]> git.proxmox.com Git - swtpm.git/blame - configure.ac
projects / swtpm.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bump version to 0.8.0~bpo11+1
[swtpm.git] / configure.ac
CommitLineData
f163b202
SB		 1#
2# configure.ac
3#
4# The Initial Developer of the Original Code is International
5# Business Machines Corporation. Portions created by IBM
6# Corporation are Copyright (C) 2014 International Business
7# Machines Corporation. All Rights Reserved.
8#
9# This program is free software; you can redistribute it and/or modify
10# it under the terms of the Common Public License as published by
11# IBM Corporation; either version 1 of the License, or (at your option)
12# any later version.
13#
14# This program is distributed in the hope that it will be useful,
15# but WITHOUT ANY WARRANTY; without even the implied warranty of
16# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17# Common Public License for more details.
18#
19# You should have received a copy of the Common Public License
20# along with this program; if not, a copy can be viewed at
21# http://www.opensource.org/licenses/cpl1.0.php.
22#
23# This file is derived from tpm-tool's configure.in.
24#
25
3115dff0 26AC_INIT([swtpm],[0.8.0])
b295c768 27AC_PREREQ([2.69])
f163b202 28AC_CONFIG_SRCDIR(Makefile.am)
b295c768 29AC_CONFIG_HEADERS([config.h])
f163b202
SB		 30
31SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1`
32SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2`
33SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3`
34
35AC_SUBST([SWTPM_VER_MAJOR])
36AC_SUBST([SWTPM_VER_MINOR])
37AC_SUBST([SWTPM_VER_MICRO])
38
39dnl Check for programs
40AC_PROG_CC
41AC_PROG_INSTALL
42AC_PROG_LN_S
908afaf5 43LT_INIT
f163b202 44
f163b202
SB		 45AC_CONFIG_MACRO_DIR([m4])
46AC_CANONICAL_TARGET
c3fdf688 47AC_CANONICAL_HOST
f163b202 48AM_INIT_AUTOMAKE([foreign 1.6])
13cb26d8 49AM_SILENT_RULES([yes])
f163b202
SB		 50
51DEBUG=""
52AC_MSG_CHECKING([for debug-enabled build])
b295c768 53AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug],[create a debug build]),
f163b202
SB		 54 [if test "$enableval" = "yes"; then
55 DEBUG="yes"
56 AC_MSG_RESULT([yes])
57 else
58 DEBUG="no"
59 AC_MSG_RESULT([no])
60 fi],
61 [DEBUG="no",
62 AC_MSG_RESULT([no])])
63
64# If the user has not set CFLAGS, do something appropriate
65test_CFLAGS=${CFLAGS+set}
66if test "$test_CFLAGS" != set; then
33be7be2 67 if test "$DEBUG" = "yes"; then
f163b202
SB		 68 CFLAGS="-O0 -g -DDEBUG"
69 else
70 CFLAGS="-g -O2"
71 fi
33be7be2 72elif test "$DEBUG" = "yes"; then
f163b202
SB		 73 CFLAGS="$CFLAGS -O0 -g -DDEBUG"
74fi
75
e46a2b66
SB		 76AC_C_CONST
77AC_C_INLINE
78
79AC_TYPE_SIZE_T
e46a2b66 80
baecda40
SB		 81AC_PROG_CC
82AC_PROG_INSTALL
3cb54a5d 83AC_PROG_MKDIR_P
e46a2b66 84
ec37bb56
SB		 85AC_ARG_WITH([selinux],
86 AS_HELP_STRING([--with-selinux],
87 [add SELinux policy extensions @<:@default=check@:>@]))
88m4_divert_text([DEFAULTS], [with_selinux=check])
89
90dnl Check for SELinux policy support
91
92if test "$with_selinux" != "no"; then
93 if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then
94 if ! test -f /usr/share/selinux/devel/Makefile; then
95 if test "$with_selinux" = "yes"; then
96 AC_MSG_ERROR("Is selinux-policy-devel installed?")
97 else
98 with_selinux="no"
99 fi
100 fi
101 AC_PATH_PROG([SEMODULE], semodule)
33be7be2 102 if test "x$SEMODULE" = "x"; then
ec37bb56
SB		 103 if test "$with_selinux" = "yes"; then
104 AC_MSG_ERROR("Is selinux-policy-devel installed?")
105 else
106 with_selinux="no"
107 fi
108 fi
109 if test "$with_selinux" = "check"; then
110 with_selinux="yes"
111 fi
112 fi
113fi
33be7be2 114AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" = "xyes"])
ec37bb56 115
b096be26
SB		 116if test "$prefix" = "/usr" && test "$sysconfdir" = '${prefix}/etc'; then
117 sysconfdir="/etc"
118fi
119if test "$prefix" = "" && test "$datarootdir" = '${prefix}/share'; then
120 datarootdir="/usr/share"
121fi
d16b86b7
SB		 122if test "$prefix" = "/usr" && test "$localstatedir" = '${prefix}/var'; then
123 localstatedir="/var"
124fi
5d35321e
SB		 125if test "x$prefix" = "xNONE"; then
126 prefix="/usr/local"
127fi
fd00c5ff
SB		 128if test "x$exec_prefix" = "xNONE"; then
129 exec_prefix=$prefix
130fi
0432b653
SB		 131SYSCONFDIR=`eval echo $sysconfdir`
132DATAROOTDIR=`eval echo $datarootdir`
d16b86b7 133LOCALSTATEDIR=`eval echo $localstatedir`
fd00c5ff 134BINDIR=`eval echo $bindir`
0432b653
SB		 135AC_SUBST([SYSCONFDIR])
136AC_SUBST([DATAROOTDIR])
d16b86b7 137AC_SUBST([LOCALSTATEDIR])
fd00c5ff 138AC_SUBST([BINDIR])
b096be26 139
7849b6c6 140cryptolib=openssl
3bbdd7bc
SB		 141
142AC_ARG_WITH([openssl],
7849b6c6
SB		 143 [AS_HELP_STRING([--with-openssl],
144 [build with openssl library])],
145 [],
146 [])
3bbdd7bc
SB		 147
148case "$cryptolib" in
3bbdd7bc 149openssl)
7849b6c6
SB		 150 AC_CHECK_LIB(crypto,
151 [AES_set_encrypt_key],
b78b6af2 152 [true],
7849b6c6
SB		 153 AC_MSG_ERROR(Faulty openssl crypto library))
154 AC_CHECK_HEADERS([openssl/aes.h],[],
155 AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?))
156 AC_MSG_RESULT([Building with openssl crypto library])
0371b63b
SB		 157 LIBCRYPTO_LIBS=$(pkg-config --libs libcrypto)
158 AC_SUBST([LIBCRYPTO_LIBS])
a39c3792
SB		 159 AC_CHECK_HEADERS([openssl/fips.h],
160 [AC_DEFINE_UNQUOTED([HAVE_OPENSSL_FIPS_H], 1,
161 [whether openssl/fips.h is available])]
162 )
163 AC_CHECK_LIB(crypto,
164 [FIPS_mode_set],
165 [AC_DEFINE_UNQUOTED([HAVE_OPENSSL_FIPS_MODE_SET_API], 1,
166 [whether FIPS_mode_set API is available])]
167 )
7849b6c6 168 ;;
3bbdd7bc 169esac
833a5416 170
baecda40
SB		 171LIBTASN1_LIBS=$(pkg-config --libs libtasn1)
172if test $? -ne 0; then
173 AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1")
174fi
175AC_SUBST([LIBTASN1_LIBS])
f163b202 176
3b33116d
SB		 177PKG_CHECK_MODULES(
178 [LIBTPMS],
179 [libtpms],
180 ,
181 AC_MSG_ERROR("no libtpms.pc found; please set PKG_CONFIG_PATH to the directory where libtpms.pc is located")
182)
8d086ee9 183LDFLAGS="$LDFLAGS $LIBTPMS_LIBS"
b4374c33 184CFLAGS="$CFLAGS $LIBTPMS_CFLAGS"
fbc596ab 185AC_CHECK_LIB(tpms,
b78b6af2 186 TPMLIB_ChooseTPMVersion,[true],
fbc596ab
SB		 187 AC_MSG_ERROR("libtpms 0.6 or later is required")
188)
baecda40 189AC_SUBST([LIBTPMS_LIBS])
f163b202 190
5478de0a
SB		 191AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt")
192AC_SUBST([LIBRT_LIBS])
193
cc410ca9
SB		 194AC_PATH_PROG([TCSD], tcsd)
195if test "x$TCSD" = "x"; then
64faf455 196 have_tcsd=no
cc410ca9 197 AC_MSG_WARN([tcsd could not be found; typically need it for tss user account and tests])
ef606d4a
SB		 198else
199 have_tcsd=yes
200fi
64faf455 201AM_CONDITIONAL([HAVE_TCSD], test "$have_tcsd" != "no")
e46a2b66 202
d4c60e44 203dnl We either need netstat (more common across systems) or 'ss' for test cases
5cd844d0 204AC_PATH_PROG([NETSTAT], [netstat])
d4c60e44
SB		 205if test "x$NETSTAT" = "x"; then
206 AC_PATH_PROG([SS], [ss])
207 if test "x$SS" = "x"; then
208 AC_MSG_ERROR(['netstat' and 'ss' tools are missing for tests: net-tools OR iproute/iproute2 package])
209 fi
210fi
5cd844d0 211
09d1a532
SB		 212AC_MSG_CHECKING([for whether to build with CUSE interface])
213AC_ARG_WITH([cuse],
b295c768 214 AS_HELP_STRING([--with-cuse],[build with CUSE interface]),
09d1a532
SB		 215 [],
216 [with_cuse=check]
217)
f163b202 218
09d1a532
SB		 219if test "$with_cuse" != "no"; then
220 LIBFUSE_CFLAGS=$(pkg-config fuse --cflags 2>/dev/null)
221 if test $? -ne 0; then
222 if test "$with_cuse" = "yes"; then
223 AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse")
224 else
225 with_cuse=no
226 fi
227 else
228 with_cuse=yes
229 fi
498433f7 230fi
09d1a532 231
2579038d
SB		 232dnl with_cuse is now yes or no
233if test "$with_cuse" != "no"; then
234 LIBFUSE_LIBS=$(pkg-config fuse --libs)
235 if test $? -ne 0; then
236 AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse")
237 fi
238 AC_SUBST([LIBFUSE_CFLAGS])
239 AC_SUBST([LIBFUSE_LIBS])
240 AC_DEFINE_UNQUOTED([WITH_CUSE], 1,
241 [whether to build with CUSE interface])
242
243 GTHREAD_LIBS=$(pkg-config --libs gthread-2.0)
244 if test $? -ne 0; then
245 AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0")
246 fi
247 AC_SUBST([GTHREAD_LIBS])
248fi
249AM_CONDITIONAL([WITH_CUSE],[test "$with_cuse" = "yes"])
250AC_MSG_RESULT($with_cuse)
251
c125e34b
SB		 252JSON_GLIB_CFLAGS=$(pkg-config --cflags json-glib-1.0)
253if test $? -ne 0; then
254 AC_MSG_ERROR("Is libjson-glib-dev/json-glib-devel installed? -- could not get cflags")
255fi
256AC_SUBST([JSON_GLIB_CFLAGS])
257
258JSON_GLIB_LIBS=$(pkg-config --libs json-glib-1.0)
259if test $? -ne 0; then
260 AC_MSG_ERROR("Is libjson-glib-dev/json-glib-devel installed? -- could not get libs")
261fi
262AC_SUBST([JSON_GLIB_LIBS])
263
264GLIB_CFLAGS=$(pkg-config --cflags glib-2.0)
265if test $? -ne 0; then
266 AC_MSG_ERROR("Is libglib-2.0-dev/glib2-devel installed? -- could not get cflags")
267fi
268AC_SUBST([GLIB_CFLAGS])
269
270GLIB_LIBS=$(pkg-config --libs glib-2.0)
271if test $? -ne 0; then
4e1ce735 272 AC_MSG_ERROR("Is libglib-2.0-dev/glib2-devel installed? -- could not get libs")
c125e34b
SB		 273fi
274AC_SUBST([GLIB_LIBS])
275
498433f7
SB		 276AC_MSG_CHECKING([for whether to build with chardev interface])
277case $host_os in
278linux-*)
279 with_chardev=yes
280 AC_DEFINE_UNQUOTED([WITH_CHARDEV], 1,
281 [whether to build with chardev interface])
282 ;;
283*)
284 with_chardev=no
285esac
286AM_CONDITIONAL([WITH_CHARDEV],[test "$with_chardev" = "yes"])
b7f55fd0 287AC_MSG_RESULT($with_chardev)
498433f7 288
10002933 289AC_ARG_WITH([gnutls],
b295c768 290 AS_HELP_STRING([--with-gnutls],[build with gnutls library]),
10002933
SB		 291 [],
292 [with_gnutls=check]
293)
294
e46a2b66
SB		 295if test "x$with_gnutls" != "xno"; then
296 GNUTLS_LDFLAGS=$(pkg-config --libs gnutls)
297 if test $? -ne 0; then
33be7be2 298 if test "x$with_gnutls" = "xyes"; then
e46a2b66
SB		 299 AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls")
300 else
301 with_gnutls=no
302 fi
303 fi
304fi
f163b202 305
1828edee 306if test "x$with_gnutls" != "xno"; then
e9fd0142
SB		 307 AC_PATH_PROG([GNUTLS_CERTTOOL], certtool)
308 if test "x$GNUTLS_CERTTOOL" = "x"; then
309 if test "x$with_gnutls" = "xyes"; then
310 AC_MSG_ERROR("Could not find certtool. Is gnutls-utils/gnutls-bin installed?")
311 else
312 with_gnutls=no
313 fi
314 fi
315 dnl certtool changed how it takes private key passwords
316 dnl 3.3.29 is too old (RHEL 7); we need at least gnutls 3.4.0
317 AC_MSG_CHECKING([for gnutls 3.4.0 or later])
318 $(pkg-config gnutls --atleast-version=3.4.0)
319 if test $? -ne 0; then
320 AC_MSG_ERROR([gnutls 3.4.0 is required])
321 fi
322 AC_MSG_RESULT([yes])
1828edee
SB		 323fi
324
e46a2b66 325if test "x$with_gnutls" != "xno"; then
571a8eed 326 ORIG_CFLAGS="$CFLAGS"
baecda40 327 GNUTLS_CFLAGS=$(pkg-config gnutls --cflags)
571a8eed 328 CFLAGS="$CFLAGS $GNUTLS_CFLAGS $GNUTLS_LDFLAGS"
10002933 329 AC_CHECK_LIB([gnutls], [gnutls_load_file], [
e735328e 330 GNUTLS_LIBS=$(pkg-config gnutls --libs)
baecda40 331 ],
33be7be2 332 [if test "x$with_gnutls" = "xyes"; then
e46a2b66
SB		 333 AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so])
334 else
335 with_gnutls="no"
336 fi])
571a8eed 337 CFLAGS="$ORIG_CFLAGS"
e46a2b66
SB		 338fi
339
340if test "x$with_gnutls" != "xno"; then
571a8eed
SB		 341 ORIG_CFLAGS="$CFLAGS"
342 CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
e46a2b66 343 AC_CHECK_HEADER(gnutls/abstract.h, [], \
33be7be2 344 [if test "x$with_gnutls" = "xyes"; then
e46a2b66
SB		 345 AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h])
346 else
347 with_gnutls="no"
348 fi])
571a8eed 349 CFLAGS="$ORIG_CFLAGS"
e46a2b66
SB		 350fi
351
352if test "x$with_gnutls" != "xno"; then
353 with_gnutls="yes"
354fi
33be7be2 355AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" = "xyes"])
baecda40 356AC_SUBST([GNUTLS_LIBS])
f163b202 357
df4046d0
SB		 358DEFAULT_PCR_BANKS="sha256"
359AC_ARG_ENABLE([default-pcr-banks],
360 AS_HELP_STRING(
361 [--enable-default-pcr-banks=list of PCR banks],
362 [Have swtpm_setup activate the given PCR banks by default;
363 default is sha256]
364 ),
365 [],
366 []
367)
368
b91fc6e6
WR		 369AC_DEFUN([pcr_bank_checks], [
370 AC_CHECK_PROG([bash], [bash], [yes], [no])
371 AS_IF([test "x$bash" != "xyes"],
372 [AC_MSG_ERROR([PCR bank verification requires bash, but executable not found.])])
373
374 AC_MSG_CHECKING([which PCR banks to activate by default])
375 REGEX="^(sha1|sha256|sha384|sha512)(,(sha1|sha256|sha384|sha512)){0,3}\$"
376 AS_IF([bash -c "[[[ $DEFAULT_PCR_BANKS =~ $REGEX ]]] && exit 0 || exit 1"],
377 [AC_MSG_RESULT([$DEFAULT_PCR_BANKS])],
378 [AC_MSG_ERROR([$DEFAULT_PCR_BANKS is an invalid list of PCR banks])])
379])
380
381AS_IF([test "x$enable_default_pcr_banks" != "x"],[
382 DEFAULT_PCR_BANKS="$enable_default_pcr_banks"
383])
384pcr_bank_checks
df4046d0
SB		 385AC_SUBST([DEFAULT_PCR_BANKS])
386
48abfbb1 387AC_PATH_PROG([EXPECT], expect)
33be7be2 388if test "x$EXPECT" = "x"; then
48abfbb1
SB		 389 AC_MSG_ERROR([expect is required: expect package])
390fi
391
b080afb5 392AC_PATH_PROG([GAWK], gawk)
33be7be2 393if test "x$GAWK" = "x"; then
b080afb5
SB		 394 AC_MSG_ERROR([gawk is required: gawk package])
395fi
396
8cb126e4 397AC_PATH_PROG([SOCAT], socat)
33be7be2 398if test "x$SOCAT" = "x"; then
8cb126e4
SB		 399 AC_MSG_ERROR([socat is required: socat package])
400fi
401
cc410ca9
SB		 402AC_PATH_PROG([BASE64], base64)
403if test "x$BASE64" = "x"; then
404 AC_MSG_ERROR([base64 is required: base64 package])
dbb399de
SB		 405fi
406
cc410ca9
SB		 407AC_PATH_PROG([CP], cp)
408if test "x$CP" = "x"; then
409 AC_MSG_ERROR([cp is required])
410fi
411
412AM_PATH_PYTHON([3.3])
413
5eeea357
SB		 414AC_ARG_ENABLE([hardening],
415 AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
a76b4eeb 416
5eeea357 417if test "x$enable_hardening" != "xno"; then
8a05e8fd
SB		 418 # Some versions of gcc fail with -Wstack-protector,
419 # some with -Wstack-protector-strong enabled
420 if ! $CC -fstack-protector-strong -Wstack-protector $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
421 if $CC -fstack-protector -Wstack-protector $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
422 HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
423 fi
5eeea357 424 else
5e73e324 425 HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector"
5eeea357
SB		 426 fi
427
607f1f80
SB		 428 dnl Only support -D_FORTIFY_SOURCE=2 and have higher levels passed in by user
429 dnl since they may create more overhead
430 if $CC $CFLAGS -Werror -D_FORTIFY_SOURCE=2 $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
5e73e324 431 HARDENING_CFLAGS="$HARDENING_CFLAGS -D_FORTIFY_SOURCE=2"
5eeea357 432 fi
b381e1eb
SB		 433 dnl Check linker for 'relro' and 'now'
434 save_CFLAGS="$CFLAGS"
435 CFLAGS="-Wl,-z,relro -Werror"
436 AC_MSG_CHECKING([whether linker supports -Wl,-z,relro])
2ba23cee 437 AC_LINK_IFELSE(
b381e1eb 438 [AC_LANG_SOURCE([[int main() { return 0; }]])],
0586d2f5 439 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,relro"
b381e1eb
SB		 440 AC_MSG_RESULT(yes)],
441 [AC_MSG_RESULT(no)]
442 )
443 CFLAGS="-Wl,-z,now -Werror"
444 AC_MSG_CHECKING([whether linker supports -Wl,-z,now])
2ba23cee 445 AC_LINK_IFELSE(
b381e1eb 446 [AC_LANG_SOURCE([[int main() { return 0; }]])],
0586d2f5 447 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,now"
b381e1eb
SB		 448 AC_MSG_RESULT(yes)],
449 [AC_MSG_RESULT(no)]
450 )
451 CFLAGS="$save_CFLAGS"
5eeea357 452 AC_SUBST([HARDENING_CFLAGS])
0586d2f5 453 AC_SUBST([HARDENING_LDFLAGS])
a76b4eeb 454fi
e6085e96 455
b8421f3d
SB		 456AC_ARG_ENABLE([test-coverage],
457 AS_HELP_STRING([--enable-test-coverage], [Enable test coverage flags]))
458
459if test "x$enable_test_coverage" = "xyes"; then
460 COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage"
461 COVERAGE_LDFLAGS="-fprofile-arcs"
462fi
463
0b9c2a05
ET		 464AC_ARG_ENABLE([sanitizers],
465 AS_HELP_STRING([--enable-sanitizers], [Enable address/undefined sanitizers]))
466
467if test "x$enable_sanitizers" = "xyes"; then
468 save_CFLAGS="$CFLAGS"
469 CFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
470 AC_MSG_CHECKING([whether linker supports sanitizer])
471 AC_LINK_IFELSE(
472 [AC_LANG_SOURCE([[int main() { return 0; }]])],
473 [SANITIZER_CFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
474 SANITIZER_LDFLAGS="-fsanitize=address,undefined"
475 AC_MSG_RESULT(yes)],
476 [AC_MSG_RESULT(no)]
477 )
478 CFLAGS="$save_CFLAGS"
479fi
480
c4ac0a11 481AC_ARG_WITH([tss-user],
b295c768 482 AS_HELP_STRING([--with-tss-user=TSS_USER],[The tss user to use]),
c4ac0a11
SB		 483 [TSS_USER="$withval"],
484 [TSS_USER="tss"]
485)
486
487AC_ARG_WITH([tss-group],
b295c768 488 AS_HELP_STRING([--with-tss-group=TSS_GROUP],[The tss group to use]),
c4ac0a11
SB		 489 [TSS_GROUP="$withval"],
490 [TSS_GROUP="tss"]
491)
aa88eebe
SB		 492
493case $have_tcsd in
494yes)
495 AC_MSG_CHECKING([whether TSS_USER $TSS_USER is available])
496 if ! test $(id -u $TSS_USER); then
497 AC_MSG_ERROR(["$TSS_USER is not available"])
498 else
499 AC_MSG_RESULT([yes])
500 fi
501 AC_MSG_CHECKING([whether TSS_GROUP $TSS_GROUP is available])
502 if ! test $(id -g $TSS_GROUP); then
503 AC_MSG_ERROR(["$TSS_GROUP is not available"])
504 else
505 AC_MSG_RESULT([yes])
506 fi
507 ;;
508esac
509
c4ac0a11
SB		 510AC_SUBST([TSS_USER])
511AC_SUBST([TSS_GROUP])
512
f163b202
SB		 513CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum"
514CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror"
e6085e96 515CFLAGS="$CFLAGS -Wformat -Wformat-security"
0b9c2a05 516CFLAGS="$CFLAGS $GNUTLS_CFLAGS $COVERAGE_CFLAGS $SANITIZER_CFLAGS"
b8421f3d 517
0b9c2a05 518LDFLAGS="$LDFLAGS $COVERAGE_LDFLAGS $SANITIZER_LDFLAGS"
f163b202 519
f2458ef7
SB		 520dnl Simulate the following for systems with pkg-config < 0.28:
521dnl PKG_CHECK_VAR([libtpms_cryptolib], [libtpms], [cryptolib],
522dnl [], AC_MSG_ERROR([Could not determine libtpms crypto library.]))
523PKG_PROG_PKG_CONFIG
524
525AC_MSG_CHECKING([Checking the crypto library libtpms is linked to])
526libtpms_cryptolib=`$PKG_CONFIG --variable cryptolib libtpms`
33be7be2 527if test "x$libtpms_cryptolib" = "x"; then
b4374c33
JB		 528 AC_MSG_WARN([Could not determine the crypto library libtpms is using, assuming ${cryptolib}])
529 libtpms_cryptolib=${cryptolib}
f2458ef7
SB		 530fi
531AC_MSG_RESULT($libtpms_cryptolib)
86cc4527
SB		 532
533if test "$libtpms_cryptolib" != "$cryptolib"; then
534 echo "libtpms is using $libtpms_cryptolib; we have to use the same"
33be7be2 535 if test "$cryptolib" = "openssl"; then
86cc4527
SB		 536 AC_MSG_ERROR([do not use --with-openssl])
537 else
538 AC_MSG_ERROR([use --with-openssl])
539 fi
540fi
541
c751e32e
SB		 542with_vtpm_proxy=no
543case $host_os in
f071d820 544linux-*)
c751e32e
SB		 545 with_vtpm_proxy=yes
546 AC_DEFINE_UNQUOTED([WITH_VTPM_PROXY], 1,
547 [whether to build in vTPM proxy support (Linux only)])
548esac
549
761df6cd
SB		 550dnl Seccomp profile using -lseccomp (Linux only)
551case $host_os in
552linux-*)
553 with_seccomp_default=yes
554 ;;
555*)
556 with_seccomp_default=no
557 ;;
558esac
559
560AC_MSG_CHECKING([for whether to build with seccomp profile])
561AC_ARG_WITH([seccomp],
b295c768 562 AS_HELP_STRING([--with-seccomp],[build with seccomp profile]),
0232f78f 563 AC_MSG_RESULT([$with_seccomp]),
761df6cd 564 [with_seccomp=$with_seccomp_default]
0232f78f 565 AC_MSG_RESULT([$with_seccomp])
761df6cd
SB		 566)
567
568if test "$with_seccomp" != "no"; then
569 LIBSECCOMP_CFLAGS=$(pkg-config libseccomp --cflags 2>/dev/null)
570 if test $? -ne 0; then
571 AC_MSG_ERROR("Is libseccomp-devel installed? -- could not get cflags for libseccomp")
572 else
573 with_libseccomp=yes
574 fi
575 LIBSECCOMP_LIBS=$(pkg-config --libs libseccomp)
576 AC_SUBST([LIBSECCOMP_LIBS])
577 AC_SUBST([LIBSECCOMP_CFLAGS])
578 AC_DEFINE_UNQUOTED([WITH_SECCOMP], 1,
579 [whether to build in seccomp profile (Linux only)])
580fi
581
da733896
SB		 582MY_CFLAGS="$CFLAGS"
583MY_LDFLAGS="$LDFLAGS"
584AC_SUBST([MY_CFLAGS])
585AC_SUBST([MY_LDFLAGS])
cbaf04b4 586
44b92d43
SB		 587AC_CONFIG_FILES([Makefile \
588 debian/swtpm-tools.postinst \
4608cc33 589 swtpm.spec \
e46a2b66 590 samples/Makefile \
d16b86b7 591 samples/swtpm-localca.conf \
a12b09b1 592 samples/swtpm-create-user-config-files \
edfb8d8a 593 samples/swtpm_setup.conf \
f163b202
SB		 594 include/Makefile \
595 include/swtpm/Makefile \
a1fa5d77 596 include/swtpm.h \
f163b202
SB		 597 src/Makefile \
598 src/selinux/Makefile \
a772d48c
SB		 599 src/selinux/swtpm.fc \
600 src/selinux/swtpmcuse.fc \
f163b202 601 src/swtpm/Makefile \
e46a2b66
SB		 602 src/swtpm_bios/Makefile \
603 src/swtpm_cert/Makefile \
604 src/swtpm_ioctl/Makefile \
ddc75216
NC		 605 src/swtpm_localca/Makefile \
606 src/swtpm_localca/swtpm_localca_conf.h \
e46a2b66 607 src/swtpm_setup/Makefile \
c125e34b
SB		 608 src/swtpm_setup/swtpm_setup_conf.h \
609 src/utils/Makefile \
f163b202 610 man/Makefile \
39d0c3de 611 man/man3/Makefile \
33aa1355 612 man/man5/Makefile \
f163b202 613 man/man8/Makefile \
e46a2b66 614 tests/Makefile \
c4ac0a11 615 tests/test_config \
10002933 616 ])
fd00c5ff
SB		 617AC_CONFIG_FILES([samples/swtpm-localca],
618 [chmod 755 samples/swtpm-localca])
f163b202
SB		 619AC_OUTPUT
620
e46a2b66 621echo
c3fdf688 622printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls
040c7097 623printf "with_selinux : %5s (no = SELinux policy extensions will NOT be built)\n" $with_selinux
c3fdf688 624printf "with_cuse : %5s (no = no CUSE interface)\n" $with_cuse
498433f7 625printf "with_chardev : %5s (no = no chardev interface)\n" $with_chardev
c751e32e 626printf "with_vtpm_proxy : %5s (no = no vtpm proxy support; Linux only)\n" $with_vtpm_proxy
761df6cd 627printf "with_seccomp : %5s (no = no seccomp profile; Linux only)\n" $with_seccomp
df4046d0
SB		 628printf "\n"
629printf "active PCR banks : %s\n" $DEFAULT_PCR_BANKS
e46a2b66 630echo
040c7097
SB		 631echo "Version to build : $PACKAGE_VERSION"
632echo "Crypto library : $cryptolib"
10002933 633echo
da733896 634echo " MY_CFLAGS = $MY_CFLAGS"
b5701034
SB		 635echo " HARDENING_CFLAGS = $HARDENING_CFLAGS"
636echo "HARDENING_LDFLAGS = $HARDENING_LDFLAGS"
da733896 637echo " MY_LDFLAGS = $MY_LDFLAGS"
b5701034
SB		 638echo " LIBSECCOMP_LIBS = $LIBSECCOMP_LIBS"
639echo " JSON_GLIB_CFLAGS = $JSON_GLIB_CFLAGS"
640echo " JSON_GLIB_LIBS = $JSON_GLIB_LIBS"
641echo " GLIB_CFLAGS = $GLIB_CFLAGS"
642echo " GLIB_LIBS = $GLIB_LIBS"
e735328e 643echo " GNUTLS_LIBS = $GNUTLS_LIBS"
c4ac0a11
SB		 644echo
645echo "TSS_USER=$TSS_USER"
646echo "TSS_GROUP=$TSS_GROUP"
647echo
Software TPM used for PVE's Virtual Machines