1# -*- Autoconf -*- 2# Process this file with autoconf to produce a configure script. 3 4AC_PREREQ([2.68]) 5AC_INIT([op],[1.34],[alec@swapoff.org]) 6AC_CONFIG_AUX_DIR([build-aux]) 7AC_CONFIG_MACRO_DIR([m4]) 8AC_CONFIG_SRCDIR([main.c]) 9AC_CONFIG_HEADER([config.h]) 10AM_INIT_AUTOMAKE([-Wall]) 11AC_CONFIG_FILES([Makefile op.list]) 12AM_MAINTAINER_MODE 13AC_CANONICAL_BUILD 14dnl ac_cv_build=x86_64-unknown-linux-gnu 15AC_USE_SYSTEM_EXTENSIONS 16 17# Checks for programs. 18AC_PROG_CC 19AC_PROG_LEX 20AC_PROG_INSTALL 21AC_PROG_MAKE_SET 22 23# Feature checks. 24auto_detect_auth=no 25with_pam=${with_pam:-yes} 26AC_ARG_WITH([pam], 27 AS_HELP_STRING([--with-pam], 28 [use PAM for authentication (yes)])]) 29AS_IF([test "_${with_pam}" = _yes], [ 30 AC_CHECK_LIB([pam], [pam_start], [ 31 AC_DEFINE(USE_PAM, [], [Use PAM for authentication]) 32 LIBS="$LIBS -lpam" 33 ], [ 34 AC_MSG_WARN([Can't find pam_start() in libpam, trying shadow support]) 35 auto_detect_auth=yes 36 with_pam=no 37 # Try shadow if PAM failed 38 with_shadow=yes 39 ]) 40]) 41 42with_shadow=${with_shadow:-no} 43AC_ARG_WITH([shadow], 44 AS_HELP_STRING([--with-shadow], 45 [use shadow file for authentication 46 (default if PAM not found)])]) 47AS_IF([test "_${with_shadow}" = _yes], [ 48 AS_IF([test "_${with_pam}" = _yes], [ 49 AC_MSG_WARN([Can't enable PAM and shadow support, shadow disabled]) 50 ], [ 51 AS_IF([test "_${auto_detect_auth}" = _yes -a \ 52 ! -e /etc/shadow], [ 53 AC_MSG_WARN([Failed to find shadow support while auto-detecting authentication mechanisms, using basic crypt]) 54 ], [ 55 AS_IF([test ! -e /etc/shadow], [ 56 AC_MSG_WARN([Shadow support enabled but /etc/shadow does not exist, continuing anyway]) 57 ]) 58 AC_DEFINE(USE_SHADOW, [], [Use shadow file for authentication]) 59 ]) 60 ]) 61]) 62 63enable_xauth=${enable_xauth:-no} 64AC_ARG_ENABLE([xauth], 65 AS_HELP_STRING([--enable-xauth=<xauth>], 66 [enable xauth support and specify xauth binary])]) 67AS_IF([test "_${enable_xauth}" != _no], [ 68 EXTRA_CPPFLAGS="$EXTRA_CPPFLAGS -DXAUTH=\\\"$enable_xauth\\\"" 69]) 70 71# Checks for libraries. 72AC_CHECK_LIB([bsd], [strlcat], [ 73 AC_DEFINE(HAVE_LIBBSD, [1], 74 [Define to 1 if you have the `bsd' library (-lbsd)]) 75 LIBS="$LIBS -lbsd" 76]) 77AC_CHECK_LIB([fl], [yywrap], [], AC_CHECK_LIB([l], [yywrap], [])) 78 79# Checks for header files. 80AC_HEADER_DIRENT 81AC_HEADER_STDC 82AC_HEADER_SYS_WAIT 83AC_HEADER_TIME 84AC_CHECK_HEADERS([limits.h netdb.h shadow.h stdlib.h string.h \ 85 sys/time.h syslog.h unistd.h]) 86 87# Checks for typedefs, structures, and compiler characteristics. 88AC_C_CONST 89AC_TYPE_UID_T 90AC_TYPE_MODE_T 91AC_TYPE_SIZE_T 92 93# Checks for library functions. 94AC_FUNC_CHOWN 95AC_FUNC_CLOSEDIR_VOID 96AC_FUNC_FORK 97AC_FUNC_MALLOC 98AC_FUNC_REALLOC 99AC_FUNC_STAT 100AC_FUNC_STRFTIME 101AC_FUNC_VPRINTF 102AC_CHECK_FUNCS([gethostname getpass getspnam memset regcomp \ 103 strchr strcspn strdup strrchr strtol vsnprintf]) 104AC_CHECK_FUNC([crypt], 105 [], [AC_CHECK_LIB([crypt], [crypt], [], 106 [AC_MSG_ERROR(Can't find crypt())])]) 107AC_CHECK_FUNC([regfree], 108 [AC_DEFINE(HAVE_REGEX, [1], 109 [Define to 1 if you have the `regex' functions.])]) 110AC_CHECK_FUNC([strlcat], 111 [AC_DEFINE(HAVE_STRLCAT, [1], 112 [Define to 1 if you have the `strlcat' function.])]) 113AC_CHECK_FUNC([strlcpy], 114 [AC_DEFINE(HAVE_STRLCPY, [1], 115 [Define to 1 if you have the `strlcpy' function.])]) 116AC_CHECK_FUNC([vsnprintf], 117 [AC_DEFINE(HAVE_VSNPRINTF, [1], 118 [Define to 1 if you have the `vsnprintf' function.])]) 119 120# Custom checks. 121AC_COMPILE_IFELSE( 122 [AC_LANG_SOURCE([int main(int, char**){int i = openlog(); return 0;}])], 123 [OPENLOG_VOID=0], 124 [OPENLOG_VOID=1]) 125AC_DEFINE_UNQUOTED([OPENLOG_VOID], 126 [${OPENLOG_VOID}], 127 [Does openlog() return void?]) 128 129# Check for compiler options. 130dnl AC_PROG_CC_STDC 131dnl ac_cv_prog_cc_stdc=-std=gnu99 132dnl ac_cv_c_compiler_gnu=yes 133 134AX_COMPILER_VENDOR 135dnl ax_cv_c_compiler_vendor=gnu 136dnl AX_COMPILER_VERSION 137dnl ax_cv_c_compiler_version=4.4.7 138 139AX_CFLAGS_WARN_ALL 140dnl -Waddress 141dnl -Warray-bounds 142dnl -Wc++0x-compat 143dnl -Wchar-subscripts 144dnl -Wimplicit-int 145dnl -Wimplicit-function-declaration 146dnl -Wcomment 147dnl -Wformat 148dnl -Wmain 149dnl -Wmissing-braces 150dnl -Wnonnull 151dnl -Wparentheses 152dnl -Wpointer-sign 153dnl -Wreorder 154dnl -Wreturn-type 155dnl -Wsequence-point 156dnl -Wsign-compare 157dnl -Wstrict-aliasing 158dnl -Wstrict-overflow=1 159dnl -Wswitch 160dnl -Wtrigraphs 161dnl -Wuninitialized 162dnl -Wunknown-pragmas 163dnl -Wunused-function 164dnl -Wunused-label 165dnl -Wunused-value 166dnl -Wunused-variable 167dnl -Wvolatile-register-var 168 169AS_IF([test "_${ax_cv_c_compiler_vendor}" = _ibm], [ 170 # Stack Smashing Protection 171 AX_CFLAGS_AIX_OPTION([-qstackprotect], [EXTRA_CFLAGS]) 172]) 173 174AS_IF([test "_${ax_cv_c_compiler_vendor}" = _gnu], [ 175 dnl rhel 3.x gcc 3.2.3 ld 2.14 i686-pc-linux-gnu 176 dnl rhel 4.x gcc 3.4.6 ld 2.15 177 dnl rhel 5.x gcc 4.1.2 ld 2.17 178 dnl rhel 6.x gcc 4.4.7 ld 2.20 x86_64-unknown-linux-gnu 179 dnl rhel 7.x gcc 4.8.5 ld 2.25 x86_64-unknown-linux-gnu 180 dnl aix 5.2 gcc 3.3.2 ld aix powerpc-ibm-aix5.2.0.0 181 dnl hpux 11.00 gcc 3.2 ld hp hppa2.0w-hp-hpux11.00 182 dnl hpux 11.11 gcc 4.1.1 ld hp hppa2.0w-hp-hpux11.11 183 dnl sunos 5.9 gcc 3.4.6 ld sun sparc-sun-solaris2.9 184 185dnl https://www.owasp.org/index.php/C-Based_Toolchain_Hardening 186dnl http://connect.ed-diamond.com/GNU-Linux-Magazine/GLMFHS-076/Les-options-de-securite-de-gcc 187dnl https://wiki.debian.org/Hardening 188dnl https://wiki.ubuntu.com/ToolChain/CompilerFlags 189dnl https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BuiltPIE 190dnl https://fedoraproject.org/wiki/Security_Features_Matrix 191dnl https://fedoraproject.org/wiki/Hardened_Packages 192dnl https://wiki.gentoo.org/wiki/Hardened/Toolchain 193dnl https://wiki.archlinux.org/index.php/DeveloperWiki:Security 194 195 AS_IF([test "_${USE_MAINTAINER_MODE}" = _no], [ 196 enable_compile_warnings=${enable_compile_warnings:-no} 197 ], [ 198 enable_Werror=${enable_Werror:-no} 199 ]) 200 201 dnl AX_IS_RELEASE([git-directory]) 202 203 AC_MSG_NOTICE([USE_MAINTAINER_MODE=$USE_MAINTAINER_MODE]) 204 AC_MSG_NOTICE([ax_is_release=$ax_is_release]) 205 AC_MSG_NOTICE([enable_compile_warnings=$enable_compile_warnings]) 206 207 AX_COMPILER_FLAGS 208 dnl WARN_CFLAGS = -fno-strict-aliasing 209 dnl -Wall 210 dnl -Wextra 211 dnl -Wundef 212 dnl -Wnested-externs 213 dnl -Wwrite-strings 214 dnl -Wpointer-arith 215 dnl -Wmissing-declarations 216 dnl -Wmissing-prototypes 217 dnl -Wstrict-prototypes 218 dnl -Wredundant-decls 219 dnl -Wno-unused-parameter 220 dnl -Wno-missing-field-initializers 221 dnl -Wdeclaration-after-statement 222 dnl -Wformat=2 223 dnl -Wold-style-definition 224 dnl -Wcast-align 225 dnl -Wformat-nonliteral 226 dnl -Wformat-security 227 dnl -Wsign-compare 228 dnl -Wstrict-aliasing 229 dnl -Wshadow 230 dnl -Winline 231 dnl -Wpacked 232 dnl -Wmissing-format-attribute 233 dnl -Wmissing-noreturn 234 dnl -Winit-self 235 dnl -Wmissing-include-dirs 236 dnl -Wunused-but-set-variable 237 dnl -Warray-bounds 238 dnl -Wimplicit-function-declaration 239 dnl -Wreturn-type 240 dnl -Wswitch-enum 241 dnl -Wswitch-default 242 dnl -Werror 243 dnl -Wno-suggest-attribute=format 244 dnl -Wno-error=unused-parameter 245 dnl -Wno-error=missing-field-initializers 246 dnl WARN_LDFLAGS = -Wl,--no-as-needed -Wl,--fatal-warnings 247 dnl WARN_SCANNERFLAGS = --warn-all 248 249 # Enables many warnings (despite their names, all and extra do not turn on all warnings) 250 AX_APPEND_COMPILE_FLAGS([-pedantic], [EXTRA_CPPFLAGS]) 251 252 # MAINTAINER_MODE 253 AX_APPEND_COMPILE_FLAGS([-W], [EXTRA_CPPFLAGS]) 254 AX_APPEND_COMPILE_FLAGS([-Wextra], [EXTRA_CPPFLAGS]) 255 AX_APPEND_COMPILE_FLAGS([-Wunused], [EXTRA_CPPFLAGS]) 256 dnl AX_APPEND_COMPILE_FLAGS([-Wclobbered], [EXTRA_CPPFLAGS]) 257 dnl AX_APPEND_COMPILE_FLAGS([-Wempty-body], [EXTRA_CPPFLAGS]) 258 dnl AX_APPEND_COMPILE_FLAGS([-Wignored-qualifiers], [EXTRA_CPPFLAGS]) 259 dnl AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers], [EXTRA_CPPFLAGS]) 260 dnl AX_APPEND_COMPILE_FLAGS([-Wmissing-parameter-type], [EXTRA_CPPFLAGS]) 261 dnl AX_APPEND_COMPILE_FLAGS([-Wold-style-declaration], [EXTRA_CPPFLAGS]) 262 dnl AX_APPEND_COMPILE_FLAGS([-Woverride-init], [EXTRA_CPPFLAGS]) 263 dnl AX_APPEND_COMPILE_FLAGS([-Wtype-limits], [EXTRA_CPPFLAGS]) 264 dnl AX_APPEND_COMPILE_FLAGS([-Wunused-parameter], [EXTRA_CPPFLAGS]) 265 266 # Warn for implicit conversions that may alter a value (includes -Wsign-conversion) 267 AX_APPEND_COMPILE_FLAGS([-Wconversion], [EXTRA_CPPFLAGS]) 268 269 # Warn for implicit conversions that may change the sign of an integer value, such 270 # as assigning a signed integer to an unsigned integer (-1 > 1 after promotion!) 271 dnl AX_APPEND_COMPILE_FLAGS([-Wsign-conversion], [EXTRA_CPPFLAGS]) 272 273 # Warn for a pointer cast to a type which has a different size, causing an invalid 274 # alignment and subsequent bus error on ARM processors 275 AX_APPEND_COMPILE_FLAGS([-Wcast-align], [EXTRA_CPPFLAGS]) 276 277 # Increases warnings related to possible security defects, including incorrect format 278 # specifiers (includes -Wformat -Wformat-nonliteral -Wformat-security -Wformat-y2k) 279 AX_APPEND_COMPILE_FLAGS([-Wformat=2], [EXTRA_CPPFLAGS]) 280 281 # Warn if a global function is defined without a prototype or declaration 282 dnl AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes], [EXTRA_CPPFLAGS]) 283 AX_APPEND_COMPILE_FLAGS([-Wmissing-declarations], [EXTRA_CPPFLAGS]) 284 285 # Warn if a function is declared or defined without specifying the argument types 286 AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes], [EXTRA_CPPFLAGS]) 287 288 # Warn about optimizations taken due to [undefined] signed integer overflow assumptions 289 AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow], [EXTRA_CPPFLAGS]) # gcc 4.2 290 291 # Enable exception handling. Generates extra code needed to propagate exceptions 292 AX_APPEND_COMPILE_FLAGS([-fexceptions], [EXTRA_CFLAGS]) 293 294 # Enable AddressSanitizer, a fast memory error detector. Memory access instructions 295 # will be instrumented to help detect heap, stack, and global buffer overflows; 296 # as well as use-after-free bugs 297 AX_APPEND_COMPILE_FLAGS([-fsanitize=address], [EXTRA_CFLAGS]) # gcc 4.8 298 AX_APPEND_COMPILE_FLAGS([-static-libasan], [EXTRA_CFLAGS]) # gcc 4.8 299 300 # FORTIFY_SOURCE / buffer overflow 301 AX_APPEND_COMPILE_FLAGS(['-O1 -D_FORTIFY_SOURCE=2'], [EXTRA_CPPFLAGS]) # gcc 4.1 302 303 dnl # too many warning: frame size too large for reliable stack checking 304 dnl AX_APPEND_COMPILE_FLAGS([-fstack-check], [EXTRA_CFLAGS]) 305 306 # Stack Smashing Protection 307 # Improves stack layout and adds a guard to detect stack based buffer overflows 308 AS_CASE([${ac_cv_build}], 309 dnl hpux : not supported for this target 310 [*hpux*], [], 311 [ 312 dnl too many warning: not protecting local variables: variable length buffer 313 dnl AX_APPEND_COMPILE_FLAGS([-Wstack-protector], [EXTRA_CPPFLAGS]) 314 AX_APPEND_COMPILE_FLAGS([-fstack-protector-strong], [EXTRA_CFLAGS]) # gcc 4.9 315 316 AS_IF([test "_${ax_cv_check_cflags___fstack_protector_strong}" = _no], [ 317 AX_APPEND_COMPILE_FLAGS([-fstack-protector-all], [EXTRA_CFLAGS]) # gcc 3.x 318 ]) 319 320 AX_APPEND_COMPILE_FLAGS(['--param ssp-buffer-size=4'], [EXTRA_CFLAGS]) 321 ]) 322 323 # Data Execution Prevention (DEP). ELF headers are marked with PT_GNU_STACK and PT_GNU_HEAP 324 AX_APPEND_LINK_FLAGS([-Wl,-z,noexecstack], [EXTRA_LDFLAGS]) # ld 2.14 325 AX_APPEND_LINK_FLAGS([-Wl,-z,noexecheap], [EXTRA_LDFLAGS]) # ld 2.14 326 327 # RELocation Read-Only 328 # Helps remediate Global Offset Table (GOT) attacks on executables 329 # Helps remediate Procedure Linkage Table (PLT) attacks on executables 330 AX_APPEND_LINK_FLAGS([-Wl,-z,relro], [EXTRA_LDFLAGS]) # ld 2.15 331 AX_APPEND_LINK_FLAGS([-Wl,-z,now], [EXTRA_LDFLAGS]) # ld 2.15 332 333 AS_CASE([${ac_cv_build}], 334 dnl aix : unrecognized option -pie 335 [*-aix*], [], 336 dnl solaris is buggy 337 [*-solaris*], [], 338 [ 339 # Position Independent Executable (ASLR). Used for programs. 340 # Both -fPIE (compiler) and -pie (linker) are required 341 AX_APPEND_COMPILE_FLAGS([-fPIE], [EXTRA_CFLAGS]) # gcc 3.x 342 AX_APPEND_LINK_FLAGS([-pie], [EXTRA_LDFLAGS]) # ld 2.16 343 ]) 344 345 CFLAGS=`echo "$CFLAGS" | sed 's/-O2//'` 346]) 347 348AC_SUBST([EXTRA_CPPFLAGS]) 349AC_SUBST([EXTRA_CFLAGS]) 350AC_SUBST([EXTRA_LDFLAGS]) 351 352AC_OUTPUT 353