# SPDX-License-Identifier: BSD-2-Clause
# Copyright (c) 2015 - 2020 Intel Corporation
# Copyright (c) 2018 - 2020 Fraunhofer SIT sponsored by Infineon Technologies AG
# All rights reserved.
AC_INIT([tpm2-tss],
[2.4.0],
[https://github.com/tpm2-software/tpm2-tss/issues],
[],
[https://github.com/tpm2-software/tpm2-tss])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign
subdir-objects])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) #Backward compatible setting of "silent-rules"
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_FILES([Makefile Doxyfile lib/tss2-sys.pc lib/tss2-esys.pc lib/tss2-mu.pc lib/tss2-tcti-device.pc lib/tss2-tcti-mssim.pc lib/tss2-rc.pc lib/tss2-tctildr.pc lib/tss2-fapi.pc])
# propagate configure arguments to distcheck
AC_SUBST([DISTCHECK_CONFIGURE_FLAGS],[$ac_configure_args])
AC_CANONICAL_HOST
AX_IS_RELEASE(dash-version)
AX_CHECK_ENABLE_DEBUG([info])
AC_PROG_CC
AC_PROG_CXX
AC_PROG_LN_S
AC_USE_SYSTEM_EXTENSIONS
LT_INIT()
LT_LIB_DLLOAD
PKG_INSTALLDIR()
# Check OS and set library and compile flags accordingly
case "${host_os}" in
*nto-qnx*)
HOSTOS='QNX'
ADD_COMPILER_FLAG([-D_QNX_SOURCE])
LIBSOCKET_LDFLAGS="-lsocket"
;;
*bsd* | *BSD*)
HOSTOS='BSD'
LIBSOCKET_LDFLAGS=""
;;
*)
#Assume linux
HOSTOS='Linux'
LIBSOCKET_LDFLAGS=""
;;
esac
AC_SUBST([LIBSOCKET_LDFLAGS])
AC_SUBST([HOSTOS])
# runstatedir is only defined in the yet unreleased Autoconf 2.70
AC_ARG_WITH([runstatedir],
AS_HELP_STRING([--with-runstatedir=
],
[replacement for --runstatedir in Autoconf <2.70]),
[runstatedir="$withval"])
AS_IF([test -z "$runstatedir"], [runstatedir="${localstatedir}/run"])
AC_SUBST([runstatedir])
AX_RECURSIVE_EVAL([$sysconfdir], [SYSCONFDIR])
AC_DEFINE_UNQUOTED([SYSCONFDIR], ["$SYSCONFDIR"], [System config dir])
AC_ARG_WITH([userstatedir],
[AS_HELP_STRING([--with-userstatedir=],
[sets the relative path in the user's home (default is ".local/share")])],,
[with_userstatedir=.local/share])
AC_SUBST(userstatedir, $with_userstatedir)
AC_ARG_WITH([sysusersdir],
[AS_HELP_STRING([--with-sysusersdir=],
[sets the sysusers.d directory (default is "${sysconfdir}/sysusers.d")])],,
[with_sysusersdir="${sysconfdir}/sysusers.d"])
AC_SUBST(sysusersdir, $with_sysusersdir)
AC_ARG_WITH([tmpfilesdir],
[AS_HELP_STRING([--with-tmpfilesdir=],
[sets the tmpfiles.d directory (default is "${sysconfdir}/tmpfiles.d")])],,
[with_tmpfilesdir="${sysconfdir}/tmpfiles.d"])
AC_SUBST(tmpfilesdir, $with_tmpfilesdir)
AC_ARG_ENABLE([unit],
[AS_HELP_STRING([--enable-unit],
[build cmocka unit tests])],,
[enable_unit=no])
m4_define([cmocka_min_version], [1.0])
m4_define([cmocka_err], [Unit test enabled, but cmocka missing or version requirements not met. cmocka version must be >= cmocka_min_version])
AS_IF([test "x$enable_unit" != xno],
[PKG_CHECK_MODULES([CMOCKA],
[cmocka >= cmocka_min_version],,
[AC_MSG_ERROR([cmocka_err])])])
AM_CONDITIONAL([UNIT], [test "x$enable_unit" != xno])
AC_ARG_ENABLE([esapi],
[AS_HELP_STRING([--disable-esapi],
[don't build the esapi layer])],,
[enable_esapi=yes])
AM_CONDITIONAL(ESAPI, test "x$enable_esapi" = "xyes")
AC_CHECK_FUNC([strndup],[],[AC_MSG_ERROR([strndup function not found])])
AC_CHECK_FUNCS([reallocarray])
AC_ARG_ENABLE([fapi],
[AS_HELP_STRING([--enable-fapi],
[build the fapi layer (default is yes)])],
[enable_fapi=$enableval],
[enable_fapi=yes])
AM_CONDITIONAL(FAPI, test "x$enable_fapi" = "xyes")
AC_ARG_ENABLE([fapi-async-tests],
AS_HELP_STRING([--enable-fapi-async-tests],
[Force fapi to spin asynchronously. (NOT FOR PRODUCTION!)]),,
[enable_fapi_async_tests=no])
AS_IF([test "x$enable_fapi_async_tests" = "xyes"],
AC_DEFINE([TEST_FAPI_ASYNC], [1], [FAPI forced async spinning]))
AS_IF([test "x$enable_fapi_async_tests" = "xyes"],
AC_MSG_WARN("FAPI compiled with asynchronous spinning testing. NOT FOR PRODUCTION!"))
AC_ARG_ENABLE([tcti-device-async],
AS_HELP_STRING([--enable-tcti-device-async],
[Enable asynchronus operation on TCTI device
(note: This needs to be supported by the kernel driver).]),,
[enable_tcti_device_async=no])
AS_IF([test "x$enable_tcti_device_async" = "xyes"],
AC_DEFINE([TCTI_ASYNC],[1], [TCTI ASYNC MODE]))
AC_ARG_ENABLE([tcti-partial-reads],
AS_HELP_STRING([--enable-tcti-partial-reads],
[Enable partial reads for TCTI device
(note: This needs to be supported by the kernel driver).]),,
[enable_tcti_partial_reads=no])
AS_IF([test "x$enable_tcti_partial_reads" = "xyes"],
AC_DEFINE([TCTI_PARTIAL_READ],[1], [TCTI PARTIAL READ MODE]))
AC_ARG_WITH([crypto],
[AS_HELP_STRING([--with-crypto={gcrypt,ossl}],
[sets the ESAPI crypto backend (default is OpenSSL)])],,
[with_crypto=ossl])
AM_CONDITIONAL(ESYS_OSSL, test "x$with_crypto" = "xossl")
AM_CONDITIONAL(ESYS_GCRYPT, test "x$with_crypto" = "xgcrypt")
AS_IF([test "x$enable_esapi" = xyes],
[AS_IF([test "x$with_crypto" = xgcrypt], [
AM_PATH_LIBGCRYPT([1.6.0], [], [AC_MSG_ERROR([Missing required gcrypt library])])
TSS2_ESYS_CFLAGS_CRYPTO="$LIBGCRYPT_CFLAGS"
TSS2_ESYS_LDFLAGS_CRYPTO="$LIBGCRYPT_LIBS"
], [test "x$with_crypto" = xossl], [
PKG_CHECK_MODULES([LIBCRYPTO], [libcrypto])
AC_DEFINE([OSSL], [1], [OpenSSL cryptographic backend])
TSS2_ESYS_CFLAGS_CRYPTO="$LIBCRYPTO_CFLAGS"
TSS2_ESYS_LDFLAGS_CRYPTO="$LIBCRYPTO_LIBS"
], AC_MSG_ERROR([Bad value for --with-crypto $with_crypto]))])
AC_SUBST([TSS2_ESYS_CFLAGS_CRYPTO])
AC_SUBST([TSS2_ESYS_LDFLAGS_CRYPTO])
AS_IF([test "x$enable_fapi" != xno -a "x$enable_esapi" = "xno"],
AC_MSG_ERROR([ESAPI has to be enabled to compile FAPI.]))
AS_IF([test "x$enable_fapi" != xno -a "x$with_crypto" != "xossl"],
AC_MSG_ERROR([FAPI has to be compiled with OpenSSL]))
AS_IF([test "x$enable_fapi" = xyes ],
PKG_CHECK_MODULES([JSON_C], [json-c]))
AS_IF([test "x$enable_fapi" = xyes ],
PKG_CHECK_MODULES([CURL], [libcurl]))
AC_ARG_WITH([tctidefaultmodule],
[AS_HELP_STRING([--with-tctidefaultmodule],
[The default TCTI module for ESAPI. (Default: libtss2-tcti-default.so)])],
[AC_DEFINE_UNQUOTED([ESYS_TCTI_DEFAULT_MODULE],
["$with_tctidefaultmodule"],
["The default TCTI library file"])],
[with_tctidefaultmodule=libtss2-tcti-default.so])
AC_ARG_WITH([tctidefaultconfig],
[AS_HELP_STRING([--with-tctidefaultconfig],
[The default tcti module's configuration.])],
[AC_DEFINE_UNQUOTED([ESYS_TCTI_DEFAULT_CONFIG],
["$with_tctidefaultconfig"],
["The default TCTIs configuration string"])])
AC_ARG_ENABLE([tcti-device],
[AS_HELP_STRING([--disable-tcti-device],
[don't build the tcti-device module])],,
[enable_tcti_device=yes])
AM_CONDITIONAL([ENABLE_TCTI_DEVICE], [test "x$enable_tcti_device" != xno])
AS_IF([test "x$enable_tcti_device" = "xyes"],
AC_DEFINE([TCTI_DEVICE],[1], [TCTI FOR DEV TPM]))
AC_ARG_ENABLE([tcti-mssim],
[AS_HELP_STRING([--disable-tcti-mssim],
[don't build the tcti-mssim module])],,
[enable_tcti_mssim=yes])
AM_CONDITIONAL([ENABLE_TCTI_MSSIM], [test "x$enable_tcti_mssim" != xno])
AS_IF([test "x$enable_tcti_mssim" = "xyes"],
AC_DEFINE([TCTI_MSSIM],[1], [TCTI FOR MS SIMULATOR]))
AC_ARG_ENABLE([tcti-fuzzing],
[AS_HELP_STRING([--enable-tcti-fuzzing],
[build the tcti-fuzzing module])],,
[enable_tcti_fuzzing=no])
AM_CONDITIONAL([ENABLE_TCTI_FUZZING], [test "x$enable_tcti_fuzzing" != xno])
AS_IF([test "x$enable_tcti_fuzzing" = "xyes"],
AC_DEFINE([TCTI_FUZZING],[1], [TCTI FOR FUZZING]))
AC_ARG_ENABLE([nodl],
[AS_HELP_STRING([--enable-nodl],
[link against TCTIs directly, do not use dlopen])],
[],
[enable_nodl=no])
AM_CONDITIONAL([NO_DL], [test "x$enable_nodl" = "xyes"])
AS_IF([test "x$enable_nodl" = "xyes"],
[AC_DEFINE([NO_DL],[1], [disable use of dlopen])])
#
# udev
#
AC_ARG_WITH([udevrulesdir],
[AS_HELP_STRING([--with-udevrulesdir=DIR],[udev rules directory])],,
[with_udevrulesdir=${libdir}/udev/rules.d])
AX_NORMALIZE_PATH([with_udevrulesdir])
AC_SUBST([udevrulesdir], [$with_udevrulesdir])
AC_ARG_WITH([udevrulesprefix],
[AS_HELP_STRING([--with-udevrulesprefix=XY],[prefix for udev rules file])],
[AC_SUBST([udevrulesprefix],[$with_udevrulesprefix])])
AM_CONDITIONAL(WITH_UDEVRULESPREFIX, [test -n "$with_udevrulesprefix"])
#
# enable integration tests and check for simulator binary
#
AC_ARG_ENABLE([integration],
[AS_HELP_STRING([--enable-integration],
[build and execute integration tests])],,
[enable_integration=no])
AS_IF([test "x$enable_integration" = "xyes" -a "$HOSTOS" = "Linux"],
[ERROR_IF_NO_PROG([tpm_server])
ERROR_IF_NO_PROG([ss])
ERROR_IF_NO_PROG([ps])
ERROR_IF_NO_PROG([echo])
ERROR_IF_NO_PROG([kill])
ERROR_IF_NO_PROG([stdbuf])
ERROR_IF_NO_PROG([sleep])
ERROR_IF_NO_PROG([cat])
ERROR_IF_NO_PROG([realpath])
ERROR_IF_NO_PROG([dirname])
ERROR_IF_NO_PROG([basename])
ERROR_IF_NO_PROG([mktemp])
ERROR_IF_NO_PROG([od])
ERROR_IF_NO_PROG([awk])
ERROR_IF_NO_PROG([expr])
ERROR_IF_NO_PROG([grep])
ERROR_IF_NO_PROG([env])
ERROR_IF_NO_PROG([rm])
AS_IF([test "x$with_crypto" != xossl -o "x$enable_esapi" != xyes],
PKG_CHECK_MODULES([LIBCRYPTO],[libcrypto]))
AC_CHECK_HEADER(uthash.h, [], [AC_MSG_ERROR([Can not find uthash.h. Please install uthash-dev])])
AS_IF([test "x$enable_tcti_mssim" = xno],
AC_MSG_ERROR([Integration tests can not be enabled without the TCTI_MSSIM module]))
AC_SUBST([ENABLE_INTEGRATION], [$enable_integration])])
AM_CONDITIONAL([ENABLE_INTEGRATION],[test "x$enable_integration" = "xyes"])
#
# sanitizer compiler flags
#
AC_ARG_WITH([sanitizer],
[AS_HELP_STRING([--with-sanitizer={none,address,undefined}],
[build with the given sanitizer])],,
[with_sanitizer=none])
AS_CASE(["x$with_sanitizer"],
["xnone"],
[],
["xaddress"],
[
SANITIZER_CFLAGS="-fsanitize=address -fno-omit-frame-pointer"
SANITIZER_LDFLAGS="-lasan"
],
["xundefined"],
[
SANITIZER_CFLAGS="-fsanitize=undefined"
SANITIZER_LDFLAGS="-lubsan"
],
[AC_MSG_ERROR([Bad value for --with-sanitizer])])
AC_SUBST([SANITIZER_CFLAGS])
AC_SUBST([SANITIZER_LDFLAGS])
#
# fuzz testing
#
AC_ARG_WITH([fuzzing],
[AS_HELP_STRING([--with-fuzzing={none,libfuzzer,ossfuzz}],
[fuzzing to build with (default is none)])],,
[with_fuzzing=none])
AS_CASE(["x$with_fuzzing"],
["xnone"],
[],
["xlibfuzzer"],
[ADD_FUZZING_FLAG([-fsanitize=fuzzer])],
["xossfuzz"],
[AS_IF([test "x$LIB_FUZZING_ENGINE" = "x"],
AC_MSG_ERROR([OSS Fuzz testing requires LIB_FUZZING_ENGINE environment variable be set]))
ADD_FUZZING_FLAG([-lFuzzingEngine])],
[AC_MSG_ERROR([Bad value for --with-fuzzing])])
AM_CONDITIONAL([ENABLE_FUZZING],[test "x$with_fuzzing" != "xnone"])
AS_IF([test "x$with_fuzzing" != "xnone"],
[AS_IF([test "x$enable_tcti_fuzzing" = xno],
AC_MSG_ERROR([Fuzz tests can not be enabled without the TCTI_FUZZING module]))
AS_IF([test "x$GEN_FUZZ" != "x1"],
AC_MSG_ERROR([Fuzz tests can not be enabled without "GEN_FUZZ=1" variable]))])
AX_VALGRIND_CHECK
gl_LD_VERSION_SCRIPT
AC_ARG_WITH([maxloglevel],
[AS_HELP_STRING([--with-maxloglevel={none,error,warning,info,debug,trace}],
[sets the maximum log level (default is trace)])],,
[with_maxloglevel=trace])
AS_CASE(["x$with_maxloglevel"],
["xnone"],
[AC_DEFINE_UNQUOTED([MAXLOGLEVEL], [0], ["Logging disabled"])],
["xerror"],
[AC_DEFINE_UNQUOTED([MAXLOGLEVEL], [2], ["Error log level"])],
["xwarning"],
[AC_DEFINE_UNQUOTED([MAXLOGLEVEL], [3], ["Warning log level"])],
["xinfo"],
[AC_DEFINE_UNQUOTED([MAXLOGLEVEL], [4], ["Info log level"])],
["xdebug"],
[AC_DEFINE_UNQUOTED([MAXLOGLEVEL], [5], ["Debug log level"])],
["xtrace"],
[AC_DEFINE_UNQUOTED([MAXLOGLEVEL], [6], ["Trace log level"])],
[AC_MSG_ERROR([Bad value for --with-maxloglevel])])
AC_ARG_ENABLE([defaultflags],
[AS_HELP_STRING([--disable-defaultflags],
[Disable default preprocessor, compiler, and linker flags.])],,
[enable_defaultflags=yes])
AS_IF([test "x$enable_defaultflags" = "xyes"],
[
AS_IF([test "x$enable_debug" = "xno"],
[ADD_COMPILER_FLAG([-O2])
AX_ADD_FORTIFY_SOURCE])
ADD_COMPILER_FLAG([-std=c99])
ADD_COMPILER_FLAG([-Wall])
ADD_COMPILER_FLAG([-Wextra])
ADD_COMPILER_FLAG([-Wformat-security])
AS_IF([test "x$ax_is_release" = "xno"],
[ADD_COMPILER_FLAG([-Werror])])
ADD_COMPILER_FLAG([-fstack-protector-all])
ADD_COMPILER_FLAG([-fpic])
ADD_COMPILER_FLAG([-fPIC])
# work around GCC bug #53119
# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53119
ADD_COMPILER_FLAG([-Wno-missing-braces])
ADD_COMPILER_FLAG([-Wstrict-overflow=5])
ADD_LINK_FLAG([-Wl,--no-undefined])
ADD_LINK_FLAG([-Wl,-z,noexecstack])
ADD_LINK_FLAG([-Wl,-z,now])
ADD_LINK_FLAG([-Wl,-z,relro])
])
AC_ARG_ENABLE([weakcrypto],
[AS_HELP_STRING([--disable-weakcrypto],
[Disable crypto algorithms considered weak])],,
[enable_weakcrypto=no])
AS_IF([test "x$enable_weakcrypto" = "xyes"],
AC_DEFINE([DISABLE_WEAK_CRYPTO],[1],[DISABLE WEAK CRYPTO ALGORITHMS]))
AC_SUBST([PATH])
dnl --------- Physical TPM device -----------------------
AC_ARG_WITH([ptpm],
[AS_HELP_STRING([--with-ptpm=],[TPM device])],
[AS_IF([test \( -w "$with_ptpm" \) -a \( -r "$with_ptpm" \)],
[AC_MSG_RESULT([success])
AC_SUBST([PTPM],[$with_ptpm])
AX_NORMALIZE_PATH([with_ptpm])
with_ptpm_set=yes],
[AC_MSG_ERROR([TPM device provided does not exist or is not writable])])],
[with_ptpm_set=no])
AM_CONDITIONAL([PTPM],[test "x$with_ptpm_set" = "xyes"])
AC_ARG_WITH([ptpmtests],
[AS_HELP_STRING([--with-ptpmtests=],[Comma-separated values of possible tests: destructive,mandatory,optional] default is mandatory)],
[AS_IF([test "x" = x$(echo $with_ptpmtests | sed 's/destructive//g' | sed 's/mandatory//g' | sed 's/optional//g' | sed 's/,//g') ],
[AC_MSG_RESULT([success])
with_ptpmtests_set=yes],
[AC_MSG_ERROR([Illegal test type for pTPM tests.])])],
[with_ptpmtests="mandatory"])
if echo $with_ptpmtests | grep destructive > /dev/null; then
enable_ptpm_destructive="yes"
fi
AM_CONDITIONAL([PTPMDESTRUCTIVE],[test "x$enable_ptpm_destructive" = "xyes"])
if echo $with_ptpmtests | grep optional > /dev/null; then
enable_ptpm_optional="yes"
fi
AM_CONDITIONAL([PTPMOPTIONAL],[test "x$enable_ptpm_optional" = "xyes"])
if echo $with_ptpmtests | grep mandatory > /dev/null; then
enable_ptpm_mandatory="yes"
fi
AM_CONDITIONAL([PTPMMANDATORY],[test "x$enable_ptpm_mandatory" = "xyes"])
AM_CONDITIONAL([TESTPTPM],[test "x$with_ptpm_set" = xyes])
dnl --------- Doxy Gen -----------------------
DX_DOXYGEN_FEATURE(ON)
DX_DOT_FEATURE(OFF)
DX_HTML_FEATURE(ON)
DX_CHM_FEATURE(OFF)
DX_CHI_FEATURE(OFF)
DX_MAN_FEATURE(ON)
DX_RTF_FEATURE(ON)
DX_XML_FEATURE(OFF)
DX_PDF_FEATURE(OFF)
DX_PS_FEATURE(OFF)
DX_INIT_DOXYGEN($PACKAGE_NAME, [Doxyfile], [doxygen-doc])
AM_CONDITIONAL(DOXYMAN, [test $DX_FLAG_man -eq 1])
AS_IF([test "x$enable_doxygen_doc" != xno],
[ERROR_IF_NO_PROG([doxygen])])
AX_CODE_COVERAGE
m4_ifdef([_AX_CODE_COVERAGE_RULES],
[AM_CONDITIONAL(AUTOCONF_CODE_COVERAGE_2019_01_06, [true])],
[AM_CONDITIONAL(AUTOCONF_CODE_COVERAGE_2019_01_06, [false])])
AX_ADD_AM_MACRO_STATIC([])
AM_COND_IF([ENABLE_TCTI_DEVICE], [],
[AM_COND_IF([ENABLE_TCTI_MSSIM], [],
[AM_COND_IF([ENABLE_TCTI_FUZZING], [],
[AC_MSG_WARN("No build-in TCTI module enabled")])])])
AM_COND_IF([ENABLE_TCTI_FUZZING], [
AM_COND_IF([ENABLE_TCTI_DEVICE],
AC_MSG_ERROR([Fuzzing TCTI is meant to be built as the only TCTI: use --disable-tcti-device --disable-tcti-mssim]))
AM_COND_IF([ENABLE_TCTI_MSSIM],
AC_MSG_ERROR([Fuzzing TCTI is meant to be built as the only TCTI: use --disable-tcti-device --disable-tcti-mssim]))
AS_IF([test "x$CC" != "xclang"],
AC_MSG_ERROR("Fuzzing TCTI can only be used with clang"), [])
], [])
AC_OUTPUT
AC_MSG_RESULT([
$PACKAGE_NAME $VERSION
esapi: $enable_esapi
fapi: $enable_fapi
tctidefaultmodule: $with_tctidefaultmodule
tctidefaultconfig: $with_tctidefaultconfig
unit: $enable_unit
fuzzing: $with_fuzzing
debug: $enable_debug
maxloglevel: $with_maxloglevel
doxygen: $DX_FLAG_doc $enable_doxygen_doc
tcti-device-async: $enable_tcti_device_async
tcti-partial-read: $enable_tcti_partial_reads
crypto backend: $with_crypto
sysconfdir: $sysconfdir
localstatedir: $localstatedir
runstatedir: $runstatedir
sysusersdir: $sysusersdir
tmpfilesdir: $tmpfilesdir
userstatedir: [\$HOME/]$with_userstatedir
])