#include <sys/stat.h>
#include <unistd.h>'''],
['explicit_bzero' , '''#include <string.h>'''],
- ['reallocarray', '''#include <malloc.h>'''],
+ ['reallocarray', '''#include <stdlib.h>'''],
['set_mempolicy', '''#include <stdlib.h>
#include <unistd.h>'''],
['get_mempolicy', '''#include <stdlib.h>
endif
conf.set_quoted('FALLBACK_HOSTNAME', fallback_hostname)
-conf.set10('ENABLE_COMPAT_GATEWAY_HOSTNAME', get_option('compat-gateway-hostname'))
-gateway_hostnames = ['_gateway'] + (conf.get('ENABLE_COMPAT_GATEWAY_HOSTNAME') == 1 ? ['gateway'] : [])
-
default_hierarchy = get_option('default-hierarchy')
conf.set_quoted('DEFAULT_HIERARCHY_NAME', default_hierarchy,
description : 'default cgroup hierarchy as string')
have and cc.has_function('crypt_set_metadata_size', dependencies : libcryptsetup))
conf.set10('HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY',
have and cc.has_function('crypt_activate_by_signed_key', dependencies : libcryptsetup))
+ conf.set10('HAVE_CRYPT_TOKEN_MAX',
+ have and cc.has_function('crypt_token_max', dependencies : libcryptsetup))
else
have = false
libcryptsetup = []
want_qrencode = get_option('qrencode')
if want_qrencode != 'false' and not skip_deps
libqrencode = dependency('libqrencode',
+ version : '>= 4',
required : want_qrencode == 'true')
have = libqrencode.found()
else
endif
conf.set10('HAVE_LIBFIDO2', have)
+want_tpm2 = get_option('tpm2')
+if want_tpm2 != 'false' and not skip_deps
+ tpm2 = dependency('tss2-esys tss2-rc tss2-mu',
+ required : want_tpm2 == 'true')
+ have = tpm2.found()
+else
+ have = false
+ tpm2 = []
+endif
+conf.set10('HAVE_TPM2', have)
+
want_elfutils = get_option('elfutils')
if want_elfutils != 'false' and not skip_deps
libdw = dependency('libdw',
'ima',
'initrd',
'compat-mutable-uid-boundaries',
+ 'nscd',
'ldconfig',
'localed',
'logind',
'src/libsystemd/sd-netlink',
'src/libsystemd/sd-network',
'src/libsystemd/sd-resolve',
- 'src/libudev',
'src/login',
'src/nspawn',
'src/resolve',
libcrypt,
libopenssl,
libfdisk,
- libp11kit,
- libfido2],
+ libp11kit],
install_rpath : rootlibexecdir,
install : true,
install_dir : rootlibexecdir)
libcrypt,
libopenssl,
libp11kit,
- libfido2,
libdl],
install_rpath : rootlibexecdir,
install : true,
if conf.get('HAVE_LIBCRYPTSETUP') == 1
systemd_cryptsetup_sources = files('''
- src/cryptsetup/cryptsetup-pkcs11.h
+ src/cryptsetup/cryptsetup-fido2.h
src/cryptsetup/cryptsetup-keyfile.c
src/cryptsetup/cryptsetup-keyfile.h
+ src/cryptsetup/cryptsetup-pkcs11.h
+ src/cryptsetup/cryptsetup-tpm2.h
src/cryptsetup/cryptsetup.c
'''.split())
systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-pkcs11.c')
endif
+ if conf.get('HAVE_LIBFIDO2') == 1
+ systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-fido2.c')
+ endif
+
+ if conf.get('HAVE_TPM2') == 1
+ systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-tpm2.c')
+ endif
+
executable(
'systemd-cryptsetup',
systemd_cryptsetup_sources,
install_rpath : rootlibexecdir,
install : true,
install_dir : systemgeneratordir)
+
+ systemd_cryptenroll_sources = files('''
+ src/cryptenroll/cryptenroll-fido2.h
+ src/cryptenroll/cryptenroll-list.c
+ src/cryptenroll/cryptenroll-list.h
+ src/cryptenroll/cryptenroll-password.c
+ src/cryptenroll/cryptenroll-password.h
+ src/cryptenroll/cryptenroll-pkcs11.h
+ src/cryptenroll/cryptenroll-recovery.c
+ src/cryptenroll/cryptenroll-recovery.h
+ src/cryptenroll/cryptenroll-tpm2.h
+ src/cryptenroll/cryptenroll-wipe.c
+ src/cryptenroll/cryptenroll-wipe.h
+ src/cryptenroll/cryptenroll.c
+ src/cryptenroll/cryptenroll.h
+'''.split())
+
+ if conf.get('HAVE_P11KIT') == 1 and conf.get('HAVE_OPENSSL') == 1
+ systemd_cryptenroll_sources += files('src/cryptenroll/cryptenroll-pkcs11.c')
+ endif
+
+ if conf.get('HAVE_LIBFIDO2') == 1
+ systemd_cryptenroll_sources += files('src/cryptenroll/cryptenroll-fido2.c')
+ endif
+
+ if conf.get('HAVE_TPM2') == 1
+ systemd_cryptenroll_sources += files('src/cryptenroll/cryptenroll-tpm2.c')
+ endif
+
+ executable(
+ 'systemd-cryptenroll',
+ systemd_cryptenroll_sources,
+ include_directories : includes,
+ link_with : [libshared],
+ dependencies : [libcryptsetup,
+ libdl,
+ libopenssl,
+ libp11kit],
+ install_rpath : rootlibexecdir,
+ install : true,
+ install_dir : bindir)
endif
if conf.get('HAVE_SYSV_COMPAT') == 1
'src/hwdb/hwdb.c',
'src/libsystemd/sd-hwdb/hwdb-internal.h',
include_directories : includes,
- link_with : [libudev_static],
+ link_with : udev_link_with,
install_rpath : udev_rpath,
install : true,
install_dir : rootbindir)
udevadm_sources,
c_args : '-DLOG_REALM=LOG_REALM_UDEV',
include_directories : includes,
- link_with : [libudev_core,
- libudev_static],
+ link_with : [libudevd_core],
dependencies : [versiondep,
threads,
libkmod,
include_directories : network_include_dir,
link_with : [libnetworkd_core,
libsystemd_network,
- libudev_static,
networkd_link_with],
dependencies : [threads],
install_rpath : rootlibexecdir,
exe = executable(
'test-libudev-sym',
test_libudev_sym_c,
- include_directories : includes,
+ include_directories : libudev_includes,
c_args : '-Wno-deprecated-declarations',
link_with : [libudev],
build_by_default : want_tests != 'false',
exe = executable(
'test-libudev-static-sym',
test_libudev_sym_c,
- include_directories : includes,
+ include_directories : libudev_includes,
c_args : '-Wno-deprecated-declarations',
link_with : [install_libudev_static],
build_by_default : want_tests != 'false' and static_libudev_pic,
if git.found()
all_files = run_command(
+ 'env', '-u', 'GIT_WORK_TREE',
git,
- ['--git-dir=@0@/.git'.format(project_source_root),
- 'ls-files',
- ':/*.[ch]'])
+ '--git-dir=@0@/.git'.format(project_source_root),
+ 'ls-files', ':/*.[ch]')
+
all_files = files(all_files.stdout().split())
custom_target(
'nobody user name: @0@'.format(nobody_user),
'nobody group name: @0@'.format(nobody_group),
'fallback hostname: @0@'.format(get_option('fallback-hostname')),
- 'symbolic gateway hostnames: @0@'.format(', '.join(gateway_hostnames)),
'default DNSSEC mode: @0@'.format(default_dnssec),
'default DNS-over-TLS mode: @0@'.format(default_dns_over_tls),
['libfdisk'],
['p11kit'],
['libfido2'],
+ ['tpm2'],
['AUDIT'],
['IMA'],
['AppArmor'],
['idn'],
['initrd'],
['compat-mutable-uid-boundaries'],
+ ['nscd'],
['libidn2'],
['libidn'],
['libiptc'],