From 51e74f538c2262723df1e47ae79b45f3ecbb2e9b Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 18 Apr 2007 20:39:57 +0000 Subject: Yes, I suck. This commit contains two totally unrelated changes and I really should commit them seperately, but I am ignoring my own rules, and do it in a single commit. I suck. I really do. I am sorry. Please don't try this at home. And please don't tell your children! * Show properly that avahi-autoipd is not built if libdaemon is missing (Closes #133) * Enable stack-smashing protection if available and wokring. Patch from tedp. (Closes #105) git-svn-id: file:///home/lennart/svn/public/avahi/trunk@1440 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe --- configure.ac | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index d9d4f42..81954a3 100644 --- a/configure.ac +++ b/configure.ac @@ -56,6 +56,79 @@ AC_PROG_LN_S AC_PROG_MAKE_SET AC_PROG_GCC_TRADITIONAL +# -fstack-protector +AC_ARG_ENABLE([stack-protector], + [AS_HELP_STRING([--disable-stack-protector], + [Disable GCC's/libc's stack-smashing protection])], + [case "${enableval}" in + yes) enable_ssp=yes ;; + no) enable_ssp=no ;; + *) AC_MSG_ERROR([invalid value ${enableval} for --disable-stack-protector]) ;; + esac], + [enable_ssp=yes]) + +if test x"$enable_ssp" = x"yes" && test x"$GCC" != x"yes"; then + AC_MSG_NOTICE([Disabling stack-smashing protection because compiler is not GCC]) + enable_ssp=no +fi + +if test x"$enable_ssp" = x"yes"; then + # Check for broken ssp in libc: http://www.avahi.org/ticket/105 + # libc's brokenness will get in the way regardless of whether -lssp is + # provided, but provide it anyway (otherwise non-libc ssp would wrongly + # break here) + + # Get -lssp if it exists + GCC_STACK_PROTECT_LIB + + AC_MSG_CHECKING([whether stack-smashing protection is available]) + ssp_old_cflags="$CFLAGS" + ssp_old_ldflags="$LDFLAGS" + CFLAGS="$CFLAGS -fstack-protector-all -fPIC" + LDFLAGS="$LDFLAGS -Wl,-z,defs" + cat confdefs.h > conftest.c + cat >>conftest.c <<_ACEOF +void test_broken_ssp(c) + const char *c; +{ + char arr[[123]], *p; /* beware of possible double-braces if copying this */ + for (p = arr; *c; ++p) { + *p = *c; + ++c; + } +} +_ACEOF + rm -f conftest.o + + if $CC -c $CFLAGS $CPPFLAGS -o conftest.o conftest.c >/dev/null 2>&1; then + AC_MSG_RESULT([yes]) + AC_MSG_CHECKING([whether stack-smashing protection is buggy]) + if $CC -o conftest.so $LDFLAGS -shared conftest.o $LIBS >/dev/null 2>&1; then + AC_MSG_RESULT([no]) + else + AC_MSG_RESULT([yes]) + enable_ssp=no + fi + else + AC_MSG_RESULT([no]) + fi + + rm -f conftest.c conftest.o conftest.so + + CFLAGS="$ssp_old_cflags" + LDFLAGS="$ssp_old_ldflags" +fi + +if test x"$enable_ssp" = x"yes"; then + # Do this the long way so we don't call GCC_STACK_PROTECT_LIB twice + GCC_STACK_PROTECT_CC + + AC_LANG_PUSH([C++]) + GCC_STACK_PROTECT_CXX + AC_LANG_POP([C++]) + # XXX: Update the enable_ssp value now for output later? +fi + # libtool stuff AC_PROG_LIBTOOL @@ -959,6 +1032,7 @@ echo " Group for avahi-autoipd: ${AVAHI_AUTOIPD_GROUP} Enable chroot(): ${enable_chroot} Enable Linux inotify: ${have_inotify} + Enable stack-smashing protection: ${enable_ssp} " BUILD_DAEMON="no (You need libdaemon and expat!)" @@ -985,6 +1059,9 @@ fi if test "x$ENABLE_COMPAT_HOWL" = "xyes" -a "x$BUILD_CLIENT" != "xyes" ; then ENABLE_COMPAT_HOWL="no (You need libavahi-client!)" fi +if test "x$ENABLE_AUTOIPD" = "xyes" -a "x$HAVE_LIBDAEMON" != "xyes" ; then + ENABLE_AUTOIPD="no (You need libdaemon!)" +fi BUILD_UI="no" if test "x$HAVE_GTK" = "xyes" -a "x$BUILD_CLIENT" = "xyes" ; then -- cgit