X-Git-Url: https://git.armaanb.net/?a=blobdiff_plain;f=configure;h=4ae9b691414d9181b4e84ab9158c88abe9e763cc;hb=84ce5c7f600aa91f53db656c062ed269765146dd;hp=5f896c478aa58a7642a3ca7f2283f09a317c33c4;hpb=eb33da16ec8b0203cd48cd06f85bb4e9cf19d250;p=opendoas.git

diff --git a/configure b/configure
index 5f896c4..4ae9b69 100755
--- a/configure
+++ b/configure
@@ -22,41 +22,58 @@ usage: configure [options]
   --target=target-alias  the machine that CC will produce code for
 
   --enable-debug         enable debugging
-  --enable-seccomp       enable seccomp
   --enable-static        prepare for static build
 
+  --without-pam          disable pam support
+  --without-shadow       disable shadow support
+
+  --with-timestamp       enable timestamp support
+
+  --uid-max=NUM          set UID_MAX (default 65535)
+  --gid-max=NUM          set GID_MAX (default 65535)
+
   --help, -h             display this help and exit
 EOF
 	exit 0
 }
 
+# defaults
+WITHOUT_TIMESTAMP=yes
+UID_MAX=65535
+GID_MAX=65535
+
 for x; do
 	opt=${x%%=*}
 	var=${x#*=}
 	case "$opt" in
-	--prefix) PREFIX=$var;;
-	--exec-prefix) EPREFIX=$var;;
-	--bindir) BINDIR=$var;;
-	--datadir) SHAREDIR=$var;;
-	--mandir) MANDIR=$var;;
-	--sysconfdir) SYSCONFDIR=$var;;
-	--pamdir) PAMDIR=$var;;
-	--build) BUILD=$var;;
-	--host) HOST=$var;;
-	--target) TARGET=$var;;
-	--enable-debug) DEBUG=yes;;
-	--enable-seccomp) BUILD_SECCOMP=yes;;
-	--enable-static) BUILD_STATIC=yes;;
-	--help|-h) usage;;
-	*) die "Error: unknown option $opt";;
+	--prefix) PREFIX=$var ;;
+	--exec-prefix) EPREFIX=$var ;;
+	--bindir) BINDIR=$var ;;
+	--datadir) SHAREDIR=$var ;;
+	--mandir) MANDIR=$var ;;
+	--sysconfdir) SYSCONFDIR=$var ;;
+	--pamdir) PAMDIR=$var ;;
+	--build) BUILD=$var ;;
+	--host) HOST=$var ;;
+	--target) TARGET=$var ;;
+	--enable-debug) DEBUG=yes ;;
+	--enable-static) BUILD_STATIC=yes ;;
+	--with-pam) WITHOUT_PAM=; WITHOUT_SHADOW=yes ;;
+	--with-shadow) WITHOUT_SHADOW=; WITHOUT_PAM=yes ;;
+	--without-pam) WITHOUT_PAM=yes ;;
+	--without-shadow) WITHOUT_SHADOW=yes ;;
+	--with-timestamp) WITHOUT_TIMESTAMP= ;;
+	--without-timestamp) WITHOUT_TIMESTAMP=yes ;;
+	--uid-max) UID_MAX=$var ;;
+	--gid-max) UID_MAX=$var ;;
+	--help|-h) usage ;;
+	*) die "Error: unknown option $opt" ;;
 	esac
 done
 
 CONFIG_MK=config.mk
 rm -f "$CONFIG_MK"
 
-: ${VERSION:="$(git describe --dirty --tags --long --always)"}
-
 cat <<EOF >>$CONFIG_MK
 PREFIX   ?=	${PREFIX:="/usr"}
 EPREFIX  ?=	${EPREFIX:="${PREFIX}"}
@@ -65,7 +82,6 @@ SHAREDIR ?=	${SHAREDIR:="${PREFIX}/share"}
 MANDIR   ?=	${MANDIR:="${SHAREDIR}/man"}
 SYSCONFDIR?=	${SYSCONFDIR:="/etc"}
 PAMDIR   ?=	${PAMDIR:="${SYSCONFDIR}/pam.d"}
-CFLAGS   +=	-DVERSION="\"${VERSION}\""
 EOF
 
 if [ -z "$BUILD" ]; then
@@ -91,13 +107,14 @@ if [ -z "$OS" ]; then
 	KERNEL=${REST%%-*}
 fi
 
-OS_FLAGS="-D__${OS}__"
+OS_CFLAGS="-D__${OS}__"
 
 case "$OS" in
 	linux)
-		OS_CFLAGS+=" -D_DEFAULT_SOURCE -D_GNU_SOURCE -DUID_MAX=60000 -DGID_MAX=60000"
+		OS_CFLAGS="$OS_CFLAGS -D_DEFAULT_SOURCE -D_GNU_SOURCE -DUID_MAX=${UID_MAX} -DGID_MAX=${GID_MAX}"
 		printf 'CURDIR   :=	.\n' >>$CONFIG_MK
-		printf 'PAM_DOAS  =	pam.d__doas__linux\n' >>$CONFIG_MK
+		[ -z "$WITHOUT_PAM" ] && \
+			printf 'PAM_DOAS  =	pam.d__doas__linux\n' >>$CONFIG_MK
 		;;
 esac
 
@@ -111,28 +128,77 @@ esac
 	printf 'CFLAGS   +=	-static\n' >>$CONFIG_MK
 
 # Add CPPFLAGS/CFLAGS/LDFLAGS to CC for testing features
-XCC="${CC:=clang} $CFLAGS $OS_CFLAGS $CPPFLAGS $LDFLAGS"
+XCC="${CC:=cc} $CFLAGS $OS_CFLAGS $CPPFLAGS $LDFLAGS"
 # Make sure to disable --as-needed for CC tests.
 XCC="$XCC -Wl,--no-as-needed"
 
 check_func() {
 	func="$1"; src="$2"; shift 2
-	printf 'Checking for %-14s\t\t' "$func ..."
+	printf 'Checking for %-14s\t\t' "$func ..." >&2
 	printf '%s\n' "$src" >"_$func.c"
 	$XCC "_$func.c" -o "_$func" 2>/dev/null
 	ret=$?
 	rm -f "_$func.c" "_$func"
 	if [ $ret -eq 0 ]; then
-		printf 'yes.\n'
+		printf 'yes.\n' >&2
 		upperfunc="$(printf '%s\n' "$func" | tr '[[:lower:]]' '[[:upper:]]')"
 		printf 'CFLAGS   +=	-DHAVE_%s\n' "$upperfunc" >>$CONFIG_MK
 		return 0
 	else
-		printf 'no.\n'
+		printf 'no.\n' >&2
 		return 1
 	fi
 }
 
+authmethod() {
+	#
+	# Check for pam_appl.h.
+	#
+	src='
+#include <security/pam_appl.h>
+int main(void) {
+	return 0;
+}'
+	[ -z "$WITHOUT_PAM" ] && check_func "pam_appl_h" "$src" && {
+		printf 'SRCS     +=	pam.c\n' >>$CONFIG_MK
+		printf 'LDFLAGS  +=	-lpam\n' >>$CONFIG_MK
+		printf 'CPPFLAGS +=	-DUSE_PAM\n' >>$CONFIG_MK
+		printf 'pam\n'
+		return 0
+	}
+
+	#
+	# Check for shadow.h.
+	#
+	src='
+#include <shadow.h>
+int main(void) {
+	return 0;
+}'
+	[ -z "$WITHOUT_SHADOW" ] && check_func "shadow_h" "$src" && {
+		printf 'SRCS     +=	shadow.c\n' >>$CONFIG_MK
+		printf 'LDFLAGS  +=	-lcrypt\n' >>$CONFIG_MK
+		printf 'CPPFLAGS +=	-DUSE_SHADOW\n' >>$CONFIG_MK
+		printf 'shadow\n'
+		return 0
+	}
+
+	return 1
+}
+
+persistmethod() {
+	[ -z "$WITHOUT_TIMESTAMP" ] && {
+		printf 'CPPFLAGS += -DUSE_TIMESTAMP\n' >>$CONFIG_MK
+		printf 'SRCS	+= timestamp.c\n' >>$CONFIG_MK
+		printf 'timestamp\n'
+		return 0
+	}
+	return 1
+}
+
+#
+# Check for explicit_bzero().
+#
 src='
 #include <string.h>
 int main(void) {
@@ -143,7 +209,6 @@ check_func "explicit_bzero" "$src" || {
 	printf 'OPENBSD  +=	explicit_bzero.o\n' >>$CONFIG_MK
 }
 
-
 #
 # Check for strlcat().
 #
@@ -255,99 +320,162 @@ check_func "reallocarray" "$src" || {
 }
 
 #
-# Check for bsd_auth.h.
+# Check for execvpe().
 #
 src='
-#include <bsd_auth.h>
+#include <unistd.h>
 int main(void) {
+	const char *p = { "", NULL };
+	execvpe("", p, p);
 	return 0;
 }'
-check_func "bsd_auth_h" "$src" && \
-	have_bsd_auth_h=1
+check_func "execvpe" "$src" || die "system has no execvpe(3): not supported"
 
 #
-# Check for pam_appl.h.
+# Check for setresuid().
 #
 src='
-#include <security/pam_appl.h>
+#include <unistd.h>
 int main(void) {
+	setresuid(0, 0, 0);
 	return 0;
 }'
-[ -z "$have_bsd_auth_h" ] && \
-	check_func "pam_appl_h" "$src" && {
-		printf 'SRCS     +=	doas_pam.c\n' >>$CONFIG_MK
-		printf 'LDFLAGS  +=	-lpam\n' >>$CONFIG_MK
-	}
+check_func "setresuid" "$src" || die "system has no setresuid(2): not supported"
 
 #
-# Check for login_cap.h.
+# Check for closefrom().
 #
 src='
-#include <login_cap.h>
+#include <unistd.h>
 int main(void) {
+	closefrom(0);
 	return 0;
 }'
-check_func "login_cap_h" "$src" || {
-	printf 'OPENBSD  +=	setusercontext.o\n' >>$CONFIG_MK
+check_func "closefrom" "$src" || {
+	printf 'OPENBSD  +=	closefrom.o\n' >>$CONFIG_MK
 }
 
 #
-# Check for execvpe().
+# Check for sysconf().
 #
 src='
 #include <unistd.h>
 int main(void) {
-	const char *p = { "", NULL };
-	execvpe("", p, p);
+	(void)sysconf(0);
 	return 0;
 }'
-check_func "execvpe" "$src" || {
-	printf 'OPENBSD  +=	execvpe.o\n' >>$CONFIG_MK
-}
+check_func "sysconf" "$src"
 
 #
-# Check for setresuid().
+# Check for /proc/$PID.
+#
+printf 'Checking for %-14s\t\t' "/proc/\$PID ..." >&2
+if test -d /proc/$$; then
+	printf 'yes.\n' >&2
+	printf 'CFLAGS   +=	-DHAVE_%s\n' "PROC_PID" >>$CONFIG_MK
+else
+	printf 'no.\n' >&2
+fi
+
+#
+# Check for dirfd().
 #
 src='
-#include <unistd.h>
+#include <dirent.h>
 int main(void) {
-	setresuid(0, 0, 0);
+	(void)dirfd(0);
 	return 0;
 }'
-check_func "setresuid" "$src" || {
-	printf 'OPENBSD  +=	setresuid.o\n' >>$CONFIG_MK
-}
+check_func "dirfd" "$src"
 
 #
-# Check for pledge().
+# Check for fcntl.h.
 #
 src='
-#include <unistd.h>
+#include <fcntl.h>
 int main(void) {
-	pledge("", NULL);
 	return 0;
 }'
-check_func "pledge" "$src" && {
-	have_pledge=1
-}
+check_func "fcntl_h" "$src"
 
 #
-# Check for seccomp.h
+# Check for F_CLOSEM.
 #
 src='
-#include <linux/seccomp.h>
-#include <sys/prctl.h>
-#include <unistd.h>
+#include <fcntl.h>
+#ifndef F_CLOSEM
+#error no F_CLOSEM
+#endif
 int main(void) {
-	prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL);
 	return 0;
 }'
-[ -z "$have_pledge" -a -n "$BUILD_SECCOMP" ] && \
-	check_func "seccomp_h" "$src" && \
-	{
-		have_pledge=1
-		printf 'OPENBSD  +=	pledge-seccomp.o\n' >>$CONFIG_MK
-	}
+check_func "F_CLOSEM" "$src"
+
+#
+# Check for dirent.h.
+#
+src='
+#include <dirent.h>
+int main(void) {
+	return 0;
+}'
+check_func "dirent_h" "$src"
+
+#
+# Check for sys/ndir.h.
+#
+src='
+#include <sys/ndir.h>
+int main(void) {
+	return 0;
+}'
+check_func "sys_ndir_h" "$src"
 
-[ -z "$have_pledge" ] && \
-	printf 'OPENBSD  +=	pledge-noop.o\n' >>$CONFIG_MK
+#
+# Check for sys/dir.h.
+#
+src='
+#include <sys/dir.h>
+int main(void) {
+	return 0;
+}'
+check_func "sys_dir_h" "$src"
+
+#
+# Check for ndir.h.
+#
+src='
+#include <ndir.h>
+int main(void) {
+	return 0;
+}'
+check_func "ndir_h" "$src"
+
+#
+#
+#
+src='
+#include <stdlib.h>
+int main(void){return 0;}
+__attribute__((__unused__)) static void foo(void){return;}
+'
+check_func "__attribute__" "$src" || {
+	printf 'CFLAGS	+=	-DNO_ATTRIBUTE_ON_RETURN_TYPE=1\n' >>$CONFIG_MK
+}
+
+auth=$(authmethod)
+if [ $? -eq 0 ]; then
+	printf 'Using auth method\t\t\t%s.\n' "$auth" >&2
+else
+	printf 'Error auth method\t\t\n' >&2
+	exit 1
+fi
+
+persist=$(persistmethod)
+if [ $? -eq 0 ]; then
+	printf 'Using persist method\t\t\t%s.\n' "$persist" >&2
+else
+	printf 'Using persist method\t\t\tnone.\n' >&2
+fi
+printf 'Setting UID_MAX\t\t\t\t%d.\n' "$UID_MAX" >&2
+printf 'Setting GID_MAX\t\t\t\t%d.\n' "$GID_MAX" >&2