]> git.proxmox.com Git - libtpms.git/blob - configure.ac
projects / libtpms.git / blob
? search:


ea76130e4db5c098d2c929c73bbe2976c1df6ad9
[libtpms.git] / configure.ac
1 #
2 # configure.in
3 #
4 # See the LICENSE file for the license associated with this file.
5
6 AC_INIT([libtpms],[0.9.2])
7 AC_PREREQ([2.69])
8 AC_CONFIG_SRCDIR(Makefile.am)
9 AC_CONFIG_AUX_DIR([.])
10 AC_CONFIG_HEADERS([config.h])
11
12 AC_CONFIG_MACRO_DIR([m4])
13 AC_CANONICAL_TARGET
14 AM_INIT_AUTOMAKE([foreign 1.6 subdir-objects])
15 AM_SILENT_RULES([yes])
16
17 LIBTPMS_VER_MAJOR=`echo $PACKAGE_VERSION | awk -F. '{print $1}'`
18 LIBTPMS_VER_MINOR=`echo $PACKAGE_VERSION | awk -F. '{print $2}'`
19 LIBTPMS_VER_MICRO=`echo $PACKAGE_VERSION | awk -F. '{print $3}'`
20 LIBTPMS_VERSION=$PACKAGE_VERSION
21 LIBTPMS_VERSION_INFO=`expr $LIBTPMS_VER_MAJOR + $LIBTPMS_VER_MINOR`:$LIBTPMS_VER_MICRO:$LIBTPMS_VER_MINOR
22
23 AC_SUBST([LIBTPMS_VER_MAJOR])
24 AC_SUBST([LIBTPMS_VER_MINOR])
25 AC_SUBST([LIBTPMS_VER_MICRO])
26 AC_SUBST([LIBTPMS_VERSION])
27 AC_SUBST([LIBTPMS_VERSION_INFO])
28
29 DEBUG=""
30 AC_MSG_CHECKING([for debug-enabled build])
31 AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug],[create a debug build]),
32 [if test "$enableval" = "yes"; then
33 DEBUG="yes"
34 AC_MSG_RESULT([yes])
35 else
36 DEBUG="no"
37 AC_MSG_RESULT([no])
38 fi],
39 [DEBUG="no",
40 AC_MSG_RESULT([no])])
41
42 if test "$DEBUG" = "yes"; then
43 CFLAGS="$CFLAGS -O0 -g -DDEBUG"
44 fi
45
46 debug_defines=
47 if test "$DEBUG" = "yes"; then
48 debug_defines="-DTPM_DEBUG"
49 # Enable the following only if ABSOLUTELY necessary
50 # volatile state will be written and behavior changes
51 #"-DTPM_VOLATILE_STORE"
52 fi
53 AC_SUBST(DEBUG_DEFINES, $debug_defines)
54
55 # AX_CHECK_LINK_FLAG needs autoconf 2.64 or later
56 have_version_script="no"
57 m4_if(
58 m4_version_compare(
59 m4_defn([AC_AUTOCONF_VERSION]),
60 [2.64]),
61 -1,
62 [],
63 [AX_CHECK_LINK_FLAG([-Wl,--version-script=$srcdir/src/test.syms],
64 [have_version_script="yes"],
65 [])]
66 )
67
68 AM_CONDITIONAL([HAVE_VERSION_SCRIPT], [test "x$have_version_script" = "xyes"])
69
70 AC_ARG_WITH([tpm1],
71 AS_HELP_STRING([--with-tpm1], [build libtpms with TPM 1.2 support]), [], [with_tpm1=yes])
72 AM_CONDITIONAL([WITH_TPM1], [test "x$with_tpm1" != "xno"])
73 AS_IF([test "x$with_tpm1" != "xno"], [
74 AC_DEFINE([WITH_TPM1], [1], [With TPM 1.2 support])
75 AC_SUBST([WITH_TPM1], [1])
76 ])
77
78 AC_ARG_WITH([tpm2],
79 AS_HELP_STRING([--with-tpm2],[build libtpms with TPM2 support]),
80 [],
81 [with_tpm2=yes]
82 )
83 AS_IF([test "x$with_tpm2" = xyes], [
84 AC_MSG_RESULT([Building with TPM2 support])
85 AC_DEFINE_UNQUOTED([WITH_TPM2], 1, [whether to support TPM2])
86 AC_SUBST([WITH_TPM2], [1])
87 AM_CONDITIONAL(WITH_TPM2, true)
88 cryptolib=openssl
89 ], [
90 AM_CONDITIONAL(WITH_TPM2, false)
91 cryptolib=freebl
92 ])
93
94 AC_SUBST(cryptolib, $cryptolib)
95
96 AC_ARG_WITH([openssl],
97 AS_HELP_STRING([--with-openssl],[build libtpms with openssl library]),
98 [AC_CHECK_LIB(crypto,
99 [AES_set_encrypt_key],
100 [],
101 AC_MSG_ERROR(Faulty openssl crypto library))
102 AC_CHECK_HEADERS([openssl/aes.h],[],
103 AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?))
104 AC_MSG_RESULT([Building with openssl crypto library])
105 cryptolib=openssl
106 ]
107 )
108
109 case "$cryptolib" in
110 freebl)
111 AM_CONDITIONAL(LIBTPMS_USE_FREEBL, true)
112 AM_CONDITIONAL(LIBTPMS_USE_OPENSSL, false)
113 AC_DEFINE([USE_FREEBL_CRYPTO_LIBRARY],
114 [1],
115 [use freebl crypto library])
116
117 CFLAGS_save=$CFLAGS
118
119 AC_CHECK_HEADERS([gmp.h],[],
120 AC_MSG_ERROR(gmp-devel/libgmp-dev is bad))
121
122 CFLAGS="$(nspr-config --cflags)"
123 if test $? -ne 0; then
124 AC_MSG_ERROR(Could not find nspr-config. Is nspr-devel/libnspr4-dev installed?)
125 fi
126 CPPFLAGS=$CFLAGS
127 AC_CHECK_HEADERS([plbase64.h],[],
128 AC_MSG_ERROR(You must install nspr-devel/libnspr4-dev))
129
130 CFLAGS="$(nss-config --cflags) $CFLAGS"
131 if test $? -ne 0; then
132 AC_MSG_ERROR(Could not find nss-config. Is nss-devel/libnss3-dev installed?)
133 fi
134 CPPFLAGS="$CPPFLAGS $CFLAGS"
135 AC_CHECK_HEADERS([sslerr.h],[],
136 AC_MSG_ERROR(nss-devel/libnss3-dev is bad))
137
138 # Check for missing headers
139 AC_CHECK_HEADERS([blapi.h],[],
140 AC_MSG_ERROR(nss-softokn-freebl-devel/libnss3-dev is missing blapi.h))
141 # Check for missing freebl library or missing library functions
142 LIBS_save="$LIBS"
143 LIBS="$(nss-config --libs) $(nspr-config --libs)"
144 AC_SEARCH_LIBS([AES_CreateContext], [freebl],[],
145 AC_MSG_ERROR("Could not find AES_CreateContext(). Is nss-softokn-freebl-devel/libnss3-dev installed?"),
146 [])
147 LIBS="$LIBS_save"
148 CFLAGS="$CFLAGS_save $CFLAGS"
149 enable_use_openssl_functions=no
150 ;;
151 openssl)
152 AM_CONDITIONAL(LIBTPMS_USE_FREEBL, false)
153 AM_CONDITIONAL(LIBTPMS_USE_OPENSSL, true)
154 AC_DEFINE([USE_OPENSSL_CRYPTO_LIBRARY],
155 [1],
156 [use openssl crypto library])
157 LIBCRYPTO_EXTRA_CFLAGS="-DOPENSSL_SUPPRESS_DEPRECATED"
158 AC_SUBST([LIBCRYPTO_EXTRA_CFLAGS])
159 ;;
160 esac
161
162 use_openssl_functions_for=""
163 use_openssl_functions_symmetric=0
164 use_openssl_functions_ec=0
165 use_openssl_functions_ecdsa=0
166 use_openssl_functions_rsa=0
167 AC_ARG_ENABLE(use-openssl-functions,
168 AS_HELP_STRING([--disable-use-openssl-functions],
169 [Use TPM 2 crypot code rather than OpenSSL crypto functions]),
170 )
171 AS_IF([test "x$enable_use_openssl_functions" != "xno"], [
172 if test "x$cryptolib" != "xopenssl"; then
173 AC_MSG_ERROR([OpenSSL crypto function usage requires openssl as crypto library])
174 fi
175 LIBS_save=$LIBS
176 # Check for symmetric key crypto functions
177 not_found=0
178 AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_new],, not_found=1)
179 AC_CHECK_LIB([crypto], [EVP_EncryptInit_ex],, not_found=1)
180 AC_CHECK_LIB([crypto], [EVP_aes_128_cbc],, not_found=1)
181 AC_CHECK_LIB([crypto], [EVP_des_ede3_cbc],, not_found=1)
182 AC_CHECK_LIB([crypto], [EVP_camellia_128_cbc],, not_found=1)
183 AC_CHECK_LIB([crypto], [DES_random_key],, not_found=1)
184 AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_iv],, not_found=1)
185 if test "x$not_found" = "x0"; then
186 use_openssl_functions_symmetric=1
187 use_openssl_functions_for="symmetric (AES, TDES) "
188 fi
189 # Check for EC crypto support
190 not_found=0
191 AC_CHECK_LIB([crypto], [EC_KEY_set_group],, not_found=1)
192 AC_CHECK_LIB([crypto], [EC_KEY_generate_key],, not_found=1)
193 AC_CHECK_LIB([crypto], [EC_KEY_get0_private_key],, not_found=1)
194 if test "x$not_found" = "x0"; then
195 use_openssl_functions_ec=1
196 use_openssl_functions_for="${use_openssl_functions_for}general elliptic curve (EC) "
197 fi
198 # Check for ECDSA crypto support
199 not_found=0
200 AC_CHECK_LIB([crypto], [ECDSA_SIG_new],, not_found=1)
201 AC_CHECK_LIB([crypto], [ECDSA_SIG_set0],, not_found=1)
202 AC_CHECK_LIB([crypto], [ECDSA_do_verify],, not_found=1)
203 AC_CHECK_LIB([crypto], [ECDSA_do_sign],, not_found=1)
204 AC_CHECK_LIB([crypto], [EC_KEY_set_group],, not_found=1)
205 if test "x$not_found" = "x0"; then
206 use_openssl_functions_ecdsa=1
207 use_openssl_functions_for="${use_openssl_functions_for}elliptic curve (ECDSA) "
208 fi
209 # Check for RSA crypto functions
210 not_found=0
211 AC_CHECK_LIB([crypto], [RSA_set0_key],, not_found=1)
212 AC_CHECK_LIB([crypto], [RSA_set0_factors],, not_found=1)
213 AC_CHECK_LIB([crypto], [RSA_set0_crt_params],, not_found=1)
214 AC_CHECK_LIB([crypto], [RSA_generate_key_ex],, not_found=1)
215 AC_CHECK_LIB([crypto], [EVP_PKEY_CTX_new],, not_found=1)
216 AC_CHECK_LIB([crypto], [EVP_PKEY_assign],, not_found=1)
217 AC_CHECK_LIB([crypto], [EVP_PKEY_encrypt_init],, not_found=1)
218 AC_CHECK_LIB([crypto], [EVP_PKEY_encrypt],, not_found=1)
219 AC_CHECK_LIB([crypto], [EVP_PKEY_decrypt_init],, not_found=1)
220 AC_CHECK_LIB([crypto], [EVP_PKEY_decrypt],, not_found=1)
221 AC_CHECK_LIB([crypto], [EVP_PKEY_sign_init],, not_found=1)
222 AC_CHECK_LIB([crypto], [EVP_PKEY_sign],, not_found=1)
223 AC_CHECK_LIB([crypto], [EVP_PKEY_verify_init],, not_found=1)
224 AC_CHECK_LIB([crypto], [EVP_PKEY_verify],, not_found=1)
225 AC_CHECK_LIB([crypto], [EVP_get_digestbyname],, not_found=1)
226 # OpenSSL 3.0 turned some #defines into functions
227 AX_CHECK_DEFINE([<openssl/rsa.h>], [EVP_PKEY_CTX_set0_rsa_oaep_label],,
228 AC_CHECK_LIB([crypto], [EVP_PKEY_CTX_set0_rsa_oaep_label],, not_found=1)
229 )
230 AX_CHECK_DEFINE([<openssl/rsa.h>], [EVP_PKEY_CTX_set_rsa_padding],,
231 AC_CHECK_LIB([crypto], [EVP_PKEY_CTX_set_rsa_padding],, not_found=1)
232 )
233 AX_CHECK_DEFINE([<openssl/rsa.h>], [EVP_PKEY_CTX_set_rsa_oaep_md],,
234 AC_CHECK_LIB([crypto], [EVP_PKEY_CTX_set_rsa_oaep_md],, not_found=1)
235 )
236 AX_CHECK_DEFINE([<openssl/evp.h>], [EVP_PKEY_CTX_set_signature_md],,
237 AC_CHECK_LIB([crypto], [EVP_PKEY_CTX_set_signature_md],, not_found=1)
238 )
239 if test "x$not_found" = "x0"; then
240 use_openssl_functions_rsa=1
241 use_openssl_functions_for="${use_openssl_functions_for}RSA "
242 fi
243 LIBS=$LIBS_save
244 ])
245 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=$use_openssl_functions_symmetric"
246 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_EC=$use_openssl_functions_ec"
247 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_ECDSA=$use_openssl_functions_ecdsa"
248 CFLAGS="$CFLAGS -DUSE_OPENSSL_FUNCTIONS_RSA=$use_openssl_functions_rsa"
249
250 AC_ARG_ENABLE([sanitizers], AS_HELP_STRING([--enable-sanitizers], [Enable address sanitizing]),
251 [SANITIZERS="-fsanitize=address,undefined"], [])
252 AC_ARG_ENABLE([fuzzer], AS_HELP_STRING([--enable-fuzzer], [Enable fuzzer]),
253 [FUZZER="$SANITIZERS -fsanitize=fuzzer"
254 AM_CONDITIONAL(WITH_FUZZER, true)],
255 [AM_CONDITIONAL(WITH_FUZZER, false)])
256 AC_SUBST([SANITIZERS])
257 AC_SUBST([FUZZER])
258
259 AM_CONDITIONAL([WITH_FUZZING_ENGINE], [test "x$LIB_FUZZING_ENGINE" != "x"])
260 AC_SUBST([LIB_FUZZING_ENGINE])
261
262 AC_ARG_ENABLE([test-coverage],
263 AS_HELP_STRING([--enable-test-coverage], [Enable test coverage flags]),
264 [COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage" COVERAGE_LDFLAGS="-fprofile-arcs"])
265
266 LT_INIT
267 AC_PROG_CC
268 AC_PROG_CXX
269 AC_PROG_INSTALL
270 LT_INIT
271
272 #AM_GNU_GETTEXT_VERSION([0.15])
273 #AM_GNU_GETTEXT([external])
274
275 AC_C_CONST
276 AC_C_INLINE
277
278 AC_TYPE_SIZE_T
279
280 AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt")
281 AC_SUBST([LIBRT_LIBS])
282
283 AC_ARG_ENABLE([hardening],
284 AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
285
286 if test "x$enable_hardening" != "xno"; then
287 # Some versions of gcc fail with -Wstack-protector enabled
288 TMP="$($CC -fstack-protector-strong $srcdir/include/libtpms/tpm_error.h 2>&1)"
289 if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then
290 HARDENING_CFLAGS="-fstack-protector "
291 else
292 HARDENING_CFLAGS="-fstack-protector-strong "
293 fi
294
295 dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2
296 TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')"
297 TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')"
298 if test -z "$TMP1" && test -n "$TPM2"; then
299 HARDENING_CFLAGS="$HARDENING_CFLAGS -D_FORTIFY_SOURCE=2 "
300 fi
301 dnl Check linker for 'relro' and 'now'
302 save_CFLAGS="$CFLAGS"
303 CFLAGS="-Wl,-z,relro -Werror"
304 AC_MSG_CHECKING([whether linker supports -Wl,-z,relro])
305 AC_LINK_IFELSE(
306 [AC_LANG_SOURCE([[int main() { return 0; }]])],
307 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,relro"
308 AC_MSG_RESULT(yes)],
309 [AC_MSG_RESULT(no)]
310 )
311 CFLAGS="-Wl,-z,now -Werror"
312 AC_MSG_CHECKING([whether linker supports -Wl,-z,now])
313 AC_LINK_IFELSE(
314 [AC_LANG_SOURCE([[int main() { return 0; }]])],
315 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,now"
316 AC_MSG_RESULT(yes)],
317 [AC_MSG_RESULT(no)]
318 )
319 CFLAGS="$save_CFLAGS"
320 AC_SUBST([HARDENING_CFLAGS])
321 AC_SUBST([HARDENING_LDFLAGS])
322 fi
323
324 AM_CFLAGS="$CFLAGS $COVERAGE_CFLAGS -Wall -Werror -Wreturn-type -Wsign-compare -Wno-self-assign -Wmissing-prototypes"
325 AM_CFLAGS="$AM_CFLAGS"
326 AM_LDFLAGS="$LDFLAGS $COVERAGE_LDFLAGS"
327
328 AC_SUBST([AM_CFLAGS])
329 AC_SUBST([AM_LDFLAGS])
330
331 AC_CONFIG_FILES(Makefile \
332 dist/libtpms.spec \
333 include/Makefile \
334 include/libtpms/Makefile \
335 include/libtpms/tpm_library.h \
336 man/Makefile \
337 man/man3/Makefile \
338 src/Makefile \
339 libtpms.pc \
340 tests/Makefile)
341 PKG_INSTALLDIR()
342 AC_OUTPUT
343
344 if test -z "$enable_debug" ; then
345 enable_debug="no"
346 fi
347 if test -z "$with_tpm2"; then
348 with_tpm2=no
349 fi
350
351 echo
352 echo "AM_CFLAGS=$AM_CFLAGS"
353 echo "HARDENING_CFLAGS=$HARDENING_CFLAGS"
354 echo "HARDENING_LDFLAGS=$HARDENING_LDFLAGS"
355 echo "AM_LDFLAGS=$AM_LDFLAGS"
356 echo
357 echo "Version to build : $PACKAGE_VERSION"
358 echo "Crypto library : $cryptolib"
359 echo "Debug build : $enable_debug"
360 echo "With TPM1.2 support : $with_tpm1"
361 echo "With TPM2 support : $with_tpm2"
362 echo "HAVE_VERSION_SCRIPT : $have_version_script"
363 echo "Use openssl crypto for : $use_openssl_functions_for"
364 echo
365 echo
Software TPM Library