summaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac43
1 files changed, 41 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac
index 8f36338ff..380a8b949 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.476 2011/06/03 02:11:38 djm Exp $ 1# $Id: configure.ac,v 1.477 2011/06/22 22:30:03 djm Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) 17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
18AC_REVISION($Revision: 1.476 $) 18AC_REVISION($Revision: 1.477 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20AC_LANG([C]) 20AC_LANG([C])
21 21
@@ -106,6 +106,16 @@ AC_SUBST([LD])
106AC_C_INLINE 106AC_C_INLINE
107 107
108AC_CHECK_DECL([LLONG_MAX], [have_llong_max=1], , [#include <limits.h>]) 108AC_CHECK_DECL([LLONG_MAX], [have_llong_max=1], , [#include <limits.h>])
109AC_CHECK_DECL([SYSTR_POLICY_KILL], [have_systr_policy_kill=1], , [
110 #include <sys/types.h>
111 #include <sys/param.h>
112 #include <dev/systrace.h>
113])
114AC_CHECK_DECL([RLIMIT_NPROC],
115 [AC_DEFINE([HAVE_RLIMIT_NPROC], [], [sys/resource.h has RLIMIT_NPROC])], , [
116 #include <sys/types.h>
117 #include <sys/resource.h>
118])
109 119
110use_stack_protector=1 120use_stack_protector=1
111AC_ARG_WITH([stackprotect], 121AC_ARG_WITH([stackprotect],
@@ -2461,6 +2471,34 @@ AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"],
2461 [non-privileged user for privilege separation]) 2471 [non-privileged user for privilege separation])
2462AC_SUBST([SSH_PRIVSEP_USER]) 2472AC_SUBST([SSH_PRIVSEP_USER])
2463 2473
2474# Decide which sandbox style to use
2475sandbox_arg=""
2476AC_ARG_WITH([sandbox],
2477 [ --with-sandbox=style Specify privilege separation sandbox (no, rlimit, systrace)],
2478 [
2479 if test "x$withval" = "xyes" ; then
2480 sandbox_arg=""
2481 else
2482 sandbox_arg="$withval"
2483 fi
2484 ]
2485)
2486if test "x$sandbox_arg" = "xsystrace" || \
2487 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then
2488 SANDBOX_STYLE="systrace"
2489 AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)])
2490elif test "x$sandbox_arg" = "xrlimit" || \
2491 ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" ) ; then
2492 SANDBOX_STYLE="rlimit"
2493 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)])
2494elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \
2495 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then
2496 SANDBOX_STYLE="none"
2497 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing])
2498else
2499 AC_MSG_ERROR([unsupported -with-sandbox])
2500fi
2501
2464# Cheap hack to ensure NEWS-OS libraries are arranged right. 2502# Cheap hack to ensure NEWS-OS libraries are arranged right.
2465if test ! -z "$SONY" ; then 2503if test ! -z "$SONY" ; then
2466 LIBS="$LIBS -liberty"; 2504 LIBS="$LIBS -liberty";
@@ -4191,6 +4229,7 @@ echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
4191echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4229echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4192echo " BSD Auth support: $BSD_AUTH_MSG" 4230echo " BSD Auth support: $BSD_AUTH_MSG"
4193echo " Random number source: $RAND_MSG" 4231echo " Random number source: $RAND_MSG"
4232echo " Privsep sandbox style: $SANDBOX_STYLE"
4194 4233
4195echo "" 4234echo ""
4196 4235
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 08:47:25 +0000