]> git.proxmox.com Git - libtpms.git/blob - configure.ac
projects / libtpms.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bump up the revision of the library for next version to 0.9.0
[libtpms.git] / configure.ac
1 #
2 # configure.in
3 #
4 # See the LICENSE file for the license associated with this file.
5
6 AC_INIT([libtpms], [0.9.0])
7 AC_PREREQ(2.12)
8 AC_CONFIG_SRCDIR(Makefile.am)
9 AC_CONFIG_AUX_DIR([.])
10 AM_CONFIG_HEADER(config.h)
11
12 AC_CONFIG_MACRO_DIR([m4])
13 AC_CANONICAL_TARGET
14 AM_INIT_AUTOMAKE([foreign 1.6 subdir-objects])
15 AM_SILENT_RULES([yes])
16
17 LIBTPMS_VER_MAJOR=`echo $PACKAGE_VERSION | awk -F. '{print $1}'`
18 LIBTPMS_VER_MINOR=`echo $PACKAGE_VERSION | awk -F. '{print $2}'`
19 LIBTPMS_VER_MICRO=`echo $PACKAGE_VERSION | awk -F. '{print $3}'`
20 LIBTPMS_VERSION=$PACKAGE_VERSION
21 LIBTPMS_VERSION_INFO=`expr $LIBTPMS_VER_MAJOR + $LIBTPMS_VER_MINOR`:$LIBTPMS_VER_MICRO:$LIBTPMS_VER_MINOR
22
23 AC_SUBST([LIBTPMS_VER_MAJOR])
24 AC_SUBST([LIBTPMS_VER_MINOR])
25 AC_SUBST([LIBTPMS_VER_MICRO])
26 AC_SUBST([LIBTPMS_VERSION])
27 AC_SUBST([LIBTPMS_VERSION_INFO])
28
29 DEBUG=""
30 AC_MSG_CHECKING([for debug-enabled build])
31 AC_ARG_ENABLE(debug, AC_HELP_STRING([--enable-debug], [create a debug build]),
32 [if test "$enableval" = "yes"; then
33 DEBUG="yes"
34 AC_MSG_RESULT([yes])
35 else
36 DEBUG="no"
37 AC_MSG_RESULT([no])
38 fi],
39 [DEBUG="no",
40 AC_MSG_RESULT([no])])
41
42 if test "$DEBUG" = "yes"; then
43 CFLAGS="$CFLAGS -O0 -g -DDEBUG"
44 fi
45
46 debug_defines=
47 if test "$DEBUG" = "yes"; then
48 debug_defines="-DTPM_DEBUG"
49 # Enable the following only if ABSOLUTELY necessary
50 # volatile state will be written and behavior changes
51 #"-DTPM_VOLATILE_STORE"
52 fi
53 AC_SUBST(DEBUG_DEFINES, $debug_defines)
54
55 # AX_CHECK_LINK_FLAG needs autoconf 2.64 or later
56 have_version_script="no"
57 m4_if(
58 m4_version_compare(
59 m4_defn([AC_AUTOCONF_VERSION]),
60 [2.64]),
61 -1,
62 [],
63 [AX_CHECK_LINK_FLAG([-Wl,--version-script=$srcdir/src/test.syms],
64 [have_version_script="yes"],
65 [])]
66 )
67
68 AM_CONDITIONAL([HAVE_VERSION_SCRIPT], [test "x$have_version_script" = "xyes"])
69
70
71 AC_ARG_WITH([tpm2],
72 AC_HELP_STRING([--with-tpm2],
73 [build libtpms with TPM2 support]),
74 [],
75 [with_tpm2=yes]
76 )
77 AS_IF([test "x$with_tpm2" = xyes], [
78 AC_MSG_RESULT([Building with TPM2 support])
79 AC_DEFINE_UNQUOTED([WITH_TPM2], 1, [whether to support TPM2])
80 AM_CONDITIONAL(WITH_TPM2, true)
81 cryptolib=openssl
82 ], [
83 AM_CONDITIONAL(WITH_TPM2, false)
84 cryptolib=freebl
85 ])
86
87 AC_SUBST(cryptolib, $cryptolib)
88
89 AC_ARG_WITH([openssl],
90 AC_HELP_STRING([--with-openssl],
91 [build libtpms with openssl library]),
92 [AC_CHECK_LIB(crypto,
93 [AES_set_encrypt_key],
94 [],
95 AC_MSG_ERROR(Faulty openssl crypto library))
96 AC_CHECK_HEADERS([openssl/aes.h],[],
97 AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?))
98 AC_MSG_RESULT([Building with openssl crypto library])
99 cryptolib=openssl
100 ]
101 )
102
103 case "$cryptolib" in
104 freebl)
105 AM_CONDITIONAL(LIBTPMS_USE_FREEBL, true)
106 AM_CONDITIONAL(LIBTPMS_USE_OPENSSL, false)
107 AC_DEFINE([USE_FREEBL_CRYPTO_LIBRARY],
108 [1],
109 [use freebl crypto library])
110
111 CFLAGS_save=$CFLAGS
112
113 AC_CHECK_HEADERS([gmp.h],[],
114 AC_MSG_ERROR(gmp-devel/libgmp-dev is bad))
115
116 CFLAGS="$(nspr-config --cflags)"
117 if test $? -ne 0; then
118 AC_MSG_ERROR(Could not find nspr-config. Is nspr-devel/libnspr4-dev installed?)
119 fi
120 CPPFLAGS=$CFLAGS
121 AC_CHECK_HEADERS([plbase64.h],[],
122 AC_MSG_ERROR(You must install nspr-devel/libnspr4-dev))
123
124 CFLAGS="$(nss-config --cflags) $CFLAGS"
125 if test $? -ne 0; then
126 AC_MSG_ERROR(Could not find nss-config. Is nss-devel/libnss3-dev installed?)
127 fi
128 CPPFLAGS="$CPPFLAGS $CFLAGS"
129 AC_CHECK_HEADERS([sslerr.h],[],
130 AC_MSG_ERROR(nss-devel/libnss3-dev is bad))
131
132 # Check for missing headers
133 AC_CHECK_HEADERS([blapi.h],[],
134 AC_MSG_ERROR(nss-softokn-freebl-devel/libnss3-dev is missing blapi.h))
135 # Check for missing freebl library or missing library functions
136 LIBS_save="$LIBS"
137 LIBS="$(nss-config --libs) $(nspr-config --libs)"
138 AC_SEARCH_LIBS([AES_CreateContext], [freebl],[],
139 AC_MSG_ERROR("Could not find AES_CreateContext(). Is nss-softokn-freebl-devel/libnss3-dev installed?"),
140 [])
141 LIBS="$LIBS_save"
142 CFLAGS="$CFLAGS_save $CFLAGS"
143 enable_use_openssl_functions=no
144 ;;
145 openssl)
146 AM_CONDITIONAL(LIBTPMS_USE_FREEBL, false)
147 AM_CONDITIONAL(LIBTPMS_USE_OPENSSL, true)
148 AC_DEFINE([USE_OPENSSL_CRYPTO_LIBRARY],
149 [1],
150 [use openssl crypto library])
151 ;;
152 esac
153
154 use_openssl_functions_for=""
155 use_openssl_functions_symmetric=0
156 use_openssl_functions_ec=0
157 use_openssl_functions_ecdsa=0
158 use_openssl_functions_rsa=0
159 AC_ARG_ENABLE(use-openssl-functions,
160 AS_HELP_STRING([--disable-use-openssl-functions],
161 [Use TPM 2 crypot code rather than OpenSSL crypto functions]),
162 )
163 AS_IF([test "x$enable_use_openssl_functions" != "xno"], [
164 if test "x$cryptolib" != "xopenssl"; then
165 AC_MSG_ERROR([OpenSSL crypto function usage requires openssl as crypto library])
166 fi
167 LIBS_save=$LIBS
168 # Check for symmetric key crypto functions
169 not_found=0
170 AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_new],, not_found=1)
171 AC_CHECK_LIB([crypto], [EVP_EncryptInit_ex],, not_found=1)
172 AC_CHECK_LIB([crypto], [EVP_aes_128_cbc],, not_found=1)
173 AC_CHECK_LIB([crypto], [EVP_des_ede3_cbc],, not_found=1)
174 AC_CHECK_LIB([crypto], [EVP_camellia_128_cbc],, not_found=1)
175 AC_CHECK_LIB([crypto], [DES_random_key],, not_found=1)
176 if test "x$not_found" = "x0"; then
177 use_openssl_functions_symmetric=1
178 use_openssl_functions_for="symmetric (AES, TDES) "
179 fi
180 # Check for EC crypto support
181 not_found=0
182 AC_CHECK_LIB([crypto], [EC_KEY_set_group],, not_found=1)
183 AC_CHECK_LIB([crypto], [EC_KEY_generate_key],, not_found=1)
184 AC_CHECK_LIB([crypto], [EC_KEY_get0_private_key],, not_found=1)
185 if test "x$not_found" = "x0"; then
186 use_openssl_functions_ec=1
187 use_openssl_functions_for="${use_openssl_functions_for}general elliptic curve (EC) "
188 fi
189 # Check for ECDSA crypto support
190 not_found=0
191 AC_CHECK_LIB([crypto], [ECDSA_SIG_new],, not_found=1)
192 AC_CHECK_LIB([crypto], [ECDSA_SIG_set0],, not_found=1)
193 AC_CHECK_LIB([crypto], [ECDSA_do_verify],, not_found=1)
194 AC_CHECK_LIB([crypto], [ECDSA_do_sign],, not_found=1)
195 AC_CHECK_LIB([crypto], [EC_KEY_set_group],, not_found=1)
196 if test "x$not_found" = "x0"; then
197 use_openssl_functions_ecdsa=1
198 use_openssl_functions_for="${use_openssl_functions_for}elliptic curve (ECDSA) "
199 fi
200 # Check for RSA crypto functions
201 not_found=0
202 AC_CHECK_LIB([crypto], [RSA_set0_key],, not_found=1)
203 AC_CHECK_LIB([crypto], [RSA_set0_factors],, not_found=1)
204 AC_CHECK_LIB([crypto], [RSA_set0_crt_params],, not_found=1)
205 AC_CHECK_LIB([crypto], [RSA_generate_key_ex],, not_found=1)
206 AC_CHECK_LIB([crypto], [EVP_PKEY_CTX_new],, not_found=1)
207 AC_CHECK_LIB([crypto], [EVP_PKEY_assign],, not_found=1)
208 AC_CHECK_LIB([crypto], [EVP_PKEY_encrypt_init],, not_found=1)
209 AC_CHECK_LIB([crypto], [EVP_PKEY_encrypt],, not_found=1)
210 AC_CHECK_LIB([crypto], [EVP_PKEY_decrypt_init],, not_found=1)
211 AC_CHECK_LIB([crypto], [EVP_PKEY_decrypt],, not_found=1)
212 AC_CHECK_LIB([crypto], [EVP_PKEY_sign_init],, not_found=1)
213 AC_CHECK_LIB([crypto], [EVP_PKEY_sign],, not_found=1)
214 AC_CHECK_LIB([crypto], [EVP_PKEY_verify_init],, not_found=1)
215 AC_CHECK_LIB([crypto], [EVP_PKEY_verify],, not_found=1)
216 AC_CHECK_LIB([crypto], [EVP_get_digestbyname],, not_found=1)
217 AX_CHECK_DEFINE([<openssl/rsa.h>], [EVP_PKEY_CTX_set0_rsa_oaep_label],, not_found=1)
218 AX_CHECK_DEFINE([<openssl/rsa.h>], [EVP_PKEY_CTX_set_rsa_padding],, not_found=1)
219 AX_CHECK_DEFINE([<openssl/rsa.h>], [EVP_PKEY_CTX_set_rsa_oaep_md],, not_found=1)
220 AX_CHECK_DEFINE([<openssl/evp.h>], [EVP_PKEY_CTX_set_signature_md],, not_found=1)
221 if test "x$not_found" = "x0"; then
222 use_openssl_functions_rsa=1
223 use_openssl_functions_for="${use_openssl_functions_for}RSA "
224 fi
225 LIBS=$LIBS_save
226 ])
227 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=$use_openssl_functions_symmetric"
228 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_EC=$use_openssl_functions_ec"
229 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_ECDSA=$use_openssl_functions_ecdsa"
230 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_RSA=$use_openssl_functions_rsa"
231
232 AC_ARG_ENABLE([sanitizers], AS_HELP_STRING([--enable-sanitizers], [Enable address sanitizing]),
233 [SANITIZERS="-fsanitize=address,undefined"], [])
234 AC_ARG_ENABLE([fuzzer], AS_HELP_STRING([--enable-fuzzer], [Enable fuzzer]),
235 [FUZZER="$SANITIZERS -fsanitize=fuzzer"
236 AM_CONDITIONAL(WITH_FUZZER, true)],
237 [AM_CONDITIONAL(WITH_FUZZER, false)])
238 AC_SUBST([SANITIZERS])
239 AC_SUBST([FUZZER])
240
241 AM_CONDITIONAL([WITH_FUZZING_ENGINE], [test "x$LIB_FUZZING_ENGINE" != "x"])
242 AC_SUBST([LIB_FUZZING_ENGINE])
243
244 AC_ARG_ENABLE([test-coverage],
245 AS_HELP_STRING([--enable-test-coverage], [Enable test coverage flags]),
246 [COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage" COVERAGE_LDFLAGS="-fprofile-arcs"])
247
248 LT_INIT
249 AC_PROG_CC
250 AC_PROG_CXX
251 AC_PROG_INSTALL
252 AC_PROG_LIBTOOL
253
254 #AM_GNU_GETTEXT_VERSION([0.15])
255 #AM_GNU_GETTEXT([external])
256
257 AC_HEADER_STDC
258 AC_C_CONST
259 AC_C_INLINE
260
261 AC_TYPE_SIZE_T
262
263 AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt")
264 AC_SUBST([LIBRT_LIBS])
265
266 AC_ARG_ENABLE([hardening],
267 AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
268
269 if test "x$enable_hardening" != "xno"; then
270 # Some versions of gcc fail with -Wstack-protector enabled
271 TMP="$($CC -fstack-protector-strong $srcdir/include/libtpms/tpm_error.h 2>&1)"
272 if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then
273 HARDENING_CFLAGS="-fstack-protector "
274 else
275 HARDENING_CFLAGS="-fstack-protector-strong "
276 fi
277
278 dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2
279 TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')"
280 TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')"
281 if test -z "$TMP1" && test -n "$TPM2"; then
282 HARDENING_CFLAGS="$HARDENING_CFLAGS -D_FORTIFY_SOURCE=2 "
283 fi
284 dnl Check linker for 'relro' and 'now'
285 save_CFLAGS="$CFLAGS"
286 CFLAGS="-Wl,-z,relro -Werror"
287 AC_MSG_CHECKING([whether linker supports -Wl,-z,relro])
288 AC_LINK_IFELSE(
289 [AC_LANG_SOURCE([[int main() { return 0; }]])],
290 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,relro"
291 AC_MSG_RESULT(yes)],
292 [AC_MSG_RESULT(no)]
293 )
294 CFLAGS="-Wl,-z,now -Werror"
295 AC_MSG_CHECKING([whether linker supports -Wl,-z,now])
296 AC_LINK_IFELSE(
297 [AC_LANG_SOURCE([[int main() { return 0; }]])],
298 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,now"
299 AC_MSG_RESULT(yes)],
300 [AC_MSG_RESULT(no)]
301 )
302 CFLAGS="$save_CFLAGS"
303 AC_SUBST([HARDENING_CFLAGS])
304 AC_SUBST([HARDENING_LDFLAGS])
305 fi
306
307 CFLAGS="$CFLAGS $COVERAGE_CFLAGS -Wall -Werror -Wreturn-type -Wsign-compare -Wno-self-assign"
308 CFLAGS="$CFLAGS -Wmissing-prototypes"
309 LDFLAGS="$LDFLAGS $COVERAGE_LDFLAGS"
310
311 AC_CONFIG_FILES(Makefile \
312 dist/libtpms.spec \
313 include/Makefile \
314 include/libtpms/Makefile \
315 include/libtpms/tpm_library.h \
316 man/Makefile \
317 man/man3/Makefile \
318 src/Makefile \
319 libtpms.pc \
320 tests/Makefile)
321 PKG_INSTALLDIR()
322 AC_OUTPUT
323
324 if test -z "$enable_debug" ; then
325 enable_debug="no"
326 fi
327 if test -z "$with_tpm2"; then
328 with_tpm2=no
329 fi
330
331 echo
332 echo "CFLAGS=$CFLAGS"
333 echo "HARDENING_CFLAGS=$HARDENING_CFLAGS"
334 echo "HARDENING_LDFLAGS=$HARDENING_LDFLAGS"
335 echo "LDFLAGS=$LDFLAGS"
336 echo
337 echo "Version to build : $PACKAGE_VERSION"
338 echo "Crypto library : $cryptolib"
339 echo "Debug build : $enable_debug"
340 echo "With TPM2 support : $with_tpm2"
341 echo "HAVE_VERSION_SCRIPT : $have_version_script"
342 echo "Use openssl crypto for : $use_openssl_functions_for"
343 echo
344 echo
Software TPM Library