|  |  |  | @ -55,7 +55,64 @@ AC_INIT(configure.in) | 
		
	
		
			
				|  |  |  |  |     AC_FUNC_REALLOC | 
		
	
		
			
				|  |  |  |  |     AC_CHECK_FUNCS([gettimeofday memset strcasecmp strchr strdup strerror strncasecmp strtol strtoul]) | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  | #Enable support for gcc compile time security options. There is no great way to do detection of valid cflags that I have found | 
		
	
		
			
				|  |  |  |  | #AX_CFLAGS_GCC_OPTION don't seem to do a better job than the code below and are a pain because of extra m4 files etc. | 
		
	
		
			
				|  |  |  |  | #These flags seem to be supported on CentOS 5+, Ubuntu 8.04+, and FedoreCore 11+ | 
		
	
		
			
				|  |  |  |  | #Options are taken from https://wiki.ubuntu.com/CompilerFlags | 
		
	
		
			
				|  |  |  |  |     AC_ARG_ENABLE(gccprotect, | 
		
	
		
			
				|  |  |  |  |             [  --enable-gccprotect  Detect and use gcc hardening options], | 
		
	
		
			
				|  |  |  |  |             [ enable_gccprotect=yes | 
		
	
		
			
				|  |  |  |  |             ]) | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  |     if test "$enable_gccprotect" = "yes"; then | 
		
	
		
			
				|  |  |  |  |         #buffer overflow protection | 
		
	
		
			
				|  |  |  |  |         AC_MSG_CHECKING(for -fstack-protector) | 
		
	
		
			
				|  |  |  |  |         TMPCFLAGS="${CFLAGS}" | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${CFLAGS} -fstack-protector" | 
		
	
		
			
				|  |  |  |  |         AC_TRY_LINK(,,SECCFLAGS="${SECCFLAGS} -fstack-protector" | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(yes), | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(no)) | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${TMPCFLAGS}" | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  |         #compile-time best-practices errors for certain libc functions, provides checks of buffer lengths and memory regions | 
		
	
		
			
				|  |  |  |  |         AC_MSG_CHECKING(for -D_FORTIFY_SOURCE=2) | 
		
	
		
			
				|  |  |  |  |         TMPCFLAGS="${CFLAGS}" | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${CFLAGS} -D_FORTIFY_SOURCE=2" | 
		
	
		
			
				|  |  |  |  |         AC_TRY_COMPILE(,,SECCFLAGS="${SECCFLAGS} -D_FORTIFY_SOURCE=2" | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(yes), | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(no)) | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${TMPCFLAGS}" | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  |         #compile-time warnings about misuse of format strings | 
		
	
		
			
				|  |  |  |  |         AC_MSG_CHECKING(for -Wformat -Wformat-security) | 
		
	
		
			
				|  |  |  |  |         TMPCFLAGS="${CFLAGS}" | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${CFLAGS} -Wformat -Wformat-security" | 
		
	
		
			
				|  |  |  |  |         AC_TRY_COMPILE(,,SECCFLAGS="${SECCFLAGS} -Wformat -Wformat-security" | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(yes), | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(no)) | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${TMPCFLAGS}" | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  |         #provides a read-only relocation table area in the final ELF | 
		
	
		
			
				|  |  |  |  |         AC_MSG_CHECKING(for -z relro) | 
		
	
		
			
				|  |  |  |  |         TMPLDFLAGS="${LDFLAGS}" | 
		
	
		
			
				|  |  |  |  |         LDFLAGS="${LDFLAGS} -z relro" | 
		
	
		
			
				|  |  |  |  |         AC_TRY_LINK(,,SECLDFLAGS="${SECLDFLAGS} -z relro" | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(yes), | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(no)) | 
		
	
		
			
				|  |  |  |  |         LDFLAGS="${TMPLDFLAGS}" | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  |         #forces all relocations to be resolved at run-time | 
		
	
		
			
				|  |  |  |  |         AC_MSG_CHECKING(for -z now) | 
		
	
		
			
				|  |  |  |  |         TMPLDFLAGS="${LDFLAGS}" | 
		
	
		
			
				|  |  |  |  |         LDFLAGS="${LDFLAGS} -z now" | 
		
	
		
			
				|  |  |  |  |         AC_TRY_LINK(,,SECLDFLAGS="${SECLDFLAGS} -z now" | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(yes), | 
		
	
		
			
				|  |  |  |  |         AC_MSG_RESULT(no)) | 
		
	
		
			
				|  |  |  |  |         LDFLAGS="${TMPLDFLAGS}" | 
		
	
		
			
				|  |  |  |  | 
 | 
		
	
		
			
				|  |  |  |  |         CFLAGS="${CFLAGS} ${SECCFLAGS}" | 
		
	
		
			
				|  |  |  |  |         LDFLAGS="${LDFLAGS} ${SECLDFLAGS}" | 
		
	
		
			
				|  |  |  |  |     fi | 
		
	
		
			
				|  |  |  |  | #libpcre | 
		
	
		
			
				|  |  |  |  |     AC_ARG_WITH(libpcre_includes, | 
		
	
		
			
				|  |  |  |  |             [  --with-libpcre-includes=DIR  libpcre include directory], | 
		
	
	
		
			
				
					|  |  |  | 
 |