generic-library/libreSSL
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
f2d68c7d21
libreSSL/configure.ac

290 lines
8.5 KiB
Plaintext
Raw Normal View History

make 'autoreconf' work from dist tarball We need to include VERSION for it to run.
2014-11-04 04:05:47 +01:00
AC_INIT([libressl], m4_esyscmd([tr -d '\n' < VERSION]))
read all library versions directly from files This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
2014-12-07 01:59:25 +01:00
AC_SUBST([LIBCRYPTO_VERSION], m4_esyscmd([tr -d '\n' < crypto/VERSION]))
AC_SUBST([LIBSSL_VERSION], m4_esyscmd([tr -d '\n' < ssl/VERSION]))
AC_SUBST([LIBTLS_VERSION], m4_esyscmd([tr -d '\n' < tls/VERSION]))
initial underpinnings for mingw/cross compilation support Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@
2014-07-18 04:20:34 +02:00
AC_CANONICAL_HOST
initial top-level import
2014-07-10 13:07:09 +02:00
AM_INIT_AUTOMAKE([subdir-objects])
AC_CONFIG_MACRO_DIR([m4])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
AC_SUBST([USER_CFLAGS], "-O2 $CFLAGS")
allow inline asm use default of -std=gnu99 for it to be recognized
2014-08-16 21:16:01 +02:00
CFLAGS="$CFLAGS -Wall -std=gnu99 -g"
initial top-level import
2014-07-10 13:07:09 +02:00
initial underpinnings for mingw/cross compilation support Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@
2014-07-18 04:20:34 +02:00
case $host_os in
initial top-level import
2014-07-10 13:07:09 +02:00
*darwin*)
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
HOST_OS=darwin
HOST_ABI=macosx
initial top-level import
2014-07-10 13:07:09 +02:00
;;
override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
2014-10-28 01:22:03 +01:00
*freebsd*)
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
HOST_OS=freebsd
HOST_ABI=elf
override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
2014-10-28 01:22:03 +01:00
AC_SUBST([PROG_LDADD], ['-lthr'])
;;
Add support for HP-UX tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
2014-12-08 03:08:45 +01:00
*hpux*)
HOST_OS=hpux;
CFLAGS="$CFLAGS -mlp64 -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
;;
initial top-level import
2014-07-10 13:07:09 +02:00
*linux*)
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
HOST_OS=linux
HOST_ABI=elf
set _DEFAULT_SOURCE on linux hosts this is the replacement for _BSD_SOURCE on newer glibc's
2014-08-16 15:17:32 +02:00
CFLAGS="$CFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
initial top-level import
2014-07-10 13:07:09 +02:00
;;
better fix for __bounded removal
2014-07-10 23:02:49 +02:00
*openbsd*)
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
HOST_ABI=elf
better fix for __bounded removal
2014-07-10 23:02:49 +02:00
AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
;;
initial underpinnings for mingw/cross compilation support Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@
2014-07-18 04:20:34 +02:00
*mingw*)
use the correct HOST_OS for the Windows build ok doug@
2014-10-29 21:59:35 +01:00
HOST_OS=win
allow Windows DLLs to be built based on a patch from Jan Engelhardt
2014-12-14 23:42:47 +01:00
CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -DNO_SYSLOG -D__USE_MINGW_ANSI_STDIO"
Update win32 build defines
2014-11-19 13:26:38 +01:00
AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
initial underpinnings for mingw/cross compilation support Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@
2014-07-18 04:20:34 +02:00
;;
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
*solaris*)
HOST_OS=solaris
HOST_ABI=elf
CFLAGS="$CFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
;;
initial top-level import
2014-07-10 13:07:09 +02:00
*) ;;
esac
enable __STRICT_ALIGNMENT on sparc
2014-12-27 23:34:02 +01:00
case $host_cpu in
*sparc*)
CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT"
;;
esac
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
AM_CONDITIONAL([HOST_DARWIN], [test x$HOST_OS = xdarwin])
AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
Add support for HP-UX tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
2014-12-08 03:08:45 +01:00
AM_CONDITIONAL([HOST_HPUX], [test x$HOST_OS = xhpux])
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
AM_CONDITIONAL([HOST_LINUX], [test x$HOST_OS = xlinux])
AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
AM_CONDITIONAL([HOST_WIN], [test x$HOST_OS = xwin])
initial top-level import
2014-07-10 13:07:09 +02:00
use generic test for clock_gettime flags ok beck@
2014-07-12 17:08:39 +02:00
AC_CHECK_FUNC([clock_gettime],,
[AC_SEARCH_LIBS([clock_gettime],[rt posix4])])
check link requirements for dl_iterate_phdr Note that gcc chose to disable this rather than cause link issues with older copies of Solaris 10: https://gcc.gnu.org/ml/gcc-patches/2012-01/msg00816.html If we want to support Solaris <10.10 (I'd rather support up-to-date versions), getentropy_solaris would need to change.
2014-07-27 13:15:26 +02:00
AC_CHECK_FUNC([dl_iterate_phdr],,
[AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
initial top-level import
2014-07-10 13:07:09 +02:00
AC_PROG_CC
AC_PROG_LIBTOOL
AC_PROG_CC_STDC
AM_PROG_CC_C_O
configure.ac: Modify clang check to save result to a variable ...and leave a note that -Qunused-arguments is being applied to CFLAGS not LDFLAGS, probably in error.
2014-12-23 13:38:43 +01:00
AC_MSG_CHECKING([if compiling with clang])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
#ifndef __clang__
not clang
#endif
]])],
[CLANG=yes],
[CLANG=no]
)
Fix typo causing output of clang test to read "CLANG" instead of yes/no
2014-12-31 16:06:49 +01:00
AC_MSG_RESULT([$CLANG])
remove bash-style comparisons from tests
2015-01-06 21:16:51 +01:00
AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
configure.ac: Modify clang check to save result to a variable ...and leave a note that -Qunused-arguments is being applied to CFLAGS not LDFLAGS, probably in error.
2014-12-23 13:38:43 +01:00
simplify hardening check logic, disable for mingw Rather than doing separate linker/compiler checks, just build a non-empty program with each so that the compiler will actually try to use the hardening features. Reduce redundancy in the macro calls by just setting the flag that was just tested. Also, disable hardening for mingw, since its trying to use a libssp-0.dll file that I can't find right now. The detected hardening flags break mingw builds currently.
2015-01-06 03:14:54 +01:00
# We want to check for compiler flag support. Prior to clang v5.1, there was no
# way to make clang's "argument unused" warning fatal. So we invoke the
# compiler through a wrapper script that greps for this message.
configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
2014-12-23 14:24:24 +01:00
saved_CC="$CC"
saved_LD="$LD"
flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
CC="$flag_wrap $CC"
LD="$flag_wrap $LD"
AC_ARG_ENABLE([hardening],
simplify hardening check logic, disable for mingw Rather than doing separate linker/compiler checks, just build a non-empty program with each so that the compiler will actually try to use the hardening features. Reduce redundancy in the macro calls by just setting the flag that was just tested. Also, disable hardening for mingw, since its trying to use a libssp-0.dll file that I can't find right now. The detected hardening flags break mingw builds currently.
2015-01-06 03:14:54 +01:00
[AS_HELP_STRING([--disable-hardening],
[Disable options to frustrate memory corruption exploits])],
[], [enable_hardening=yes])
quoting and ensure old_*flags are restored before the 'else'
2015-01-06 04:21:23 +01:00
AC_DEFUN([CHECK_CFLAG], [
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
AC_LANG_ASSERT(C)
AC_MSG_CHECKING([if $saved_CC supports "$1"])
old_cflags="$CFLAGS"
CFLAGS=$1
AC_TRY_LINK([
#include <stdio.h>
],
[printf("Hello")],
AC_MSG_RESULT([yes])
quoting and ensure old_*flags are restored before the 'else'
2015-01-06 04:21:23 +01:00
CFLAGS=$old_cflags
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
AC_MSG_RESULT([no])
quoting and ensure old_*flags are restored before the 'else'
2015-01-06 04:21:23 +01:00
CFLAGS=$old_cflags
[$2])
])
simplify hardening check logic, disable for mingw Rather than doing separate linker/compiler checks, just build a non-empty program with each so that the compiler will actually try to use the hardening features. Reduce redundancy in the macro calls by just setting the flag that was just tested. Also, disable hardening for mingw, since its trying to use a libssp-0.dll file that I can't find right now. The detected hardening flags break mingw builds currently.
2015-01-06 03:14:54 +01:00
quoting and ensure old_*flags are restored before the 'else'
2015-01-06 04:21:23 +01:00
AC_DEFUN([CHECK_LDFLAG], [
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
AC_LANG_ASSERT(C)
AC_MSG_CHECKING([if $saved_LD supports "$1"])
old_ldflags="$LDFLAGS"
LDFLAGS=$1
AC_TRY_LINK([
#include <stdio.h>
],
[printf("Hello")],
AC_MSG_RESULT([yes])
quoting and ensure old_*flags are restored before the 'else'
2015-01-06 04:21:23 +01:00
LDFLAGS=$old_ldflags
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
AC_MSG_RESULT([no])
quoting and ensure old_*flags are restored before the 'else'
2015-01-06 04:21:23 +01:00
LDFLAGS=$old_ldflags
[$2])
])
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
remove bash-style comparisons from tests
2015-01-06 21:16:51 +01:00
AS_IF([test "x$enable_hardening" = "xyes"], [
configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
2014-12-23 14:24:24 +01:00
# Tell GCC to NOT optimize based on signed arithmetic overflow
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
CHECK_CFLAG([[-fno-strict-overflow]])
configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
2014-12-23 14:24:24 +01:00
# _FORTIFY_SOURCE replaces builtin functions with safer versions.
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
2014-12-23 14:24:24 +01:00
# Enable read only relocations
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
CHECK_LDFLAG([[-Wl,-z,relro]])
CHECK_LDFLAG([[-Wl,-z,now]])
configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
2014-12-23 14:24:24 +01:00
])
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
# Use stack-protector-strong if available; if not, fallback to
# stack-protector-all which is considered to be overkill
remove bash-style comparisons from tests
2015-01-06 21:16:51 +01:00
AS_IF([test "x$enable_hardening" = "xyes" -a "x$HOST_OS" != "xwin"], [
preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
2015-01-06 03:31:34 +01:00
CHECK_CFLAG([[-fstack-protector-strong]],
CHECK_CFLAG([[-fstack-protector-all]],
AC_MSG_ERROR([compiler does appear to support stack protection - use --disable-hardening to override])
)
)
])
configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
2014-12-23 14:24:24 +01:00
# Restore CC, LD
CC="$saved_CC"
LD="$saved_LD"
CFLAGS="$CFLAGS $HARDEN_CFLAGS"
LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
# Removing the dependency on -Wno-pointer-sign should be a goal
conditionally disable -Wpointer-sign where supported ok beck@
2014-07-20 21:45:26 +02:00
save_cflags="$CFLAGS"
CFLAGS=-Wno-pointer-sign
AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
[AC_MSG_RESULT([yes])]
[AM_CFLAGS=-Wno-pointer-sign],
[AC_MSG_RESULT([no])]
)
CFLAGS="$save_cflags $AM_CFLAGS"
do not mark GNU_STACK WX in ELFs generated from assembly When generating ELF objects from assembly, gcc and clang mark the GNU_STACK program headers as RWX by default. This is a security issue, so we make sure it is marked only RW. This modifies Anthony G. Basile's original patch for Linux to set .note.GNU-stack whenever the assembler supports it. It is surprising that any modern toolchain would enable an executable stack without an explicit request. The number of programs that need an executable stack is surely much smaller than the number of programs that include assembly.
2014-12-22 06:14:02 +01:00
save_cflags="$CFLAGS"
CFLAGS=
AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
__asm__(".section .note.GNU-stack,\"\",@progbits");]])],
[AC_MSG_RESULT([yes])]
[AM_CFLAGS=-DHAVE_GNU_STACK],
[AC_MSG_RESULT([no])]
)
CFLAGS="$save_cflags $AM_CFLAGS"
AM_PROG_AS
Quiet clang warnings about unused arguments in general. Check if we are using clang, rather than simply if we are on OS X. Note: recent LLVM releases do not seem to need this anyway.
2014-11-04 04:06:40 +01:00
CFLAGS="$CFLAGS $CLANG_CFLAGS"
LDFLAGS="$LDFLAGS $CLANG_FLAGS"
Improve and simplify function and header detection logic. Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
2014-10-29 21:44:36 +01:00
AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval])
add minimal poll(2) implementation for Windows This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us
2014-11-20 07:24:20 +01:00
AC_CHECK_FUNCS([getentropy issetugid memmem poll reallocarray])
Improve and simplify function and header detection logic. Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
2014-10-29 21:44:36 +01:00
AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum])
AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
# Share test results with automake
AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
AM_CONDITIONAL([HAVE_ISSETUGID], [test "x$ac_cv_func_issetugid" = xyes])
AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes])
add minimal poll(2) implementation for Windows This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us
2014-11-20 07:24:20 +01:00
AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes])
Improve and simplify function and header detection logic. Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
2014-10-29 21:44:36 +01:00
AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes])
AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
test for and use system explicit_bzero if it exists ok beck@ guenther@
2014-07-21 14:50:32 +02:00
override native arc4random_buf on OS X While the native OS X implementation is fork-safe, it does not seed safely, as of the latest released OS X libc sources, version 997.90.3. It only uses weak sources of entropy if accessing /dev/urandom fails. ok beck@ deraadt@
2014-10-28 02:01:21 +01:00
# overrides for arc4random_buf implementations with known issues
AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
2014-10-28 01:22:03 +01:00
[test "x$HOST_OS" != xdarwin -a "x$HOST_OS" != xfreebsd -a "x$ac_cv_func_arc4random_buf" = xyes])
override native arc4random_buf on OS X While the native OS X implementation is fork-safe, it does not seed safely, as of the latest released OS X libc sources, version 997.90.3. It only uses weak sources of entropy if accessing /dev/urandom fails. ok beck@ deraadt@
2014-10-28 02:01:21 +01:00
harmonize asprintf with OpenSSH * use the original name for the file from OpenSSH (remove duplicate version) * add va_copy/__va_copy checks to configure * incorporate proposed fixes to openssh version: + include more system headers directly for various definitions + limit the scope of va_copy/va_end to their affected vsnprintf calls + simplify error handling, removing a dead assignment
2014-07-30 13:53:02 +02:00
AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>
va_list x,y;
]], [[ va_copy(x,y); ]])],
[ ac_cv_have_va_copy="yes" ],
[ ac_cv_have_va_copy="no"
])
])
if test "x$ac_cv_have_va_copy" = "xyes" ; then
AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists])
fi
AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>
va_list x,y;
]], [[ __va_copy(x,y); ]])],
[ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no"
])
])
if test "x$ac_cv_have___va_copy" = "xyes" ; then
AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists])
fi
Improve and simplify function and header detection logic. Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
2014-10-29 21:44:36 +01:00
AC_CHECK_HEADERS([sys/sysctl.h err.h])
include err.h shim Includes compatible replacements, or uses system err.h if available. ok beck@ guenther@
2014-07-21 14:34:01 +02:00
added configurable ENGINESDIR and OPENSSLDIR use --with-enginesdir and --with-openssldir ok beck@
2014-07-12 12:28:21 +02:00
AC_ARG_WITH([openssldir],
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
AS_HELP_STRING([--with-openssldir],
[Set the default openssl directory]),
added configurable ENGINESDIR and OPENSSLDIR use --with-enginesdir and --with-openssldir ok beck@
2014-07-12 12:28:21 +02:00
AC_DEFINE_UNQUOTED(OPENSSLDIR, "$withval")
remove stray brackets in --with-enginesdir/openssldir support ok beck@
2014-07-14 15:43:18 +02:00
)
added configurable ENGINESDIR and OPENSSLDIR use --with-enginesdir and --with-openssldir ok beck@
2014-07-12 12:28:21 +02:00
AC_ARG_WITH([enginesdir],
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
AS_HELP_STRING([--with-enginesdir],
[Set the default engines directory (use with openssldir)]),
added configurable ENGINESDIR and OPENSSLDIR use --with-enginesdir and --with-openssldir ok beck@
2014-07-12 12:28:21 +02:00
AC_DEFINE_UNQUOTED(ENGINESDIR, "$withval")
remove stray brackets in --with-enginesdir/openssldir support ok beck@
2014-07-14 15:43:18 +02:00
)
added configurable ENGINESDIR and OPENSSLDIR use --with-enginesdir and --with-openssldir ok beck@
2014-07-12 12:28:21 +02:00
add --disable-asm flag for disabling inline asm Surprisingly (or not), a lot of OpenSSL's inline assembly actually makes things slower with a relatively modern compiler (read, gcc >= 4.x).
2014-08-17 14:58:32 +02:00
AC_ARG_ENABLE([asm],
AS_HELP_STRING([--disable-asm], [Disable assembly]))
Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07 01:43:58 +01:00
AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"])
AM_CONDITIONAL([HOST_ASM_ELF_X86_64],
[test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64],
[test "x$HOST_ABI" = "xmacosx" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
add --disable-asm flag for disabling inline asm Surprisingly (or not), a lot of OpenSSL's inline assembly actually makes things slower with a relatively modern compiler (read, gcc >= 4.x).
2014-08-17 14:58:32 +02:00
add support for building libtls Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@
2014-12-05 05:37:22 +01:00
AC_ARG_ENABLE([libtls],
AS_HELP_STRING([--enable-libtls], [Enable building the libtls library]))
AM_CONDITIONAL([ENABLE_LIBTLS], [test "x$enable_libtls" = xyes])
AM_COND_IF([ENABLE_LIBTLS], [AC_CONFIG_FILES([libtls.pc])])
initial top-level import
2014-07-10 13:07:09 +02:00
LT_INIT
add platform libraries to libcompat's LIBADD list ok beck@
2014-07-12 10:34:08 +02:00
AC_CONFIG_FILES([
Makefile
include/Makefile
include/openssl/Makefile
crypto/Makefile
add support for building libtls Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@
2014-12-05 05:37:22 +01:00
ssl/Makefile
tls/Makefile
add platform libraries to libcompat's LIBADD list ok beck@
2014-07-12 10:34:08 +02:00
tests/Makefile
apps/Makefile
man/Makefile
libcrypto.pc
libssl.pc
openssl.pc
])
AC_OUTPUT
Reference in New Issue Copy Permalink