUOTED([WITH_CUSE], 1,
256 [whether to build with CUSE interface])
ebf1557d 257
ebf1557d
SB		 258 GTHREAD_LIBS=$(pkg-config --libs gthread-2.0)
259 if test $? -ne 0; then
260 AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0")
261 fi
262 AC_SUBST([GTHREAD_LIBS])
baecda40 263fi
09d1a532
SB		 264AM_CONDITIONAL([WITH_CUSE],[test "$with_cuse" = "yes"])
265AC_MSG_RESULT($with_cuse)
f163b202 266
498433f7
SB		 267AC_MSG_CHECKING([for whether to build with chardev interface])
268case $host_os in
269linux-*)
270 with_chardev=yes
271 AC_DEFINE_UNQUOTED([WITH_CHARDEV], 1,
272 [whether to build with chardev interface])
273 ;;
274*)
275 with_chardev=no
276esac
277AM_CONDITIONAL([WITH_CHARDEV],[test "$with_chardev" = "yes"])
b7f55fd0 278AC_MSG_RESULT($with_chardev)
498433f7 279
10002933 280AC_ARG_WITH([gnutls],
b295c768 281 AS_HELP_STRING([--with-gnutls],[build with gnutls library]),
10002933
SB		 282 [],
283 [with_gnutls=check]
284)
285
e46a2b66
SB		 286if test "x$with_gnutls" != "xno"; then
287 GNUTLS_LDFLAGS=$(pkg-config --libs gnutls)
288 if test $? -ne 0; then
33be7be2 289 if test "x$with_gnutls" = "xyes"; then
e46a2b66
SB		 290 AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls")
291 else
292 with_gnutls=no
293 fi
294 fi
295fi
f163b202 296
1828edee 297if test "x$with_gnutls" != "xno"; then
e9fd0142
SB		 298 AC_PATH_PROG([GNUTLS_CERTTOOL], certtool)
299 if test "x$GNUTLS_CERTTOOL" = "x"; then
300 if test "x$with_gnutls" = "xyes"; then
301 AC_MSG_ERROR("Could not find certtool. Is gnutls-utils/gnutls-bin installed?")
302 else
303 with_gnutls=no
304 fi
305 fi
306 dnl certtool changed how it takes private key passwords
307 dnl 3.3.29 is too old (RHEL 7); we need at least gnutls 3.4.0
308 AC_MSG_CHECKING([for gnutls 3.4.0 or later])
309 $(pkg-config gnutls --atleast-version=3.4.0)
310 if test $? -ne 0; then
311 AC_MSG_ERROR([gnutls 3.4.0 is required])
312 fi
313 AC_MSG_RESULT([yes])
1828edee
SB		 314fi
315
e46a2b66 316if test "x$with_gnutls" != "xno"; then
571a8eed 317 ORIG_CFLAGS="$CFLAGS"
baecda40 318 GNUTLS_CFLAGS=$(pkg-config gnutls --cflags)
571a8eed 319 CFLAGS="$CFLAGS $GNUTLS_CFLAGS $GNUTLS_LDFLAGS"
10002933 320 AC_CHECK_LIB([gnutls], [gnutls_load_file], [
e735328e 321 GNUTLS_LIBS=$(pkg-config gnutls --libs)
baecda40 322 ],
33be7be2 323 [if test "x$with_gnutls" = "xyes"; then
e46a2b66
SB		 324 AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so])
325 else
326 with_gnutls="no"
327 fi])
571a8eed 328 CFLAGS="$ORIG_CFLAGS"
e46a2b66
SB		 329fi
330
331if test "x$with_gnutls" != "xno"; then
571a8eed
SB		 332 ORIG_CFLAGS="$CFLAGS"
333 CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
e46a2b66 334 AC_CHECK_HEADER(gnutls/abstract.h, [], \
33be7be2 335 [if test "x$with_gnutls" = "xyes"; then
e46a2b66
SB		 336 AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h])
337 else
338 with_gnutls="no"
339 fi])
571a8eed 340 CFLAGS="$ORIG_CFLAGS"
e46a2b66
SB		 341fi
342
343if test "x$with_gnutls" != "xno"; then
344 with_gnutls="yes"
345fi
33be7be2 346AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" = "xyes"])
baecda40 347AC_SUBST([GNUTLS_LIBS])
f163b202 348
df4046d0
SB		 349DEFAULT_PCR_BANKS="sha256"
350AC_ARG_ENABLE([default-pcr-banks],
351 AS_HELP_STRING(
352 [--enable-default-pcr-banks=list of PCR banks],
353 [Have swtpm_setup activate the given PCR banks by default;
354 default is sha256]
355 ),
356 [],
357 []
358)
359
360if test "x$enable_default_pcr_banks" != "x"; then
361 DEFAULT_PCR_BANKS="$enable_default_pcr_banks"
362fi
363AC_MSG_CHECKING([which PCR banks to activate by default])
9726af51
SB		 364REGEX="^(sha1|sha256|sha384|sha512)(,(sha1|sha256|sha384|sha512)){0,3}\$"
365if bash -c "[[[ $DEFAULT_PCR_BANKS =~ $REGEX ]]] && exit 0 || exit 1"; then
df4046d0
SB		 366 AC_MSG_RESULT([$DEFAULT_PCR_BANKS])
367else
368 AC_MSG_ERROR([$DEFAULT_PCR_BANKS is an invalid list of PCR banks])
369fi
370AC_SUBST([DEFAULT_PCR_BANKS])
371
48abfbb1 372AC_PATH_PROG([EXPECT], expect)
33be7be2 373if test "x$EXPECT" = "x"; then
48abfbb1
SB		 374 AC_MSG_ERROR([expect is required: expect package])
375fi
376
b080afb5 377AC_PATH_PROG([GAWK], gawk)
33be7be2 378if test "x$GAWK" = "x"; then
b080afb5
SB		 379 AC_MSG_ERROR([gawk is required: gawk package])
380fi
381
8cb126e4 382AC_PATH_PROG([SOCAT], socat)
33be7be2 383if test "x$SOCAT" = "x"; then
8cb126e4
SB		 384 AC_MSG_ERROR([socat is required: socat package])
385fi
386
cc410ca9
SB		 387AC_PATH_PROG([BASE64], base64)
388if test "x$BASE64" = "x"; then
389 AC_MSG_ERROR([base64 is required: base64 package])
dbb399de
SB		 390fi
391
cc410ca9
SB		 392AC_PATH_PROG([CP], cp)
393if test "x$CP" = "x"; then
394 AC_MSG_ERROR([cp is required])
395fi
396
397AM_PATH_PYTHON([3.3])
398
5eeea357
SB		 399AC_ARG_ENABLE([hardening],
400 AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
a76b4eeb 401
5eeea357 402if test "x$enable_hardening" != "xno"; then
8a05e8fd
SB		 403 # Some versions of gcc fail with -Wstack-protector,
404 # some with -Wstack-protector-strong enabled
405 if ! $CC -fstack-protector-strong -Wstack-protector $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
406 if $CC -fstack-protector -Wstack-protector $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
407 HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
408 fi
5eeea357 409 else
5e73e324 410 HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector"
5eeea357
SB		 411 fi
412
413 dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2
414 TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')"
415 TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')"
502cb112 416 if test -z "$TMP1" && test -n "$TMP2"; then
5e73e324 417 HARDENING_CFLAGS="$HARDENING_CFLAGS -D_FORTIFY_SOURCE=2"
5eeea357 418 fi
b381e1eb
SB		 419 dnl Check linker for 'relro' and 'now'
420 save_CFLAGS="$CFLAGS"
421 CFLAGS="-Wl,-z,relro -Werror"
422 AC_MSG_CHECKING([whether linker supports -Wl,-z,relro])
2ba23cee 423 AC_LINK_IFELSE(
b381e1eb 424 [AC_LANG_SOURCE([[int main() { return 0; }]])],
0586d2f5 425 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,relro"
b381e1eb
SB		 426 AC_MSG_RESULT(yes)],
427 [AC_MSG_RESULT(no)]
428 )
429 CFLAGS="-Wl,-z,now -Werror"
430 AC_MSG_CHECKING([whether linker supports -Wl,-z,now])
2ba23cee 431 AC_LINK_IFELSE(
b381e1eb 432 [AC_LANG_SOURCE([[int main() { return 0; }]])],
0586d2f5 433 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,now"
b381e1eb
SB		 434 AC_MSG_RESULT(yes)],
435 [AC_MSG_RESULT(no)]
436 )
437 CFLAGS="$save_CFLAGS"
5eeea357 438 AC_SUBST([HARDENING_CFLAGS])
0586d2f5 439 AC_SUBST([HARDENING_LDFLAGS])
a76b4eeb 440fi
e6085e96 441
b8421f3d
SB		 442AC_ARG_ENABLE([test-coverage],
443 AS_HELP_STRING([--enable-test-coverage], [Enable test coverage flags]))
444
445if test "x$enable_test_coverage" = "xyes"; then
446 COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage"
447 COVERAGE_LDFLAGS="-fprofile-arcs"
448fi
449
0b9c2a05
ET		 450AC_ARG_ENABLE([sanitizers],
451 AS_HELP_STRING([--enable-sanitizers], [Enable address/undefined sanitizers]))
452
453if test "x$enable_sanitizers" = "xyes"; then
454 save_CFLAGS="$CFLAGS"
455 CFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
456 AC_MSG_CHECKING([whether linker supports sanitizer])
457 AC_LINK_IFELSE(
458 [AC_LANG_SOURCE([[int main() { return 0; }]])],
459 [SANITIZER_CFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
460 SANITIZER_LDFLAGS="-fsanitize=address,undefined"
461 AC_MSG_RESULT(yes)],
462 [AC_MSG_RESULT(no)]
463 )
464 CFLAGS="$save_CFLAGS"
465fi
466
c4ac0a11 467AC_ARG_WITH([tss-user],
b295c768 468 AS_HELP_STRING([--with-tss-user=TSS_USER],[The tss user to use]),
c4ac0a11
SB		 469 [TSS_USER="$withval"],
470 [TSS_USER="tss"]
471)
472
473AC_ARG_WITH([tss-group],
b295c768 474 AS_HELP_STRING([--with-tss-group=TSS_GROUP],[The tss group to use]),
c4ac0a11
SB		 475 [TSS_GROUP="$withval"],
476 [TSS_GROUP="tss"]
477)
aa88eebe
SB		 478
479case $have_tcsd in
480yes)
481 AC_MSG_CHECKING([whether TSS_USER $TSS_USER is available])
482 if ! test $(id -u $TSS_USER); then
483 AC_MSG_ERROR(["$TSS_USER is not available"])
484 else
485 AC_MSG_RESULT([yes])
486 fi
487 AC_MSG_CHECKING([whether TSS_GROUP $TSS_GROUP is available])
488 if ! test $(id -g $TSS_GROUP); then
489 AC_MSG_ERROR(["$TSS_GROUP is not available"])
490 else
491 AC_MSG_RESULT([yes])
492 fi
493 ;;
494esac
495
c4ac0a11
SB		 496AC_SUBST([TSS_USER])
497AC_SUBST([TSS_GROUP])
498
f163b202
SB		 499CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum"
500CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror"
e6085e96 501CFLAGS="$CFLAGS -Wformat -Wformat-security"
0b9c2a05 502CFLAGS="$CFLAGS $GNUTLS_CFLAGS $COVERAGE_CFLAGS $SANITIZER_CFLAGS"
b8421f3d 503
0b9c2a05 504LDFLAGS="$LDFLAGS $COVERAGE_LDFLAGS $SANITIZER_LDFLAGS"
f163b202 505
f2458ef7
SB		 506dnl Simulate the following for systems with pkg-config < 0.28:
507dnl PKG_CHECK_VAR([libtpms_cryptolib], [libtpms], [cryptolib],
508dnl [], AC_MSG_ERROR([Could not determine libtpms crypto library.]))
509PKG_PROG_PKG_CONFIG
510
511AC_MSG_CHECKING([Checking the crypto library libtpms is linked to])
512libtpms_cryptolib=`$PKG_CONFIG --variable cryptolib libtpms`
33be7be2 513if test "x$libtpms_cryptolib" = "x"; then
b4374c33
JB		 514 AC_MSG_WARN([Could not determine the crypto library libtpms is using, assuming ${cryptolib}])
515 libtpms_cryptolib=${cryptolib}
f2458ef7
SB		 516fi
517AC_MSG_RESULT($libtpms_cryptolib)
86cc4527
SB		 518
519if test "$libtpms_cryptolib" != "$cryptolib"; then
520 echo "libtpms is using $libtpms_cryptolib; we have to use the same"
33be7be2 521 if test "$cryptolib" = "openssl"; then
86cc4527
SB		 522 AC_MSG_ERROR([do not use --with-openssl])
523 else
524 AC_MSG_ERROR([use --with-openssl])
525 fi
526fi
527
c751e32e
SB		 528with_vtpm_proxy=no
529case $host_os in
f071d820 530linux-*)
c751e32e
SB		 531 with_vtpm_proxy=yes
532 AC_DEFINE_UNQUOTED([WITH_VTPM_PROXY], 1,
533 [whether to build in vTPM proxy support (Linux only)])
534esac
535
6286beac
SB		 536case $host_os in
537cygwin)
538 CFLAGS="$CFLAGS -D__USE_LINUX_IOCTL_DEFS"
539esac
540
761df6cd
SB		 541dnl Seccomp profile using -lseccomp (Linux only)
542case $host_os in
543linux-*)
544 with_seccomp_default=yes
545 ;;
546*)
547 with_seccomp_default=no
548 ;;
549esac
550
551AC_MSG_CHECKING([for whether to build with seccomp profile])
552AC_ARG_WITH([seccomp],
b295c768 553 AS_HELP_STRING([--with-seccomp],[build with seccomp profile]),
0232f78f 554 AC_MSG_RESULT([$with_seccomp]),
761df6cd 555 [with_seccomp=$with_seccomp_default]
0232f78f 556 AC_MSG_RESULT([$with_seccomp])
761df6cd
SB		 557)
558
559if test "$with_seccomp" != "no"; then
560 LIBSECCOMP_CFLAGS=$(pkg-config libseccomp --cflags 2>/dev/null)
561 if test $? -ne 0; then
562 AC_MSG_ERROR("Is libseccomp-devel installed? -- could not get cflags for libseccomp")
563 else
564 with_libseccomp=yes
565 fi
566 LIBSECCOMP_LIBS=$(pkg-config --libs libseccomp)
567 AC_SUBST([LIBSECCOMP_LIBS])
568 AC_SUBST([LIBSECCOMP_CFLAGS])
569 AC_DEFINE_UNQUOTED([WITH_SECCOMP], 1,
570 [whether to build in seccomp profile (Linux only)])
571fi
572
da733896
SB		 573MY_CFLAGS="$CFLAGS"
574MY_LDFLAGS="$LDFLAGS"
575AC_SUBST([MY_CFLAGS])
576AC_SUBST([MY_LDFLAGS])
cbaf04b4 577
44b92d43
SB		 578AC_CONFIG_FILES([Makefile \
579 debian/swtpm-tools.postinst \
4608cc33 580 swtpm.spec \
e46a2b66 581 samples/Makefile \
d16b86b7 582 samples/swtpm-localca.conf \
a12b09b1 583 samples/swtpm-create-user-config-files \
edfb8d8a 584 samples/swtpm_setup.conf \
f163b202
SB		 585 include/Makefile \
586 include/swtpm/Makefile \
a1fa5d77 587 include/swtpm.h \
f163b202
SB		 588 src/Makefile \
589 src/selinux/Makefile \
590 src/swtpm/Makefile \
e46a2b66
SB		 591 src/swtpm_bios/Makefile \
592 src/swtpm_cert/Makefile \
593 src/swtpm_ioctl/Makefile \
ddc75216
NC		 594 src/swtpm_localca/Makefile \
595 src/swtpm_localca/swtpm_localca_conf.h \
e46a2b66 596 src/swtpm_setup/Makefile \
c125e34b
SB		 597 src/swtpm_setup/swtpm_setup_conf.h \
598 src/utils/Makefile \
f163b202 599 man/Makefile \
39d0c3de 600 man/man3/Makefile \
33aa1355 601 man/man5/Makefile \
f163b202 602 man/man8/Makefile \
e46a2b66 603 tests/Makefile \
c4ac0a11 604 tests/test_config \
10002933 605 ])
fd00c5ff
SB		 606AC_CONFIG_FILES([samples/swtpm-localca],
607 [chmod 755 samples/swtpm-localca])
f163b202
SB		 608AC_OUTPUT
609
e46a2b66 610echo
c3fdf688 611printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls
040c7097 612printf "with_selinux : %5s (no = SELinux policy extensions will NOT be built)\n" $with_selinux
c3fdf688 613printf "with_cuse : %5s (no = no CUSE interface)\n" $with_cuse
498433f7 614printf "with_chardev : %5s (no = no chardev interface)\n" $with_chardev
c751e32e 615printf "with_vtpm_proxy : %5s (no = no vtpm proxy support; Linux only)\n" $with_vtpm_proxy
761df6cd 616printf "with_seccomp : %5s (no = no seccomp profile; Linux only)\n" $with_seccomp
df4046d0
SB		 617printf "\n"
618printf "active PCR banks : %s\n" $DEFAULT_PCR_BANKS
e46a2b66 619echo
040c7097
SB		 620echo "Version to build : $PACKAGE_VERSION"
621echo "Crypto library : $cryptolib"
10002933 622echo
da733896 623echo " MY_CFLAGS = $MY_CFLAGS"
b5701034
SB		 624echo " HARDENING_CFLAGS = $HARDENING_CFLAGS"
625echo "HARDENING_LDFLAGS = $HARDENING_LDFLAGS"
da733896 626echo " MY_LDFLAGS = $MY_LDFLAGS"
b5701034
SB		 627echo " LIBSECCOMP_LIBS = $LIBSECCOMP_LIBS"
628echo " JSON_GLIB_CFLAGS = $JSON_GLIB_CFLAGS"
629echo " JSON_GLIB_LIBS = $JSON_GLIB_LIBS"
630echo " GLIB_CFLAGS = $GLIB_CFLAGS"
631echo " GLIB_LIBS = $GLIB_LIBS"
e735328e 632echo " GNUTLS_LIBS = $GNUTLS_LIBS"
c4ac0a11
SB		 633echo
634echo "TSS_USER=$TSS_USER"
635echo "TSS_GROUP=$TSS_GROUP"
636echo
Software TPM used for PVE's Virtual Machines